Now exceptions are derived from a common base class and return codes correspond to...
[toast/tdyndns.git] / cgi-bin / dyndns.py
1 #!/usr/bin/python2.7
2 """Dynamic DNS script. Expects URLs from routers in the form
3 https://info.colgarra.priv.at/dyndns/dyndns.py?username=<username>&password=<pass>&hostname=<domain>&myip=<ipaddr>
4 """
5
6 import re
7 import cgi
8 import pwd
9 from subprocess import call
10 import ipaddr
11
12
13 # Configuration
14 PASSWORD = 'hygCithOrs5'
15 ZONE = '.dyn.colgarra.priv.at'
16 DEBUG = False
17
18
19 # Just for debugging:
20 if DEBUG:
21         import cgitb
22         cgitb.enable()
23
24
25 fields = cgi.FieldStorage()
26
27 # the following fields are supported by most dyndns providers
28 # if a parameter is not provided, the .getvalue method returns None
29 username = fields.getvalue('username')
30 password = fields.getvalue('password')
31 hostname = fields.getvalue('hostname')
32 myip     = fields.getvalue('myip')
33 wildcard = fields.getvalue('wildcard')
34 mx       = fields.getvalue('mx')
35 backmx   = fields.getvalue('backmx')
36 offline  = fields.getvalue('offline')
37 system   = fields.getvalue('system')
38 url      = fields.getvalue('url')
39
40
41 # Base class for our exceptions
42 class DynDnsError(Exception):
43         pass
44
45 class AuthError(DynDnsError):
46         returncode = 'badauth'
47
48 class UsernameMissing(AuthError):
49         pass
50
51 class UsernameInvalid(AuthError):
52         pass
53
54 class PasswordMissing(AuthError):
55         pass
56
57 class PasswordWrong(AuthError):
58         pass
59
60 class HostnameError(DynDnsError):
61         returncode = 'notfqdn'
62
63 class HostnameMissing(HostnameError):
64         pass
65
66 class PasswordWrong(HostnameError):
67         pass
68
69 class IpError(DynDnsError):
70         returncode = 'badip' # not documented at dyn.com
71
72 class IpMissing(IpError):
73         pass
74
75 class IpInvalid(IpError):
76         pass
77
78 try:
79         # check username
80         if username is None:
81                 raise UsernameMissing()
82         try:
83                 user_info = pwd.getpwnam(username)
84         except KeyError:
85                 raise UsernameInvalid()
86         if user_info.pw_uid < 1000:
87                 raise UsernameInvalid()
88
89         # check password
90         if password is None:
91                 raise PasswordMissing()
92         if password != PASSWORD:
93                 raise PasswordWrong()
94
95         # check hostname
96         if hostname is None:
97                 raise HostnameMissing()
98         if re.match(r'[-0-9a-z]+(\.[-0-9a-z]+)*$', hostname) is None:
99                 raise HostnameInvalid()
100
101         # strip zone
102         hostname = hostname.strip()
103         if hostname.endswith(ZONE):
104                 hostname = hostname[:-len(ZONE)]
105
106         # check IP address
107         if myip is None:
108                 raise IpMissing()
109         try:
110                 ip = ipaddr.IPAddress(myip) # throws an exception if the IP address is not valid
111         except ValueError:
112                 raise IpInvalid()
113         if isinstance(ip, ipaddr.IPv4Address):
114                 iptype = 'A'
115         elif isinstance(ip, ipaddr.IPv6Address):
116                 iptype = 'AAAA'
117         else:
118                 raise IpInvalid() # should never happen
119
120         # access granted
121         print "Content-Type: text/html"
122         print
123         call(['sudo', '/usr/local/bin/nsupdate_dyndns', hostname, myip, iptype])
124         print "good"
125         # Note: we should return 'nochg' in case the IP has not changed, however we don't know yet.
126
127
128 except DynDnsError as error:
129         print "Content-Type: text/html"
130         print "Status: 200"
131         print
132         print error.returncode
133