dyndnsd 1.6.1 → 2.0.0.rc1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 8f5c478f470f3567d427cd64d85bfb275cb9b4bf
-  data.tar.gz: 0fe278562fbfe094d78b7afd04250a288732b429
+SHA256:
+  metadata.gz: aac098254fd64311eda2e12bba4f438f7b7fc6e91a25c24cf3f709b76c1f925e
+  data.tar.gz: ebee973229eb3c4d4f3a001ed21cffd3a6be400f31bfedb9dbc6529281988657
 SHA512:
-  metadata.gz: 6fcf2c23eef6cd1c2c9dd2b09fee33c9b760975c1c63631b48c34f86c25b94ef5fe7ea869cc9e6b48231c5ad60c43b8a172f598eb20aef0790e1a23e9f3d945b
-  data.tar.gz: 134d8ce48ea9df369a08516e355f06ea7db441e116d7c7a7c985aa75158eaeecafe0fc9febe7823da62a7c9f36ed488189291d3b9470adcb5fd90787c391057a
+  metadata.gz: 4497985876b27f5a8afffa1a9fba699a7837a32488035ba725edf5afd13c307f1c741561e75d2c54a5621936e59555da98f903abd43247aa4769d55b4485e340
+  data.tar.gz: 9f5cf58eb67acee24c0174ec7d65503deef1ccfc44568f118bccb7a0215c84a185e3ba023086ff6ae53a1feb2593793e822c6c16c258e3be588e1164363551d9

data/.rubocop.yml

@@ -0,0 +1,62 @@
+inherit_from: .rubocop_todo.yml
+
+AllCops:
+  TargetRubyVersion: '2.3'
+
+Gemspec/OrderedDependencies:
+  Enabled: false
+
+# allows nicer usage of private_class_method
+Layout/EmptyLinesAroundArguments:
+  Enabled: false
+
+Layout/SpaceInsideHashLiteralBraces:
+  Enabled: false
+
+Metrics/AbcSize:
+  Enabled: false
+
+Metrics/BlockLength:
+  Enabled: false
+
+Metrics/ClassLength:
+  Enabled: false
+
+Metrics/CyclomaticComplexity:
+  Enabled: false
+
+Metrics/LineLength:
+  Max: 200
+
+Metrics/MethodLength:
+  Enabled: false
+
+Metrics/PerceivedComplexity:
+  Enabled: false
+
+Style/ConditionalAssignment:
+  Enabled: false
+
+Style/Documentation:
+  Enabled: false
+
+Style/FormatStringToken:
+  Enabled: false
+
+Style/FrozenStringLiteralComment:
+  Enabled: false
+
+Style/GuardClause:
+  Enabled: false
+
+Style/IdenticalConditionalBranches:
+  Enabled: false
+
+Style/InverseMethods:
+  Enabled: false
+
+Style/NegatedIf:
+  Enabled: false
+
+Style/SymbolArray:
+  Enabled: false

data/.rubocop_todo.yml

@@ -0,0 +1,7 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config`
+# on 2018-02-23 12:54:10 +0100 using RuboCop version 0.52.1.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.

data/.travis.yml

@@ -1,11 +1,7 @@
+---
+sudo: false
 language: ruby
-
 rvm:
-  - 2.0.0
-  - 1.9.3
-
-gemfile:
-  - Gemfile
-
-before_install:
-  - gem install bundler
+  - 2.5
+  - 2.4
+  - 2.3

data/CHANGELOG.md

@@ -0,0 +1,78 @@
+# Changelog
+
+## 2.0.0
+
+IMPROVEMENTS:
+
+- Drop Ruby 2.2 and lower support
+- Better protocol compliance by returning `badauth` in response body on HTTP 401 errors
+- Better code maintainability by refactorings
+- Update dependencies, mainly `rack` to new major version 2
+- Add Ruby 2.5 support
+- Add experimental [OpenTracing](http://opentracing.io/) support with [CNCF Jaeger](https://github.com/jaegertracing/jaeger)
+- Support host offlining by deleting the associated DNS records
+
+## 1.6.1 (October 31, 2017)
+
+IMPROVEMENTS:
+
+- Fix broken password check affecting all previous releases
+
+## 1.6.0 (December 7, 2016)
+
+IMPROVEMENTS:
+
+- Support providing an IPv6 address in addition to a IPv4 for the same hostname
+
+## 1.5.0 (November 30, 2016)
+
+IMPROVEMENTS:
+
+- Drop Ruby 1.8.7 support
+- Pin `json` gem to allow supporting Ruby 1.9.3
+- Support determining effective client IP address also from `X-Real-IP` header
+
+## 1.4.0 (November 27, 2016)
+
+IMPROVEMENTS:
+
+- Pin `rack` gem to allow supporting Ruby versions < 2.2.2
+- Support IPv6 addresses
+
+## 1.3.0 (October 8, 2013)
+
+IMPROVEMENTS:
+
+- Handle `SIGTERM` \*nix signal properly and shutdown the daemon
+
+## 1.2.2 (June 8, 2013)
+
+IMPROVEMENTS:
+
+- Add proper logging to the provided init script for dyndnsd.rb
+
+## 1.2.1 (June 5, 2013)
+
+IMPROVEMENTS:
+
+- Fix bug in previous release related to metrics preventing startup
+
+## 1.2.0 (May 29, 2013)
+
+IMPROVEMENTS:
+
+- Support sending metrics to graphite via undocumented `graphite:` section in configuration file
+
+## 1.1.0 (April 30, 2013)
+
+IMPROVEMENTS:
+
+- Support dropping priviliges on startup, also affects external commands run
+- Add [metriks](https://github.com/eric/metriks) support for basic metrics in the process title
+- Detach from child processes running external commands to avoid zombie processes
+
+## 1.0.0 (April 28, 2013)
+
+NEW FEATURES:
+
+- Initial 1.0 release

data/README.md

@@ -1,16 +1,18 @@
 # dyndnsd.rb
 
-[![Build Status](https://travis-ci.org/cmur2/dyndnsd.png)](https://travis-ci.org/cmur2/dyndnsd)
+[![Build Status](https://travis-ci.org/cmur2/dyndnsd.svg?branch=master)](https://travis-ci.org/cmur2/dyndnsd) [![Dependencies](https://badges.depfu.com/badges/4f25da8493f7a29f652ac892fbf9227b/overview.svg)](https://depfu.com/github/cmur2/dyndnsd)
 
 A small, lightweight and extensible DynDNS server written with Ruby and Rack.
 
