configlexer.lex revision 356345
1%{ 2/* 3 * configlexer.lex - lexical analyzer for unbound config file 4 * 5 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved 6 * 7 * See LICENSE for the license. 8 * 9 */ 10#include "config.h" 11 12/* because flex keeps having sign-unsigned compare problems that are unfixed*/ 13#if defined(__clang__)||(defined(__GNUC__)&&((__GNUC__ >4)||(defined(__GNUC_MINOR__)&&(__GNUC__ ==4)&&(__GNUC_MINOR__ >=2)))) 14#pragma GCC diagnostic ignored "-Wsign-compare" 15#endif 16 17#include <ctype.h> 18#include <strings.h> 19#ifdef HAVE_GLOB_H 20# include <glob.h> 21#endif 22 23#include "util/config_file.h" 24#include "configparser.h" 25void ub_c_error(const char *message); 26 27#if 0 28#define LEXOUT(s) printf s /* used ONLY when debugging */ 29#else 30#define LEXOUT(s) 31#endif 32 33/** avoid warning in about fwrite return value */ 34#define ECHO ub_c_error_msg("syntax error at text: %s", ub_c_text) 35 36/** A parser variable, this is a statement in the config file which is 37 * of the form variable: value1 value2 ... nargs is the number of values. */ 38#define YDVAR(nargs, var) \ 39 num_args=(nargs); \ 40 LEXOUT(("v(%s%d) ", ub_c_text, num_args)); \ 41 if(num_args > 0) { BEGIN(val); } \ 42 return (var); 43 44struct inc_state { 45 char* filename; 46 int line; 47 YY_BUFFER_STATE buffer; 48 struct inc_state* next; 49}; 50static struct inc_state* config_include_stack = NULL; 51static int inc_depth = 0; 52static int inc_prev = 0; 53static int num_args = 0; 54 55void init_cfg_parse(void) 56{ 57 config_include_stack = NULL; 58 inc_depth = 0; 59 inc_prev = 0; 60 num_args = 0; 61} 62 63static void config_start_include(const char* filename) 64{ 65 FILE *input; 66 struct inc_state* s; 67 char* nm; 68 if(inc_depth++ > 100000) { 69 ub_c_error_msg("too many include files"); 70 return; 71 } 72 if(*filename == '\0') { 73 ub_c_error_msg("empty include file name"); 74 return; 75 } 76 s = (struct inc_state*)malloc(sizeof(*s)); 77 if(!s) { 78 ub_c_error_msg("include %s: malloc failure", filename); 79 return; 80 } 81 if(cfg_parser->chroot && strncmp(filename, cfg_parser->chroot, 82 strlen(cfg_parser->chroot)) == 0) { 83 filename += strlen(cfg_parser->chroot); 84 } 85 nm = strdup(filename); 86 if(!nm) { 87 ub_c_error_msg("include %s: strdup failure", filename); 88 free(s); 89 return; 90 } 91 input = fopen(filename, "r"); 92 if(!input) { 93 ub_c_error_msg("cannot open include file '%s': %s", 94 filename, strerror(errno)); 95 free(s); 96 free(nm); 97 return; 98 } 99 LEXOUT(("switch_to_include_file(%s)\n", filename)); 100 s->filename = cfg_parser->filename; 101 s->line = cfg_parser->line; 102 s->buffer = YY_CURRENT_BUFFER; 103 s->next = config_include_stack; 104 config_include_stack = s; 105 cfg_parser->filename = nm; 106 cfg_parser->line = 1; 107 yy_switch_to_buffer(yy_create_buffer(input, YY_BUF_SIZE)); 108} 109 110static void config_start_include_glob(const char* filename) 111{ 112 113 /* check for wildcards */ 114#ifdef HAVE_GLOB 115 glob_t g; 116 int i, r, flags; 117 if(!