Commit 7afe2adb authored by Roger Dingledine's avatar Roger Dingledine
add a lot of todo entries, from today's meeting

parent e514ac52
......@@ -11,7 +11,58 @@ ARMA - arma claims
D Deferred
X Abandoned
NICK . routers have identity key, link key, onion key.
- link key certs are signed by identity key
- not in descriptor
- not in config
- not on disk
- identity and onion keys are in descriptor (and disk?)
NICK - upon boot, if it doesn't find identity key, generate it and write it.
NICK - also write a file with the identity key fingerprint in it
NICK - router generates descriptor: flesh out router_get_my_descriptor()
- figure out what directory generation stuff can be moved out of main.c
NICK - Routers sign descriptors with identity key
NICK - routers put version number in descriptor
NICK - routers should maybe have `uname -a` in descriptor?
NICK . Give nicknames to routers
o in config
- in descriptors
ARMA - router posts descriptor
- when it boots
- when it changes
NICK - change tls stuff so certs don't get written to disk, or read from disk
ARMA - make directory.c threadsafe (or at least safe for multiple posts)
NICK ? dirserver parses descriptor
- dirserver checks signature
D client checks signature?
NICK - dirserver writes directory to file
- reads that file upon boot
NICK - directory includes all routers, up and down
NICK - add "up" line to directory, listing nicknames
ARMA - find an application that uses half-open connections, to test
NICK - instruments ORs to report stats
- average cell fullness
- average bandwidth used
- others?
ARMA - integrate rep_ok functions, see what breaks
ARMA - configure log files. separate log file, separate severities.
ARMA - what assumptions break if we fclose(0) when we daemonize?
NICK - make buffer struct elements opaque outside buffers.c
ARMA - Go through log messages, reduce confusing error messages.
ARMA - make the logs include more info (fd, etc)
ARMA - add log convention to the HACKING file
- make 'make install' do the right thing
ARMA - change binary name to tor
ARMA - change config files so you look at commandline, else look in
/etc/torrc. no cascading.
ARMA - have an absolute datadir with fixed names for files, and fixed-name
keydir under that with fixed names
ARMA - tor faq
list all other systems, why we're different.
- What happens when a circuit's length is 1? What breaks?
. streams / circuits
o Implement streams
o Rotate circuits after N minutes?
......@@ -41,17 +92,12 @@ ARMA . Exit policies
when the AP get an extended cell.
SPEC!! D Non-clique topologies
D Implement our own memory management, at least for common structs
. Appropriate logging
- Come up with convention for what log level means what
- Make code follow convention
. Put CPU workers in separate processes
o Handle multiple cpu workers (one for each cpu, plus one)
o Queue for pending tasks if all workers full
o Support the 'process this onion' task
NICK - Support the 'decrypt this RSA blob' handshake1 task
- Merge dnsworkers and cpuworkers to some extent
D Merge dnsworkers and cpuworkers to some extent
- Handle cpuworkers dying
D Support later handshake parts
o Simple directory servers
o Include key in source; sign directories
o Signed directory backend
......@@ -65,15 +111,6 @@ NICK - Support the 'decrypt this RSA blob' handshake1 task
o Command-line option to override quit
o Add more information to directory server entries
o Exit policies
- More directory servers
- Add in long-term nicknames
- Give normal routers signing keys
- Let dirservers keep only {nickname, signingkey} in routers.or
- dirport needs to accept 'post' requests
for routers submitting (signed) new entries
- routers submit new entries periodically
- dirserver checks signature
D client checks signature?
D Advanced directory servers
D Automated reputation management
SPEC!! D Figure out how to do threshold directory servers
......@@ -86,7 +123,7 @@ SPEC!! D Figure out how to do threshold directory servers
. Get socks4a support into Mozilla
. Get tor to act like a socks server
o socks4, socks4a
D socks5
ARMA - socks5
SPEC!! - Handle socks commands other than connect, eg, bind?
. Develop rendezvous points
o Design
......@@ -115,7 +152,7 @@ NICK . Daemonize and package
o Teach it to fork and background
- Red Hat spec file
- Debian spec file equivalent
. Autoconf
. Portability
. Which .h files are we actually using?
. Port to:
o Linux
......@@ -124,13 +161,14 @@ NICK . Daemonize and package
o Cygwin
o Win32
o OS X
- deal with pollhup / reached_eof on all platforms
o openssl randomness
o inet_ntoa
. stdint.h
- Make a script to set up a local network on your machine
D Move away from openssl
X Move away from openssl
o Abstract out crypto calls
D Look at nss, others? Just include code?
X Look at nss, others? Just include code?
o Clearer bandwidth management
o Do we want to remove bandwidth from OR handshakes?
o What about OP handshakes?
......@@ -173,7 +211,7 @@ Older (done) todo stuff:
o An address doesn't resolve
o We have max workers running
o Consider taking the master out of the loop?
D Implement reply onions
X Implement reply onions
o Total rate limiting
o Look at OR handshake in more detail
o Spec it
......@@ -17,7 +17,7 @@
extra level of indirection also allows Bob to choose which requests
to respond to, and which to ignore.
We also provide the necessary glue code so that Alice can view webpages
We provide the necessary glue code so that Alice can view webpages
on a location-hidden webserver, and Bob can run a location-hidden
server, with minimal invasive changes (see Section 3). Both Alice
and Bob must run local onion proxies (OPs) -- software that knows
......@@ -194,10 +194,10 @@ which reveals the downstream node.
1. Create an onion skin, encrypting the RSA-encrypted part with
R's public key.
2. Encrypt and send the onion skin in a RELAY_CREATE cell along
2. Encrypt and send the onion skin in a relay EXTEND cell along
the circuit (see section 5).
3. When a RELAY_CREATED cell is received, calculate the shared
3. When a relay EXTENDED cell is received, calculate the shared
keys. The circuit is now extended.
When an onion router receives an EXTEND relay cell, it sends a
