1/* 2 * configparser.y -- yacc grammar for unbound configuration files 3 * 4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. 5 * 6 * Copyright (c) 2007, NLnet Labs. All rights reserved. 7 * 8 * This software is open source. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * Redistributions of source code must retain the above copyright notice, 15 * this list of conditions and the following disclaimer. 16 * 17 * Redistributions in binary form must reproduce the above copyright notice, 18 * this list of conditions and the following disclaimer in the documentation 19 * and/or other materials provided with the distribution. 20 * 21 * Neither the name of the NLNET LABS nor the names of its contributors may 22 * be used to endorse or promote products derived from this software without 23 * specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38%{ 39#include "config.h" 40 41#include <stdarg.h> 42#include <stdio.h> 43#include <string.h> 44#include <stdlib.h> 45#include <assert.h> 46 47#include "util/configyyrename.h" 48#include "util/config_file.h" 49#include "util/net_help.h" 50 51int ub_c_lex(void); 52void ub_c_error(const char *message); 53 54static void validate_respip_action(const char* action); 55 56/* these need to be global, otherwise they cannot be used inside yacc */ 57extern struct config_parser_state* cfg_parser; 58 59#if 0 60#define OUTYY(s) printf s /* used ONLY when debugging */ 61#else 62#define OUTYY(s) 63#endif 64 65%} 66%union { 67 char* str; 68}; 69 70%token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR 71%token <str> STRING_ARG 72%token VAR_FORCE_TOPLEVEL 73%token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT 74%token VAR_OUTGOING_RANGE VAR_INTERFACE VAR_PREFER_IP4 75%token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP 76%token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT 77%token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT 78%token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE 79%token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD 80%token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP 81%token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS 82%token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME 83%token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY 84%token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES 85%token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR 86%token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION 87%token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF 88%token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE 89%token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE 90%token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE 91%token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE 92%token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG 93%token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST 94%token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL 95%token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC 96%token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID 97%token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT 98%token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR 99%token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS 100%token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE 101%token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE 102%token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE 103%token VAR_CONTROL_USE_CERT 104%token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT 105%token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII 106%token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN 107%token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL 108%token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN 109%token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH 110%token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN 111%token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS 112%token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM 113%token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST 114%token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE 115%token VAR_HTTPS_PORT VAR_HTTP_ENDPOINT VAR_HTTP_MAX_STREAMS 116%token VAR_HTTP_QUERY_BUFFER_SIZE VAR_HTTP_RESPONSE_BUFFER_SIZE 117%token VAR_HTTP_NODELAY VAR_HTTP_NOTLS_DOWNSTREAM 118%token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN 119%token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE VAR_UDP_CONNECT 120%token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES 121%token VAR_INFRA_CACHE_MIN_RTT VAR_INFRA_KEEP_PROBING 122%token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA 123%token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH VAR_DNSTAP_IP 124%token VAR_DNSTAP_TLS VAR_DNSTAP_TLS_SERVER_NAME VAR_DNSTAP_TLS_CERT_BUNDLE 125%token VAR_DNSTAP_TLS_CLIENT_KEY_FILE VAR_DNSTAP_TLS_CLIENT_CERT_FILE 126%token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION VAR_DNSTAP_BIDIRECTIONAL 127%token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION 128%token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 129%token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 130%token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 131%token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 132%token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 133%token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 134%token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA 135%token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT 136%token VAR_IP_DSCP 137%token VAR_DISABLE_DNSSEC_LAME_CHECK 138%token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE 139%token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE 140%token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN 141%token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR 142%token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE 143%token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE 144%token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6 145%token VAR_MIN_CLIENT_SUBNET_IPV4 VAR_MIN_CLIENT_SUBNET_IPV6 146%token VAR_MAX_ECS_TREE_SIZE_IPV4 VAR_MAX_ECS_TREE_SIZE_IPV6 147%token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN 148%token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND 149%token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG 150%token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION 151%token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW 152%token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_SERVE_EXPIRED_TTL 153%token VAR_SERVE_EXPIRED_TTL_RESET VAR_SERVE_EXPIRED_REPLY_TTL 154%token VAR_SERVE_EXPIRED_CLIENT_TIMEOUT VAR_SERVE_ORIGINAL_TTL VAR_FAKE_DSA 155%token VAR_FAKE_SHA1 VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR 156%token VAR_TRUST_ANCHOR_SIGNALING VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD 157%token VAR_SHM_ENABLE VAR_SHM_KEY VAR_ROOT_KEY_SENTINEL 158%token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER 159%token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT 160%token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 161%token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 162%token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 163%token VAR_DNSCRYPT_NONCE_CACHE_SIZE 164%token VAR_DNSCRYPT_NONCE_CACHE_SLABS 165%token VAR_PAD_RESPONSES VAR_PAD_RESPONSES_BLOCK_SIZE 166%token VAR_PAD_QUERIES VAR_PAD_QUERIES_BLOCK_SIZE 167%token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS 168%token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT 169%token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED 170%token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISTIMEOUT 171%token VAR_CACHEDB_REDISEXPIRERECORDS 172%token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM 173%token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM 174%token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL 175%token VAR_FAST_SERVER_PERMIL VAR_FAST_SERVER_NUM 176%token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT VAR_TCP_CONNECTION_LIMIT 177%token VAR_FORWARD_NO_CACHE VAR_STUB_NO_CACHE VAR_LOG_SERVFAIL VAR_DENY_ANY 178%token VAR_UNKNOWN_SERVER_TIME_LIMIT VAR_LOG_TAG_QUERYREPLY 179%token VAR_STREAM_WAIT_SIZE VAR_TLS_CIPHERS VAR_TLS_CIPHERSUITES VAR_TLS_USE_SNI 180%token VAR_IPSET VAR_IPSET_NAME_V4 VAR_IPSET_NAME_V6 181%token VAR_TLS_SESSION_TICKET_KEYS VAR_RPZ VAR_TAGS VAR_RPZ_ACTION_OVERRIDE 182%token VAR_RPZ_CNAME_OVERRIDE VAR_RPZ_LOG VAR_RPZ_LOG_NAME 183%token VAR_DYNLIB VAR_DYNLIB_FILE VAR_EDNS_CLIENT_STRING 184%token VAR_EDNS_CLIENT_STRING_OPCODE VAR_NSID 185 186%% 187toplevelvars: /* empty */ | toplevelvars toplevelvar ; 188toplevelvar: serverstart contents_server | stubstart contents_stub | 189 forwardstart contents_forward | pythonstart contents_py | 190 rcstart contents_rc | dtstart contents_dt | viewstart contents_view | 191 dnscstart contents_dnsc | cachedbstart contents_cachedb | 192 ipsetstart contents_ipset | authstart contents_auth | 193 rpzstart contents_rpz | dynlibstart contents_dl | 194 force_toplevel 195 ; 196force_toplevel: VAR_FORCE_TOPLEVEL 197 { 198 OUTYY(("\nP(force-toplevel)\n")); 199 } 200 ; 201/* server: declaration */ 202serverstart: VAR_SERVER 203 { 204 OUTYY(("\nP(server:)\n")); 205 } 206 ; 207contents_server: contents_server content_server 208 | ; 209content_server: server_num_threads | server_verbosity | server_port | 210 server_outgoing_range | server_do_ip4 | 211 server_do_ip6 | server_prefer_ip4 | server_prefer_ip6 | 212 server_do_udp | server_do_tcp | 213 server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout | 214 server_tcp_keepalive | server_tcp_keepalive_timeout | 215 server_interface | server_chroot | server_username | 216 server_directory | server_logfile | server_pidfile | 217 server_msg_cache_size | server_msg_cache_slabs | 218 server_num_queries_per_thread | server_rrset_cache_size | 219 server_rrset_cache_slabs | server_outgoing_num_tcp | 220 server_infra_host_ttl | server_infra_lame_ttl | 221 server_infra_cache_slabs | server_infra_cache_numhosts | 222 server_infra_cache_lame_size | server_target_fetch_policy | 223 server_harden_short_bufsize | server_harden_large_queries | 224 server_do_not_query_address | server_hide_identity | 225 server_hide_version | server_identity | server_version | 226 server_harden_glue | server_module_conf | server_trust_anchor_file | 227 server_trust_anchor | server_val_override_date | server_bogus_ttl | 228 server_val_clean_additional | server_val_permissive_mode | 229 server_incoming_num_tcp | server_msg_buffer_size | 230 server_key_cache_size | server_key_cache_slabs | 231 server_trusted_keys_file | server_val_nsec3_keysize_iterations | 232 server_use_syslog | server_outgoing_interface | server_root_hints | 233 server_do_not_query_localhost | server_cache_max_ttl | 234 server_harden_dnssec_stripped | server_access_control | 235 server_local_zone | server_local_data | server_interface_automatic | 236 server_statistics_interval | server_do_daemonize | 237 server_use_caps_for_id | server_statistics_cumulative | 238 server_outgoing_port_permit | server_outgoing_port_avoid | 239 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size | 240 server_harden_referral_path | server_private_address | 241 server_private_domain | server_extended_statistics | 242 server_local_data_ptr | server_jostle_timeout | 243 server_unwanted_reply_threshold | server_log_time_ascii | 244 server_domain_insecure | server_val_sig_skew_min | 245 server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level | 246 server_auto_trust_anchor_file | server_add_holddown | 247 server_del_holddown | server_keep_missing | server_so_rcvbuf | 248 server_edns_buffer_size | server_prefetch | server_prefetch_key | 249 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag | 250 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream | 251 server_log_local_actions | 252 server_ssl_service_key | server_ssl_service_pem | server_ssl_port | 253 server_https_port | server_http_endpoint | server_http_max_streams | 254 server_http_query_buffer_size | server_http_response_buffer_size | 255 server_http_nodelay | server_http_notls_downstream | 256 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size | 257 server_so_reuseport | server_delay_close | server_udp_connect | 258 server_unblock_lan_zones | server_insecure_lan_zones | 259 server_dns64_prefix | server_dns64_synthall | server_dns64_ignore_aaaa | 260 server_infra_cache_min_rtt | server_harden_algo_downgrade | 261 server_ip_transparent | server_ip_ratelimit | server_ratelimit | 262 server_ip_dscp | server_infra_keep_probing | 263 server_ip_ratelimit_slabs | server_ratelimit_slabs | 264 server_ip_ratelimit_size | server_ratelimit_size | 265 server_ratelimit_for_domain | 266 server_ratelimit_below_domain | server_ratelimit_factor | 267 server_ip_ratelimit_factor | server_send_client_subnet | 268 server_client_subnet_zone | server_client_subnet_always_forward | 269 server_client_subnet_opcode | 270 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 | 271 server_min_client_subnet_ipv4 | server_min_client_subnet_ipv6 | 272 server_max_ecs_tree_size_ipv4 | server_max_ecs_tree_size_ipv6 | 273 server_caps_whitelist | server_cache_max_negative_ttl | 274 server_permit_small_holddown | server_qname_minimisation | 275 server_ip_freebind | server_define_tag | server_local_zone_tag | 276 server_disable_dnssec_lame_check | server_access_control_tag | 277 server_local_zone_override | server_access_control_tag_action | 278 server_access_control_tag_data | server_access_control_view | 279 server_qname_minimisation_strict | 280 server_pad_responses | server_pad_responses_block_size | 281 server_pad_queries | server_pad_queries_block_size | 282 server_serve_expired | 283 server_serve_expired_ttl | server_serve_expired_ttl_reset | 284 server_serve_expired_reply_ttl | server_serve_expired_client_timeout | 285 server_serve_original_ttl | server_fake_dsa | 286 server_log_identity | server_use_systemd | 287 server_response_ip_tag | server_response_ip | server_response_ip_data | 288 server_shm_enable | server_shm_key | server_fake_sha1 | 289 server_hide_trustanchor | server_trust_anchor_signaling | 290 server_root_key_sentinel | 291 server_ipsecmod_enabled | server_ipsecmod_hook | 292 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl | 293 server_ipsecmod_whitelist | server_ipsecmod_strict | 294 server_udp_upstream_without_downstream | server_aggressive_nsec | 295 server_tls_cert_bundle | server_tls_additional_port | server_low_rtt | 296 server_fast_server_permil | server_fast_server_num | server_tls_win_cert | 297 server_tcp_connection_limit | server_log_servfail | server_deny_any | 298 server_unknown_server_time_limit | server_log_tag_queryreply | 299 server_stream_wait_size | server_tls_ciphers | 300 server_tls_ciphersuites | server_tls_session_ticket_keys | 301 server_tls_use_sni | server_edns_client_string | 302 server_edns_client_string_opcode | server_nsid 303 ; 304stubstart: VAR_STUB_ZONE 305 { 306 struct config_stub* s; 307 OUTYY(("\nP(stub_zone:)\n")); 308 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 309 if(s) { 310 s->next = cfg_parser->cfg->stubs; 311 cfg_parser->cfg->stubs = s; 312 } else 313 yyerror("out of memory"); 314 } 315 ; 316contents_stub: contents_stub content_stub 317 | ; 318content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first | 319 stub_no_cache | stub_ssl_upstream 320 ; 321forwardstart: VAR_FORWARD_ZONE 322 { 323 struct config_stub* s; 324 OUTYY(("\nP(forward_zone:)\n")); 325 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 326 if(s) { 327 s->next = cfg_parser->cfg->forwards; 328 cfg_parser->cfg->forwards = s; 329 } else 330 yyerror("out of memory"); 331 } 332 ; 333contents_forward: contents_forward content_forward 334 | ; 335content_forward: forward_name | forward_host | forward_addr | forward_first | 336 forward_no_cache | forward_ssl_upstream 337 ; 338viewstart: VAR_VIEW 339 { 340 struct config_view* s; 341 OUTYY(("\nP(view:)\n")); 342 s = (struct config_view*)calloc(1, sizeof(struct config_view)); 343 if(s) { 344 s->next = cfg_parser->cfg->views; 345 if(s->next && !s->next->name) 346 yyerror("view without name"); 347 cfg_parser->cfg->views = s; 348 } else 349 yyerror("out of memory"); 350 } 351 ; 352contents_view: contents_view content_view 353 | ; 354content_view: view_name | view_local_zone | view_local_data | view_first | 355 view_response_ip | view_response_ip_data | view_local_data_ptr 356 ; 357authstart: VAR_AUTH_ZONE 358 { 359 struct config_auth* s; 360 OUTYY(("\nP(auth_zone:)\n")); 361 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 362 if(s) { 363 s->next = cfg_parser->cfg->auths; 364 cfg_parser->cfg->auths = s; 365 /* defaults for auth zone */ 366 s->for_downstream = 1; 367 s->for_upstream = 1; 368 s->fallback_enabled = 0; 369 s->isrpz = 0; 370 } else 371 yyerror("out of memory"); 372 } 373 ; 374contents_auth: contents_auth content_auth 375 | ; 376content_auth: auth_name | auth_zonefile | auth_master | auth_url | 377 auth_for_downstream | auth_for_upstream | auth_fallback_enabled | 378 auth_allow_notify 379 ; 380 381rpz_tag: VAR_TAGS STRING_ARG 382 { 383 uint8_t* bitlist; 384 size_t len = 0; 385 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 386 bitlist = config_parse_taglist(cfg_parser->cfg, $2, 387 &len); 388 free($2); 389 if(!bitlist) { 390 yyerror("could not parse tags, (define-tag them first)"); 391 } 392 if(bitlist) { 393 cfg_parser->cfg->auths->rpz_taglist = bitlist; 394 cfg_parser->cfg->auths->rpz_taglistlen = len; 395 396 } 397 } 398 ; 399 400rpz_action_override: VAR_RPZ_ACTION_OVERRIDE STRING_ARG 401 { 402 OUTYY(("P(rpz_action_override:%s)\n", $2)); 403 if(strcmp($2, "nxdomain")!=0 && strcmp($2, "nodata")!=0 && 404 strcmp($2, "passthru")!=0 && strcmp($2, "drop")!=0 && 405 strcmp($2, "cname")!=0 && strcmp($2, "disabled")!=0) { 406 yyerror("rpz-action-override action: expected nxdomain, " 407 "nodata, passthru, drop, cname or disabled"); 408 free($2); 409 cfg_parser->cfg->auths->rpz_action_override = NULL; 410 } 411 else { 412 cfg_parser->cfg->auths->rpz_action_override = $2; 413 } 414 } 415 ; 416 417rpz_cname_override: VAR_RPZ_CNAME_OVERRIDE STRING_ARG 418 { 419 OUTYY(("P(rpz_cname_override:%s)\n", $2)); 420 free(cfg_parser->cfg->auths->rpz_cname); 421 cfg_parser->cfg->auths->rpz_cname = $2; 422 } 423 ; 424 425rpz_log: VAR_RPZ_LOG STRING_ARG 426 { 427 OUTYY(("P(rpz_log:%s)\n", $2)); 428 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 429 yyerror("expected yes or no."); 430 else cfg_parser->cfg->auths->rpz_log = (strcmp($2, "yes")==0); 431 free($2); 432 } 433 ; 434 435rpz_log_name: VAR_RPZ_LOG_NAME STRING_ARG 436 { 437 OUTYY(("P(rpz_log_name:%s)\n", $2)); 438 free(cfg_parser->cfg->auths->rpz_log_name); 439 cfg_parser->cfg->auths->rpz_log_name = $2; 440 } 441 ; 442 443rpzstart: VAR_RPZ 444 { 445 struct config_auth* s; 446 OUTYY(("\nP(rpz:)\n")); 447 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 448 if(s) { 449 s->next = cfg_parser->cfg->auths; 450 cfg_parser->cfg->auths = s; 451 /* defaults for RPZ auth zone */ 452 s->for_downstream = 0; 453 s->for_upstream = 0; 454 s->fallback_enabled = 0; 455 s->isrpz = 1; 456 } else 457 yyerror("out of memory"); 458 } 459 ; 460contents_rpz: contents_rpz content_rpz 461 | ; 462content_rpz: auth_name | auth_zonefile | rpz_tag | auth_master | auth_url | 463 auth_allow_notify | rpz_action_override | rpz_cname_override | 464 rpz_log | rpz_log_name 465 ; 466server_num_threads: VAR_NUM_THREADS STRING_ARG 467 { 468 OUTYY(("P(server_num_threads:%s)\n", $2)); 469 if(atoi($2) == 0 && strcmp($2, "0") != 0) 470 yyerror("number expected"); 471 else cfg_parser->cfg->num_threads = atoi($2); 472 free($2); 473 } 474 ; 475server_verbosity: VAR_VERBOSITY STRING_ARG 476 { 477 OUTYY(("P(server_verbosity:%s)\n", $2)); 478 if(atoi($2) == 0 && strcmp($2, "0") != 0) 479 yyerror("number expected"); 480 else cfg_parser->cfg->verbosity = atoi($2); 481 free($2); 482 } 483 ; 484server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG 485 { 486 OUTYY(("P(server_statistics_interval:%s)\n", $2)); 487 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 488 cfg_parser->cfg->stat_interval = 0; 489 else if(atoi($2) == 0) 490 yyerror("number expected"); 491 else cfg_parser->cfg->stat_interval = atoi($2); 492 free($2); 493 } 494 ; 495server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG 496 { 497 OUTYY(("P(server_statistics_cumulative:%s)\n", $2)); 498 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 499 yyerror("expected yes or no."); 500 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0); 501 free($2); 502 } 503 ; 504server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG 505 { 506 OUTYY(("P(server_extended_statistics:%s)\n", $2)); 507 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 508 yyerror("expected yes or no."); 509 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0); 510 free($2); 511 } 