(!strchr(filename, '*') && !strchr(filename, '?') && !strchr(filename, '[') && 118 !strchr(filename, '{') && !strchr(filename, '~'))) { 119 flags = 0 120#ifdef GLOB_ERR 121 | GLOB_ERR 122#endif 123 /* do not set GLOB_NOSORT so the results are sorted 124 and in a predictable order. */ 125#ifdef GLOB_BRACE 126 | GLOB_BRACE 127#endif 128#ifdef GLOB_TILDE 129 | GLOB_TILDE 130#endif 131 ; 132 memset(&g, 0, sizeof(g)); 133 if(cfg_parser->chroot && strncmp(filename, cfg_parser->chroot, 134 strlen(cfg_parser->chroot)) == 0) { 135 filename += strlen(cfg_parser->chroot); 136 } 137 r = glob(filename, flags, NULL, &g); 138 if(r) { 139 /* some error */ 140 globfree(&g); 141 if(r == GLOB_NOMATCH) 142 return; /* no matches for pattern */ 143 config_start_include(filename); /* let original deal with it */ 144 return; 145 } 146 /* process files found, if any */ 147 for(i=(int)g.gl_pathc-1; i>=0; i--) { 148 config_start_include(g.gl_pathv[i]); 149 } 150 globfree(&g); 151 return; 152 } 153#endif /* HAVE_GLOB */ 154 155 config_start_include(filename); 156} 157 158static void config_end_include(void) 159{ 160 struct inc_state* s = config_include_stack; 161 --inc_depth; 162 if(!s) return; 163 free(cfg_parser->filename); 164 cfg_parser->filename = s->filename; 165 cfg_parser->line = s->line; 166 yy_delete_buffer(YY_CURRENT_BUFFER); 167 yy_switch_to_buffer(s->buffer); 168 config_include_stack = s->next; 169 free(s); 170} 171 172#ifndef yy_set_bol /* compat definition, for flex 2.4.6 */ 173#define yy_set_bol(at_bol) \ 174 { \ 175 if ( ! yy_current_buffer ) \ 176 yy_current_buffer = yy_create_buffer( ub_c_in, YY_BUF_SIZE ); \ 177 yy_current_buffer->yy_ch_buf[0] = ((at_bol)?'\n':' '); \ 178 } 179#endif 180 181%} 182%option noinput 183%option nounput 184%{ 185#ifndef YY_NO_UNPUT 186#define YY_NO_UNPUT 1 187#endif 188#ifndef YY_NO_INPUT 189#define YY_NO_INPUT 1 190#endif 191%} 192 193SPACE [ \t] 194LETTER [a-zA-Z] 195UNQUOTEDLETTER [^\'\"\n\r \t\\]|\\. 196UNQUOTEDLETTER_NOCOLON [^\:\'\"\n\r \t\\]|\\. 197NEWLINE [\r\n] 198COMMENT \# 199COLON \: 200DQANY [^\"\n\r\\]|\\. 201SQANY [^\'\n\r\\]|\\. 202 203%x quotedstring singlequotedstr include include_quoted val 204 205%% 206<INITIAL,val>{SPACE}* { 207 LEXOUT(("SP ")); /* ignore */ } 208<INITIAL,val>{SPACE}*{COMMENT}.* { 209 /* note that flex makes the longest match and '.' is any but not nl */ 210 LEXOUT(("comment(%s) ", ub_c_text)); /* ignore */ } 211server{COLON} { YDVAR(0, VAR_SERVER) } 212qname-minimisation{COLON} { YDVAR(1, VAR_QNAME_MINIMISATION) } 213qname-minimisation-strict{COLON} { YDVAR(1, VAR_QNAME_MINIMISATION_STRICT) } 214num-threads{COLON} { YDVAR(1, VAR_NUM_THREADS) } 215verbosity{COLON} { YDVAR(1, VAR_VERBOSITY) } 216port{COLON} { YDVAR(1, VAR_PORT) } 217outgoing-range{COLON} { YDVAR(1, VAR_OUTGOING_RANGE) } 218outgoing-port-permit{COLON} { YDVAR(1, VAR_OUTGOING_PORT_PERMIT) } 219outgoing-port-avoid{COLON} { YDVAR(1, VAR_OUTGOING_PORT_AVOID) } 220outgoing-num-tcp{COLON} { YDVAR(1, VAR_OUTGOING_NUM_TCP) } 221incoming-num-tcp{COLON} { YDVAR(1, VAR_INCOMING_NUM_TCP) } 222do-ip4{COLON} { YDVAR(1, VAR_DO_IP4) } 223do-ip6{COLON} { YDVAR(1, VAR_DO_IP6) } 224prefer-ip6{COLON} { YDVAR(1, VAR_PREFER_IP6) } 225do-udp{COLON} { YDVAR(1, VAR_DO_UDP) } 226do-tcp{COLON} { YDVAR(1, VAR_DO_TCP) } 