client: allow an empty GUI RPC password, but generate alert message

boinccmd: show alert messages after attach RPCs

PR #3709 disallowed empty GUI RPC password files.
This increased security on shared machines.
But it meant that on Linux, after installing BOINC as a package,
the user had to locate and change the protection
and/or the ownership of the password file, which is undesirable.

This change allows empty password files but tells the user
that they should think about the security implications.
With the Manager this is delivered as a notice.
With boinccmd the message is written to stderr after an attach operation.
This commit is contained in:
David Anderson 2020-10-27 19:21:49 -07:00
parent 2ffd661925
commit 86d0e9fbd1
2 changed files with 34 additions and 9 deletions

View File

@ -163,6 +163,30 @@ void acct_mgr_do_rpc(
} }
} }
// Get messages from client, and show any that are USER_ALERT priority.
// Intended use: show user that GUI RPCs are not password-protected.
// For now, do this after attach to project or AM
//
void show_alerts(RPC_CLIENT &rpc) {
MESSAGES messages;
int retval = rpc.get_messages(0, messages);
if (retval) {
fprintf(stderr, "Can't get alerts from client: %s\n",
boincerror(retval)
);
return;
}
for (unsigned int j=0; j<messages.messages.size(); j++) {
MESSAGE& md = *messages.messages[j];
if (md.priority != MSG_USER_ALERT) continue;
if (!md.project.empty()) continue;
strip_whitespace(md.body);
fprintf(stderr, "\nAlert from client: %s\n",
md.body.c_str()
);
}
}
int main(int argc, char** argv) { int main(int argc, char** argv) {
RPC_CLIENT rpc; RPC_CLIENT rpc;
int i, retval, port=0; int i, retval, port=0;
@ -382,6 +406,7 @@ int main(int argc, char** argv) {
canonicalize_master_url(url, sizeof(url)); canonicalize_master_url(url, sizeof(url));
char* auth = next_arg(argc, argv, i); char* auth = next_arg(argc, argv, i);
retval = rpc.project_attach(url, auth, ""); retval = rpc.project_attach(url, auth, "");
show_alerts(rpc);
} else if (!strcmp(cmd, "--file_transfer")) { } else if (!strcmp(cmd, "--file_transfer")) {
FILE_TRANSFER ft; FILE_TRANSFER ft;
@ -529,6 +554,7 @@ int main(int argc, char** argv) {
char* am_name = next_arg(argc, argv, i); char* am_name = next_arg(argc, argv, i);
char* am_passwd = next_arg(argc, argv, i); char* am_passwd = next_arg(argc, argv, i);
acct_mgr_do_rpc(rpc, am_url, am_name, am_passwd); acct_mgr_do_rpc(rpc, am_url, am_name, am_passwd);
show_alerts(rpc);
} else if (!strcmp(op, "info")) { } else if (!strcmp(op, "info")) {
ACCT_MGR_INFO ami; ACCT_MGR_INFO ami;
retval = rpc.acct_mgr_info(ami); retval = rpc.acct_mgr_info(ami);

View File

@ -120,7 +120,7 @@ bool GUI_RPC_CONN_SET::recent_rpc_needs_network(double interval) {
} }
// read the GUI RPC password from gui_rpc_auth.cfg; // read the GUI RPC password from gui_rpc_auth.cfg;
// create one if missing or empty. // create one if missing
// //
void GUI_RPC_CONN_SET::get_password() { void GUI_RPC_CONN_SET::get_password() {
int retval; int retval;
@ -132,16 +132,15 @@ void GUI_RPC_CONN_SET::get_password() {
strip_whitespace(password); strip_whitespace(password);
} }
fclose(f); fclose(f);
if (strlen(password)) {
return;
}
// File is empty; don't allow this. // if password is empty, allow it but issue a warning
// Fall through and create a password.
// //
msg_printf(NULL, MSG_INFO, if (!strlen(password)) {
"%s is empty - assigning new GUI RPC password", GUI_RPC_PASSWD_FILE msg_printf(NULL, MSG_USER_ALERT,
); "Warning: GUI RPC password is empty. BOINC can be controlled by any user on this computer. See https://boinc.berkeley.edu/gui_rpc_passwd.php for more information."
);
}
return;
} }
// make a random password // make a random password