| Background |
| ========== |
| |
| - Priority scale: High, Medium and Low |
| |
| - Complexity scale: C1, C2, C4 and C8. The complexity scale is exponential, |
| with complexity 1 being the lowest complexity. Complexity is a function |
| of both task 'complexity' and task 'scope'. |
| |
| The general rule of thumb is that a complexity 1 task should take 1-2 weeks |
| for a person very familiar with the codebase. Higher complexity tasks |
| require more time and have higher uncertainty. |
| |
| Higher complexity tasks should be refined into several lower complexity tasks |
| once the task is better understood. |
| |
| |
| DBus API |
| ======== |
| |
| - Add APIs that would allow an application to listen to a particular signal or |
| set of signals. The set of signals can be specified by using signal filtering |
| mechanisms specified in the DBus specification. Whenever a given signal |
| matches one of the filters, the relevant callback function should be called. |
| |
| For DBus classic this implies managing a set of appropriate filters with the |
| DBus daemon as specified in the DBus specification. |
| |
| Priority: Medium |
| Complexity: C4 |
| |
| - Add builder APIs for appending fixed-size array data. Currently arrays are |
| built one element at a time which can get pretty expensive for large arrays. |
| A function that appends multiple fixed elements at once to the gvariant and |
| dbus1 builders is needed. |
| |
| Priority: Medium |
| Complexity: C4 |
| |
| |
| Kernel Crypto |
| ============= |
| |
| - Add support for getsockname (getname) in the Linux kernel for sockets of |
| type AF_ALG. Currently this is not implemented and the kernel returns |
| EOPNOTSUPP. |
| |
| Priority: Low |
| Complexity: C2 |
| |
| |
| TLS Support |
| =========== |
| |
| - Implement tls_cert_find_certchain |
| |
| When the server sends its certificate, it should be sending the full |
| certificate chain, where each certificate directly verifies the preceding one |
| in the list. The root CA certificate can be optionally omitted. |
| |
| Since we are given a server certificate and a location with all CA |
| certificates we need to find a cert chain path to satisfy the above |
| condition. The location can either be a directory (e.g. /etc/ssl/certs), |
| or a PEM file with all CA certificates concatenated inside. |
| |
| Alternatively, we can assume that the user would be providing a certchain |
| file with the entire server certchain in some file format (e.g. PEM) which |
| contains all the required certificates concatenated into a single file. |
| |
| The client certificate might require similar handling. |
| |
| Priority: Medium |
| Complexity: C2 |
| |
| - Implement tls_cert_verify_certchain |
| |
| Implement certificate chain verification. |
| |
| Priority: High |
| Complexity: C2 |
| |
| |
| Big endian support |
| ================== |
| |
| - Fix big endian support for D-Bus message handling. Following test cases |
| fail at the moment: |
| |
| TEST: Basic 1 (parse) |
| /bin/bash: line 5: 28857 Segmentation fault ${dir}$tst |
| FAIL: unit/test-dbus-message |
| |
| TEST: Iter Test Basic 'is' |
| test-gvariant-util: unit/test-gvariant-util.c:288: test_iter_basic_2: Assertion `i == 5' failed. |
| /bin/bash: line 5: 28868 Aborted ${dir}$tst |
| FAIL: unit/test-gvariant-util |
| |
| TEST: Basic 1 (parse) |
| ell/util.c:67:l_malloc(): failed to allocate 2030043152 bytes |
| /bin/bash: line 5: 28873 Aborted ${dir}$tst |
| FAIL: unit/test-gvariant-message |
| |
| Priority: Medium |
| Complexity: C2 |