diff --git a/client/gui_rpc_server.cpp b/client/gui_rpc_server.cpp index fe9204f846..f6befd2da5 100644 --- a/client/gui_rpc_server.cpp +++ b/client/gui_rpc_server.cpp @@ -112,7 +112,10 @@ bool GUI_RPC_CONN_SET::recent_rpc_needs_network(double interval) { return false; } -int GUI_RPC_CONN_SET::get_password() { +// read the GUI RPC password from gui_rpc_auth.cfg; +// create one if missing. +// +void GUI_RPC_CONN_SET::get_password() { int retval; strcpy(password, ""); @@ -122,55 +125,56 @@ int GUI_RPC_CONN_SET::get_password() { strip_whitespace(password); } fclose(f); - if (strlen(password) == 0) { - msg_printf(NULL, MSG_USER_ALERT, - "gui_rpc_auth.cfg is empty; disabling remote access" + if (!strlen(password)) { + msg_printf(NULL, MSG_INFO, + "gui_rpc_auth.cfg is empty - no GUI RPC password protection" ); - return ERR_BAD_PASSWD; } - } else { - // if no password file, make a random password - // - retval = make_random_string(password); - if (retval) { - if (config.os_random_only) { - msg_printf( - NULL, MSG_INTERNAL_ERROR, - "OS random string generation failed, exiting" - ); - exit(1); - } - gstate.host_info.make_random_string("guirpc", password); - } - f = fopen(GUI_RPC_PASSWD_FILE, "w"); - if (!f) { - msg_printf(NULL, MSG_USER_ALERT, - "Can't open gui_rpc_auth.cfg; disabling remote access" - ); - return ERR_BAD_PASSWD; - } - retval = fputs(password, f); - fclose(f); - if (retval == EOF) { - msg_printf(NULL, MSG_USER_ALERT, - "Can't write gui_rpc_auth.cfg; disabling remote access" - ); - return ERR_BAD_PASSWD; - } -#ifndef _WIN32 - // if someone can read the password, - // they can cause code to execute as this user. - // So better protect it. - // - if (g_use_sandbox) { - // Allow group access so authorized administrator can modify it - chmod(GUI_RPC_PASSWD_FILE, S_IRUSR|S_IWUSR | S_IRGRP | S_IWGRP); - } else { - chmod(GUI_RPC_PASSWD_FILE, S_IRUSR|S_IWUSR); - } -#endif + return; } - return 0; + + // if no password file, make a random password + // + retval = make_random_string(password); + if (retval) { + if (config.os_random_only) { + msg_printf( + NULL, MSG_INTERNAL_ERROR, + "OS random string generation failed, exiting" + ); + exit(1); + } + gstate.host_info.make_random_string("guirpc", password); + } + + // try to write it to the file. + // if fail, just return + // + f = fopen(GUI_RPC_PASSWD_FILE, "w"); + if (!f) { + msg_printf(NULL, MSG_USER_ALERT, + "Can't open gui_rpc_auth.cfg - fix permissions" + ); + } + retval = fputs(password, f); + fclose(f); + if (retval == EOF) { + msg_printf(NULL, MSG_USER_ALERT, + "Can't write gui_rpc_auth.cfg - fix permissions" + ); + } +#ifndef _WIN32 + // if someone can read the password, + // they can cause code to execute as this user. + // So better protect it. + // + if (g_use_sandbox) { + // Allow group access so authorized administrator can modify it + chmod(GUI_RPC_PASSWD_FILE, S_IRUSR|S_IWUSR | S_IRGRP | S_IWGRP); + } else { + chmod(GUI_RPC_PASSWD_FILE, S_IRUSR|S_IWUSR); + } +#endif } int GUI_RPC_CONN_SET::get_allowed_hosts() { @@ -221,17 +225,20 @@ int GUI_RPC_CONN_SET::insert(GUI_RPC_CONN* p) { // If the client runs at boot time, // it may be a while (~10 sec) before the DNS system is working. -// If this returns an error, it will get called once a second -// for up to 30 seconds. +// If this returns an error, +// it will get called once a second for up to 30 seconds. // On the last call, "last_time" is set; print error messages then. // int GUI_RPC_CONN_SET::init(bool last_time) { sockaddr_in addr; int retval; + bool first = true; - retval = get_password(); - if (retval) return retval; - get_allowed_hosts(); + if (first) { + get_password(); + get_allowed_hosts(); + first = false; + } retval = boinc_socket(lsock); if (retval) { @@ -375,7 +382,6 @@ void GUI_RPC_CONN_SET::got_select(FDSET_GROUP& fg) { int sock, retval; vector::iterator iter; GUI_RPC_CONN* gr; - bool is_local = false; if (lsock < 0) return; @@ -405,24 +411,25 @@ void GUI_RPC_CONN_SET::got_select(FDSET_GROUP& fg) { fcntl(sock, F_SETFD, FD_CLOEXEC); #endif - bool allowed; + bool host_allowed; // accept the connection if: // 1) allow_remote_gui_rpc is set or // 2) client host is included in "remote_hosts" file or // 3) client is on localhost // - if (is_localhost(addr)) { - allowed = true; - is_local = true; + if (config.allow_remote_gui_rpc) { + host_allowed = true; + } else if (is_localhost(addr)) { + host_allowed = true; } else { // reread host file because IP addresses might have changed // get_allowed_hosts(); - allowed = check_allowed_list(addr); + host_allowed = check_allowed_list(addr); } - if (!