fzorb/REDACTED-rig
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

#1.7.0 (#160)

Browse source 
# 1.7.0
- First official Release of XMRigCC-amd #33 #3
- Full integration of xmrigCC-amd into XMRigCCServer/Dashboard with GPUInfo / remote logging
- Config property to enable/disable config upload on startup (--cc-upload-config-on-startup) #80
- Refactoring of remote logging feature: #143
    - Only deltas will be send to the XMRigCCServer
    - Fetching miner log on dashboard upon need
    - Maximum lines of log history kept per miner can be configured on XMRigCCServer 
- Fix correct hugepages status on Dashboard
- Fix cpu affinity for single thread usage
- Add all needed security infos to XMRigCCServer logging to harden the server (f.e. fail2ban)
- Fix commandline params overwrite config.json #157
- Fix building miner with API support #145
This commit is contained in:
Ben Gräf 2018-08-26 19:43:52 +02:00 committed by GitHub
parent 3c41e5c1d4
commit 088c28cbda
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 79 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

3
CHANGELOG.md
View file

@ -8,6 +8,9 @@
- Maximum lines of log history kept per miner can be configured on XMRigCCServer - Maximum lines of log history kept per miner can be configured on XMRigCCServer
- Fix correct hugepages status on Dashboard - Fix correct hugepages status on Dashboard
- Fix cpu affinity for single thread usage - Fix cpu affinity for single thread usage
- Add all needed security infos to XMRigCCServer logging to harden the server (f.e. fail2ban)
- Fix commandline params overwrite config.json #157
- Fix bulding of miner with API support Cannot #145
# 1.6.5 # 1.6.5
- Hashrate improve -> add autodetection mode for cpu-affinity - Hashrate improve -> add autodetection mode for cpu-affinity
- Hashrate improve, more stable hashrates -> refactor memory allocation - Hashrate improve, more stable hashrates -> refactor memory allocation

