Silently fall back to the guess the IP address with a remote server
[oddments/ddns.git] / src / ddns / system.py
1 #!/usr/bin/python
2 ###############################################################################
3 #                                                                             #
4 # ddns - A dynamic DNS client for IPFire                                      #
5 # Copyright (C) 2012 IPFire development team                                  #
6 #                                                                             #
7 # This program is free software: you can redistribute it and/or modify        #
8 # it under the terms of the GNU General Public License as published by        #
9 # the Free Software Foundation, either version 3 of the License, or           #
10 # (at your option) any later version.                                         #
11 #                                                                             #
12 # This program is distributed in the hope that it will be useful,             #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of              #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
15 # GNU General Public License for more details.                                #
16 #                                                                             #
17 # You should have received a copy of the GNU General Public License           #
18 # along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
19 #                                                                             #
20 ###############################################################################
21
22 import base64
23 import re
24 import ssl
25 import socket
26 import urllib
27 import urllib2
28
29 from __version__ import CLIENT_VERSION
30 from .errors import *
31 from i18n import _
32
33 # Initialize the logger.
34 import logging
35 logger = logging.getLogger("ddns.system")
36 logger.propagate = 1
37
38 class DDNSSystem(object):
39         """
40                 The DDNSSystem class adds a layer of abstraction
41                 between the ddns software and the system.
42         """
43
44         # The default useragent.
45         USER_AGENT = "IPFireDDNSUpdater/%s" % CLIENT_VERSION
46
47         def __init__(self, core):
48                 # Connection to the core of the program.
49                 self.core = core
50
51                 # Address cache.
52                 self.__addresses = {}
53
54                 # Find out on which distribution we are running.
55                 self.distro = self._get_distro_identifier()
56                 logger.debug(_("Running on distribution: %s") % self.distro)
57
58         @property
59         def proxy(self):
60                 proxy = self.core.settings.get("proxy")
61
62                 # Strip http:// at the beginning.
63                 if proxy and proxy.startswith("http://"):
64                         proxy = proxy[7:]
65
66                 return proxy
67
68         def get_local_ip_address(self, proto):
69                 ip_address = self._get_local_ip_address(proto)
70
71                 # Check if the IP address is usable and only return it then
72                 if self._is_usable_ip_address(proto, ip_address):
73                         return ip_address
74
75         def _get_local_ip_address(self, proto):
76                 # Legacy code for IPFire 2.
77                 if self.distro == "ipfire-2" and proto == "ipv4":
78                         try:
79                                 with open("/var/ipfire/red/local-ipaddress") as f:
80                                         return f.readline()
81
82                         except IOError, e:
83                                 # File not found
84                                 if e.errno == 2:
85                                         return
86
87                                 raise
88
89                 # XXX TODO
90                 raise NotImplementedError
91
92         def _guess_external_ip_address(self, url, timeout=10):
93                 """
94                         Sends a request to an external web server
95                         to determine the current default IP address.
96                 """
97                 try:
98                         response = self.send_request(url, timeout=timeout)
99
100                 # If the server could not be reached, we will return nothing.
101                 except DDNSNetworkError:
102                         return
103
104                 if not response.code == 200:
105                         return
106
107                 match = re.search(r"^Your IP address is: (.*)$", response.read())
108                 if match is None:
109                         return
110
111                 return match.group(1)
112
113         def guess_external_ip_address(self, family, **kwargs):
114                 if family == "ipv6":
115                         url = "http://checkip6.dns.lightningwirelabs.com"
116                 elif family == "ipv4":
117                         url = "http://checkip4.dns.lightningwirelabs.com"
118                 else:
119                         raise ValueError("unknown address family")
120
121                 return self._guess_external_ip_address(url, **kwargs)
122
123         def send_request(self, url, method="GET", data=None, username=None, password=None, timeout=30):
124                 assert method in ("GET", "POST")
125
126                 # Add all arguments in the data dict to the URL and escape them properly.
127                 if method == "GET" and data:
128                         query_args = self._format_query_args(data)
129                         data = None
130
131                         if "?" in url:
132                                 url = "%s&%s" % (url, query_args)
133                         else:
134                                 url = "%s?%s" % (url, query_args)
135
136                 logger.debug("Sending request (%s): %s" % (method, url))
137                 if data:
138                         logger.debug("  data: %s" % data)
139
140                 req = urllib2.Request(url, data=data)
141
142                 if username and password:
143                         basic_auth_header = self._make_basic_auth_header(username, password)
144                         req.add_header("Authorization", "Basic %s" % basic_auth_header)
145
146                 # Set the user agent.
147                 req.add_header("User-Agent", self.USER_AGENT)
148
149                 # All requests should not be cached anywhere.