(config.allow_remote_gui_rpc) && !(allowed)) { + if (!host_allowed) { show_connect_error(addr); boinc_close_socket(sock); } else { @@ -430,7 +437,7 @@ void GUI_RPC_CONN_SET::got_select(FDSET_GROUP& fg) { if (strlen(password)) { gr->auth_needed = true; } - gr->is_local = is_local; + gr->is_local = is_localhost(addr); if (log_flags.gui_rpc_debug) { msg_printf(0, MSG_INFO, "[gui_rpc] got new GUI RPC connection" diff --git a/client/gui_rpc_server.h b/client/gui_rpc_server.h index defb48e3fb..f76d0b70b4 100644 --- a/client/gui_rpc_server.h +++ b/client/gui_rpc_server.h @@ -89,14 +89,14 @@ public: }; // authentication for GUI RPCs: -// 1) if a IPaddr-list file is found, accept only from those addrs +// 1) if a host-list file is found, accept only from those hosts // 2) if a password file file is found, ALSO demand password auth class GUI_RPC_CONN_SET { std::vector gui_rpcs; std::vector allowed_remote_ip_addresses; int get_allowed_hosts(); - int get_password(); + void get_password(); int insert(GUI_RPC_CONN*); bool check_allowed_list(sockaddr_storage& ip_addr); bool remote_hosts_file_exists; diff --git a/doc/projects.inc b/doc/projects.inc index 88f8c0c8a7..b1e1d533c6 100644 --- a/doc/projects.inc +++ b/doc/projects.inc @@ -57,6 +57,14 @@ $cogsci = array( $biomed = array( tra("Biology and Medicine"), array( + array( + "RNA World", + "http://www.rnaworld.de/rnaworld/", + "Rechenkraft.net e.V.", + "Molecular biology", + "RNA World seeks to identify, analyze, structurally predict and design RNA molecules on the basis of established bioinformatics software.", + "rna4.png" + ), array( "FightMalaria@Home", "http://boinc.ucd.ie/fmah/", diff --git a/lib/prefs.cpp b/lib/prefs.cpp index 694cf9057b..4fe01b6aa4 100644 --- a/lib/prefs.cpp +++ b/lib/prefs.cpp @@ -46,88 +46,86 @@ void GLOBAL_PREFS_MASK::clear() { } void GLOBAL_PREFS_MASK::set_all() { - run_on_batteries = true; - run_if_user_active = true; - run_gpu_if_user_active = true; - idle_time_to_run = true; - suspend_if_no_recent_input = true; - suspend_cpu_usage = 0; - start_hour = true; - end_hour = true; - net_start_hour = true; - net_end_hour = true; - leave_apps_in_memory = true; confirm_before_connecting = true; - hangup_if_dialed = true; - dont_verify_images = true; - work_buf_min_days = true; - work_buf_additional_days = true; - max_ncpus_pct = true; - max_ncpus= true; cpu_scheduling_period_minutes = true; + cpu_usage_limit = true; + daily_xfer_limit_mb = true; + daily_xfer_period_days = true; disk_interval = true; disk_max_used_gb = true; disk_max_used_pct = true; disk_min_free_gb = true; - vm_max_used_frac = true; + dont_verify_images = true; + end_hour = true; + hangup_if_dialed = true; + idle_time_to_run = true; + leave_apps_in_memory = true; + max_bytes_sec_down = true; + max_bytes_sec_up = true; + max_ncpus= true; + max_ncpus_pct = true; + net_end_hour = true; + net_start_hour = true; + network_wifi_only = true; ram_max_used_busy_frac = true; ram_max_used_idle_frac = true; - idle_time_to_run = true; - max_bytes_sec_up = true; - max_bytes_sec_down = true; - cpu_usage_limit = true; - daily_xfer_limit_mb = true; - daily_xfer_period_days = true; - network_wifi_only = true; + run_gpu_if_user_active = true; + run_if_user_active = true; + run_on_batteries = true; + start_hour = true; + suspend_cpu_usage = 0; + suspend_if_no_recent_input = true; + vm_max_used_frac = true; + work_buf_additional_days = true; + work_buf_min_days = true; } bool GLOBAL_PREFS_MASK::are_prefs_set() { - if (run_on_batteries) return true; - if (run_if_user_active) return true; - if (run_gpu_if_user_active) return true; - if (idle_time_to_run) return true; - if (suspend_if_no_recent_input) return true; - if (suspend_cpu_usage) return