From: Havoc Pennington Date: Sat, 29 Jan 2005 04:21:32 +0000 (+0000) Subject: 2005-01-28 Havoc Pennington X-Git-Tag: dbus-0.23.1~30 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=602c4b05c4d1c7c83a459b7d0164cc14eebdfcb4;p=thirdparty%2Fdbus.git 2005-01-28 Havoc Pennington * doc/TODO, doc/dbus-specification.xml: spec and TODO tweaks related to authentication protocol --- diff --git a/ChangeLog b/ChangeLog index e124b90ef..23d1f4265 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2005-01-28 Havoc Pennington + + * doc/TODO, doc/dbus-specification.xml: spec and TODO tweaks + related to authentication protocol + 2005-01-28 John (J5) Palmieri * python/dbus_bindings.pyx.in: Updated to handle new D-BUS type system diff --git a/doc/TODO b/doc/TODO index 631b77194..d4ca427ad 100644 --- a/doc/TODO +++ b/doc/TODO @@ -23,15 +23,6 @@ Important for 1.0 that generates messages, more like the tests for dbus-marshal-recursive.c - - modify the auth protocol to also support other initial-handshake - type of information: - - Perhaps the auth protocol should be able to negotiate a protocol - version to the least-common-denominator between client and server? - Though in practice ever using this feature would be pretty tough, - since protocol probably modifies the API. But we could have it there - as a safety net. - - need to define bus behavior if you send a message to yourself; is it an error, or allowed? If allowed, we need to have a test for it in the test suite. @@ -45,6 +36,13 @@ Important for 1.0 - the spec and implementation should probably require dict keys to be basic types + - in dbus-keyring.c, enforce that the keyring dir is not + world readable/writable + + - the "server addresses" section of the spec is busted; need to + support escaping in the addresses, be sure multiple addresses + in one env variable work, etc. + Important for 1.0 GLib Bindings === diff --git a/doc/dbus-specification.xml b/doc/dbus-specification.xml index 732f95b0c..6e34be27e 100644 --- a/doc/dbus-specification.xml +++ b/doc/dbus-specification.xml @@ -1394,6 +1394,14 @@ should try something other than whatever caused the error; if only canceling/rejecting the authentication. + + If the D-BUS protocol changes incompatibly at some future time, + applications implementing the new protocol would probably be able to + check for support of the new protocol by sending a new command and + receiving an ERROR from applications that don't understand it. Thus the + ERROR feature of the auth protocol is an escape hatch that lets us + negotiate extensions or changes to the D-BUS protocol in the future. + Authentication examples @@ -1930,7 +1938,7 @@ nonzero length, and may not contain the characters slash ("/"), backslash ("\"), space (" "), newline ("\n"), carriage return ("\r"), tab ("\t"), or period ("."). There is a default context, - "org_freedesktop_global" that's used by servers that do not specify + "org_freedesktop_general" that's used by servers that do not specify otherwise. @@ -1958,13 +1966,15 @@ - The cookie itself, a hex-encoded random block of bytes. + The cookie itself, a hex-encoded random block of bytes. The cookie + may be of any length, though obviously security increases + as the length increases. - Only server processes modify the cookie file. + Only server processes modify the cookie file. They must do so with this procedure: