X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=src%2Fddns%2Fsystem.py;h=c2dc4309e6c39adb0ac53db2b87dd3f4de7b4992;hb=0a70b74304a7d26e483dfe4156afaedcd82f8864;hp=afc5a5fbc0217deb62fb44cf42e78f2e1aeb4dcd;hpb=09c496c58a46480261fcd8d6378e15e0f95bd8eb;p=ddns.git diff --git a/src/ddns/system.py b/src/ddns/system.py index afc5a5f..c2dc430 100644 --- a/src/ddns/system.py +++ b/src/ddns/system.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 ############################################################################### # # # ddns - A dynamic DNS client for IPFire # @@ -21,13 +21,15 @@ import base64 import re +import ssl import socket -import urllib -import urllib2 +import urllib.request +import urllib.parse +import urllib.error -from __version__ import CLIENT_VERSION +from .__version__ import CLIENT_VERSION from .errors import * -from i18n import _ +from .i18n import _ # Initialize the logger. import logging @@ -47,6 +49,9 @@ class DDNSSystem(object): # Connection to the core of the program. self.core = core + # Address cache. + self.__addresses = {} + # Find out on which distribution we are running. self.distro = self._get_distro_identifier() logger.debug(_("Running on distribution: %s") % self.distro) @@ -61,23 +66,29 @@ class DDNSSystem(object): return proxy - def get_local_ipv6_address(self): - return # XXX TODO + def get_local_ip_address(self, proto): + ip_address = self._get_local_ip_address(proto) + + # Check if the IP address is usable and only return it then + if self._is_usable_ip_address(proto, ip_address): + return ip_address - def get_local_ipv4_address(self): - if self.distro == "ipfire-2": + def _get_local_ip_address(self, proto): + # Legacy code for IPFire 2. + if self.distro == "ipfire-2" and proto == "ipv4": try: with open("/var/ipfire/red/local-ipaddress") as f: return f.readline() - except IOError, e: + except IOError as e: # File not found if e.errno == 2: return raise - return # XXX TODO + # XXX TODO + raise NotImplementedError def _guess_external_ip_address(self, url, timeout=10): """ @@ -94,25 +105,21 @@ class DDNSSystem(object): if not response.code == 200: return - match = re.search(r"^Your IP address is: (.*)$", response.read()) + match = re.search(b"^Your IP address is: (.*)$", response.read()) if match is None: return - return match.group(1) + return match.group(1).decode() - def guess_external_ipv6_address(self): - """ - Sends a request to the internet to determine - the public IPv6 address. - """ - return self._guess_external_ip_address("http://checkip6.dns.lightningwirelabs.com") + def guess_external_ip_address(self, family, **kwargs): + if family == "ipv6": + url = "https://checkip6.dns.lightningwirelabs.com" + elif family == "ipv4": + url = "https://checkip4.dns.lightningwirelabs.com" + else: + raise ValueError("unknown address family") - def guess_external_ipv4_address(self): - """ - Sends a request to the internet to determine - the public IPv4 address. - """ - return self._guess_external_ip_address("http://checkip4.dns.lightningwirelabs.com") + return self._guess_external_ip_address(url, **kwargs) def send_request(self, url, method="GET", data=None, username=None, password=None, timeout=30): assert method in ("GET", "POST") @@ -131,7 +138,7 @@ class DDNSSystem(object): if data: logger.debug(" data: %s" % data) - req = urllib2.Request(url, data=data) + req = urllib.request.Request(url, data=data) if username and password: basic_auth_header = self._make_basic_auth_header(username, password) @@ -157,7 +164,7 @@ class DDNSSystem(object): logger.debug(" %s: %s" % (k, v)) try: - resp = urllib2.urlopen(req, timeout=timeout) + resp = urllib.request.urlopen(req, timeout=timeout) # Log response header. logger.debug(_("Response header (Status Code %s):") % resp.code) @@ -167,26 +174,74 @@ class DDNSSystem(object): # Return the entire response object. return resp - except urllib2.HTTPError, e: + except urllib.error.HTTPError as e: + # Log response header. + logger.debug(_("Response header (Status Code %s):") % e.code) + for k, v in e.hdrs.items(): + logger.debug(" %s: %s" % (k, v)) + + # 400 - Bad request + if e.code == 400: + raise DDNSRequestError(e.reason) + + # 401 - Authorization Required + # 403 - Forbidden + elif e.code in (401, 403): + raise DDNSAuthenticationError(e.reason) + + # 404 - Not found + # Either the provider has changed the API, or + # there is an error on the server + elif e.code == 404: + raise DDNSNotFound(e.reason) + + # 429 - Too Many Requests + elif e.code == 429: + raise DDNSTooManyRequests(e.reason) + + # 500 - Internal Server Error + elif e.code == 500: + raise DDNSInternalServerError(e.reason) + # 503 - Service Unavailable - if e.code == 503: - raise DDNSServiceUnavailableError + elif e.code == 503: + raise DDNSServiceUnavailableError(e.reason) # Raise all other unhandled exceptions. raise - except urllib2.URLError, e: + except urllib.error.URLError as e: if e.reason: + # Handle SSL errors + if isinstance(e.reason, ssl.SSLError): + e = e.reason + + if e.reason == "CERTIFICATE_VERIFY_FAILED": + raise DDNSCertificateError + + # Raise all other SSL errors + raise DDNSSSLError(e.reason) + + # Name or service not known + if e.reason.errno == -2: + raise DDNSResolveError + # Network Unreachable (e.g. no IPv6 access) if e.reason.errno == 101: raise DDNSNetworkUnreachableError + + # Connection Refused elif e.reason.errno == 111: raise DDNSConnectionRefusedError + # No route to host + elif e.reason.errno == 113: + raise DDNSNoRouteToHostError(req.host) + # Raise all other unhandled exceptions. raise - except socket.timeout, e: + except socket.timeout as e: logger.debug(_("Connection timeout")) raise DDNSConnectionTimeoutError @@ -195,7 +250,7 @@ class DDNSSystem(object): args = [] for k, v in data.items(): - arg = "%s=%s" % (k, urllib.quote(v)) + arg = "%s=%s" % (k, urllib.parse.quote(v)) args.append(arg) return "&".join(args) @@ -204,7 +259,7 @@ class DDNSSystem(object): authstring = "%s:%s" % (username, password) # Encode authorization data in base64. - authstring = base64.encodestring(authstring) + authstring = base64.encodebytes(authstring) # Remove any newline characters. authstring = authstring.replace("\n", "") @@ -212,6 +267,21 @@ class DDNSSystem(object): return authstring def get_address(self, proto): + """ + Returns the current IP address for + the given IP protocol. + """ + try: + return self.__addresses[proto] + + # IP is currently unknown and needs to be retrieved. + except KeyError: + self.__addresses[proto] = address = \ + self._get_address(proto) + + return address + + def _get_address(self, proto): assert proto in ("ipv6", "ipv4") # IPFire 2 does not support IPv6. @@ -221,22 +291,54 @@ class DDNSSystem(object): # Check if the external IP address should be guessed from # a remote server. guess_ip = self.core.settings.get("guess_external_ip", "true") + guess_ip = guess_ip in ("true", "yes", "1") - # If the external IP address should be used, we just do - # that. - if guess_ip in ("true", "yes", "1"): - if proto == "ipv6": - return self.guess_external_ipv6_address() + # Get the local IP address. + local_ip_address = None - elif proto == "ipv4": - return self.guess_external_ipv4_address() + if not guess_ip: + try: + local_ip_address = self.get_local_ip_address(proto) + except NotImplementedError: + logger.warning(_("Falling back to check the IP address with help of a public server")) - # Get the local IP addresses. - else: - if proto == "ipv6": - return self.get_local_ipv6_address() - elif proto == "ipv4": - return self.get_local_ipv4_address() + # If no local IP address could be determined, we will fall back to the guess + # it with help of an external server... + if not local_ip_address: + local_ip_address = self.guess_external_ip_address(proto) + + return local_ip_address + + def _is_usable_ip_address(self, proto, address): + """ + Returns True is the local IP address is usable + for dynamic DNS (i.e. is not a RFC1918 address or similar). + """ + if proto == "ipv4": + # This is not the most perfect solution to match + # these addresses, but instead of pulling in an entire + # library to handle the IP addresses better, we match + # with regular expressions instead. + matches = ( + # RFC1918 address space + r"^10\.\d+\.\d+\.\d+$", + r"^192\.168\.\d+\.\d+$", + r"^172\.(1[6-9]|2[0-9]|31)\.\d+\.\d+$", + + # Dual Stack Lite address space + r"^100\.(6[4-9]|[7-9][0-9]|1[01][0-9]|12[0-7])\.\d+\.\d+$", + ) + + for match in matches: + m = re.match(match, address) + if m is None: + continue + + # Found a match. IP address is not usable. + return False + + # In all other cases, return OK. + return True def resolve(self, hostname, proto=None): addresses = [] @@ -253,11 +355,15 @@ class DDNSSystem(object): # Resolve the host address. try: response = socket.getaddrinfo(hostname, None, family) - except socket.gaierror, e: + except socket.gaierror as e: # Name or service not known if e.errno == -2: return [] + # Temporary failure in name resolution + elif e.errno == -3: + raise DDNSResolveError(hostname) + # No record for requested family available (e.g. no AAAA) elif e.errno == -5: return [] @@ -283,7 +389,7 @@ class DDNSSystem(object): continue # Add to repsonse list if not already in there. - if not address in addresses: + if address not in addresses: addresses.append(address) return addresses @@ -313,7 +419,7 @@ class DDNSSystem(object): """ try: f = open("/etc/os-release", "r") - except IOError, e: + except IOError as e: # File not found if e.errno == 2: return @@ -342,7 +448,7 @@ class DDNSSystem(object): """ try: f = open("/etc/system-release", "r") - except IOError, e: + except IOError as e: # File not found if e.errno == 2: return