1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
|
Important for 1.0
===
- change .service files to have Names=list rather than Name=string
- How we will handle DCOP needs sorting out. Among other things, we
need to check that service and service-ownership semantics map to DCOP
reasonably well.
- Activation needs some careful additional thinking-through.
- Audit @todo and FIXME for security issues
- The convenience functions in dbus-bus.h should perhaps have
the signatures that they would have if they were autogenerated
stubs. e.g. the acquire service function. We should also evaluate
which of these functions to include, in light of the fact that
GLib/Qt native stubs will probably also exist.
- the "break loader" and valid/invalid message tests are all disabled;
they need to be fixed and re-enabled with the new message args stuff.
I think I want to drop the .message files thing and just have code
that generates messages, more like the tests for
dbus-marshal-recursive.c
- need to define bus behavior if you send a message to
yourself; is it an error, or allowed? If allowed,
we need to have a test for it in the test suite.
- add string array support back to append_args()
- validate dict entry number of fields
- just before 1.0, try a HAVE_INT64=0 build and be sure it runs
- the spec and implementation should probably require dict keys
to be basic types
- in dbus-keyring.c, enforce that the keyring dir is not
world readable/writable
- the "server addresses" section of the spec is busted; need to
support escaping in the addresses, be sure multiple addresses
in one env variable work, etc.
- Ping isn't handled
Important for 1.0 GLib Bindings
===
- finish dbus-glib-tool support for adding introspection
data to GObject and autoexporting GObject using same
- Need to make sure that dbus-glib.h never returns any
dbus_malloc() memory, only g_malloc().
dbus_g_proxy_end_call() is the major offender.
- dbus_gproxy_connect_signal() has to take a signature for the signal
so it can figure out how to invoke the callback, or we have to rely
on having introspection data.
- DBusGProxy doesn't emit "destroy" when it should
Might as Well for 1.0
===
- add dbus_message_has_path(), maybe has_member/interface
- connection_open/connection_disconnect lacks symmetry, open/close
or connect/disconnect
- protocol version in each message is pretty silly
Can Be Post 1.0
===
- The message bus internal code still says "service" for
"name", "base service" for "unique name", "activate" for
"start"; would be nice to clean up.
- Property list feature on message bus (list of properties associated
with a connection). May also include message matching rules
that involve the properties of the source or destination
connection.
- Disconnecting the remote end on invalid UTF-8 is probably not a good
idea. The definition of "valid" is slightly fuzzy. I think it might
be better to just silently "fix" the UTF-8, or perhaps return an error.
Owen says we should only validate the UTF-8 on dbus_message_get_string()
(changing get_string to have an error return, and allowing a type error
as a possible return)
- assorted _-prefixed symbols in libdbus aren't actually used by
libdbus, only by the message bus. These bloat up the library
size. Not sure how to fix, really.
- build and install the Doxygen manual in Makefile when --enable-docs
- if you send the same message to multiple connections, the serial number
will only be right for one of them. Probably need to just write() the serial
number, rather than putting it in the DBusMessage, or something.
- perhaps the bus driver should have properties that reflect attributes
of the session, such as hostname, architecture, operating system,
etc. Could be useful for code that wants to special-case behavior
for a particular host or class of hosts, for example.
- currently the security policy stuff for messages to/from
the bus driver is kind of strange; basically it's hardcoded that
you can always talk to the driver, but the default config file
has rules for it anyway, or something. it's conceptually
screwy at the moment.
- when making a method call, if the call serial were globally unique,
we could forward the call serial along with any method calls made
as a result of the first method call, and allow reentrancy that was
strictly part of the call stack of said method call. But I don't
really see how to do this without making the user pass around the
call serial to all method calls all the time, or disallowing
async calls.
If done post 1.0 will probably be an optional/ugly-API type
of thing.
- I don't want to introduce DBusObject, but refcounting and object
data could still be factored out into an internal "base class"
perhaps.
- document the auth protocol as a set of states and transitions, and
then reimplement it in those terms
- recursive dispatch, see dbus_connection_dispatch()
- do we need per-display activation; if so I'd like to do this by setting a
"display ID" property on screen 0, with a GUID, and keying activation by
said GUID. Otherwise you get all kinds of unrobust
string/hostname-based mess. per-screen is then done by appending screen number
to the display. If displays have a deterministic ID like this, you can
do per-display by simply including GUID in the service name.
- optimization and profiling!
|