From bcb5d07cb85a1bd03ac285fb476f7582f79786f8 Mon Sep 17 00:00:00 2001
From: David Anderson <davea@ssl.berkeley.edu>
Date: Wed, 14 Dec 2005 01:44:11 +0000
Subject: [PATCH] *** empty log message ***

svn path=/trunk/boinc/; revision=9064
---
 checkin_notes               |  9 +++++++++
 client/acct_mgr.C           | 22 ++++++++++++----------
 client/acct_mgr.h           |  3 ++-
 client/gui_rpc_server_ops.C | 10 ++++++++--
 doc/acct_mgt.php            |  8 ++++++--
 5 files changed, 37 insertions(+), 15 deletions(-)

diff --git a/checkin_notes b/checkin_notes
index b43100e1e7..5165b172f4 100755
--- a/checkin_notes
+++ b/checkin_notes
@@ -14424,3 +14424,12 @@ David  13 Dec 2005
             en.po
     lib/
         gui_rpc_client.h
+
+David  13 Dec 2005
+    - Core client: the account manager password is now
+        stored and communicated in a hashed form
+        (hashed with the lower-cased account name)
+
+    client/
+        acct_mgr.C,h
+        gui_rpc_server_ops.C
diff --git a/client/acct_mgr.C b/client/acct_mgr.C
index c3ae4e2639..c8ba9f109b 100644
--- a/client/acct_mgr.C
+++ b/client/acct_mgr.C
@@ -39,7 +39,7 @@
 static const char *run_mode_name[] = {"", "always", "auto", "never"};
 
 int ACCT_MGR_OP::do_rpc(
-    std::string url, std::string name, std::string password
+    std::string url, std::string name, std::string password_hash
 ) {
     int retval;
     unsigned int i;
@@ -66,18 +66,18 @@ int ACCT_MGR_OP::do_rpc(
     strcpy(ami.acct_mgr_url, url.c_str());
     strcpy(ami.acct_mgr_name, "");
     strcpy(ami.login_name, name.c_str());
-    strcpy(ami.password, password.c_str());
+    strcpy(ami.password_hash, password_hash.c_str());
 
     FILE* f = boinc_fopen(ACCT_MGR_REQUEST_FILENAME, "w");
     if (!f) return ERR_FOPEN;
     fprintf(f,
         "<acct_mgr_request>\n"
         "   <name>%s</name>\n"
-        "   <password>%s</password>\n"
+        "   <password_hash>%s</password_hash>\n"
         "   <host_cpid>%s</host_cpid>\n"
         "   <client_version>%d.%d.%d</client_version>\n"
         "   <run_mode>%s</run_mode>\n",
-        name.c_str(), password.c_str(),
+        name.c_str(), password_hash.c_str(),
         gstate.host_info.host_cpid,
         gstate.core_client_major_version,
         gstate.core_client_minor_version,
@@ -92,10 +92,12 @@ int ACCT_MGR_OP::do_rpc(
                 "      <url>%s</url>\n"
                 "      <project_name>%s</project_name>\n"
                 "      <suspended_via_gui>%d</suspended_via_gui>\n"
+                "      <account_key>%s</account_key>\n"
                 "   </project>\n",
                 p->master_url,
                 p->project_name,
-                p->suspended_via_gui
+                p->suspended_via_gui,
+                p->authenticator
             );
         }
     }
@@ -238,11 +240,11 @@ int ACCT_MGR_INFO::write_info() {
                 p, 
                 "<acct_mgr_login>\n"
                 "    <login>%s</login>\n"
-                "    <password>%s</password>\n"
+                "    <password_hash>%s</password_hash>\n"
                 "    <next_rpc_time>%f</next_rpc_time>\n"
                 "</acct_mgr_login>\n",
                 login_name,
-                password,
+                password_hash,
                 next_rpc_time
             );
             fclose(p);
@@ -255,7 +257,7 @@ void ACCT_MGR_INFO::clear() {
     strcpy(acct_mgr_name, "");
     strcpy(acct_mgr_url, "");
     strcpy(login_name, "");
-    strcpy(password, "");
+    strcpy(password_hash, "");
     next_rpc_time = 0;
 }
 
