Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity
28,566 Commits 93 Branches 867 Tags 348 MiB
Commit Graph

662 Commits

Author SHA1 Message Date
David Anderson 90cb8b9580 update_versions: fix bug that choked on <foo>1</foo> XML boolean 2015-12-23 17:16:31 -08:00
David Anderson 2eabe3eab8 server: fix typo in result file name generation (from Keith) 2015-11-20 13:19:18 -08:00
David Anderson 6b81b0e63b server: provide access to output file names without random part 
- add random substring as "_r123123"
- add function remove_random_from_filename() that removes
  the random substring from an output filename
 2015-11-18 13:42:06 -08:00
Rom Walton f660d9dd62 Revert "server: Refine 153f660 so that it reverts back to the original behavior by default." 
This reverts commit 3cecde776b.
 2015-11-18 15:40:22 -05:00
Rom Walton 2404092894 server: fix build break. 2015-11-18 13:53:10 -05:00
Rom Walton 0a63f1b05c server: remove automatic assignment of the result.random field. Reverts back to previous behavior. 2015-11-18 13:49:43 -05:00
Rom Walton 3cecde776b server: Refine 153f660 so that it reverts back to the original behavior by default. 
Introduce a new template macro <RANDFILE_*/>.  This will inject a random number into the result file names making them hard to guess.
 2015-11-18 13:30:57 -05:00
Rom Walton 75d4091d14 make_project: Fix path location issue 2015-11-17 01:07:39 -05:00
Rom Walton 503b94a4f6 make_project: Add some additional comments and fix white space 2015-11-17 00:30:01 -05:00
David Anderson 153f6600d0 Server (assimilator): add random string to result file names 
Otherwise, result file names can be inferred from result names.
An attacker with task A could find the name of the "wingman" task B,
upload fake files as B's output files,
upload the same files as A's output files,
report A as completed, and get unearned credit.
 2015-11-16 19:28:30 -08:00
Rom Walton 61f8d3dddc make_project: Make sure that scripts cannot be run from the download, stats, and user_profile directories. 2015-11-16 20:23:18 -05:00
Rom Walton 43e900b49f make_project: Make sure to turn off access to certain directories if the global configuration defaults to allow access. 2015-11-14 18:40:09 -05:00
Christian Beer 5f9ac9a0bc use safe_strcpy to prevent buffer overflow 
fixes CID 27767, 27778 found by Coverity
 2015-10-22 15:21:06 +02:00
Christian Beer bb6ded7975 use safe_strcpy to prevent buffer overflow 
fixes CID 27777, 27797 found by Coverity
 2015-10-22 15:08:08 +02:00
Christian Beer 1b5f48a8f8 use safe_strcpy to prevent buffer overflow 
fixes CID 27894 found by Coverity
 2015-10-22 15:02:20 +02:00
Christian Beer d160bb371b ignore time of check to of use defect 
This is intentional and only an issue if multiple work generators are creating input files that have the same name but different content.
Ignores CID 27922, 27993 found by Coverity
 2015-10-22 14:44:23 +02:00
Christian Beer 851412a5ec use snprintf to prevent buffer overflow 
fixes CID 27969, 28010, 28027 found by Coverity
 2015-10-21 17:27:19 +02:00
Christian Beer e2508a0d36 use snprintf to prevent buffer overflow 
fixes CID 27939 found by Coverity
 2015-10-21 17:01:12 +02:00
Christian Beer 145942cbb3 use safe_strcpy to prevent buffer overflow 
fixes CID 27938 found by Coverity
 2015-10-21 16:59:32 +02:00
Rom Walton cb340c533c Merge pull request #1371 from marius311/master 
new `make_project` options which allow building and running project on different systems
 2015-07-24 07:18:15 -04:00
David Anderson 8cd8c8e7ee server software: handle 64-bit database IDs 
The SETI@home result table is about to run out of 32-bit IDs,
so we need to move to 64-bit result IDs.
This will happen to the workunit table at some point too.

I changed the server C++ code to use the "long" type for all DB IDs
(and to use appropriate conversion codes like %lu).
"long" is 64 bit on 64-bit machines.
For uniformity I did this for all tables,
even ones (like app) that will never get big.

