dyndnsd/lib/dyndnsd.rb

#!/usr/bin/env ruby

require 'etc'
require 'logger'
require 'ipaddr'
require 'json'
require 'yaml'
require 'rack'
require 'metriks'
require 'metriks/reporter/graphite'

require 'dyndnsd/generator/bind'
require 'dyndnsd/updater/command_with_bind_zone'
require 'dyndnsd/responder/dyndns_style'
require 'dyndnsd/responder/rest_style'
require 'dyndnsd/database'
require 'dyndnsd/version'

module Dyndnsd
  def self.logger
    @logger
  end

  def self.logger=(logger)
    @logger = logger
  end

  class LogFormatter
    def call(lvl, time, progname, msg)
      "[%s] %-5s %s\n" % [Time.now.strftime('%Y-%m-%d %H:%M:%S'), lvl, msg.to_s]
    end
  end

  class Daemon
    def initialize(config, db, updater, responder)
      @users = config['users']
      @domain = config['domain']
      @db = db
      @updater = updater
      @responder = responder

      @db.load
      @db['serial'] ||= 1
      @db['hosts'] ||= {}
      (@db.save; update) if @db.changed?
    end

    def update
      @updater.update(@db)
    end

    def is_fqdn_valid?(hostname)
      return false if hostname.length < @domain.length + 2
      return false if not hostname.end_with?(@domain)
      name = hostname.chomp(@domain)
      return false if not name.match(/^[a-zA-Z0-9_-]+\.$/)
      true
    end

    def call(env)
      return @responder.response_for_error(:method_forbidden) if env["REQUEST_METHOD"] != "GET"
      return @responder.response_for_error(:not_found) if env["PATH_INFO"] != "/nic/update"

      params = Rack::Utils.parse_query(env["QUERY_STRING"])

      return @responder.response_for_error(:hostname_missing) if not params["hostname"]

      hostnames = params["hostname"].split(',')

      # Check if hostname match rules
      hostnames.each do |hostname|
        return @responder.response_for_error(:hostname_malformed) if not is_fqdn_valid?(hostname)
      end

      user = env["REMOTE_USER"]

      hostnames.each do |hostname|
        return @responder.response_for_error(:host_forbidden) if not @users[user]['hosts'].include? hostname
      end

      myip = nil

      if params.has_key?("myip6")
        # require presence of myip parameter as valid IPAddr (v4) and valid myip6
        return @responder.response_for_error(:host_forbidden) if not params["myip"]
        begin
          IPAddr.new(params["myip"], Socket::AF_INET)
          IPAddr.new(params["myip6"], Socket::AF_INET6)
          
          # myip will be an array
          myip = [params["myip"], params["myip6"]]
        rescue ArgumentError
          return @responder.response_for_error(:host_forbidden)
        end
      else
        # fallback value, always present
        myip = env["REMOTE_ADDR"]

        # check whether X-Real-IP header has valid IPAddr
        if env.has_key?("HTTP_X_REAL_IP")
          begin
            IPAddr.new(env["HTTP_X_REAL_IP"])
            myip = env["HTTP_X_REAL_IP"]
          rescue ArgumentError
          end
        end

        # check whether myip parameter has valid IPAddr
        if params.has_key?("myip")
          begin
            IPAddr.new(params["myip"])
            myip = params["myip"]
          rescue ArgumentError
          end
        end
      end

      Metriks.meter('requests.valid').mark
      Dyndnsd.logger.info "Request to update #{hostnames} to #{myip} for user #{user}"

      changes = []
      hostnames.each do |hostname|
        if (not @db['hosts'].include? hostname) or (@db['hosts'][hostname] != myip)
          changes << :good
          @db['hosts'][hostname] = myip
          Metriks.meter('requests.good').mark
        else
          changes << :nochg
          Metriks.meter('requests.nochg').mark
        end
      end

      if @db.changed?
        @db['serial'] += 1
        Dyndnsd.logger.info "Committing update ##{@db['serial']}"
        @db.save
        update
        Metriks.meter('updates.committed').mark
      end

      @responder.response_for_changes(changes, myip)
    end

    def self.run!
      if ARGV.length != 1
        puts "Usage: dyndnsd config_file"
        exit 1
      end

      config_file = ARGV[0]

      if not File.file?(config_file)
        puts "Config file not found!"
        exit 1
      end

      puts "DynDNSd version #{Dyndnsd::VERSION}"
      puts "Using config file #{config_file}"

      config = YAML::load(File.open(config_file, 'r') { |f| f.read })

      if config['logfile']
        Dyndnsd.logger = Logger.new(config['logfile'])
      else
        Dyndnsd.logger = Logger.new(STDOUT)
      end

      Dyndnsd.logger.progname = "dyndnsd"
      Dyndnsd.logger.formatter = LogFormatter.new

      Dyndnsd.logger.info "Starting..."

      # drop privs (first change group than user)
      Process::Sys.setgid(Etc.getgrnam(config['group']).gid) if config['group']
      Process::Sys.setuid(Etc.getpwnam(config['user']).uid) if config['user']

      # configure metriks
      if config['graphite']
        host = config['graphite']['host'] || 'localhost'
        port = config['graphite']['port'] || 2003
        options = {}
        options[:prefix] = config['graphite']['prefix'] if config['graphite']['prefix']
        reporter = Metriks::Reporter::Graphite.new(host, port, options)
        reporter.start
      else
        reporter = Metriks::Reporter::ProcTitle.new
        reporter.add 'good', 'sec' do
          Metriks.meter('requests.good').mean_rate
        end
        reporter.add 'nochg', 'sec' do
          Metriks.meter('requests.nochg').mean_rate
        end
        reporter.start
      end

      # configure daemon
      db = Database.new(config['db'])
      updater = Updater::CommandWithBindZone.new(config['domain'], config['updater']['params']) if config['updater']['name'] == 'command_with_bind_zone'
      responder = Responder::DynDNSStyle.new

      # configure rack
      app = Daemon.new(config, db, updater, responder)
      app = Rack::Auth::Basic.new(app, "DynDNS") do |user,pass|
        allow = ((config['users'].has_key? user) and (config['users'][user]['password'] == pass))
        if not allow
          Dyndnsd.logger.warn "Login failed for #{user}"
          Metriks.meter('requests.auth_failed').mark
        end
        allow
      end

      Signal.trap('INT') do
        Dyndnsd.logger.info "Quitting..."
        Rack::Handler::WEBrick.shutdown
      end
      Signal.trap('TERM') do
        Dyndnsd.logger.info "Quitting..."
        Rack::Handler::WEBrick.shutdown
      end

      Rack::Handler::WEBrick.run app, :Host => config['host'], :Port => config['port']
    end
  end
end
Fiat lux 2013-04-27 14:07:14 +02:00			`#!/usr/bin/env ruby`

Support dropping priviliges 2013-04-30 23:19:08 +02:00			`require 'etc'`
Fiat lux 2013-04-27 14:07:14 +02:00			`require 'logger'`
			`require 'ipaddr'`
			`require 'json'`
			`require 'yaml'`
			`require 'rack'`
Use metriks with ProcTitle for some initial metrics 2013-04-28 16:29:36 +02:00			`require 'metriks'`
Fix bug with uninitialized constant since an extra require is required 2013-06-05 20:18:17 +02:00			`require 'metriks/reporter/graphite'`
Fiat lux 2013-04-27 14:07:14 +02:00
			`require 'dyndnsd/generator/bind'`
			`require 'dyndnsd/updater/command_with_bind_zone'`
Add DynDNS.com compatible responder 2013-04-27 14:30:41 +02:00			`require 'dyndnsd/responder/dyndns_style'`
Fiat lux 2013-04-27 14:07:14 +02:00			`require 'dyndnsd/responder/rest_style'`
			`require 'dyndnsd/database'`
			`require 'dyndnsd/version'`

