Clean TODO indentation

svn:r2598

doc/TODO

@@ -10,239 +10,238 @@ ARMA    - arma claims
         D Deferred
         X Abandoned
 
-      0.0.9pre4:
-        o Don't use FascistFirewall if you're going via Tor, or if
-          you're going via HttpProxy.
-        o make RecommendedVersions a CONFIG_TYPE_LINELIST option
-        o node 'groups' that are known to be in the same zone of control.
-          o Nodes can list their coadministrated nodes.
-            o If A lists B, it only counts if B also lists A
-          o Users can list other coadministrated nodes if they like.
-          o Never choose two coadministrated nodes in the same circuit.
-        o let tor servers use proxies for port 80 exits
-          o Use generic port redirector for IP/bits:Port->IP:Port .
-          o Make use of them when we're doing exit connections.
-        X We should set things in options to NULL, not rely on memset(...0)
-          being equivalent.
-          o We should check for memset(0) setting things to NULL with
-	    autoconf, and then rely on it in the code.
+0.0.9pre4:
+   o Don't use FascistFirewall if you're going via Tor, or if
+     you're going via HttpProxy.
+   o make RecommendedVersions a CONFIG_TYPE_LINELIST option
+   o node 'groups' that are known to be in the same zone of control.
+   o Nodes can list their coadministrated nodes.
+   o If A lists B, it only counts if B also lists A
+   o Users can list other coadministrated nodes if they like.
+   o Never choose two coadministrated nodes in the same circuit.
+   o let tor servers use proxies for port 80 exits
+   o Use generic port redirector for IP/bits:Port->IP:Port .
+   o Make use of them when we're doing exit connections.
+   X We should set things in options to NULL, not rely on memset(...0)
+     being equivalent.
+   o We should check for memset(0) setting things to NULL with
+     autoconf, and then rely on it in the code.
 
-      0.0.9pre5/6:
-        o Replace running-routers with a router-status line that can be used
-          without a list of router descriptors.
-        o Add a log handler that sends stuff to syslog.
-        o Deprecate unofficial configuration abbrevs; make official abbrevs
-          only official on the command line.
-        - per-month byte allowances.
-N         - Based on bandwidth and per-month allowance, choose a
-            window within month to be up.  Stay up until allowance is
-            used.  Adjust next month's window based on outcome.  Hibernate
-            when we're not up.
-R         - Hibernate means "stop accepting connections, and start sleeping"
-            Implement hibernation.  Have a separate
-            about-to-start-hibernating state implemented in similar way to
-            will shut-down-in-30-seconds state.
-        - Rendezvous service bug: can we nail it down?
-R       . bandwidth buckets for write as well as read.
-N       - Make watchdogged clients check cached-directory mtime to avoid
-          fetching directory in a tight loop.
-        - Implement If-Modified-Since for directories.
-N       - Handle rendezvousing with unverified nodes.
-          - Specify: Stick rendezvous point's key in INTRODUCE cell.
-            Bob should _always_ use key from INTRODUCE cell.
-          - Implement.
-R       - figure out enclaves, e.g. so we know what to recommend that people
-          do, and so running a tor server on your website is helpful.
-          - Do enclaves for same IP only.
-          - Resolve first, then if IP is an OR, connect to next guy.
-N       - Pure C tor_resolve
-N       - the user interface interface
-          - Skeleton only.
-          - Implement parts along with trivial fun gui.
-N       - add ipv6 support.
-          - Spec issue: if a resolve returns an IP4 and an IP6 address,
-            which to use?
-N&R     - Update Spec
-R       - learn from ben about his openssl-reinitialization-trick to
-          rotate tls keys without making new connections.
-          - (Roger grabs Ben next time he sees him on IRC)
-        - christian grothoff's attack of infinite-length circuit.
-          the solution is to have a separate 'extend-data' cell type
-          which is used for the first N data cells, and only
-          extend-data cells can be extend requests.
-        - have a pool of circuits available, cannibalize them
-          for your purposes (e.g. rendezvous, etc).
-        D nt services on win32.
-        - Once we have a trusted directory on port 80, stop falling back to
-          forbidden ports when fascistfirewall blocks all good dirservers.
+0.0.9pre5/6:
+   o Replace running-routers with a router-status line that can be used
+     without a list of router descriptors.
+   o Add a log handler that sends stuff to syslog.
+   o Deprecate unofficial configuration abbrevs; make official abbrevs
+     only official on the command line.
+   - per-month byte allowances.
+N  - Based on bandwidth and per-month allowance, choose a
+     window within month to be up.  Stay up until allowance is
+     used.  Adjust next month's window based on outcome.  Hibernate
+     when we're not up.
+R  - Hibernate means "stop accepting connections, and start sleeping"
+     Implement hibernation.  Have a separate
+     about-to-start-hibernating state implemented in similar way to
+     will shut-down-in-30-seconds state.
+   - Rendezvous service bug: can we nail it down?
+R  . bandwidth buckets for write as well as read.
+N  - Make watchdogged clients check cached-directory mtime to avoid
+     fetching directory in a tight loop.
+   - Implement If-Modified-Since for directories.
+N  - Handle rendezvousing with unverified nodes.
+     - Specify: Stick rendezvous point's key in INTRODUCE cell.
+       Bob should _always_ use key from INTRODUCE cell.
+     - Implement.
+R  - figure out enclaves, e.g. so we know what to recommend that people
+     do, and so running a tor server on your website is helpful.
+     - Do enclaves for same IP only.
+     - Resolve first, then if IP is an OR, connect to next guy.
+N  - Pure C tor_resolve
+N  - the user interface interface
+     - Skeleton only.
+     - Implement parts along with trivial fun gui.
+N  - add ipv6 support.
+     - Spec issue: if a resolve returns an IP4 and an IP6 address,
+       which to use?
+N&R  - Update Spec
+R  - learn from ben about his openssl-reinitialization-trick to
+     rotate tls keys without making new connections.
+     - (Roger grabs Ben next time he sees him on IRC)
+   - christian grothoff's attack of infinite-length circuit.
+     the solution is to have a separate 'extend-data' cell type
+     which is used for the first N data cells, and only
+     extend-data cells can be extend requests.
+   - have a pool of circuits available, cannibalize them
+     for your purposes (e.g. rendezvous, etc).
+   D nt services on win32.
+   - Once we have a trusted directory on port 80, stop falling back to
+     forbidden ports when fascistfirewall blocks all good dirservers.
 