150                 req.add_header("Pragma", "no-cache")
151
152                 # Set the upstream proxy if needed.
153                 if self.proxy:
154                         logger.debug("Using proxy: %s" % self.proxy)
155
156                         # Configure the proxy for this request.
157                         req.set_proxy(self.proxy, "http")
158
159                 assert req.get_method() == method
160
161                 logger.debug(_("Request header:"))
162                 for k, v in req.headers.items():
163                         logger.debug("  %s: %s" % (k, v))
164
165                 try:
166                         resp = urllib2.urlopen(req, timeout=timeout)
167
168                         # Log response header.
169                         logger.debug(_("Response header (Status Code %s):") % resp.code)
170                         for k, v in resp.info().items():
171                                 logger.debug("  %s: %s" % (k, v))
172
173                         # Return the entire response object.
174                         return resp
175
176                 except urllib2.HTTPError, e:
177                         # Log response header.
178                         logger.debug(_("Response header (Status Code %s):") % e.code)
179                         for k, v in e.hdrs.items():
180                                 logger.debug("  %s: %s" % (k, v))
181
182                         # 400 - Bad request
183                         if e.code == 400:
184                                 raise DDNSRequestError(e.reason)
185
186                         # 401 - Authorization Required
187                         # 403 - Forbidden
188                         elif e.code in (401, 403):
189                                 raise DDNSAuthenticationError(e.reason)
190
191                         # 404 - Not found
192                         # Either the provider has changed the API, or
193                         # there is an error on the server
194                         elif e.code == 404:
195                                 raise DDNSNotFound(e.reason)
196
197                         # 500 - Internal Server Error
198                         elif e.code == 500:
199                                 raise DDNSInternalServerError(e.reason)
200
201                         # 503 - Service Unavailable
202                         elif e.code == 503:
203                                 raise DDNSServiceUnavailableError(e.reason)
204
205                         # Raise all other unhandled exceptions.
206                         raise
207
208                 except urllib2.URLError, e:
209                         if e.reason:
210                                 # Handle SSL errors
211                                 if isinstance(e.reason, ssl.SSLError):
212                                         e = e.reason
213
214                                         if e.reason == "CERTIFICATE_VERIFY_FAILED":
215                                                 raise DDNSCertificateError
216
217                                         # Raise all other SSL errors
218                                         raise DDNSSSLError(e.reason)
219
220                                 # Name or service not known
221                                 if e.reason.errno == -2:
222                                         raise DDNSResolveError
223
224                                 # Network Unreachable (e.g. no IPv6 access)
225                                 if e.reason.errno == 101:
226                                         raise DDNSNetworkUnreachableError
227
228                                 # Connection Refused
229                                 elif e.reason.errno == 111:
230                                         raise DDNSConnectionRefusedError
231
232                                 # No route to host
233                                 elif e.reason.errno == 113:
234                                         raise DDNSNoRouteToHostError(req.host)
235
236                         # Raise all other unhandled exceptions.
237                         raise
238
239                 except socket.timeout, e:
240                         logger.debug(_("Connection timeout"))
241
242                         raise DDNSConnectionTimeoutError
243
244         def _format_query_args(self, data):
245                 args = []
246
247                 for k, v in data.items():
248                         arg = "%s=%s" % (k, urllib.quote(v))
249                         args.append(arg)
250
251                 return "&".join(args)
252
253         def _make_basic_auth_header(self, username, password):
254                 authstring = "%s:%s" % (username, password)
255
256                 # Encode authorization data in base64.
257                 authstring = base64.encodestring(authstring)
258
259                 # Remove any newline characters.
260                 authstring = authstring.replace("\n", "")
261
262                 return authstring
263
264         def get_address(self, proto):
265                 """
266                         Returns the current IP address for
267                         the given IP protocol.
268                 """
269                 try:
270                         return self.__addresses[proto]
271
272                 # IP is currently unknown and needs to be retrieved.
273                 except KeyError:
274                         self.__addresses[proto] = address = \
275                                 self._get_address(proto)
276
277                         return address
278
279         def _get_address(self, proto):
280                 assert proto in ("ipv6", "ipv4")
281
282                 # IPFire 2 does not support IPv6.
283                 if self.distro == "ipfire-2" and proto == "ipv6":
284                         return
285
286                 # Check if the external IP address should be guessed from
287                 # a remote server.
288                 guess_ip = self.core.settings.get("guess_external_ip", "true")
289                 guess_ip = guess_ip in ("true", "yes", "1")
290
291                 # Get the local IP address.
292                 local_ip_address = None
293
294                 if not guess_ip:
295                         try:
296                                 local_ip_address = self.get_local_ip_address(proto)
297                         except NotImplementedError:
298                                 logger.warning(_("Falling back to check the IP address with help of a public server"))
299
300                 # If no local IP address could be determined, we will fall back to the guess
301                 # it with help of an external server...