60
src/cc/Httpd.cpp
View file

@ -93,28 +93,29 @@ std::string Httpd::readFile(const std::string &fileName)
return data.str(); return data.str();
} }
unsigned Httpd::tokenAuth(struct MHD_Connection* connection) unsigned Httpd::tokenAuth(struct MHD_Connection* connection, const std::string& clientIp)
{ {
if (!m_options->ccToken()) { if (!m_options->ccToken()) {
LOG_WARN("AccessToken not set. Access Granted!"); LOG_WARN("[%s] 200 OK - WARNING AccessToken not set!", clientIp.c_str());
return MHD_HTTP_OK; return MHD_HTTP_OK;
} }
const char* header = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, MHD_HTTP_HEADER_AUTHORIZATION); const char* header = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, MHD_HTTP_HEADER_AUTHORIZATION);
if (m_options->ccToken() && !header) { if (m_options->ccToken() && !header) {
LOG_WARN("[%s] 401 UNAUTHORIZED", clientIp.c_str());
return MHD_HTTP_UNAUTHORIZED; return MHD_HTTP_UNAUTHORIZED;
} }
const size_t size = strlen(header); const size_t size = strlen(header);
if (size < 8 || strlen(m_options->ccToken()) != size - 7 || memcmp("Bearer ", header, 7) != 0) { if (size < 8 || strlen(m_options->ccToken()) != size - 7 || memcmp("Bearer ", header, 7) != 0) {
LOG_WARN("AccessToken wrong. Access Forbidden!"); LOG_ERR("[%s] 403 FORBIDDEN - AccessToken wrong!", clientIp.c_str());
return MHD_HTTP_FORBIDDEN; return MHD_HTTP_FORBIDDEN;
} }
return strncmp(m_options->ccToken(), header + 7, strlen(m_options->ccToken())) == 0 ? MHD_HTTP_OK : MHD_HTTP_FORBIDDEN; return strncmp(m_options->ccToken(), header + 7, strlen(m_options->ccToken())) == 0 ? MHD_HTTP_OK : MHD_HTTP_FORBIDDEN;
} }
unsigned Httpd::basicAuth(struct MHD_Connection* connection, std::string& resp) unsigned Httpd::basicAuth(struct MHD_Connection* connection, const std::string& clientIp, std::string& resp)
{ {
unsigned result = MHD_HTTP_OK; unsigned result = MHD_HTTP_OK;
@ -123,7 +124,7 @@ unsigned Httpd::basicAuth(struct MHD_Connection* connection, std::string& resp)
"Please configure admin user and pass to view this Page." "Please configure admin user and pass to view this Page."
"</body><html\\>"); "</body><html\\>");
LOG_WARN("Admin user/password not set. Access Forbidden!"); LOG_ERR("[%s] 403 FORBIDDEN - Admin user/password not set!", clientIp.c_str());
result = MHD_HTTP_FORBIDDEN; result = MHD_HTTP_FORBIDDEN;
} }
else { else {
@ -136,7 +137,7 @@ unsigned Httpd::basicAuth(struct MHD_Connection* connection, std::string& resp)
if (user == nullptr || strcmp(user, m_options->ccAdminUser()) != 0 || if (user == nullptr || strcmp(user, m_options->ccAdminUser()) != 0 ||
pass == nullptr || strcmp(pass, m_options->ccAdminPass()) != 0) { pass == nullptr || strcmp(pass, m_options->ccAdminPass()) != 0) {
LOG_WARN("Admin user/password wrong. Access Unauthorized!"); LOG_ERR("[%s] 403 FORBIDDEN - Admin user/password wrong!", clientIp.c_str());
result = MHD_HTTP_UNAUTHORIZED; result = MHD_HTTP_UNAUTHORIZED;
} }
@ -148,6 +149,7 @@ unsigned Httpd::basicAuth(struct MHD_Connection* connection, std::string& resp)
free(pass); free(pass);
} }
} else { } else {
LOG_WARN("[%s] 401 UNAUTHORIZED", clientIp.c_str());
result = MHD_HTTP_UNAUTHORIZED; result = MHD_HTTP_UNAUTHORIZED;
} }
} }
@ -179,24 +181,36 @@ int Httpd::sendResponse(MHD_Connection* connection, unsigned status, MHD_Respons
int Httpd::handler(void* httpd, MHD_Connection* connection, const char* url, const char* method, int Httpd::handler(void* httpd, MHD_Connection* connection, const char* url, const char* method,
const char* version, const char* upload_data, size_t* upload_data_size, void** con_cls) const char* version, const char* upload_data, size_t* upload_data_size, void** con_cls)
{ {
std::string clientIp;
const MHD_ConnectionInfo *info = MHD_get_connection_info(connection, MHD_CONNECTION_INFO_CLIENT_ADDRESS);
if (info) {
char clientHost[NI_MAXHOST];
int ec = getnameinfo(info->client_addr, sizeof(*info->client_addr), clientHost, sizeof(clientHost),
0, 0, NI_NUMERICHOST|NI_NUMERICSERV);
if (ec == 0) {
clientIp = std::string(clientHost);
}
}
if (strcmp(method, MHD_HTTP_METHOD_OPTIONS) == 0) { if (strcmp(method, MHD_HTTP_METHOD_OPTIONS) == 0) {
LOG_INFO("OPTIONS Requested"); LOG_INFO("[%s] OPTIONS Requested", clientIp.c_str());
