void GUI_URLS::get_gui_urls(USER& user, HOST& host, TEAM& team, char* buf) { bool found; char userid[256], teamid[256], hostid[256], weak_auth[256], rss_auth[256]; strcpy(buf, ""); if (!text) return; strcpy(buf, text); sprintf(userid, "%d", user.id); sprintf(hostid, "%d", host.id); if (user.teamid) { sprintf(teamid, "%d", team.id); } else { strcpy(teamid, "0"); while (remove_element(buf, "<ifteam>", "</ifteam>")) { continue; } } get_weak_auth(user, weak_auth); get_rss_auth(user, rss_auth); while (1) { found = false; found |= str_replace(buf, "<userid/>", userid); found |= str_replace(buf, "<user_name/>", user.name); found |= str_replace(buf, "<hostid/>", hostid); found |= str_replace(buf, "<teamid/>", teamid); found |= str_replace(buf, "<team_name/>", team.name); found |= str_replace(buf, "<authenticator/>", user.authenticator); found |= str_replace(buf, "<weak_auth/>", weak_auth); found |= str_replace(buf, "<rss_auth/>", rss_auth); if (!found) break; } }
// Based on the info in the request message, // look up the host and its user, and make sure the authenticator matches. // Some special cases: // 1) If no host ID is supplied, or if RPC seqno mismatch, // create a new host record // 2) If the host record specified by g_request->hostid is a "zombie" // (i.e. it was merged with another host via the web site) // then follow links to find the proper host // // POSTCONDITION: // If this function returns zero, then: // - reply.host contains a valid host record (possibly new) // - reply.user contains a valid user record // - if user belongs to a team, reply.team contains team record // int authenticate_user() { int retval; char buf[1024]; DB_HOST host; DB_USER user; DB_TEAM team; if (g_request->hostid) { retval = host.lookup_id(g_request->hostid); while (!retval && host.userid==0) { // if host record is zombie, follow link to new host // retval = host.lookup_id(host.rpc_seqno); if (!retval) { g_reply->hostid = host.id; log_messages.printf(MSG_NORMAL, "[HOST#%d] forwarding to new host ID %d\n", g_request->hostid, host.id ); } } if (retval) { g_reply->insert_message("Can't find host record", "low"); log_messages.printf(MSG_NORMAL, "[HOST#%d?] can't find host\n", g_request->hostid ); g_request->hostid = 0; goto lookup_user_and_make_new_host; } g_reply->host = host; // look up user based on the ID in host record, // and see if the authenticator matches (regular or weak) // g_request->using_weak_auth = false; sprintf(buf, "where id=%d", host.userid); retval = user.lookup(buf); if (!retval && !strcmp(user.authenticator, g_request->authenticator)) { // req auth matches user auth - go on } else { if (!retval) { // user for host.userid exists - check weak auth // get_weak_auth(user, buf); if (!strcmp(buf, g_request->authenticator)) { g_request->using_weak_auth = true; log_messages.printf(MSG_DEBUG, "[HOST#%d] accepting weak authenticator\n", host.id ); } } if (!g_request->using_weak_auth) { // weak auth failed - look up user based on authenticator // strlcpy( user.authenticator, g_request->authenticator, sizeof(user.authenticator) ); escape_string(user.authenticator, sizeof(user.authenticator)); sprintf(buf, "where authenticator='%s'", user.authenticator); retval = user.lookup(buf); if (retval) { g_reply->insert_message( _("Invalid or missing account key. To fix, remove and add this project."), "notice" ); g_reply->set_delay(DELAY_MISSING_KEY); g_reply->nucleus_only = true; log_messages.printf(MSG_CRITICAL, "[HOST#%d] [USER#%d] Bad authenticator '%s'\n", host.id, user.id, g_request->authenticator ); return ERR_AUTHENTICATOR; } } } g_reply->user = user; if (host.userid != user.id) { // If the request's host ID isn't consistent with the authenticator, // create a new host record. // log_messages.printf(MSG_NORMAL, "[HOST#%d] [USER#%d] inconsistent host ID; creating new host\n", host.id, user.id ); goto make_new_host; } // If the seqno from the host is less than what we expect, // the user must have copied the state file to a different host. // Make a new host record. // if (!batch && g_request->rpc_seqno < g_reply->host.rpc_seqno) { g_request->hostid = 0; log_messages.printf(MSG_NORMAL, "[HOST#%d] [USER#%d] RPC