Fix shellcheck SC2230
> which is non-standard. Use builtin 'command -v' instead.
Once applied to everything concerning OpenWrt we can disable the busybox
feature `which` and save 3.8kB.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Hurricane Electric provides a free IPv6inIPv4 tunnel. It changed its ipv4 ddns service, fully needed to keep the ipv6 tunnel up, to the domain tunnelbroker.net. Besides, the old he.net script was bugged because it doesn't had a [USERNAME] placement but instead two [DOMAIN]. The new tunnelbroker.net update URL, still provided by Hurricane Electric, is https://[USERNAME]:[PASSWORD]@ipv4.tunnelbroker.net/nic/update?hostname=[DOMAIN]&myip=[IP] and it gets the response good or nochg
Signed-off-by: Euler Alves <euler@alves.pro.br>
(fixed-signed-off-by and prefixed)
Signed-off-by: Rosen Penev <rosenp@gmail.com>
PKG_RELEASE was incremented to 15 because of a fix in files/services
Signed-off-by: Euler Alves <euler@alves.pro.br>
(fixed-signed-off-by and prefixed)
Signed-off-by: Rosen Penev <rosenp@gmail.com>
- Use HTTPS protocol for updating urls for afraid.org to protect the password.
- Bump/align package version number.
Signed-off-by: Kwonjin Jeong <gram25gwh@gmail.com>
* use '$ddns_rundir' in 'get_service_data' for pipe creation, fix#8971
* add missing local variables in 'get_service_data'
* change DNS server verification with drill in 'verify_host_port',
fix/supersed #8935
* remove needless cat calls in 'verify_host_port'
* set cloudfare TTL to min. 120 seconds, fix#7745
* bump/align package version number
Signed-off-by: Dirk Brenken <dev@brenken.org>
the latest update url format for deSEC is
http(s)://update.dedyn.io/update?username=[USERNAME]&password=[PWD]
Signed-off-by: James Qian <sotux82@gmail.com>
Note: this should prevent wget to writing to /root/.wget-hsts
which can lead to flash memory degradation.
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
This prevents updates from failing if multiple instances of the
script are running in parallel. This fixes#7492.
Signed-off-by: Martin Konrad <info@martin-konrad.net>
* replace shell based urlencoder with an awk variant
* fix write_log function/syslog output in case of an error
* protect answer string with double quotes in update_route53
* remove bogus set/IFS options in update_route53
* clean-up update_route53 a little bit
This patchset finally fix#6977
Many thanks to @mark0n & @a-bali for testing & debugging
Signed-off-by: Dirk Brenken <dev@brenken.org>
Option 'ip_source' was silently ignored during public IP discovery.
Discovery (in spite of chosen 'ip_source') was based only on
'ip_network', 'ip_interface', 'ip_script' or 'ip_url' options (in this
order) if they were set. This could lead to misleading log entries
"Detect local IP on '$ip_source'" pointing to source that wasn't really
used.
Now only option relevant to configured 'ip_source' is taken into
account.
Signed-off-by: Jacek Politowski <dev@jpol.net.pl>
Since certain characters are dangerous to pass as-is to a sub shell,
sanitize the character set and only allow characters that are considered
valid for DNS hosts and filter shell escape characters on generic parameters.
Disable pathname expansion on RUNPROG evals to disable the shell expanding *,
? and [ in the arguments.
Signed-off-by: Karl Vogel <karl.vogel@gmail.com>
new ddns script for polish service FreeDNS.42.pl where you can
host your own domains for free
Signed-off-by: Michal Lipka <michal@sysadmin.care>
(commits from PR #6150 squashed together)
Currently this 3 variable are used only 1 time in the sh script and cause 10s of delay for them to load... move them to load only if it's required by the command. This also fix luci-app-ddns delay problem derived by calling dns_lucihelper (that use tdns_functions to load data) for the version.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
- Add valid responses "good|nochg" so that ddns-script could recognize "badauth"
error that comes with http 200 code
- Switch url to https scheme. "now-dns.com" always returns 302 redirect
to https:// for all plain-text http requests. Since working via default
plain-text http is not possible anyway, forcing url to https prevents
curl sending unencrypted plain-text credentials via basic auth
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Rewritten Pull for #5885
When ran from the command line, the script prints
error messages like below. They are caused by supplying
empty "$password" and "$URL_PASS" for some log messages
like "130822 : Detect local IP on 'interface'".