227tcp-upstream{COLON} { YDVAR(1, VAR_TCP_UPSTREAM) } 228tcp-mss{COLON} { YDVAR(1, VAR_TCP_MSS) } 229outgoing-tcp-mss{COLON} { YDVAR(1, VAR_OUTGOING_TCP_MSS) } 230tcp-idle-timeout{COLON} { YDVAR(1, VAR_TCP_IDLE_TIMEOUT) } 231edns-tcp-keepalive{COLON} { YDVAR(1, VAR_EDNS_TCP_KEEPALIVE) } 232edns-tcp-keepalive-timeout{COLON} { YDVAR(1, VAR_EDNS_TCP_KEEPALIVE_TIMEOUT) } 233ssl-upstream{COLON} { YDVAR(1, VAR_SSL_UPSTREAM) } 234tls-upstream{COLON} { YDVAR(1, VAR_SSL_UPSTREAM) } 235ssl-service-key{COLON} { YDVAR(1, VAR_SSL_SERVICE_KEY) } 236tls-service-key{COLON} { YDVAR(1, VAR_SSL_SERVICE_KEY) } 237ssl-service-pem{COLON} { YDVAR(1, VAR_SSL_SERVICE_PEM) } 238tls-service-pem{COLON} { YDVAR(1, VAR_SSL_SERVICE_PEM) } 239ssl-port{COLON} { YDVAR(1, VAR_SSL_PORT) } 240tls-port{COLON} { YDVAR(1, VAR_SSL_PORT) } 241ssl-cert-bundle{COLON} { YDVAR(1, VAR_TLS_CERT_BUNDLE) } 242tls-cert-bundle{COLON} { YDVAR(1, VAR_TLS_CERT_BUNDLE) } 243tls-win-cert{COLON} { YDVAR(1, VAR_TLS_WIN_CERT) } 244additional-ssl-port{COLON} { YDVAR(1, VAR_TLS_ADDITIONAL_PORT) } 245additional-tls-port{COLON} { YDVAR(1, VAR_TLS_ADDITIONAL_PORT) } 246tls-additional-ports{COLON} { YDVAR(1, VAR_TLS_ADDITIONAL_PORT) } 247tls-additional-port{COLON} { YDVAR(1, VAR_TLS_ADDITIONAL_PORT) } 248tls-session-ticket-keys{COLON} { YDVAR(1, VAR_TLS_SESSION_TICKET_KEYS) } 249tls-ciphers{COLON} { YDVAR(1, VAR_TLS_CIPHERS) } 250tls-ciphersuites{COLON} { YDVAR(1, VAR_TLS_CIPHERSUITES) } 251use-systemd{COLON} { YDVAR(1, VAR_USE_SYSTEMD) } 252do-daemonize{COLON} { YDVAR(1, VAR_DO_DAEMONIZE) } 253interface{COLON} { YDVAR(1, VAR_INTERFACE) } 254ip-address{COLON} { YDVAR(1, VAR_INTERFACE) } 255outgoing-interface{COLON} { YDVAR(1, VAR_OUTGOING_INTERFACE) } 256interface-automatic{COLON} { YDVAR(1, VAR_INTERFACE_AUTOMATIC) } 257so-rcvbuf{COLON} { YDVAR(1, VAR_SO_RCVBUF) } 258so-sndbuf{COLON} { YDVAR(1, VAR_SO_SNDBUF) } 259so-reuseport{COLON} { YDVAR(1, VAR_SO_REUSEPORT) } 260ip-transparent{COLON} { YDVAR(1, VAR_IP_TRANSPARENT) } 261ip-freebind{COLON} { YDVAR(1, VAR_IP_FREEBIND) } 262chroot{COLON} { YDVAR(1, VAR_CHROOT) } 263username{COLON} { YDVAR(1, VAR_USERNAME) } 264directory{COLON} { YDVAR(1, VAR_DIRECTORY) } 265logfile{COLON} { YDVAR(1, VAR_LOGFILE) } 266pidfile{COLON} { YDVAR(1, VAR_PIDFILE) } 267root-hints{COLON} { YDVAR(1, VAR_ROOT_HINTS) } 268stream-wait-size{COLON} { YDVAR(1, VAR_STREAM_WAIT_SIZE) } 269edns-buffer-size{COLON} { YDVAR(1, VAR_EDNS_BUFFER_SIZE) } 270msg-buffer-size{COLON} { YDVAR(1, VAR_MSG_BUFFER_SIZE) } 271msg-cache-size{COLON} { YDVAR(1, VAR_MSG_CACHE_SIZE) } 272msg-cache-slabs{COLON} { YDVAR(1, VAR_MSG_CACHE_SLABS) } 273rrset-cache-size{COLON} { YDVAR(1, VAR_RRSET_CACHE_SIZE) } 274rrset-cache-slabs{COLON} { YDVAR(1, VAR_RRSET_CACHE_SLABS) } 275cache-max-ttl{COLON} { YDVAR(1, VAR_CACHE_MAX_TTL) } 276cache-max-negative-ttl{COLON} { YDVAR(1, VAR_CACHE_MAX_NEGATIVE_TTL) } 277cache-min-ttl{COLON} { YDVAR(1, VAR_CACHE_MIN_TTL) } 278infra-host-ttl{COLON} { YDVAR(1, VAR_INFRA_HOST_TTL) } 279infra-lame-ttl{COLON} { YDVAR(1, VAR_INFRA_LAME_TTL) } 280infra-cache-slabs{COLON} { YDVAR(1, VAR_INFRA_CACHE_SLABS) } 281infra-cache-numhosts{COLON} { YDVAR(1, VAR_INFRA_CACHE_NUMHOSTS) } 