Cross Reference: /freebsd-11-stable/contrib/unbound/util/config

Deleted Added

sdiff udiff text old ( 307729 ) new ( 356345 )

full compact

config_file.h (307729)	config_file.h (356345)
1/* 2 * util/config_file.h - reads and stores the config file for unbound. 3 * 4 * Copyright (c) 2007, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 28 unchanged lines hidden (view full) --- 37 * \file 38 * 39 * This file contains functions for the config file. 40 */ 41 42#ifndef UTIL_CONFIG_FILE_H 43#define UTIL_CONFIG_FILE_H 44struct config_stub;	1/* 2 * util/config_file.h - reads and stores the config file for unbound. 3 * 4 * Copyright (c) 2007, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 28 unchanged lines hidden (view full) --- 37 * \file 38 * 39 * This file contains functions for the config file. 40 */ 41 42#ifndef UTIL_CONFIG_FILE_H 43#define UTIL_CONFIG_FILE_H 44struct config_stub;
	45struct config_auth; 46struct config_view;
45struct config_strlist; 46struct config_str2list; 47struct config_str3list; 48struct config_strbytelist; 49struct module_qstate; 50struct sock_list; 51struct ub_packed_rrset_key; 52struct regional; 53	47struct config_strlist; 48struct config_str2list; 49struct config_str3list; 50struct config_strbytelist; 51struct module_qstate; 52struct sock_list; 53struct ub_packed_rrset_key; 54struct regional; 55
	56/** List head for strlist processing, used for append operation. / 57struct config_strlist_head { 58 /* first in list of text items / 59 struct config_strlist first; 60 /** last in list of text items / 61 struct config_strlist last; 62}; 63
54/** 55 * The configuration options. 56 * Strings are malloced. 57 / 58struct config_file { 59 /* verbosity level as specified in the config file / 60 int verbosity; 61 --- 16 unchanged lines hidden* (view full) --- 78 /** prefer ip6 upstream queries. / 79 int prefer_ip6; 80 /* do udp query support. / 81 int do_udp; 82 /* do tcp query support. / 83 int do_tcp; 84 /* tcp upstream queries (no UDP upstream queries) */ 85 int tcp_upstream;	64/** 65 * The configuration options. 66 * Strings are malloced. 67 / 68struct config_file { 69 /* verbosity level as specified in the config file / 70 int verbosity; 71 --- 16 unchanged lines hidden* (view full) --- 88 /** prefer ip6 upstream queries. / 89 int prefer_ip6; 90 /* do udp query support. / 91 int do_udp; 92 /* do tcp query support. / 93 int do_tcp; 94 /* tcp upstream queries (no UDP upstream queries) */ 95 int tcp_upstream;
	96 /** udp upstream enabled when no UDP downstream is enabled (do_udp no)*/ 97 int udp_upstream_without_downstream;
86 /** maximum segment size of tcp socket which queries are answered / 87 int tcp_mss; 88 /* maximum segment size of tcp socket for outgoing queries */ 89 int outgoing_tcp_mss;	98 /** maximum segment size of tcp socket which queries are answered / 99 int tcp_mss; 100* /** maximum segment size of tcp socket for outgoing queries / 101* int outgoing_tcp_mss;
	102 /** tcp idle timeout, in msec / 103* int tcp_idle_timeout; 104 /** do edns tcp keepalive / 105* int do_tcp_keepalive; 106 /** tcp keepalive timeout, in msec / 107* int tcp_keepalive_timeout;
90 91 /** private key file for dnstcp-ssl service (enabled if not NULL) / 92 char ssl_service_key; 93 /** public key file for dnstcp-ssl service / 94 char ssl_service_pem; 95 /** port on which to provide ssl service / 96 int ssl_port; 97 /* if outgoing tcp connections use SSL */ 98 int ssl_upstream;	108 109 /** private key file for dnstcp-ssl service (enabled if not NULL) / 110* char* ssl_service_key; 111 /** public key file for dnstcp-ssl service / 112* char* ssl_service_pem; 113 /** port on which to provide ssl service / 114* int ssl_port; 115 /** if outgoing tcp connections use SSL / 116* int ssl_upstream;
	117 /** cert bundle for outgoing connections / 118* char* tls_cert_bundle; 119 /** should the system certificate store get added to the cert bundle / 120* int tls_win_cert; 121 /** additional tls ports / 122* struct config_strlist* tls_additional_port; 123 /** secret key used to encrypt and decrypt TLS session ticket / 124* struct config_strlist_head tls_session_ticket_keys; 125 /** TLS ciphers / 126* char* tls_ciphers; 127 /** TLS chiphersuites (TLSv1.3) / 128* char* tls_ciphersuites;
99 100 /** outgoing port range number of ports (per thread) / 101* int outgoing_num_ports; 102 /** number of outgoing tcp buffers per (per thread) / 103* size_t outgoing_num_tcp; 104 /** number of incoming tcp buffers per (per thread) / 105* size_t incoming_num_tcp; 106 /** allowed udp port numbers, array with 0 if not allowed / 107* int* outgoing_avail_ports; 108 109 /** EDNS buffer size to use / 110* size_t edns_buffer_size;	129 130 /** outgoing port range number of ports (per thread) / 131* int outgoing_num_ports; 132 /** number of outgoing tcp buffers per (per thread) / 133* size_t outgoing_num_tcp; 134 /** number of incoming tcp buffers per (per thread) / 135* size_t incoming_num_tcp; 136 /** allowed udp port numbers, array with 0 if not allowed / 137* int* outgoing_avail_ports; 138 139 /** EDNS buffer size to use / 140* size_t edns_buffer_size;
	141 /** size of the stream wait buffers, max / 142* size_t stream_wait_size;
111 /** number of bytes buffer size for DNS messages / 112* size_t msg_buffer_size; 113 /** size of the message cache / 114* size_t msg_cache_size; 115 /** slabs in the message cache. / 116* size_t msg_cache_slabs; 117 /** number of queries every thread can service / 118* size_t num_queries_per_thread; --- 11 unchanged lines hidden (view full) --- 130 size_t infra_cache_numhosts; 131 /** min value for infra cache rtt / 132* int infra_cache_min_rtt; 133 /** delay close of udp-timeouted ports, if 0 no delayclose. in msec / 134* int delay_close; 135 136 /** the target fetch policy for the iterator / 137* char* target_fetch_policy;	143 /** number of bytes buffer size for DNS messages / 144* size_t msg_buffer_size; 145 /** size of the message cache / 146* size_t msg_cache_size; 147 /** slabs in the message cache. / 148* size_t msg_cache_slabs; 149 /** number of queries every thread can service / 150* size_t num_queries_per_thread; --- 11 unchanged lines hidden (view full) --- 162 size_t infra_cache_numhosts; 163 /** min value for infra cache rtt / 164* int infra_cache_min_rtt; 165 /** delay close of udp-timeouted ports, if 0 no delayclose. in msec / 166* int delay_close; 167 168 /** the target fetch policy for the iterator / 169* char* target_fetch_policy;
	170 /** percent10, how many times in 1000 to pick from the fastest 171* * destinations / 172* int fast_server_permil; 173 /** number of fastest server to select from / 174* size_t fast_server_num;
138 139 /** automatic interface for incoming messages. Uses ipv6 remapping, 140 * and recvmsg/sendmsg ancillary data to detect interfaces, boolean / 141* int if_automatic; 142 /** SO_RCVBUF size to set on port 53 UDP socket / 143* size_t so_rcvbuf; 144 /** SO_SNDBUF size to set on port 53 UDP socket / 145* size_t so_sndbuf; --- 16 unchanged lines hidden (view full) --- 162 char *out_ifs; 163* 164 /** the root hints / 165* struct config_strlist* root_hints; 166 /** the stub definitions, linked list / 167* struct config_stub* stubs; 168 /** the forward zone definitions, linked list / 169* struct config_stub* forwards;	175 176 /** automatic interface for incoming messages. Uses ipv6 remapping, 177 * and recvmsg/sendmsg ancillary data to detect interfaces, boolean / 178* int if_automatic; 179 /** SO_RCVBUF size to set on port 53 UDP socket / 180* size_t so_rcvbuf; 181 /** SO_SNDBUF size to set on port 53 UDP socket / 182* size_t so_sndbuf; --- 16 unchanged lines hidden (view full) --- 199 char *out_ifs; 200* 201 /** the root hints / 202* struct config_strlist* root_hints; 203 /** the stub definitions, linked list / 204* struct config_stub* stubs; 205 /** the forward zone definitions, linked list / 206* struct config_stub* forwards;
	207 /** the auth zone definitions, linked list / 208* struct config_auth* auths; 209 /** the views definitions, linked list / 210* struct config_view* views;
170 /** list of donotquery addresses, linked list / 171* struct config_strlist* donotqueryaddrs;	211 /** list of donotquery addresses, linked list / 212* struct config_strlist* donotqueryaddrs;
	213#ifdef CLIENT_SUBNET 214 /** list of servers we send edns-client-subnet option to and 215 * accept option from, linked list / 216* struct config_strlist* client_subnet; 217 /** list of zones we send edns-client-subnet option for / 218* struct config_strlist* client_subnet_zone; 219 /** opcode assigned by IANA for edns0-client-subnet option / 220* uint16_t client_subnet_opcode; 221 /** Do not check whitelist if incoming query contains an ECS record / 222* int client_subnet_always_forward; 223 /** Subnet length we are willing to give up privacy for / 224* uint8_t max_client_subnet_ipv4; 225 uint8_t max_client_subnet_ipv6; 226 /** Minimum subnet length we are willing to answer / 227* uint8_t min_client_subnet_ipv4; 228 uint8_t min_client_subnet_ipv6; 229 /** Max number of nodes in the ECS radix tree / 230* uint32_t max_ecs_tree_size_ipv4; 231 uint32_t max_ecs_tree_size_ipv6; 232#endif
172 /** list of access control entries, linked list / 173* struct config_str2list* acls; 174 /** use default localhost donotqueryaddr entries / 175* int donotquery_localhost; 176	233 /** list of access control entries, linked list / 234* struct config_str2list* acls; 235 /** use default localhost donotqueryaddr entries / 236* int donotquery_localhost; 237