The fix is to check if the values are not empty before running
through sed.
/etc/init.d/ddns start
sed: no previous regexp
Reported by Marc Benoit <marcb62185@gmail.com>
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Write *.ip file with current registered IP, whenever "get_registered_IP" is called (used by next luci-app-ddns version)
Changed detection of cURL proxy support #3876
Reread data from ubus if "get_local_ip" from "ip_network" #5004#3338
Fix godaddy_com_v1 #5285
Implement "param_opt" for "cloudflare_com_v4" #5097
Inside logfile "*password*" printed in stead of real password #5281 and others
Add ipv4 service "dnsever.com" #5178
Add ipv4 service "myip.co.ua" #5199
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
gzip create a header by default containing the filename
and the timestamp of the file.
This timestamp will break reproducible builds [0].
[0] https://reproducible-builds.org/docs/timestamps/
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Maintainer: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Run tested: LEDE Reboot 17.01.3 r3533-d0bf257c46
Description:
user.err ddns-scripts: IP update not accepted by DDNS Provider
dynv6.com response "unchanged" is OK
Signed-off-by: Ernest Moshkov <e.moshkov@gmail.com>
Dynu.com already support IPV6 updates using the parameter myipv6, adding to services_ipv6 to enable support in OpenWRT/LEDE
Signed-off-by: Phil John <philjohn@gmail.com>
afraid.org has a new update API with better IPV6 support. It needs to be
specifically enabled for each domain, so the original v1 api has been
Signed-off-by: Thomas Guyot-Sionnest <dermoth@aei.ca>
remove answer checking for dnsexit as their API allows for too many return codes to handle them all.
Signed-off-by: Xavier Douville <zorxd@users.noreply.github.com>
For consistency, use full name instead of $(PKG_NAME) in define and eval
lines for all packages.
I've seen reviews that asked to do this before, and I am asking the same
during reviews now. To avoid this in the future, fix this treewide so
when people use existing packages as example, we will not have to
request this change anymore.
This makes all packages consistent with both LEDE and OpenWrt base
repositories.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
- fix ip extraction if knot host is used together with glue records
- fix ip extraction from nslookup if reverse dns record has ip with dot reported at http://forum.lede-project.org/t/ddns-scripts-error/909
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- cloudflare v1 change syntax of option domain to "host.sub@example.com" like already cloudflare v4 and godaddy to prepare logterm remove of public_suffix_list.dat from package
- change Makefile to be backportable to CC15.05 and working on DD
- change ddns.defaults to prepare future releases of ddns-scripts
- minor fixes
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- no longer build public_suffix_list.dat.gz during build #3678
- replace "\s" with "[[:space:]]" inside Makefile because "\s" ignored by some sed versions
- tools/public_suffix_list.sh still available to rebuild public_suffix_list.dat.gz outside OpenWRT/LEDE build system
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Get public_suffix_list.dat without using secure connection. #3678
File generated during build, because it's the only option to have an
actual version packaged.
