MGR: Remove what are now over active asserts complaining about pConfig being NULL. Apparently we knew already knew that pConfig could be NULL in certain circumstances and followed up with a check to return from the function if pConfig was NULL, that code was added in 2007. The assert check wasn't really needed after that point.
- I found a better way to work around an issue with wxCocoa which prevented BOINC Manager from running if launched hidden (when launched automatically on user login) than the one I implemented in commit 082aff7.
- This change allowed me to again call the original wxApp::CallOnInit().
- The original wxApp::CallOnInit() fixed the clean up on logout or system shutdown, ensuring preferences file is written, so I could remove my nasty hack in commit 0aefd62.
Using mb_str() can be problematic if you do not reuse the pointer right away, if the wxString is used in any other way between when you extract the pointer to the data and the data itself the reference is freed and the pointer can end up pointing to something else entirely.
- Ensure that Debug build of Manager uses Debug build of wxWidgets, and Release build of manager uses Release build of wxWidgets.
- Ensure that wxWidgets is built to use UTF-8 encoding on Mac, to match Mac manager.
The web RPCs done by the client during project attach
(lookup_account, create_account)
have an email address and password hash in their request.
Network sniffers could potentially see these,
so we should use HTTPS for these RPCs if possible.
However, not all BOINC projects have SSL-enabled web servers.
So I did the following:
- Change get_project_config.php to return an additional
<web_rpc_url_base> element.
This is SECURE_URL_BASE (if specified in the project's
project.inc config file) or, if not, the master URL.
- This new element is parsed into the PROJECT_CONFIG structure.
- In calls to create_account and lookup_account,
the Manager uses PROJECT_CONFIG::web_rpc_url_base
if it's available, else the master URL.
So, the new Manager/client uses HTTPS for RPCs to projects
that have updated their get_project_config.php,
and specify a SECURE_URL_BASE with https:// prefix.
Android note: I added code to parse the new config element,
but didn't change the higher-level code;
Joachim will need to do this.
Attempting to save state in the destructor leads to funky values because the animations have completed and the destructor is called from an idle loop garbage collector.
Rom Walton