	238 /** list of tcp connection limitss, linked list / 239* struct config_str2list* tcp_connection_limits; 240
177 /** harden against very small edns buffer sizes / 178* int harden_short_bufsize; 179 /** harden against very large query sizes / 180* int harden_large_queries; 181 /** harden against spoofed glue (out of zone data) / 182* int harden_glue; 183 /** harden against receiving no DNSSEC data for trust anchor / 184* int harden_dnssec_stripped; --- 18 unchanged lines hidden (view full) --- 203 /** the number of seconds minimum TTL used for RRsets and messages / 204* int min_ttl; 205 /** the number of seconds maximal negative TTL for SOA in auth / 206* int max_negative_ttl; 207 /** if prefetching of messages should be performed. / 208* int prefetch; 209 /** if prefetching of DNSKEYs should be performed. / 210* int prefetch_key;	241 /** harden against very small edns buffer sizes / 242* int harden_short_bufsize; 243 /** harden against very large query sizes / 244* int harden_large_queries; 245 /** harden against spoofed glue (out of zone data) / 246* int harden_glue; 247 /** harden against receiving no DNSSEC data for trust anchor / 248* int harden_dnssec_stripped; --- 18 unchanged lines hidden (view full) --- 267 /** the number of seconds minimum TTL used for RRsets and messages / 268* int min_ttl; 269 /** the number of seconds maximal negative TTL for SOA in auth / 270* int max_negative_ttl; 271 /** if prefetching of messages should be performed. / 272* int prefetch; 273 /** if prefetching of DNSKEYs should be performed. / 274* int prefetch_key;
	275 /** deny queries of type ANY with an empty answer / 276* int deny_any;
211 212 /** chrootdir, if not "" or chroot will be done / 213* char* chrootdir; 214 /** username to change to, if not "". / 215* char* username; 216 /** working directory / 217* char* directory; 218 /** filename to log to. / 219* char* logfile; 220 /** pidfile to write pid to. / 221* char* pidfile; 222 223 /** should log messages be sent to syslogd / 224* int use_syslog; 225 /** log timestamp in ascii UTC / 226* int log_time_ascii; 227 /** log queries with one line per query / 228* int log_queries;	277 278 /** chrootdir, if not "" or chroot will be done / 279* char* chrootdir; 280 /** username to change to, if not "". / 281* char* username; 282 /** working directory / 283* char* directory; 284 /** filename to log to. / 285* char* logfile; 286 /** pidfile to write pid to. / 287* char* pidfile; 288 289 /** should log messages be sent to syslogd / 290* int use_syslog; 291 /** log timestamp in ascii UTC / 292* int log_time_ascii; 293 /** log queries with one line per query / 294* int log_queries;
	295 /** log replies with one line per reply / 296* int log_replies; 297 /** tag log_queries and log_replies for filtering / 298* int log_tag_queryreply; 299 / log every local-zone hit / 300 int log_local_actions; 301 /** log servfails with a reason / 302* int log_servfail; 303 /** log identity to report / 304* char* log_identity;
229 230 /** do not report identity (id.server, hostname.bind) / 231* int hide_identity; 232 /** do not report version (version.server, version.bind) / 233* int hide_version;	305 306 /** do not report identity (id.server, hostname.bind) / 307* int hide_identity; 308 /** do not report version (version.server, version.bind) / 309* int hide_version;
	310 /** do not report trustanchor (trustanchor.unbound) / 311* int hide_trustanchor;
234 /** identity, hostname is returned if "". / 235* char* identity; 236 /** version, package version returned if "". / 237* char* version; 238 239 /** the module configuration string / 240* char* module_conf; 241 --- 6 unchanged lines hidden (view full) --- 248 /** files with trusted DNSKEYs in named.conf format, list / 249* struct config_strlist* trusted_keys_file_list; 250 /** DLV anchor file / 251* char* dlv_anchor_file; 252 /** DLV anchor inline / 253* struct config_strlist* dlv_anchor_list; 254 /** insecure domain list / 255* struct config_strlist* domain_insecure;	312 /** identity, hostname is returned if "". / 313* char* identity; 314 /** version, package version returned if "". / 315* char* version; 316 317 /** the module configuration string / 318* char* module_conf; 319 --- 6 unchanged lines hidden (view full) --- 326 /** files with trusted DNSKEYs in named.conf format, list / 327* struct config_strlist* trusted_keys_file_list; 328 /** DLV anchor file / 329* char* dlv_anchor_file; 330 /** DLV anchor inline / 331* struct config_strlist* dlv_anchor_list; 332 /** insecure domain list / 333* struct config_strlist* domain_insecure;
	334 /** send key tag query / 335* int trust_anchor_signaling; 336 /** enable root key sentinel / 337* int root_key_sentinel;
256 257 /** if not 0, this value is the validation date for RRSIGs / 258* int32_t val_date_override; 259 /** the minimum for signature clock skew / 260* int32_t val_sig_skew_min; 261 /** the maximum for signature clock skew / 262* int32_t val_sig_skew_max; 263 /** this value sets the number of seconds before revalidating bogus / 264* int bogus_ttl; 265 /** should validator clean additional section for secure msgs / 266* int val_clean_additional; 267 /** log bogus messages by the validator / 268* int val_log_level; 269 /** squelch val_log_level to log - this is library goes to callback / 270* int val_log_squelch; 271 /** should validator allow bogus messages to go through / 272* int val_permissive_mode;	338 339 /** if not 0, this value is the validation date for RRSIGs / 340* int32_t val_date_override; 341 /** the minimum for signature clock skew / 342* int32_t val_sig_skew_min; 343 /** the maximum for signature clock skew / 344* int32_t val_sig_skew_max; 345 /** this value sets the number of seconds before revalidating bogus / 346* int bogus_ttl; 347 /** should validator clean additional section for secure msgs / 348* int val_clean_additional; 349 /** log bogus messages by the validator / 350* int val_log_level; 351 /** squelch val_log_level to log - this is library goes to callback / 352* int val_log_squelch; 353 /** should validator allow bogus messages to go through / 354* int val_permissive_mode;
	355 /** use cached NSEC records to synthesise (negative) answers / 356* int aggressive_nsec;
273 /** ignore the CD flag in incoming queries and refuse them bogus data / 274* int ignore_cd;	357 /** ignore the CD flag in incoming queries and refuse them bogus data / 358* int ignore_cd;
	359 /** serve expired entries and prefetch them / 360* int serve_expired; 361 /** serve expired entries until TTL after expiration / 362* int serve_expired_ttl; 363 /** reset serve expired TTL after failed update attempt / 364* int serve_expired_ttl_reset;
275 /** nsec3 maximum iterations per key size, string / 276* char* val_nsec3_key_iterations; 277 /** autotrust add holddown time, in seconds / 278* unsigned int add_holddown; 279 /** autotrust del holddown time, in seconds / 280* unsigned int del_holddown; 281 /** autotrust keep_missing time, in seconds. 0 is forever. / 282* unsigned int keep_missing; --- 6 unchanged lines hidden (view full) --- 289 size_t key_cache_slabs; 290 /** size of the neg cache / 291* size_t neg_cache_size; 292 293 /** local zones config / 294* struct config_str2list* local_zones; 295 /** local zones nodefault list / 296* struct config_strlist* local_zones_nodefault;	365 /** nsec3 maximum iterations per key size, string / 366* char* val_nsec3_key_iterations; 367 /** autotrust add holddown time, in seconds / 368* unsigned int add_holddown; 369 /** autotrust del holddown time, in seconds / 370* unsigned int del_holddown; 371 /** autotrust keep_missing time, in seconds. 0 is forever. / 372* unsigned int keep_missing; --- 6 unchanged lines hidden (view full) --- 379 size_t key_cache_slabs; 380 /** size of the neg cache / 381* size_t neg_cache_size; 382 383 /** local zones config / 384* struct config_str2list* local_zones; 385 /** local zones nodefault list / 386* struct config_strlist* local_zones_nodefault;
	387#ifdef USE_IPSET 388 /** local zones ipset list / 389* struct config_strlist* local_zones_ipset; 390#endif 391 /** do not add any default local zone / 392* int local_zones_disable_default;
297 /** local data RRs configured / 298* struct config_strlist* local_data; 299 /** local zone override types per netblock / 300* struct config_str3list* local_zone_overrides; 301 /** unblock lan zones (reverse lookups for AS112 zones) / 302* int unblock_lan_zones; 303 /** insecure lan zones (don't validate AS112 zones) / 304* int insecure_lan_zones; 305 /** list of zonename, tagbitlist / 306* struct config_strbytelist* local_zone_tags; 307 /** list of aclname, tagbitlist / 308* struct config_strbytelist* acl_tags; 309 /** list of aclname, tagname, localzonetype / 310* struct config_str3list* acl_tag_actions; 311 /** list of aclname, tagname, redirectdata / 312* struct config_str3list* acl_tag_datas;	393 /** local data RRs configured / 394* struct config_strlist* local_data; 395 /** local zone override types per netblock / 396* struct config_str3list* local_zone_overrides; 397 /** unblock lan zones (reverse lookups for AS112 zones) / 398* int unblock_lan_zones; 399 /** insecure lan zones (don't validate AS112 zones) / 400* int insecure_lan_zones; 401 /** list of zonename, tagbitlist / 402* struct config_strbytelist* local_zone_tags; 403 /** list of aclname, tagbitlist / 404* struct config_strbytelist* acl_tags; 405 /** list of aclname, tagname, localzonetype / 406* struct config_str3list* acl_tag_actions; 407 /** list of aclname, tagname, redirectdata / 408* struct config_str3list* acl_tag_datas;
	409 /** list of aclname, view/ 410* struct config_str2list* acl_view; 411 /** list of IP-netblock, tagbitlist / 412* struct config_strbytelist* respip_tags; 413 /** list of response-driven access control entries, linked list / 414* struct config_str2list* respip_actions; 415 /** RRs configured for response-driven access controls / 416* struct config_str2list* respip_data;
313 /** tag list, array with tagname[i] is malloced string / 314* char** tagname; 315 /** number of items in the taglist / 316* int num_tags; 317 318 /** remote control section. enable toggle. / 319* int remote_control_enable; 320 /** the interfaces the remote control should listen on */	417 /** tag list, array with tagname[i] is malloced string / 418* char** tagname; 419 /** number of items in the taglist / 420* int num_tags; 421 422 /** remote control section. enable toggle. / 423* int remote_control_enable; 424 /** the interfaces the remote control should listen on */
321 struct config_strlist* control_ifs;	425 struct config_strlist_head control_ifs; 426 /** if the use-cert option is set / 427* int control_use_cert;
322 /** port number for the control port / 323* int control_port;	428 /** port number for the control port / 429* int control_port;
324 /** use certificates for remote control / 325* int remote_control_use_cert;
326 /** private key file for server / 327* char* server_key_file; 328 /** certificate file for server / 329* char* server_cert_file; 330 /** private key file for unbound-control / 331* char* control_key_file; 332 /** certificate file for unbound-control / 333* char* control_cert_file; 334 335 /** Python script file */	430 /** private key file for server / 431* char* server_key_file; 432 /** certificate file for server / 433* char* server_cert_file; 434 /** private key file for unbound-control / 435* char* control_key_file; 436 /** certificate file for unbound-control / 437* char* control_cert_file; 438 439 /** Python script file */
336 char* python_script;	440 struct config_strlist* python_script;
337	441
	442 /** Use systemd socket activation. / 443* int use_systemd; 444
338 /** daemonize, i.e. fork into the background. / 339* int do_daemonize; 340 341 /* minimal response when positive answer / 342* int minimal_responses; 343 344 /* RRSet roundrobin / 345* int rrset_roundrobin; 346	445 /** daemonize, i.e. fork into the background. / 446* int do_daemonize; 447 448 /* minimal response when positive answer / 449* int minimal_responses; 450 451 /* RRSet roundrobin / 452* int rrset_roundrobin; 453
	454 /* wait time for unknown server in msec / 455* int unknown_server_time_limit; 456
347 /* maximum UDP response size / 348* size_t max_udp_size; 349 350 /* DNS64 prefix / 351* char* dns64_prefix; 352 353 /* Synthetize all AAAA record despite the presence of an authoritative one / 354* int dns64_synthall;	457 /* maximum UDP response size / 458* size_t max_udp_size; 459 460 /* DNS64 prefix / 461* char* dns64_prefix; 462 463 /* Synthetize all AAAA record despite the presence of an authoritative one / 464* int dns64_synthall;
	465 /** ignore AAAAs for these domain names and use A record anyway / 466* struct config_strlist* dns64_ignore_aaaa;
355 356 /** true to enable dnstap support / 357* int dnstap; 358 /** dnstap socket path / 359* char* dnstap_socket_path; 360 /** true to send "identity" via dnstap / 361* int dnstap_send_identity; 362 /** true to send "version" via dnstap / --- 14 unchanged lines hidden* (view full) --- 377 /** true to log dnstap FORWARDER_QUERY message events / 378* int dnstap_log_forwarder_query_messages; 379 /** true to log dnstap FORWARDER_RESPONSE message events / 380* int dnstap_log_forwarder_response_messages; 381 382 /** true to disable DNSSEC lameness check in iterator / 383* int disable_dnssec_lame_check; 384	467 468 /** true to enable dnstap support / 469* int dnstap; 470 /** dnstap socket path / 471* char* dnstap_socket_path; 472 /** true to send "identity" via dnstap / 473* int dnstap_send_identity; 474 /** true to send "version" via dnstap / --- 14 unchanged lines hidden* (view full) --- 489 /** true to log dnstap FORWARDER_QUERY message events / 490* int dnstap_log_forwarder_query_messages; 491 /** true to log dnstap FORWARDER_RESPONSE message events / 492* int dnstap_log_forwarder_response_messages; 493 494 /** true to disable DNSSEC lameness check in iterator / 495* int disable_dnssec_lame_check; 496
385 /** ratelimit 0 is off, otherwise qps (unless overridden) */	497 /** ratelimit for ip addresses. 0 is off, otherwise qps (unless overridden) / 498* int ip_ratelimit; 499 /** number of slabs for ip_ratelimit cache / 500* size_t ip_ratelimit_slabs; 501 /** memory size in bytes for ip_ratelimit cache / 502* size_t ip_ratelimit_size; 503 /** ip_ratelimit factor, 0 blocks all, 10 allows 1/10 of traffic / 504* int ip_ratelimit_factor; 505 506 /** ratelimit for domains. 0 is off, otherwise qps (unless overridden) */
386 int ratelimit; 387 /** number of slabs for ratelimit cache / 388* size_t ratelimit_slabs; 389 /** memory size in bytes for ratelimit cache / 390* size_t ratelimit_size; 391 /** ratelimits for domain (exact match) / 392* struct config_str2list* ratelimit_for_domain; 393 /** ratelimits below domain / 394* struct config_str2list* ratelimit_below_domain; 395 /** ratelimit factor, 0 blocks all, 10 allows 1/10 of traffic / 396* int ratelimit_factor; 397 /** minimise outgoing QNAME and hide original QTYPE if possible / 398* int qname_minimisation;	507 int ratelimit; 508 /** number of slabs for ratelimit cache / 509* size_t ratelimit_slabs; 510 /** memory size in bytes for ratelimit cache / 511* size_t ratelimit_size; 512 /** ratelimits for domain (exact match) / 513* struct config_str2list* ratelimit_for_domain; 514 /** ratelimits below domain / 515* struct config_str2list* ratelimit_below_domain; 516 /** ratelimit factor, 0 blocks all, 10 allows 1/10 of traffic / 517* int ratelimit_factor; 518 /** minimise outgoing QNAME and hide original QTYPE if possible / 519* int qname_minimisation;
	520 /** minimise QNAME in strict mode, minimise according to RFC. 521 * Do not apply fallback / 522* int qname_minimisation_strict; 523 /** SHM data - true if shm is enabled / 524* int shm_enable; 525 /** SHM data - key for the shm / 526* int shm_key; 527 528 /** DNSCrypt / 529* /** true to enable dnscrypt / 530* int dnscrypt; 531 /** port on which to provide dnscrypt service / 532* int dnscrypt_port; 533 /** provider name 2.dnscrypt-cert.example.com / 534* char* dnscrypt_provider; 535 /** dnscrypt secret keys 1.key / 536* struct config_strlist* dnscrypt_secret_key; 537 /** dnscrypt provider certs 1.cert / 538* struct config_strlist* dnscrypt_provider_cert; 539 /** dnscrypt provider certs 1.cert which have been rotated and should not be 540 * advertised through DNS's providername TXT record but are required to be 541 * able to handle existing traffic using the old cert. / 542* struct config_strlist* dnscrypt_provider_cert_rotated; 543 /** memory size in bytes for dnscrypt shared secrets cache / 544* size_t dnscrypt_shared_secret_cache_size; 545 /** number of slabs for dnscrypt shared secrets cache / 546* size_t dnscrypt_shared_secret_cache_slabs; 547 /** memory size in bytes for dnscrypt nonces cache / 548* size_t dnscrypt_nonce_cache_size; 549 /** number of slabs for dnscrypt nonces cache / 550* size_t dnscrypt_nonce_cache_slabs; 551 /** IPsec module / 552#ifdef USE_IPSECMOD 553* /** false to bypass the IPsec module / 554* int ipsecmod_enabled; 555 /** whitelisted domains for ipsecmod / 556* struct config_strlist* ipsecmod_whitelist; 557 /** path to external hook / 558* char* ipsecmod_hook; 559 /** true to proceed even with a bogus IPSECKEY / 560* int ipsecmod_ignore_bogus; 561 /** max TTL for the A/AAAA records that call the hook / 562* int ipsecmod_max_ttl; 563 /** false to proceed even when ipsecmod_hook fails / 564* int ipsecmod_strict; 565#endif 566 567 /* cachedb module / 568#ifdef USE_CACHEDB 569* /** backend DB name / 570* char* cachedb_backend; 571 /** secret seed for hash key calculation / 572* char* cachedb_secret; 573#ifdef USE_REDIS 574 /** redis server's IP address or host name / 575* char* redis_server_host; 576 /** redis server's TCP port / 577* int redis_server_port; 578 /** timeout (in ms) for communication with the redis server / 579* int redis_timeout; 580#endif 581#endif 582 583 /* ipset module / 584#ifdef USE_IPSET 585* char* ipset_name_v4; 586 char* ipset_name_v6; 587#endif
399}; 400	588}; 589
401/** from cfg username, after daemonise setup performed */	590/** from cfg username, after daemonize setup performed */
402extern uid_t cfg_uid;	591extern uid_t cfg_uid;
403/** from cfg username, after daemonise setup performed */	592/** from cfg username, after daemonize setup performed */
404extern gid_t cfg_gid; 405/** debug and enable small timeouts / 406*extern int autr_permit_small_holddown;	593extern gid_t cfg_gid; 594/** debug and enable small timeouts / 595*extern int autr_permit_small_holddown;
	596/** size (in bytes) of stream wait buffers max / 597*extern size_t stream_wait_max;