 ## Description
 
-dyndnsd.rb aims to implement a small [DynDNS-compliant](http://dyn.com/support/developers/api/) server in Ruby supporting IPv4 and IPv6 addresses. It has an integrated user and hostname database in it's configuration file that is used for authentication and authorization. Besides talking the DynDNS protocol it is able to invoke an so-called *updater*, a small Ruby module that takes care of supplying the current host => ip mapping to a DNS server.
+dyndnsd.rb aims to implement a small [DynDNS-compliant](https://help.dyn.com/remote-access-api/) server in Ruby supporting IPv4 and IPv6 addresses. It has an integrated user and hostname database in it's configuration file that is used for authentication and authorization. Besides talking the DynDNS protocol it is able to invoke a so-called *updater*, a small Ruby module that takes care of supplying the current hostname => ip mapping to a DNS server.
 
-There is currently one updater shipped with dyndnsd.rb `command_with_bind_zone` that writes out a zone file in BIND syntax onto the current system and invokes a user-supplied command afterwards that is assumed to trigger the DNS server (not necessarily BIND since it's zone files are read by other DNS servers too) to reload it's zone configuration.
+There is currently one updater shipped with dyndnsd.rb `command_with_bind_zone` that writes out a zone file in BIND syntax onto the current system and invokes a user-supplied command afterwards that is assumed to trigger the DNS server (not necessarily BIND since it's zone files are read by other DNS servers, too) to reload it's zone configuration.
 
-Because of the mechanisms used dyndnsd.rb is known to work only on \*nix systems.
+Because of the mechanisms used, dyndnsd.rb is known to work only on \*nix systems.
+
+See the [changelog](CHANGELOG.md) before upgrading. The older version 1.x of dyndnsd.rb is still available on [branch dyndnsd-1.x](https://github.com/cmur2/dyndnsd/tree/dyndnsd-1.x).
 
 ## General Usage
 
@@ -101,7 +103,7 @@ Please provide ideas if you are using dyndnsd.rb with other DNS servers :)
 
 The update URL you want to tell your clients (humans or scripts ^^) consists of the following
 
-	http[s]://[USER]:[PASSWORD]@[DOMAIN]:[PORT]/nic/update?hostname=[HOSTNAMES]&myip=[MYIP]
+	http[s]://[USER]:[PASSWORD]@[DOMAIN]:[PORT]/nic/update?hostname=[HOSTNAMES]&myip=[MYIP]&myip6=[MYIP6]
 
 where:
 
@@ -110,7 +112,8 @@ where:
 * DOMAIN should match what you defined in your config.yaml as domain but may be anything else when using a webserver as proxy
 * PORT depends on your (webserver/proxy) settings
 * HOSTNAMES is a required list of comma separated FQDNs (they all have to end with your config.yaml domain) the user wants to update
-* MYIP is optional and the HTTP client's address will be used if missing
+* MYIP is optional and the HTTP client's IP address will be used if missing
+* MYIP6 is optional but if present also requires presence of MYIP
 
 ### IP address determination
 
@@ -130,6 +133,79 @@ Use a webserver as a proxy to handle SSL and/or multiple listen addresses and po
 
 The [Debian 6 init.d script](init.d/debian-6-dyndnsd) assumes that dyndnsd.rb is installed into the system ruby (no RVM support) and the config.yaml is at /opt/dyndnsd/config.yaml. Modify to your needs.
 
+### Monitoring
+
+For monitoring dyndnsd.rb uses the [metriks](https://github.com/eric/metriks) framework and exposes several metrics like the number of unauthenticated requests, requests that did (not) update a hostname, etc. By default the most important metrics are shown in the [proctitle](https://github.com/eric/metriks#proc-title-reporter) but you can also configure a [Graphite](https://graphiteapp.org/) backend for central monitoring.
+
+```yaml
+host: "0.0.0.0"
+port: "8245" # the DynDNS.com alternative HTTP port
+db: "/opt/dyndnsd/db.json"
+domain: "dyn.example.org"
+# configure the Graphite backend to be used instead of proctitle
+graphite:
+  host: localhost # defaults for host and port of a carbon server
+  port: 2003
+  prefix: "my.graphite.metrics.naming.structure.dyndnsd"
+# configure the updater, here we use command_with_bind_zone, params are updater-specific
+updater:
+  name: "command_with_bind_zone"
+  params:
+    zone_file: "dyn.zone"
+    command: "echo 'Hello'"
+    ttl: "5m"
+    dns: "dns.example.org."
+    email_addr: "admin.example.org."
+# user database with hostnames a user is allowed to update
+users:
+  # 'foo' is username, 'secret' the password
+  foo:
+    password: "secret"
+    hosts:
+      - foo.example.org
+      - bar.example.org
+  test:
+    password: "ihavenohosts"
+```
+
+### Tracing (experimental)
+
+For tracing dyndnsd.rb is instrumented using the [OpenTracing](http://opentracing.io/) framework and will emit span tracing data for the most important operations happening during the request/response cycle. Using a middleware for Rack allows handling incoming OpenTracing span information properly.
+Currently only one OpenTracing-compatible tracer implementation named [CNCF Jaeger](https://github.com/jaegertracing/jaeger) can be configured to use with dyndnsd.rb.
+
+```yaml
+host: "0.0.0.0"
+port: "8245" # the DynDNS.com alternative HTTP port
+db: "/opt/dyndnsd/db.json"
+domain: "dyn.example.org"
+# enable and configure tracing using the (currently only) tracer jaeger
+tracing:
+  trust_incoming_span: false # default value, change to accept incoming OpenTracing spans as parents
+  jaeger:
+    host: 127.0.0.1 # defaults for host and port of local jaeger-agent
+    port: 6831
+    service_name: "my.dyndnsd.identifier"
+# configure the updater, here we use command_with_bind_zone, params are updater-specific
+updater:
+  name: "command_with_bind_zone"
+  params:
+    zone_file: "dyn.zone"
+    command: "echo 'Hello'"
+    ttl: "5m"
+    dns: "dns.example.org."
+    email_addr: "admin.example.org."
+# user database with hostnames a user is allowed to update
+users:
+  # 'foo' is username, 'secret' the password
+  foo:
+    password: "secret"
+    hosts:
+      - foo.example.org
+      - bar.example.org
+  test:
+    password: "ihavenohosts"
+```
+
 ## License
 
 dyndnsd.rb is licensed under the Apache License, Version 2.0. See LICENSE for more information.

data/Rakefile

@@ -1,6 +1,8 @@
 require 'bundler/gem_tasks'
 require 'rspec/core/rake_task'
+require 'rubocop/rake_task'
 
 RSpec::Core::RakeTask.new(:spec)
+RuboCop::RakeTask.new
 
-task :default => :spec
+task default: [:rubocop, :spec]

data/dyndnsd.gemspec

@@ -1,31 +1,36 @@
 
-$:.push File.expand_path("../lib", __FILE__)
+$LOAD_PATH.push File.expand_path('../lib', __FILE__)
 
 require 'dyndnsd/version'
 
 Gem::Specification.new do |s|
-  s.name  = 'dyndnsd'
+  s.name = 'dyndnsd'
   s.version = Dyndnsd::VERSION
   s.summary = 'dyndnsd.rb'
   s.description = 'A small, lightweight and extensible DynDNS server written with Ruby and Rack.'
-  s.author  = 'Christian Nicolai'
+  s.author = 'Christian Nicolai'
   s.email = 'chrnicolai@gmail.com'
-  s.license = 'Apache License Version 2.0'
-  s.homepage  = 'https://github.com/cmur2/dyndnsd'
+  s.homepage = 'https://github.com/cmur2/dyndnsd'
+  s.license = 'Apache-2.0'
 
-  s.files = `git ls-files`.split($/)
+  s.files = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
   s.test_files = s.files.grep(%r{^(test|spec|features)/})
-
   s.require_paths = ['lib']
-
   s.executables = ['dyndnsd']
 
-  s.add_runtime_dependency 'rack', '~> 1.6'
-  s.add_runtime_dependency 'json', '~> 1.8'
+  s.required_ruby_version = '>= 2.3'
+
+  s.add_runtime_dependency 'rack', '~> 2.0'
+  s.add_runtime_dependency 'json'
   s.add_runtime_dependency 'metriks'
+  s.add_runtime_dependency 'opentracing', '~> 0.3'
+  s.add_runtime_dependency 'rack-tracer', '~> 0.4'
+  s.add_runtime_dependency 'spanmanager', '~> 0.3'
+  s.add_runtime_dependency 'jaeger-client', '~> 0.4'
 
-  s.add_development_dependency 'bundler', '~> 1.3'
+  s.add_development_dependency 'bundler'
   s.add_development_dependency 'rake'
   s.add_development_dependency 'rspec'
   s.add_development_dependency 'rack-test'
+  s.add_development_dependency 'rubocop', '~> 0.52.1'
 end

data/lib/dyndnsd/database.rb

@@ -4,27 +4,29 @@ require 'forwardable'
 module Dyndnsd
   class Database
     extend Forwardable
-    
+
     def_delegators :@db, :[], :[]=, :each, :has_key?
-  
+
     def initialize(db_file)
       @db_file = db_file
     end
-    
+
     def load
       if File.file?(@db_file)
-        @db = JSON.load(File.open(@db_file, 'r') { |f| f.read })
+        @db = JSON.parse(File.open(@db_file, 'r', &:read))
       else
         @db = {}
       end
       @db_hash = @db.hash
     end
-    
+
     def save
-      File.open(@db_file, 'w') { |f| JSON.dump(@db, f) }
-      @db_hash = @db.hash
+      Helper.span('database_save') do |_span|
+        File.open(@db_file, 'w') { |f| JSON.dump(@db, f) }
+        @db_hash = @db.hash
+      end
     end
-    
+
     def changed?
       @db_hash != @db.hash
     end

data/lib/dyndnsd/generator/bind.rb

@@ -10,25 +10,25 @@ module Dyndnsd
         @additional_zone_content = config['additional_zone_content']
       end
 
