From 39c11920c9d546f2c7a1280657d221ae81ce25bd Mon Sep 17 00:00:00 2001
From: CliffordST <cliffordstone@gmx.ch>
Date: Thu, 3 Jul 2014 14:42:35 +0400
Subject: [PATCH 1/3] Proper address checking for all CryptoNote currencies

Added new setting config.poolServer.addressBase58Prefix. Should be
the same as CRYPTONOTE_PUBLIC_ADDRESS_BASE58_PREFIX in
src/cryptonote_config.h currency config.
---
 config_example.json | 1 +
 lib/pool.js         | 2 +-
 lib/utils.js        | 7 +------
 3 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/config_example.json b/config_example.json
index ae0ae5917..4aba1f53a 100644
--- a/config_example.json
+++ b/config_example.json
@@ -18,6 +18,7 @@
         "enabled": true,
         "clusterForks": "auto",
         "poolAddress": "48Y4SoUJM5L3YXBEfNQ8bFNsvTNsqcH5Rgq8RF7BwpgvTBj2xr7CmWVanaw7L4U9MnZ4AG7U6Pn1pBhfQhFyFZ1rL1efL8z",
+        "addressBase58Prefix": 18,
         "blockRefreshInterval": 1000,
         "minerTimeout": 900,
         "ports": [
diff --git a/lib/pool.js b/lib/pool.js
index bba0454d7..2c2f50f3d 100644
--- a/lib/pool.js
+++ b/lib/pool.js
@@ -440,7 +440,7 @@ function handleMinerMethod(method, params, ip, portData, sendReply, pushMessage)
                 sendReply('missing login');
                 return;
             }
-            if (!utils.isValidAddress(params.login, config.poolServer.poolAddress[0])){
+            if (!utils.isValidAddress(params.login, config.poolServer.addressBase58Prefix)){
                 sendReply('invalid address used for login');
                 return;
             }
diff --git a/lib/utils.js b/lib/utils.js
index bcbdb0cae..d48b408ed 100644
--- a/lib/utils.js
+++ b/lib/utils.js
@@ -48,15 +48,10 @@ exports.varIntEncode = function(n){
 };
 
 exports.isValidAddress = function(addr, prefix){
-
-    if (addr.length !== 95) return false;
-    if (addr[0] !== prefix) return false;
     try{
-        var decoded = cnUtil.address_decode(new Buffer(addr));
-        return decoded.length > 0;
+        return cnUtil.check_address(new Buffer(addr), prefix);
     }
     catch(e){
         return false;
     }
-
 };

From 5f50ff2a7dc64f69a253c85fd7f18ffcd2317063 Mon Sep 17 00:00:00 2001
From: CliffordST <cliffordstone@gmx.ch>
Date: Thu, 3 Jul 2014 23:55:39 +0400
Subject: [PATCH 2/3] Miner address validation based on pool address

---
 config_example.json | 1 -
 lib/pool.js         | 4 +++-
 lib/utils.js        | 9 ---------
 3 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/config_example.json b/config_example.json
index 4aba1f53a..ae0ae5917 100644
--- a/config_example.json
+++ b/config_example.json
@@ -18,7 +18,6 @@
         "enabled": true,
         "clusterForks": "auto",
         "poolAddress": "48Y4SoUJM5L3YXBEfNQ8bFNsvTNsqcH5Rgq8RF7BwpgvTBj2xr7CmWVanaw7L4U9MnZ4AG7U6Pn1pBhfQhFyFZ1rL1efL8z",
-        "addressBase58Prefix": 18,
         "blockRefreshInterval": 1000,
         "minerTimeout": 900,
         "ports": [
diff --git a/lib/pool.js b/lib/pool.js
index 2c2f50f3d..505369afb 100644
--- a/lib/pool.js
+++ b/lib/pool.js
@@ -44,6 +44,8 @@ var shareTrustMinFloat = shareTrustEnabled ? config.poolServer.shareTrust.min /
 
 var banningEnabled = config.poolServer.banning && config.poolServer.banning.enabled;
 
+var addressBase58Prefix = cnUtil.address_decode(config.poolServer.poolAddress);
+
 
 setInterval(function(){
     var now = Date.now() / 1000 | 0;
@@ -440,7 +442,7 @@ function handleMinerMethod(method, params, ip, portData, sendReply, pushMessage)
                 sendReply('missing login');
                 return;
             }
-            if (!utils.isValidAddress(params.login, config.poolServer.addressBase58Prefix)){
+            if (addressBase58Prefix !== cnUtil.address_decode(params.login)){
                 sendReply('invalid address used for login');
                 return;
             }
diff --git a/lib/utils.js b/lib/utils.js
index d48b408ed..f793fd1fc 100644
--- a/lib/utils.js
+++ b/lib/utils.js
@@ -46,12 +46,3 @@ exports.ringBuffer = function(maxSize){
 exports.varIntEncode = function(n){
 
 };
-
-exports.isValidAddress = function(addr, prefix){
-    try{
-        return cnUtil.check_address(new Buffer(addr), prefix);
-    }
-    catch(e){
-        return false;
-    }
-};

From 7b46a0249790142ea5f331d670827b3283d40e41 Mon Sep 17 00:00:00 2001
From: CliffordST <cliffordstone@gmx.ch>
Date: Mon, 7 Jul 2014 18:41:26 +0400
Subject: [PATCH 3/3] Fix error with calling cnUtil.address_decode()

---
 lib/pool.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/pool.js b/lib/pool.js
index 505369afb..93366d280 100644
--- a/lib/pool.js
+++ b/lib/pool.js
@@ -44,7 +44,7 @@ var shareTrustMinFloat = shareTrustEnabled ? config.poolServer.shareTrust.min /
 
 var banningEnabled = config.poolServer.banning && config.poolServer.banning.enabled;
 
-var addressBase58Prefix = cnUtil.address_decode(config.poolServer.poolAddress);
+var addressBase58Prefix = cnUtil.address_decode(new Buffer(config.poolServer.poolAddress));
 
 
 setInterval(function(){
@@ -442,7 +442,7 @@ function handleMinerMethod(method, params, ip, portData, sendReply, pushMessage)
                 sendReply('missing login');
                 return;
             }
-            if (addressBase58Prefix !== cnUtil.address_decode(params.login)){
+            if (addressBase58Prefix !== cnUtil.address_decode(new Buffer(params.login))) {
                 sendReply('invalid address used for login');
                 return;
             }