4 - How we will handle DCOP needs sorting out. Among other things, we
5 need to check that service and service-ownership semantics map to DCOP
8 - Activation needs some careful additional thinking-through.
10 - Audit @todo and FIXME for security issues
12 - The convenience functions in dbus-bus.h should perhaps have
13 the signatures that they would have if they were autogenerated
14 stubs. e.g. the acquire service function. We should also evaluate
15 which of these functions to include, in light of the fact that
16 GLib/Qt native stubs will probably also exist.
18 - the invalid messages in the test suite are all useless because
19 they are invalid for the wrong reasons due to protocol changes.
20 (Consider extending test suite to validate that they are
21 invalid for right reason, e.g. an "INVALID_ERROR Foo" line
24 - modify the auth protocol to also support other initial-handshake
27 Perhaps the auth protocol should be able to negotiate a protocol
28 version to the least-common-denominator between client and server?
29 Though in practice ever using this feature would be pretty tough,
30 since protocol probably modifies the API. But we could have it there
33 - re_align_field_recurse() in dbus-message.c is broken because it
34 crashes on some types of header field values. security problem.
36 - modify the wire protocol to keep the args signature separate
37 from the args themselves. Make the name of TYPE_CUSTOM part
38 of the type signature, rather than part of the value.
39 Then you have the full typecheck in a single string.
40 See http://freedesktop.org/pipermail/dbus/2004-June/001169.html
42 Subnote: STRING_OR_NIL is wrong, doesn't work in C++ etc. ; should
43 not have done that. Use empty string or special string values or separate functions/signals
46 Subnote: For recursive types, one approach is that "structs" are done as parens,
47 so e.g. s(ii) is a string and struct { int; int; } etc. Type codes
48 then all have to be done as strings not single ints.
49 We could also put the type signature for the message body in a
51 An "any" type has the type string included in the value.
53 - need to define bus behavior if you send a message to
54 yourself; is it an error, or allowed? If allowed,
55 we need to have a test for it in the test suite.
57 - array lengths should probably be returned as size_t rather than int
58 (though they are kind of a pita to pass in as size_t with the
59 varargs, so maybe not - what does glib do with g_object_get()?)
61 Important for 1.0 GLib Bindings
64 - finish dbus-glib-tool support for adding introspection
65 data to GObject and autoexporting GObject using same
67 - the GLib bindings varargs take DBUS_TYPE_WHATEVER and
68 return stuff allocated with dbus_malloc(); should this
69 be made more "G" at some expense in code duplication?
70 You also still have to use some D-BUS functions such as
71 dbus_message_get_args() which takes a DBusError.
72 Probably we need to either fully encapsulate and hide
73 dbus/dbus.h, or encapsulate it slightly less e.g. no
74 GError. Or maybe it's as simple as "never return dbus_malloc()
75 memory" and just fully encapsulate the get_args() type of
78 - dbus_gproxy_connect_signal() has to take a signature for the signal
79 so it can figure out how to invoke the callback, or we have to rely
80 on having introspection data.
85 - Probably no point in a version number in the daemon name
86 (s/dbus-daemon-1/dbus-daemon/)
88 - add dbus_message_has_path(), maybe has_member/interface
90 - dbus_message_iter_init_array_iterator has "iter" and "iterator"
91 in the same function name
93 - connection_open/connection_disconnect lacks symmetry, open/close
99 - Property list feature on message bus (list of properties associated
100 with a connection). May also include message matching rules
101 that involve the properties of the source or destination
104 - Disconnecting the remote end on invalid UTF-8 is probably not a good
105 idea. The definition of "valid" is slightly fuzzy. I think it might
106 be better to just silently "fix" the UTF-8, or perhaps return an error.
108 Owen says we should only validate the UTF-8 on dbus_message_get_string()
109 (changing get_string to have an error return, and allowing a type error
110 as a possible return)
112 - assorted _-prefixed symbols in libdbus aren't actually used by
113 libdbus, only by the message bus. These bloat up the library
114 size. Not sure how to fix, really.
116 - build and install the Doxygen manual in Makefile when --enable-docs
118 - if you send the same message to multiple connections, the serial number
119 will only be right for one of them. Probably need to just write() the serial
120 number, rather than putting it in the DBusMessage, or something.
122 - perhaps the bus driver should have properties that reflect attributes
123 of the session, such as hostname, architecture, operating system,
124 etc. Could be useful for code that wants to special-case behavior
125 for a particular host or class of hosts, for example.
127 - currently the security policy stuff for messages to/from
128 the bus driver is kind of strange; basically it's hardcoded that
129 you can always talk to the driver, but the default config file
130 has rules for it anyway, or something. it's conceptually
131 screwy at the moment.
133 - when making a method call, if the call serial were globally unique,
134 we could forward the call serial along with any method calls made
135 as a result of the first method call, and allow reentrancy that was
136 strictly part of the call stack of said method call. But I don't
137 really see how to do this without making the user pass around the
138 call serial to all method calls all the time, or disallowing
141 If done post 1.0 will probably be an optional/ugly-API type
144 - I don't want to introduce DBusObject, but refcounting and object
145 data could still be factored out into an internal "base class"
148 - document the auth protocol as a set of states and transitions, and
149 then reimplement it in those terms
151 - recursive dispatch, see dbus_connection_dispatch()
153 - do we need per-display activation; if so I'd like to do this by setting a
154 "display ID" property on screen 0, with a GUID, and keying activation by
155 said GUID. Otherwise you get all kinds of unrobust
156 string/hostname-based mess. per-screen is then done by appending screen number
157 to the display. If displays have a deterministic ID like this, you can
158 do per-display by simply including GUID in the service name.
160 - optimization and profiling!