-      def generate(zone)
+      def generate(db)
         out = []
         out << "$TTL #{@ttl}"
         out << "$ORIGIN #{@domain}."
-        out << ""
-        out << "@ IN SOA #{@dns} #{@email_addr} ( #{zone['serial']} 3h 5m 1w 1h )"
+        out << ''
+        out << "@ IN SOA #{@dns} #{@email_addr} ( #{db['serial']} 3h 5m 1w 1h )"
         out << "@ IN NS #{@dns}"
-        out << ""
-        zone['hosts'].each do |hostname,ips|
-          (ips.is_a?(Array) ? ips : [ips]).each do |ip|
+        out << ''
+        db['hosts'].each do |hostname, ips|
+          ips.each do |ip|
             ip = IPAddr.new(ip).native
-            type = ip.ipv6? ? "AAAA" : "A"
+            type = ip.ipv6? ? 'AAAA' : 'A'
             name = hostname.chomp('.' + @domain)
             out << "#{name} IN #{type} #{ip}"
           end
         end
-        out << ""
+        out << ''
         out << @additional_zone_content
-        out << ""
+        out << ''
         out.join("\n")
       end
     end

data/lib/dyndnsd/helper.rb

@@ -0,0 +1,41 @@
+
+require 'ipaddr'
+
+module Dyndnsd
+  class Helper
+    def self.fqdn_valid?(hostname, domain)
+      return false if hostname.length < domain.length + 2
+      return false if !hostname.end_with?(domain)
+      name = hostname.chomp(domain)
+      return false if !name.match(/^[a-zA-Z0-9_-]+\.$/)
+      true
+    end
+
+    def self.ip_valid?(ip)
+      IPAddr.new(ip)
+      return true
+    rescue ArgumentError
+      return false
+    end
+
+    def self.user_allowed?(username, password, users)
+      (users.key? username) && (users[username]['password'] == password)
+    end
+
+    def self.changed?(hostname, myips, hosts)
+      # myips order is always deterministic
+      ((!hosts.include? hostname) || (hosts[hostname] != myips)) && !myips.empty?
+    end
+
+    def self.span(operation, &block)
+      span = OpenTracing.start_span(operation)
+      span.set_tag('component', 'dyndnsd')
+      span.set_tag('span.kind', 'server')
+      begin
+        block.call(span)
+      ensure
+        span.finish
+      end
+    end
+  end
+end

data/lib/dyndnsd/responder/dyndns_style.rb

@@ -2,19 +2,52 @@
 module Dyndnsd
   module Responder
     class DynDNSStyle
-      def response_for_error(state)
-        # general http errors
-        return [405, {"Content-Type" => "text/plain"}, ["Method Not Allowed"]] if state == :method_forbidden
-        return [404, {"Content-Type" => "text/plain"}, ["Not Found"]] if state == :not_found
-        # specific errors
-        return [200, {"Content-Type" => "text/plain"}, ["notfqdn"]] if state == :hostname_missing
-        return [200, {"Content-Type" => "text/plain"}, ["nohost"]] if state == :host_forbidden
-        return [200, {"Content-Type" => "text/plain"}, ["notfqdn"]] if state == :hostname_malformed
+      def initialize(app)
+        @app = app
       end
 
-      def response_for_changes(states, ip)
-        body = states.map { |state| "#{state} #{ip.is_a?(Array) ? ip.join(' ') : ip}" }.join("\n")
-        return [200, {"Content-Type" => "text/plain"}, [body]]
+      def call(env)
+        @app.call(env).tap do |status_code, headers, body|
+          if headers.key?('X-DynDNS-Response')
+            return decorate_dyndnsd_response(status_code, headers, body)
+          else
+            return decorate_other_response(status_code, headers, body)
+          end
+        end
+      end
+
+      private
+
+      def decorate_dyndnsd_response(status_code, headers, body)
+        if status_code == 200
+          [200, {'Content-Type' => 'text/plain'}, [get_success_body(body[0], body[1])]]
+        elsif status_code == 422
+          error_response_map[headers['X-DynDNS-Response']]
+        end
+      end
+
+      def decorate_other_response(status_code, headers, _body)
+        if status_code == 400
+          [status_code, headers, ['Bad Request']]
+        elsif status_code == 401
+          [status_code, headers, ['badauth']]
+        end
+      end
+
+      def get_success_body(changes, myips)
+        changes.map { |change| "#{change} #{myips.join(' ')}" }.join("\n")
+      end
+
+      def error_response_map
+        {
+          # general http errors
+          'method_forbidden'   => [405, {'Content-Type' => 'text/plain'}, ['Method Not Allowed']],
+          'not_found'          => [404, {'Content-Type' => 'text/plain'}, ['Not Found']],
+          # specific errors
+          'hostname_missing'   => [200, {'Content-Type' => 'text/plain'}, ['notfqdn']],
+          'hostname_malformed' => [200, {'Content-Type' => 'text/plain'}, ['notfqdn']],
+          'host_forbidden'     => [200, {'Content-Type' => 'text/plain'}, ['nohost']]
+        }
       end
     end
   end

data/lib/dyndnsd/responder/rest_style.rb

@@ -2,19 +2,52 @@
 module Dyndnsd
   module Responder
     class RestStyle
-      def response_for_error(state)
-        # general http errors
-        return [405, {"Content-Type" => "text/plain"}, ["Method Not Allowed"]] if state == :method_forbidden
-        return [404, {"Content-Type" => "text/plain"}, ["Not Found"]] if state == :not_found
-        # specific errors
-        return [422, {"Content-Type" => "text/plain"}, ["Hostname missing"]] if state == :hostname_missing
-        return [403, {"Content-Type" => "text/plain"}, ["Forbidden"]] if state == :host_forbidden
-        return [422, {"Content-Type" => "text/plain"}, ["Hostname malformed"]] if state == :hostname_malformed
+      def initialize(app)
+        @app = app
       end
 
