|
@@ -1,58 +0,0 @@
|
|
-TODO sketch for this branch, in rough priority order:
|
|
|
|
-
|
|
|
|
-- Clean up/fix XXX's and FIXMEs
|
|
|
|
- - Test event entry points into circuitpad?
|
|
|
|
- - Most of our events come from completely untested code :/
|
|
|
|
-
|
|
|
|
-- Compat-breaking changes to be decided/done ASAP
|
|
|
|
- - Option to keep circuits open if machine present
|
|
|
|
- - Specify an ordered preference list of padding machines
|
|
|
|
- - Specify exit policy for machine conditions?
|
|
|
|
- - short_policy_t looks good, except for its flexible array member :/
|
|
|
|
- - Can we make our own struct with a small, fixed number of policy
|
|
|
|
- entries? Say 3-4? Or is that a bad idea to lose this flexibility?
|
|
|
|
- - Check conditions based on attached streams on the circuit
|
|
|
|
- - Accept should mean "only apply if matched"
|
|
|
|
- - Reject should mean "don't apply if matched"
|
|
|
|
- - If a policy is specified, Reject *:* is implicit default (so reject
|
|
|
|
- policies need an Accept entry).
|
|
|
|
- - With no policy, Accept *:* is implicit default.
|
|
|
|
-
|
|
|
|
-
|
|
|
|
-- Misc fixes:
|
|
|
|
- - Remove circuitsetup machine (but place it in unittests -- they depend on it)
|
|
|
|
- - Circuit RTT measurement will break on var_cell/EXTEND2 cells
|
|
|
|
- - Are there any heuristics we can use here?
|
|
|
|
- - If RELAY_EARLY is only for the first cell of an EXTEND2 series,
|
|
|
|
- we can use that. But the proposal currently says MAY, but not MUST
|
|
|
|
- for this behavior.
|
|
|
|
-
|
|
|
|
-======== 0.3.6 ========
|
|
|
|
-
|
|
|
|
-- Come up with some good histograms for eg circuit setup fingerprinting,
|
|
|
|
- website fingerprinting, and vanguards usage.
|
|
|
|
-
|
|
|
|
-- Vanguards compatibility for MiddleNodes (via changes to vanguards addon)
|
|
|
|
-
|
|
|
|
-- circpad_machine_validate() function to sanity-check histograms loaded from
|
|
|
|
- consensus/torrc (can also be used to help guide a GA).
|
|
|
|
- - Check bin construction
|
|
|
|
- - no type overflow (start_usec + range_sec, etc)
|
|
|
|
- - no conflicting state transitions (or overlap with cancel events)
|
|
|
|
- - no use of both histograms and iat_dist
|
|
|
|
- - at least two histogram bins
|
|
|
|
- - min_hop vs target_hop
|
|
|
|
-
|
|
|
|
-- Support torrc load+serialization of state machines
|
|
|
|
- - ??
|
|
|
|
-
|
|
|
|
-- Support consensus load+serialization of state machines
|
|
|
|
- - ??
|
|
|
|
-
|
|
|
|
-- Prop #265 load balancing
|
|
|
|
-
|
|
|
|
-- Rephist timer stats
|
|
|
|
- - Is this a privacy risk? The adversary could create lots of circuits
|
|
|
|
- to find a layer2 vanguard.. Otherwise they will be spread across middles.
|
|
|
|
-
|
|
|
|
-
|
|
|