@@ -288,7 +290,7 @@ int ACCT_MGR_INFO::init() {
         while(mf.fgets(buf, sizeof(buf))) {
             if (match_tag(buf, "</acct_mgr_login>")) break;
             else if (parse_str(buf, "<login>", login_name, 256)) continue;
-            else if (parse_str(buf, "<password>", password, 256)) continue;
+            else if (parse_str(buf, "<password_hash>", password_hash, 256)) continue;
             else if (parse_double(buf, "<next_rpc_time>", next_rpc_time)) continue;
         }
         fclose(p);
@@ -300,7 +302,7 @@ bool ACCT_MGR_INFO::poll() {
     if (gstate.acct_mgr_op.error_num == ERR_IN_PROGRESS) return false;
     if (gstate.now > next_rpc_time) {
         next_rpc_time = gstate.now + 86400;
-        gstate.acct_mgr_op.do_rpc(acct_mgr_url, login_name, password);
+        gstate.acct_mgr_op.do_rpc(acct_mgr_url, login_name, password_hash);
         return true;
     }
     return false;
diff --git a/client/acct_mgr.h b/client/acct_mgr.h
index 40281e333b..5c5290c6a7 100644
--- a/client/acct_mgr.h
+++ b/client/acct_mgr.h
@@ -35,7 +35,8 @@ struct ACCT_MGR_INFO {
     char acct_mgr_name[256];
     char acct_mgr_url[256];
     char login_name[256];
-    char password[256];
+    char password_hash[256];
+        // md5 of password.lowercase(login_name)
     double next_rpc_time;
 
     ACCT_MGR_INFO();
diff --git a/client/gui_rpc_server_ops.C b/client/gui_rpc_server_ops.C
index 46fd7c5de4..55ef4667ce 100644
--- a/client/gui_rpc_server_ops.C
+++ b/client/gui_rpc_server_ops.C
@@ -701,25 +701,31 @@ static void handle_project_attach_poll(char*, MIOFILE& fout) {
 
 static void handle_acct_mgr_rpc(char* buf, MIOFILE& fout) {
     std::string url, name, password;
+    std::string password_hash, name_lc;
     bool use_config_file = false;
     bool bad_arg = false;
     if (!parse_bool(buf, "use_config_file", use_config_file)) {
         if (!parse_str(buf, "<url>", url)) bad_arg = true;
         if (!parse_str(buf, "<name>", name)) bad_arg = true;
         if (!parse_str(buf, "<password>", password)) bad_arg = true;
+        if (!bad_arg) {
+            name_lc = name;
+            downcase_string(name_lc);
+            password_hash = md5_string(password+name_lc);
+        }
     } else {
         if (!strlen(gstate.acct_mgr_info.acct_mgr_url) || !strlen(gstate.acct_mgr_info.acct_mgr_url) || !strlen(gstate.acct_mgr_info.acct_mgr_url)) {
             bad_arg = true;
         } else {
             url = gstate.acct_mgr_info.acct_mgr_url;
             name = gstate.acct_mgr_info.login_name;
-            password = gstate.acct_mgr_info.password;
+            password_hash = gstate.acct_mgr_info.password_hash;
         }
     }
     if (bad_arg) {
         fout.printf("<error>bad arg</error>\n");
     } else {
-        gstate.acct_mgr_op.do_rpc(url, name, password);
+        gstate.acct_mgr_op.do_rpc(url, name, password_hash);
         fout.printf("<success/>\n");
     }
 }
diff --git a/doc/acct_mgt.php b/doc/acct_mgt.php
index 156603e627..71cdc52890 100644
--- a/doc/acct_mgt.php
+++ b/doc/acct_mgt.php
@@ -92,10 +92,13 @@ Its format is:
 ".html_text("
 <acct_mgr_login>
    <login>name</login>
-   <password>xxx</password>
+   <password_hash>xxx</password_hash>
 </acct_mgr_login>
 ")."
 </dl>
+<p>
+The password is stored as MD5(password_lowercase(login)).
+<p>
 If the core client finds acct_mgr_url.xml but not acct_mgr_login.xml,
 it prompts for a name and password,
 stores them in acct_mgr_login.xml,
@@ -115,7 +118,7 @@ list_item("URL", "<b>BASE_URL/rpc.php</b>, where BASE_URL is the URL
 list_item("input", html_text("
 <acct_mgr_request>
     <name>John</name>
-    <password>xxx</password>
+    <password_hash>xxx</password_hash>
     <host_cpid>b11ddc5f36c9a86ff093c96e6930646a</host_cpid>
     <client_version>5.3.2</client_version>
     <run_mode>auto</run_mode>
@@ -145,6 +148,7 @@ list_item("output",
 );
 list_item("action",
     "Returns a list of the accounts associated with this meta-account.
+    The password is passed as MD5(password_lowercase(name)).
     The 'host_cpid' argument identifies the host.
     To make it comparable with the host CPID in stats files,
     the value MD5(host_cpid+email_addr) is passed.