			`module Dyndnsd`
			`def self.logger`
			`@logger`
			`end`

			`def self.logger=(logger)`
			`@logger = logger`
			`end`

			`class LogFormatter`
			`def call(lvl, time, progname, msg)`
Fix log format 2013-04-27 23:27:55 +02:00			`"[%s] %-5s %s\n" % [Time.now.strftime('%Y-%m-%d %H:%M:%S'), lvl, msg.to_s]`
Fiat lux 2013-04-27 14:07:14 +02:00			`end`
			`end`

			`class Daemon`
			`def initialize(config, db, updater, responder)`
			`@users = config['users']`
Check for hostname validity 2013-04-27 14:59:25 +02:00			`@domain = config['domain']`
Fiat lux 2013-04-27 14:07:14 +02:00			`@db = db`
			`@updater = updater`
			`@responder = responder`

			`@db.load`
			`@db['serial'] \|\|= 1`
			`@db['hosts'] \|\|= {}`
			`(@db.save; update) if @db.changed?`
			`end`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Fiat lux 2013-04-27 14:07:14 +02:00			`def update`
			`@updater.update(@db)`
			`end`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Check for hostname validity 2013-04-27 14:59:25 +02:00			`def is_fqdn_valid?(hostname)`
			`return false if hostname.length < @domain.length + 2`
			`return false if not hostname.end_with?(@domain)`
			`name = hostname.chomp(@domain)`
			`return false if not name.match(/^[a-zA-Z0-9_-]+\.$/)`
			`true`
			`end`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Fiat lux 2013-04-27 14:07:14 +02:00			`def call(env)`
Support changing multiple hostname at once 2013-04-27 15:42:29 +02:00			`return @responder.response_for_error(:method_forbidden) if env["REQUEST_METHOD"] != "GET"`
			`return @responder.response_for_error(:not_found) if env["PATH_INFO"] != "/nic/update"`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Fiat lux 2013-04-27 14:07:14 +02:00			`params = Rack::Utils.parse_query(env["QUERY_STRING"])`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Support changing multiple hostname at once 2013-04-27 15:42:29 +02:00			`return @responder.response_for_error(:hostname_missing) if not params["hostname"]`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Support changing multiple hostname at once 2013-04-27 15:42:29 +02:00			`hostnames = params["hostname"].split(',')`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Check for hostname validity 2013-04-27 14:59:25 +02:00			`# Check if hostname match rules`
Support changing multiple hostname at once 2013-04-27 15:42:29 +02:00			`hostnames.each do \|hostname\|`
			`return @responder.response_for_error(:hostname_malformed) if not is_fqdn_valid?(hostname)`
			`end`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Fiat lux 2013-04-27 14:07:14 +02:00			`user = env["REMOTE_USER"]`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Support changing multiple hostname at once 2013-04-27 15:42:29 +02:00			`hostnames.each do \|hostname\|`
			`return @responder.response_for_error(:host_forbidden) if not @users[user]['hosts'].include? hostname`
			`end`
Use metriks with ProcTitle for some initial metrics 2013-04-28 16:29:36 +02:00
Add "myip6" URL parameter to provide an IPv6 address in addition to an IPv4 one as "myip" 2016-12-07 14:16:57 +01:00			`myip = nil`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Add "myip6" URL parameter to provide an IPv6 address in addition to an IPv4 one as "myip" 2016-12-07 14:16:57 +01:00			`if params.has_key?("myip6")`
			`# require presence of myip parameter as valid IPAddr (v4) and valid myip6`
			`return @responder.response_for_error(:host_forbidden) if not params["myip"]`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00			`begin`
Add "myip6" URL parameter to provide an IPv6 address in addition to an IPv4 one as "myip" 2016-12-07 14:16:57 +01:00			`IPAddr.new(params["myip"], Socket::AF_INET)`
			`IPAddr.new(params["myip6"], Socket::AF_INET6)`