-      def response_for_changes(states, ip)
-        body = states.map { |state| state == :good ? "Changed to #{ip.is_a?(Array) ? ip.join(' ') : ip}" : "No change needed for #{ip.is_a?(Array) ? ip.join(' ') : ip}" }.join("\n")
-        return [200, {"Content-Type" => "text/plain"}, [body]]
+      def call(env)
+        @app.call(env).tap do |status_code, headers, body|
+          if headers.key?('X-DynDNS-Response')
+            return decorate_dyndnsd_response(status_code, headers, body)
+          else
+            return decorate_other_response(status_code, headers, body)
+          end
+        end
+      end
+
+      private
+
+      def decorate_dyndnsd_response(status_code, headers, body)
+        if status_code == 200
+          [200, {'Content-Type' => 'text/plain'}, [get_success_body(body[0], body[1])]]
+        elsif status_code == 422
+          error_response_map[headers['X-DynDNS-Response']]
+        end
+      end
+
+      def decorate_other_response(status_code, headers, _body)
+        if status_code == 400
+          [status_code, headers, ['Bad Request']]
+        elsif status_code == 401
+          [status_code, headers, ['Unauthorized']]
+        end
+      end
+
+      def get_success_body(changes, myips)
+        changes.map { |change| change == :good ? "Changed to #{myips.join(' ')}" : "No change needed for #{myips.join(' ')}" }.join("\n")
+      end
+
+      def error_response_map
+        {
+          # general http errors
+          'method_forbidden'   => [405, {'Content-Type' => 'text/plain'}, ['Method Not Allowed']],
+          'not_found'          => [404, {'Content-Type' => 'text/plain'}, ['Not Found']],
+          # specific errors
+          'hostname_missing'   => [422, {'Content-Type' => 'text/plain'}, ['Hostname missing']],
+          'hostname_malformed' => [422, {'Content-Type' => 'text/plain'}, ['Hostname malformed']],
+          'host_forbidden'     => [403, {'Content-Type' => 'text/plain'}, ['Forbidden']]
+        }
       end
     end
   end

data/lib/dyndnsd/updater/command_with_bind_zone.rb

@@ -7,16 +7,21 @@ module Dyndnsd
         @command = config['command']
         @generator = Generator::Bind.new(domain, config)
       end
-      
+
       def update(zone)
-        # write zone file in bind syntax
-        File.open(@zone_file, 'w') { |f| f.write(@generator.generate(zone)) }
-        # call user-defined command
-        pid = fork do
-          exec @command
+        Helper.span('updater_update') do |span|
+          span.set_tag('dyndnsd.updater.name', self.class.name.split('::').last)
+
+          # write zone file in bind syntax
+          File.open(@zone_file, 'w') { |f| f.write(@generator.generate(zone)) }
+          # call user-defined command
+          pid = fork do
+            exec @command
+          end
+
+          # detach so children don't become zombies
+          Process.detach(pid)
         end
-        # detach so children don't become zombies
-        Process.detach(pid)
       end
     end
   end

data/lib/dyndnsd/version.rb

@@ -1,4 +1,4 @@
 
 module Dyndnsd
-  VERSION = "1.6.1"
+  VERSION = '2.0.0.rc1'.freeze
 end

data/lib/dyndnsd.rb

@@ -8,12 +8,16 @@ require 'yaml'
 require 'rack'
 require 'metriks'
 require 'metriks/reporter/graphite'
+require 'opentracing'
+require 'rack/tracer'
+require 'spanmanager'
 
 require 'dyndnsd/generator/bind'
 require 'dyndnsd/updater/command_with_bind_zone'
 require 'dyndnsd/responder/dyndns_style'
 require 'dyndnsd/responder/rest_style'
 require 'dyndnsd/database'
+require 'dyndnsd/helper'
 require 'dyndnsd/version'
 
 module Dyndnsd
@@ -26,154 +30,203 @@ module Dyndnsd
   end
 
   class LogFormatter
-    def call(lvl, time, progname, msg)
-      "[%s] %-5s %s\n" % [Time.now.strftime('%Y-%m-%d %H:%M:%S'), lvl, msg.to_s]
+    def call(lvl, _time, _progname, msg)
+      format("[%s] %-5s %s\n", Time.now.strftime('%Y-%m-%d %H:%M:%S'), lvl, msg.to_s)
     end
   end
 
   class Daemon
-    def initialize(config, db, updater, responder)
+    def initialize(config, db, updater)
       @users = config['users']
       @domain = config['domain']
       @db = db
       @updater = updater
-      @responder = responder
 
       @db.load
       @db['serial'] ||= 1
       @db['hosts'] ||= {}
-      (@db.save; update) if @db.changed?
+      if @db.changed?
+        @db.save
+        @updater.update(@db)
+      end
     end
 
-    def update
-      @updater.update(@db)
-    end
+    def authorized?(username, password)
+      Helper.span('check_authorized') do |span|
+        span.set_tag('dyndnsd.user', username)
 
-    def is_fqdn_valid?(hostname)
-      return false if hostname.length < @domain.length + 2
-      return false if not hostname.end_with?(@domain)
-      name = hostname.chomp(@domain)
-      return false if not name.match(/^[a-zA-Z0-9_-]+\.$/)
-      true
+        allow = Helper.user_allowed?(username, password, @users)
+        if !allow
+          Dyndnsd.logger.warn "Login failed for #{username}"
+          Metriks.meter('requests.auth_failed').mark
+        end
+        allow
+      end
     end
 
     def call(env)
-      return @responder.response_for_error(:method_forbidden) if env["REQUEST_METHOD"] != "GET"
-      return @responder.response_for_error(:not_found) if env["PATH_INFO"] != "/nic/update"
+      return [422, {'X-DynDNS-Response' => 'method_forbidden'}, []] if env['REQUEST_METHOD'] != 'GET'
+      return [422, {'X-DynDNS-Response' => 'not_found'}, []] if env['PATH_INFO'] != '/nic/update'
 
