-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathTodo.txt
150 lines (112 loc) · 4.42 KB
/
Todo.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
testclient
trigger ack & register errors
on register, submit credentials to authentication service
PostNotify synchronization
SetFlag request, with postnotify param
ack error if already set
set sender postnotify flag, record last queued item
dropped link clears flag
ack when last item delivered
client defers postnotify until SetFlag ack
PostNotify request
ack error if flag unset
check for flag on .notefor list members
if found, ack error and clear flag; client retries after variable timeout
complete request, clear flag
userdb
group option to allow anyone to post (enables helpdesk use case)
testing: call Temp*() when op is presumed to succeed
node labels
groupalias: if crash after putrecord, retry won't send orig alias in update to group
testuserdb: fReport use aFuncName to print name when needed
move password generation to userdb
get & store random salt per-site
systemd script
tmtp
postnotify: current subscribers post a cc list confirming items where byuid is theirs
post & postnotify: infer some cc fields
post include from:alias; reflect in response.alias
group invite include aliases of current group members
re-send on missed ack may cause dup with unique msgid at receiver
request msgid from service prior to send?
bug: groupEdit join response missing newalias field
"login" messages include noderef and client IP address
newnode return number
add status "allowed", update on first login, provide status on login
"via" header on msgs to a group?
track node logins on ohi channel
include alias in from/for
register return service metadata
drop newalias from register op to avoid orphan alias
explore PAKE protocols e.g. https://tools.ietf.org/html/draft-irtf-cfrg-opaque-01
on open/close, posix_fadvise+dontneed for userdb records and queue dirs
clean
check o.*Head < 0 || o.*Len < o.*Head
spacing of +"/"+ and _,err
Planned & Possible Features
replace json lib with faster third-party one
common address book for accounts & groups accessible to all members
cabEdit request, cabUpdate response
discards pings from blocked address
allow converting alias to group?
decrypt For[].Id with sender's key; encrypt From with recipient's key
prioritize ack msgs as with ohi
tmtp recall-message for use by admin to mitigate malware
receive-only accounts which cannot ping or post
register field
assigned to site-specifc group
can ping designated aliases?
sebatical mode: deny or redirect post requests
resign option makes permanent
out-of-office mode: flagged in ack
server-to-server proxy
client proxy-request to local service
extra params: foreign service ref, <foreign uid, nodeid>
server register/login & post to foreign service
extra params: send-only; original-from; ping-proxy
foreign service queues msg to agent
relay ack to client
foreign service ping local service when msg queued
client proxy-request to receive msgs
config min-length of alias & group
flag to let admin break min-len policy for group
user mgmt policy config
disk quota
detect defunct nodes & users
after max quiet period, delete queue and require p2p resync
reminder notice to user to connect quiet nodes
for defunct user, return previously queued msgs to sender?
multiple services per instance
on post For: error, drop conn if datalen > limit
enable plugins to safety-check attachments
default plugin takes list of disallowed file types
service prefs for client
look: backgrounds, typefaces, etc
inbox ringtone
login period
service message size limit
per-user adjustable message size limit
let client skip/defer large messages
send first N bytes
if defer, client can download via separate connection
retried at next connect
limit number of pings per 24h period
let service charge for ping credits, on ping user.credits-=1
make client reauthenticate
on login from unknown IP addr; record last N IP addrs
on request from any client
for certain requests
after inactive period
safeguard against compromised mnm host
encrypt user database, require key to start mnm
validate from header before sending queued message
per-user blocked uids list in userdb
directly joinable groups
anonymous group posts omit "from" header
group moderator address (itself a group?)
distributes msg to moderators
keeps msg on server
on first moderator ack
msg forwards to group
may add sender to group
get-form request for ping/groupinvite