Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: c262b34a3c
Branches Tags
tor
/
TODO

TODO 4.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107 
  1. 

  2. [First four are all equally first.
    3. 

  3. Others follow in order of priority.]
    4. 

  4. 

  5. Patch well-known proxies to make them OR compliant
    6. 

  6.    Data stream anonymizing, HTTP/FTP (Privoxy, Squid), SMTP, etc.
    7. 

  7.    Packet Redirector, a la FreeBSD (DNS, authenticated connections, etc.)
    8. 

  8. 

  9. Deploy and manage open source development site.
    10. 

  10. Manage and maintain code, write documentation, design and write
    11. 

  11.  unit tests, handle patch submissions, make the autoconf work, etc
    12. 

  12. 

  13. Deploy a widespread network: manage deployment.
    14. 

  14. Maintain and distribute directory/network state information etc. Keep
    15. 

  15. operators and users happy.
    16. 

  16. 

  17. Test OR network for reliability and performance, with and without
    18. 

  18.  mechanisms for throttling, congestion control, padding, load balancing
    19. 

  19.  if applicable, etc.
    20. 

  20.      Use httperf and webload to get some performance stats
    21. 

  21.      Modify code as dictated by testing.
    22. 

  22. 

  23. Develop rendezvous points
    24. 

  24. Implement reply onions
    25. 

  25. Develop location protected servers idea
    26. 

  26. 

  27. Enhance router twins to do load balancing as well as DoS prevention
    28. 

  28. 

  29. Develop and deploy automated reputation management, directory servers,
    30. 

  30. and directory/network state monitoring.
    31. 

  31. 

  32. ---
    33. 

  33. 

  34. debian / red hat spec file
    35. 

  35. handle starting things as a system daemon
    36. 

  36. transition addr to sin_addr
    37. 

  37. 

  38. 

  39. Obvious things I'd like to do that won't break anything:
    40. 

  40. 

  41. * Abstract out crypto calls (done), with the eventual goal of moving
    42. 

  42.   from openssl to something with a more flexible license.
    43. 

  43. 

  44. * Test suite. We need one.
    45. 

  45. 

  46. * Since my OR can handle multiple circuits through a given OP,
    47. 

  47.   I think it's clear that the OP should pass new create cells through the
    48. 

  48.   same channel. Thus we can take advantage of the padding we're already
    49. 

  49.   getting. Does that mean the choose_onion functions should be changed
    50. 

  50.   to always pick a favorite OR first, so the OP can minimize the number
    51. 

  51.   of outgoing connections it must sustain?
    52. 

  52. 

  53. * Figure out what .h files we're actually using, and how portable
    54. 

  54.   those are.
    55. 

  55. 

  56. * Exit policies. Since we don't really know what protocol is being spoken,
    57. 

  57.   it really comes down to an IP range and port range that we
    58. 

  58.   allow/disallow. The 'application' connection can evaluate it and make
    59. 

  59.   a decision.
    60. 

  60. 

  61. * We currently block on gethostbyname at the exit. This is poor. We need
    62. 

  62.   to set it up so we have a separate process that we talk to. There are
    63. 

  63.   some free software versions we can use, but they'll still be tricky.
    64. 

  64. 

  65. * I'd like a cleaner interface for the configuration files, keys, etc.
    66. 

  66.   Perhaps the next step is a central repository where we download router
    67. 

  67.   lists? We can aim to make use of the directory servers that Mixminion
    68. 

  68.   deploys.
    69. 

  69. 

  70. * ORs should rotate their link keys periodically. Later.
    71. 

  71. 

  72. * The parts of the code that say 'FIXME'
    73. 

  73. 

  74. * Clean up the number of places that get to look at prkey. Later.
    75. 

  75. 

  76. * Circuits should expire sometime, say, when circuit->expire triggers?
    77. 

  77.   Later.
    78. 

  78. 

  79. 

  80. 

  81. 

  82. Non-obvious things I'd like to do:
    83. 

  83. 

  84. (Many of these topics are inter-related. It's clear that we need more
    85. 

  85. analysis before we can guess which approaches are good.)
    86. 

  86. 

  87. * Currently when a connection goes down, it generates a destroy cell
    88. 

  88.   (either in both directions or just the appropriate one). When a
    89. 

  89.   destroy cell arrives to an OR (and it gets read after all previous
    90. 

  90.   cells have arrived), it delivers a destroy cell for the "other side"
    91. 

  91.   of the circuit: if the other side is an OP or App, it closes the entire
    92. 

  92.   connection as well.
    93. 

  93. 

  94.   But by "a connection going down", I mean "I read eof from it". Yet
    95. 

  95.   reading an eof simply means that it promises not to send any more
    96. 

  96.   data. It may still be perfectly fine receiving data (read "man 2
    97. 

  97.   shutdown"). In fact, some webservers work that way -- the client sends
    98. 

  98.   his entire request, and when the webserver reads an eof it begins
    99. 

  99.   its response. We currently don't support that sort of protocol; we
    100. 

  100.   may want to switch to some sort of a two-way-destroy-ripple technique
    101. 

  101.   (where a destroy makes its way all the way to the end of the circuit
    102. 

  102.   before being echoed back, and data stops flowing only when a destroy
    103. 

  103.   has been received from both sides of the circuit); this extends the
    104. 

  104.   one-hop-ack approach that Matej used.
    105. 

  105. 

  106. * Reply onions. Hrm.
    107. 

  107.