-      params = Rack::Utils.parse_query(env["QUERY_STRING"])
+      handle_dyndns_request(env)
+    end
 
-      return @responder.response_for_error(:hostname_missing) if not params["hostname"]
+    def self.run!
+      if ARGV.length != 1
+        puts 'Usage: dyndnsd config_file'
+        exit 1
+      end
 
-      hostnames = params["hostname"].split(',')
+      config_file = ARGV[0]
 
-      # Check if hostname match rules
-      hostnames.each do |hostname|
-        return @responder.response_for_error(:hostname_malformed) if not is_fqdn_valid?(hostname)
+      if !File.file?(config_file)
+        puts 'Config file not found!'
+        exit 1
       end
 
-      user = env["REMOTE_USER"]
+      puts "DynDNSd version #{Dyndnsd::VERSION}"
+      puts "Using config file #{config_file}"
 
-      hostnames.each do |hostname|
-        return @responder.response_for_error(:host_forbidden) if not @users[user]['hosts'].include? hostname
-      end
+      config = YAML.safe_load(File.open(config_file, 'r', &:read))
 
-      myip = nil
-
-      if params.has_key?("myip6")
-        # require presence of myip parameter as valid IPAddr (v4) and valid myip6
-        return @responder.response_for_error(:host_forbidden) if not params["myip"]
-        begin
-          IPAddr.new(params["myip"], Socket::AF_INET)
-          IPAddr.new(params["myip6"], Socket::AF_INET6)
-          
-          # myip will be an array
-          myip = [params["myip"], params["myip6"]]
-        rescue ArgumentError
-          return @responder.response_for_error(:host_forbidden)
-        end
-      else
-        # fallback value, always present
-        myip = env["REMOTE_ADDR"]
-
-        # check whether X-Real-IP header has valid IPAddr
-        if env.has_key?("HTTP_X_REAL_IP")
-          begin
-            IPAddr.new(env["HTTP_X_REAL_IP"])
-            myip = env["HTTP_X_REAL_IP"]
-          rescue ArgumentError
-          end
-        end
+      setup_logger(config)
 
-        # check whether myip parameter has valid IPAddr
-        if params.has_key?("myip")
-          begin
-            IPAddr.new(params["myip"])
-            myip = params["myip"]
-          rescue ArgumentError
-          end
-        end
+      Dyndnsd.logger.info 'Starting...'
+
+      # drop priviliges as soon as possible
+      # NOTE: first change group than user
+      Process::Sys.setgid(Etc.getgrnam(config['group']).gid) if config['group']
+      Process::Sys.setuid(Etc.getpwnam(config['user']).uid) if config['user']
+
+      setup_traps
+
+      setup_monitoring(config)
+
+      setup_tracing(config)
+
+      setup_rack(config)
+    end
+
+    private
+
+    def extract_v4_and_v6_address(params)
+      return [] if !(params['myip'])
+      begin
+        IPAddr.new(params['myip'], Socket::AF_INET)
+        IPAddr.new(params['myip6'], Socket::AF_INET6)
+        [params['myip'], params['myip6']]
+      rescue ArgumentError
+        []
       end
+    end
 
-      Metriks.meter('requests.valid').mark
-      Dyndnsd.logger.info "Request to update #{hostnames} to #{myip} for user #{user}"
+    def extract_myips(env, params)
+      # require presence of myip parameter as valid IPAddr (v4) and valid myip6
+      return extract_v4_and_v6_address(params) if params.key?('myip6')
+
+      # check whether myip parameter has valid IPAddr
+      return [params['myip']] if params.key?('myip') && Helper.ip_valid?(params['myip'])
+
+      # check whether X-Real-IP header has valid IPAddr
+      return [env['HTTP_X_REAL_IP']] if env.key?('HTTP_X_REAL_IP') && Helper.ip_valid?(env['HTTP_X_REAL_IP'])
+
+      # fallback value, always present
+      [env['REMOTE_ADDR']]
+    end
 
+    def process_changes(hostnames, myips)
       changes = []
-      hostnames.each do |hostname|
-        if (not @db['hosts'].include? hostname) or (@db['hosts'][hostname] != myip)
-          changes << :good
-          @db['hosts'][hostname] = myip
-          Metriks.meter('requests.good').mark
-        else
-          changes << :nochg
-          Metriks.meter('requests.nochg').mark
+      Helper.span('process_changes') do |span|
+        span.set_tag('dyndnsd.hostnames', hostnames.join(','))
+
+        hostnames.each do |hostname|
+          # myips order is always deterministic
+          if myips.empty? && @db['hosts'].include?(hostname)
+            @db['hosts'].delete(hostname)
+            changes << :good
+            Metriks.meter('requests.good').mark
+          elsif Helper.changed?(hostname, myips, @db['hosts'])
+            @db['hosts'][hostname] = myips
+            changes << :good
+            Metriks.meter('requests.good').mark
+          else
+            changes << :nochg
+            Metriks.meter('requests.nochg').mark
+          end
         end
       end
+      changes
+    end
 
-      if @db.changed?
-        @db['serial'] += 1
-        Dyndnsd.logger.info "Committing update ##{@db['serial']}"
-        @db.save
-        update
-        Metriks.meter('updates.committed').mark
-      end
-
-      @responder.response_for_changes(changes, myip)
+    def update_db
+      @db['serial'] += 1
+      Dyndnsd.logger.info "Committing update ##{@db['serial']}"
+      @db.save
+      @updater.update(@db)
+      Metriks.meter('updates.committed').mark
     end
 
