4 - Audit @todo and FIXME for security issues
6 - The convenience functions in dbus-bus.h should perhaps have
7 the signatures that they would have if they were autogenerated
8 stubs. e.g. the acquire service function. We should also evaluate
9 which of these functions to include, in light of the fact that
10 GLib/Qt native stubs will probably also exist.
12 - the "break loader" and valid/invalid message tests are all disabled;
13 they need to be fixed and re-enabled with the new message args stuff.
14 I think I want to drop the .message files thing and just have code
15 that generates messages, more like the tests for
16 dbus-marshal-recursive.c (this is mostly done now, just needs some
19 - need to define bus behavior if you send a message to
20 yourself; is it an error, or allowed? If allowed,
21 we need to have a test for it in the test suite.
23 - validate dict entry number of fields
25 - just before 1.0, try a HAVE_INT64=0 build and be sure it runs
27 - in dbus-keyring.c, enforce that the keyring dir is not
28 world readable/writable
32 - fix introspection format to handle all signatures
34 - make the mutex/condvar functions private
36 - dbus-pending-call.c has some API and thread safety issues to review
38 - make dbus_connection_open() return a shared connection from a pool.
39 Add dbus_connection_open_private() that works like the current one.
40 To do this, each DBusServer could have a 128-bit GUID. This GUID
41 would be in the address from dbus_server_get_address(). On
42 connection to a server, the GUID would be provided as the first
43 thing in the auth protocol, and verified vs. the expected GUID if a
44 GUID was in the address used to connect. A hash from GUID to
45 connection would be kept, so attempts to connect to a GUID already
46 in the hash would return a shared existing connection.
48 The purpose of all this is to allow a dbus_g_proxy_to_string() that
49 would convert the proxy to an "IOR" and dbus_g_proxy_from_string()
50 that would decode; using these, dbus-glib users could avoid
51 DBusConnection entirely. Of course the same applies to other kinds
54 Important for 1.0 GLib Bindings
57 - finish dbus-glib-tool support for adding introspection
58 data to GObject and autoexporting GObject using same
60 - Need to make sure that dbus-glib.h never returns any
61 dbus_malloc() memory, only g_malloc().
62 dbus_g_proxy_end_call() is the major offender.
64 - DBusGProxy doesn't emit "destroy" when it should
69 - add dbus_message_has_path(), maybe has_member/interface
71 - connection_open/connection_disconnect lacks symmetry, open/close
74 - protocol version in each message is pretty silly
79 - change .service files to allow Names=list in addition to Name=string
81 - The message bus internal code still says "service" for
82 "name", "base service" for "unique name", "activate" for
83 "start"; would be nice to clean up.
85 - Property list feature on message bus (list of properties associated
86 with a connection). May also include message matching rules
87 that involve the properties of the source or destination
90 - Disconnecting the remote end on invalid UTF-8 is probably not a good
91 idea. The definition of "valid" is slightly fuzzy. I think it might
92 be better to just silently "fix" the UTF-8, or perhaps return an error.
94 - build and install the Doxygen manual in Makefile when --enable-docs
96 - if you send the same message to multiple connections, the serial number
97 will only be right for one of them. Probably need to just write() the serial
98 number, rather than putting it in the DBusMessage, or something.
100 - perhaps the bus driver should have properties that reflect attributes
101 of the session, such as hostname, architecture, operating system,
102 etc. Could be useful for code that wants to special-case behavior
103 for a particular host or class of hosts, for example.
105 - currently the security policy stuff for messages to/from
106 the bus driver is kind of strange; basically it's hardcoded that
107 you can always talk to the driver, but the default config file
108 has rules for it anyway, or something. it's conceptually
109 screwy at the moment.
111 - when making a method call, if the call serial were globally unique,
112 we could forward the call serial along with any method calls made
113 as a result of the first method call, and allow reentrancy that was
114 strictly part of the call stack of said method call. But I don't
115 really see how to do this without making the user pass around the
116 call serial to all method calls all the time, or disallowing
119 If done post 1.0 will probably be an optional/ugly-API type
122 - I don't want to introduce DBusObject, but refcounting and object
123 data could still be factored out into an internal "base class"
126 - document the auth protocol as a set of states and transitions, and
127 then reimplement it in those terms
129 - recursive dispatch, see dbus_connection_dispatch()
131 - do we need per-display activation; if so I'd like to do this by setting a
132 "display ID" property on screen 0, with a GUID, and keying activation by
133 said GUID. Otherwise you get all kinds of unrobust
134 string/hostname-based mess. per-screen is then done by appending screen number
135 to the display. If displays have a deterministic ID like this, you can
136 do per-display by simply including GUID in the service name.
138 - optimization and profiling!