-      0.0.9 and beyond:
-        - fix sprintf's to snprintf's?
-        . Make intro points and rendezvous points accept $KEYID in addition
-          to nicknames.
-                o Specify
-                o Implement parsing
-                - Generate new formats (Not till 007 is dead)
-        - make loglevel info less noisy
-        - Facility to automatically choose long-term helper nodes; perhaps
-          on by default for hidden services.
-        - Make command-line strict about checking options; make only certain
-          option prefixes work.
-        - Rate-limit OR and directory connections overall and per-IP and
-          maybe per subnet.
-        - put expiry date on onion-key, so people don't keep trying
-          old ones that they could know are expired?
-* Leave on todo list, see if pre3 onion fixes helped enough.
-        - should the running-routers list put unverified routers at the
-          end?
-* Cosmetic, don't do it yet.
-        - make advertised_server_mode() ORs fetch dirs more often.
-* not necessary yet.
-        - Add a notion of nickname->Pubkey binding that's not 'verification'
-* eventually, only when needed
-        - ORs use uniquer default nicknames
-* Don't worry about this for now
-        - Handle full buffers without totally borking
-* do this eventually, no rush.
-        - do resolve before trying to attach the stream
-* don't do this for now.
-        - if destination IP is running a tor node, extend a circuit there
-          before sending begin.
-* don't do this for now. figure out how enclaves work. but do enclaves soon.
-        - Support egd or other non-OS-integrated strong entropy sources
+   0.0.9 and beyond:
+   - fix sprintf's to snprintf's?
+   . Make intro points and rendezvous points accept $KEYID in addition
+     to nicknames.
+           o Specify
+           o Implement parsing
+           - Generate new formats (Not till 007 is dead)
+   - make loglevel info less noisy
+   - Facility to automatically choose long-term helper nodes; perhaps
+     on by default for hidden services.
+   - Make command-line strict about checking options; make only certain
+     option prefixes work.
+   - Rate-limit OR and directory connections overall and per-IP and
+     maybe per subnet.
+   - put expiry date on onion-key, so people don't keep trying
+     old ones that they could know are expired?
+     * Leave on todo list, see if pre3 onion fixes helped enough.
+   - should the running-routers list put unverified routers at the
+     end?
+     * Cosmetic, don't do it yet.
+   - make advertised_server_mode() ORs fetch dirs more often.
+     * not necessary yet.
+   - Add a notion of nickname->Pubkey binding that's not 'verification'
+     * eventually, only when needed
+   - ORs use uniquer default nicknames
+     * Don't worry about this for now
+   - Handle full buffers without totally borking
+     * do this eventually, no rush.
+   - do resolve before trying to attach the stream
+     * don't do this for now.
+   - if destination IP is running a tor node, extend a circuit there
+     before sending begin.
+     * don't do this for now. figure out how enclaves work. but do
+       enclaves soon.
+   - Support egd or other non-OS-integrated strong entropy sources
 