true; - if (start_hour) return true; - if (end_hour) return true; - if (net_start_hour) return true; - if (net_end_hour) return true; - if (leave_apps_in_memory) return true; if (confirm_before_connecting) return true; - if (hangup_if_dialed) return true; - if (dont_verify_images) return true; - if (work_buf_min_days) return true; - if (work_buf_additional_days) return true; - if (max_ncpus_pct) return true; - if (max_ncpus) return true; if (cpu_scheduling_period_minutes) return true; + if (cpu_usage_limit) return true; + if (daily_xfer_limit_mb) return true; + if (daily_xfer_period_days) return true; if (disk_interval) return true; if (disk_max_used_gb) return true; if (disk_max_used_pct) return true; if (disk_min_free_gb) return true; - if (vm_max_used_frac) return true; + if (dont_verify_images) return true; + if (end_hour) return true; + if (hangup_if_dialed) return true; + if (idle_time_to_run) return true; + if (leave_apps_in_memory) return true; + if (max_bytes_sec_down) return true; + if (max_bytes_sec_up) return true; + if (max_ncpus) return true; + if (max_ncpus_pct) return true; + if (net_start_hour) return true; + if (network_wifi_only) return true; + if (net_end_hour) return true; if (ram_max_used_busy_frac) return true; if (ram_max_used_idle_frac) return true; - if (idle_time_to_run) return true; - if (max_bytes_sec_up) return true; - if (max_bytes_sec_down) return true; - if (cpu_usage_limit) return true; - if (daily_xfer_limit_mb) return true; - if (daily_xfer_period_days) return true; - if (network_wifi_only) return true; + if (run_gpu_if_user_active) return true; + if (run_if_user_active) return true; + if (run_on_batteries) return true; + if (start_hour) return true; + if (suspend_if_no_recent_input) return true; + if (suspend_cpu_usage) return true; + if (vm_max_used_frac) return true; + if (work_buf_additional_days) return true; + if (work_buf_min_days) return true; return false; } bool GLOBAL_PREFS_MASK::are_simple_prefs_set() { - if (start_hour) return true; if (end_hour) return true; + if (cpu_usage_limit) return true; + if (disk_max_used_gb) return true; + if (idle_time_to_run) return true; if (net_start_hour) return true; if (net_end_hour) return true; - if (disk_max_used_gb) return true; - if (cpu_usage_limit) return true; if (run_on_batteries) return true; if (run_if_user_active) return true; - if (idle_time_to_run) return true; + if (start_hour) return true; return false; } @@ -207,36 +205,38 @@ void WEEK_PREFS::unset(int day) { // so that the client can do the RPC and get the global prefs from the server // void GLOBAL_PREFS::defaults() { - run_on_batteries = true; - run_if_user_active = true; - run_gpu_if_user_active = false; - idle_time_to_run = 3; - suspend_if_no_recent_input = 0; - suspend_cpu_usage = 25; - cpu_times.clear(); - net_times.clear(); - leave_apps_in_memory = false; confirm_before_connecting = true; - hangup_if_dialed = false; - dont_verify_images = false; - work_buf_min_days = 0.1; - work_buf_additional_days = 0.5; - max_ncpus_pct = 0; - max_ncpus = 0; cpu_scheduling_period_minutes = 60; + cpu_times.clear(); + cpu_usage_limit = 100; + daily_xfer_limit_mb = 0; + daily_xfer_period_days = 0; disk_interval = 60; disk_max_used_gb = 1000; disk_max_used_pct = 90; disk_min_free_gb = 0.1; - vm_max_used_frac = 0.75; + dont_verify_images = false; + end_hour = 0; + hangup_if_dialed = false; + idle_time_to_run = 3; + leave_apps_in_memory = false; + max_bytes_sec_down = 0; + max_bytes_sec_up = 0; + max_ncpus = 0; + max_ncpus_pct = 0; + net_times.clear(); + network_wifi_only = false; ram_max_used_busy_frac = 0.5; ram_max_used_idle_frac = 0.9; - max_bytes_sec_up = 0; - max_bytes_sec_down = 0; - cpu_usage_limit = 100; - daily_xfer_limit_mb = 0; - daily_xfer_period_days = 0; - network_wifi_only = false; + run_gpu_if_user_active = false; + run_if_user_active = true; + run_on_batteries = true; + start_hour = 0; + suspend_cpu_usage = 25; + suspend_if_no_recent_input = 0; + vm_max_used_frac = 0.75; + work_buf_additional_days = 0.5; + work_buf_min_days = 0.1; // don't initialize source_project, source_scheduler, // mod_time, host_specific here