282infra-cache-lame-size{COLON} { YDVAR(1, VAR_INFRA_CACHE_LAME_SIZE) } 283infra-cache-min-rtt{COLON} { YDVAR(1, VAR_INFRA_CACHE_MIN_RTT) } 284num-queries-per-thread{COLON} { YDVAR(1, VAR_NUM_QUERIES_PER_THREAD) } 285jostle-timeout{COLON} { YDVAR(1, VAR_JOSTLE_TIMEOUT) } 286delay-close{COLON} { YDVAR(1, VAR_DELAY_CLOSE) } 287target-fetch-policy{COLON} { YDVAR(1, VAR_TARGET_FETCH_POLICY) } 288harden-short-bufsize{COLON} { YDVAR(1, VAR_HARDEN_SHORT_BUFSIZE) } 289harden-large-queries{COLON} { YDVAR(1, VAR_HARDEN_LARGE_QUERIES) } 290harden-glue{COLON} { YDVAR(1, VAR_HARDEN_GLUE) } 291harden-dnssec-stripped{COLON} { YDVAR(1, VAR_HARDEN_DNSSEC_STRIPPED) } 292harden-below-nxdomain{COLON} { YDVAR(1, VAR_HARDEN_BELOW_NXDOMAIN) } 293harden-referral-path{COLON} { YDVAR(1, VAR_HARDEN_REFERRAL_PATH) } 294harden-algo-downgrade{COLON} { YDVAR(1, VAR_HARDEN_ALGO_DOWNGRADE) } 295use-caps-for-id{COLON} { YDVAR(1, VAR_USE_CAPS_FOR_ID) } 296caps-whitelist{COLON} { YDVAR(1, VAR_CAPS_WHITELIST) } 297unwanted-reply-threshold{COLON} { YDVAR(1, VAR_UNWANTED_REPLY_THRESHOLD) } 298private-address{COLON} { YDVAR(1, VAR_PRIVATE_ADDRESS) } 299private-domain{COLON} { YDVAR(1, VAR_PRIVATE_DOMAIN) } 300prefetch-key{COLON} { YDVAR(1, VAR_PREFETCH_KEY) } 301prefetch{COLON} { YDVAR(1, VAR_PREFETCH) } 302deny-any{COLON} { YDVAR(1, VAR_DENY_ANY) } 303stub-zone{COLON} { YDVAR(0, VAR_STUB_ZONE) } 304name{COLON} { YDVAR(1, VAR_NAME) } 305stub-addr{COLON} { YDVAR(1, VAR_STUB_ADDR) } 306stub-host{COLON} { YDVAR(1, VAR_STUB_HOST) } 307stub-prime{COLON} { YDVAR(1, VAR_STUB_PRIME) } 308stub-first{COLON} { YDVAR(1, VAR_STUB_FIRST) } 309stub-no-cache{COLON} { YDVAR(1, VAR_STUB_NO_CACHE) } 310stub-ssl-upstream{COLON} { YDVAR(1, VAR_STUB_SSL_UPSTREAM) } 311stub-tls-upstream{COLON} { YDVAR(1, VAR_STUB_SSL_UPSTREAM) } 312forward-zone{COLON} { YDVAR(0, VAR_FORWARD_ZONE) } 313forward-addr{COLON} { YDVAR(1, VAR_FORWARD_ADDR) } 314forward-host{COLON} { YDVAR(1, VAR_FORWARD_HOST) } 315forward-first{COLON} { YDVAR(1, VAR_FORWARD_FIRST) } 316forward-no-cache{COLON} { YDVAR(1, VAR_FORWARD_NO_CACHE) } 317forward-ssl-upstream{COLON} { YDVAR(1, VAR_FORWARD_SSL_UPSTREAM) } 318forward-tls-upstream{COLON} { YDVAR(1, VAR_FORWARD_SSL_UPSTREAM) } 319auth-zone{COLON} { YDVAR(0, VAR_AUTH_ZONE) } 320zonefile{COLON} { YDVAR(1, VAR_ZONEFILE) } 321master{COLON} { YDVAR(1, VAR_MASTER) } 322url{COLON} { YDVAR(1, VAR_URL) } 323allow-notify{COLON} { YDVAR(1, VAR_ALLOW_NOTIFY) } 324for-downstream{COLON} { YDVAR(1, VAR_FOR_DOWNSTREAM) } 325for-upstream{COLON} { YDVAR(1, VAR_FOR_UPSTREAM) } 326fallback-enabled{COLON} { YDVAR(1, VAR_FALLBACK_ENABLED) } 327view{COLON} { YDVAR(0, VAR_VIEW) } 328view-first{COLON} { YDVAR(1, VAR_VIEW_FIRST) } 329do-not-query-address{COLON} { YDVAR(1, VAR_DO_NOT_QUERY_ADDRESS) } 330do-not-query-localhost{COLON} { YDVAR(1, VAR_DO_NOT_QUERY_LOCALHOST) } 331access-control{COLON} { YDVAR(2, VAR_ACCESS_CONTROL) } 332send-client-subnet{COLON} { YDVAR(1, VAR_SEND_CLIENT_SUBNET) } 333client-subnet-zone{COLON} { YDVAR(1, VAR_CLIENT_SUBNET_ZONE) } 334client-subnet-always-forward{COLON} { YDVAR(1, VAR_CLIENT_SUBNET_ALWAYS_FORWARD) } 