- client: get BOINCView to work again;

allow one auth failure before closing connection.

svn path=/trunk/boinc/; revision=15942

checkin_notes

@@ -7076,3 +7076,11 @@ Rom    26 Aug 2008
         libcudart64.so
     sea/
         Makefile.am
+
+David  26 Aug 2008
+	- client: get BOINCView to work again;
+		allow one auth failure before closing connection.
+
+	client/
+		gui_rpc_server.C,h
+		gui_rpc_server_ops.C

client/gui_rpc_server.C

@@ -66,6 +66,7 @@ GUI_RPC_CONN::GUI_RPC_CONN(int s):
     au_mgr_state = AU_MGR_INIT;
     got_auth1 = false;
     got_auth2 = false;
+    sent_unauthorized = false;
 }
 
 GUI_RPC_CONN::~GUI_RPC_CONN() {
@@ -395,6 +396,11 @@ void GUI_RPC_CONN_SET::got_select(FDSET_GROUP& fg) {
                 gr->auth_needed = true;
             }
             gr->is_local = is_local;
+            if (log_flags.guirpc_debug) {
+                msg_printf(0, MSG_INFO,
+                    "[guirpc_debug] got new GUI RPC connection"
+                );
+            }
             insert(gr);
         }
     }

client/gui_rpc_server.h

@@ -44,6 +44,9 @@ public:
     bool got_auth2;
         // keep track of whether we've got the 2 authentication msgs;
         // don't accept more than one of each (to prevent DoS)
+    bool sent_unauthorized;
+        // we've send one <unauthorized>.
+        // On next auth failure, disconnect
     bool is_local;
         // connection is from local host
     int au_ss_state;

client/gui_rpc_server_ops.C

@@ -1011,18 +1011,31 @@ int GUI_RPC_CONN::handle_rpc() {
         );
     }
 
+    // Policy:
+    // - the first auth failure gets an error message; after that, disconnect
+    // - if we get an unexpected auth1 or auth2, disconnect
+
     mf.printf("<boinc_gui_rpc_reply>\n");
     if (match_tag(request_msg, "<auth1")) {
-        if (got_auth1 && auth_needed) return ERR_AUTHENTICATOR;
-        handle_auth1(mf);
-        got_auth1 = true;
+        if (got_auth1 && auth_needed) {
+            retval = ERR_AUTHENTICATOR;
+        } else {
+            handle_auth1(mf);
+            got_auth1 = true;
+        }
     } else if (match_tag(request_msg, "<auth2")) {
-        if (!got_auth1 || got_auth2 && auth_needed) return ERR_AUTHENTICATOR;
-        retval = handle_auth2(request_msg, mf);
-        got_auth2 = true;
+        if ((!got_auth1 || got_auth2) && auth_needed) {
+            retval = ERR_AUTHENTICATOR;
+        } else {
+            retval = handle_auth2(request_msg, mf);
+            got_auth2 = true;
+        }
     } else if (auth_needed && !is_local) {
         auth_failure(mf);
-        retval = ERR_AUTHENTICATOR;
+        if (sent_unauthorized) {
+            retval = ERR_AUTHENTICATOR;
+        }
+        sent_unauthorized = true;
 
     // operations that require authentication only for non-local clients start here.
     // Use this only for information that should be available to people
@@ -1064,7 +1077,10 @@ int GUI_RPC_CONN::handle_rpc() {
 
     } else if (auth_needed) {
         auth_failure(mf);
-        retval = ERR_AUTHENTICATOR;
+        if (sent_unauthorized) {
+            retval = ERR_AUTHENTICATOR;
+        }
+        sent_unauthorized = true;
     } else if (match_tag(request_msg, "<project_nomorework")) {
          handle_project_op(request_msg, mf, "nomorework");
      } else if (match_tag(request_msg, "<project_allowmorework")) {
@@ -1172,7 +1188,7 @@ int GUI_RPC_CONN::handle_rpc() {
         // AUTHENTICATION AND NETWORK REQUIREMENTS FIRST
 
         } else {
-            mf.printf("<error>unrecognized op</error>\n");
+            mf.printf("<error>unrecognized op: %s</error>\n", request_msg);
             gstate.gui_rpcs.time_of_last_rpc_needing_network = saved_time;
         }
     }