407 408/** 409 * Stub config options 410 / 411struct config_stub { 412* /** next in list / 413* struct config_stub* next; 414 /** domain name (in text) of the stub apex domain / 415* char* name; 416 /** list of stub nameserver hosts (domain name) / 417* struct config_strlist* hosts; 418 /** list of stub nameserver addresses (IP address) / 419* struct config_strlist* addrs; 420 /** if stub-prime is set / 421* int isprime; 422 /** if forward-first is set (failover to without if fails) / 423* int isfirst;	598 599/** 600 * Stub config options 601 / 602struct config_stub { 603* /** next in list / 604* struct config_stub* next; 605 /** domain name (in text) of the stub apex domain / 606* char* name; 607 /** list of stub nameserver hosts (domain name) / 608* struct config_strlist* hosts; 609 /** list of stub nameserver addresses (IP address) / 610* struct config_strlist* addrs; 611 /** if stub-prime is set / 612* int isprime; 613 /** if forward-first is set (failover to without if fails) / 614* int isfirst;
	615 /** use SSL for queries to this stub / 616* int ssl_upstream; 617 /*** no cache / 618* int no_cache;
424}; 425 426/**	619}; 620 621/**
	622 * Auth config options 623 / 624struct config_auth { 625* /** next in list / 626* struct config_auth* next; 627 /** domain name (in text) of the auth apex domain / 628* char* name; 629 /** list of masters / 630* struct config_strlist* masters; 631 /** list of urls / 632* struct config_strlist* urls; 633 /** list of allow-notify / 634* struct config_strlist* allow_notify; 635 /** zonefile (or NULL) / 636* char* zonefile; 637 /** provide downstream answers / 638* int for_downstream; 639 /** provide upstream answers / 640* int for_upstream; 641 /** fallback to recursion to authorities if zone expired and other 642 * reasons perhaps (like, query bogus) / 643* int fallback_enabled; 644}; 645 646/** 647 * View config options 648 / 649struct config_view { 650* /** next in list / 651* struct config_view* next; 652 /** view name / 653* char* name; 654 /** local zones / 655* struct config_str2list* local_zones; 656 /** local data RRs / 657* struct config_strlist* local_data; 658 /** local zones nodefault list / 659* struct config_strlist* local_zones_nodefault; 660#ifdef USE_IPSET 661 /** local zones ipset list / 662* struct config_strlist* local_zones_ipset; 663#endif 664 /** Fallback to global local_zones when there is no match in the view 665 * view specific tree. 1 for yes, 0 for no / 666* int isfirst; 667 /** predefined actions for particular IP address responses / 668* struct config_str2list* respip_actions; 669 /** data complementing the 'redirect' response IP actions / 670* struct config_str2list* respip_data; 671}; 672 673/**
427 * List of strings for config options 428 / 429struct config_strlist { 430* /** next item in list / 431* struct config_strlist* next; 432 /** config option string / 433* char* str; 434}; --- 33 unchanged lines hidden (view full) --- 468 struct config_strbytelist* next; 469 /** first string / 470* char* str; 471 /** second bytestring / 472* uint8_t* str2; 473 size_t str2len; 474}; 475	674 * List of strings for config options 675 / 676struct config_strlist { 677* /** next item in list / 678* struct config_strlist* next; 679 /** config option string / 680* char* str; 681}; --- 33 unchanged lines hidden (view full) --- 715 struct config_strbytelist* next; 716 /** first string / 717* char* str; 718 /** second bytestring / 719* uint8_t* str2; 720 size_t str2len; 721}; 722
476/** List head for strlist processing, used for append operation. / 477struct config_strlist_head { 478* /** first in list of text items / 479* struct config_strlist* first; 480 /** last in list of text items / 481* struct config_strlist* last; 482}; 483
484/** 485 * Create config file structure. Filled with default values. 486 * @return: the new structure or NULL on memory error. 487 / 488struct config_file config_create(void); 489 490/** 491 * Create config file structure for library use. Filled with default values. --- 94 unchanged lines hidden (view full) --- 586 / 587char config_collate_cat(struct config_strlist* list); 588 589/** 590 * Append text at end of list. 591 * @param list: list head. zeroed at start. 592 * @param item: new item. malloced by caller. if NULL the insertion fails. 593 * @return true on success.	723/** 724 * Create config file structure. Filled with default values. 725 * @return: the new structure or NULL on memory error. 726 / 727struct config_file config_create(void); 728 729/** 730 * Create config file structure for library use. Filled with default values. --- 94 unchanged lines hidden (view full) --- 825 / 826char config_collate_cat(struct config_strlist* list); 827 828/** 829 * Append text at end of list. 830 * @param list: list head. zeroed at start. 831 * @param item: new item. malloced by caller. if NULL the insertion fails. 832 * @return true on success.
	833 * on fail the item is free()ed.
594 / 595int cfg_strlist_append(struct config_strlist_head list, char* item); 596 597/**	834 / 835int cfg_strlist_append(struct config_strlist_head list, char* item); 836 837/**
	838 * Searches the end of a string list and appends the given text. 839 * @param head: pointer to strlist head variable. 840 * @param item: new item. malloced by caller. if NULL the insertion fails. 841 * @return true on success. 842 / 843int cfg_strlist_append_ex(struct config_strlist* head, char* item); 844 845/** 846 * Find string in strlist. 847 * @param head: pointer to strlist head variable. 848 * @param item: the item to search for. 849 * @return: the element in the list when found, NULL otherwise. 850 / 851struct config_strlist cfg_strlist_find(struct config_strlist* head, 852 const char* item); 853 854/**
598 * Insert string into strlist. 599 * @param head: pointer to strlist head variable. 600 * @param item: new item. malloced by caller. If NULL the insertion fails. 601 * @return: true on success.	855 * Insert string into strlist. 856 * @param head: pointer to strlist head variable. 857 * @param item: new item. malloced by caller. If NULL the insertion fails. 858 * @return: true on success.
	859 * on fail, the item is free()d.
602 / 603int cfg_strlist_insert(struct config_strlist* head, char* item); 604 605/** insert with region for allocation. / 606int cfg_region_strlist_insert(struct regional region, 607 struct config_strlist** head, char* item); 608 609/** 610 * Insert string into str2list. 611 * @param head: pointer to str2list head variable. 612 * @param item: new item. malloced by caller. If NULL the insertion fails. 613 * @param i2: 2nd string, malloced by caller. If NULL the insertion fails. 614 * @return: true on success.	860 / 861int cfg_strlist_insert(struct config_strlist* head, char* item); 862 863/** insert with region for allocation. / 864int cfg_region_strlist_insert(struct regional region, 865 struct config_strlist** head, char* item); 866 867/** 868 * Insert string into str2list. 869 * @param head: pointer to str2list head variable. 870 * @param item: new item. malloced by caller. If NULL the insertion fails. 871 * @param i2: 2nd string, malloced by caller. If NULL the insertion fails. 872 * @return: true on success.
	873 * on fail, the item and i2 are free()d.
615 / 616int cfg_str2list_insert(struct config_str2list* head, char* item, char* i2); 617 618/** 619 * Insert string into str3list. 620 * @param head: pointer to str3list head variable. 621 * @param item: new item. malloced by caller. If NULL the insertion fails. 622 * @param i2: 2nd string, malloced by caller. If NULL the insertion fails. --- 54 unchanged lines hidden (view full) --- 677 678/** 679 * Delete items in config stub list. 680 * @param list: list. 681 / 682void config_delstubs(struct config_stub list); 683 684/**	874 / 875int cfg_str2list_insert(struct config_str2list* head, char* item, char* i2); 876 877/** 878 * Insert string into str3list. 879 * @param head: pointer to str3list head variable. 880 * @param item: new item. malloced by caller. If NULL the insertion fails. 881 * @param i2: 2nd string, malloced by caller. If NULL the insertion fails. --- 54 unchanged lines hidden (view full) --- 936 937/** 938 * Delete items in config stub list. 939 * @param list: list. 940 / 941void config_delstubs(struct config_stub list); 942 943/**
	944 * Delete an auth item 945 * @param p: auth item 946 / 947void config_delauth(struct config_auth p); 948 949/** 950 * Delete items in config auth list. 951 * @param list: list. 952 / 953void config_delauths(struct config_auth list); 954 955/** 956 * Delete a view item 957 * @param p: view item 958 / 959void config_delview(struct config_view p); 960 961/** 962 * Delete items in config view list. 963 * @param list: list. 964 / 965void config_delviews(struct config_view list); 966 967/** check if config for remote control turns on IP-address interface 968 * with certificates or a named pipe without certificates. / 969int options_remote_is_address(struct config_file cfg); 970 971/**
685 * Convert 14digit to time value 686 * @param str: string of 14 digits 687 * @return time value or 0 for error. 688 / 689time_t cfg_convert_timeval(const char str); 690 691/** 692 * Count number of values in the string. --- 150 unchanged lines hidden (view full) --- 843 * @param qstate: query state. 844 * @param str: explanation string 845 * @param dname: the dname. 846 / 847void errinf_dname(struct module_qstate qstate, const char* str, 848 uint8_t* dname); 849 850/**	972 * Convert 14digit to time value 973 * @param str: string of 14 digits 974 * @return time value or 0 for error. 975 / 976time_t cfg_convert_timeval(const char str); 977 978/** 979 * Count number of values in the string. --- 150 unchanged lines hidden (view full) --- 1130 * @param qstate: query state. 1131 * @param str: explanation string 1132 * @param dname: the dname. 1133 / 1134void errinf_dname(struct module_qstate qstate, const char* str, 1135 uint8_t* dname); 1136 1137/**
851 * Create error info in string	1138 * Create error info in string. For validation failures.
