Michal,
I'd like to propose two changes to the interface code:
(1) Currently the status can be obtained by accessing "https://server/2222/", where 2222 = task id. We should support URLs without the ending '/' - just "https://server/2222".
When doing this change I also updated the URL matching in the Apache config file, to match our task ids (numbers only).
See paths.patch.
(2) Every client access to '/2222', '/2222/log', '/2222/backtrace' changes the task password. I think it's ok to generate the password only in /create, and use the same password for all GET requests. It also simplifies the client a lot.
See keep-initial-password.patch.
Please consider the changes for inclusion.
Thank you.
Karel
On 01/21/2011 03:39 AM, Karel Klic wrote:
Michal,
I'd like to propose two changes to the interface code:
(1) Currently the status can be obtained by accessing "https://server/2222/", where 2222 = task id. We should support URLs without the ending '/' - just "https://server/2222".
When doing this change I also updated the URL matching in the Apache config file, to match our task ids (numbers only).
See paths.patch.
Reasonable, the patch looks OK.
(2) Every client access to '/2222', '/2222/log', '/2222/backtrace' changes the task password. I think it's ok to generate the password only in /create, and use the same password for all GET requests. It also simplifies the client a lot.
See keep-initial-password.patch.
The password is changing because of security. I agree that we do not really need to change it - the crash only lives a few days. The design document mentions 22 characters long password: 62^22 ~ 2^128. At the moment, we are using 32 characters long password: 62^32 ~ 2^190. If anybody finds it non-secure, we can always double the length :). The patch looks OK.
Please consider the changes for inclusion.
Thank you.
Karel
Thanks,
Michal
crash-catcher@lists.fedorahosted.org