512 ; 513server_shm_enable: VAR_SHM_ENABLE STRING_ARG 514 { 515 OUTYY(("P(server_shm_enable:%s)\n", $2)); 516 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 517 yyerror("expected yes or no."); 518 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0); 519 free($2); 520 } 521 ; 522server_shm_key: VAR_SHM_KEY STRING_ARG 523 { 524 OUTYY(("P(server_shm_key:%s)\n", $2)); 525 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 526 cfg_parser->cfg->shm_key = 0; 527 else if(atoi($2) == 0) 528 yyerror("number expected"); 529 else cfg_parser->cfg->shm_key = atoi($2); 530 free($2); 531 } 532 ; 533server_port: VAR_PORT STRING_ARG 534 { 535 OUTYY(("P(server_port:%s)\n", $2)); 536 if(atoi($2) == 0) 537 yyerror("port number expected"); 538 else cfg_parser->cfg->port = atoi($2); 539 free($2); 540 } 541 ; 542server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG 543 { 544 #ifdef CLIENT_SUBNET 545 OUTYY(("P(server_send_client_subnet:%s)\n", $2)); 546 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2)) 547 fatal_exit("out of memory adding client-subnet"); 548 #else 549 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 550 free($2); 551 #endif 552 } 553 ; 554server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG 555 { 556 #ifdef CLIENT_SUBNET 557 OUTYY(("P(server_client_subnet_zone:%s)\n", $2)); 558 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone, 559 $2)) 560 fatal_exit("out of memory adding client-subnet-zone"); 561 #else 562 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 563 free($2); 564 #endif 565 } 566 ; 567server_client_subnet_always_forward: 568 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG 569 { 570 #ifdef CLIENT_SUBNET 571 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2)); 572 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 573 yyerror("expected yes or no."); 574 else 575 cfg_parser->cfg->client_subnet_always_forward = 576 (strcmp($2, "yes")==0); 577 #else 578 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 579 #endif 580 free($2); 581 } 582 ; 583server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG 584 { 585 #ifdef CLIENT_SUBNET 586 OUTYY(("P(client_subnet_opcode:%s)\n", $2)); 587 OUTYY(("P(Deprecated option, ignoring)\n")); 588 #else 589 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 590 #endif 591 free($2); 592 } 593 ; 594server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG 595 { 596 #ifdef CLIENT_SUBNET 597 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2)); 598 if(atoi($2) == 0 && strcmp($2, "0") != 0) 599 yyerror("IPv4 subnet length expected"); 600 else if (atoi($2) > 32) 601 cfg_parser->cfg->max_client_subnet_ipv4 = 32; 602 else if (atoi($2) < 0) 603 cfg_parser->cfg->max_client_subnet_ipv4 = 0; 604 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2); 605 #else 606 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 607 #endif 608 free($2); 609 } 610 ; 611server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG 612 { 613 #ifdef CLIENT_SUBNET 614 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2)); 615 if(atoi($2) == 0 && strcmp($2, "0") != 0) 616 yyerror("Ipv6 subnet length expected"); 617 else if (atoi($2) > 128) 618 cfg_parser->cfg->max_client_subnet_ipv6 = 128; 619 else if (atoi($2) < 0) 620 cfg_parser->cfg->max_client_subnet_ipv6 = 0; 621 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2); 622 #else 623 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 624 #endif 625 free($2); 626 } 627 ; 628server_min_client_subnet_ipv4: VAR_MIN_CLIENT_SUBNET_IPV4 STRING_ARG 629 { 630 #ifdef CLIENT_SUBNET 631 OUTYY(("P(min_client_subnet_ipv4:%s)\n", $2)); 632 if(atoi($2) == 0 && strcmp($2, "0") != 0) 633 yyerror("IPv4 subnet length expected"); 634 else if (atoi($2) > 32) 635 cfg_parser->cfg->min_client_subnet_ipv4 = 32; 636 else if (atoi($2) < 0) 637 cfg_parser->cfg->min_client_subnet_ipv4 = 0; 638 else cfg_parser->cfg->min_client_subnet_ipv4 = (uint8_t)atoi($2); 639 #else 640 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 641 #endif 642 free($2); 643 } 644 ; 645server_min_client_subnet_ipv6: VAR_MIN_CLIENT_SUBNET_IPV6 STRING_ARG 646 { 647 #ifdef CLIENT_SUBNET 648 OUTYY(("P(min_client_subnet_ipv6:%s)\n", $2)); 649 if(atoi($2) == 0 && strcmp($2, "0") != 0) 650 yyerror("Ipv6 subnet length expected"); 651 else if (atoi($2) > 128) 652 cfg_parser->cfg->min_client_subnet_ipv6 = 128; 653 else if (atoi($2) < 0) 654 cfg_parser->cfg->min_client_subnet_ipv6 = 0; 655 else cfg_parser->cfg->min_client_subnet_ipv6 = (uint8_t)atoi($2); 656 #else 657 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 658 #endif 659 free($2); 660 } 661 ; 662server_max_ecs_tree_size_ipv4: VAR_MAX_ECS_TREE_SIZE_IPV4 STRING_ARG 663 { 664 #ifdef CLIENT_SUBNET 665 OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", $2)); 666 if(atoi($2) == 0 && strcmp($2, "0") != 0) 667 yyerror("IPv4 ECS tree size expected"); 668 else if (atoi($2) < 0) 669 cfg_parser->cfg->max_ecs_tree_size_ipv4 = 0; 670 else cfg_parser->cfg->max_ecs_tree_size_ipv4 = (uint32_t)atoi($2); 671 #else 672 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 673 #endif 674 free($2); 675 } 676 ; 677server_max_ecs_tree_size_ipv6: VAR_MAX_ECS_TREE_SIZE_IPV6 STRING_ARG 678 { 679 #ifdef CLIENT_SUBNET 680 OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", $2)); 681 if(atoi($2) == 0 && strcmp($2, "0") != 0) 682 yyerror("IPv6 ECS tree size expected"); 683 else if (atoi($2) < 0) 684 cfg_parser->cfg->max_ecs_tree_size_ipv6 = 0; 685 else cfg_parser->cfg->max_ecs_tree_size_ipv6 = (uint32_t)atoi($2); 686 #else 687 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 688 #endif 689 free($2); 690 } 691 ; 692server_interface: VAR_INTERFACE STRING_ARG 693 { 694 OUTYY(("P(server_interface:%s)\n", $2)); 695 if(cfg_parser->cfg->num_ifs == 0) 696 cfg_parser->cfg->ifs = calloc(1, sizeof(char*)); 697 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs, 698 (cfg_parser->cfg->num_ifs+1)*sizeof(char*)); 699 if(!cfg_parser->cfg->ifs) 700 yyerror("out of memory"); 701 else 702 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2; 703 } 704 ; 705server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG 706 { 707 OUTYY(("P(server_outgoing_interface:%s)\n", $2)); 708 if(cfg_parser->cfg->num_out_ifs == 0) 709 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*)); 710 else cfg_parser->cfg->out_ifs = realloc( 711 cfg_parser->cfg->out_ifs, 712 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*)); 713 if(!cfg_parser->cfg->out_ifs) 714 yyerror("out of memory"); 715 else 716 cfg_parser->cfg->out_ifs[ 717 cfg_parser->cfg->num_out_ifs++] = $2; 718 } 719 ; 720server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG 721 { 722 OUTYY(("P(server_outgoing_range:%s)\n", $2)); 723 if(atoi($2) == 0) 724 yyerror("number expected"); 725 else cfg_parser->cfg->outgoing_num_ports = atoi($2); 726 free($2); 727 } 728 ; 729server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG 730 { 731 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2)); 732 if(!cfg_mark_ports($2, 1, 733 cfg_parser->cfg->outgoing_avail_ports, 65536)) 734 yyerror("port number or range (\"low-high\") expected"); 735 free($2); 736 } 737 ; 738server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG 739 { 740 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2)); 741 if(!cfg_mark_ports($2, 0, 742 cfg_parser->cfg->outgoing_avail_ports, 65536)) 743 yyerror("port number or range (\"low-high\") expected"); 744 free($2); 745 } 746 ; 747server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG 748 { 749 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2)); 750 if(atoi($2) == 0 && strcmp($2, "0") != 0) 751 yyerror("number expected"); 752 else cfg_parser->cfg->outgoing_num_tcp = atoi($2); 753 free($2); 754 } 755 ; 756server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG 757 { 758 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2)); 759 if(atoi($2) == 0 && strcmp($2, "0") != 0) 760 yyerror("number expected"); 761 else cfg_parser->cfg->incoming_num_tcp = atoi($2); 762 free($2); 763 } 764 ; 765server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG 766 { 767 OUTYY(("P(server_interface_automatic:%s)\n", $2)); 768 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 769 yyerror("expected yes or no."); 770 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0); 771 free($2); 772 } 773 ; 774server_do_ip4: VAR_DO_IP4 STRING_ARG 775 { 776 OUTYY(("P(server_do_ip4:%s)\n", $2)); 777 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 778 yyerror("expected yes or no."); 779 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0); 780 free($2); 781 } 782 ; 783server_do_ip6: VAR_DO_IP6 STRING_ARG 784 { 785 OUTYY(("P(server_do_ip6:%s)\n", $2)); 786 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 787 yyerror("expected yes or no."); 788 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0); 789 free($2); 790 } 791 ; 792server_do_udp: VAR_DO_UDP STRING_ARG 793 { 794 OUTYY(("P(server_do_udp:%s)\n", $2)); 795 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 796 yyerror("expected yes or no."); 797 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0); 798 free($2); 799 } 800 ; 801server_do_tcp: VAR_DO_TCP STRING_ARG 802 { 803 OUTYY(("P(server_do_tcp:%s)\n", $2)); 804 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 805 yyerror("expected yes or no."); 806 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0); 807 free($2); 808 } 809 ; 810server_prefer_ip4: VAR_PREFER_IP4 STRING_ARG 811 { 812 OUTYY(("P(server_prefer_ip4:%s)\n", $2)); 813 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 814 yyerror("expected yes or no."); 815 else cfg_parser->cfg->prefer_ip4 = (strcmp($2, "yes")==0); 816 free($2); 817 } 818 ; 819server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG 820 { 821 OUTYY(("P(server_prefer_ip6:%s)\n", $2)); 822 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 823 yyerror("expected yes or no."); 824 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0); 825 free($2); 826 } 827 ; 828server_tcp_mss: VAR_TCP_MSS STRING_ARG 829 { 830 OUTYY(("P(server_tcp_mss:%s)\n", $2)); 831 if(atoi($2) == 0 && strcmp($2, "0") != 0) 832 yyerror("number expected"); 833 else cfg_parser->cfg->tcp_mss = atoi($2); 834 free($2); 835 } 836 ; 837server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG 838 { 839 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2)); 840 if(atoi($2) == 0 && strcmp($2, "0") != 0) 841 yyerror("number expected"); 842 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2); 843 free($2); 844 } 845 ; 846server_tcp_idle_timeout: VAR_TCP_IDLE_TIMEOUT STRING_ARG 847 { 848 OUTYY(("P(server_tcp_idle_timeout:%s)\n", $2)); 849 if(atoi($2) == 0 && strcmp($2, "0") != 0) 850 yyerror("number expected"); 851 else if (atoi($2) > 120000) 852 cfg_parser->cfg->tcp_idle_timeout = 120000; 853 else if (atoi($2) < 1) 854 cfg_parser->cfg->tcp_idle_timeout = 1; 855 else cfg_parser->cfg->tcp_idle_timeout = atoi($2); 856 free($2); 857 } 858 ; 859server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG 860 { 861 OUTYY(("P(server_tcp_keepalive:%s)\n", $2)); 862 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 863 yyerror("expected yes or no."); 864 else cfg_parser->cfg->do_tcp_keepalive = (strcmp($2, "yes")==0); 865 free($2); 866 } 867 ; 868server_tcp_keepalive_timeout: VAR_EDNS_TCP_KEEPALIVE_TIMEOUT STRING_ARG 869 { 870 OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", $2)); 871 if(atoi($2) == 0 && strcmp($2, "0") != 0) 872 yyerror("number expected"); 873 else if (atoi($2) > 6553500) 874 cfg_parser->cfg->tcp_keepalive_timeout = 6553500; 875 else if (atoi($2) < 1) 876 cfg_parser->cfg->tcp_keepalive_timeout = 0; 877 else cfg_parser->cfg->tcp_keepalive_timeout = atoi($2); 878 free($2); 879 } 880 ; 881server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG 882 { 883 OUTYY(("P(server_tcp_upstream:%s)\n", $2)); 884 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 885 yyerror("expected yes or no."); 886 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0); 887 free($2); 888 } 889 ; 890server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG 891 { 892 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2)); 893 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 894 yyerror("expected yes or no."); 895 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0); 896 free($2); 897 } 898 ; 899server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG 900 { 901 OUTYY(("P(server_ssl_upstream:%s)\n", $2)); 902 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 903 yyerror("expected yes or no."); 904 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0); 905 free($2); 906 } 907 ; 908server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG 909 { 910 OUTYY(("P(server_ssl_service_key:%s)\n", $2)); 911 free(cfg_parser->cfg->ssl_service_key); 912 cfg_parser->cfg->ssl_service_key = $2; 913 } 914 ; 915server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG 916 { 917 OUTYY(("P(server_ssl_service_pem:%s)\n", $2)); 918 free(cfg_parser->cfg->ssl_service_pem); 919 cfg_parser->cfg->ssl_service_pem = $2; 920 } 921 ; 922server_ssl_port: VAR_SSL_PORT STRING_ARG 923 { 924 OUTYY(("P(server_ssl_port:%s)\n", $2)); 925 if(atoi($2) == 0) 926 yyerror("port number expected"); 927 else cfg_parser->cfg->ssl_port = atoi($2); 928 free($2); 929 } 930 ; 931server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG 932 { 933 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2)); 934 free(cfg_parser->cfg->tls_cert_bundle); 935 cfg_parser->cfg->tls_cert_bundle = $2; 936 } 937 ; 938server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG 939 { 940 OUTYY(("P(server_tls_win_cert:%s)\n", $2)); 941 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 942 yyerror("expected yes or no."); 943 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0); 944 free($2); 945 } 946 ; 947server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG 948 { 949 OUTYY(("P(server_tls_additional_port:%s)\n", $2)); 950 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port, 951 $2)) 952 yyerror("out of memory"); 953 } 954 ; 955server_tls_ciphers: VAR_TLS_CIPHERS STRING_ARG 956 { 957 OUTYY(("P(server_tls_ciphers:%s)\n", $2)); 958 free(cfg_parser->cfg->tls_ciphers); 959 cfg_parser->cfg->tls_ciphers = $2; 960 } 961 ; 962server_tls_ciphersuites: VAR_TLS_CIPHERSUITES STRING_ARG 963 { 964 OUTYY(("P(server_tls_ciphersuites:%s)\n", $2)); 965 free(cfg_parser->cfg->tls_ciphersuites); 966 cfg_parser->cfg->tls_ciphersuites = $2; 967 } 968 ; 969server_tls_session_ticket_keys: VAR_TLS_SESSION_TICKET_KEYS STRING_ARG 970 { 971 OUTYY(("P(server_tls_session_ticket_keys:%s)\n", $2)); 972 if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys, 973 $2)) 974 yyerror("out of memory"); 975 } 976 ; 977server_tls_use_sni: VAR_TLS_USE_SNI STRING_ARG 978 { 979 OUTYY(("P(server_tls_use_sni:%s)\n", $2)); 980 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 981 yyerror("expected yes or no."); 982 else cfg_parser->cfg->tls_use_sni = (strcmp($2, "yes")==0); 983 free($2); 984 } 985 ; 986server_https_port: VAR_HTTPS_PORT STRING_ARG 987 { 988 OUTYY(("P(server_https_port:%s)\n", $2)); 989 if(atoi($2) == 0) 990 yyerror("port number expected"); 991 else cfg_parser->cfg->https_port = atoi($2); 992 free($2); 993 }; 994server_http_endpoint: VAR_HTTP_ENDPOINT STRING_ARG 995 { 996 OUTYY(("P(server_http_endpoint:%s)\n", $2)); 997 free(cfg_parser->cfg->http_endpoint); 998 if($2 && $2[0] != '/') { 999 cfg_parser->cfg->http_endpoint = malloc(strlen($2)+2); 1000 if(!cfg_parser->cfg->http_endpoint) 1001 yyerror("out of memory"); 1002 cfg_parser->cfg->http_endpoint[0] = '/'; 1003 memmove(cfg_parser->cfg->http_endpoint+1, $2, 1004 strlen($2)+1); 1005 free($2); 1006 } else { 1007 cfg_parser->cfg->http_endpoint = $2; 1008 } 1009 }; 1010server_http_max_streams: VAR_HTTP_MAX_STREAMS STRING_ARG 1011 { 1012 OUTYY(("P(server_http_max_streams:%s)\n", $2)); 1013 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1014 yyerror("number expected"); 1015 else cfg_parser->cfg->http_max_streams = atoi($2); 1016 free($2); 1017 }; 1018server_http_query_buffer_size: VAR_HTTP_QUERY_BUFFER_SIZE STRING_ARG 1019 { 1020 OUTYY(("P(server_http_query_buffer_size:%s)\n", $2)); 1021 if(!cfg_parse_memsize($2, 1022 &cfg_parser->cfg->http_query_buffer_size)) 1023 yyerror("memory size expected"); 1024 free($2); 1025 }; 1026server_http_response_buffer_size: VAR_HTTP_RESPONSE_BUFFER_SIZE STRING_ARG 1027 { 1028 OUTYY(("P(server_http_response_buffer_size:%s)\n", $2)); 1029 if(!cfg_parse_memsize($2, 1030 &cfg_parser->cfg->http_response_buffer_size)) 1031 yyerror("memory size expected"); 1032 free($2); 1033 }; 1034server_http_nodelay: VAR_HTTP_NODELAY STRING_ARG 1035 { 1036 OUTYY(("P(server_http_nodelay:%s)\n", $2)); 1037 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1038 yyerror("expected yes or no."); 1039 else cfg_parser->cfg->http_nodelay = (strcmp($2, "yes")==0); 1040 free($2); 1041 } 1042server_http_notls_downstream: VAR_HTTP_NOTLS_DOWNSTREAM STRING_ARG 1043 { 1044 OUTYY(("P(server_http_notls_downstream:%s)\n", $2)); 1045 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1046 yyerror("expected yes or no."); 1047 else cfg_parser->cfg->http_notls_downstream = (strcmp($2, "yes")==0); 1048 free($2); 1049 }; 1050server_use_systemd: VAR_USE_SYSTEMD STRING_ARG 1051 { 1052 OUTYY(("P(server_use_systemd:%s)\n", $2)); 1053 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1054 yyerror("expected yes or no."); 1055 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0); 1056 free($2); 1057 } 1058 ; 1059server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG 1060 { 1061 OUTYY(("P(server_do_daemonize:%s)\n", $2)); 1062 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1063 yyerror("expected yes or no."); 1064 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0); 1065 free($2); 1066 } 1067 ; 1068server_use_syslog: VAR_USE_SYSLOG STRING_ARG 1069 { 1070 OUTYY(("P(server_use_syslog:%s)\n", $2)); 1071 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1072 yyerror("expected yes or no."); 1073 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0); 1074#if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS) 1075 if(strcmp($2, "yes") == 0) 1076 yyerror("no syslog services are available. " 1077 "(reconfigure and compile to add)"); 1078#endif 1079 free($2); 1080 } 1081 ; 1082server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG 1083 { 1084 OUTYY(("P(server_log_time_ascii:%s)\n", $2)); 1085 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1086 yyerror("expected yes or no."); 1087 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0); 1088 free($2); 1089 } 1090 ; 1091server_log_queries: VAR_LOG_QUERIES STRING_ARG 1092 { 1093 OUTYY(("P(server_log_queries:%s)\n", $2)); 1094 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1095 yyerror("expected yes or no."); 1096 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0); 1097 free($2); 1098 } 1099 ; 1100server_log_replies: VAR_LOG_REPLIES STRING_ARG 1101 { 1102 OUTYY(("P(server_log_replies:%s)\n", $2)); 1103 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1104 yyerror("expected yes or no."); 1105 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0); 1106 free($2); 1107 } 1108 ; 1109server_log_tag_queryreply: VAR_LOG_TAG_QUERYREPLY STRING_ARG 1110 { 1111 OUTYY(("P(server_log_tag_queryreply:%s)\n", $2)); 1112 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1113 yyerror("expected yes or no."); 1114 else cfg_parser->cfg->log_tag_queryreply = (strcmp($2, "yes")==0); 1115 free($2); 1116 } 1117 ; 1118server_log_servfail: VAR_LOG_SERVFAIL STRING_ARG 1119 { 1120 OUTYY(("P(server_log_servfail:%s)\n", $2)); 1121 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1122 yyerror("expected yes or no."); 1123 else cfg_parser->cfg->log_servfail = (strcmp($2, "yes")==0); 1124 free($2); 1125 } 1126 ; 1127server_log_local_actions: VAR_LOG_LOCAL_ACTIONS STRING_ARG 1128 { 1129 OUTYY(("P(server_log_local_actions:%s)\n", $2)); 1130 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1131 yyerror("expected yes or no."); 1132 else cfg_parser->cfg->log_local_actions = (strcmp($2, "yes")==0); 1133 free($2); 1134 } 1135 ; 1136server_chroot: VAR_CHROOT STRING_ARG 1137 { 1138 OUTYY(("P(server_chroot:%s)\n", $2)); 1139 free(cfg_parser->cfg->chrootdir); 1140 cfg_parser->cfg->chrootdir = $2; 1141 } 1142 ; 1143server_username: VAR_USERNAME STRING_ARG 1144 { 1145 OUTYY(("P(server_username:%s)\n", $2)); 1146 free(cfg_parser->cfg->username); 1147 cfg_parser->cfg->username = $2; 1148 } 1149 ; 1150server_directory: VAR_DIRECTORY STRING_ARG 1151 { 1152 OUTYY(("P(server_directory:%s)\n", $2)); 1153 free(cfg_parser->cfg->directory); 1154 cfg_parser->cfg->directory = $2; 1155 /* change there right away for includes relative to this */ 1156 if($2[0]) { 1157 char* d; 1158#ifdef UB_ON_WINDOWS 1159 w_config_adjust_directory(cfg_parser->cfg); 1160#endif 1161 d = cfg_parser->cfg->directory; 1162 /* adjust directory if we have already chroot, 1163 * like, we reread after sighup */ 1164 if(cfg_parser->chroot && cfg_parser->chroot[0] && 1165 strncmp(d, cfg_parser->chroot, strlen( 