852 * @param qstate: query state. 853 * @return string or NULL on malloc failure (already logged). 854 * This string is malloced and has to be freed by caller. 855 */	1139 * @param qstate: query state. 1140 * @return string or NULL on malloc failure (already logged). 1141 * This string is malloced and has to be freed by caller. 1142 */
856char* errinf_to_str(struct module_qstate* qstate);	1143char* errinf_to_str_bogus(struct module_qstate* qstate);
857 858/**	1144 1145/**
	1146 * Create error info in string. For other servfails. 1147 * @param qstate: query state. 1148 * @return string or NULL on malloc failure (already logged). 1149 * This string is malloced and has to be freed by caller. 1150 / 1151char errinf_to_str_servfail(struct module_qstate* qstate); 1152 1153/**
859 * Used during options parsing 860 / 861struct config_parser_state { 862* /** name of file being parser / 863* char* filename; 864 /** line number in the file, starts at 1 / 865* int line; 866 /** number of errors encountered / --- 32 unchanged lines hidden* (view full) --- 899 * exist on an error (logged with log_err) was encountered. 900 / 901char w_lookup_reg_str(const char* key, const char* name); 902 903/** Modify directory in options for module file name / 904void w_config_adjust_directory(struct config_file cfg); 905#endif /* UB_ON_WINDOWS / 906*	1154 * Used during options parsing 1155 / 1156struct config_parser_state { 1157* /** name of file being parser / 1158* char* filename; 1159 /** line number in the file, starts at 1 / 1160* int line; 1161 /** number of errors encountered / --- 32 unchanged lines hidden* (view full) --- 1194 * exist on an error (logged with log_err) was encountered. 1195 / 1196char w_lookup_reg_str(const char* key, const char* name); 1197 1198/** Modify directory in options for module file name / 1199void w_config_adjust_directory(struct config_file cfg); 1200#endif /* UB_ON_WINDOWS / 1201*
	1202/** debug option for unit tests. / 1203extern int fake_dsa, fake_sha1; 1204*
907#endif /* UTIL_CONFIG_FILE_H */	1205#endif /* UTIL_CONFIG_FILE_H */
	1206

config_file.h (307729)	config_file.h (356345)
1/* 2 * util/config_file.h - reads and stores the config file for unbound. 3 * 4 * Copyright (c) 2007, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 28 unchanged lines hidden (view full) --- 37 * \file 38 * 39 * This file contains functions for the config file. 40 */ 41 42#ifndef UTIL_CONFIG_FILE_H 43#define UTIL_CONFIG_FILE_H 44struct config_stub;	1/* 2 * util/config_file.h - reads and stores the config file for unbound. 3 * 4 * Copyright (c) 2007, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 28 unchanged lines hidden (view full) --- 37 * \file 38 * 39 * This file contains functions for the config file. 40 */ 41 42#ifndef UTIL_CONFIG_FILE_H 43#define UTIL_CONFIG_FILE_H 44struct config_stub;
	45struct config_auth; 46struct config_view;
45struct config_strlist; 46struct config_str2list; 47struct config_str3list; 48struct config_strbytelist; 49struct module_qstate; 50struct sock_list; 51struct ub_packed_rrset_key; 52struct regional; 53	47struct config_strlist; 48struct config_str2list; 49struct config_str3list; 50struct config_strbytelist; 51struct module_qstate; 52struct sock_list; 53struct ub_packed_rrset_key; 54struct regional; 55
	56/** List head for strlist processing, used for append operation. / 57struct config_strlist_head { 58 /* first in list of text items / 59 struct config_strlist first; 60 /** last in list of text items / 61 struct config_strlist last; 62}; 63
54/** 55 * The configuration options. 56 * Strings are malloced. 57 / 58struct config_file { 59 /* verbosity level as specified in the config file / 60 int verbosity; 61 --- 16 unchanged lines hidden* (view full) --- 78 /** prefer ip6 upstream queries. / 79 int prefer_ip6; 80 /* do udp query support. / 81 int do_udp; 82 /* do tcp query support. / 83 int do_tcp; 84 /* tcp upstream queries (no UDP upstream queries) */ 85 int tcp_upstream;	64/** 65 * The configuration options. 66 * Strings are malloced. 67 / 68struct config_file { 69 /* verbosity level as specified in the config file / 70 int verbosity; 71 --- 16 unchanged lines hidden* (view full) --- 88 /** prefer ip6 upstream queries. / 89 int prefer_ip6; 90 /* do udp query support. / 91 int do_udp; 92 /* do tcp query support. / 93 int do_tcp; 94 /* tcp upstream queries (no UDP upstream queries) */ 95 int tcp_upstream;
	96 /** udp upstream enabled when no UDP downstream is enabled (do_udp no)*/ 97 int udp_upstream_without_downstream;
86 /** maximum segment size of tcp socket which queries are answered / 87 int tcp_mss; 88 /* maximum segment size of tcp socket for outgoing queries */ 89 int outgoing_tcp_mss;	98 /** maximum segment size of tcp socket which queries are answered / 99 int tcp_mss; 100* /** maximum segment size of tcp socket for outgoing queries / 101* int outgoing_tcp_mss;
	102 /** tcp idle timeout, in msec / 103* int tcp_idle_timeout; 104 /** do edns tcp keepalive / 105* int do_tcp_keepalive; 106 /** tcp keepalive timeout, in msec / 107* int tcp_keepalive_timeout;
90 91 /** private key file for dnstcp-ssl service (enabled if not NULL) / 92 char ssl_service_key; 93 /** public key file for dnstcp-ssl service / 94 char ssl_service_pem; 95 /** port on which to provide ssl service / 96 int ssl_port; 97 /* if outgoing tcp connections use SSL */ 98 int ssl_upstream;	108 109 /** private key file for dnstcp-ssl service (enabled if not NULL) / 110* char* ssl_service_key; 111 /** public key file for dnstcp-ssl service / 112* char* ssl_service_pem; 113 /** port on which to provide ssl service / 114* int ssl_port; 115 /** if outgoing tcp connections use SSL / 116* int ssl_upstream;
	117 /** cert bundle for outgoing connections / 118* char* tls_cert_bundle; 119 /** should the system certificate store get added to the cert bundle / 120* int tls_win_cert; 121 /** additional tls ports / 122* struct config_strlist* tls_additional_port; 123 /** secret key used to encrypt and decrypt TLS session ticket / 124* struct config_strlist_head tls_session_ticket_keys; 125 /** TLS ciphers / 126* char* tls_ciphers; 127 /** TLS chiphersuites (TLSv1.3) / 128* char* tls_ciphersuites;
99 100 /** outgoing port range number of ports (per thread) / 101* int outgoing_num_ports; 102 /** number of outgoing tcp buffers per (per thread) / 103* size_t outgoing_num_tcp; 104 /** number of incoming tcp buffers per (per thread) / 105* size_t incoming_num_tcp; 106 /** allowed udp port numbers, array with 0 if not allowed / 107* int* outgoing_avail_ports; 108 109 /** EDNS buffer size to use / 110* size_t edns_buffer_size;	129 130 /** outgoing port range number of ports (per thread) / 131* int outgoing_num_ports; 132 /** number of outgoing tcp buffers per (per thread) / 133* size_t outgoing_num_tcp; 134 /** number of incoming tcp buffers per (per thread) / 135* size_t incoming_num_tcp; 136 /** allowed udp port numbers, array with 0 if not allowed / 137* int* outgoing_avail_ports; 138 139 /** EDNS buffer size to use / 140* size_t edns_buffer_size;
	141 /** size of the stream wait buffers, max / 142* size_t stream_wait_size;
111 /** number of bytes buffer size for DNS messages / 112* size_t msg_buffer_size; 113 /** size of the message cache / 114* size_t msg_cache_size; 115 /** slabs in the message cache. / 116* size_t msg_cache_slabs; 117 /** number of queries every thread can service / 118* size_t num_queries_per_thread; --- 11 unchanged lines hidden (view full) --- 130 size_t infra_cache_numhosts; 131 /** min value for infra cache rtt / 132* int infra_cache_min_rtt; 133 /** delay close of udp-timeouted ports, if 0 no delayclose. in msec / 134* int delay_close; 135 136 /** the target fetch policy for the iterator / 137* char* target_fetch_policy;	143 /** number of bytes buffer size for DNS messages / 144* size_t msg_buffer_size; 145 /** size of the message cache / 146* size_t msg_cache_size; 147 /** slabs in the message cache. / 148* size_t msg_cache_slabs; 149 /** number of queries every thread can service / 150* size_t num_queries_per_thread; --- 11 unchanged lines hidden (view full) --- 162 size_t infra_cache_numhosts; 163 /** min value for infra cache rtt / 164* int infra_cache_min_rtt; 165 /** delay close of udp-timeouted ports, if 0 no delayclose. in msec / 166* int delay_close; 167 168 /** the target fetch policy for the iterator / 169* char* target_fetch_policy;
	170 /** percent10, how many times in 1000 to pick from the fastest 171* * destinations / 172* int fast_server_permil; 173 /** number of fastest server to select from / 174* size_t fast_server_num;
138 139 /** automatic interface for incoming messages. Uses ipv6 remapping, 140 * and recvmsg/sendmsg ancillary data to detect interfaces, boolean / 141* int if_automatic; 142 /** SO_RCVBUF size to set on port 53 UDP socket / 143* size_t so_rcvbuf; 144 /** SO_SNDBUF size to set on port 53 UDP socket / 145* size_t so_sndbuf; --- 16 unchanged lines hidden (view full) --- 162 char *out_ifs; 163* 164 /** the root hints / 165* struct config_strlist* root_hints; 166 /** the stub definitions, linked list / 167* struct config_stub* stubs; 168 /** the forward zone definitions, linked list / 169* struct config_stub* forwards;	175 176 /** automatic interface for incoming messages. Uses ipv6 remapping, 177 * and recvmsg/sendmsg ancillary data to detect interfaces, boolean / 178* int if_automatic; 179 /** SO_RCVBUF size to set on port 53 UDP socket / 180* size_t so_rcvbuf; 181 /** SO_SNDBUF size to set on port 53 UDP socket / 182* size_t so_sndbuf; --- 16 unchanged lines hidden (view full) --- 199 char *out_ifs; 200* 201 /** the root hints / 202* struct config_strlist* root_hints; 203 /** the stub definitions, linked list / 204* struct config_stub* stubs; 205 /** the forward zone definitions, linked list / 206* struct config_stub* forwards;
	207 /** the auth zone definitions, linked list / 208* struct config_auth* auths; 209 /** the views definitions, linked list / 210* struct config_view* views;
170 /** list of donotquery addresses, linked list / 171* struct config_strlist* donotqueryaddrs;	211 /** list of donotquery addresses, linked list / 212* struct config_strlist* donotqueryaddrs;
