-
Notifications
You must be signed in to change notification settings - Fork 16
/
TODO
137 lines (90 loc) · 5.06 KB
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
--- Feature Requests ----
+ Replace numerix with Big_int
+ Fix primary-UID detection
+ Allow for time-based dump of keys
+ Bind to specific IP address (low priority)
--- Bug Reports ----
+ "sks db" seems to take too long to shut down. Is it really checkpointing?
+ From Bjoern Burger. SKS appears to fail on multiprocessor systems.
+ From Ryan Lackey. Compile bug on FreeBSD
--- Highest Priority ----
+ Unify commands to reduce the number of executables generated
+ Fix build (and verify that fastbuild is fixed) so that it doesn't barf out
entirely if a deeply bogus key is found in the stream.
+ Fix partial
+ Allow for partial progress: if some elements are recovered, and then
there's a timeout, add those elements in.
+ if reconcilaition seems to always time-out, perhaps start reconciliation at
some sub-tree instead of trying to do everything at once.
+ Do a review of all <try...with> clauses to ensure that important exceptions
are let through. In particular, Sys.Break should always be let through,
and Eventloop.SigAlarm should be passed through (or handled specially) by
every function that could be called in a callback.
+ Add hash and fingerprint lines to verbose index, if selected
+ Change searches so that search strings are broken up into words using same
word-breaking algorithm. Optionally, you might want to check if actual
string appears as a whole. So typing "[email protected]" would pull up all keys
with "eva", "kde" and "org", and the optional part would be to check that
some UID actually contains the st ring "[email protected]" in its entirety.
--- Lower Priority ----
+ review logging functions to set debug logging level sensibly
+ Ensure idempotence of all DB functions called by reconserver
- including deletion and insertion of keys
+ add revocation-first sorting when multiple certificates are present
+ Add periodic tester of invariants -- in particular to check that the inmem
count remains correct.
+ Add node-from-key hashtbl. Then, provide a node lookup mechanism that
first tries the hashtable and then tries the database, without ever loading
a node into the tree structure.
+ change error-handling code so that RunRecovery errors are handled
differently: namely, logged and then re-raised so the application exits, or
perhaps simply exiting the program immediatly.
+ Add syslog logging as an option. (still want file logging for verbose logs
needed for testing, and maybe for execption logging.)
+ enable limited retry-on-failure for gossip. That way, a few bum nodes
won't slow the system down.
-----------Not Going To Do (probably) --------------------
+ implement no-modify tag (turns out this requires cryptography, which I
would like to avoid for now, at least.)
-----------DONE--------------------
+ Modify eventloop to ensure fairness of sockets versus other events.
+ Disable both incoming and outgoing gossip until fetching of keys is complete.
+ Basic testing of key merging
+ Cut off reconciliation if difference appears too large, and require manual
intervention for huge updates in any case. (I think this is taken care of
by keeping the node threshold at some multiple of mbar.)
+ matching on upper-and-lowercase hex-strings
+ fix index output to be compatible with GPG (and other?) automatic indexing
(DONE. Needs testing.)
+ Currently hash requests will be sent to any host specified by gossip
partner. They should only be sent to the gossip partner host itself.
+ Add timeouts for ALL rpc calls. Currently only HTTP times out, and that
only on the server side. Lame.
+ Add mail interface for interfacing with other servers
+ increase initial timeout period. If host doesn't respond with config data
with 30 seconds, give up immediatly.
+ Update build and fastbuild to canonicalize all elements (and discard
non-canonicalized elements), as well as to mark the key with the
yminsky.dedup filter, as appropriate.
+ Update clean_keydb to apply canonicalize to all elements. Also add
metadata to database that includes the version of SKS, and so that
automatic updating of the database can be demanded.
+ Make sure that keys are canonicalized on ALL input paths.
+ modify "give-up" threshold so it doesn't depend on real depth of partition
tree. Make it configurable.
+ change timeouts on reconciliation so that if config does not come back
immediatly, you time out, and otherwise the timeout is lengthened
considerably.
+ improve error message for contact from unknown host. (now seems to raise
Not_found)
+ Make initiator of reconciliation act as server. That way, the one who
makes the requests also has to work harder.
+ Find source of occasional segfault on interrupt of sks_db
+ matching on long keyids and (maybe) fingerprints
+ fix fetch-by-word to allow for larger upper limit on indvidiual word and
shorter limit on number of keys actually returned. Turns out returning
keys is more expensive than lookups by a whole lot.
+ post-reconciliation key fetches seem to fail on occasion for no clear
reason. Fix.
+ add option for displaying notation packet
+ display revocation keys