1166 cfg_parser->chroot)) == 0) 1167 d += strlen(cfg_parser->chroot); 1168 if(d[0]) { 1169 if(chdir(d)) 1170 log_err("cannot chdir to directory: %s (%s)", 1171 d, strerror(errno)); 1172 } 1173 } 1174 } 1175 ; 1176server_logfile: VAR_LOGFILE STRING_ARG 1177 { 1178 OUTYY(("P(server_logfile:%s)\n", $2)); 1179 free(cfg_parser->cfg->logfile); 1180 cfg_parser->cfg->logfile = $2; 1181 cfg_parser->cfg->use_syslog = 0; 1182 } 1183 ; 1184server_pidfile: VAR_PIDFILE STRING_ARG 1185 { 1186 OUTYY(("P(server_pidfile:%s)\n", $2)); 1187 free(cfg_parser->cfg->pidfile); 1188 cfg_parser->cfg->pidfile = $2; 1189 } 1190 ; 1191server_root_hints: VAR_ROOT_HINTS STRING_ARG 1192 { 1193 OUTYY(("P(server_root_hints:%s)\n", $2)); 1194 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2)) 1195 yyerror("out of memory"); 1196 } 1197 ; 1198server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG 1199 { 1200 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2)); 1201 log_warn("option dlv-anchor-file ignored: DLV is decommissioned"); 1202 free($2); 1203 } 1204 ; 1205server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG 1206 { 1207 OUTYY(("P(server_dlv_anchor:%s)\n", $2)); 1208 log_warn("option dlv-anchor ignored: DLV is decommissioned"); 1209 free($2); 1210 } 1211 ; 1212server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG 1213 { 1214 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2)); 1215 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1216 auto_trust_anchor_file_list, $2)) 1217 yyerror("out of memory"); 1218 } 1219 ; 1220server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG 1221 { 1222 OUTYY(("P(server_trust_anchor_file:%s)\n", $2)); 1223 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1224 trust_anchor_file_list, $2)) 1225 yyerror("out of memory"); 1226 } 1227 ; 1228server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG 1229 { 1230 OUTYY(("P(server_trusted_keys_file:%s)\n", $2)); 1231 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1232 trusted_keys_file_list, $2)) 1233 yyerror("out of memory"); 1234 } 1235 ; 1236server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG 1237 { 1238 OUTYY(("P(server_trust_anchor:%s)\n", $2)); 1239 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2)) 1240 yyerror("out of memory"); 1241 } 1242 ; 1243server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG 1244 { 1245 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2)); 1246 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1247 yyerror("expected yes or no."); 1248 else 1249 cfg_parser->cfg->trust_anchor_signaling = 1250 (strcmp($2, "yes")==0); 1251 free($2); 1252 } 1253 ; 1254server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG 1255 { 1256 OUTYY(("P(server_root_key_sentinel:%s)\n", $2)); 1257 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1258 yyerror("expected yes or no."); 1259 else 1260 cfg_parser->cfg->root_key_sentinel = 1261 (strcmp($2, "yes")==0); 1262 free($2); 1263 } 1264 ; 1265server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG 1266 { 1267 OUTYY(("P(server_domain_insecure:%s)\n", $2)); 1268 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2)) 1269 yyerror("out of memory"); 1270 } 1271 ; 1272server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG 1273 { 1274 OUTYY(("P(server_hide_identity:%s)\n", $2)); 1275 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1276 yyerror("expected yes or no."); 1277 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0); 1278 free($2); 1279 } 1280 ; 1281server_hide_version: VAR_HIDE_VERSION STRING_ARG 1282 { 1283 OUTYY(("P(server_hide_version:%s)\n", $2)); 1284 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1285 yyerror("expected yes or no."); 1286 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0); 1287 free($2); 1288 } 1289 ; 1290server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG 1291 { 1292 OUTYY(("P(server_hide_trustanchor:%s)\n", $2)); 1293 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1294 yyerror("expected yes or no."); 1295 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0); 1296 free($2); 1297 } 1298 ; 1299server_identity: VAR_IDENTITY STRING_ARG 1300 { 1301 OUTYY(("P(server_identity:%s)\n", $2)); 1302 free(cfg_parser->cfg->identity); 1303 cfg_parser->cfg->identity = $2; 1304 } 1305 ; 1306server_version: VAR_VERSION STRING_ARG 1307 { 1308 OUTYY(("P(server_version:%s)\n", $2)); 1309 free(cfg_parser->cfg->version); 1310 cfg_parser->cfg->version = $2; 1311 } 1312 ; 1313server_nsid: VAR_NSID STRING_ARG 1314 { 1315 OUTYY(("P(server_nsid:%s)\n", $2)); 1316 free(cfg_parser->cfg->nsid_cfg_str); 1317 cfg_parser->cfg->nsid_cfg_str = $2; 1318 free(cfg_parser->cfg->nsid); 1319 cfg_parser->cfg->nsid = NULL; 1320 cfg_parser->cfg->nsid_len = 0; 1321 if (*$2 == 0) 1322 ; /* pass; empty string is not setting nsid */ 1323 else if (!(cfg_parser->cfg->nsid = cfg_parse_nsid( 1324 $2, &cfg_parser->cfg->nsid_len))) 1325 yyerror("the NSID must be either a hex string or an " 1326 "ascii character string prepended with ascii_."); 1327 } 1328 ; 1329server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG 1330 { 1331 OUTYY(("P(server_so_rcvbuf:%s)\n", $2)); 1332 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf)) 1333 yyerror("buffer size expected"); 1334 free($2); 1335 } 1336 ; 1337server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG 1338 { 1339 OUTYY(("P(server_so_sndbuf:%s)\n", $2)); 1340 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf)) 1341 yyerror("buffer size expected"); 1342 free($2); 1343 } 1344 ; 1345server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG 1346 { 1347 OUTYY(("P(server_so_reuseport:%s)\n", $2)); 1348 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1349 yyerror("expected yes or no."); 1350 else cfg_parser->cfg->so_reuseport = 1351 (strcmp($2, "yes")==0); 1352 free($2); 1353 } 1354 ; 1355server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG 1356 { 1357 OUTYY(("P(server_ip_transparent:%s)\n", $2)); 1358 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1359 yyerror("expected yes or no."); 1360 else cfg_parser->cfg->ip_transparent = 1361 (strcmp($2, "yes")==0); 1362 free($2); 1363 } 1364 ; 1365server_ip_freebind: VAR_IP_FREEBIND STRING_ARG 1366 { 1367 OUTYY(("P(server_ip_freebind:%s)\n", $2)); 1368 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1369 yyerror("expected yes or no."); 1370 else cfg_parser->cfg->ip_freebind = 1371 (strcmp($2, "yes")==0); 1372 free($2); 1373 } 1374 ; 1375server_ip_dscp: VAR_IP_DSCP STRING_ARG 1376 { 1377 OUTYY(("P(server_ip_dscp:%s)\n", $2)); 1378 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1379 yyerror("number expected"); 1380 else if (atoi($2) > 63) 1381 yyerror("value too large (max 63)"); 1382 else if (atoi($2) < 0) 1383 yyerror("value too small (min 0)"); 1384 else 1385 cfg_parser->cfg->ip_dscp = atoi($2); 1386 free($2); 1387 } 1388 ; 1389server_stream_wait_size: VAR_STREAM_WAIT_SIZE STRING_ARG 1390 { 1391 OUTYY(("P(server_stream_wait_size:%s)\n", $2)); 1392 if(!cfg_parse_memsize($2, &cfg_parser->cfg->stream_wait_size)) 1393 yyerror("memory size expected"); 1394 free($2); 1395 } 1396 ; 1397server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG 1398 { 1399 OUTYY(("P(server_edns_buffer_size:%s)\n", $2)); 1400 if(atoi($2) == 0) 1401 yyerror("number expected"); 1402 else if (atoi($2) < 12) 1403 yyerror("edns buffer size too small"); 1404 else if (atoi($2) > 65535) 1405 cfg_parser->cfg->edns_buffer_size = 65535; 1406 else cfg_parser->cfg->edns_buffer_size = atoi($2); 1407 free($2); 1408 } 1409 ; 1410server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG 1411 { 1412 OUTYY(("P(server_msg_buffer_size:%s)\n", $2)); 1413 if(atoi($2) == 0) 1414 yyerror("number expected"); 1415 else if (atoi($2) < 4096) 1416 yyerror("message buffer size too small (use 4096)"); 1417 else cfg_parser->cfg->msg_buffer_size = atoi($2); 1418 free($2); 1419 } 1420 ; 1421server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG 1422 { 1423 OUTYY(("P(server_msg_cache_size:%s)\n", $2)); 1424 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size)) 1425 yyerror("memory size expected"); 1426 free($2); 1427 } 1428 ; 1429server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG 1430 { 1431 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2)); 1432 if(atoi($2) == 0) 1433 yyerror("number expected"); 1434 else { 1435 cfg_parser->cfg->msg_cache_slabs = atoi($2); 1436 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs)) 1437 yyerror("must be a power of 2"); 1438 } 1439 free($2); 1440 } 1441 ; 1442server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG 1443 { 1444 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2)); 1445 if(atoi($2) == 0) 1446 yyerror("number expected"); 1447 else cfg_parser->cfg->num_queries_per_thread = atoi($2); 1448 free($2); 1449 } 1450 ; 1451server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG 1452 { 1453 OUTYY(("P(server_jostle_timeout:%s)\n", $2)); 1454 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1455 yyerror("number expected"); 1456 else cfg_parser->cfg->jostle_time = atoi($2); 1457 free($2); 1458 } 1459 ; 1460server_delay_close: VAR_DELAY_CLOSE STRING_ARG 1461 { 1462 OUTYY(("P(server_delay_close:%s)\n", $2)); 1463 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1464 yyerror("number expected"); 1465 else cfg_parser->cfg->delay_close = atoi($2); 1466 free($2); 1467 } 1468 ; 1469server_udp_connect: VAR_UDP_CONNECT STRING_ARG 1470 { 1471 OUTYY(("P(server_udp_connect:%s)\n", $2)); 1472 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1473 yyerror("expected yes or no."); 1474 else cfg_parser->cfg->udp_connect = (strcmp($2, "yes")==0); 1475 free($2); 1476 } 1477 ; 1478server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG 1479 { 1480 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2)); 1481 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1482 yyerror("expected yes or no."); 1483 else cfg_parser->cfg->unblock_lan_zones = 1484 (strcmp($2, "yes")==0); 1485 free($2); 1486 } 1487 ; 1488server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG 1489 { 1490 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2)); 1491 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1492 yyerror("expected yes or no."); 1493 else cfg_parser->cfg->insecure_lan_zones = 1494 (strcmp($2, "yes")==0); 1495 free($2); 1496 } 1497 ; 1498server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG 1499 { 1500 OUTYY(("P(server_rrset_cache_size:%s)\n", $2)); 1501 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size)) 