-    def self.run!
-      if ARGV.length != 1
-        puts "Usage: dyndnsd config_file"
-        exit 1
-      end
+    def handle_dyndns_request(env)
+      params = Rack::Utils.parse_query(env['QUERY_STRING'])
 
-      config_file = ARGV[0]
+      # require hostname parameter
+      return [422, {'X-DynDNS-Response' => 'hostname_missing'}, []] if !(params['hostname'])
 
-      if not File.file?(config_file)
-        puts "Config file not found!"
-        exit 1
+      hostnames = params['hostname'].split(',')
+
+      # check for invalid hostnames
+      invalid_hostnames = hostnames.select { |h| !Helper.fqdn_valid?(h, @domain) }
+      return [422, {'X-DynDNS-Response' => 'hostname_malformed'}, []] if invalid_hostnames.any?
+
+      user = env['REMOTE_USER']
+
+      # check for hostnames that the user does not own
+      forbidden_hostnames = hostnames - @users[user]['hosts']
+      return [422, {'X-DynDNS-Response' => 'host_forbidden'}, []] if forbidden_hostnames.any?
+
+      if params['offline'] == 'YES'
+        myips = []
+      else
+        myips = extract_myips(env, params)
+        # require at least one IP to update
+        return [422, {'X-DynDNS-Response' => 'host_forbidden'}, []] if myips.empty?
       end
 
-      puts "DynDNSd version #{Dyndnsd::VERSION}"
-      puts "Using config file #{config_file}"
+      Metriks.meter('requests.valid').mark
+      Dyndnsd.logger.info "Request to update #{hostnames} to #{myips} for user #{user}"
+
+      changes = process_changes(hostnames, myips)
 
-      config = YAML::load(File.open(config_file, 'r') { |f| f.read })
+      update_db if @db.changed?
 
+      [200, {'X-DynDNS-Response' => 'success'}, [changes, myips]]
+    end
+
+    # SETUP
+
+    private_class_method def self.setup_logger(config)
       if config['logfile']
         Dyndnsd.logger = Logger.new(config['logfile'])
       else
         Dyndnsd.logger = Logger.new(STDOUT)
       end
 
-      Dyndnsd.logger.progname = "dyndnsd"
+      Dyndnsd.logger.progname = 'dyndnsd'
       Dyndnsd.logger.formatter = LogFormatter.new
+    end
 
-      Dyndnsd.logger.info "Starting..."
-
-      # drop privs (first change group than user)
-      Process::Sys.setgid(Etc.getgrnam(config['group']).gid) if config['group']
-      Process::Sys.setuid(Etc.getpwnam(config['user']).uid) if config['user']
+    private_class_method def self.setup_traps
+      Signal.trap('INT') do
+        Dyndnsd.logger.info 'Quitting...'
+        Rack::Handler::WEBrick.shutdown
+      end
+      Signal.trap('TERM') do
+        Dyndnsd.logger.info 'Quitting...'
+        Rack::Handler::WEBrick.shutdown
+      end
+    end
 
+    private_class_method def self.setup_monitoring(config)
       # configure metriks
       if config['graphite']
         host = config['graphite']['host'] || 'localhost'
@@ -192,33 +245,43 @@ module Dyndnsd
         end
         reporter.start
       end
+    end
+
+    private_class_method def self.setup_tracing(config)
+      # configure OpenTracing
+      if config.dig('tracing', 'jaeger')
+        require 'jaeger/client'
+
+        host = config['tracing']['jaeger']['host'] || '127.0.0.1'
+        port = config['tracing']['jaeger']['port'] || 6831
+        service_name = config['tracing']['jaeger']['service_name'] || 'dyndnsd'
+        OpenTracing.global_tracer = Jaeger::Client.build(
+          host: host, port: port, service_name: service_name, flush_interval: 1
+        )
+      end
+      # always use SpanManager
+      OpenTracing.global_tracer = SpanManager::Tracer.new(OpenTracing.global_tracer)
+    end
 
+    private_class_method def self.setup_rack(config)
       # configure daemon
       db = Database.new(config['db'])
       updater = Updater::CommandWithBindZone.new(config['domain'], config['updater']['params']) if config['updater']['name'] == 'command_with_bind_zone'
-      responder = Responder::DynDNSStyle.new
+      daemon = Daemon.new(config, db, updater)
 
       # configure rack
-      app = Daemon.new(config, db, updater, responder)
-      app = Rack::Auth::Basic.new(app, "DynDNS") do |user,pass|
-        allow = ((config['users'].has_key? user) and (config['users'][user]['password'] == pass))
-        if not allow
-          Dyndnsd.logger.warn "Login failed for #{user}"
-          Metriks.meter('requests.auth_failed').mark
-        end
-        allow
-      end
+      app = Rack::Auth::Basic.new(daemon, 'DynDNS', &daemon.method(:authorized?))
 
