Jarifa and old BOINC clients

[Daniel Lombraña González]

Hi to all,

I have noticed that very old boinc clients (which are bundled with Debian stable, and other old Linux versions) are experiencing problems with Jarifa. The problem is that, clients log in into Jarifa but they cannot verify the signature. I have been reading the documentation of Account Manager protocol and I haven't seen an option to require a minimum client version. The only option for this feature is for BOINC projects, but Account Managers are not (the config.xml file is not readed).

So, David, is it possible to add an option to get_project_config.php that allows to require a mininum boinc version to work with an Account Manager (in our case, Jarifa)?

Daniel

--
··························································································································································
PhD Candidate
Cátedra Ceta-Ciemat de la Universidad de Extremadura
http://gea.unex.es/catedra-ceta-ciemat/
Universidad de Extremadura
··························································································································································
Por favor, NO utilice formatos de archivo propietarios para el
intercambio de documentos, como DOC y XLS, sino HTML, RTF, TXT, CSV
o cualquier otro que no obligue a utilizar un programa de un
fabricante concreto para tratar la información contenida en él.
··························································································································································

[David Anderson]

I added the following to get_project_config.php;
this enforces the <min_core_client_version> option in config.xml
at the point where the user tries to attach
(rather than letting them attach and then rejecting sched RPCs).

This will work for account managers too;
add the following to your get_project_config.php,
and add a <min_core_client_version> element to your config.xml.

-- David

// if project has a min client version, enforce it
//
$min_core_client_version = parse_config($config, "<min_core_client_version>");
if ($min_core_client_version) {
$x = $_SERVER['HTTP_USER_AGENT'];
list($platform, $maj, $min) = sscanf($x, "BOINC client (%s %d.%d)");
$too_old = false;
if ($maj !== null && $min !== null) {
$v = $maj*100 + $min;
if ($v < $min_core_client_version) {
$too_old = true;
}
} else {
$too_old = true;
}
if ($too_old) {
$rmaj = $min_core_client_version/100;
$rmin = $min_core_client_version%100;
echo "<error_msg>This project requires BOINC client version $rmaj.$rmin
or later.</error_msg>
<error_num>-190</error_num>
</project_config>
";
exit;

[Daniel Lombraña González]

Thanks David,

I will change the code just right now.

Daniel

[Daniel Lombraña González]

Hi,

On Fri, Nov 28, 2008 at 9:31 PM, Nicolás Alvarez <nicolas...@gmail.com> wrote:

El Friday 28 November 2008 17:09:34 David Anderson escribió:

> I added the following to get_project_config.php;
> this enforces the <min_core_client_version> option in config.xml
> at the point where the user tries to attach
> (rather than letting them attach and then rejecting sched RPCs).
>
> This will work for account managers too;
> add the following to your get_project_config.php,
> and add a <min_core_client_version> element to your config.xml.

And as a result, anything that sends a User-Agent that doesn't contain "BOINC
client" will be rejected. For example, account managers or stats sites that
use it to know if a project is up, or the supported platforms (which is all
info returned in get_project_config, no idea why). Here are a few I've
actually seen on my Apache access log:

- No user-agent header at all (around four times a day, always same IP)
- "ESEA-AMS v1.0 get-project-config www.esea.dk/esea" (every two hours)
- "BOINCS Mirror" (see boincs.com)
- "Synecdoche/0.1.1"
- "Mozilla/3.0 (compatible; Indy Library)"
- A generic user-agent that looks like a browser, but
referer "http://www.myboinc.com/scores/proj_infos.php", so it's probably that
script doing requests.

> Daniel Lombraña González wrote:
> > Hi to all,
> >
> > I have noticed that very old boinc clients (which are bundled with
> > Debian stable, and other old Linux versions) are experiencing problems
> > with Jarifa. The problem is that, clients log in into Jarifa but they
> > cannot verify the signature. I have been reading the documentation of
> > Account Manager protocol and I haven't seen an option to require a
> > minimum client version. The only option for this feature is for BOINC
> > projects, but Account Managers are not (the config.xml file is not
> > readed).

Why can't they verify the signature? What changed in the signature handling
that makes old clients fail?

If Jarifa is sending the signature in a new format that recent clients
understand, why didn't you make the client advertise its support for that new
feature? As I suggested ∞ times, we should check for support of individual
features instead of version numbers.

I'm using the standard crypt_prog application that BOINC has, so I don't know why old clients are failing to verify the signature. The truth is, that those clients are pretty old (Debian stable ones).
 

_______________________________________________
boinc_projects mailing list
boinc_p...@ssl.berkeley.edu
http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_projects
To unsubscribe, visit the above URL and
(near bottom of page) enter your email address.

[Daniel Lombraña González]

I have updated the code of Jarifa for supporting the <min_core_client_version> option. However, I have realized that with the BOINC manager you don't get the reason why your client is not valid. The BOINC Manager says that the Account Manager is down, but nothing else. It should be interesting to warn the user about the fact that his version is too old.

Daniel

http://jarifa.unex.es/

[David Anderson]

Daniel:
Can you please email me the extremadura@home logo?
(it's displayed on the web site in a weird way that
doesn't let me get the image file).
Thanks - David