335client-subnet-opcode{COLON} { YDVAR(1, VAR_CLIENT_SUBNET_OPCODE) } 336max-client-subnet-ipv4{COLON} { YDVAR(1, VAR_MAX_CLIENT_SUBNET_IPV4) } 337max-client-subnet-ipv6{COLON} { YDVAR(1, VAR_MAX_CLIENT_SUBNET_IPV6) } 338min-client-subnet-ipv4{COLON} { YDVAR(1, VAR_MIN_CLIENT_SUBNET_IPV4) } 339min-client-subnet-ipv6{COLON} { YDVAR(1, VAR_MIN_CLIENT_SUBNET_IPV6) } 340max-ecs-tree-size-ipv4{COLON} { YDVAR(1, VAR_MAX_ECS_TREE_SIZE_IPV4) } 341max-ecs-tree-size-ipv6{COLON} { YDVAR(1, VAR_MAX_ECS_TREE_SIZE_IPV6) } 342hide-identity{COLON} { YDVAR(1, VAR_HIDE_IDENTITY) } 343hide-version{COLON} { YDVAR(1, VAR_HIDE_VERSION) } 344hide-trustanchor{COLON} { YDVAR(1, VAR_HIDE_TRUSTANCHOR) } 345identity{COLON} { YDVAR(1, VAR_IDENTITY) } 346version{COLON} { YDVAR(1, VAR_VERSION) } 347module-config{COLON} { YDVAR(1, VAR_MODULE_CONF) } 348dlv-anchor{COLON} { YDVAR(1, VAR_DLV_ANCHOR) } 349dlv-anchor-file{COLON} { YDVAR(1, VAR_DLV_ANCHOR_FILE) } 350trust-anchor-file{COLON} { YDVAR(1, VAR_TRUST_ANCHOR_FILE) } 351auto-trust-anchor-file{COLON} { YDVAR(1, VAR_AUTO_TRUST_ANCHOR_FILE) } 352trusted-keys-file{COLON} { YDVAR(1, VAR_TRUSTED_KEYS_FILE) } 353trust-anchor{COLON} { YDVAR(1, VAR_TRUST_ANCHOR) } 354trust-anchor-signaling{COLON} { YDVAR(1, VAR_TRUST_ANCHOR_SIGNALING) } 355root-key-sentinel{COLON} { YDVAR(1, VAR_ROOT_KEY_SENTINEL) } 356val-override-date{COLON} { YDVAR(1, VAR_VAL_OVERRIDE_DATE) } 357val-sig-skew-min{COLON} { YDVAR(1, VAR_VAL_SIG_SKEW_MIN) } 358val-sig-skew-max{COLON} { YDVAR(1, VAR_VAL_SIG_SKEW_MAX) } 359val-bogus-ttl{COLON} { YDVAR(1, VAR_BOGUS_TTL) } 360val-clean-additional{COLON} { YDVAR(1, VAR_VAL_CLEAN_ADDITIONAL) } 361val-permissive-mode{COLON} { YDVAR(1, VAR_VAL_PERMISSIVE_MODE) } 362aggressive-nsec{COLON} { YDVAR(1, VAR_AGGRESSIVE_NSEC) } 363ignore-cd-flag{COLON} { YDVAR(1, VAR_IGNORE_CD_FLAG) } 364serve-expired{COLON} { YDVAR(1, VAR_SERVE_EXPIRED) } 365serve-expired-ttl{COLON} { YDVAR(1, VAR_SERVE_EXPIRED_TTL) } 366serve-expired-ttl-reset{COLON} { YDVAR(1, VAR_SERVE_EXPIRED_TTL_RESET) } 367fake-dsa{COLON} { YDVAR(1, VAR_FAKE_DSA) } 368fake-sha1{COLON} { YDVAR(1, VAR_FAKE_SHA1) } 369val-log-level{COLON} { YDVAR(1, VAR_VAL_LOG_LEVEL) } 370key-cache-size{COLON} { YDVAR(1, VAR_KEY_CACHE_SIZE) } 371key-cache-slabs{COLON} { YDVAR(1, VAR_KEY_CACHE_SLABS) } 372neg-cache-size{COLON} { YDVAR(1, VAR_NEG_CACHE_SIZE) } 373val-nsec3-keysize-iterations{COLON} { 374 YDVAR(1, VAR_VAL_NSEC3_KEYSIZE_ITERATIONS) } 375add-holddown{COLON} { YDVAR(1, VAR_ADD_HOLDDOWN) } 376del-holddown{COLON} { YDVAR(1, VAR_DEL_HOLDDOWN) } 377keep-missing{COLON} { YDVAR(1, VAR_KEEP_MISSING) } 378permit-small-holddown{COLON} { YDVAR(1, VAR_PERMIT_SMALL_HOLDDOWN) } 379use-syslog{COLON} { YDVAR(1, VAR_USE_SYSLOG) } 380log-identity{COLON} { YDVAR(1, VAR_LOG_IDENTITY) } 381log-time-ascii{COLON} { YDVAR(1, VAR_LOG_TIME_ASCII) } 382log-queries{COLON} { YDVAR(1, VAR_LOG_QUERIES) } 383log-replies{COLON} { YDVAR(1, VAR_LOG_REPLIES) } 384log-tag-queryreply{COLON} { YDVAR(1, VAR_LOG_TAG_QUERYREPLY) } 385log-local-actions{COLON} { YDVAR(1, VAR_LOG_LOCAL_ACTIONS) } 386log-servfail{COLON} { YDVAR(1, VAR_LOG_SERVFAIL) } 387local-zone{COLON} { YDVAR(2, VAR_LOCAL_ZONE) } 