return sendResponse(connection, MHD_HTTP_OK, nullptr, CONTENT_TYPE_HTML); return sendResponse(connection, MHD_HTTP_OK, nullptr, CONTENT_TYPE_HTML);
} }
if (strcmp(method, MHD_HTTP_METHOD_GET) != 0 && strcmp(method, MHD_HTTP_METHOD_POST) != 0) { if (strcmp(method, MHD_HTTP_METHOD_GET) != 0 && strcmp(method, MHD_HTTP_METHOD_POST) != 0) {
LOG_ERR("HTTP_METHOD_NOT_ALLOWED"); LOG_ERR("[%s] 405 METHOD NOT ALLOWED (%s)", clientIp.c_str(), method);
return sendResponse(connection, MHD_HTTP_METHOD_NOT_ALLOWED, nullptr, CONTENT_TYPE_HTML); return sendResponse(connection, MHD_HTTP_METHOD_NOT_ALLOWED, nullptr, CONTENT_TYPE_HTML);
} }
if (strstr(url, "/client/")) { if (strstr(url, "/client/")) {
unsigned status = static_cast<Httpd*>(httpd)->tokenAuth(connection); unsigned status = static_cast<Httpd*>(httpd)->tokenAuth(connection, clientIp);
if (status != MHD_HTTP_OK) { if (status != MHD_HTTP_OK) {
return sendResponse(connection, status, nullptr, CONTENT_TYPE_JSON); return sendResponse(connection, status, nullptr, CONTENT_TYPE_JSON);
} }
} else { } else {
std::string resp; std::string resp;
unsigned status = static_cast<Httpd*>(httpd)->basicAuth(connection, resp); unsigned status = static_cast<Httpd*>(httpd)->basicAuth(connection, clientIp, resp);
if (status != MHD_HTTP_OK) { if (status != MHD_HTTP_OK) {
MHD_Response* rsp = nullptr; MHD_Response* rsp = nullptr;
if (!resp.empty()) { if (!resp.empty()) {
@ -207,15 +221,13 @@ int Httpd::handler(void* httpd, MHD_Connection* connection, const char* url, con
} }
if (strcmp(method, MHD_HTTP_METHOD_GET) == 0) { if (strcmp(method, MHD_HTTP_METHOD_GET) == 0) {
return handleGET(static_cast<Httpd*>(httpd), connection, url); return handleGET(static_cast<Httpd*>(httpd), connection, clientIp, url);
} else { } else {
return handlePOST(static_cast<Httpd*>(httpd), connection, url, upload_data, upload_data_size, con_cls); return handlePOST(static_cast<Httpd*>(httpd), connection, clientIp, url, upload_data, upload_data_size, con_cls);
}
} }
return MHD_NO; int Httpd::handleGET(const Httpd* httpd, struct MHD_Connection* connection, const std::string& clientIp, const char* urlPtr)
}
int Httpd::handleGET(const Httpd* httpd, struct MHD_Connection* connection, const char* urlPtr)
{ {
std::string resp; std::string resp;
std::string url(urlPtr); std::string url(urlPtr);
@ -227,7 +239,7 @@ int Httpd::handleGET(const Httpd* httpd, struct MHD_Connection* connection, cons
clientId = std::string(clientIdPtr); clientId = std::string(clientIdPtr);
} }
unsigned status = Service::handleGET(httpd->m_options, url, clientId, resp); unsigned status = Service::handleGET(httpd->m_options, url, clientIp, clientId, resp);
MHD_Response* rsp = nullptr; MHD_Response* rsp = nullptr;
if (!resp.empty()) { if (!resp.empty()) {
@ -244,7 +256,7 @@ int Httpd::handleGET(const Httpd* httpd, struct MHD_Connection* connection, cons
return sendResponse(connection, status, rsp, contentType); return sendResponse(connection, status, rsp, contentType);
} }
int Httpd::handlePOST(const Httpd* httpd, struct MHD_Connection* connection, const char* urlPtr, const char* upload_data, int Httpd::handlePOST(const Httpd* httpd, struct MHD_Connection* connection, const std::string& clientIp, const char* urlPtr, const char* upload_data,
size_t* upload_data_size, void** con_cls) size_t* upload_data_size, void** con_cls)
{ {
auto* cc = (ConnectionContext*)* con_cls; auto* cc = (ConnectionContext*)* con_cls;
@ -259,20 +271,8 @@ int Httpd::handlePOST(const Httpd* httpd, struct MHD_Connection* connection, con
} else { } else {
std::string resp; std::string resp;
std::string url(urlPtr); std::string url(urlPtr);
std::string clientIp;
std::string clientId; std::string clientId;
const MHD_ConnectionInfo *info = MHD_get_connection_info(connection, MHD_CONNECTION_INFO_CLIENT_ADDRESS);
if (info) {
char clientHost[NI_MAXHOST];
int ec = getnameinfo(info->client_addr, sizeof(*info->client_addr), clientHost, sizeof(clientHost),
0, 0, NI_NUMERICHOST|NI_NUMERICSERV);
if (ec == 0) {
clientIp = std::string(clientHost);
}
}
const char* clientIdPtr = MHD_lookup_connection_value(connection, MHD_GET_ARGUMENT_KIND, "clientId"); const char* clientIdPtr = MHD_lookup_connection_value(connection, MHD_GET_ARGUMENT_KIND, "clientId");
if (clientIdPtr) { if (clientIdPtr) {
clientId = std::string(clientIdPtr); clientId = std::string(clientIdPtr);