	213#ifdef CLIENT_SUBNET 214 /** list of servers we send edns-client-subnet option to and 215 * accept option from, linked list / 216* struct config_strlist* client_subnet; 217 /** list of zones we send edns-client-subnet option for / 218* struct config_strlist* client_subnet_zone; 219 /** opcode assigned by IANA for edns0-client-subnet option / 220* uint16_t client_subnet_opcode; 221 /** Do not check whitelist if incoming query contains an ECS record / 222* int client_subnet_always_forward; 223 /** Subnet length we are willing to give up privacy for / 224* uint8_t max_client_subnet_ipv4; 225 uint8_t max_client_subnet_ipv6; 226 /** Minimum subnet length we are willing to answer / 227* uint8_t min_client_subnet_ipv4; 228 uint8_t min_client_subnet_ipv6; 229 /** Max number of nodes in the ECS radix tree / 230* uint32_t max_ecs_tree_size_ipv4; 231 uint32_t max_ecs_tree_size_ipv6; 232#endif
172 /** list of access control entries, linked list / 173* struct config_str2list* acls; 174 /** use default localhost donotqueryaddr entries / 175* int donotquery_localhost; 176	233 /** list of access control entries, linked list / 234* struct config_str2list* acls; 235 /** use default localhost donotqueryaddr entries / 236* int donotquery_localhost; 237
	238 /** list of tcp connection limitss, linked list / 239* struct config_str2list* tcp_connection_limits; 240
177 /** harden against very small edns buffer sizes / 178* int harden_short_bufsize; 179 /** harden against very large query sizes / 180* int harden_large_queries; 181 /** harden against spoofed glue (out of zone data) / 182* int harden_glue; 183 /** harden against receiving no DNSSEC data for trust anchor / 184* int harden_dnssec_stripped; --- 18 unchanged lines hidden (view full) --- 203 /** the number of seconds minimum TTL used for RRsets and messages / 204* int min_ttl; 205 /** the number of seconds maximal negative TTL for SOA in auth / 206* int max_negative_ttl; 207 /** if prefetching of messages should be performed. / 208* int prefetch; 209 /** if prefetching of DNSKEYs should be performed. / 210* int prefetch_key;	241 /** harden against very small edns buffer sizes / 242* int harden_short_bufsize; 243 /** harden against very large query sizes / 244* int harden_large_queries; 245 /** harden against spoofed glue (out of zone data) / 246* int harden_glue; 247 /** harden against receiving no DNSSEC data for trust anchor / 248* int harden_dnssec_stripped; --- 18 unchanged lines hidden (view full) --- 267 /** the number of seconds minimum TTL used for RRsets and messages / 268* int min_ttl; 269 /** the number of seconds maximal negative TTL for SOA in auth / 270* int max_negative_ttl; 271 /** if prefetching of messages should be performed. / 272* int prefetch; 273 /** if prefetching of DNSKEYs should be performed. / 274* int prefetch_key;
	275 /** deny queries of type ANY with an empty answer / 276* int deny_any;
211 212 /** chrootdir, if not "" or chroot will be done / 213* char* chrootdir; 214 /** username to change to, if not "". / 215* char* username; 216 /** working directory / 217* char* directory; 218 /** filename to log to. / 219* char* logfile; 220 /** pidfile to write pid to. / 221* char* pidfile; 222 223 /** should log messages be sent to syslogd / 224* int use_syslog; 225 /** log timestamp in ascii UTC / 226* int log_time_ascii; 227 /** log queries with one line per query / 228* int log_queries;	277 278 /** chrootdir, if not "" or chroot will be done / 279* char* chrootdir; 280 /** username to change to, if not "". / 281* char* username; 282 /** working directory / 283* char* directory; 284 /** filename to log to. / 285* char* logfile; 286 /** pidfile to write pid to. / 287* char* pidfile; 288 289 /** should log messages be sent to syslogd / 290* int use_syslog; 291 /** log timestamp in ascii UTC / 292* int log_time_ascii; 293 /** log queries with one line per query / 294* int log_queries;
	295 /** log replies with one line per reply / 296* int log_replies; 297 /** tag log_queries and log_replies for filtering / 298* int log_tag_queryreply; 299 / log every local-zone hit / 300 int log_local_actions; 301 /** log servfails with a reason / 302* int log_servfail; 303 /** log identity to report / 304* char* log_identity;
229 230 /** do not report identity (id.server, hostname.bind) / 231* int hide_identity; 232 /** do not report version (version.server, version.bind) / 233* int hide_version;	305 306 /** do not report identity (id.server, hostname.bind) / 307* int hide_identity; 308 /** do not report version (version.server, version.bind) / 309* int hide_version;
	310 /** do not report trustanchor (trustanchor.unbound) / 311* int hide_trustanchor;
234 /** identity, hostname is returned if "". / 235* char* identity; 236 /** version, package version returned if "". / 237* char* version; 238 239 /** the module configuration string / 240* char* module_conf; 241 --- 6 unchanged lines hidden (view full) --- 248 /** files with trusted DNSKEYs in named.conf format, list / 249* struct config_strlist* trusted_keys_file_list; 250 /** DLV anchor file / 251* char* dlv_anchor_file; 252 /** DLV anchor inline / 253* struct config_strlist* dlv_anchor_list; 254 /** insecure domain list / 255* struct config_strlist* domain_insecure;	312 /** identity, hostname is returned if "". / 313* char* identity; 314 /** version, package version returned if "". / 315* char* version; 316 317 /** the module configuration string / 318* char* module_conf; 319 --- 6 unchanged lines hidden (view full) --- 326 /** files with trusted DNSKEYs in named.conf format, list / 327* struct config_strlist* trusted_keys_file_list; 328 /** DLV anchor file / 329* char* dlv_anchor_file; 330 /** DLV anchor inline / 331* struct config_strlist* dlv_anchor_list; 332 /** insecure domain list / 333* struct config_strlist* domain_insecure;
	334 /** send key tag query / 335* int trust_anchor_signaling; 336 /** enable root key sentinel / 337* int root_key_sentinel;
256 257 /** if not 0, this value is the validation date for RRSIGs / 258* int32_t val_date_override; 259 /** the minimum for signature clock skew / 260* int32_t val_sig_skew_min; 261 /** the maximum for signature clock skew / 262* int32_t val_sig_skew_max; 263 /** this value sets the number of seconds before revalidating bogus / 264* int bogus_ttl; 265 /** should validator clean additional section for secure msgs / 266* int val_clean_additional; 267 /** log bogus messages by the validator / 268* int val_log_level; 269 /** squelch val_log_level to log - this is library goes to callback / 270* int val_log_squelch; 271 /** should validator allow bogus messages to go through / 272* int val_permissive_mode;	338 339 /** if not 0, this value is the validation date for RRSIGs / 340* int32_t val_date_override; 341 /** the minimum for signature clock skew / 342* int32_t val_sig_skew_min; 343 /** the maximum for signature clock skew / 344* int32_t val_sig_skew_max; 345 /** this value sets the number of seconds before revalidating bogus / 346* int bogus_ttl; 347 /** should validator clean additional section for secure msgs / 348* int val_clean_additional; 349 /** log bogus messages by the validator / 350* int val_log_level; 351 /** squelch val_log_level to log - this is library goes to callback / 352* int val_log_squelch; 353 /** should validator allow bogus messages to go through / 354* int val_permissive_mode;
	355 /** use cached NSEC records to synthesise (negative) answers / 356* int aggressive_nsec;
273 /** ignore the CD flag in incoming queries and refuse them bogus data / 274* int ignore_cd;	357 /** ignore the CD flag in incoming queries and refuse them bogus data / 358* int ignore_cd;
	359 /** serve expired entries and prefetch them / 360* int serve_expired; 361 /** serve expired entries until TTL after expiration / 362* int serve_expired_ttl; 363 /** reset serve expired TTL after failed update attempt / 364* int serve_expired_ttl_reset;
275 /** nsec3 maximum iterations per key size, string / 276* char* val_nsec3_key_iterations; 277 /** autotrust add holddown time, in seconds / 278* unsigned int add_holddown; 279 /** autotrust del holddown time, in seconds / 280* unsigned int del_holddown; 281 /** autotrust keep_missing time, in seconds. 0 is forever. / 282* unsigned int keep_missing; --- 6 unchanged lines hidden (view full) --- 289 size_t key_cache_slabs; 290 /** size of the neg cache / 291* size_t neg_cache_size; 292 293 /** local zones config / 294* struct config_str2list* local_zones; 295 /** local zones nodefault list / 296* struct config_strlist* local_zones_nodefault;	365 /** nsec3 maximum iterations per key size, string / 366* char* val_nsec3_key_iterations; 367 /** autotrust add holddown time, in seconds / 368* unsigned int add_holddown; 369 /** autotrust del holddown time, in seconds / 370* unsigned int del_holddown; 371 /** autotrust keep_missing time, in seconds. 0 is forever. / 372* unsigned int keep_missing; --- 6 unchanged lines hidden (view full) --- 379 size_t key_cache_slabs; 380 /** size of the neg cache / 381* size_t neg_cache_size; 382 383 /** local zones config / 384* struct config_str2list* local_zones; 385 /** local zones nodefault list / 386* struct config_strlist* local_zones_nodefault;
	387#ifdef USE_IPSET 388 /** local zones ipset list / 389* struct config_strlist* local_zones_ipset; 390#endif 391 /** do not add any default local zone / 392* int local_zones_disable_default;
297 /** local data RRs configured / 298* struct config_strlist* local_data; 299 /** local zone override types per netblock / 300* struct config_str3list* local_zone_overrides; 301 /** unblock lan zones (reverse lookups for AS112 zones) / 302* int unblock_lan_zones; 303 /** insecure lan zones (don't validate AS112 zones) / 304* int insecure_lan_zones; 305 /** list of zonename, tagbitlist / 306* struct config_strbytelist* local_zone_tags; 307 /** list of aclname, tagbitlist / 308* struct config_strbytelist* acl_tags; 309 /** list of aclname, tagname, localzonetype / 310* struct config_str3list* acl_tag_actions; 311 /** list of aclname, tagname, redirectdata / 312* struct config_str3list* acl_tag_datas;	393 /** local data RRs configured / 394* struct config_strlist* local_data; 395 /** local zone override types per netblock / 396* struct config_str3list* local_zone_overrides; 397 /** unblock lan zones (reverse lookups for AS112 zones) / 398* int unblock_lan_zones; 399 /** insecure lan zones (don't validate AS112 zones) / 400* int insecure_lan_zones; 401 /** list of zonename, tagbitlist / 402* struct config_strbytelist* local_zone_tags; 403 /** list of aclname, tagbitlist / 404* struct config_strbytelist* acl_tags; 405 /** list of aclname, tagname, localzonetype / 406* struct config_str3list* acl_tag_actions; 407 /** list of aclname, tagname, redirectdata / 408* struct config_str3list* acl_tag_datas;
