Pattern support for dyndns_iface option

src/man/sssd-ad.5.xml

@@ -1227,15 +1227,16 @@ ad_gpo_map_deny = +my_pam_service
                             Optional. Applicable only when dyndns_update
                             is true. Choose the interface or a list of interfaces
                             whose IP addresses should be used for dynamic DNS
-                            updates. Special value <quote>*</quote> implies that
-                            IPs from all interfaces should be used.
+                            updates. The name of interface can be a wildcard
+                            pattern. See <emphasis>man 7 glob</emphasis> for
+                            details about patterns.
                         </para>
                         <para>
                             Default: Use the IP addresses of the interface which
                             is used for AD LDAP connection
                         </para>
                         <para>
-                            Example: dyndns_iface = em1, vnet1, vnet2
+                            Example: dyndns_iface = em1, vnet?, vpn*
                         </para>
                     </listitem>
                 </varlistentry>

src/man/sssd-ipa.5.xml

@@ -181,8 +181,9 @@
                             Optional. Applicable only when dyndns_update
                             is true. Choose the interface or a list of interfaces
                             whose IP addresses should be used for dynamic DNS
-                            updates. Special value <quote>*</quote> implies that
-                            IPs from all interfaces should be used.
+                            updates. The name of interface can be a wildcard
+                            pattern. See <emphasis>man 7 glob</emphasis> for
+                            details about patterns.
                         </para>
                         <para>
                             NOTE: While it is still possible to use the old

src/providers/be_dyndns.c

@@ -27,12 +27,13 @@
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <sys/ioctl.h>
 #include <arpa/inet.h>
 #include <net/if.h>
 #include <ifaddrs.h>
+#include <fnmatch.h>
 #include <ctype.h>
 #include "util/debug.h"
 #include "util/util.h"
 #include "confdb/confdb.h"
 #include "util/child_common.h"
 #include "providers/data_provider.h"
@@ -44,9 +45,6 @@
 #define DYNDNS_TIMEOUT 15
 #endif /* DYNDNS_TIMEOUT */
 
-/* MASK represents special value for matching all interfaces */
-#define MASK "*"
-
 struct sss_iface_addr {
     struct sss_iface_addr *next;
     struct sss_iface_addr *prev;
@@ -189,9 +187,9 @@
     return sa_family == AF_INET || sa_family == AF_INET6;
 }
 
-static bool matching_name(const char *ifname, const char *ifname2)
+static bool matching_name(const char *ifname, const char *ifname_pattern)
 {
-    return (strcmp(MASK, ifname) == 0) || (strcasecmp(ifname, ifname2) == 0);
+    return fnmatch(ifname_pattern, ifname, 0) == 0;
 }
 
 /* Collect IP addresses associated with an interface */
@@ -224,7 +222,7 @@
 
         /* Add IP addresses to the list */
         if (supported_address_family(ifa->ifa_addr->sa_family)
-                && matching_name(ifname, ifa->ifa_name)
+                && matching_name(ifa->ifa_name, ifname)
                 && ok_for_dns(ifa->ifa_addr)) {
 
             /* Add this address to the IP address list */

src/tests/cmocka/test_dyndns.c

@@ -318,6 +318,45 @@ void dyndns_test_get_ifaddr_enoent(void **state)
     assert_true(check_leaks_pop(dyndns_test_ctx) == true);
 }
 
+static int ifaddr_list_size(struct sss_iface_addr *list)
+{
+    struct sss_iface_addr *p = list;
+    size_t s = 0;
+    while (p) {
+        s++;
+        p = p->next;
+    }
+    return s;
+}
+
+void dyndns_test_get_ifaddr_pattern(void **state)
+{
+    errno_t ret;
+    struct sss_iface_addr *addrlist;
+    const char *pattern[] = {"*", "eth*", "eth?", "eth[12]", "*vpn*"};
+    int expected_items[] =  {5,   4,      3,      2,         1};
+    int i;
+
+    check_leaks_push(dyndns_test_ctx);
+
+    for (i = 0; i < 5; i++) {
+        will_return_getifaddrs("eth0", "192.168.0.1", AF_INET);
+        will_return_getifaddrs("eth1", "192.168.0.2", AF_INET);
+        will_return_getifaddrs("eth2", "192.168.0.3", AF_INET);
+        will_return_getifaddrs("eth10", "192.168.0.4", AF_INET);
+        will_return_getifaddrs("vpn1", "192.168.0.5", AF_INET);
+        will_return_getifaddrs(NULL, NULL, 0); /* sentinel */
+        ret = sss_iface_addr_list_get(dyndns_test_ctx, pattern[i],
+                                      &addrlist);
+        assert_int_equal(ret, EOK);
+        assert_int_equal(ifaddr_list_size (addrlist), expected_items[i]);
+        talloc_free(addrlist);
+    }
+
+    assert_true(check_leaks_pop(dyndns_test_ctx) == true);
+}
+
+
 void dyndns_test_addr_list_as_str_list(void **state)
 {
     int i;
@@ -1042,6 +1081,9 @@ int main(int argc, const char *argv[])
         cmocka_unit_test_setup_teardown(dyndns_test_get_ifaddr_enoent,
                                         dyndns_test_simple_setup,
                                         dyndns_test_teardown),
+        cmocka_unit_test_setup_teardown(dyndns_test_get_ifaddr_pattern,
+                                        dyndns_test_simple_setup,
+                                        dyndns_test_teardown),
         cmocka_unit_test_setup_teardown(dyndns_test_addr_list_as_str_list,
                                         dyndns_test_simple_setup,
                                         dyndns_test_teardown),