388local-data{COLON} { YDVAR(1, VAR_LOCAL_DATA) } 389local-data-ptr{COLON} { YDVAR(1, VAR_LOCAL_DATA_PTR) } 390unblock-lan-zones{COLON} { YDVAR(1, VAR_UNBLOCK_LAN_ZONES) } 391insecure-lan-zones{COLON} { YDVAR(1, VAR_INSECURE_LAN_ZONES) } 392statistics-interval{COLON} { YDVAR(1, VAR_STATISTICS_INTERVAL) } 393statistics-cumulative{COLON} { YDVAR(1, VAR_STATISTICS_CUMULATIVE) } 394extended-statistics{COLON} { YDVAR(1, VAR_EXTENDED_STATISTICS) } 395shm-enable{COLON} { YDVAR(1, VAR_SHM_ENABLE) } 396shm-key{COLON} { YDVAR(1, VAR_SHM_KEY) } 397remote-control{COLON} { YDVAR(0, VAR_REMOTE_CONTROL) } 398control-enable{COLON} { YDVAR(1, VAR_CONTROL_ENABLE) } 399control-interface{COLON} { YDVAR(1, VAR_CONTROL_INTERFACE) } 400control-port{COLON} { YDVAR(1, VAR_CONTROL_PORT) } 401control-use-cert{COLON} { YDVAR(1, VAR_CONTROL_USE_CERT) } 402server-key-file{COLON} { YDVAR(1, VAR_SERVER_KEY_FILE) } 403server-cert-file{COLON} { YDVAR(1, VAR_SERVER_CERT_FILE) } 404control-key-file{COLON} { YDVAR(1, VAR_CONTROL_KEY_FILE) } 405control-cert-file{COLON} { YDVAR(1, VAR_CONTROL_CERT_FILE) } 406python-script{COLON} { YDVAR(1, VAR_PYTHON_SCRIPT) } 407python{COLON} { YDVAR(0, VAR_PYTHON) } 408domain-insecure{COLON} { YDVAR(1, VAR_DOMAIN_INSECURE) } 409minimal-responses{COLON} { YDVAR(1, VAR_MINIMAL_RESPONSES) } 410rrset-roundrobin{COLON} { YDVAR(1, VAR_RRSET_ROUNDROBIN) } 411unknown-server-time-limit{COLON} { YDVAR(1, VAR_UNKNOWN_SERVER_TIME_LIMIT) } 412max-udp-size{COLON} { YDVAR(1, VAR_MAX_UDP_SIZE) } 413dns64-prefix{COLON} { YDVAR(1, VAR_DNS64_PREFIX) } 414dns64-synthall{COLON} { YDVAR(1, VAR_DNS64_SYNTHALL) } 415dns64-ignore-aaaa{COLON} { YDVAR(1, VAR_DNS64_IGNORE_AAAA) } 416define-tag{COLON} { YDVAR(1, VAR_DEFINE_TAG) } 417local-zone-tag{COLON} { YDVAR(2, VAR_LOCAL_ZONE_TAG) } 418access-control-tag{COLON} { YDVAR(2, VAR_ACCESS_CONTROL_TAG) } 419access-control-tag-action{COLON} { YDVAR(3, VAR_ACCESS_CONTROL_TAG_ACTION) } 420access-control-tag-data{COLON} { YDVAR(3, VAR_ACCESS_CONTROL_TAG_DATA) } 421access-control-view{COLON} { YDVAR(2, VAR_ACCESS_CONTROL_VIEW) } 422local-zone-override{COLON} { YDVAR(3, VAR_LOCAL_ZONE_OVERRIDE) } 423dnstap{COLON} { YDVAR(0, VAR_DNSTAP) } 424dnstap-enable{COLON} { YDVAR(1, VAR_DNSTAP_ENABLE) } 425dnstap-socket-path{COLON} { YDVAR(1, VAR_DNSTAP_SOCKET_PATH) } 426dnstap-send-identity{COLON} { YDVAR(1, VAR_DNSTAP_SEND_IDENTITY) } 427dnstap-send-version{COLON} { YDVAR(1, VAR_DNSTAP_SEND_VERSION) } 428dnstap-identity{COLON} { YDVAR(1, VAR_DNSTAP_IDENTITY) } 429dnstap-version{COLON} { YDVAR(1, VAR_DNSTAP_VERSION) } 430dnstap-log-resolver-query-messages{COLON} { 431 YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES) } 432dnstap-log-resolver-response-messages{COLON} { 433 YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES) } 434dnstap-log-client-query-messages{COLON} { 435 YDVAR(1, VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES) } 436dnstap-log-client-response-messages{COLON} { 437 YDVAR(1, VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES) } 438dnstap-log-forwarder-query-messages{COLON} { 439 YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES) } 