need to be able to escape ';' and ',' in the key values, and the parsing needs to handle that.
if we get an error reply, it has to be converted into DBusError and returned
stdio.h shouldn't be included in this file, should write _dbus_string_append_printf instead
Should probably demarshal to a DBusString, having memcpy() in here is Evil(tm).
For array types that can't be invalid, we should not walk the whole array validating it. e.g. just skip all the int values in an int array.
we need to enforce a max length on strings in header fields.
We need to free the argument data when an error occurs.
memcmp is probably faster
avoid inserting the source into dest, then deleting the replaced chunk of dest (which creates a potentially large intermediate string). Instead, extend the replaced chunk of dest with padding to the same size as the source chunk, then copy in the source bytes.
DBusAuth really needs to be rewritten as an explicit state machine. Right now it's too hard to prove to yourself by inspection that it works.
right now sometimes both ends will block waiting for input from the other end, e.g. if there's an error during DBUS_COOKIE_SHA1.
the cookie keyring needs to be cached globally not just per-auth (which raises threadsafety issues too)
grep FIXME in dbus-auth.c
Need notification to apps of disconnection, may matter for some transports