			`# myip will be an array`
			`myip = [params["myip"], params["myip6"]]`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00			`rescue ArgumentError`
Add "myip6" URL parameter to provide an IPv6 address in addition to an IPv4 one as "myip" 2016-12-07 14:16:57 +01:00			`return @responder.response_for_error(:host_forbidden)`
			`end`
			`else`
			`# fallback value, always present`
			`myip = env["REMOTE_ADDR"]`

			`# check whether X-Real-IP header has valid IPAddr`
			`if env.has_key?("HTTP_X_REAL_IP")`
			`begin`
			`IPAddr.new(env["HTTP_X_REAL_IP"])`
			`myip = env["HTTP_X_REAL_IP"]`
			`rescue ArgumentError`
			`end`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00			`end`

Add "myip6" URL parameter to provide an IPv6 address in addition to an IPv4 one as "myip" 2016-12-07 14:16:57 +01:00			`# check whether myip parameter has valid IPAddr`
			`if params.has_key?("myip")`
			`begin`
			`IPAddr.new(params["myip"])`
			`myip = params["myip"]`
			`rescue ArgumentError`
			`end`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00			`end`
Fiat lux 2013-04-27 14:07:14 +02:00			`end`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Use metriks with ProcTitle for some initial metrics 2013-04-28 16:29:36 +02:00			`Metriks.meter('requests.valid').mark`
Log more and add logfile config option 2013-04-27 22:02:54 +02:00			`Dyndnsd.logger.info "Request to update #{hostnames} to #{myip} for user #{user}"`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Support changing multiple hostname at once 2013-04-27 15:42:29 +02:00			`changes = []`
			`hostnames.each do \|hostname\|`
			`if (not @db['hosts'].include? hostname) or (@db['hosts'][hostname] != myip)`
			`changes << :good`
			`@db['hosts'][hostname] = myip`
Use metriks with ProcTitle for some initial metrics 2013-04-28 16:29:36 +02:00			`Metriks.meter('requests.good').mark`
Support changing multiple hostname at once 2013-04-27 15:42:29 +02:00			`else`
			`changes << :nochg`
Use metriks with ProcTitle for some initial metrics 2013-04-28 16:29:36 +02:00			`Metriks.meter('requests.nochg').mark`
Support changing multiple hostname at once 2013-04-27 15:42:29 +02:00			`end`
			`end`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Fiat lux 2013-04-27 14:07:14 +02:00			`if @db.changed?`
			`@db['serial'] += 1`
Log more and add logfile config option 2013-04-27 22:02:54 +02:00			`Dyndnsd.logger.info "Committing update ##{@db['serial']}"`
Fiat lux 2013-04-27 14:07:14 +02:00			`@db.save`
			`update`
Use metriks with ProcTitle for some initial metrics 2013-04-28 16:29:36 +02:00			`Metriks.meter('updates.committed').mark`
Fiat lux 2013-04-27 14:07:14 +02:00			`end`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Support changing multiple hostname at once 2013-04-27 15:42:29 +02:00			`@responder.response_for_changes(changes, myip)`
Fiat lux 2013-04-27 14:07:14 +02:00			`end`

			`def self.run!`
			`if ARGV.length != 1`
			`puts "Usage: dyndnsd config_file"`
			`exit 1`
			`end`

			`config_file = ARGV[0]`

			`if not File.file?(config_file)`
Log more and add logfile config option 2013-04-27 22:02:54 +02:00			`puts "Config file not found!"`
Fiat lux 2013-04-27 14:07:14 +02:00			`exit 1`
			`end`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Log more and add logfile config option 2013-04-27 22:02:54 +02:00			`puts "DynDNSd version #{Dyndnsd::VERSION}"`
			`puts "Using config file #{config_file}"`
Fiat lux 2013-04-27 14:07:14 +02:00
			`config = YAML::load(File.open(config_file, 'r') { \|f\| f.read })`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Log more and add logfile config option 2013-04-27 22:02:54 +02:00			`if config['logfile']`
			`Dyndnsd.logger = Logger.new(config['logfile'])`
			`else`
			`Dyndnsd.logger = Logger.new(STDOUT)`
			`end`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Log more and add logfile config option 2013-04-27 22:02:54 +02:00			`Dyndnsd.logger.progname = "dyndnsd"`
			`Dyndnsd.logger.formatter = LogFormatter.new`

