diff options
| author | Roger Dingledine <arma@torproject.org> | 2004-10-17 20:46:59 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2004-10-17 20:46:59 +0000 |
| commit | 776d05f56f172738e6d3bc53bf1d043e40124189 (patch) | |
| tree | d3f61343fd5e590038433696aa6006b3d127516f | |
| parent | 695cdb10fe0ac234181daa51c613730435f29d21 (diff) | |
| download | tor-776d05f56f172738e6d3bc53bf1d043e40124189.tar.gz tor-776d05f56f172738e6d3bc53bf1d043e40124189.zip | |
mark some items done, move some around, add a wishlist item
svn:r2563
| -rw-r--r-- | doc/TODO | 32 |
1 files changed, 16 insertions, 16 deletions
@@ -34,7 +34,7 @@ R - figure out enclaves, e.g. so we know what to recommend that people X We should set things in options to NULL, not rely on memset(...0) being equivalent. o We should check for memset(0) setting things to NULL with autoconf, - and then rely on it in the code. + and then rely on it in the code. - Once we have a trusted directory on port 80, stop falling back to forbidden ports when fascistfirewall blocks all good dirservers. @@ -55,6 +55,12 @@ N - add ipv6 support. R - learn from ben about his openssl-reinitialization-trick to rotate tls keys without making new connections. - (Roger grabs Ben next time he sees him on IRC) + - christian grothoff's attack of infinite-length circuit. + the solution is to have a separate 'extend-data' cell type + which is used for the first N data cells, and only + extend-data cells can be extend requests. + - have a pool of circuits available, cannibalize them + for your purposes (e.g. rendezvous, etc). D nt services on win32. @@ -65,10 +71,6 @@ R - learn from ben about his openssl-reinitialization-trick to o Specify o Implement parsing - Generate new formats (Not till 007 is dead) - - christian grothoff's attack of infinite-length circuit. - the solution is to have a separate 'extend-data' cell type - which is used for the first N data cells, and only - extend-data cells can be extend requests. - make loglevel info less noisy - Make command-line strict about checking options; make only certain option prefixes work. @@ -86,8 +88,6 @@ R - learn from ben about his openssl-reinitialization-trick to * Don't worry about this for now - Handle full buffers without totally borking * do this eventually, no rush. - - have a pool of circuits available, cannibalize them - for your purposes (e.g. rendezvous, etc). - do resolve before trying to attach the stream * don't do this for now. - if destination IP is running a tor node, extend a circuit there @@ -96,23 +96,23 @@ R - learn from ben about his openssl-reinitialization-trick to - Support egd or other non-OS-integrated strong entropy sources more features, complex: - - Switch dirservers entries to config lines: - - read in and parse each TrustedDir config line. - - stop reading dirservers file. - - add some default TrustedDir lines if none defined, or if + - password protection for on-disk identity key + . Switch dirservers entries to config lines: + o read in and parse each TrustedDir config line. + o stop reading dirservers file. + o add some default TrustedDir lines if none defined, or if no torrc. - remove notion of ->is_trusted_dir from the routerlist. that's no longer where you look. - clean up router parsing flow, since it's simpler now? - - when checking signature on a directory, look it up in + o when checking signature on a directory, look it up in options.TrustedDirs, and make sure there's a descriptor with that nickname, whose key hashes to the fingerprint, and who correctly signed the directory. -* nick will do the above - - when fetching a directory, if you want a trusted one, + o when fetching a directory, if you want a trusted one, choose from the trusteddir list. - - which means keeping track of which ones are "up" - - if you don't need a trusted one, choose from the routerinfo + o which means keeping track of which ones are "up" + ? if you don't need a trusted one, choose from the routerinfo list if you have one, else from the trusteddir list. * roger will do the above - add a listener for a ui |