-      Signal.trap('INT') do
-        Dyndnsd.logger.info "Quitting..."
-        Rack::Handler::WEBrick.shutdown
-      end
-      Signal.trap('TERM') do
-        Dyndnsd.logger.info "Quitting..."
-        Rack::Handler::WEBrick.shutdown
+      if config['responder'] == 'RestStyle'
+        app = Responder::RestStyle.new(app)
+      else
+        app = Responder::DynDNSStyle.new(app)
       end
 
-      Rack::Handler::WEBrick.run app, :Host => config['host'], :Port => config['port']
+      trust_incoming_span = config.dig('tracing', 'trust_incoming_span') || false
+      app = Rack::Tracer.new(app, trust_incoming_span: trust_incoming_span)
+
+      Rack::Handler::WEBrick.run app, Host: config['host'], Port: config['port']
     end
   end
 end

data/spec/daemon_spec.rb

@@ -18,20 +18,25 @@ describe Dyndnsd::Daemon do
     }
     db = Dyndnsd::DummyDatabase.new({})
     updater = Dyndnsd::Updater::Dummy.new
-    responder = Dyndnsd::Responder::DynDNSStyle.new
-    app = Dyndnsd::Daemon.new(config, db, updater, responder)
+    daemon = Dyndnsd::Daemon.new(config, db, updater)
 
-    Rack::Auth::Basic.new(app, "DynDNS") do |user,pass|
-      (config['users'].has_key? user) and (config['users'][user]['password'] == pass)
-    end
+    app = Rack::Auth::Basic.new(daemon, 'DynDNS', &daemon.method(:authorized?))
+
+    app = Dyndnsd::Responder::DynDNSStyle.new(app)
+
+    Rack::Tracer.new(app, trust_incoming_span: false)
   end
 
   it 'requires authentication' do
     get '/'
     expect(last_response.status).to eq(401)
+    expect(last_response.body).to eq('badauth')
+  end
 
-    pending 'Need to find a way to add custom body on 401 responses'
-    expect(last_response).not_to be_ok
+  it 'requires configured correct credentials' do
+    authorize 'test', 'wrongsecret'
+    get '/'
+    expect(last_response.status).to eq(401)
     expect(last_response.body).to eq('badauth')
   end
 
@@ -96,6 +101,7 @@ describe Dyndnsd::Daemon do
 
   it 'rejects request if user does not own one hostname' do
     authorize 'test', 'secret'
+
     get '/nic/update?hostname=notmyhost.example.org'
     expect(last_response).to be_ok
     expect(last_response.body).to eq('nohost')
@@ -161,6 +167,34 @@ describe Dyndnsd::Daemon do
     expect(last_response.body).to eq("nochg 2001:db8::1\ngood 2001:db8::1")
   end
 
+  it 'offlines a host' do
+    authorize 'test', 'secret'
+
+    get '/nic/update?hostname=foo.example.org&myip=1.2.3.4'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('good 1.2.3.4')
+
+    get '/nic/update?hostname=foo.example.org&offline=YES'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('good ')
+
+    get '/nic/update?hostname=foo.example.org&offline=YES'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('nochg ')
+
+    get '/nic/update?hostname=foo.example.org&myip=1.2.3.4'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('good 1.2.3.4')
+
+    get '/nic/update?hostname=foo.example.org&myip=1.2.3.4&offline=YES'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('good ')
+
+    get '/nic/update?hostname=foo.example.org&myip=1.2.3.4&offline=YES'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('nochg ')
+  end
+
   it 'uses clients remote IP address if myip not specified' do
     authorize 'test', 'secret'
     get '/nic/update?hostname=foo.example.org'
@@ -185,7 +219,7 @@ describe Dyndnsd::Daemon do
 
     get '/nic/update?hostname=foo.example.org&myip=1.2.3.4&myip6=2001:db8::1'
     expect(last_response).to be_ok
-    expect(last_response.body).to eq("good 1.2.3.4 2001:db8::1")
+    expect(last_response.body).to eq('good 1.2.3.4 2001:db8::1')
 
     get '/nic/update?hostname=foo.example.org&myip=BROKENIP&myip6=2001:db8::1'
     expect(last_response).to be_ok

data/spec/support/dummy_database.rb

@@ -4,7 +4,7 @@ require 'forwardable'
 module Dyndnsd
   class DummyDatabase
     extend Forwardable
-  
+
     def_delegators :@db, :[], :[]=, :each, :has_key?
 
     def initialize(db_init)
@@ -25,5 +25,3 @@ module Dyndnsd
     end
   end
 end
-
-      

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dyndnsd
 version: !ruby/object:Gem::Version
-  version: 1.6.1
+  version: 2.0.0.rc1
 platform: ruby
 authors:
 - Christian Nicolai
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-10-31 00:00:00.000000000 Z
+date: 2018-03-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: json
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.8'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.8'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: metriks
   requirement: !ruby/object:Gem::Requirement
@@ -53,19 +53,75 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: opentracing
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
-  type: :development
+        version: '0.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.3'
+- !ruby/object:Gem::Dependency
+  name: rack-tracer
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.4'
+- !ruby/object:Gem::Dependency
+  name: spanmanager
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.3'
+- !ruby/object:Gem::Dependency
+  name: jaeger-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.4'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '0.4'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -108,6 +164,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.52.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.52.1
 description: A small, lightweight and extensible DynDNS server written with Ruby and
   Rack.
 email: chrnicolai@gmail.com
@@ -117,7 +187,10 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".rubocop.yml"
+- ".rubocop_todo.yml"
 - ".travis.yml"
+- CHANGELOG.md
 - Gemfile
 - LICENSE
 - README.md
@@ -128,6 +201,7 @@ files:
 - lib/dyndnsd.rb
 - lib/dyndnsd/database.rb
 - lib/dyndnsd/generator/bind.rb
+- lib/dyndnsd/helper.rb
 - lib/dyndnsd/responder/dyndns_style.rb
 - lib/dyndnsd/responder/rest_style.rb
 - lib/dyndnsd/updater/command_with_bind_zone.rb
@@ -138,7 +212,7 @@ files:
 - spec/support/dummy_updater.rb
 homepage: https://github.com/cmur2/dyndnsd
 licenses:
-- Apache License Version 2.0
+- Apache-2.0
 metadata: {}
 post_install_message: 
 rdoc_options: []
@@ -148,15 +222,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.3'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.8
+rubygems_version: 2.7.5
 signing_key: 
 specification_version: 4
 summary: dyndnsd.rb