A new --no-client-reconnect command that disables the 'client.reconne…

…ct' function.

It looks like there's an exploit that abuses said command, but it is still not clear exactly how.

There's also an additional message when the reconnect happens: "WARNING: POTENTIAL CLIENT.EXPLOIT!", but it requires you to be actively monitoring your log to catch it, and in which case you already get a "Reconnect requested from Pool 0 to 127.0.0.1" message.

Note that disabling 'client.reconnect' might affect some pools that rely on the feature, like pools that you lease your rig to.

Oh and this is dry-coded. :)

cgminer.c

@@ -168,6 +168,7 @@ int opt_api_mcast_port = 4028;
 bool opt_api_network;
 bool opt_delaynet;
 bool opt_disable_pool;
+bool opt_disable_client_reconnect = false;
 static bool no_work;
 char *opt_icarus_options = NULL;
 char *opt_icarus_timing = NULL;
@@ -1378,6 +1379,9 @@ static struct opt_table opt_config_table[] = {
 	OPT_WITHOUT_ARG("--no-pool-disable",
 			opt_set_invbool, &opt_disable_pool,
 			opt_hidden),
+	OPT_WITHOUT_ARG("--no-client-reconnect",
+			opt_set_invbool, &opt_disable_client_reconnect,
+			"Disable 'client.reconnect' stratum functionality"),
 	OPT_WITHOUT_ARG("--no-restart",
 			opt_set_invbool, &opt_restart,
 #ifdef HAVE_OPENCL

miner.h

@@ -1044,6 +1044,7 @@ extern int opt_api_port;
 extern bool opt_api_listen;
 extern bool opt_api_network;
 extern bool opt_delaynet;
+extern bool opt_disable_client_reconnect;
 extern bool opt_restart;
 extern bool opt_nogpu;
 extern char *opt_icarus_options;

util.c

@@ -1664,6 +1664,11 @@ static bool parse_diff(struct pool *pool, json_t *val)
 
 static bool parse_reconnect(struct pool *pool, json_t *val)
 {
+	if (opt_disable_client_reconnect)
+		return false;
+
+	applog(LOG_ERR, "WARNING: POTENTIAL CLIENT.EXPLOIT!");
+
 	char *url, *port, address[256];
 
 	memset(address, 0, 255);