Reject redirection across different registered domain names (can be disabled by appending #redirect to pool URI)

miner.c

@@ -2786,6 +2786,14 @@ void pool_set_opaque(struct pool *pool, bool opaque)
 		       pool->pool_no);
 }
 
+bool pool_may_redirect_to(struct pool * const pool, const char * const uri)
+{
+	const char *p = strchr(pool->rpc_url, '#');
+	if (unlikely(p && strstr(&p[1], "redirect")))
+		return true;
+	return match_domains(pool->rpc_url, strlen(pool->rpc_url), uri, strlen(uri));
+}
+
 static bool work_decode(struct pool *pool, struct work *work, json_t *val)
 {
 	json_t *res_val = json_object_get(val, "result");
@@ -8515,7 +8523,7 @@ tryagain:
 
 	/* Detect if a http getwork pool has an X-Stratum header at startup,
 	 * and if so, switch to that in preference to getwork if it works */
-	if (pool->stratum_url && want_stratum && (pool->has_stratum || stratum_works(pool))) {
+	if (pool->stratum_url && want_stratum && pool_may_redirect_to(pool, pool->stratum_url) && (pool->has_stratum || stratum_works(pool))) {
 		if (!pool->has_stratum) {
 
 		applog(LOG_NOTICE, "Switching pool %d %s to %s", pool->pool_no, pool->rpc_url, pool->stratum_url);

miner.h

@@ -1411,6 +1411,7 @@ extern bool _log_curses_only(int prio, const char *datetime, const char *str);
 extern void clear_logwin(void);
 extern void logwin_update(void);
 extern bool pool_tclear(struct pool *pool, bool *var);
+extern bool pool_may_redirect_to(struct pool *, const char *uri);
 extern struct thread_q *tq_new(void);
 extern void tq_free(struct thread_q *tq);
 extern bool tq_push(struct thread_q *tq, void *data);

util.c

@@ -2183,6 +2183,9 @@ static bool parse_reconnect(struct pool *pool, json_t *val)
 	url = __json_array_string(val, 0);
 	if (!url)
 		url = pool->sockaddr_url;
+	else
+	if (!pool_may_redirect_to(pool, url))
+		return false;
 
 	port_json = json_array_get(val, 1);
 	if (json_is_number(port_json))