-      more features, complex:
-        - password protection for on-disk identity key
-        . Switch dirservers entries to config lines:
-          o read in and parse each TrustedDir config line.
-          o stop reading dirservers file.
-          o add some default TrustedDir lines if none defined, or if
-            no torrc.
-          o remove notion of ->is_trusted_dir from the routerlist. that's
-            no longer where you look.
-            o clean up router parsing flow, since it's simpler now?
-          o when checking signature on a directory, look it up in
-            options.TrustedDirs, and make sure there's a descriptor
-            with that nickname, whose key hashes to the fingerprint,
-            and who correctly signed the directory.
-          o when fetching a directory, if you want a trusted one,
-            choose from the trusteddir list.
-            o which means keeping track of which ones are "up"
-          ? if you don't need a trusted one, choose from the routerinfo
-            list if you have one, else from the trusteddir list.
-* roger will do the above
-        - add a listener for a ui
-* nick chats with weasel
-          - and a basic gui
-        - Have clients and dirservers preserve reputation info over
-          reboots.
-* continue not doing until we have something we need to preserve
-        - round detected bandwidth up to nearest 10KB?
-        - client software not upload descriptor until:
-          - you've been running for an hour
-          - it's sufficiently satisfied with its bandwidth
-          - it decides it is reachable
-          - start counting again if your IP ever changes.
-          - never regenerate identity keys, for now.
-          - you can set a bit for not-being-an-OR.
-* no need to do this yet. few people define their ORPort.
-        - authdirserver lists you as running iff:
-          - he can connect to you
-          - he has successfully extended to you
-          - you have sufficient mean-time-between-failures
-* keep doing nothing for now.
+   more features, complex:
+   - password protection for on-disk identity key
+   . Switch dirservers entries to config lines:
+     o read in and parse each TrustedDir config line.
+     o stop reading dirservers file.
+     o add some default TrustedDir lines if none defined, or if
+       no torrc.
+     o remove notion of ->is_trusted_dir from the routerlist. that's
+       no longer where you look.
+       o clean up router parsing flow, since it's simpler now?
+     o when checking signature on a directory, look it up in
+       options.TrustedDirs, and make sure there's a descriptor
+       with that nickname, whose key hashes to the fingerprint,
+       and who correctly signed the directory.
+     o when fetching a directory, if you want a trusted one,
+       choose from the trusteddir list.
+       o which means keeping track of which ones are "up"
+     ? if you don't need a trusted one, choose from the routerinfo
+       list if you have one, else from the trusteddir list.
+       * roger will do the above
+   - add a listener for a ui, and a basic GUI
+     - and a basic gui
+   - Have clients and dirservers preserve reputation info over
+     reboots.
+     * continue not doing until we have something we need to preserve
+   - round detected bandwidth up to nearest 10KB?
+   - client software not upload descriptor until:
+     - you've been running for an hour
+     - it's sufficiently satisfied with its bandwidth
+     - it decides it is reachable
+     - start counting again if your IP ever changes.
+     - never regenerate identity keys, for now.
+     - you can set a bit for not-being-an-OR.
+     * no need to do this yet. few people define their ORPort.
+   - authdirserver lists you as running iff:
+     - he can connect to you
+     - he has successfully extended to you
+     - you have sufficient mean-time-between-failures
+     * keep doing nothing for now.
 
-      blue sky:
-        - Possible to get autoconf to easily install things into ~/.tor?
+   blue sky:
+   - Possible to get autoconf to easily install things into ~/.tor?
 
-      ongoing:
-        . rename/rearrange functions for what file they're in
-        - generalize our transport: add transport.c in preparation for
-          http, airhook, etc transport.
+   ongoing:
+   . rename/rearrange functions for what file they're in
+   - generalize our transport: add transport.c in preparation for
+     http, airhook, etc transport.
 NICK    - investigate sctp for alternate transport.
 
 For September:
 NICK    . Windows port
-          o works as client
-            - deal with pollhup / reached_eof on all platforms
-          . robust as a client
-          . works as server
-            - can be configured
-          - robust as a server
-          . Usable as NT service
-          - docs for building in win
-          - installer, including all needed libs.  
+     o works as client
+       - deal with pollhup / reached_eof on all platforms
+     . robust as a client
+     . works as server
+       - can be configured
+     - robust as a server
+     . Usable as NT service
+     - docs for building in win
+     - installer, including all needed libs.
 