302                 if not local_ip_address:
303                         local_ip_address = self.guess_external_ip_address(proto)
304
305                 return local_ip_address
306
307         def _is_usable_ip_address(self, proto, address):
308                 """
309                         Returns True is the local IP address is usable
310                         for dynamic DNS (i.e. is not a RFC1918 address or similar).
311                 """
312                 if proto == "ipv4":
313                         # This is not the most perfect solution to match
314                         # these addresses, but instead of pulling in an entire
315                         # library to handle the IP addresses better, we match
316                         # with regular expressions instead.
317                         matches = (
318                                 # RFC1918 address space
319                                 r"^10\.\d+\.\d+\.\d+$",
320                                 r"^192\.168\.\d+\.\d+$",
321                                 r"^172\.(1[6-9]|2[0-9]|31)\.\d+\.\d+$",
322
323                                 # Dual Stack Lite address space
324                                 r"^100\.(6[4-9]|[7-9][0-9]|1[01][0-9]|12[0-7])\.\d+\.\d+$",
325                         )
326
327                         for match in matches:
328                                 m = re.match(match, address)
329                                 if m is None:
330                                         continue
331
332                                 # Found a match. IP address is not usable.
333                                 return False
334
335                 # In all other cases, return OK.
336                 return True
337
338         def resolve(self, hostname, proto=None):
339                 addresses = []
340
341                 if proto is None:
342                         family = 0
343                 elif proto == "ipv6":
344                         family = socket.AF_INET6
345                 elif proto == "ipv4":
346                         family = socket.AF_INET
347                 else:
348                         raise ValueError("Protocol not supported: %s" % proto)
349
350                 # Resolve the host address.
351                 try:
352                         response = socket.getaddrinfo(hostname, None, family)
353                 except socket.gaierror, e:
354                         # Name or service not known
355                         if e.errno == -2:
356                                 return []
357
358                         # Temporary failure in name resolution
359                         elif e.errno == -3:
360                                 raise DDNSResolveError(hostname)
361
362                         # No record for requested family available (e.g. no AAAA)
363                         elif e.errno == -5:
364                                 return []
365
366                         raise
367
368                 # Handle responses.
369                 for family, socktype, proto, canonname, sockaddr in response:
370                         # IPv6
371                         if family == socket.AF_INET6:
372                                 address, port, flow_info, scope_id = sockaddr
373
374                                 # Only use the global scope.
375                                 if not scope_id == 0:
376                                         continue
377
378                         # IPv4
379                         elif family == socket.AF_INET:
380                                 address, port = sockaddr
381
382                         # Ignore everything else...
383                         else:
384                                 continue
385
386                         # Add to repsonse list if not already in there.
387                         if not address in addresses:
388                                 addresses.append(address)
389
390                 return addresses
391
392         def _get_distro_identifier(self):
393                 """
394                         Returns a unique identifier for the distribution
395                         we are running on.
396                 """
397                 os_release = self.__parse_os_release()
398                 if os_release:
399                         return os_release
400
401                 system_release = self.__parse_system_release()
402                 if system_release:
403                         return system_release
404
405                 # If nothing else could be found, we return
406                 # just "unknown".
407                 return "unknown"
408
409         def __parse_os_release(self):
410                 """
411                         Tries to parse /etc/os-release and
412                         returns a unique distribution identifier
413                         if the file exists.
414                 """
415                 try:
416                         f = open("/etc/os-release", "r")
417                 except IOError, e:
418                         # File not found
419                         if e.errno == 2:
420                                 return
421
422                         raise
423
424                 os_release = {}
425                 with f:
426                         for line in f.readlines():
427                                 m = re.match(r"^([A-Z\_]+)=(.*)$", line)
428                                 if m is None:
429                                         continue
430
431                                 os_release[m.group(1)] = m.group(2)
432
433                 try:
434                         return "%(ID)s-%(VERSION_ID)s" % os_release
435                 except KeyError:
436                         return
437
438         def __parse_system_release(self):
439                 """
440                         Tries to parse /etc/system-release and
441                         returns a unique distribution identifier
442                         if the file exists.
443                 """
444                 try:
445                         f = open("/etc/system-release", "r")
446                 except IOError, e:
447                         # File not found
448                         if e.errno == 2:
449                                 return
450
451                         raise
452
453                 with f:
454                         # Read first line
455                         line = f.readline()
456
457                         # Check for IPFire systems
458                         m = re.match(r"^IPFire (\d).(\d+)", line)
459                         if m:
460                                 return "ipfire-%s" % m.group(1)