8
src/cc/Httpd.h
View file

@ -51,12 +51,12 @@ private:
static int sendResponse(MHD_Connection* connection, unsigned status, MHD_Response* rsp, const char* contentType); static int sendResponse(MHD_Connection* connection, unsigned status, MHD_Response* rsp, const char* contentType);
unsigned basicAuth(MHD_Connection* connection, std::string &resp); unsigned basicAuth(MHD_Connection* connection, const std::string& clientIp, std::string &resp);
unsigned tokenAuth(MHD_Connection* connection); unsigned tokenAuth(MHD_Connection* connection, const std::string& clientIp);
static int handler(void* httpd, MHD_Connection* connection, const char* url, const char* method, const char* version, const char* upload_data, size_t* upload_data_size, void**con_cls); static int handler(void* httpd, MHD_Connection* connection, const char* url, const char* method, const char* version, const char* upload_data, size_t* upload_data_size, void**con_cls);
static int handleGET(const Httpd* httpd, MHD_Connection* connection, const char* url); static int handleGET(const Httpd* httpd, MHD_Connection* connection, const std::string& clientIp, const char* url);
static int handlePOST(const Httpd* httpd, MHD_Connection* connection, const char* url, const char* upload_data, size_t* upload_data_size, void** con_cls); static int handlePOST(const Httpd* httpd, MHD_Connection* connection, const std::string& clientIp, const char* url, const char* upload_data, size_t* upload_data_size, void** con_cls);
static std::string readFile(const std::string &fileName); static std::string readFile(const std::string &fileName);

42
src/cc/Service.cpp
View file

@ -62,13 +62,20 @@ void Service::release()
uv_mutex_unlock(&m_mutex); uv_mutex_unlock(&m_mutex);
} }
unsigned Service::handleGET(const Options* options, const std::string& url, const std::string& clientId, std::string& resp) unsigned Service::handleGET(const Options* options, const std::string& url, const std::string& clientIp, const std::string& clientId, std::string& resp)
{ {
uv_mutex_lock(&m_mutex); uv_mutex_lock(&m_mutex);
unsigned resultCode = MHD_HTTP_NOT_FOUND; unsigned resultCode = MHD_HTTP_NOT_FOUND;
LOG_INFO("GET(url='%s', clientId='%s')", url.c_str(), clientId.c_str()); std::string params;
if (!clientId.empty())
{
params += "?clientId=";
params += clientId;
}
LOG_INFO("[%s] GET '%s%s'", clientIp.c_str(), url.c_str(), params.c_str());
if (url == "/") { if (url == "/") {
resultCode = getAdminPage(options, resp); resultCode = getAdminPage(options, resp);
@ -82,10 +89,13 @@ unsigned Service::handleGET(const Options* options, const std::string& url, cons
resultCode = getClientCommand(clientId, resp); resultCode = getClientCommand(clientId, resp);
} else if (url.rfind("/admin/getClientLog", 0) == 0) { } else if (url.rfind("/admin/getClientLog", 0) == 0) {
resultCode = getClientLog(clientId, resp); resultCode = getClientLog(clientId, resp);
} else {
LOG_WARN("[%s] 404 NOT FOUND (%s)", clientIp.c_str(), url.c_str());
} }
} }
else { else {
LOG_ERR("Request does not contain clientId: %s", url.c_str()); resultCode = MHD_HTTP_BAD_REQUEST;
LOG_ERR("[%s] 400 BAD REQUEST - Request does not contain clientId (%s)", clientIp.c_str(), url.c_str());
} }
} }
@ -101,17 +111,32 @@ unsigned Service::handlePOST(const Options* options, const std::string& url, con
unsigned resultCode = MHD_HTTP_NOT_FOUND; unsigned resultCode = MHD_HTTP_NOT_FOUND;
LOG_INFO("POST(url='%s', clientIp='%s', clientId='%s', dataLen='%d')", std::string params;
url.c_str(), clientIp.c_str(), clientId.c_str(), data.length()); if (!clientId.empty())
{
params += "?clientId=";
params += clientId;
}
LOG_INFO("[%s] POST '%s%s', dataLen='%d'",
clientIp.c_str(), url.c_str(), params.c_str(), data.length());
if (!clientId.empty()) {
if (url.rfind("/client/setClientStatus", 0) == 0) { if (url.rfind("/client/setClientStatus", 0) == 0) {
resultCode = setClientStatus(options, clientIp, clientId, data, resp); resultCode = setClientStatus(options, clientIp, clientId, data, resp);
} else if (url.rfind("/admin/setClientConfig", 0) == 0 || url.rfind("/client/setClientConfig", 0) == 0) { } else if (url.rfind("/admin/setClientConfig", 0) == 0 || url.rfind("/client/setClientConfig", 0) == 0) {
resultCode = setClientConfig(options, clientId, data, resp); resultCode = setClientConfig(options, clientId, data, resp);
} else if (url.rfind("/admin/setClientCommand", 0) == 0) { } else if (url.rfind("/admin/setClientCommand", 0) == 0) {
resultCode = setClientCommand(clientId, data, resp); resultCode = setClientCommand(clientId, data, resp);
} else if (url.rfind("/admin/resetClientStatusList", 0) == 0) { } else {
LOG_WARN("[%s] 400 BAD REQUEST - Request does not contain clientId (%s)", clientIp.c_str(), url.c_str());
}
} else {
if (url.rfind("/admin/resetClientStatusList", 0) == 0) {
resultCode = resetClientStatusList(data, resp); resultCode = resetClientStatusList(data, resp);
} else {
LOG_WARN("[%s] 404 NOT FOUND (%s)", clientIp.c_str(), url.c_str());
}
} }
uv_mutex_unlock(&m_mutex); uv_mutex_unlock(&m_mutex);
@ -227,8 +252,6 @@ unsigned Service::setClientStatus(const Options* options, const std::string& cli
rapidjson::Document document; rapidjson::Document document;
if (!document.Parse(data.c_str()).HasParseError()) { if (!document.Parse(data.c_str()).HasParseError()) {
LOG_INFO("Status from client: %s", clientId.c_str());
ClientStatus clientStatus; ClientStatus clientStatus;
clientStatus.parseFromJson(document); clientStatus.parseFromJson(document);
clientStatus.setExternalIp(clientIp); clientStatus.setExternalIp(clientIp);
@ -245,7 +268,8 @@ unsigned Service::setClientStatus(const Options* options, const std::string& cli
m_clientCommand.erase(clientId); m_clientCommand.erase(clientId);
} }
} else { } else {
LOG_ERR("Parse Error Occured: %d", document.GetParseError()); LOG_ERR("[%s] ClientStatus for client '%s' - Parse Error Occured: %d",
clientIp.c_str(), clientId.c_str(), document.GetParseError());
} }
return resultCode; return resultCode;

