summaryrefslogtreecommitdiffstats
path: root/doc/TODO
blob: a35a6a41057a6bbcd7a02e0c674a6c5273b20d9c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
 - Probably no point in a version number in the daemon name
   (s/dbus-daemon-1/dbus-daemon/)
  
 - How we will handle DCOP needs sorting out. Among other things, we
   need to check that service and service-ownership semantics map to DCOP 
   reasonably well.

 - Activation needs some careful additional thinking-through.

 - Property list feature on message bus (list of properties associated 
   with a connection). May also include message matching rules 
   that involve the properties of the source or destination
   connection.

 - Automatic service activation, should probably be done through a message flag.

 - Disconnecting the remote end on invalid UTF-8 is probably not a good 
   idea. The definitiion of "valid" is slightly fuzzy. I think it might 
   be better to just silently "fix" the UTF-8, or perhaps return an error.

   Owen says we should only validate the UTF-8 on dbus_message_get_string()
   (changing get_string to have an error return, and allowing a type error 
   as a possible return)

 - The convenience functions in dbus-bus.h should perhaps have
   the signatures that they would have if they were autogenerated
   stubs. e.g. the acquire service function. We should also evaluate 
   which of these functions to include, in light of the fact that 
   GLib/Qt native stubs will probably also exist.

 - assorted _-prefixed symbols in libdbus aren't actually used by
   libdbus, only by the message bus. These bloat up the library
   size. Not sure how to fix, really.

 - build and install the Doxygen manual in Makefile when --enable-docs

 - if you send the same message to multiple connections, the serial number 
   will only be right for one of them. Probably need to just write() the serial 
   number, rather than putting it in the DBusMessage, or something.

 - perhaps the bus driver should have properties that reflect attributes
   of the session, such as hostname, architecture, operating system, 
   etc. Could be useful for code that wants to special-case behavior 
   for a particular host or class of hosts, for example.

 - currently the security policy stuff for messages to/from 
   the bus driver is kind of strange; basically it's hardcoded that 
   you can always talk to the driver, but the default config file 
   has rules for it anyway, or something. it's conceptually 
   screwy at the moment.

 - when making a method call, if the call serial were globally unique,
   we could forward the call serial along with any method calls made
   as a result of the first method call, and allow reentrancy that was
   strictly part of the call stack of said method call. But I don't
   really see how to do this without making the user pass around the
   call serial to all method calls all the time, or disallowing 
   async calls.

 - the invalid messages in the test suite are all useless because 
   they are invalid for the wrong reasons due to protocol changes.
   (Consider extending test suite to validate that they are 
   invalid for right reason, e.g. an "INVALID_ERROR Foo" line 
   in the message files)

 - I don't want to introduce DBusObject, but refcounting and object
   data could still be factored out into an internal "base class" 
   perhaps.

 - modify the auth protocol to also support other initial-handshake
   type of information such as protocol version

 - document the auth protocol as a set of states and transitions, and
   then reimplement it in those terms

 - dbus_gproxy or dbus_g_proxy?

 - add dbus_message_has_path(), maybe has_member/interface

 - re_align_field_recurse() in dbus-message.c is broken because it 
   crashes on some types of header field values. security problem.

 - modify the wire protocol to keep the args signature separate 
   from the args themselves. Make the name of TYPE_CUSTOM part 
   of the type signature, rather than part of the value.
   Then you have the full typecheck in a single string.
   See http://freedesktop.org/pipermail/dbus/2004-June/001169.html

 - dbus_message_iter_init_array_iterator has "iter" and "iterator" 
   in the same function name

 - the GLib bindings varargs take DBUS_TYPE_WHATEVER and 
   return stuff allocated with dbus_malloc(); should this 
   be made more "G" at some expense in code duplication?
   You also still have to use some D-BUS functions such as 
   dbus_message_get_args() which takes a DBusError. 
   Probably we need to either fully encapsulate and hide 
   dbus/dbus.h, or encapsulate it slightly less e.g. no 
   GError. Or maybe it's as simple as "never return dbus_malloc() 
   memory" and just fully encapsulate the get_args() type of 
   stuff.

 - need to define bus behavior if you send a message to 
   yourself; is it an error, or allowed? If allowed, 
   we need to have a test for it in the test suite.

 - array lengths should probably be returned as size_t rather than int
   (though they are kind of a pita to pass in as size_t with the 
    varargs, so maybe not - what does glib do with g_object_get()?)

 - recursive dispatch, see dbus_connection_dispatch()

 - Perhaps the auth protocol should be able to negotiate a protocol 
   version to the least-common-denominator between client and server?
   Though in practice ever using this feature would be pretty tough, 
   since protocol probably modifies the API. But we could have it there
   as a safety net.

 - STRING_OR_NIL is wrong, doesn't work in C++ etc. ; should not have done that.
   Use empty string or special string values or separate functions/signals 
   or whatever instead.

 - For recursive types, one approach is that "structs" are done as parens, 
   so e.g. s(ii) is a string and struct { int; int; } etc. Type codes
   then all have to be done as strings not single ints.
   We could also put the type signature for the message body in a header field.
   An "any" type has the type string included in the value.

 - do we need per-display activation; if so I'd like to do this by setting a
   "display ID" property on screen 0, with a GUID, and keying activation by 
   said GUID. Otherwise you get all kinds of unrobust
   string/hostname-based mess. per-screen is then done by appending screen number
   to the display. If displays have a deterministic ID like this, you can 
   do per-display by simply including GUID in the service name.