1502 yyerror("memory size expected"); 1503 free($2); 1504 } 1505 ; 1506server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG 1507 { 1508 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2)); 1509 if(atoi($2) == 0) 1510 yyerror("number expected"); 1511 else { 1512 cfg_parser->cfg->rrset_cache_slabs = atoi($2); 1513 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs)) 1514 yyerror("must be a power of 2"); 1515 } 1516 free($2); 1517 } 1518 ; 1519server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG 1520 { 1521 OUTYY(("P(server_infra_host_ttl:%s)\n", $2)); 1522 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1523 yyerror("number expected"); 1524 else cfg_parser->cfg->host_ttl = atoi($2); 1525 free($2); 1526 } 1527 ; 1528server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG 1529 { 1530 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2)); 1531 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option " 1532 "removed, use infra-host-ttl)", $2); 1533 free($2); 1534 } 1535 ; 1536server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG 1537 { 1538 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2)); 1539 if(atoi($2) == 0) 1540 yyerror("number expected"); 1541 else cfg_parser->cfg->infra_cache_numhosts = atoi($2); 1542 free($2); 1543 } 1544 ; 1545server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG 1546 { 1547 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2)); 1548 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s " 1549 "(option removed, use infra-cache-numhosts)", $2); 1550 free($2); 1551 } 1552 ; 1553server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG 1554 { 1555 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2)); 1556 if(atoi($2) == 0) 1557 yyerror("number expected"); 1558 else { 1559 cfg_parser->cfg->infra_cache_slabs = atoi($2); 1560 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs)) 1561 yyerror("must be a power of 2"); 1562 } 1563 free($2); 1564 } 1565 ; 1566server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG 1567 { 1568 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2)); 1569 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1570 yyerror("number expected"); 1571 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2); 1572 free($2); 1573 } 1574 ; 1575server_infra_keep_probing: VAR_INFRA_KEEP_PROBING STRING_ARG 1576 { 1577 OUTYY(("P(server_infra_keep_probing:%s)\n", $2)); 1578 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1579 yyerror("expected yes or no."); 1580 else cfg_parser->cfg->infra_keep_probing = 1581 (strcmp($2, "yes")==0); 1582 free($2); 1583 } 1584 ; 1585server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG 1586 { 1587 OUTYY(("P(server_target_fetch_policy:%s)\n", $2)); 1588 free(cfg_parser->cfg->target_fetch_policy); 1589 cfg_parser->cfg->target_fetch_policy = $2; 1590 } 1591 ; 1592server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG 1593 { 1594 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2)); 1595 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1596 yyerror("expected yes or no."); 1597 else cfg_parser->cfg->harden_short_bufsize = 1598 (strcmp($2, "yes")==0); 1599 free($2); 1600 } 1601 ; 1602server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG 1603 { 1604 OUTYY(("P(server_harden_large_queries:%s)\n", $2)); 1605 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1606 yyerror("expected yes or no."); 1607 else cfg_parser->cfg->harden_large_queries = 1608 (strcmp($2, "yes")==0); 1609 free($2); 1610 } 1611 ; 1612server_harden_glue: VAR_HARDEN_GLUE STRING_ARG 1613 { 1614 OUTYY(("P(server_harden_glue:%s)\n", $2)); 1615 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1616 yyerror("expected yes or no."); 1617 else cfg_parser->cfg->harden_glue = 1618 (strcmp($2, "yes")==0); 1619 free($2); 1620 } 1621 ; 1622server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG 1623 { 1624 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2)); 1625 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1626 yyerror("expected yes or no."); 1627 else cfg_parser->cfg->harden_dnssec_stripped = 1628 (strcmp($2, "yes")==0); 1629 free($2); 1630 } 1631 ; 1632server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG 1633 { 1634 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2)); 1635 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1636 yyerror("expected yes or no."); 1637 else cfg_parser->cfg->harden_below_nxdomain = 1638 (strcmp($2, "yes")==0); 1639 free($2); 1640 } 1641 ; 1642server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG 1643 { 1644 OUTYY(("P(server_harden_referral_path:%s)\n", $2)); 1645 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1646 yyerror("expected yes or no."); 1647 else cfg_parser->cfg->harden_referral_path = 1648 (strcmp($2, "yes")==0); 1649 free($2); 1650 } 1651 ; 1652server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG 1653 { 1654 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2)); 1655 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1656 yyerror("expected yes or no."); 1657 else cfg_parser->cfg->harden_algo_downgrade = 1658 (strcmp($2, "yes")==0); 1659 free($2); 1660 } 1661 ; 1662server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG 1663 { 1664 OUTYY(("P(server_use_caps_for_id:%s)\n", $2)); 1665 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1666 yyerror("expected yes or no."); 1667 else cfg_parser->cfg->use_caps_bits_for_id = 1668 (strcmp($2, "yes")==0); 1669 free($2); 1670 } 1671 ; 1672server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG 1673 { 1674 OUTYY(("P(server_caps_whitelist:%s)\n", $2)); 1675 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2)) 1676 yyerror("out of memory"); 1677 } 1678 ; 1679server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG 1680 { 1681 OUTYY(("P(server_private_address:%s)\n", $2)); 1682 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2)) 1683 yyerror("out of memory"); 1684 } 1685 ; 1686server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG 1687 { 1688 OUTYY(("P(server_private_domain:%s)\n", $2)); 1689 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2)) 1690 yyerror("out of memory"); 1691 } 1692 ; 1693server_prefetch: VAR_PREFETCH STRING_ARG 1694 { 1695 OUTYY(("P(server_prefetch:%s)\n", $2)); 1696 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1697 yyerror("expected yes or no."); 1698 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0); 1699 free($2); 1700 } 1701 ; 1702server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG 1703 { 1704 OUTYY(("P(server_prefetch_key:%s)\n", $2)); 1705 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1706 yyerror("expected yes or no."); 1707 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0); 1708 free($2); 1709 } 1710 ; 1711server_deny_any: VAR_DENY_ANY STRING_ARG 1712 { 1713 OUTYY(("P(server_deny_any:%s)\n", $2)); 1714 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1715 yyerror("expected yes or no."); 1716 else cfg_parser->cfg->deny_any = (strcmp($2, "yes")==0); 1717 free($2); 1718 } 1719 ; 1720server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG 1721 { 1722 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2)); 1723 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1724 yyerror("number expected"); 1725 else cfg_parser->cfg->unwanted_threshold = atoi($2); 1726 free($2); 1727 } 1728 ; 1729server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG 1730 { 1731 OUTYY(("P(server_do_not_query_address:%s)\n", $2)); 1732 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2)) 1733 yyerror("out of memory"); 1734 } 1735 ; 1736server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG 1737 { 1738 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2)); 1739 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1740 yyerror("expected yes or no."); 1741 else cfg_parser->cfg->donotquery_localhost = 1742 (strcmp($2, "yes")==0); 1743 free($2); 1744 } 1745 ; 1746server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG 1747 { 1748 OUTYY(("P(server_access_control:%s %s)\n", $2, $3)); 1749 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 && 1750 strcmp($3, "deny_non_local")!=0 && 1751 strcmp($3, "refuse_non_local")!=0 && 1752 strcmp($3, "allow_setrd")!=0 && 1753 strcmp($3, "allow")!=0 && 1754 strcmp($3, "allow_snoop")!=0) { 1755 yyerror("expected deny, refuse, deny_non_local, " 1756 "refuse_non_local, allow, allow_setrd or " 1757 "allow_snoop in access control action"); 1758 free($2); 1759 free($3); 1760 } else { 1761 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3)) 1762 fatal_exit("out of memory adding acl"); 1763 } 1764 } 1765 ; 1766server_module_conf: VAR_MODULE_CONF STRING_ARG 1767 { 1768 OUTYY(("P(server_module_conf:%s)\n", $2)); 1769 free(cfg_parser->cfg->module_conf); 1770 cfg_parser->cfg->module_conf = $2; 1771 } 1772 ; 1773server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG 1774 { 1775 OUTYY(("P(server_val_override_date:%s)\n", $2)); 1776 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1777 cfg_parser->cfg->val_date_override = 0; 1778 } else if(strlen($2) == 14) { 1779 cfg_parser->cfg->val_date_override = 1780 cfg_convert_timeval($2); 1781 if(!cfg_parser->cfg->val_date_override) 1782 yyerror("bad date/time specification"); 1783 } else { 1784 if(atoi($2) == 0) 1785 yyerror("number expected"); 1786 cfg_parser->cfg->val_date_override = atoi($2); 1787 } 1788 free($2); 1789 } 1790 ; 1791server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG 1792 { 1793 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2)); 1794 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1795 cfg_parser->cfg->val_sig_skew_min = 0; 1796 } else { 1797 cfg_parser->cfg->val_sig_skew_min = atoi($2); 1798 if(!cfg_parser->cfg->val_sig_skew_min) 1799 yyerror("number expected"); 1800 } 1801 free($2); 1802 } 1803 ; 1804server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG 1805 { 1806 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2)); 1807 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1808 cfg_parser->cfg->val_sig_skew_max = 0; 1809 } else { 1810 cfg_parser->cfg->val_sig_skew_max = atoi($2); 1811 if(!cfg_parser->cfg->val_sig_skew_max) 1812 yyerror("number expected"); 1813 } 1814 free($2); 1815 } 1816 ; 1817server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG 1818 { 1819 OUTYY(("P(server_cache_max_ttl:%s)\n", $2)); 1820 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1821 yyerror("number expected"); 1822 else cfg_parser->cfg->max_ttl = atoi($2); 1823 free($2); 1824 } 