+2005-01-28 Havoc Pennington <hp@redhat.com>
+
+ * doc/TODO, doc/dbus-specification.xml: spec and TODO tweaks
+ related to authentication protocol
+
2005-01-28 John (J5) Palmieri <johnp@redhat.com>
* python/dbus_bindings.pyx.in: Updated to handle new D-BUS type system
that generates messages, more like the tests for
dbus-marshal-recursive.c
- - modify the auth protocol to also support other initial-handshake
- type of information:
-
- Perhaps the auth protocol should be able to negotiate a protocol
- version to the least-common-denominator between client and server?
- Though in practice ever using this feature would be pretty tough,
- since protocol probably modifies the API. But we could have it there
- as a safety net.
-
- need to define bus behavior if you send a message to
yourself; is it an error, or allowed? If allowed,
we need to have a test for it in the test suite.
- the spec and implementation should probably require dict keys
to be basic types
+ - in dbus-keyring.c, enforce that the keyring dir is not
+ world readable/writable
+
+ - the "server addresses" section of the spec is busted; need to
+ support escaping in the addresses, be sure multiple addresses
+ in one env variable work, etc.
+
Important for 1.0 GLib Bindings
===
should try something other than whatever caused the error;
if only canceling/rejecting the authentication.
</para>
+ <para>
+ If the D-BUS protocol changes incompatibly at some future time,
+ applications implementing the new protocol would probably be able to
+ check for support of the new protocol by sending a new command and
+ receiving an ERROR from applications that don't understand it. Thus the
+ ERROR feature of the auth protocol is an escape hatch that lets us
+ negotiate extensions or changes to the D-BUS protocol in the future.
+ </para>
</sect2>
<sect2 id="auth-examples">
<title>Authentication examples</title>
nonzero length, and may not contain the characters slash ("/"),
backslash ("\"), space (" "), newline ("\n"), carriage return ("\r"),
tab ("\t"), or period ("."). There is a default context,
- "org_freedesktop_global" that's used by servers that do not specify
+ "org_freedesktop_general" that's used by servers that do not specify
otherwise.
</para>
<para>
</listitem>
<listitem>
<para>
- The cookie itself, a hex-encoded random block of bytes.
+ The cookie itself, a hex-encoded random block of bytes. The cookie
+ may be of any length, though obviously security increases
+ as the length increases.
</para>
</listitem>
</itemizedlist>
</para>
<para>
- Only server processes modify the cookie file.
+ Only server processes modify the cookie file.
They must do so with this procedure:
<itemizedlist>
<listitem>