1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
- How we will handle DCOP needs sorting out. Among other things, we
need to check that service and service-ownership semantics map to DCOP
reasonably well.
- Activation needs some careful additional thinking-through.
- Property list feature on message bus (list of properties associated
with a connection). May also include message matching rules
that involve the properties of the source or destination
connection.
- Automatic service activation, should probably be done through a message flag.
- Disconnecting the remote end on invalid UTF-8 is probably not a good
idea. The definitiion of "valid" is slightly fuzzy. I think it might
be better to just silently "fix" the UTF-8, or perhaps return an error.
Owen says we should only validate the UTF-8 on dbus_message_get_string()
(changing get_string to have an error return, and allowing a type error
as a possible return)
- The convenience functions in dbus-bus.h should perhaps have
the signatures that they would have if they were autogenerated
stubs. e.g. the acquire service function. We should also evaluate
which of these functions to include, in light of the fact that
GLib/Qt native stubs will probably also exist.
- assorted _-prefixed symbols in libdbus aren't actually used by
libdbus, only by the message bus. These bloat up the library
size. Not sure how to fix, really.
- build and install the Doxygen manual in Makefile when --enable-docs
- if you send the same message to multiple connections, the serial number
will only be right for one of them. Probably need to just write() the serial
number, rather than putting it in the DBusMessage, or something.
- perhaps the bus driver should have properties that reflect attributes
of the session, such as hostname, architecture, operating system,
etc. Could be useful for code that wants to special-case behavior
for a particular host or class of hosts, for example.
- currently the security policy stuff for messages to/from
the bus driver is kind of strange; basically it's hardcoded that
you can always talk to the driver, but the default config file
has rules for it anyway, or something. it's conceptually
screwy at the moment.
- <limit> elements are not merged in from included configuration
files; they have to be in the toplevel file. when loading
a child file, we could just init its DBusLimits from the parent,
then after parsing copy its DBusLimits back to the parent
- when making a method call, if the call serial were globally unique,
we could forward the call serial along with any method calls made
as a result of the first method call, and allow reentrancy that was
strictly part of the call stack of said method call. But I don't
really see how to do this without making the user pass around the
call serial to all method calls all the time, or disallowing
async calls.
- the invalid messages in the test suite are all useless because
they are invalid for the wrong reasons due to protocol changes.
(Consider extending test suite to validate that they are
invalid for right reason, e.g. an "INVALID_ERROR Foo" line
in the message files)
- I don't want to introduce DBusObject, but refcounting and object
data could still be factored out into an internal "base class"
perhaps.
- modify the auth protocol to also support other initial-handshake
type of information
- document the auth protocol as a set of states and transitions, and
then reimplement it in those terms
- dbus_gproxy or dbus_g_proxy?
- add dbus_message_has_path(), maybe has_member/interface
- re_align_field_recurse() in dbus-message.c is broken because it
crashes on some types of header field values. security problem.
- the system daemon has to be able to reload changes to the
security policy without restarting, because apps won't
be coded to handle it restarting
- modify the wire protocol to keep the args signature separate
from the args themselves. Make the name of TYPE_CUSTOM part
of the type signature, rather than part of the value.
Then you have the full typecheck in a single string.
- dbus_message_iter_init_array_iterator has "iter" and "iterator"
in the same function name
- the GLib bindings varargs take DBUS_TYPE_WHATEVER and
return stuff allocated with dbus_malloc(); should this
be made more "G" at some expense in code duplication?
You also still have to use some D-BUS functions such as
dbus_message_get_args() which takes a DBusError.
Probably we need to either fully encapsulate and hide
dbus/dbus.h, or encapsulate it slightly less e.g. no
GError.
- need to define bus behavior if you send a message to
yourself; is it an error, or allowed? If allowed,
we need to have a test for it in the test suite.
- the max_replies_per_connection resource limit isn't implemented
- array lengths should probably be returned as size_t rather than int
(though they are kind of a pita to pass in as size_t with the
varargs, so maybe not - what does glib do with g_object_get()?)
- the varargs dbus_message_get_args() needs to support OBJECT_PATH
and OBJECT_PATH_ARRAY
- recursive dispatch, see dbus_connection_dispatch()
- the auth protocol may as well use hex encoding instead of
base64, then we can dump the base64 implementation and
save some bloat.
|