			`Dyndnsd.logger.info "Starting..."`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Support dropping priviliges 2013-04-30 23:19:08 +02:00			`# drop privs (first change group than user)`
			`Process::Sys.setgid(Etc.getgrnam(config['group']).gid) if config['group']`
			`Process::Sys.setuid(Etc.getpwnam(config['user']).uid) if config['user']`
Fiat lux 2013-04-27 14:07:14 +02:00
Use metriks with ProcTitle for some initial metrics 2013-04-28 16:29:36 +02:00			`# configure metriks`
Support graphite metriks reporter 2013-05-29 21:03:25 +02:00			`if config['graphite']`
			`host = config['graphite']['host'] \|\| 'localhost'`
			`port = config['graphite']['port'] \|\| 2003`
			`options = {}`
			`options[:prefix] = config['graphite']['prefix'] if config['graphite']['prefix']`
			`reporter = Metriks::Reporter::Graphite.new(host, port, options)`
			`reporter.start`
			`else`
			`reporter = Metriks::Reporter::ProcTitle.new`
			`reporter.add 'good', 'sec' do`
			`Metriks.meter('requests.good').mean_rate`
			`end`
			`reporter.add 'nochg', 'sec' do`
			`Metriks.meter('requests.nochg').mean_rate`
			`end`
			`reporter.start`
Use metriks with ProcTitle for some initial metrics 2013-04-28 16:29:36 +02:00			`end`

			`# configure daemon`
Prettify config 2013-04-27 14:12:04 +02:00			`db = Database.new(config['db'])`
Use domain for $origin 2013-04-27 15:08:36 +02:00			`updater = Updater::CommandWithBindZone.new(config['domain'], config['updater']['params']) if config['updater']['name'] == 'command_with_bind_zone'`
Add DynDNS.com compatible responder 2013-04-27 14:30:41 +02:00			`responder = Responder::DynDNSStyle.new`
Allow dyndnsd to use address from X-Real-IP 2016-11-30 21:59:12 +01:00
Use metriks with ProcTitle for some initial metrics 2013-04-28 16:29:36 +02:00			`# configure rack`
Fiat lux 2013-04-27 14:07:14 +02:00			`app = Daemon.new(config, db, updater, responder)`
			`app = Rack::Auth::Basic.new(app, "DynDNS") do \|user,pass\|`
auth: fix broken password check Guessing an existing user's name was enough to successfully authenticate. 2017-10-20 18:20:38 +02:00			`allow = ((config['users'].has_key? user) and (config['users'][user]['password'] == pass))`
Use metriks with ProcTitle for some initial metrics 2013-04-28 16:29:36 +02:00			`if not allow`
			`Dyndnsd.logger.warn "Login failed for #{user}"`
			`Metriks.meter('requests.auth_failed').mark`
			`end`
Log more and add logfile config option 2013-04-27 22:02:54 +02:00			`allow`
Fiat lux 2013-04-27 14:07:14 +02:00			`end`

			`Signal.trap('INT') do`
Log more and add logfile config option 2013-04-27 22:02:54 +02:00			`Dyndnsd.logger.info "Quitting..."`
Fiat lux 2013-04-27 14:07:14 +02:00			`Rack::Handler::WEBrick.shutdown`
			`end`
Stop on SIGTERM 2013-10-08 13:25:35 +02:00			`Signal.trap('TERM') do`
			`Dyndnsd.logger.info "Quitting..."`
			`Rack::Handler::WEBrick.shutdown`
			`end`
Fiat lux 2013-04-27 14:07:14 +02:00
			`Rack::Handler::WEBrick.run app, :Host => config['host'], :Port => config['port']`
			`end`
			`end`
			`end`