OpenSSH summer of code 2009

Summer of Code projects

OpenSSH hopes to participate in Google's 2009 Summer of Code. This page lists suggested projects for applicants. These projects are based on real user or developer needs and all have the opportunity to make OpenSSH a better product.

If you are interested in, or have questions about any of these projects, please contact the nominated developer.

Why contribute to OpenSSH?

OpenSSH is the most popular SSH implementation by a wide margin, the effective reference implementation of the SSH protocol and a critical tool depended upon by millions of users daily. If you care about your work being useful and making a positive difference, then OpenSSH is a good choice.

We are also a well established software project (10 years old in September) with high aesthetic and quality standards for new code. This will provide a rewarding learning experience for someone new to free software development. Students looking for academic projects should be aware that a number of high quality papers have been written about various aspects of OpenSSH's implementation.

Contributor requirements

Contributors must be fluent in the C programming language, the standard Unix development toolchain and the Bourne shell. All code contributions must adhere to the OpenBSD style guide. The OpenSSH product itself is a C application, but the regression tests are mostly written in sh(1).

Source code is managed using CVS and bugs are tracked using Bugzilla. Familiarity with these tools is desirable, but not absolutely required. Final code submissions must compile without warnings and function properly on OpenBSD and Linux (at least).

After the initial application, selection and project startup, contributors will be asked to communicate on the public mailing lists and bugtracker. Contributors should expect debate and criticism of their proposals and implementation, but they can also expect this debate to be constructive.

Finally, contributors are not on their own - their mentors and the OpenSSH mailing list community are good sources of advice, ideas and wisdom.

Available projects

Project Complexity Contact

Renovate sftp(1) low-medium djm

Improve testing infrastructure medium djm

Performance improvements medium djm

Something else... djm

Project	Complexity	Contact
Renovate sftp(1)	low-medium	djm
Improve testing infrastructure	medium	djm
Performance improvements	medium	djm
Something else...		djm

Renovate sftp

Complexity: low-medium
Contact: Damien Miller <djm@openssh.com>

sftp(1) is, at present, primarily an interactive program with a relatively weak commandline interface. It lacks essential features that are present in scp(1), especially support for recursive operations.

This project would seek to make sftp(1) a drop-in replacement for commands that use scp(1) by implementing a compatible commandline syntax. This would require implementation of recursive uploads/downloads, as these are essential features supported by scp(1). The new features will need documentation (manual pages) and regression tests.

Further projects might include:

Final bugfixing and integration of the tab-completion patch for interactive mode
Implementation of inter-file pipelined transfers. Currently sftp will pipeline uploads and downloads but requires a pipeline flush and server round- trip for each new file. This causes a slowdown when transferring many small files.
An implementation of an rsync-like operation in sftp.
Automatic tuning of pipeline settings based on network conditions.

Improved testing infrastructure

Complexity: medium
Contact: Damien Miller <djm@openssh.com>

OpenSSH currently has a set of regression and interoperability tests, but these are by no means rigourous. They do not achieve 100% coverage of the available configuration and command-line options, let alone code coverage. There is no support for protocol-level testing, especially fuzzing.

The goal of this project would be to improve testing by

Improving test coverage of options (commandline and configuration file)
Establishing measurement of code coverage
Developing a means to perform protocol-level testing, and using it to implement basic fuzz tests.
Development of protocol-level feature and RFC-compliance tests.

Performance improvements

Complexity: medium
Contact: Damien Miller <djm@openssh.com>

There are three aspects of ssh(1)/sshd(8) performance that are particularly interesting: CPU usage, memory usage and network performance. Some attention has been given to CPU and network performance, but more work could be done.

This project would examine and make quantifiable improvements to one or more of these performance aspects. A necessary precursor to this work will be development the some performance measurement standards and tools that will be used to assess the outcome.

This is probably the most open-ended of the suggested projects.

Something else...

Contact: Damien Miller <djm@openssh.com>

We are open to new ideas and opportunities to improve OpenSSH, so feel free to suggest something. If you would like some inspiration, you might also want to look at the portable OpenSSH bugtracker, as many enhancement requests are listed there.

djm@openssh.com
$OpenBSD: gsoc.html,v 1.5 2009/03/25 22:44:11 djm Exp $