Long term Cloudflare_v1 package will be changed to no longer need
public_suffix_list.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Fix return codes, if ip data at Godaddy.com and Cloudflare.com are
already up to date, handle it as succesful update.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- update_cloudflare_com_v4.sh: enclose urls in single quotes
- dynamic_dns_functions.sh: force to return only one ip, if using nslookup to get registered ip
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
modified Makefile to:
- stop service before install when updating reported at http://forum.lede-project.org/t/ddns-scripts-upgrade-issue/456/1
- run uci-defaults for all packages
- modify services files only on new installation
still some commands already covered by default_postinst() etc. but they are in there for backward compatibilty.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- tld_names.dat.gz
- rename to public_suffix_list.dat.gz
- (re)created during build
- new location /usr/share
- move services files to /etc/ddns
- new services
- CloudFlare.com-v4 using API-Version 4 without using public_suffix_list.dat
- GoDaddy.com
- both depending on cURL package
- both with modified syntax for option domain ( NEW: [host[.subdom]@]domain.tld )
- new service
- Now-DNS.com formerly Now-IP.com
- service afraid.org now supports key-auth and basic-auth
- new command line options for dynamic_dns_updater.sh and dynamic_dns_updater.sh
- adapted ddns.init and ddns.hotplug to new command line options
- renaming config options inside section global
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
remove postinst (of main package) from Makefile because all is done inside uci-defaults scripts
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
commands to apply changes introduced during release changes, moved from Makefile postinst to /etc/uci-defaults
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- if local ip cannot be detected or is invalid then do not exit ddns-scripts #2950,
using multiple url's to detect local ip not jet implemented
- change spdns.de update url and add sydyn.de inside services file #2991
- move transfer- and lookup-program detection to dynamic_dns_functions.sh
so run once at startup in stead of at every transfer/lookup
- add khost, drill and hostip to verify_host_port() function
- updated tld_names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- fix handling of parameter "is_glue" and "dns_server" to work with luci-app-ddns
- update TLD_names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Assuming the following dns zone configuration for kresin.me:
. 1800 IN NS ns.inwx.de.
home.kresin.me. 1800 IN NS gw.home.kresin.me.
gw.home.kresin.me. 60 IN A 198.51.100.1
Using the example, gw.home.kresin.me is a glue record and used as DDNS
record as well. gw.home.kresin.me points to the OpenWrt installation
where the ddns-scripts are running.
Since ns.inwx.de isn't the authoritative server for home.kresin.me,
a query for the the A record of gw.home.kresin.me will be "forwarded"
to and replied by the authoritative server 198.51.100.1. If the
authoritative server can't be reached, the query times out without any
address returned.
The only way to get the A record of the glue record is to use bind
host in verbose output mode, query ns.inwx.de for gw.home.kresin.me and
evaluate the additional section of the response.
To my knowledge, only bind host in verbose output mode shows the
additional section of the response. Therefore, this features depends on
bind host.
It is not possible to use the bind host verbose mode for all queries.
In verbose mode the "has address" line isn't returned. Grepping for the
hostname might fail if the hostname is CNAME. Grepping for the first
occurrence of an ip-address is way to error prone, since it could
return the ip address of a different record type.
Signed-off-by: Mathias Kresin <dev@kresin.me>
- add DNS lookup support for "drill" and "khost" (Knot DNS) #2637
- new service nsupdate.info (IPv4 and IPv6) #2433
- new services dyndnss.net, dyns.net (IPv4 only)
- new services dnshome.de, goip.de, myonlineportal.net (IPv4 and IPv6)
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- roll back to "old" update_url of freedns.afraid.org fix for #2445 and openwrt/luci#661
- add provider nubem.com (IPv4 only)
- add provider nettica.com (IPv4 only)
- add provider zerigo.com (IPv4 and IPv6)
- add provider regfish.de (IPv4 and IPv6)
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- renamed (lower case) filenames and servicenames for no-ip.com, cloudflare.com and bind_nsupdate including modifing existing configurations #2375
- updated tld_names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- new function expand_ipv6()
- expand IPv6 before compare https://dev.openwrt.org/ticket/21725
- Fix split_FQDN() to return host.subdomain correctly #2334
- modified check for musl library used by nslookup #2341#2346 thanks to Arjen de Korte
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- add support for "hostip" to get_registered_ip() as alternative to "Bind host" package https://dev.openwrt.org/ticket/20893#comment:5
- allow to send updates using compiled-in certificate file/path of curl/wget #2242#2243#2245
- add support for uclient-fetch / libustream-ssl.so
- remove /128 prefix-filter in get_local_ip() via interface #2268
- add dyndns.org to services_ipv6 https://forum.openwrt.org/viewtopic.php?id=62103
- readd duckdns.org to services #2251 (lost somewhere in data heaven)
- add zzzz.io service #2302
- updated tld_names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
This is necessary when there are multiple records for the same domain,
otherwise the script will overwrite the first one returned by the API.
It has the secondary benefit of allowing faster updates by performing
only one API call instead of two.
In case 'rec_id' is not set the script behaves exactly as before.
Signed-off-by: Leonardo Brondani Schenkel <leonardo@schenkel.net>