-        - Docs
-          . FAQ
-          o overview of tor. how does it work, what's it do, pros and
-            cons of using it, why should I use it, etc.
-          - a howto tutorial with examples
-* put a stub on the wiki
-          o tutorial: how to set up your own tor network
-            o (need to not hardcode dirservers file in config.c)
-            - Make tutorial reflect this.
-          - port forwarding howto for ipchains, etc
-* roger add to wiki of requests
-          . correct, update, polish spec
-          - document the exposed function api?
-          o document what we mean by socks.
+   - Docs
+     . FAQ
+     o overview of tor. how does it work, what's it do, pros and
+       cons of using it, why should I use it, etc.
+     - a howto tutorial with examples
+       * put a stub on the wiki
+     o tutorial: how to set up your own tor network
+       o (need to not hardcode dirservers file in config.c)
+       - Make tutorial reflect this.
+     - port forwarding howto for ipchains, etc
+       * roger add to wiki of requests
+     . correct, update, polish spec
+     - document the exposed function api?
+     o document what we mean by socks.
 
-NICK    . packages
-          . rpm
-* nick will look at the spec file
-          - find a long-term rpm maintainer
-* roger will start guilting people
+N  . packages
+     . rpm
+       * nick will look at the spec file
+     - find a long-term rpm maintainer
+       * roger will start guilting people
 
-        - code
-          - better warn/info messages
-          o let tor do resolves.
-          o extend socks4 to do resolves?
-          o make script to ask tor for resolves
-          - write howto for setting up tsocks, socat.
-            - including on osx and win32
-          - freecap handling
-          - tsocks
-            o gather patches, submit to maintainer
-* send him a reminder mail and see what's up.
-            - intercept gethostbyname and others
-* add this to tsocks
-            o do resolve via tor
-          - redesign and thorough code revamp, with particular eye toward:
-            - support half-open tcp connections
-            - conn key rotation
-            - other transports -- http, airhook
-            - modular introduction mechanism
-            - allow non-clique topology
+   - code
+     - better warn/info messages
+     o let tor do resolves.
+     o extend socks4 to do resolves?
+     o make script to ask tor for resolves
+     - write howto for setting up tsocks, socat.
+       - including on osx and win32
+     - freecap handling
+     - tsocks
+       o gather patches, submit to maintainer
+         * send him a reminder mail and see what's up.
+       - intercept gethostbyname and others
+         * add this to tsocks
+       o do resolve via tor
+     - redesign and thorough code revamp, with particular eye toward:
+       - support half-open tcp connections
+       - conn key rotation
+       - other transports -- http, airhook
+       - modular introduction mechanism
+       - allow non-clique topology
 
 Other details and small and hard things:
-        - tor should be able to have a pool of outgoing IP addresses
-          that it is able to rotate through. (maybe)
-        - tie into squid
-        - hidserv offerers shouldn't need to define a SocksPort
-* figure out what breaks for this, and do it.
-        - when the client fails to pick an intro point for a hidserv,
-          it should refetch the hidserv desc.
-        . should maybe make clients exit(1) when bad things happen?
-          e.g. clock skew.
-        - should retry exitpolicy end streams even if the end cell didn't
-          resolve the address for you
-        . Make logs handle it better when writing to them fails.
-        o Dirserver shouldn't put you in running-routers list if you haven't
-          uploaded a descriptor recently
-        . Refactor: add own routerinfo to routerlist.  Right now, only
-          router_get_by_nickname knows about 'this router', as a hack to
-          get circuit_launch_new to do the right thing.
-        . Scrubbing proxies
-                - Find an smtp proxy?
-                . Get socks4a support into Mozilla
-        - Need a relay teardown cell, separate from one-way ends.
-        - Make it harder to circumvent bandwidth caps: look at number of bytes
-          sent across sockets, not number sent inside TLS stream.
-        - fix router_get_by_* functions so they can get ourselves too,
-          and audit everything to make sure rend and intro points are
-          just as likely to be us as not.
-
+   - tor should be able to have a pool of outgoing IP addresses
+     that it is able to rotate through. (maybe)
+   - tie into squid
+   - hidserv offerers shouldn't need to define a SocksPort
+     * figure out what breaks for this, and do it.
+   - when the client fails to pick an intro point for a hidserv,
+     it should refetch the hidserv desc.
+   . should maybe make clients exit(1) when bad things happen?
+     e.g. clock skew.
+   - should retry exitpolicy end streams even if the end cell didn't
+     resolve the address for you
+   . Make logs handle it better when writing to them fails.
+   o Dirserver shouldn't put you in running-routers list if you haven't
+     uploaded a descriptor recently
+   . Refactor: add own routerinfo to routerlist.  Right now, only
+     router_get_by_nickname knows about 'this router', as a hack to
+     get circuit_launch_new to do the right thing.
+   . Scrubbing proxies
+           - Find an smtp proxy?
+           . Get socks4a support into Mozilla
+   - Need a relay teardown cell, separate from one-way ends.
+   - Make it harder to circumvent bandwidth caps: look at number of bytes
+     sent across sockets, not number sent inside TLS stream.
+   - fix router_get_by_* functions so they can get ourselves too,
+     and audit everything to make sure rend and intro points are
+     just as likely to be us as not.
 
 ***************************Future tasks:****************************