Bump version

.travis.yml

@@ -3,7 +3,6 @@ language: ruby
 rvm:
   - 2.0.0
   - 1.9.3
-  - 1.8.7
 
 gemfile:
   - Gemfile

README.md

@@ -6,11 +6,11 @@ A small, lightweight and extensible DynDNS server written with Ruby and Rack.
 
 ## Description
 
-dyndnsd.rb is aimed to implement a small [DynDNS-compliant](http://dyn.com/support/developers/api/) server in Ruby. It has an integrated user and hostname database in it's configuration file that is used for authentication and authorization. Besides talking the DynDNS protocol it is able to invoke an so-called *updater*, a small Ruby module that takes care of supplying the current host => ip mapping to a DNS server.
+dyndnsd.rb aims to implement a small [DynDNS-compliant](http://dyn.com/support/developers/api/) server in Ruby supporting IPv4 and IPv6 addresses. It has an integrated user and hostname database in it's configuration file that is used for authentication and authorization. Besides talking the DynDNS protocol it is able to invoke an so-called *updater*, a small Ruby module that takes care of supplying the current host => ip mapping to a DNS server.
 
-The is currently one updater shipped with dyndnsd.rb `command_with_bind_zone` that writes out a zone file in BIND syntax onto the current system and invokes a user-supplied command afterwards that is assumed to trigger the DNS server (not necessarily BIND since it's zone files are read by other DNS servers too) to reload it's zone configuration.
+There is currently one updater shipped with dyndnsd.rb `command_with_bind_zone` that writes out a zone file in BIND syntax onto the current system and invokes a user-supplied command afterwards that is assumed to trigger the DNS server (not necessarily BIND since it's zone files are read by other DNS servers too) to reload it's zone configuration.
 
-Because of the mechanisms used dyndnsd.rb is known to work only on *nix systems.
+Because of the mechanisms used dyndnsd.rb is known to work only on \*nix systems.
 
 ## General Usage
 
@@ -112,6 +112,14 @@ where:
 * HOSTNAMES is a required list of comma separated FQDNs (they all have to end with your config.yaml domain) the user wants to update
 * MYIP is optional and the HTTP client's address will be used if missing
 
+### IP address determination
+
+The following rules apply:
+
+* use any IP address provided via the myip parameter when present, or
+* use any IP address provided via the X-Real-IP header e.g. when used behind HTTP reverse proxy such as nginx, or
+* use any IP address used by the connecting HTTP client
+
 ### SSL, multiple listen ports
 
 Use a webserver as a proxy to handle SSL and/or multiple listen addresses and ports. DynDNS.com provides HTTP on port 80 and 8245 and HTTPS on port 443.

dyndnsd.gemspec

@@ -21,7 +21,7 @@ Gem::Specification.new do |s|
   s.executables = ['dyndnsd']
 
   s.add_runtime_dependency 'rack', '~> 1.6'
-  s.add_runtime_dependency 'json'
+  s.add_runtime_dependency 'json', '~> 1.8'
   s.add_runtime_dependency 'metriks'
 
   s.add_development_dependency 'bundler', '~> 1.3'

lib/dyndnsd.rb

@@ -78,19 +78,26 @@ module Dyndnsd
         return @responder.response_for_error(:host_forbidden) if not @users[user]['hosts'].include? hostname
       end
 
-      # no myip?
+      # fallback value, always present
-      if not params["myip"]
+      myip = env["REMOTE_ADDR"]
-        params["myip"] = env["REMOTE_ADDR"]
+
+      # check whether X-Real-IP header has valid IPAddr
+      if env.has_key?("HTTP_X_REAL_IP")
+        begin
+          IPAddr.new(env["HTTP_X_REAL_IP"])
+          myip = env["HTTP_X_REAL_IP"]
+        rescue ArgumentError
+        end
       end
 
-      # malformed myip?
+      # check whether myip parameter has valid IPAddr
+      if params.has_key?("myip")
         begin
           IPAddr.new(params["myip"])
-      rescue ArgumentError
-        params["myip"] = env["REMOTE_ADDR"]
-      end
-      
           myip = params["myip"]
+        rescue ArgumentError
+        end
+      end
 
       Metriks.meter('requests.valid').mark
       Dyndnsd.logger.info "Request to update #{hostnames} to #{myip} for user #{user}"

lib/dyndnsd/version.rb

@@ -1,4 +1,4 @@
 
 module Dyndnsd
-  VERSION = "1.4.0"
+  VERSION = "1.5.0"
 end

spec/daemon_spec.rb

@@ -28,115 +28,150 @@ describe Dyndnsd::Daemon do
 
   it 'requires authentication' do
     get '/'
-    last_response.status.should == 401
+    expect(last_response.status).to eq(401)
 
     pending 'Need to find a way to add custom body on 401 responses'
-    last_response.should be_ok 'badauth'
+    expect(last_response).not_to be_ok
+    expect(last_response.body).to eq('badauth')
   end
 
   it 'only supports GET requests' do
     authorize 'test', 'secret'
     post '/nic/update'
-    last_response.status.should == 405
+    expect(last_response.status).to eq(405)
   end
 
