Home Explore Help
Sign In
sengler
/
tor-parallel-relay-conn
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

First cut at labelinging things for 0.1.0.x

svn:r3673
Nick Mathewson 20 years ago
parent
dd7333b2a1
commit
14f6d74c6d
1 changed files with 102 additions and 138 deletions
Split View Show Diff Stats
  1. 102 138
      doc/TODO

+ 102 - 138
doc/TODO
View File 

@@ -10,152 +10,135 @@ ARMA    - arma claims
 
         D Deferred
 
         X Abandoned
 
 
-For 0.0.9:
 
-
 
-   o Solve the MSVC nuisance where __FILE__ contains the full path.
 
-     People are getting confused about why their errors are coming from
 
-     C:\Documents and Settings\Nick Mathewson\My Documents\src\tor .
 
-N&R. bring tor-spec up to date
 
-N&R. make loglevels info,debug less noisy
 
-   o OS X package (and bundle?)
 
-   o Working RPMs
 
-   o Get win32 servers working, or find out why it isn't happening now.
 
-     o Why can't win32 find a cpuworker?
 
-
 
-For 0.0.9.3:
 
-   o All tasks marked for 0093 in flyspray.
 
-   o Backport performance improvement (stop calling getttimeofday for
 
-     each cell)
 
-   o Tor startup script should be installed by default on OSX.
 
-   o Setup instructions for OSX.
 
-
 
-
 
 For 0.0.9.5:
 
    - Server instructions for OSX and Windows operators.
 
    - Audit all changes to bandwidth buckets for integer over/underflow.
 
 
-************************ For Post 0.0.9 *****************************
 
+For 0.1.0.x:
 
 
-  - make min uptime a function of the available choices
 
-  - kill dns workers more slowly
 
-  - reset uptime when ip changes
 
-  - build testing circuits? going through non-verified nodes?
 
-
 
-  - config option to publish what ports you listen on, beyond ORPort/DirPort
 
-  - https proxy for OR CONNECT stuff
 
-  - choose entry node to be one you're already connected to?
 
-
 
-Tier one:
 
-   o Move to our new version system.
 
-   - Changes for forward compatibility
 
-     - If a version is later than the last in its series, but a version
 
-       in the next series is recommended, that doesn't mean it's bad.
 
+ Refactoring and infrastructure:
 
 
+  . Switch to libevent
 
+       - Hold-open-until-flushed now works by accident; it should work by
 
+         design.
 
+       - The logic for reading from TLS sockets is likely to overrun the
 
+         bandwidth buckets under heavy load.  (Really, the logic was
 
+         never right in the first place.)  Also, we should audit all users
 
+         of get_pending_bytes().
 
+       - Find a way to make sure we have libevent 1.0 or later.
 
+       - Log which poll method we're using.
 
+       . Check return from event_set, event_add, event_del.
 
+
 
+ Security: 
+   - Make sure logged info is "safe"ish.
 
+
 
+ Stability
 
+   - Reset uptime when IP/ORPort/... changes.
 
+
 
+ Functionality
 
+  - Implement pending controller features.
 
+  - HTTPS proxy for OR CONNECT stuff. (For outgoing SSL connections to
 
+    other ORs.)
 
+  - Changes for forward compatibility
 
+    - If a version is later than the last in its series, but a version
 
+      in the next series is recommended, that doesn't mean it's bad.
 
+  - Do end reasons better
 
+    - Realize that unrecognized end reasons are probably features rather than
 
+      bugs. (backport to 009x)
 
+    - Start using RESOURCELIMIT more.
 
+    - Try to use MISC a lot less.
 
+      - bug: if the exit node fails to create a socket (e.g. because it
 
+        has too many open), we will get a generic stream end response.
 
+      - niels's "did it fail because conn refused or timeout or what"
 
+        relay end feature.
 
+    - Start recognizing, but maybe not yet generating, more reasons and
 
+      needed -- aim to eliminate misc. (backport to 009x)
 
+  - Feed end reason back into SOCK5 as reasonable.
 
+  - cache .foo.exit names better, or differently, or not.
 
+  - make !advertised_server_mode() ORs fetch dirs less often.
 
+  - Clean up NT service code even more.  Document it. Enable it by default.
 
+    Make sure it works.
 
+
 
+ Documentation
 
+  - Document new version system.
 
+  - Correct and clarify the wiki entry on port forwarding.
 
+  - Document where OSX, windows logs go, where stuff is installed.
 
+
 
+ Installers
 
+  - Vet all pending installer patches
 
+    - Win32 installer plus privoxy, sockscap/freecap, etc.
 
+  - Make OSX man pages go into man directory.
 
