mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-20 10:12:15 +01:00
r11767@Kushana: nickm | 2006-12-29 22:36:22 -0500
remove more completed items from the TODO. svn:r9221
This commit is contained in:
Nick Mathewson
parent
46092f8163
commit
a8f463749f
89
doc/TODO
89
doc/TODO
@ -28,9 +28,6 @@ Items for 0.1.2.x, real soon now:
|
||||
N - Test guard unreachable logic; make sure that we actually attempt to
|
||||
connect to guards that we think are unreachable from time to time.
|
||||
Make sure that we don't freak out when the network is down.
|
||||
o Stop recommending exits as guards?
|
||||
look at the overall fraction of exits in the network. if the
|
||||
fraction is too small, none of them get to be guards.
|
||||
|
||||
R - Reconstruct ChangeLog; put rolled-up info in ReleaseNotes or something.
|
||||
|
||||
@ -46,29 +43,13 @@ R - and implement the rest
|
||||
|
||||
. Have (and document) a BEGIN_DIR relay cell that means "Connect to your
|
||||
directory port."
|
||||
o Specify
|
||||
o Implement
|
||||
o Use for something, so we can be sure it works.
|
||||
o Test and debug
|
||||
R - turn the received socks addr:port into a digest for setting .exit
|
||||
- be able to connect without having a server descriptor, to bootstrap.
|
||||
R - handle connect-dir streams that don't have a chosen_exit_name set.
|
||||
o include ORPort in DirServers lines so we can know where to connect.
|
||||
list the orport as 0 if it can't handle begin_dir.
|
||||
o List versions in status page
|
||||
o A new line in the status entry. "Tor 0.1.2.2-alpha". If it's
|
||||
a version, treat it like one. If it's something else, assume
|
||||
it's at least 0.1.2.x.
|
||||
D maybe we could have it be a new 'v' line in the status, with
|
||||
key=value syntax. so we could have a 'tor' version, but we
|
||||
could also have a 'conn' version, a 'dir' version, etc down
|
||||
the road. and one day maybe the 'tor' key would be deprecated.
|
||||
o Give the right answer for X-Your-Address-Is on tunneled directory
|
||||
connections.
|
||||
|
||||
o Document .noconnect addresses...
|
||||
A new file 'address-spec.txt' that describes .exit, .onion,
|
||||
.noconnect, etc?
|
||||
- List orports of actual dirservers..
|
||||
|
||||
- Servers are easy to setup and run: being a relay is about as easy as
|
||||
being a client.
|
||||
@ -88,46 +69,12 @@ R . option to dl directory info via tor
|
||||
handle BEGIN_DIR.
|
||||
|
||||
N - DNS improvements
|
||||
o Don't ask reject *:* nodes for DNS unless client wants you to.
|
||||
. Asynchronous DNS
|
||||
- Make evdns use windows strerror equivalents.
|
||||
- Make sure patches get into libevent.
|
||||
- Verify that it works well on windows
|
||||
o Make reverse DNS work.
|
||||
o Add client-side interface
|
||||
o SOCKS interface: specify
|
||||
o SOCKS interface: implement
|
||||
o Cache answers client-side
|
||||
o Add to Tor-resolve.py
|
||||
o Add to tor-resolve
|
||||
D Be a DNS proxy.
|
||||
o Check for invalid characters in hostnames before trying to resolve
|
||||
them. (This will help catch attempts do to mean things to our DNS
|
||||
server, and bad software that tries to do DNS lookups on whole URLs.)
|
||||
o address_is_invalid_destination() is the right thing to call here
|
||||
(and feel free to make that function smarter)
|
||||
o add a config option to turn it off.
|
||||
o and a man page for that option
|
||||
o Bug 364: notice when all the DNS requests we get back (including a few
|
||||
well-known sites) are all going to the same place.
|
||||
o Bug 363: Warn and die if we can't find a nameserver and we're running a
|
||||
server; don't fall back to 127.0.0.1.
|
||||
o Re-check dns when we change IP addresses, rather than every 12 hours
|
||||
o Bug 326: Give fewer error messages from nameservers.
|
||||
o Only warn when _all_ nameservers are down; otherwise info.
|
||||
D Increase timeout; what's industry standard?
|
||||
D Alternatively, raise timeout when nameserver dies but comes back
|
||||
quickly?
|
||||
o Don't believe that our sole nameserver is dead? or, not until more
|
||||
failures than it would take to think one of several nameservers was
|
||||
dead?
|
||||
X Possibly, don't warn until second retry of a nameserver gets no
|
||||
answer?
|
||||
X warn if all of your nameservers go down and stay down for like
|
||||
5 minutes.
|
||||
R o Take out the '5 second' timeout from the socks detach schedule.
|
||||
- Debug and re-enable server-side reverse DNS caching
|
||||
|
||||
- Performance improvements
|
||||
|
||||
- Critical but minor bugs, backport candidates.
|
||||
- support dir 503s better
|
||||
@ -136,22 +83,11 @@ R o Take out the '5 second' timeout from the socks detach schedule.
|
||||
D But eventually, we give up after getting a lot of 503s.
|
||||
N - Delay when we get a lot of 503s, rather than punting onto the
|
||||
servers that have given us 503s?