440dnstap-log-forwarder-response-messages{COLON} { 441 YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES) } 442disable-dnssec-lame-check{COLON} { YDVAR(1, VAR_DISABLE_DNSSEC_LAME_CHECK) } 443ip-ratelimit{COLON} { YDVAR(1, VAR_IP_RATELIMIT) } 444ratelimit{COLON} { YDVAR(1, VAR_RATELIMIT) } 445ip-ratelimit-slabs{COLON} { YDVAR(1, VAR_IP_RATELIMIT_SLABS) } 446ratelimit-slabs{COLON} { YDVAR(1, VAR_RATELIMIT_SLABS) } 447ip-ratelimit-size{COLON} { YDVAR(1, VAR_IP_RATELIMIT_SIZE) } 448ratelimit-size{COLON} { YDVAR(1, VAR_RATELIMIT_SIZE) } 449ratelimit-for-domain{COLON} { YDVAR(2, VAR_RATELIMIT_FOR_DOMAIN) } 450ratelimit-below-domain{COLON} { YDVAR(2, VAR_RATELIMIT_BELOW_DOMAIN) } 451ip-ratelimit-factor{COLON} { YDVAR(1, VAR_IP_RATELIMIT_FACTOR) } 452ratelimit-factor{COLON} { YDVAR(1, VAR_RATELIMIT_FACTOR) } 453low-rtt{COLON} { YDVAR(1, VAR_LOW_RTT) } 454fast-server-num{COLON} { YDVAR(1, VAR_FAST_SERVER_NUM) } 455low-rtt-pct{COLON} { YDVAR(1, VAR_FAST_SERVER_PERMIL) } 456low-rtt-permil{COLON} { YDVAR(1, VAR_FAST_SERVER_PERMIL) } 457fast-server-permil{COLON} { YDVAR(1, VAR_FAST_SERVER_PERMIL) } 458response-ip-tag{COLON} { YDVAR(2, VAR_RESPONSE_IP_TAG) } 459response-ip{COLON} { YDVAR(2, VAR_RESPONSE_IP) } 460response-ip-data{COLON} { YDVAR(2, VAR_RESPONSE_IP_DATA) } 461dnscrypt{COLON} { YDVAR(0, VAR_DNSCRYPT) } 462dnscrypt-enable{COLON} { YDVAR(1, VAR_DNSCRYPT_ENABLE) } 463dnscrypt-port{COLON} { YDVAR(1, VAR_DNSCRYPT_PORT) } 464dnscrypt-provider{COLON} { YDVAR(1, VAR_DNSCRYPT_PROVIDER) } 465dnscrypt-secret-key{COLON} { YDVAR(1, VAR_DNSCRYPT_SECRET_KEY) } 466dnscrypt-provider-cert{COLON} { YDVAR(1, VAR_DNSCRYPT_PROVIDER_CERT) } 467dnscrypt-provider-cert-rotated{COLON} { YDVAR(1, VAR_DNSCRYPT_PROVIDER_CERT_ROTATED) } 468dnscrypt-shared-secret-cache-size{COLON} { 469 YDVAR(1, VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE) } 470dnscrypt-shared-secret-cache-slabs{COLON} { 471 YDVAR(1, VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS) } 472dnscrypt-nonce-cache-size{COLON} { YDVAR(1, VAR_DNSCRYPT_NONCE_CACHE_SIZE) } 473dnscrypt-nonce-cache-slabs{COLON} { YDVAR(1, VAR_DNSCRYPT_NONCE_CACHE_SLABS) } 474ipsecmod-enabled{COLON} { YDVAR(1, VAR_IPSECMOD_ENABLED) } 475ipsecmod-ignore-bogus{COLON} { YDVAR(1, VAR_IPSECMOD_IGNORE_BOGUS) } 476ipsecmod-hook{COLON} { YDVAR(1, VAR_IPSECMOD_HOOK) } 477ipsecmod-max-ttl{COLON} { YDVAR(1, VAR_IPSECMOD_MAX_TTL) } 478ipsecmod-whitelist{COLON} { YDVAR(1, VAR_IPSECMOD_WHITELIST) } 479ipsecmod-strict{COLON} { YDVAR(1, VAR_IPSECMOD_STRICT) } 480cachedb{COLON} { YDVAR(0, VAR_CACHEDB) } 481backend{COLON} { YDVAR(1, VAR_CACHEDB_BACKEND) } 482secret-seed{COLON} { YDVAR(1, VAR_CACHEDB_SECRETSEED) } 483redis-server-host{COLON} { YDVAR(1, VAR_CACHEDB_REDISHOST) } 484redis-server-port{COLON} { YDVAR(1, VAR_CACHEDB_REDISPORT) } 485redis-timeout{COLON} { YDVAR(1, VAR_CACHEDB_REDISTIMEOUT) } 486ipset{COLON} { YDVAR(0, VAR_IPSET) } 487name-v4{COLON} { YDVAR(1, VAR_IPSET_NAME_V4) } 488name-v6{COLON} { YDVAR(1, VAR_IPSET_NAME_V6) } 489udp-upstream-without-downstream{COLON} { YDVAR(1, VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM) } 490tcp-connection-limit{COLON} { YDVAR(2, VAR_TCP_CONNECTION_LIMIT) } 