4 - Audit @todo and FIXME for security issues
6 - The convenience functions in dbus-bus.h should perhaps have
7 the signatures that they would have if they were autogenerated
8 stubs. e.g. the acquire service function. We should also evaluate
9 which of these functions to include, in light of the fact that
10 GLib/Qt native stubs will probably also exist.
12 - the "break loader" and valid/invalid message tests are all disabled;
13 they need to be fixed and re-enabled with the new message args stuff.
14 I think I want to drop the .message files thing and just have code
15 that generates messages, more like the tests for
16 dbus-marshal-recursive.c (this is mostly done now, just needs some
19 - need to define bus behavior if you send a message to
20 yourself; is it an error, or allowed? If allowed,
21 we need to have a test for it in the test suite.
23 - validate dict entry number of fields
25 - just before 1.0, try a HAVE_INT64=0 build and be sure it runs
27 - in dbus-keyring.c, enforce that the keyring dir is not
28 world readable/writable
32 - fix introspection format to handle all signatures
34 - make the mutex/condvar functions private
36 - dbus-pending-call.c has some API and thread safety issues to review
38 - make dbus_connection_open() return a shared connection from a pool.
39 Add dbus_connection_open_private() that works like the current one.
40 To do this, each DBusServer could have a 128-bit GUID. This GUID
41 would be in the address from dbus_server_get_address(). On
42 connection to a server, the GUID would be provided as the first
43 thing in the auth protocol, and verified vs. the expected GUID if a
44 GUID was in the address used to connect. A hash from GUID to
45 connection would be kept, so attempts to connect to a GUID already
46 in the hash would return a shared existing connection.
48 The purpose of all this is to allow a dbus_g_proxy_to_string() that
49 would convert the proxy to an "IOR" and dbus_g_proxy_from_string()
50 that would decode; using these, dbus-glib users could avoid
51 DBusConnection entirely. Of course the same applies to other kinds
54 Important for 1.0 GLib Bindings
57 - finish dbus-glib-tool support for adding introspection
58 data to GObject and autoexporting GObject using same
60 - Need to make sure that dbus-glib.h never returns any
61 dbus_malloc() memory, only g_malloc().
62 dbus_g_proxy_end_call() is the major offender.
64 - DBusGProxy doesn't emit "destroy" when it should
69 - add dbus_message_has_path(), maybe has_member/interface
71 - connection_open/connection_disconnect lacks symmetry, open/close
74 - protocol version in each message is pretty silly
79 - DBusWatchList/TimeoutList duplicate a lot of code, as do
80 protected_change_watch/protected_change_timeout in dbus-connection.c
81 and dbus-server.c. This could all be mopped up, cut-and-paste
82 fixed, code size reduced.
84 - change .service files to allow Names=list in addition to Name=string
86 - The message bus internal code still says "service" for
87 "name", "base service" for "unique name", "activate" for
88 "start"; would be nice to clean up.
90 - Property list feature on message bus (list of properties associated
91 with a connection). May also include message matching rules
92 that involve the properties of the source or destination
95 - Disconnecting the remote end on invalid UTF-8 is probably not a good
96 idea. The definition of "valid" is slightly fuzzy. I think it might
97 be better to just silently "fix" the UTF-8, or perhaps return an error.
99 - build and install the Doxygen manual in Makefile when --enable-docs
101 - if you send the same message to multiple connections, the serial number
102 will only be right for one of them. Probably need to just write() the serial
103 number, rather than putting it in the DBusMessage, or something.
105 - perhaps the bus driver should have properties that reflect attributes
106 of the session, such as hostname, architecture, operating system,
107 etc. Could be useful for code that wants to special-case behavior
108 for a particular host or class of hosts, for example.
110 - currently the security policy stuff for messages to/from
111 the bus driver is kind of strange; basically it's hardcoded that
112 you can always talk to the driver, but the default config file
113 has rules for it anyway, or something. it's conceptually
114 screwy at the moment.
116 - when making a method call, if the call serial were globally unique,
117 we could forward the call serial along with any method calls made
118 as a result of the first method call, and allow reentrancy that was
119 strictly part of the call stack of said method call. But I don't
120 really see how to do this without making the user pass around the
121 call serial to all method calls all the time, or disallowing
124 If done post 1.0 will probably be an optional/ugly-API type
127 - I don't want to introduce DBusObject, but refcounting and object
128 data could still be factored out into an internal "base class"
131 - document the auth protocol as a set of states and transitions, and
132 then reimplement it in those terms
134 - recursive dispatch, see dbus_connection_dispatch()
136 - do we need per-display activation; if so I'd like to do this by setting a
137 "display ID" property on screen 0, with a GUID, and keying activation by
138 said GUID. Otherwise you get all kinds of unrobust
139 string/hostname-based mess. per-screen is then done by appending screen number
140 to the display. If displays have a deterministic ID like this, you can
141 do per-display by simply including GUID in the service name.
143 - optimization and profiling!