	409 /** list of aclname, view/ 410* struct config_str2list* acl_view; 411 /** list of IP-netblock, tagbitlist / 412* struct config_strbytelist* respip_tags; 413 /** list of response-driven access control entries, linked list / 414* struct config_str2list* respip_actions; 415 /** RRs configured for response-driven access controls / 416* struct config_str2list* respip_data;
313 /** tag list, array with tagname[i] is malloced string / 314* char** tagname; 315 /** number of items in the taglist / 316* int num_tags; 317 318 /** remote control section. enable toggle. / 319* int remote_control_enable; 320 /** the interfaces the remote control should listen on */	417 /** tag list, array with tagname[i] is malloced string / 418* char** tagname; 419 /** number of items in the taglist / 420* int num_tags; 421 422 /** remote control section. enable toggle. / 423* int remote_control_enable; 424 /** the interfaces the remote control should listen on */
321 struct config_strlist* control_ifs;	425 struct config_strlist_head control_ifs; 426 /** if the use-cert option is set / 427* int control_use_cert;
322 /** port number for the control port / 323* int control_port;	428 /** port number for the control port / 429* int control_port;
324 /** use certificates for remote control / 325* int remote_control_use_cert;
326 /** private key file for server / 327* char* server_key_file; 328 /** certificate file for server / 329* char* server_cert_file; 330 /** private key file for unbound-control / 331* char* control_key_file; 332 /** certificate file for unbound-control / 333* char* control_cert_file; 334 335 /** Python script file */	430 /** private key file for server / 431* char* server_key_file; 432 /** certificate file for server / 433* char* server_cert_file; 434 /** private key file for unbound-control / 435* char* control_key_file; 436 /** certificate file for unbound-control / 437* char* control_cert_file; 438 439 /** Python script file */
336 char* python_script;	440 struct config_strlist* python_script;
337	441
	442 /** Use systemd socket activation. / 443* int use_systemd; 444
338 /** daemonize, i.e. fork into the background. / 339* int do_daemonize; 340 341 /* minimal response when positive answer / 342* int minimal_responses; 343 344 /* RRSet roundrobin / 345* int rrset_roundrobin; 346	445 /** daemonize, i.e. fork into the background. / 446* int do_daemonize; 447 448 /* minimal response when positive answer / 449* int minimal_responses; 450 451 /* RRSet roundrobin / 452* int rrset_roundrobin; 453
	454 /* wait time for unknown server in msec / 455* int unknown_server_time_limit; 456
347 /* maximum UDP response size / 348* size_t max_udp_size; 349 350 /* DNS64 prefix / 351* char* dns64_prefix; 352 353 /* Synthetize all AAAA record despite the presence of an authoritative one / 354* int dns64_synthall;	457 /* maximum UDP response size / 458* size_t max_udp_size; 459 460 /* DNS64 prefix / 461* char* dns64_prefix; 462 463 /* Synthetize all AAAA record despite the presence of an authoritative one / 464* int dns64_synthall;
	465 /** ignore AAAAs for these domain names and use A record anyway / 466* struct config_strlist* dns64_ignore_aaaa;
355 356 /** true to enable dnstap support / 357* int dnstap; 358 /** dnstap socket path / 359* char* dnstap_socket_path; 360 /** true to send "identity" via dnstap / 361* int dnstap_send_identity; 362 /** true to send "version" via dnstap / --- 14 unchanged lines hidden* (view full) --- 377 /** true to log dnstap FORWARDER_QUERY message events / 378* int dnstap_log_forwarder_query_messages; 379 /** true to log dnstap FORWARDER_RESPONSE message events / 380* int dnstap_log_forwarder_response_messages; 381 382 /** true to disable DNSSEC lameness check in iterator / 383* int disable_dnssec_lame_check; 384	467 468 /** true to enable dnstap support / 469* int dnstap; 470 /** dnstap socket path / 471* char* dnstap_socket_path; 472 /** true to send "identity" via dnstap / 473* int dnstap_send_identity; 474 /** true to send "version" via dnstap / --- 14 unchanged lines hidden* (view full) --- 489 /** true to log dnstap FORWARDER_QUERY message events / 490* int dnstap_log_forwarder_query_messages; 491 /** true to log dnstap FORWARDER_RESPONSE message events / 492* int dnstap_log_forwarder_response_messages; 493 494 /** true to disable DNSSEC lameness check in iterator / 495* int disable_dnssec_lame_check; 496
385 /** ratelimit 0 is off, otherwise qps (unless overridden) */	497 /** ratelimit for ip addresses. 0 is off, otherwise qps (unless overridden) / 498* int ip_ratelimit; 499 /** number of slabs for ip_ratelimit cache / 500* size_t ip_ratelimit_slabs; 501 /** memory size in bytes for ip_ratelimit cache / 502* size_t ip_ratelimit_size; 503 /** ip_ratelimit factor, 0 blocks all, 10 allows 1/10 of traffic / 504* int ip_ratelimit_factor; 505 506 /** ratelimit for domains. 0 is off, otherwise qps (unless overridden) */
386 int ratelimit; 387 /** number of slabs for ratelimit cache / 388* size_t ratelimit_slabs; 389 /** memory size in bytes for ratelimit cache / 390* size_t ratelimit_size; 391 /** ratelimits for domain (exact match) / 392* struct config_str2list* ratelimit_for_domain; 393 /** ratelimits below domain / 394* struct config_str2list* ratelimit_below_domain; 395 /** ratelimit factor, 0 blocks all, 10 allows 1/10 of traffic / 396* int ratelimit_factor; 397 /** minimise outgoing QNAME and hide original QTYPE if possible / 398* int qname_minimisation;	507 int ratelimit; 508 /** number of slabs for ratelimit cache / 509* size_t ratelimit_slabs; 510 /** memory size in bytes for ratelimit cache / 511* size_t ratelimit_size; 512 /** ratelimits for domain (exact match) / 513* struct config_str2list* ratelimit_for_domain; 514 /** ratelimits below domain / 515* struct config_str2list* ratelimit_below_domain; 516 /** ratelimit factor, 0 blocks all, 10 allows 1/10 of traffic / 517* int ratelimit_factor; 518 /** minimise outgoing QNAME and hide original QTYPE if possible / 519* int qname_minimisation;
	520 /** minimise QNAME in strict mode, minimise according to RFC. 521 * Do not apply fallback / 522* int qname_minimisation_strict; 523 /** SHM data - true if shm is enabled / 524* int shm_enable; 525 /** SHM data - key for the shm / 526* int shm_key; 527 528 /** DNSCrypt / 529* /** true to enable dnscrypt / 530* int dnscrypt; 531 /** port on which to provide dnscrypt service / 532* int dnscrypt_port; 533 /** provider name 2.dnscrypt-cert.example.com / 534* char* dnscrypt_provider; 535 /** dnscrypt secret keys 1.key / 536* struct config_strlist* dnscrypt_secret_key; 537 /** dnscrypt provider certs 1.cert / 538* struct config_strlist* dnscrypt_provider_cert; 539 /** dnscrypt provider certs 1.cert which have been rotated and should not be 540 * advertised through DNS's providername TXT record but are required to be 541 * able to handle existing traffic using the old cert. / 542* struct config_strlist* dnscrypt_provider_cert_rotated; 543 /** memory size in bytes for dnscrypt shared secrets cache / 544* size_t dnscrypt_shared_secret_cache_size; 545 /** number of slabs for dnscrypt shared secrets cache / 546* size_t dnscrypt_shared_secret_cache_slabs; 547 /** memory size in bytes for dnscrypt nonces cache / 548* size_t dnscrypt_nonce_cache_size; 549 /** number of slabs for dnscrypt nonces cache / 550* size_t dnscrypt_nonce_cache_slabs; 551 /** IPsec module / 552#ifdef USE_IPSECMOD 553* /** false to bypass the IPsec module / 554* int ipsecmod_enabled; 555 /** whitelisted domains for ipsecmod / 556* struct config_strlist* ipsecmod_whitelist; 557 /** path to external hook / 558* char* ipsecmod_hook; 559 /** true to proceed even with a bogus IPSECKEY / 560* int ipsecmod_ignore_bogus; 561 /** max TTL for the A/AAAA records that call the hook / 562* int ipsecmod_max_ttl; 563 /** false to proceed even when ipsecmod_hook fails / 564* int ipsecmod_strict; 565#endif 566 567 /* cachedb module / 568#ifdef USE_CACHEDB 569* /** backend DB name / 570* char* cachedb_backend; 571 /** secret seed for hash key calculation / 572* char* cachedb_secret; 573#ifdef USE_REDIS 574 /** redis server's IP address or host name / 575* char* redis_server_host; 576 /** redis server's TCP port / 577* int redis_server_port; 578 /** timeout (in ms) for communication with the redis server / 579* int redis_timeout; 580#endif 581#endif 582 583 /* ipset module / 584#ifdef USE_IPSET 585* char* ipset_name_v4; 586 char* ipset_name_v6; 587#endif
399}; 400	588}; 589
401/** from cfg username, after daemonise setup performed */	590/** from cfg username, after daemonize setup performed */
402extern uid_t cfg_uid;	591extern uid_t cfg_uid;
403/** from cfg username, after daemonise setup performed */	592/** from cfg username, after daemonize setup performed */
404extern gid_t cfg_gid; 405/** debug and enable small timeouts / 406*extern int autr_permit_small_holddown;	593extern gid_t cfg_gid; 594/** debug and enable small timeouts / 595*extern int autr_permit_small_holddown;
	596/** size (in bytes) of stream wait buffers max / 597*extern size_t stream_wait_max;
407 408/** 409 * Stub config options 410 / 411struct config_stub { 412* /** next in list / 413* struct config_stub* next; 414 /** domain name (in text) of the stub apex domain / 415* char* name; 416 /** list of stub nameserver hosts (domain name) / 417* struct config_strlist* hosts; 418 /** list of stub nameserver addresses (IP address) / 419* struct config_strlist* addrs; 420 /** if stub-prime is set / 421* int isprime; 422 /** if forward-first is set (failover to without if fails) / 423* int isfirst;	598 599/** 600 * Stub config options 601 / 602struct config_stub { 603* /** next in list / 604* struct config_stub* next; 605 /** domain name (in text) of the stub apex domain / 606* char* name; 607 /** list of stub nameserver hosts (domain name) / 608* struct config_strlist* hosts; 609 /** list of stub nameserver addresses (IP address) / 610* struct config_strlist* addrs; 611 /** if stub-prime is set / 612* int isprime; 613 /** if forward-first is set (failover to without if fails) / 614* int isfirst;
	615 /** use SSL for queries to this stub / 616* int ssl_upstream; 617 /*** no cache / 618* int no_cache;
424}; 425 426/**	619}; 620 621/**