seqno %d less than expected %d; creating new host\n", g_reply->host.id, user.id, g_request->rpc_seqno, g_reply->host.rpc_seqno ); goto make_new_host; } } else { // Here no hostid was given, or the ID was bad. // Look up the user, then create a new host record // lookup_user_and_make_new_host: // if authenticator contains _, it's a weak auth // if (strchr(g_request->authenticator, '_')) { int userid = atoi(g_request->authenticator); retval = user.lookup_id(userid); if (!retval) { get_weak_auth(user, buf); if (strcmp(buf, g_request->authenticator)) { retval = ERR_AUTHENTICATOR; } } } else { strlcpy( user.authenticator, g_request->authenticator, sizeof(user.authenticator) ); escape_string(user.authenticator, sizeof(user.authenticator)); sprintf(buf, "where authenticator='%s'", user.authenticator); retval = user.lookup(buf); } if (retval) { g_reply->insert_message( "Invalid or missing account key. To fix, remove and add this project .", "low" ); g_reply->set_delay(DELAY_MISSING_KEY); log_messages.printf(MSG_CRITICAL, "[HOST#<none>] Bad authenticator '%s': %s\n", g_request->authenticator, boincerror(retval) ); return ERR_AUTHENTICATOR; } g_reply->user = user; // If host CPID is present, // scan backwards through this user's hosts, // looking for one with the same host CPID. // If we find one, it means the user detached and reattached. // Use the existing host record, // and mark in-progress results as over. // if (strlen(g_request->host.host_cpid)) { if (find_host_by_cpid(user, g_request->host.host_cpid, host)) { log_messages.printf(MSG_NORMAL, "[HOST#%d] [USER#%d] No host ID in request, but host with matching CPID found.\n", host.id, host.userid ); if ((g_request->allow_multiple_clients != 1) && (g_request->other_results.size() == 0) ) { mark_results_over(host); } goto got_host; } } make_new_host: // One final attempt to locate an existing host record: // scan backwards through this user's hosts, // looking for one with the same host name, // IP address, processor and amount of RAM. // If found, use the existing host record, // and mark in-progress results as over. // // NOTE: If the client was run with --allow_multiple_clients, skip this. // if ((g_request->allow_multiple_clients != 1) && find_host_by_other(user, g_request->host, host) ) { log_messages.printf(MSG_NORMAL, "[HOST#%d] [USER#%d] Found similar existing host for this user - assigned.\n", host.id, host.userid ); mark_results_over(host); goto got_host; } // either of the above cases, // or host ID didn't match user ID, // or RPC seqno was too low. // // Create a new host. // g_reply->user is filled in and valid at this point // host = g_request->host; host.id = 0; host.create_time = time(0); host.userid = g_reply->user.id; host.rpc_seqno = 0; host.expavg_time = time(0); safe_strcpy(host.venue, g_reply->user.venue); host.fix_nans(); retval = host.insert(); if (retval) { g_reply->insert_message( "Couldn't create host record in database", "low" ); boinc_db.print_error("host.insert()"); log_messages.printf(MSG_CRITICAL, "host.insert() failed\n"); return retval; } host.id = boinc_db.insert_id(); got_host: g_reply->host = host; g_reply->hostid = g_reply->host.id; // this tells client to updates its host ID g_request->rpc_seqno = 0; // this value eventually gets written to host DB record; // for new hosts it must be zero. // This kludge forces this. } // have user record in g_reply->user at this point // if (g_reply->user.teamid) { retval = team.lookup_id(g_reply->user.teamid); if (!retval) g_reply->team = team; } // compute email hash // md5_block( (unsigned char*)g_reply->user.email_addr, strlen(g_reply->user.email_addr), g_reply->email_hash ); // if new user CPID, update user record // if (!g_request->using_weak_auth && strlen(g_request->cross_project_id)) { if (strcmp(g_request->cross_project_id, g_reply->user.cross_project_id)) { user.id = g_reply->user.id; escape_string(g_request->cross_project_id, sizeof(g_request->cross_project_id)); sprintf(buf, "cross_project_id='%s'", g_request->cross_project_id); unescape_string(g_request->cross_project_id, sizeof(g_request->cross_project_id)); user.update_field(buf); } } return 0; }