+
 
+ Correctness
 
    - Bugfixes
 
-     o fix dfc/weasel's intro point bug
 
      - when we haven't explicitly sent a socks reject, sending one in
 
        connection_about_to_close_connection() fails because we never give it
 
        a chance to flush. right answer is to do the socks reply manually in
 
        each appropriate case, and then about-to-close-connection can simply
 
-       warn us if we forgot one.
 
-
 
-   - Documentation
 
-     - Convert man pages to pod, or whatever's right.  Alternatively, find
 
-       a man2html that actually works.
 
-     o Macintosh HOWTO page.
 
-
 
-   - Evangelism
 
-     - Get more nodes running on 80 and 443.
 
-     - Get epic, aclu, etc running nodes.
 
-
 
-   - Dirservers and server descs: small, backward-compatible changes
 
-     - support hostnames as well as IPs for authdirservers.
 
-     - If we have a trusted directory on port 80, stop falling back to
 
-       forbidden ports when fascistfirewall blocks all good dirservers.
 
-     - GPSLocation optional config string.
 
-
 
-   - SOCKS enhancements
 
-     - niels's "did it fail because conn refused or timeout or what"
 
-       relay end feature.
 
-     - bug: if the exit node fails to create a socket (e.g. because it
 
-       has too many open), we will get a generic stream end response.
 
-
 
-   - Windows
 
-N    - Make millisecond accuracy work on win32
 
-     X Switch to WSA*Event code as a better poll replacement.  Or maybe just
 
-       do libevent?
 
-
 
-   - Code cleanup
 
-     X Make more configuration variables into CSVs.
 
-     - Make configure.in handle cross-compilation
 
-       - Have NULL_REP_IS_ZERO_BYTES default to 1.
 
-       - Make with-ssl-dir disable search for ssl.
 
+       warn us if we forgot one. [Tag this 010 in flyspray.]
 
+     - should retry exitpolicy end streams even if the end cell didn't
 
+       resolve the address for you
 
+   - Figure out when to reset addressmaps (on hup, on reconfig, etc)
 
 
-   - Support
 
-     o Bug tracker.
 
+ Improvements to self-measurement.
 
+   - round detected bandwidth up to nearest 10KB?
 
+   - client software not upload descriptor until:
 
+     - you've been running for an hour
 
+     - it's sufficiently satisfied with its bandwidth
 
+     - it decides it is reachable
 
+     - start counting again if your IP ever changes.
 
+     - never regenerate identity keys, for now.
 
+     - you can set a bit for not-being-an-OR.
 
+     * no need to do this yet. few people define their ORPort.
 
 
-   - Exit hostname support
 
-     - cache .foo.exit names better, or differently, or not.
 
 
-   - IPv6 support
 
+ Arguable
 
+  - Reverse DNS: specify and implement.
 
+  - make min uptime a function of the available choices (say, choose 60th
 
+    percentile, not 1 day.)
 
+  - kill dns workers more slowly
 
+  - build testing circuits? going through non-verified nodes?
 
+  - config option to publish what ports you listen on, beyond ORPort/DirPort
 
+  - It would be nice to have a FirewalledIPs thing that works like
 
+    FirewallPorts.
 
+  - If we have a trusted directory on port 80, stop falling back to
 
+    forbidden ports when fascistfirewall blocks all good dirservers.
 
+  - Code cleanup
 
+    - Make configure.in handle cross-compilation
 
+      - Have NULL_REP_IS_ZERO_BYTES default to 1.
 
+      - Make with-ssl-dir disable search for ssl.
 
+  - Efficiency/speed improvements.
 
+    - Write limiting; configurable token buckets.
 
+    - Make it harder to circumvent bandwidth caps: look at number of bytes
 
+      sent across sockets, not number sent inside TLS stream.
 
+  - Let more config options (e.g. ORPort) change dynamically.
 
+  - hidserv offerers shouldn't need to define a SocksPort
 
+    * figure out what breaks for this, and do it.
 
+
 
+
 
+  No
 
+  - choose entry node to be one you're already connected to?
 
+  - Convert man pages to pod, or whatever's right.
 
+  - support hostnames as well as IPs for authdirservers.
 
+  - GPSLocation optional config string.
 
+  - Windows
 
+    - Make millisecond accuracy work on win32
 
+  - IPv6 support
 
      - teach connection_ap_handshake_socks_reply() about ipv6 and friends
 
        so connection_ap_handshake_socks_resolved() doesn't also need
 
        to know about them.
 
-
 
    - Packaging
 
      - Figure out how to make the rpm not strip the binaries it makes.
 
-
 
-
 
-Tier two:
 
-
 
-   - Efficiency/speed improvements.
 
-     o Handle pools of waiting circuits better.
 