491<INITIAL,val>{NEWLINE} { LEXOUT(("NL\n")); cfg_parser->line++; } 492 493 /* Quoted strings. Strip leading and ending quotes */ 494<val>\" { BEGIN(quotedstring); LEXOUT(("QS ")); } 495<quotedstring><<EOF>> { 496 ub_c_error("EOF inside quoted string"); 497 if(--num_args == 0) { BEGIN(INITIAL); } 498 else { BEGIN(val); } 499} 500<quotedstring>{DQANY}* { LEXOUT(("STR(%s) ", ub_c_text)); yymore(); } 501<quotedstring>{NEWLINE} { ub_c_error("newline inside quoted string, no end \""); 502 cfg_parser->line++; BEGIN(INITIAL); } 503<quotedstring>\" { 504 LEXOUT(("QE ")); 505 if(--num_args == 0) { BEGIN(INITIAL); } 506 else { BEGIN(val); } 507 ub_c_text[ub_c_leng - 1] = '\0'; 508 ub_c_lval.str = strdup(ub_c_text); 509 if(!ub_c_lval.str) 510 ub_c_error("out of memory"); 511 return STRING_ARG; 512} 513 514 /* Single Quoted strings. Strip leading and ending quotes */ 515<val>\' { BEGIN(singlequotedstr); LEXOUT(("SQS ")); } 516<singlequotedstr><<EOF>> { 517 ub_c_error("EOF inside quoted string"); 518 if(--num_args == 0) { BEGIN(INITIAL); } 519 else { BEGIN(val); } 520} 521<singlequotedstr>{SQANY}* { LEXOUT(("STR(%s) ", ub_c_text)); yymore(); } 522<singlequotedstr>{NEWLINE} { ub_c_error("newline inside quoted string, no end '"); 523 cfg_parser->line++; BEGIN(INITIAL); } 524<singlequotedstr>\' { 525 LEXOUT(("SQE ")); 526 if(--num_args == 0) { BEGIN(INITIAL); } 527 else { BEGIN(val); } 528 ub_c_text[ub_c_leng - 1] = '\0'; 529 ub_c_lval.str = strdup(ub_c_text); 530 if(!ub_c_lval.str) 531 ub_c_error("out of memory"); 532 return STRING_ARG; 533} 534 535 /* include: directive */ 536<INITIAL,val>include{COLON} { 537 LEXOUT(("v(%s) ", ub_c_text)); inc_prev = YYSTATE; BEGIN(include); } 538<include><<EOF>> { 539 ub_c_error("EOF inside include directive"); 540 BEGIN(inc_prev); 541} 542<include>{SPACE}* { LEXOUT(("ISP ")); /* ignore */ } 543<include>{NEWLINE} { LEXOUT(("NL\n")); cfg_parser->line++;} 544<include>\" { LEXOUT(("IQS ")); BEGIN(include_quoted); } 545<include>{UNQUOTEDLETTER}* { 546 LEXOUT(("Iunquotedstr(%s) ", ub_c_text)); 547 config_start_include_glob(ub_c_text); 548 BEGIN(inc_prev); 549} 550<include_quoted><<EOF>> { 551 ub_c_error("EOF inside quoted string"); 552 BEGIN(inc_prev); 553} 554<include_quoted>{DQANY}* { LEXOUT(("ISTR(%s) ", ub_c_text)); yymore(); } 555<include_quoted>{NEWLINE} { ub_c_error("newline before \" in include name"); 556 cfg_parser->line++; BEGIN(inc_prev); } 557<include_quoted>\" { 558 LEXOUT(("IQE ")); 559 ub_c_text[ub_c_leng - 1] = '\0'; 560 config_start_include_glob(ub_c_text); 561 BEGIN(inc_prev); 562} 563<INITIAL,val><<EOF>> { 564 LEXOUT(("LEXEOF ")); 565 yy_set_bol(1); /* Set beginning of line, so "^" rules match. */ 566 if (!config_include_stack) { 567 yyterminate(); 568 } else { 569 fclose(ub_c_in); 570 config_end_include(); 571 } 572} 573 574<val>{UNQUOTEDLETTER}* { LEXOUT(("unquotedstr(%s) ", ub_c_text)); 575 if(--num_args == 0) { BEGIN(INITIAL); } 576 ub_c_lval.str = strdup(ub_c_text); return STRING_ARG; } 577 578{UNQUOTEDLETTER_NOCOLON}* { 579 ub_c_error_msg("unknown keyword '%s'", ub_c_text); 580 } 581 582<*>. { 583 ub_c_error_msg("stray '%s'", ub_c_text); 584 } 585 586%% 587