Initial check-in: This is currently working but needs improvements.

[toast/tdyndns.git] / cgi-bin / dyndns.py

#!/usr/bin/python2.7
"""Dynamic DNS script. Expects URLs from routers in the form
https://info.colgarra.priv.at/dyndns/dyndns.py?username=<username>&password=<pass>&hostname=<domain>&myip=<ipaddr>
"""

import re
import cgi
import pwd
from subprocess import call
import ipaddr


# Configuration
PASSWORD = 'hygCithOrs5'


# Just for debugging:
# import cgitb
# cgitb.enable()


fields = cgi.FieldStorage()

username = fields.getvalue('username')
password = fields.getvalue('password')
hostname = fields.getvalue('hostname')
myip     = fields.getvalue('myip')

# Strip zone
hostname = re.sub('\.dyn\.colgarra\.priv\.at\s*$', '', hostname)

try:
        # check username
        user_info = pwd.getpwnam(username) # returns a key error if the user does not exist
        if user_info.pw_uid < 1000:
                raise RuntimeError('Invalid user name')

        # check password
        if password != PASSWORD:
                raise RuntimeError('Invalid password')

        # check hostname
        if re.match(r'[-0-9a-z]+(\.[-0-9a-z]+)*$', hostname) is None:
                raise RuntimeError('Invalid host name')

        # check IP address
        ip = ipaddr.IPAddress(myip) # throws axception if the IP address is not valid
        if isinstance(ip, ipaddr.IPv4Address):
                type = 'A'
        elif isinstance(ip, ipaddr.IPv6Address):
                type = 'AAAA'
        else:
                raise RuntimeError('Unknown IP address type')

        # access granted
        print "Content-Type: text/html"
        print
        call(['sudo', '/usr/local/bin/nsupdate_dyndns', hostname, myip, type])
        print "OK"


except:
        # access denied
        print "Content-Type: text/html"
        print "Status: 403 Forbidden"
        print
        print "Denied"