-     o Limit number of circuits that we preemptively generate based on past
 
-       behavior; use same limits in circuit_expire_old_circuits().
 
-     - Write limiting; configurable token buckets.
 
-     - Make it harder to circumvent bandwidth caps: look at number of bytes
 
-       sent across sockets, not number sent inside TLS stream.
 
-
 
-     . Switch to libevent
 
-       o Evaluate libevent
 
-       o Convert socket handling
 
-       o Convert signal handling
 
-       o Convert timers
 
-       o Update configure.in
 
-       o Remove fakepoll
 
-       - Hold-open-until-flushed now works by accident; it should work by
 
-         design.
 
-       - The logic for reading from TLS sockets is likely to overrun the
 
-         bandwidth buckets under heavy load.  (Really, the logic was
 
-         never right in the first place.)  Also, we should audit all users
 
-         of get_pending_bytes().
 
-       - Make sure it works on more platforms.
 
-       - Find a way to make sure we have libevent 1.0 or later.
 
-       - Check return from event_set, event_add, event_del.
 
-
 
    - Integrate an http proxy into Tor (maybe as a third class of worker
 
      process), so we can stop shipping with the beast that is Privoxy.
 
-
 
-   - QOI
 
-     - Let more config options (e.g. ORPort) change dynamically.
 
-
 
-   - Dirservers and server descs: small, backward-compatible changes
 
-     - make advertised_server_mode() ORs fetch dirs more often.
 
-     - Implement If-Modified-Since for directories.
 
-
 
+   - Implement If-Modified-Since for directories.
 
    - Big, incompatible re-architecting and decentralization of directory
 
      system.
 
      - Only the top of a directory needs to be signed.
 
-
 
    - Windows
 
-N    - Clean up NT service code; make it work
 
      - Get a controller to launch tor and keep it on the system tray.
 
-     - Win32 installer plus privoxy, sockscap/freecap, etc.
 
 
-   - Controller enhancements.
 
-     o Implement SIGNAL feature so windows can hup, shutdown, etc.
 
-     - controller should have 'getinfo' command to query about rephist,
 
-       about rendezvous status, etc.
 
+Tier two:
 
 
 N  - Handle rendezvousing with unverified nodes.
 
      - Specify: Stick rendezvous point's key in INTRODUCE cell.
 
@@ -171,27 +154,18 @@ N  - IPv6 support (For exit addresses)
 
        a generalize address struct.
 
      - Change relay cell types to accept new addresses.
 
      - Add flag to serverdescs to tell whether IPv6 is supported.
 
-     - When should servers 
 
    - Security fixes
 
      - christian grothoff's attack of infinite-length circuit.
 
        the solution is to have a separate 'extend-data' cell type
 
        which is used for the first N data cells, and only
 
        extend-data cells can be extend requests.
 
-     - Make sure logged information is 'safe'.
 
 
    - Code cleanup
 
-     . rename/rearrange functions for what file they're in
 
      - fix router_get_by_* functions so they can get ourselves too,
 
        and audit everything to make sure rend and intro points are
 
        just as likely to be us as not.
 
 
-   - Bugfixes
 
-     - hidserv offerers shouldn't need to define a SocksPort
 
-       * figure out what breaks for this, and do it.
 
-     - should retry exitpolicy end streams even if the end cell didn't
 
-       resolve the address for you
 
-
 
    - tor should be able to have a pool of outgoing IP addresses
 
      that it is able to rotate through. (maybe)
 
 
@@ -209,15 +183,6 @@ N  - IPv6 support (For exit addresses)
 
    - DoS protection: TLS puzzles, public key ops, bandwidth exhaustion.
 
    - Have clients and dirservers preserve reputation info over
 
      reboots.
 
-   - round detected bandwidth up to nearest 10KB?
 
-   - client software not upload descriptor until:
 
-     - you've been running for an hour
 
-     - it's sufficiently satisfied with its bandwidth
 
-     - it decides it is reachable
 
-     - start counting again if your IP ever changes.
 
-     - never regenerate identity keys, for now.
 
-     - you can set a bit for not-being-an-OR.
 
-     * no need to do this yet. few people define their ORPort.
 
    - authdirserver lists you as running iff:
 
      - he can connect to you
 
      - he has successfully extended to you
 
@@ -247,7 +212,6 @@ Big tasks that would demonstrate progress:
 
    - scrubbing proxies for protocols other than http.
 
      - Find an smtp proxy?
 
      . Get socks4a support into Mozilla
 
-N  - Reverse DNS: specify and implement.
 
    - figure out enclaves, e.g. so we know what to recommend that people
 
      do, and so running a tor server on your website is helpful.
 
      - Do enclaves for same IP only.