I chose NOT to change the DB schema for now.
The new code will work with 32-bit ID fields in the DB.
As projects approach the 32-bit limit on a table they can change
its ID field, and fields that reference this table, to BIGINT.
This is likely to happen only on the result and workunit tables.
I put functions in html/ops/db_update.php
to change the IDs of these tables.
 2015-07-23 10:11:08 -07:00
marius add497f1f6 added --project_host option to make_project 2015-07-20 16:45:30 -07:00
marius d384489952 added --no_db option to make_project 2015-07-20 15:46:52 -07:00
David Anderson 9988c831e1 make_project: don't do update_stats by default 2015-07-10 00:02:29 -07:00
David Anderson 84259c408f xadd: replace Python script with PHP equivalent 
The python version was failing cryptically.
For scripts that access the DB, I'd like to move from Python to PHP,
so that we have one less DB layer to maintain.
 2015-06-27 13:31:03 -07:00
Rom Walton f8d2cfdff3 tools: Fix typo in make_project. 2015-06-08 23:06:21 -04:00
David Anderson c3efe4fe44 make_project: comment tweak 2015-04-15 21:58:14 -07:00
David Anderson f81105f707 create_work: show DB error messages 2015-04-13 23:58:59 -07:00
David Anderson e5d845dad2 create_work: add --continue_on_error option 2015-03-17 09:45:27 -07:00
David Anderson 51b3e05fd1 create_work: add --verbose option 2015-03-16 14:16:27 -07:00
David Anderson a7a05ca184 stage_file: add --verbose option 2015-03-16 13:58:08 -07:00
David Anderson 35950cf193 stage_file: if arg is a dir, stage all files in that dir 2015-03-11 12:26:24 -07:00
David Anderson e4172f1535 update_versions: fix bug related to MYSQLI changes 
PHP tools now need chdir into html/inc before including DB-related files
 2014-09-28 01:47:59 -07:00
David Anderson 2d99dccc2e update_versions: fix bug when have > 1 URLs for file 2014-09-19 08:48:19 -07:00
David Anderson 4850d0236c update_versions: handle files that are both gzipped and replicated 2014-09-17 10:30:48 -07:00
David Anderson 2fa78ba328 make_project: don't generate Apache 2.4 directives because they break 2.2 
... but put in comments saying what changes are needed.
 2014-08-18 00:14:58 -07:00
David Anderson 25fc233f4d make_project: change httpd conf syntax for Apache 2.4 
Add

Require all granted

as well as (for 2.2)

Order allow,deny
Allow from all

See http://httpd.apache.org/docs/2.4/upgrading.html#run-time
 2014-08-17 23:58:30 -07:00
Rom Walton 7feae3ae7f tools: make sure update_versions actually puts the api_version into the xml_doc field. 2014-07-31 14:28:39 -04:00
David Anderson 09832f4335 update_versions: remove unused code 2014-07-29 11:28:13 -07:00
David Anderson 44906a92b4 update_versions: msg tweak 2014-07-29 11:26:06 -07:00
David Anderson cd64b384da update_versions: version.xml can specify API version 
Normally update_version gets the API version from the executable,
by scanning for the string API_VERSION.
However, if the project compresses executables this won't work.
So let it be specified in version.xml.
 2014-07-29 11:11:48 -07:00
David Anderson aa04502db4 create_work: allow targeting commands in stdin job descriptions 2014-07-25 00:51:51 -07:00
David Anderson 870cbb0079 create_work program: add --hr_class cmdline argument 2014-07-02 00:17:20 -07:00
David Anderson b4dba535c0 web: fix typo 2014-06-21 13:40:02 -07:00
David Anderson 032d4529a2 update_versions: allow <beta/> in version.xml, to specify beta app version 2014-06-06 09:47:33 -07:00
David Anderson 558d76212f server: fix race condition when creating targeted jobs. 
We were creating the workunit, then updating its transitioner_flags field.
If the transitioner runs inbetween,
it would (incorrectly) create results for the workunit.
Solution: set transitioner_flags during insert.
 2014-06-02 19:01:44 -07:00
David Anderson 03850d103d create_work: error out if bad ID arg in "--target_host ID" etc. 
Actually we just check that the arg is nonzero.
We could look up the DB record (e.g. the host record)
but that would slow down mass job creation.
 2014-05-21 09:20:33 -07:00
David Anderson cecee4bc9e create_work: make targeting work with stdin-based job creation 2014-05-02 00:24:59 -07:00
David Anderson 3a82ec871f create_work: fix bug when using remote input files 2014-04-25 22:15:47 -07:00
David Anderson 944e5a3b29 job submission: generate physical name for remote input files 
Don't require job submitters to come up with (unique) names
for remote input files.  Just use "jf_MD5".
 2014-04-21 13:19:10 -07:00