   it 'provides only the /nic/update URL' do
     authorize 'test', 'secret'
     get '/other/url'
-    last_response.status.should == 404
+    expect(last_response.status).to eq(404)
   end
 
   it 'requires the hostname query parameter' do
     authorize 'test', 'secret'
     get '/nic/update'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == 'notfqdn'
+    expect(last_response.body).to eq('notfqdn')
   end
 
   it 'supports multiple hostnames in request' do
     authorize 'test', 'secret'
+
     get '/nic/update?hostname=foo.example.org,bar.example.org&myip=1.2.3.4'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == "good 1.2.3.4\ngood 1.2.3.4"
+    expect(last_response.body).to eq("good 1.2.3.4\ngood 1.2.3.4")
+
+    get '/nic/update?hostname=foo.example.org,bar.example.org&myip=2001:db8::1'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq("good 2001:db8::1\ngood 2001:db8::1")
   end
 
   it 'rejects request if one hostname is invalid' do
     authorize 'test', 'secret'
 
     get '/nic/update?hostname=test'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == 'notfqdn'
+    expect(last_response.body).to eq('notfqdn')
 
     get '/nic/update?hostname=test.example.com'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == 'notfqdn'
+    expect(last_response.body).to eq('notfqdn')
 
     get '/nic/update?hostname=test.example.org.me'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == 'notfqdn'
+    expect(last_response.body).to eq('notfqdn')
 
     get '/nic/update?hostname=foo.test.example.org'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == 'notfqdn'
+    expect(last_response.body).to eq('notfqdn')
 
     get '/nic/update?hostname=in%20valid.example.org'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == 'notfqdn'
+    expect(last_response.body).to eq('notfqdn')
 
     get '/nic/update?hostname=valid.example.org,in.valid.example.org'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == 'notfqdn'
+    expect(last_response.body).to eq('notfqdn')
   end
 
   it 'rejects request if user does not own one hostname' do
     authorize 'test', 'secret'
     get '/nic/update?hostname=notmyhost.example.org'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == 'nohost'
+    expect(last_response.body).to eq('nohost')
 
     get '/nic/update?hostname=foo.example.org,notmyhost.example.org'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == 'nohost'
+    expect(last_response.body).to eq('nohost')
   end
 
-  it 'updates a host on IPv4 change' do
+  it 'updates a host on IP change' do
     authorize 'test', 'secret'
 
     get '/nic/update?hostname=foo.example.org&myip=1.2.3.4'
-    last_response.should be_ok
+    expect(last_response).to be_ok
 
     get '/nic/update?hostname=foo.example.org&myip=1.2.3.40'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == 'good 1.2.3.40'
+    expect(last_response.body).to eq('good 1.2.3.40')
+
+    get '/nic/update?hostname=foo.example.org&myip=2001:db8::1'
+    expect(last_response).to be_ok
+
+    get '/nic/update?hostname=foo.example.org&myip=2001:db8::10'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('good 2001:db8::10')
   end
 
-  it 'returns IPv4 no change' do
+  it 'returns IP no change' do
     authorize 'test', 'secret'
 
     get '/nic/update?hostname=foo.example.org&myip=1.2.3.4'
-    last_response.should be_ok
+    expect(last_response).to be_ok
 
     get '/nic/update?hostname=foo.example.org&myip=1.2.3.4'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == 'nochg 1.2.3.4'
+    expect(last_response.body).to eq('nochg 1.2.3.4')
+
+    get '/nic/update?hostname=foo.example.org&myip=2001:db8::1'
+    expect(last_response).to be_ok
+
+    get '/nic/update?hostname=foo.example.org&myip=2001:db8::1'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('nochg 2001:db8::1')
   end
 
-  it 'outputs IPv4 status per hostname' do
+  it 'outputs IP status per hostname' do
     authorize 'test', 'secret'
 
     get '/nic/update?hostname=foo.example.org&myip=1.2.3.4'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == 'good 1.2.3.4'
+    expect(last_response.body).to eq('good 1.2.3.4')
 
     get '/nic/update?hostname=foo.example.org,bar.example.org&myip=1.2.3.4'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == "nochg 1.2.3.4\ngood 1.2.3.4"
+    expect(last_response.body).to eq("nochg 1.2.3.4\ngood 1.2.3.4")
+
+    get '/nic/update?hostname=foo.example.org&myip=2001:db8::1'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('good 2001:db8::1')
+
+    get '/nic/update?hostname=foo.example.org,bar.example.org&myip=2001:db8::1'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq("nochg 2001:db8::1\ngood 2001:db8::1")
   end
 
-  it 'uses clients remote IPv4 address if myip not specified' do
+  it 'uses clients remote IP address if myip not specified' do
     authorize 'test', 'secret'
     get '/nic/update?hostname=foo.example.org'
-    last_response.should be_ok
+    expect(last_response).to be_ok
-    last_response.body.should == 'good 127.0.0.1'
+    expect(last_response.body).to eq('good 127.0.0.1')
+  end
+
+  it 'uses clients remote IP address from X-Real-IP header if behind proxy' do
+    authorize 'test', 'secret'
+    get '/nic/update?hostname=foo.example.org', '', 'HTTP_X_REAL_IP' => '10.0.0.1'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('good 10.0.0.1')
   end
 end