2
src/cc/Service.h
View file

@ -42,7 +42,7 @@ public:
static bool start(); static bool start();
static void release(); static void release();
static unsigned handleGET(const Options* options, const std::string& url, const std::string& clientId, std::string& resp); static unsigned handleGET(const Options* options, const std::string& url, const std::string& clientIp, const std::string& clientId, std::string& resp);
static unsigned handlePOST(const Options* options, const std::string& url, const std::string& clientIp, const std::string& clientId, const std::string& data, std::string& resp); static unsigned handlePOST(const Options* options, const std::string& url, const std::string& clientIp, const std::string& clientId, const std::string& data, std::string& resp);
private: private:

2
src/config_cc.json
View file

@ -1,7 +1,7 @@
{ {
"background": false, // true to run the cc-server in the background (no console) "background": false, // true to run the cc-server in the background (no console)
"colors": true, // false to disable colored output "colors": true, // false to disable colored output
"log-file": null, // log all output to a file "log-file": "server.log", // log all output to a file
"syslog": false, // use system log for output messages "syslog": false, // use system log for output messages
"cc-server": { "cc-server": {
"port": 3344, // port the CC Server will listens on "port": 3344, // port the CC Server will listens on

2
src/version.h
View file

@ -36,7 +36,7 @@
#define APP_DESC "XMRigCC CPU miner" #define APP_DESC "XMRigCC CPU miner"
#define APP_COPYRIGHT "Copyright (C) 2017- BenDr0id" #define APP_COPYRIGHT "Copyright (C) 2017- BenDr0id"
#endif #endif
#define APP_VERSION "1.7.0_beta1 (based on XMRig)" #define APP_VERSION "1.7.0 (based on XMRig)"
#define APP_DOMAIN "" #define APP_DOMAIN ""
#define APP_SITE "https://github.com/Bendr0id/xmrigCC" #define APP_SITE "https://github.com/Bendr0id/xmrigCC"
#define APP_KIND "cpu" #define APP_KIND "cpu"