diff --git a/checkin_notes b/checkin_notes index 7af29c35a6..96156aba65 100644 --- a/checkin_notes +++ b/checkin_notes @@ -7076,3 +7076,11 @@ Rom 26 Aug 2008 libcudart64.so sea/ Makefile.am + +David 26 Aug 2008 + - client: get BOINCView to work again; + allow one auth failure before closing connection. + + client/ + gui_rpc_server.C,h + gui_rpc_server_ops.C diff --git a/client/gui_rpc_server.C b/client/gui_rpc_server.C index 76f537c7aa..688c216d8c 100644 --- a/client/gui_rpc_server.C +++ b/client/gui_rpc_server.C @@ -66,6 +66,7 @@ GUI_RPC_CONN::GUI_RPC_CONN(int s): au_mgr_state = AU_MGR_INIT; got_auth1 = false; got_auth2 = false; + sent_unauthorized = false; } GUI_RPC_CONN::~GUI_RPC_CONN() { @@ -395,6 +396,11 @@ void GUI_RPC_CONN_SET::got_select(FDSET_GROUP& fg) { gr->auth_needed = true; } gr->is_local = is_local; + if (log_flags.guirpc_debug) { + msg_printf(0, MSG_INFO, + "[guirpc_debug] got new GUI RPC connection" + ); + } insert(gr); } } diff --git a/client/gui_rpc_server.h b/client/gui_rpc_server.h index e44b08fd56..ea63d70fad 100644 --- a/client/gui_rpc_server.h +++ b/client/gui_rpc_server.h @@ -44,6 +44,9 @@ public: bool got_auth2; // keep track of whether we've got the 2 authentication msgs; // don't accept more than one of each (to prevent DoS) + bool sent_unauthorized; + // we've send one . + // On next auth failure, disconnect bool is_local; // connection is from local host int au_ss_state; diff --git a/client/gui_rpc_server_ops.C b/client/gui_rpc_server_ops.C index c0fd584292..e0d2e4ee75 100644 --- a/client/gui_rpc_server_ops.C +++ b/client/gui_rpc_server_ops.C @@ -1011,18 +1011,31 @@ int GUI_RPC_CONN::handle_rpc() { ); } + // Policy: + // - the first auth failure gets an error message; after that, disconnect + // - if we get an unexpected auth1 or auth2, disconnect + mf.printf("\n"); if (match_tag(request_msg, "unrecognized op\n"); + mf.printf("unrecognized op: %s\n", request_msg); gstate.gui_rpcs.time_of_last_rpc_needing_network = saved_time; } }