1825 ; 1826server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG 1827 { 1828 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2)); 1829 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1830 yyerror("number expected"); 1831 else cfg_parser->cfg->max_negative_ttl = atoi($2); 1832 free($2); 1833 } 1834 ; 1835server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG 1836 { 1837 OUTYY(("P(server_cache_min_ttl:%s)\n", $2)); 1838 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1839 yyerror("number expected"); 1840 else cfg_parser->cfg->min_ttl = atoi($2); 1841 free($2); 1842 } 1843 ; 1844server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG 1845 { 1846 OUTYY(("P(server_bogus_ttl:%s)\n", $2)); 1847 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1848 yyerror("number expected"); 1849 else cfg_parser->cfg->bogus_ttl = atoi($2); 1850 free($2); 1851 } 1852 ; 1853server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG 1854 { 1855 OUTYY(("P(server_val_clean_additional:%s)\n", $2)); 1856 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1857 yyerror("expected yes or no."); 1858 else cfg_parser->cfg->val_clean_additional = 1859 (strcmp($2, "yes")==0); 1860 free($2); 1861 } 1862 ; 1863server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG 1864 { 1865 OUTYY(("P(server_val_permissive_mode:%s)\n", $2)); 1866 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1867 yyerror("expected yes or no."); 1868 else cfg_parser->cfg->val_permissive_mode = 1869 (strcmp($2, "yes")==0); 1870 free($2); 1871 } 1872 ; 1873server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG 1874 { 1875 OUTYY(("P(server_aggressive_nsec:%s)\n", $2)); 1876 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1877 yyerror("expected yes or no."); 1878 else 1879 cfg_parser->cfg->aggressive_nsec = 1880 (strcmp($2, "yes")==0); 1881 free($2); 1882 } 1883 ; 1884server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG 1885 { 1886 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2)); 1887 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1888 yyerror("expected yes or no."); 1889 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0); 1890 free($2); 1891 } 1892 ; 1893server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG 1894 { 1895 OUTYY(("P(server_serve_expired:%s)\n", $2)); 1896 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1897 yyerror("expected yes or no."); 1898 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0); 1899 free($2); 1900 } 1901 ; 1902server_serve_expired_ttl: VAR_SERVE_EXPIRED_TTL STRING_ARG 1903 { 1904 OUTYY(("P(server_serve_expired_ttl:%s)\n", $2)); 1905 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1906 yyerror("number expected"); 1907 else cfg_parser->cfg->serve_expired_ttl = atoi($2); 1908 free($2); 1909 } 1910 ; 1911server_serve_expired_ttl_reset: VAR_SERVE_EXPIRED_TTL_RESET STRING_ARG 1912 { 1913 OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", $2)); 1914 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1915 yyerror("expected yes or no."); 1916 else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp($2, "yes")==0); 1917 free($2); 1918 } 1919 ; 1920server_serve_expired_reply_ttl: VAR_SERVE_EXPIRED_REPLY_TTL STRING_ARG 1921 { 1922 OUTYY(("P(server_serve_expired_reply_ttl:%s)\n", $2)); 1923 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1924 yyerror("number expected"); 1925 else cfg_parser->cfg->serve_expired_reply_ttl = atoi($2); 1926 free($2); 1927 } 1928 ; 1929server_serve_expired_client_timeout: VAR_SERVE_EXPIRED_CLIENT_TIMEOUT STRING_ARG 1930 { 1931 OUTYY(("P(server_serve_expired_client_timeout:%s)\n", $2)); 1932 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1933 yyerror("number expected"); 1934 else cfg_parser->cfg->serve_expired_client_timeout = atoi($2); 1935 free($2); 1936 } 1937 ; 1938server_serve_original_ttl: VAR_SERVE_ORIGINAL_TTL STRING_ARG 1939 { 1940 OUTYY(("P(server_serve_original_ttl:%s)\n", $2)); 1941 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1942 yyerror("expected yes or no."); 1943 else cfg_parser->cfg->serve_original_ttl = (strcmp($2, "yes")==0); 1944 free($2); 1945 } 1946 ; 1947server_fake_dsa: VAR_FAKE_DSA STRING_ARG 1948 { 1949 OUTYY(("P(server_fake_dsa:%s)\n", $2)); 1950 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1951 yyerror("expected yes or no."); 1952#if defined(HAVE_SSL) || defined(HAVE_NETTLE) 1953 else fake_dsa = (strcmp($2, "yes")==0); 1954 if(fake_dsa) 1955 log_warn("test option fake_dsa is enabled"); 1956#endif 1957 free($2); 1958 } 1959 ; 1960server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG 1961 { 1962 OUTYY(("P(server_fake_sha1:%s)\n", $2)); 1963 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1964 yyerror("expected yes or no."); 1965#if defined(HAVE_SSL) || defined(HAVE_NETTLE) 1966 else fake_sha1 = (strcmp($2, "yes")==0); 1967 if(fake_sha1) 1968 log_warn("test option fake_sha1 is enabled"); 1969#endif 1970 free($2); 1971 } 1972 ; 1973server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG 1974 { 1975 OUTYY(("P(server_val_log_level:%s)\n", $2)); 1976 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1977 yyerror("number expected"); 1978 else cfg_parser->cfg->val_log_level = atoi($2); 1979 free($2); 1980 } 1981 ; 1982server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG 1983 { 1984 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2)); 1985 free(cfg_parser->cfg->val_nsec3_key_iterations); 1986 cfg_parser->cfg->val_nsec3_key_iterations = $2; 1987 } 1988 ; 1989server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG 1990 { 1991 OUTYY(("P(server_add_holddown:%s)\n", $2)); 1992 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1993 yyerror("number expected"); 1994 else cfg_parser->cfg->add_holddown = atoi($2); 1995 free($2); 1996 } 1997 ; 1998server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG 1999 { 2000 OUTYY(("P(server_del_holddown:%s)\n", $2)); 2001 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2002 yyerror("number expected"); 2003 else cfg_parser->cfg->del_holddown = atoi($2); 2004 free($2); 2005 } 2006 ; 2007server_keep_missing: VAR_KEEP_MISSING STRING_ARG 2008 { 2009 OUTYY(("P(server_keep_missing:%s)\n", $2)); 2010 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2011 yyerror("number expected"); 2012 else cfg_parser->cfg->keep_missing = atoi($2); 2013 free($2); 2014 } 2015 ; 2016server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG 2017 { 2018 OUTYY(("P(server_permit_small_holddown:%s)\n", $2)); 2019 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2020 yyerror("expected yes or no."); 2021 else cfg_parser->cfg->permit_small_holddown = 2022 (strcmp($2, "yes")==0); 2023 free($2); 2024 } 2025server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG 2026 { 2027 OUTYY(("P(server_key_cache_size:%s)\n", $2)); 2028 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size)) 2029 yyerror("memory size expected"); 2030 free($2); 2031 } 2032 ; 2033server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG 2034 { 2035 OUTYY(("P(server_key_cache_slabs:%s)\n", $2)); 2036 if(atoi($2) == 0) 2037 yyerror("number expected"); 2038 else { 2039 cfg_parser->cfg->key_cache_slabs = atoi($2); 2040 if(!is_pow2(cfg_parser->cfg->key_cache_slabs)) 2041 yyerror("must be a power of 2"); 2042 } 2043 free($2); 2044 } 2045 ; 2046server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG 2047 { 2048 OUTYY(("P(server_neg_cache_size:%s)\n", $2)); 2049 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size)) 2050 yyerror("memory size expected"); 2051 free($2); 2052 } 2053 ; 2054server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 2055 { 2056 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3)); 2057 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 2058 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 2059 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 2060 && strcmp($3, "typetransparent")!=0 2061 && strcmp($3, "always_transparent")!=0 2062 && strcmp($3, "always_refuse")!=0 2063 && strcmp($3, "always_nxdomain")!=0 2064 && strcmp($3, "always_nodata")!=0 2065 && strcmp($3, "always_deny")!=0 2066 && strcmp($3, "always_null")!=0 2067 && strcmp($3, "noview")!=0 2068 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 2069 && strcmp($3, "inform_redirect") != 0 2070 && strcmp($3, "ipset") != 0) { 2071 yyerror("local-zone type: expected static, deny, " 2072 "refuse, redirect, transparent, " 2073 "typetransparent, inform, inform_deny, " 2074 "inform_redirect, always_transparent, " 2075 "always_refuse, always_nxdomain, " 2076 "always_nodata, always_deny, always_null, " 2077 "noview, nodefault or ipset"); 2078 free($2); 2079 free($3); 2080 } else if(strcmp($3, "nodefault")==0) { 2081 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2082 local_zones_nodefault, $2)) 2083 fatal_exit("out of memory adding local-zone"); 2084 free($3); 2085#ifdef USE_IPSET 2086 } else if(strcmp($3, "ipset")==0) { 2087 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2088 local_zones_ipset, $2)) 2089 fatal_exit("out of memory adding local-zone"); 2090 free($3); 2091#endif 2092 } else { 2093 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones, 2094 $2, $3)) 2095 fatal_exit("out of memory adding local-zone"); 2096 } 2097 } 2098 ; 2099server_local_data: VAR_LOCAL_DATA STRING_ARG 2100 { 2101 OUTYY(("P(server_local_data:%s)\n", $2)); 2102 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2)) 2103 fatal_exit("out of memory adding local-data"); 2104 } 2105 ; 2106server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 2107 { 2108 char* ptr; 2109 OUTYY(("P(server_local_data_ptr:%s)\n", $2)); 2110 ptr = cfg_ptr_reverse($2); 2111 free($2); 2112 if(ptr) { 2113 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2114 local_data, ptr)) 2115 fatal_exit("out of memory adding local-data"); 2116 } else { 2117 yyerror("local-data-ptr could not be reversed"); 2118 } 2119 } 2120 ; 2121server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG 2122 { 2123 OUTYY(("P(server_minimal_responses:%s)\n", $2)); 2124 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2125 yyerror("expected yes or no."); 2126 else cfg_parser->cfg->minimal_responses = 2127 (strcmp($2, "yes")==0); 2128 free($2); 2129 } 2130 ; 2131server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG 2132 { 2133 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2)); 2134 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2135 yyerror("expected yes or no."); 2136 else cfg_parser->cfg->rrset_roundrobin = 2137 (strcmp($2, "yes")==0); 