*** empty log message ***

svn path=/trunk/boinc/; revision=5196

checkin_notes

@@ -23196,3 +23196,9 @@ Bruce 24 Jan 2005
         project.sample/
             project.inc
 
+David  24 Jan 2005
+    - Save proxy user names and passwords to disk in XML-escaped form
+        (so passwords of the form X<Y will get parsed correctly)
+
+    lib/
+        proxy_info.C

doc/cpid.php

@@ -4,23 +4,38 @@ require_once("docutil.php");
 page_head("Cross-project identification");
 
 echo "
-BOINC supports and encourages 'third-party leaderboards',
-i.e. web sites that show statistics from BOINC projects.
-Such web sites can obtain raw data via XML downloads.
 <p>
 Leaderboard sites may show statistics from several BOINC projects,
-and some people may want to see their credit
+and may want to show credit for users and/or hosts
 summed across all the projects in which they participate.
-This turns out to be a little tricky.
-When should accounts on different projects be considered equivalent?
-The simplest answer is: when they have the same email address.
-But we can't export email addresses.
-And we can't export hashed email addresses,
+
+<h2>Cross-project identification of hosts</h2>
+
+<p>
+Each host generates an <b>internal cross-project ID</b>,
+which is the MD5 of the concatenation of its
+domain name, IP address, free disk space, and a timestamp.
+This is reported to the projects that to which the host is attached.
+The projects convert it to an <b>external cross-project ID</b>
+by hashing it with the owner's email address
+(this is intended to prevent spoofing).
+The external ID is exported in statistics files.
+
+<h2>Cross-project identification of participants</h2>
+<p>
+Accounts on different projects are considered equivalent
+if they have the same email address
+(we have considered other concepts, but they all lead to extreme complexity).
+
+<p>
+Projects can't export email addresses in statistics files;
+email addresses are private.
+It's also not desirable to export hashed email addresses,
 because spammers could enumerate feasible email addresses
 and compare them with the hashed addresses.
 
 <p>
-BOINC uses the following system:
+Instead, BOINC uses the following system:
 <ul>
 <li>
 Each account is assigned a 'cross-project identifier' (CPID)

doc/credit.php

@@ -4,7 +4,7 @@ page_head("Computation credit");
 echo "
 
 <p>
-Each project gives you <b>credit</b> for the computations your
+A BOINC project gives you <b>credit</b> for the computations your
 computers perform for it.
 BOINC's unit of credit, the <b>Cobblestone</b> <sup>1</sup>,
 is 1/100 day of CPU time on a reference computer that does
@@ -14,6 +14,7 @@ is 1/100 day of CPU time on a reference computer that does
 </ul>
 These benchmarks are <a href=benchmark.php>imperfect predictors</a>
 of application performance, but they're good enough.
+<p>
 Eventually, credit may reflect network transfer and disk storage as well
 as computation.
 

doc/flops.php

@@ -0,0 +1,22 @@
+<?php
+require_once("docutil.php");
+page_head("Credit and FLOPS");
+echo "
+The average FLOPS (floating point operations per second)
+achieved by a computer or group of computers
+can be estimated from its Recent Average Credit (RAC) as follows:
+<pre>
+GigaFLOPs = RAC/100
+TeraFLOPS = RAC/100,000
+</pre>
+(Remember that a 1 GigaFLOP machine, running full time,
+produces 100 units of credit in 1 day).
+<p>
+The credit figures for a particular day may be distorted
+if a project is catching up or falling behind on validation
+(the process or granting credit).
+Thus to get accurate FLOPS estimates you should
+look at average RAC over a period of a week or so.
+";
+page_tail();
+?>

lib/proxy_info.C

@@ -17,6 +17,9 @@
 // or write to the Free Software Foundation, Inc.,
 // 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 
+#include <string>
+using std::string;
+
 #ifdef _WIN32
 #include "boinc_win.h"
 #endif
@@ -26,6 +29,7 @@
 
 int PROXY_INFO::parse(MIOFILE& in) {
     char buf[256];
+    string s5un, s5up, hun, hup, temp;
 
