Apparently when Win runs in a VM, the random number generation functions
(e.g. CryptGenRandom()) don't work.
We weren't checking for this, resulting in a garbage (and guessable) password.
Also change function names to indicate that string is not just random,
but also hard to guess.
- The authentication hash in HTTP header now includes the request message.
This prevents bad guys from intercepting request message and substituting
a different request.
- Authentication info sent to client (i.e. the GUI) now includes a random string,
used as an additional salt in the authentication hash.
This prevents bad guys from recording and reusing authentication headers.
- add --is_gzip option to sample_bitwise_validator.
If set, all files are treated as gzip archives.
Check their 10-byte header to verify that it's a gzip file,
but ignore it when comparing files.
- validator.cpp: don't error out on unparsed cmdline args,
since we're now using them in sample_bitwise_validator
and sample_substr_validator.
- fix build error on Debian
- client: when parsing MD5, use 64 instead of 33 char buffer.
When the XML parser reads a string,
it enforces the buffer size limit BEFORE it strips whitespace.
So if a project put whitespaces before or after the MD5,
it would fail to parse.
- scheduler: fix bug in adaptive replication:
if send an unreplicated job to untrusted host,
set both wu.target_nresults and wu.min_quorum to app.target_nresults.
svn path=/trunk/boinc/; revision=15762
David Anderson