|
||||
o split "router is down" from "dirport shouldn't be tried for a while"?
|
||||
We want a field to hold "when did we last get a 503 from this
|
||||
directory server." Probably, it should go in local_routerstatus_t,
|
||||
not in routerinfo_t, since we can try to use servers as directories
|
||||
before we have their descriptors. Possibly, it should also go in
|
||||
trusted_dir_server_t.
|
||||
o Add a last_dir_503_at field.
|
||||
o Have it get updated correctly.
|
||||
o Prefer to use directories that haven't given us a 503 for the last
|
||||
60 minutes.
|
||||
- authorities should *never* 503 a cache, and should never 503
|
||||
network status requests. They can 503 client descriptor requests
|
||||
when they feel like it.
|
||||
- update dir-spec with what we decided for each of these
|
||||
|
||||
|
||||
o Have a mode that doesn't write to disk much, so we can run Tor on
|
||||
flash memory (e.g. Linksys routers or USB keys).
|
||||
o Add AvoidDiskWrites config option.
|
||||
@ -163,6 +99,10 @@ N - Delay when we get a lot of 503s, rather than punting onto the
|
||||
|
||||
NR. Write path-spec.txt
|
||||
|
||||
- Polishing
|
||||
- Profile client and server; fix slow spots
|
||||
- Address XXX012 items
|
||||
|
||||
- Packaging
|
||||
- Tell people about OSX Uninstaller
|
||||
- Quietly document NT Service options
|
||||
@ -173,8 +113,6 @@ NR D Get some kind of "meta signing key" to be used solely to sign
|
||||
key, etc.
|
||||
- If we haven't replaced privoxy, lock down its configuration in all
|
||||
packages, as documented in tor-doc-unix.html
|
||||
o script to look at config.c, torrc.sample, tor.1.in, to tell us
|
||||
what's missing in which and notice which descriptions are missing.
|
||||
|
||||
- Docs
|
||||
- More prominently, we should have a recommended apps list.
|
||||
@ -196,8 +134,6 @@ R - "bandwidth classes", for incoming vs initiated-here conns,
|
||||
- separate config options for read vs write limiting
|
||||
|
||||
- Forward compatibility fixes
|
||||
o Stop requiring "opt" to ignore options in descriptors, networkstatuses,
|
||||
and so on.
|
||||
- Caches should start trying to cache consensus docs?
|
||||
- Start uploading short and long descriptors; authorities should support
|
||||
URLs to retrieve long descriptors, and should discard short descriptors
|
||||
@ -215,13 +151,6 @@ Topics to think about during 0.1.2.x development:
|
||||
- Design next-version protocol for directories
|
||||
- Design next-version protocol for connections
|
||||
|
||||
For blocking-resistance scheme:
|
||||
o allow ordinary-looking ssl for dir connections. need a new dirport
|
||||
for this, or can we handle both ssl and non-ssl, or should we
|
||||
entirely switch to ssl in certain cases?
|
||||
D need to figure out how to fetch status of a few servers from the BDA
|
||||
without fetching all statuses. A new URL to fetch I presume?
|
||||
|
||||
Deferred from 0.1.2.x:
|
||||
P - Figure out why dll's compiled in mingw don't work right in WinXP.
|
||||
P - Figure out why openssl 0.9.8d "make test" fails at sha256t test.
|
||||
@ -296,8 +225,6 @@ P - Figure out why openssl 0.9.8d "make test" fails at sha256t test.
|
||||
- a way to pick entry guards based wholly on extend_info equivalent;
|
||||
a way to export extend_info equivalent.
|
||||
|
||||
o Count TLS bandwidth more accurately
|
||||
|
||||
- Better estimates in the directory of whether servers have good uptime
|
||||
(high expected time to failure) or good guard qualities (high
|
||||
fractional uptime).
|
||||
@ -337,11 +264,8 @@ R - add d64 and fp64 along-side d and fp so people can paste status
|
||||
- add a "default.action" file to the tor/vidalia bundle so we can fix the
|
||||
https thing in the default configuration:
|
||||
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#PrivoxyWeirdSSLPort
|
||||
o even if your torrc lists yourself in your myfamily line, don't list it in
|
||||
the descriptor.
|
||||
. Flesh out options_description array in src/or/config.c
|
||||
- Don't let 'newnym' be triggered more often than every n seconds.
|
||||
o change log_fn() to log() on notice/warn/err logs where we can.
|
||||
X If we try to publish as a nickname that's already claimed, should
|
||||
we append a number (or increment the number) and try again? This
|
||||
way people who read their logs can fix it as before, but people
|
||||
@ -356,7 +280,6 @@ R - add d64 and fp64 along-side d and fp so people can paste status
|
||||
- Rate limit exit connections to a given destination -- this helps
|
||||
us play nice with websites when Tor users want to crawl them; it
|
||||
also introduces DoS opportunities.
|
||||
o The bw_accounting file should get merged into the state file.
|
||||
- Streamline how we pick entry nodes: Make choose_random_entry() have
|
||||
less magic and less control logic.
|
||||
- Christian Grothoff's attack of infinite-length circuit.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user