1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
This file lists minor work items (also possibly called "known bugs").
We are not tracking them in Mantis yet since there are too many and no
sane end-user should care about this codebase yet anyway.
* UTIL:
- only connect() sockets that are ready (select()) [Nils]
[On W32, we need to select after calling socket before
doing connect etc.]
* TRANSPORT:
- implement transport API to pretty-print transport address
+ transport_api extension (API extension!)
+ service-transport extension (protocol extension)
- add calls to statistics in various places
- implement gnunet-transport (transport configurator / tester)
- UPnP-based IP detection
(Note: build library always, build service when libxml2/etc. are available)
- instantly filter addresses from *other* peers that
are *equal* to our own address + port (i.e., localhost:2086). We
no longer filter those for outgoing (helps with loopback testing
and keeps the code clean), but we should filter strictly *impossible*
incoming addresses! This is for efficiency, not correctness.
- We currently are happy to take any address told to us in a WELCOME
to our set of addresses; we should have some minimal threshold-based
scheme, limiting both the total number of addresses that we accept
this way as well as requiring multiple confirmations; also, we
should possibly try to confirm that the given address works for
us ourselves (loopback-style) before adding it to the list
[SECURITY issue]
+ we may be able to simplify WELCOME messages (no need to add
addresses there anymore, but may help to learn them there anyway...).
+ we probably want some kind of voting/counting for learning IP addresses
(maybe including IP addresses in ads proportional to how often others
report them? we at least need some protection against >64k HELLOs!),
+ provide a way to give the user a list of "learned" IP addresses and
a way to easily "veto" addresses off the list!
=> If MiM attacker uses vetoed address, blacklist the specific IP for
the presumed neighbour!
- not sure current way of doing ACKs works well-enough
with unreliable transports where the ACK maybe lost;
the "is_new" check would then possibly prevent future
ACKs to be delivered, all while we're happily
receiving messages from that peer! Worse, the other
peer won't generate another ACK since it thinks we're
connected just fine...
Key questions:
+ How necessary is ACKing in the first place? (alternatives?)
+ Should we transmit ACKs in response to every HELLO? (would that
fully address the problem?)
- [./transport/gnunet-service-transport.c:173]: (style) struct or union member 'TransportPlugin::rebuild' is never used
- [./transport/plugin_transport_tcp.c:391]: (style) struct or union member 'Plugin::address_update_task' is never used
* FS:
- [./fs/gnunet-service-fs.c:208]: (style) struct or union member 'LocalGetContext::results_bf_size' is never used
- [./fs/gnunet-service-fs.c:501]: (style) struct or union member 'PendingRequest::used_pids_size' is never used
- [./fs/gnunet-service-fs.c:654]: (style) struct or union member 'ConnectedPeer::last_client_replies' is never used
- [./fs/gnunet-service-fs.c:669]: (style) struct or union member 'ConnectedPeer::avg_delay' is never used
- [./fs/gnunet-service-fs.c:675]: (style) struct or union member 'ConnectedPeer::avg_priority' is never used
- [./fs/gnunet-service-fs.c:688]: (style) struct or union member 'ConnectedPeer::pending_requests' is never used
- [./fs/gnunet-service-fs.c:694]: (style) struct or union member 'ConnectedPeer::last_p2p_replies_woff' is never used
- [./fs/gnunet-service-fs.c:700]: (style) struct or union member 'ConnectedPeer::last_client_replies_woff' is never used
* TOPOLOGY:
- If the topology daemon crashes, peers that were put on the
blacklist with transport will never be removed from it (until
transport service dies); we should use the blacklist notification
API to learn about the exact set of blacklisted peers at all times
(FIXME: the transport_api implementation of blacklisting
also does not work nicely for this since it won't let us know about
disconnect-reconnect events and the implicit whitelisting
that might happen here; that's not so bad since we will
re-blacklist on pre-connect attempts anyway, so this is
a minor issue).
- the code uses the term 'blacklist' for both peers that are forbidden
to connect (i.e. F2F mode) as well as peers that we currently
won't try to actively connect to ourselves (since we just tried);
This is confusing. We need two distinct terms.
- move code to use hash table instead of linked list
- instead of periodically discarding blacklisted entries,
simply add task that is triggered at the right time (earlier free,
more balanced load)
- check if new HELLO learned is different from old HELLO
before resetting entire state!
* SETUP:
- auto-generate "defaults.conf" using gnunet-setup from "config.scm"
- integrate all options into "config.scm"
- change config-file writing to exclude options set to default values
* ARM:
- better tracking of which config changes actually need to cause process restarts by ARM.
- listen for requests to discover dependencies between services (and avoid
having to explicitly program start requests)
- better crash management (attach debugging support, capture and analyze
debug output, detect random vs. deterministic crashes)
- shutdown sequence?
* CORE:
- test case (test_core_api) hangs for a while (some timeout task not killed somewhere?)
- [./core/gnunet-service-core.c:469]: (style) struct or union member 'Neighbour::message_queue_size' is never used
- [./core/test_core_api_start_only.c:50]: (style) struct or union member 'PeerContext::id' is never used
* HTTPS transport
- Better SSL-support for MHD
- https integration
* GAP improvements:
- active reply route caching design & implementation of service,
gap extension!
* TESTING:
- consider changing API for peer-group termination to
call continuation when done
* HOSTLIST:
- 'server' uses 'GNUNET_PEERINFO_iterate', should probably switch to notification API
(for more instant / up-to-date hostlists at lower cost) [OPTIMIZATION]
|