	622 * Auth config options 623 / 624struct config_auth { 625* /** next in list / 626* struct config_auth* next; 627 /** domain name (in text) of the auth apex domain / 628* char* name; 629 /** list of masters / 630* struct config_strlist* masters; 631 /** list of urls / 632* struct config_strlist* urls; 633 /** list of allow-notify / 634* struct config_strlist* allow_notify; 635 /** zonefile (or NULL) / 636* char* zonefile; 637 /** provide downstream answers / 638* int for_downstream; 639 /** provide upstream answers / 640* int for_upstream; 641 /** fallback to recursion to authorities if zone expired and other 642 * reasons perhaps (like, query bogus) / 643* int fallback_enabled; 644}; 645 646/** 647 * View config options 648 / 649struct config_view { 650* /** next in list / 651* struct config_view* next; 652 /** view name / 653* char* name; 654 /** local zones / 655* struct config_str2list* local_zones; 656 /** local data RRs / 657* struct config_strlist* local_data; 658 /** local zones nodefault list / 659* struct config_strlist* local_zones_nodefault; 660#ifdef USE_IPSET 661 /** local zones ipset list / 662* struct config_strlist* local_zones_ipset; 663#endif 664 /** Fallback to global local_zones when there is no match in the view 665 * view specific tree. 1 for yes, 0 for no / 666* int isfirst; 667 /** predefined actions for particular IP address responses / 668* struct config_str2list* respip_actions; 669 /** data complementing the 'redirect' response IP actions / 670* struct config_str2list* respip_data; 671}; 672 673/**
427 * List of strings for config options 428 / 429struct config_strlist { 430* /** next item in list / 431* struct config_strlist* next; 432 /** config option string / 433* char* str; 434}; --- 33 unchanged lines hidden (view full) --- 468 struct config_strbytelist* next; 469 /** first string / 470* char* str; 471 /** second bytestring / 472* uint8_t* str2; 473 size_t str2len; 474}; 475	674 * List of strings for config options 675 / 676struct config_strlist { 677* /** next item in list / 678* struct config_strlist* next; 679 /** config option string / 680* char* str; 681}; --- 33 unchanged lines hidden (view full) --- 715 struct config_strbytelist* next; 716 /** first string / 717* char* str; 718 /** second bytestring / 719* uint8_t* str2; 720 size_t str2len; 721}; 722
476/** List head for strlist processing, used for append operation. / 477struct config_strlist_head { 478* /** first in list of text items / 479* struct config_strlist* first; 480 /** last in list of text items / 481* struct config_strlist* last; 482}; 483
484/** 485 * Create config file structure. Filled with default values. 486 * @return: the new structure or NULL on memory error. 487 / 488struct config_file config_create(void); 489 490/** 491 * Create config file structure for library use. Filled with default values. --- 94 unchanged lines hidden (view full) --- 586 / 587char config_collate_cat(struct config_strlist* list); 588 589/** 590 * Append text at end of list. 591 * @param list: list head. zeroed at start. 592 * @param item: new item. malloced by caller. if NULL the insertion fails. 593 * @return true on success.	723/** 724 * Create config file structure. Filled with default values. 725 * @return: the new structure or NULL on memory error. 726 / 727struct config_file config_create(void); 728 729/** 730 * Create config file structure for library use. Filled with default values. --- 94 unchanged lines hidden (view full) --- 825 / 826char config_collate_cat(struct config_strlist* list); 827 828/** 829 * Append text at end of list. 830 * @param list: list head. zeroed at start. 831 * @param item: new item. malloced by caller. if NULL the insertion fails. 832 * @return true on success.
	833 * on fail the item is free()ed.
594 / 595int cfg_strlist_append(struct config_strlist_head list, char* item); 596 597/**	834 / 835int cfg_strlist_append(struct config_strlist_head list, char* item); 836 837/**
	838 * Searches the end of a string list and appends the given text. 839 * @param head: pointer to strlist head variable. 840 * @param item: new item. malloced by caller. if NULL the insertion fails. 841 * @return true on success. 842 / 843int cfg_strlist_append_ex(struct config_strlist* head, char* item); 844 845/** 846 * Find string in strlist. 847 * @param head: pointer to strlist head variable. 848 * @param item: the item to search for. 849 * @return: the element in the list when found, NULL otherwise. 850 / 851struct config_strlist cfg_strlist_find(struct config_strlist* head, 852 const char* item); 853 854/**
598 * Insert string into strlist. 599 * @param head: pointer to strlist head variable. 600 * @param item: new item. malloced by caller. If NULL the insertion fails. 601 * @return: true on success.	855 * Insert string into strlist. 856 * @param head: pointer to strlist head variable. 857 * @param item: new item. malloced by caller. If NULL the insertion fails. 858 * @return: true on success.
	859 * on fail, the item is free()d.
602 / 603int cfg_strlist_insert(struct config_strlist* head, char* item); 604 605/** insert with region for allocation. / 606int cfg_region_strlist_insert(struct regional region, 607 struct config_strlist** head, char* item); 608 609/** 610 * Insert string into str2list. 611 * @param head: pointer to str2list head variable. 612 * @param item: new item. malloced by caller. If NULL the insertion fails. 613 * @param i2: 2nd string, malloced by caller. If NULL the insertion fails. 614 * @return: true on success.	860 / 861int cfg_strlist_insert(struct config_strlist* head, char* item); 862 863/** insert with region for allocation. / 864int cfg_region_strlist_insert(struct regional region, 865 struct config_strlist** head, char* item); 866 867/** 868 * Insert string into str2list. 869 * @param head: pointer to str2list head variable. 870 * @param item: new item. malloced by caller. If NULL the insertion fails. 871 * @param i2: 2nd string, malloced by caller. If NULL the insertion fails. 872 * @return: true on success.
	873 * on fail, the item and i2 are free()d.
615 / 616int cfg_str2list_insert(struct config_str2list* head, char* item, char* i2); 617 618/** 619 * Insert string into str3list. 620 * @param head: pointer to str3list head variable. 621 * @param item: new item. malloced by caller. If NULL the insertion fails. 622 * @param i2: 2nd string, malloced by caller. If NULL the insertion fails. --- 54 unchanged lines hidden (view full) --- 677 678/** 679 * Delete items in config stub list. 680 * @param list: list. 681 / 682void config_delstubs(struct config_stub list); 683 684/**	874 / 875int cfg_str2list_insert(struct config_str2list* head, char* item, char* i2); 876 877/** 878 * Insert string into str3list. 879 * @param head: pointer to str3list head variable. 880 * @param item: new item. malloced by caller. If NULL the insertion fails. 881 * @param i2: 2nd string, malloced by caller. If NULL the insertion fails. --- 54 unchanged lines hidden (view full) --- 936 937/** 938 * Delete items in config stub list. 939 * @param list: list. 940 / 941void config_delstubs(struct config_stub list); 942 943/**
	944 * Delete an auth item 945 * @param p: auth item 946 / 947void config_delauth(struct config_auth p); 948 949/** 950 * Delete items in config auth list. 951 * @param list: list. 952 / 953void config_delauths(struct config_auth list); 954 955/** 956 * Delete a view item 957 * @param p: view item 958 / 959void config_delview(struct config_view p); 960 961/** 962 * Delete items in config view list. 963 * @param list: list. 964 / 965void config_delviews(struct config_view list); 966 967/** check if config for remote control turns on IP-address interface 968 * with certificates or a named pipe without certificates. / 969int options_remote_is_address(struct config_file cfg); 970 971/**
685 * Convert 14digit to time value 686 * @param str: string of 14 digits 687 * @return time value or 0 for error. 688 / 689time_t cfg_convert_timeval(const char str); 690 691/** 692 * Count number of values in the string. --- 150 unchanged lines hidden (view full) --- 843 * @param qstate: query state. 844 * @param str: explanation string 845 * @param dname: the dname. 846 / 847void errinf_dname(struct module_qstate qstate, const char* str, 848 uint8_t* dname); 849 850/**	972 * Convert 14digit to time value 973 * @param str: string of 14 digits 974 * @return time value or 0 for error. 975 / 976time_t cfg_convert_timeval(const char str); 977 978/** 979 * Count number of values in the string. --- 150 unchanged lines hidden (view full) --- 1130 * @param qstate: query state. 1131 * @param str: explanation string 1132 * @param dname: the dname. 1133 / 1134void errinf_dname(struct module_qstate qstate, const char* str, 1135 uint8_t* dname); 1136 1137/**
851 * Create error info in string	1138 * Create error info in string. For validation failures.
852 * @param qstate: query state. 853 * @return string or NULL on malloc failure (already logged). 854 * This string is malloced and has to be freed by caller. 855 */	1139 * @param qstate: query state. 1140 * @return string or NULL on malloc failure (already logged). 1141 * This string is malloced and has to be freed by caller. 1142 */
856char* errinf_to_str(struct module_qstate* qstate);	1143char* errinf_to_str_bogus(struct module_qstate* qstate);
857 858/**	1144 1145/**
	1146 * Create error info in string. For other servfails. 1147 * @param qstate: query state. 1148 * @return string or NULL on malloc failure (already logged). 1149 * This string is malloced and has to be freed by caller. 1150 / 1151char errinf_to_str_servfail(struct module_qstate* qstate); 1152 1153/**
859 * Used during options parsing 860 / 861struct config_parser_state { 862* /** name of file being parser / 863* char* filename; 864 /** line number in the file, starts at 1 / 865* int line; 866 /** number of errors encountered / --- 32 unchanged lines hidden* (view full) --- 899 * exist on an error (logged with log_err) was encountered. 900 / 901char w_lookup_reg_str(const char* key, const char* name); 902 903/** Modify directory in options for module file name / 904void w_config_adjust_directory(struct config_file cfg); 905#endif /* UB_ON_WINDOWS / 906*	1154 * Used during options parsing 1155 / 1156struct config_parser_state { 1157* /** name of file being parser / 1158* char* filename; 1159 /** line number in the file, starts at 1 / 1160* int line; 1161 /** number of errors encountered / --- 32 unchanged lines hidden* (view full) --- 1194 * exist on an error (logged with log_err) was encountered. 1195 / 1196char w_lookup_reg_str(const char* key, const char* name); 1197 1198/** Modify directory in options for module file name / 1199void w_config_adjust_directory(struct config_file cfg); 1200#endif /* UB_ON_WINDOWS / 1201*
	1202/** debug option for unit tests. / 1203extern int fake_dsa, fake_sha1; 1204*
907#endif /* UTIL_CONFIG_FILE_H */	1205#endif /* UTIL_CONFIG_FILE_H */
	1206