     memset(this, 0, sizeof(PROXY_INFO));
     while (in.fgets(buf, 256)) {
@@ -38,44 +42,65 @@ int PROXY_INFO::parse(MIOFILE& in) {
         else if (parse_int(buf, "<socks_server_port>", socks_server_port)) continue;
         else if (parse_str(buf, "<http_server_name>", http_server_name, sizeof(http_server_name))) continue;
         else if (parse_int(buf, "<http_server_port>", http_server_port)) continue;
-        else if (parse_str(buf, "<socks5_user_name>", socks5_user_name, sizeof(socks5_user_name))) continue;
-        else if (parse_str(buf, "<socks5_user_passwd>", socks5_user_passwd, sizeof(socks5_user_passwd))) continue;
-        else if (parse_str(buf, "<http_user_name>", http_user_name, sizeof(http_user_name))) continue;
-        else if (parse_str(buf, "<http_user_passwd>", http_user_passwd, sizeof(http_user_passwd))) continue;
+        else if (parse_str(buf, "<socks5_user_name>", s5un)) {
+            xml_unescape(s5un, temp);
+            strcpy(socks5_user_name, temp.c_str());
+            continue;
+        }
+        else if (parse_str(buf, "<socks5_user_passwd>", s5up)) {
+            xml_unescape(s5up, temp);
+            strcpy(socks5_user_passwd, temp.c_str());
+            continue;
+        }
+        else if (parse_str(buf, "<http_user_name>", hun)) {
+            xml_unescape(hun, temp);
+            strcpy(http_user_name, temp.c_str());
+            continue;
+        }
+        else if (parse_str(buf, "<http_user_passwd>", hup)) {
+            xml_unescape(hup, temp);
+            strcpy(http_user_passwd, temp.c_str());
+            continue;
+        }
     }
     return 0;
 }
 
 int PROXY_INFO::write(MIOFILE& out) {
-   out.printf(
-       "<proxy_info>\n"
-       "%s"
-       "%s"
-       "%s"
-       "    <socks_version>%d</socks_version>\n"
-       "    <socks_server_name>%s</socks_server_name>\n"
-       "    <socks_server_port>%d</socks_server_port>\n"
-       "    <http_server_name>%s</http_server_name>\n"
-       "    <http_server_port>%d</http_server_port>\n"
-       "    <socks5_user_name>%s</socks5_user_name>\n"
-       "    <socks5_user_passwd>%s</socks5_user_passwd>\n"
-       "    <http_user_name>%s</http_user_name>\n"
-       "    <http_user_passwd>%s</http_user_passwd>\n"
-       "</proxy_info>\n",
-       use_http_proxy?"    <use_http_proxy/>\n":"",
-       use_socks_proxy?"    <use_socks_proxy/>\n":"",
-       use_http_auth?"    <use_http_auth/>\n":"",
-       socks_version,
-       socks_server_name,
-       socks_server_port,
-       http_server_name,
-       http_server_port,
-       socks5_user_name,
-       socks5_user_passwd,
-       http_user_name,
-       http_user_passwd
-   );
-   return 0;
+    string s5un, s5up, hun, hup;
+    xml_escape(socks5_user_name, s5un);
+    xml_escape(socks5_user_passwd, s5up);
+    xml_escape(http_user_name, hun);
+    xml_escape(http_user_passwd, hup);
+    out.printf(
+        "<proxy_info>\n"
+        "%s"
+        "%s"
+        "%s"
+        "    <socks_version>%d</socks_version>\n"
+        "    <socks_server_name>%s</socks_server_name>\n"
+        "    <socks_server_port>%d</socks_server_port>\n"
+        "    <http_server_name>%s</http_server_name>\n"
+        "    <http_server_port>%d</http_server_port>\n"
+        "    <socks5_user_name>%s</socks5_user_name>\n"
+        "    <socks5_user_passwd>%s</socks5_user_passwd>\n"
+        "    <http_user_name>%s</http_user_name>\n"
+        "    <http_user_passwd>%s</http_user_passwd>\n"
+        "</proxy_info>\n",
+        use_http_proxy?"    <use_http_proxy/>\n":"",
+        use_socks_proxy?"    <use_socks_proxy/>\n":"",
+        use_http_auth?"    <use_http_auth/>\n":"",
+        socks_version,
+        socks_server_name,
+        socks_server_port,
+        http_server_name,
+        http_server_port,
+        s5un.c_str(),
+        s5up.c_str(),
+        hun.c_str(),
+        hup.c_str()
+    );
+    return 0;
 }
 
 void PROXY_INFO::clear() {