From 5bf2d387ecb25562d84bb640a435b880f6cd91e5 Mon Sep 17 00:00:00 2001 From: Con Kolivas Date: Thu, 22 Dec 2016 19:28:33 +1100 Subject: [PATCH] Forward auths to upstream pool in remote trusted mode, with a view to checking responses and using that instead of local auth. --- src/stratifier.c | 100 ++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 94 insertions(+), 6 deletions(-) diff --git a/src/stratifier.c b/src/stratifier.c index 251d474c..14df3ff4 100644 --- a/src/stratifier.c +++ b/src/stratifier.c @@ -3030,7 +3030,7 @@ static stratum_instance_t *__stratum_add_instance(ckpool_t *ckp, int64_t id, con sprintf(client->identity, "node:%"PRId64" subclient:%"PRId64, pass_id, id); } else { - sprintf(client->identity, "passthrough:%"PRId64" subclient:%"PRId64, + sprintf(client->identity, "remote:%"PRId64" subclient:%"PRId64, pass_id, id); } } else @@ -3147,8 +3147,21 @@ static void stratum_add_send(sdata_t *sdata, json_t *val, const int64_t client_i return; } - if (passthrough_subclient(client_id)) - json_set_string(val, "node.method", stratum_msgs[msg_type]); + if (passthrough_subclient(client_id)) { + int64_t remote_id = client_id >> 32; + stratum_instance_t *remote; + + remote = ref_instance_by_id(sdata, remote_id); + if (unlikely(!remote)) { + json_decref(val); + return; + } + if (remote->node) + json_set_string(val, "node.method", stratum_msgs[msg_type]); + else if (remote->remote) + json_set_string(val, "method", stratum_msgs[msg_type]); + dec_instance_ref(sdata, remote); + } LOGDEBUG("Sending stratum message %s", stratum_msgs[msg_type]); msg = ckzalloc(sizeof(smsg_t)); msg->json_msg = val; @@ -5292,6 +5305,12 @@ static json_t *parse_authorise(stratum_instance_t *client, const json_t *params_ ret = true; } } + + /* We do the preauth etc. in remote mode, and leave final auth to + * upstream pool to complete. */ + if (ckp->remote) + goto out; + if (ret) { client->authorised = ret; user->authorised = ret; @@ -6490,6 +6509,39 @@ void parse_remote_txns(ckpool_t *ckp, const json_t *val) #define parse_remote_workinfo(ckp, val) add_node_base(ckp, val) +static void parse_remote_auth(ckpool_t *ckp, sdata_t *sdata, json_t *val, stratum_instance_t *remote, + const int64_t remote_id) +{ + json_t *params, *method, *id_val; + stratum_instance_t *client; + const char *address; + json_params_t *jp; + int64_t client_id; + + json_get_int64(&client_id, val, "clientid"); + /* Encode remote server client_id into remote client's id */ + client_id = (remote_id << 32) | (client_id & 0xffffffffll); + id_val = json_object_get(val, "id"); + method = json_object_get(val, "method"); + params = json_object_get(val, "params"); + jp = create_json_params(client_id, method, params, id_val); + + /* This is almost certainly the first time we'll see this client_id so + * create a new stratum instance temporarily just for auth with a plan + * to drop the client id locally once we finish with it */ + ck_wlock(&sdata->instance_lock); + client = __instance_by_id(sdata, client_id); + if (likely(!client)) + client = __stratum_add_instance(ckp, client_id, remote->address, remote->server); + __inc_instance_ref(client); + ck_wunlock(&sdata->instance_lock); + + json_strdup(&client->useragent, val, "useragent"); + json_strcpy(client->enonce1, val, "enonce1"); + json_strcpy(client->address, val, "address"); + ckmsgq_add(sdata->sauthq, jp); +} + /* Get the remote worker count once per minute from all the remote servers */ static void parse_remote_workers(sdata_t *sdata, json_t *val, const char *buf) { @@ -6584,6 +6636,8 @@ static void parse_trusted_msg(ckpool_t *ckp, sdata_t *sdata, json_t *val, stratu parse_remote_txns(ckp, val); else if (!safecmp(method, stratum_msgs[SM_WORKINFO])) parse_remote_workinfo(ckp, val); + else if (!safecmp(method, stratum_msgs[SM_AUTH])) + parse_remote_auth(ckp, sdata, val, client, client->id); else if (!safecmp(method, "workers")) parse_remote_workers(sdata, val, buf); else if (!safecmp(method, "submitblock")) @@ -6948,6 +7002,33 @@ static stratum_instance_t *preauth_ref_instance_by_id(sdata_t *sdata, const int6 return client; } +/* Send the auth upstream in trusted remote mode, allowing the connector to + * asynchronously receive the response and return the auth response. */ +static void upstream_auth(ckpool_t *ckp, stratum_instance_t *client, json_params_t *jp) +{ + user_instance_t *user = client->user_instance; + json_t *val = json_object(); + char cdfield[64]; + char *msg; + ts_t now; + + ts_realtime(&now); + sprintf(cdfield, "%lu,%lu", now.tv_sec, now.tv_nsec); + + json_set_object(val, "params", jp->params); + json_set_object(val, "id", jp->id_val); + json_set_object(val, "method", jp->method); + json_set_string(val, "method", stratum_msgs[SM_AUTH]); + + json_set_string(val, "useragent", client->useragent ? : ""); + json_set_string(val, "enonce1", client->enonce1 ? : ""); + json_set_string(val, "address", client->address); + json_set_int(val, "clientid", client->id); + msg = json_dumps(val, JSON_NO_UTF8 | JSON_PRESERVE_ORDER | JSON_COMPACT | JSON_EOL); + json_decref(val); + connector_upstream_msg(ckp, msg); +} + static void sauth_process(ckpool_t *ckp, json_params_t *jp) { json_t *result_val, *json_msg, *err_val = NULL; @@ -6961,13 +7042,20 @@ static void sauth_process(ckpool_t *ckp, json_params_t *jp) client = preauth_ref_instance_by_id(sdata, client_id); if (unlikely(!client)) { LOGINFO("Authoriser failed to find client id %"PRId64" in hashtable!", client_id); - goto out; + goto out_noclient; } result_val = parse_authorise(client, jp->params, &err_val, &errnum); if (json_is_true(result_val)) { char *buf; + /* So far okay in remote mode, remainder to be done by upstream + * pool */ + if (ckp->remote) { + upstream_auth(ckp, client, jp); + goto out; + } + ASPRINTF(&buf, "Authorised, welcome to %s %s!", ckp->name, client->user_instance->username); stratum_send_message(sdata, client, buf); @@ -7001,8 +7089,8 @@ static void sauth_process(ckpool_t *ckp, json_params_t *jp) stratum_send_diff(sdata, client); } out: - if (client) - dec_instance_ref(sdata, client); + dec_instance_ref(sdata, client); +out_noclient: discard_json_params(jp); }