1 PHASE #1: (Goal: settle key design questions)
4 * testcase currently fails; primary cause is that HELLO validation
5 fails (again). I suspect that what is going on is that the
6 first connection attempt (which fails because HELLOs are not yet
7 validated) causes a 'disconnect' (intentionally, to trigger
8 another round of TRY_CONNECT 750ms later) which as a side-effect
9 somehow kills HELLO validation (at least that's my best guess;
10 somewhere someone somehow manages to close the HELLO-validation
11 connections before they have a chance to succeed with the PING
15 * improve disk API [Nils] (Nils, is this done? -Christian)
16 * Windows: use events instead of pipes to signal select()s [Nils]
17 * only connect() sockets that are ready (select()) [Nils]
18 [On W32, we need to select after calling socket before
22 For these functions, it would be nice if we had testcases ("make check")
23 that would cause them to be executed and check that they are working:
24 * gnunet-service-peerinfo:
25 - change_host_trust / flush_trust
27 - discard_hosts_helper / cron_clean_data_hosts
28 * gnunet-service-transport:
29 - try_unvalidated_addresses
30 - lookup_address_callback
31 - lookup_hello_callback
32 - plugin_env_lookup_address
33 - notify_clients_disconnect
34 - list_validated_addresses
36 - disconnect_neighbour
38 * plugin_transport_tcp.c:
40 - tcp_plugin_address_pretty_printer / append_port
41 - tcp_plugin_set_receive_quota
44 - GNUNET_TRANSPORT_set_qutoa / send_set_quota
48 - remove_from_any_list / remove_neighbour
49 - GNUNET_TRANSPORT_notify_transmit_ready_cancel
52 - solicit_traffic / copy_and_free
53 - GNUNET_CORE_peer_configure / produce_configure_message
54 * gnunet-service-core:
57 - handle_client_request_configure
60 - handle_transport_notify_disconnect
61 * hostlist (everything)
62 * topology (everything)
66 PHASE #2: (Goal: recover basic file-sharing functionality)
69 * implement sqlite-based sqstore/datastore service
70 + implement service (datastore + talks to plugin)
71 + implement library (talks to service)
72 + implement sqlite plugin (talks to DB)
73 + fix testcases (make them use CPS, complete their inner workings...)
74 * implement sqlite-based dstore services
76 + implement library (talks to service)
77 + implement service (talks to plugin)
78 + implement sqlite plugin (talks to DB)
86 PHASE #3: (Goal: ready for pre-release) [completion-goal: end of 2009]
96 * UDP backend (need LIBRARY to support (de)fragmentation!)
99 + Testcases for set_quota, timeouts, disconnects, transmit_ready_cancel
100 + Better coverage of gnunet-service-transport (HELLO validation)
101 + direct test of plugins compliance to plugin API
104 * sqlite, mysql & postgres backend
110 - crypto_hash: use libgcrypt (supports SHA-512 since 2003)
111 - container_bloomfilter: improve efficiency (see FIXME)
113 - inefficient memmove
115 - transport_api: support forcing disconnects through low quotas!
116 (required for working F2F support!)
117 - API: consider having core provide deadline information for each message
118 (likely important for DV plugin which wants to loop back!)
119 - implement transport API to pretty-print transport address
120 + transport_api extension (API extension!)
121 + service-transport extension (protocol extension)
122 - add calls to statistics in various places
123 - implement gnunet-transport (transport configurator / tester)
124 - UPnP-based IP detection
125 (Note: build library always, build service when libxml2/etc. are available)
126 - instantly filter addresses from *other* peers that
127 are *equal* to our own address + port (i.e., localhost:2086). We
128 no longer filter those for outgoing (helps with loopback testing
129 and keeps the code clean), but we should filter strictly *impossible*
130 incoming addresses! This is for efficiency, not correctness.
131 - We currently are happy to take any address told to us in a WELCOME
132 to our set of addresses; we should have some minimal threshold-based
133 scheme, limiting both the total number of addresses that we accept
134 this way as well as requiring multiple confirmations; also, we
135 should possibly try to confirm that the given address works for
136 us ourselves (loopback-style) before adding it to the list
138 + we may be able to simplify WELCOME messages (no need to add
139 addresses there anymore, but may help to learn them there anyway...).
140 + we probably want some kind of voting/counting for learning IP addresses
141 (maybe including IP addresses in ads proportional to how often others
142 report them? we at least need some protection against >64k HELLOs!),
143 + provide a way to give the user a list of "learned" IP addresses and
144 a way to easily "veto" addresses off the list!
145 => If MiM attacker uses vetoed address, blacklist the specific IP for
146 the presumed neighbour!
147 - not sure current way of doing ACKs works well-enough
148 with unreliable transports where the ACK maybe lost;
149 the "is_new" check would then possibly prevent future
150 ACKs to be delivered, all while we're happily
151 receiving messages from that peer! Worse, the other
152 peer won't generate another ACK since it thinks we're
153 connected just fine...
155 + How necessary is ACKing in the first place? (alternatives?)
156 + Should we transmit ACKs in response to every HELLO? (would that
157 fully address the problem?)
158 - latency measurements implemented in the transport
159 plugins makes it only work for bi-di transports
160 and results in code replication
161 - should latency be included in the ReceiveCallback and
162 NotifyConnect or passed on request?
163 - FIXME's with latency being simply set to 0 in a few places
165 - auto-generate "defaults.conf" using gnunet-setup from "config.scm"
166 - integrate all options into "config.scm"
167 - change config-file writing to exclude options set to default values
169 - implement exponential back-off for service restarts
170 - better tracking of which config changes actually need to cause process restarts by ARM.
171 - have way to specify dependencies between services (to manage ARM restarts better)
172 - client-API is inefficient since it opens a TCP connection per service that is started
173 (instead of re-using connections).
175 - code currently notifies clients about "encrypted" connections being up well before
176 we get the encrypted PONG; sometimes this may be OK (for topology killing
177 unwanted connnections), but of course not in general. I suspect we want
178 to signal on PONG and have topology hook directly into transport to
179 kill plaintext connections before they have a chance to become encrypted
180 (may require minor hack in transport API)
182 - have gnunet-peerinfo print actual host addresses again
183 - add option to gnunet-peerinfo to modify trust value
185 - finish postgres implementation; simplify other SQLs using new stats
190 - active reply route caching design & implementation of service,
193 - implement advertising of hostlist URL
194 - implement learning of hostlist URLs
200 PHASE #4: [completion-goal: mid 2010]
208 * Features eliminated from util:
209 - threading (goal: good riddance!)
210 - complex logging features [ectx-passing, target-kinds] (goal: good riddance!)
211 - complex configuration features [defaults, notifications] (goal: good riddance!)
212 - network traffic monitors (goal: eliminate)
213 - IPC semaphores (goal: d-bus? / eliminate?)
215 - DNS lookup (goal: have async service; issue: still need synchronous resolution in places, current code may not be portable)
216 => code shrunk from 61 files to 34, 22k LOC to 15k LOC, 470k to 330k (with symbols)
217 * New features in util:
219 - service and program boot-strap code
220 * Major changes in util:
221 - more expressive server (replaces selector)
223 - how to integrate scheduler with GTK event loop!