aboutsummaryrefslogtreecommitdiff
path: root/BUGS
blob: 664987618bb019d96a00b549e6f76ffe94fb8d9e (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
This file lists minor work items (also possibly called "known bugs").
We are not tracking them in Mantis yet since there are too many and no
sane end-user should care about this codebase yet anyway.


* UTIL:
  - container_bloomfilter: improve efficiency (see FIXME)
  - only connect() sockets that are ready (select()) [Nils]
    [On W32, we need to select after calling socket before
     doing connect etc.]
* TRANSPORT:
  - transport_api: support forcing disconnects through low quotas!
    (required for working F2F support!)
  - API: consider having core provide deadline information for each message
    (likely important for DV plugin which wants to loop back!)
  - implement transport API to pretty-print transport address 
    + transport_api extension (API extension!)
    + service-transport extension (protocol extension)
  - add calls to statistics in various places
  - implement gnunet-transport (transport configurator / tester)
  - UPnP-based IP detection
    (Note: build library always, build service when libxml2/etc. are available)
  - instantly filter addresses from *other* peers that 
    are *equal* to our own address + port (i.e., localhost:2086).  We 
    no longer filter those for outgoing (helps with loopback testing
    and keeps the code clean), but we should filter strictly *impossible*
    incoming addresses!  This is for efficiency, not correctness.
  - We currently are happy to take any address told to us in a WELCOME
    to our set of addresses; we should have some minimal threshold-based
    scheme, limiting both the total number of addresses that we accept 
    this way as well as requiring multiple confirmations; also, we
    should possibly try to confirm that the given address works for
    us ourselves (loopback-style) before adding it to the list
    [SECURITY issue]
    + we may be able to simplify WELCOME messages (no need to add 
      addresses there anymore, but may help to learn them there anyway...).
    + we probably want some kind of voting/counting for learning IP addresses
      (maybe including IP addresses in ads proportional to how often others
       report them? we at least need some protection against >64k HELLOs!),
    + provide a way to give the user a list of "learned" IP addresses and
      a way to easily "veto" addresses off the list!
      => If MiM attacker uses vetoed address, blacklist the specific IP for
         the presumed neighbour!
  - not sure current way of doing ACKs works well-enough 
    with unreliable transports where the ACK maybe lost;
    the "is_new" check would then possibly prevent future
    ACKs to be delivered, all while we're happily 
    receiving messages from that peer!  Worse, the other
    peer won't generate another ACK since it thinks we're
    connected just fine...
    Key questions:
    + How necessary is ACKing in the first place? (alternatives?)
    + Should we transmit ACKs in response to every HELLO? (would that 
      fully address the problem?)
  - latency measurements implemented in the transport
    plugins makes it only work for bi-di transports
    and results in code replication
  - should latency be included in the ReceiveCallback and
    NotifyConnect or passed on request?
  - FIXME's with latency being simply set to 0 in a few places
  - [./transport/gnunet-service-transport.c:173]: (style) struct or union member 'TransportPlugin::rebuild' is never used
  - [./transport/plugin_transport_tcp.c:391]: (style) struct or union member 'Plugin::address_update_task' is never used

* FS:
  - [./fs/gnunet-service-fs.c:208]: (style) struct or union member 'LocalGetContext::results_bf_size' is never used
  - [./fs/gnunet-service-fs.c:501]: (style) struct or union member 'PendingRequest::used_pids_size' is never used
  - [./fs/gnunet-service-fs.c:654]: (style) struct or union member 'ConnectedPeer::last_client_replies' is never used
  - [./fs/gnunet-service-fs.c:669]: (style) struct or union member 'ConnectedPeer::avg_delay' is never used
  - [./fs/gnunet-service-fs.c:675]: (style) struct or union member 'ConnectedPeer::avg_priority' is never used
  - [./fs/gnunet-service-fs.c:688]: (style) struct or union member 'ConnectedPeer::pending_requests' is never used
  - [./fs/gnunet-service-fs.c:694]: (style) struct or union member 'ConnectedPeer::last_p2p_replies_woff' is never used
  - [./fs/gnunet-service-fs.c:700]: (style) struct or union member 'ConnectedPeer::last_client_replies_woff' is never used

* TOPOLOGY:
  - [./topology/gnunet-daemon-topology.c:94]: (style) struct or union member 'PeerList::last_hello_sent' is never used

* SETUP:
  - auto-generate "defaults.conf" using gnunet-setup from "config.scm"
  - integrate all options into "config.scm"
  - change config-file writing to exclude options set to default values
* ARM:
  - implement exponential back-off for service restarts
  - better tracking of which config changes actually need to cause process restarts by ARM.
  - have way to specify dependencies between services (to manage ARM restarts better)
* CORE: 
  - code currently notifies clients about "encrypted" connections being up well before
    we get the encrypted PONG; sometimes this may be OK (for topology killing
    unwanted connnections), but of course not in general.  I suspect we want
    to signal on PONG and have topology hook directly into transport to
    kill plaintext connections before they have a chance to become encrypted
    (may require minor hack in transport API)
  - [./core/gnunet-service-core.c:469]: (style) struct or union member 'Neighbour::message_queue_size' is never used
  - [./core/test_core_api_start_only.c:50]: (style) struct or union member 'PeerContext::id' is never used

* HTTPS transport
  - Better SSL-support for MHD
  - https integration
* GAP improvements:
  - active reply route caching design & implementation of service,
    gap extension!
* TESTING:
  - consider changing API for peer-group termination to 
    call continuation when done