release: 3.12.0

dyndnsd: add tests for regular expressions
project: update changelog
2025-12-14 13:48:10 +01:00 · 2025-12-04 01:05:11 +01:00 · 2025-12-04 01:03:16 +01:00 · 2025-12-04 00:28:32 +01:00 · 2025-12-04 00:26:34 +01:00
5 changed files with 78 additions and 4 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Changelog

+## 3.12.0 (December 4th, 2025)
+
+IMPROVEMENTS:
+
+- regex instead of hosts list can be used for hostname ownership
+
 ## 3.11.0 (October 2nd, 2025)

 IMPROVEMENTS:
--- a/README.md
+++ b/README.md
@@ -307,6 +307,37 @@ users:
 ```


+### Matching with a regular expression
+
+Instead of relying on `hosts`, you can use `regex` to employ a regular expression, which is very useful for avoiding having to repeatedly edit the configuration file to register a new host name.
+
+```yaml
+host: "0.0.0.0"
+port: 5354
+username: "dyndnsd"
+group: "dyndnsd"
+db: "/dyndnsd/db.json"
+debug: false
+domain: "dyn.dc-air.home.arpa"
+updater:
+  name: "command_with_bind_zone"
+  params:
+    zone_file: "/nsd/zones/static/dyn.dc-air.home.arpa.zone"
+    command: "doas service nsd reload"
+    ttl: "5m"
+    dns: "ns.dc-air.home.arpa."
+    email_addr: "admin.example.org"
+users:
+  myuser:
+    password: "superhypermegas3kurepassword1234"
+    regex: '^[a-z][0-9]\.dyn\.dc\-air\.home\.arpa$'
+```
+
+However, when using `regex`, `hosts` is simply ignored if defined, so you must choose one or the other. Recommendation: use `regex` for scripts or programs and `hosts` for regular users.
+
+**Note**: Please note that when dyndnsd evaluates the regular expression, the `Regexp::EXTENDED` and `Regexp::IGNORECASE` options are used.
+
+
 ## License

 dyndnsd.rb is licensed under the Apache License, Version 2.0. See LICENSE for more information.
--- a/lib/dyndnsd.rb
+++ b/lib/dyndnsd.rb
@@ -218,9 +218,22 @@ module Dyndnsd
      # we can trust this information since user was authorized by middleware
      user = env['REMOTE_USER']

-      # check for hostnames that the user does not own
-      forbidden_hostnames = hostnames - @users[user].fetch('hosts', [])
-      return [422, {'X-DynDNS-Response' => 'host_forbidden'}, []] if forbidden_hostnames.any?
+      if @users[user].key?('regex')
+        pattern = @users[user].fetch('regex')
+        begin
+          regex = Regexp.new(pattern, Regexp::IGNORECASE | Regexp::EXTENDED)
+        rescue RegexpError => e
+          Dyndnsd.logger.warn "Invalid regex pattern '#{pattern}': #{e.message}"
+          return [422, {'X-DynDNS-Response' => 'host_forbidden'}, []]
+        end
+        # check for hostnames that match the regex
+        matches = hostnames.any? { |str| regex.match?(str) }
+        return [422, {'X-DynDNS-Response' => 'host_forbidden'}, []] if !matches
+      else
+        # check for hostnames that the user does not own
+        forbidden_hostnames = hostnames - @users[user].fetch('hosts', [])
+        return [422, {'X-DynDNS-Response' => 'host_forbidden'}, []] if forbidden_hostnames.any?
+      end

      if params['offline'] == 'YES'
        myips = []
--- a/lib/dyndnsd/version.rb
+++ b/lib/dyndnsd/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true

 module Dyndnsd
-  VERSION = '3.11.0'
+  VERSION = '3.12.0'
 end
--- a/spec/dyndnsd/daemon_spec.rb
+++ b/spec/dyndnsd/daemon_spec.rb
@@ -18,6 +18,10 @@ describe Dyndnsd::Daemon do
        },
        'test2' => {
          'password' => 'ihavenohosts'
+        },
+        'test3' => {
+          'password' => 'superhypermegas3kurepassword1234',
+          'regex' => '^[a-z0-9]+-test3\.example\.org$'
        }
      }
    }
@@ -74,6 +78,22 @@ describe Dyndnsd::Daemon do
    expect(last_response.body).to eq("good 2001:db8::1\ngood 2001:db8::1")
  end

+  it 'supports regex matches for hostnames' do
+    authorize 'test3', 'superhypermegas3kurepassword1234'
+
+    get '/nic/update?hostname=abc123-test3.example.org&myip=1.2.3.4'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('good 1.2.3.4')
+
+    get '/nic/update?hostname=foo-test3.example.org,bar-test3.example.org&myip=2001:db8::1'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq("good 2001:db8::1\ngood 2001:db8::1")
+
+    get '/nic/update?hostname=abc123.example.org'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('nohost')
+  end
+
  it 'rejects request if one hostname is invalid' do
    authorize 'test', 'secret'

@@ -120,6 +140,10 @@ describe Dyndnsd::Daemon do
    get '/nic/update?hostname=foo.example.org,notmyhost.example.org'
    expect(last_response).to be_ok
    expect(last_response.body).to eq('nohost')
+
+    get '/nic/update?hostname=abc123-test3.example.org'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('nohost')
  end

  it 'updates a host on IP change' do
Author	SHA1	Message	Date
cn	627b1c4dc5	release: 3.12.0	2025-12-04 01:05:11 +01:00
cn	da79ef902d	dyndnsd: add tests for regular expressions	2025-12-04 01:03:16 +01:00
cn	8589cf801f	project: update changelog	2025-12-04 00:28:32 +01:00
Jesús Daniel Colmenares Oviedo	c743c778bc	dyndnsd: add support for regular expressions	2025-12-04 00:26:34 +01:00