Roger Dingledine commited on 2005-08-15 12:09:20
Zeige 1 geänderte Dateien mit 23 Einfügungen und 10 Löschungen.
... | ... |
@@ -54,17 +54,33 @@ |
54 | 54 |
|
55 | 55 |
<h2>Coding Challenges</h2> |
56 | 56 |
<ul> |
57 |
-<li>Update crypto usage to use openssl aes when available.</li> |
|
58 |
-<li>Implement a buffer design modelled after the linux kernel buffer design.</li> |
|
59 |
-<li>how do ulimits work on win32, anyway? (We should handle WSAENOBUFS as needed, look at the MaxConnections registry entry, look at the MaxUserPort entry, and look at the TcpTimedWaitDelay entry. We may also want to provide a way to set them as needed. See bug 98.)</li> |
|
57 |
+<li>Currently Tor ships with its own AES, since when we started OpenSSL |
|
58 |
+had missing/broken AES support. But now that it's gotten more mainstream, |
|
59 |
+we should change things so we only use our bundled AES if OpenSSL doesn't |
|
60 |
+support it natively.</li> |
|
61 |
+<li>Because Tor servers need to store-and-forward each cell they handle, |
|
62 |
+high-bandwidth Tor servers end up using dozens of megabytes of memory |
|
63 |
+just for buffers. We need better heuristics for when to shrink/expand |
|
64 |
+buffers. Maybe this should be modelled after the Linux kernel buffer |
|
65 |
+design, where you have many smaller buffers that link to each other, |
|
66 |
+rather than monolithic buffers?</li> |
|
67 |
+<li>How do ulimits work on Win32, anyway? We're having problems |
|
68 |
+especially on older Windowses with people running out of file |
|
69 |
+descriptors, connection buffer space, etc. (We should handle |
|
70 |
+WSAENOBUFS as needed, look at the MaxConnections registry entry, |
|
71 |
+look at the MaxUserPort entry, and look at the TcpTimedWaitDelay |
|
72 |
+entry. We may also want to provide a way to set them as needed. See <a |
|
73 |
+href="http://bugs.noreply.org/flyspray/index.php?do=details&id=98">bug |
|
74 |
+98</a>.)</li> |
|
75 |
+<li>Encrypt identity keys on disk, and implement passphrase protection |
|
76 |
+for them. Right now they're just stored in plaintext.</li> |
|
77 |
+ |
|
60 | 78 |
<li>Implement reverse DNS (already specified)</li> |
61 |
-<li>Implement a FirewalledIPs config option that works like FirewallPorts.</li> |
|
62 | 79 |
<li>Make configure.in handle cross-compilation</li> |
63 | 80 |
<li>Have NULL_REP_IS_ZERO_BYTES default to 1.</li> |
64 | 81 |
<li>Make with-ssl-dir disable search for ssl.</li> |
65 | 82 |
<li>Implement preservation of reputation through reboots for clients and dirservers. </li> |
66 | 83 |
<li>Add in support egd or other non-OS-integrated strong entropy sources.</li> |
67 |
-<li>Implement password protection for on-disk identity key</li> |
|
68 | 84 |
<li>Implement a way to get autoconf to install things into ~/.tor.</li> |
69 | 85 |
<li>Change server descriptors to declare log level.</li> |
70 | 86 |
<li>Add in support for clients to avoid servers that are too loggy based upon user configuration of acceptable log level.</li> |
... | ... |
@@ -84,24 +100,21 @@ |
84 | 100 |
</ul> |
85 | 101 |
<li>Buffer size pool: allocate a maximum size for all buffers, not a maximum size for each buffer. So we don't have to give up as quickly (and kill the thickpipe!) when there's congestion.</li> |
86 | 102 |
<li>Add alternative versions of crypto.c and tortls.c to use libnss or libgcrypt+gnutls.</li> |
87 |
-<li>Implement a way to stop falling back to forbidden ports when FascistFirewall blocks all good dirservers, if there is already a good, cached directory locally.</li> |
|
88 | 103 |
<li>Extend our NSIS-based windows installer to include FreeCap and/or Privoxy.</li> |
89 | 104 |
<li>Develop a way to handle OS X installation and uninstallation.</li> |
90 | 105 |
<li>Develop a GUI or other controller program, to do configuration, etc. See our <a href="/cvs/tor/doc/control-spec.txt">control specification</a> for details, and the rudimentary demonstration <a href="/cvs/tor/contrib/TorControl.py">Python control script</a>. </li> |
91 | 106 |
<ul> |
92 | 107 |
<li>Design an interface for the control program. You can use any license you want, but we'd recommend 3-clause BSD or maybe GPL; and we can only help out if your license conforms to the <a href="http://www.debian.org/social_contract.html#guidelines">DFSG</a>.</li> |
93 |
-<li>Periodically people running servers tells us they want to have one |
|
108 |
+<li>Periodically people running servers tell us they want to have one |
|
94 | 109 |
BandwidthRate during some part of the day, and a different |
95 | 110 |
BandwidthRate at other parts of the day. Rather than coding this |
96 | 111 |
inside Tor, we should have a little script that speaks via the Tor |
97 | 112 |
Controller Interface, and does a setconf to change the bandwidth |
98 | 113 |
rate. Perhaps it would run out of cron, or perhaps it would sleep |
99 | 114 |
until appropriate times and then do its tweak (that's probably more |
100 |
- portable). Can somebody write one for us and we'll put it inside |
|
115 |
+ portable). Can somebody write one for us and we'll put it into |
|
101 | 116 |
<a href="/cvs/tor/contrib/">tor/contrib/</a>?</li> |
102 | 117 |
</ul> |
103 |
-<li>Develop a way to become a Windows NT service. </li> |
|
104 |
-<li>Develop a systray app for Tor under MS Windows (all versions). </li> |
|
105 | 118 |
<li>Integrate a good (portable, fast, clean, BSD-free) asynchronous DNS library so we don't have to keep forking DNS worker threads to do gethostbyname.</li> |
106 | 119 |
</ul> |
107 | 120 |
|
108 | 121 |