2138 free($2); 2139 } 2140 ; 2141server_unknown_server_time_limit: VAR_UNKNOWN_SERVER_TIME_LIMIT STRING_ARG 2142 { 2143 OUTYY(("P(server_unknown_server_time_limit:%s)\n", $2)); 2144 cfg_parser->cfg->unknown_server_time_limit = atoi($2); 2145 free($2); 2146 } 2147 ; 2148server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG 2149 { 2150 OUTYY(("P(server_max_udp_size:%s)\n", $2)); 2151 cfg_parser->cfg->max_udp_size = atoi($2); 2152 free($2); 2153 } 2154 ; 2155server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG 2156 { 2157 OUTYY(("P(dns64_prefix:%s)\n", $2)); 2158 free(cfg_parser->cfg->dns64_prefix); 2159 cfg_parser->cfg->dns64_prefix = $2; 2160 } 2161 ; 2162server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG 2163 { 2164 OUTYY(("P(server_dns64_synthall:%s)\n", $2)); 2165 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2166 yyerror("expected yes or no."); 2167 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0); 2168 free($2); 2169 } 2170 ; 2171server_dns64_ignore_aaaa: VAR_DNS64_IGNORE_AAAA STRING_ARG 2172 { 2173 OUTYY(("P(dns64_ignore_aaaa:%s)\n", $2)); 2174 if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa, 2175 $2)) 2176 fatal_exit("out of memory adding dns64-ignore-aaaa"); 2177 } 2178 ; 2179server_define_tag: VAR_DEFINE_TAG STRING_ARG 2180 { 2181 char* p, *s = $2; 2182 OUTYY(("P(server_define_tag:%s)\n", $2)); 2183 while((p=strsep(&s, " \t\n")) != NULL) { 2184 if(*p) { 2185 if(!config_add_tag(cfg_parser->cfg, p)) 2186 yyerror("could not define-tag, " 2187 "out of memory"); 2188 } 2189 } 2190 free($2); 2191 } 2192 ; 2193server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG 2194 { 2195 size_t len = 0; 2196 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2197 &len); 2198 free($3); 2199 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 2200 if(!bitlist) { 2201 yyerror("could not parse tags, (define-tag them first)"); 2202 free($2); 2203 } 2204 if(bitlist) { 2205 if(!cfg_strbytelist_insert( 2206 &cfg_parser->cfg->local_zone_tags, 2207 $2, bitlist, len)) { 2208 yyerror("out of memory"); 2209 free($2); 2210 } 2211 } 2212 } 2213 ; 2214server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG 2215 { 2216 size_t len = 0; 2217 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2218 &len); 2219 free($3); 2220 OUTYY(("P(server_access_control_tag:%s)\n", $2)); 2221 if(!bitlist) { 2222 yyerror("could not parse tags, (define-tag them first)"); 2223 free($2); 2224 } 2225 if(bitlist) { 2226 if(!cfg_strbytelist_insert( 2227 &cfg_parser->cfg->acl_tags, 2228 $2, bitlist, len)) { 2229 yyerror("out of memory"); 2230 free($2); 2231 } 2232 } 2233 } 2234 ; 2235server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2236 { 2237 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4)); 2238 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions, 2239 $2, $3, $4)) { 2240 yyerror("out of memory"); 2241 free($2); 2242 free($3); 2243 free($4); 2244 } 2245 } 2246 ; 2247server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2248 { 2249 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4)); 2250 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas, 2251 $2, $3, $4)) { 2252 yyerror("out of memory"); 2253 free($2); 2254 free($3); 2255 free($4); 2256 } 2257 } 2258 ; 2259server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG 2260 { 2261 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4)); 2262 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides, 2263 $2, $3, $4)) { 2264 yyerror("out of memory"); 2265 free($2); 2266 free($3); 2267 free($4); 2268 } 2269 } 2270 ; 2271server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG 2272 { 2273 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3)); 2274 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view, 2275 $2, $3)) { 2276 yyerror("out of memory"); 2277 } 2278 } 2279 ; 2280server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG 2281 { 2282 size_t len = 0; 2283 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2284 &len); 2285 free($3); 2286 OUTYY(("P(response_ip_tag:%s)\n", $2)); 2287 if(!bitlist) { 2288 yyerror("could not parse tags, (define-tag them first)"); 2289 free($2); 2290 } 2291 if(bitlist) { 2292 if(!cfg_strbytelist_insert( 2293 &cfg_parser->cfg->respip_tags, 2294 $2, bitlist, len)) { 2295 yyerror("out of memory"); 2296 free($2); 2297 } 2298 } 2299 } 2300 ; 2301server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG 2302 { 2303 OUTYY(("P(server_ip_ratelimit:%s)\n", $2)); 2304 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2305 yyerror("number expected"); 2306 else cfg_parser->cfg->ip_ratelimit = atoi($2); 2307 free($2); 2308 } 2309 ; 2310 2311server_ratelimit: VAR_RATELIMIT STRING_ARG 2312 { 2313 OUTYY(("P(server_ratelimit:%s)\n", $2)); 2314 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2315 yyerror("number expected"); 2316 else cfg_parser->cfg->ratelimit = atoi($2); 2317 free($2); 2318 } 2319 ; 2320server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG 2321 { 2322 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2)); 2323 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size)) 2324 yyerror("memory size expected"); 2325 free($2); 2326 } 2327 ; 2328server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG 2329 { 2330 OUTYY(("P(server_ratelimit_size:%s)\n", $2)); 2331 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size)) 2332 yyerror("memory size expected"); 2333 free($2); 2334 } 2335 ; 2336server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG 2337 { 2338 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2)); 2339 if(atoi($2) == 0) 2340 yyerror("number expected"); 2341 else { 2342 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2); 2343 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs)) 2344 yyerror("must be a power of 2"); 2345 } 2346 free($2); 2347 } 2348 ; 2349server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG 2350 { 2351 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2)); 2352 if(atoi($2) == 0) 2353 yyerror("number expected"); 2354 else { 2355 cfg_parser->cfg->ratelimit_slabs = atoi($2); 2356 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs)) 2357 yyerror("must be a power of 2"); 2358 } 2359 free($2); 2360 } 2361 ; 2362server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG 2363 { 2364 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3)); 2365 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2366 yyerror("number expected"); 2367 free($2); 2368 free($3); 2369 } else { 2370 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2371 ratelimit_for_domain, $2, $3)) 2372 fatal_exit("out of memory adding " 2373 "ratelimit-for-domain"); 2374 } 2375 } 2376 ; 2377server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG 2378 { 2379 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3)); 2380 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2381 yyerror("number expected"); 2382 free($2); 2383 free($3); 2384 } else { 2385 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2386 ratelimit_below_domain, $2, $3)) 2387 fatal_exit("out of memory adding " 2388 "ratelimit-below-domain"); 2389 } 2390 } 2391 ; 2392server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG 2393 { 2394 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2)); 2395 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2396 yyerror("number expected"); 2397 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2); 2398 free($2); 2399 } 2400 ; 2401server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG 2402 { 2403 OUTYY(("P(server_ratelimit_factor:%s)\n", $2)); 2404 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2405 yyerror("number expected"); 2406 else cfg_parser->cfg->ratelimit_factor = atoi($2); 2407 free($2); 2408 } 2409 ; 2410server_low_rtt: VAR_LOW_RTT STRING_ARG 2411 { 2412 OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n")); 2413 free($2); 2414 } 2415 ; 2416server_fast_server_num: VAR_FAST_SERVER_NUM STRING_ARG 2417 { 2418 OUTYY(("P(server_fast_server_num:%s)\n", $2)); 2419 if(atoi($2) <= 0) 2420 yyerror("number expected"); 2421 else cfg_parser->cfg->fast_server_num = atoi($2); 2422 free($2); 2423 } 2424 ; 2425server_fast_server_permil: VAR_FAST_SERVER_PERMIL STRING_ARG 2426 { 2427 OUTYY(("P(server_fast_server_permil:%s)\n", $2)); 2428 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2429 yyerror("number expected"); 2430 else cfg_parser->cfg->fast_server_permil = atoi($2); 2431 free($2); 2432 } 2433 ; 2434server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG 2435 { 2436 OUTYY(("P(server_qname_minimisation:%s)\n", $2)); 2437 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2438 yyerror("expected yes or no."); 2439 else cfg_parser->cfg->qname_minimisation = 2440 (strcmp($2, "yes")==0); 2441 free($2); 2442 } 2443 ; 2444server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG 2445 { 2446 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2)); 2447 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2448 yyerror("expected yes or no."); 2449 else cfg_parser->cfg->qname_minimisation_strict = 2450 (strcmp($2, "yes")==0); 2451 free($2); 2452 } 2453 ; 2454server_pad_responses: VAR_PAD_RESPONSES STRING_ARG 2455 { 2456 OUTYY(("P(server_pad_responses:%s)\n", $2)); 2457 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2458 yyerror("expected yes or no."); 2459 else cfg_parser->cfg->pad_responses = 2460 (strcmp($2, "yes")==0); 2461 free($2); 2462 } 2463 ; 2464server_pad_responses_block_size: VAR_PAD_RESPONSES_BLOCK_SIZE STRING_ARG 2465 { 2466 OUTYY(("P(server_pad_responses_block_size:%s)\n", $2)); 2467 if(atoi($2) == 0) 2468 yyerror("number expected"); 2469 else cfg_parser->cfg->pad_responses_block_size = atoi($2); 2470 free($2); 2471 } 2472 ; 2473server_pad_queries: VAR_PAD_QUERIES STRING_ARG 2474 { 2475 OUTYY(("P(server_pad_queries:%s)\n", $2)); 2476 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2477 yyerror("expected yes or no."); 2478 else cfg_parser->cfg->pad_queries = 2479 (strcmp($2, "yes")==0); 2480 free($2); 2481 } 2482 ; 2483server_pad_queries_block_size: VAR_PAD_QUERIES_BLOCK_SIZE STRING_ARG 2484 { 2485 OUTYY(("P(server_pad_queries_block_size:%s)\n", $2)); 2486 if(atoi($2) == 0) 2487 yyerror("number expected"); 2488 else cfg_parser->cfg->pad_queries_block_size = atoi($2); 2489 free($2); 2490 } 2491 ; 2492server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG 2493 { 2494 #ifdef USE_IPSECMOD 2495 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2)); 2496 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2497 yyerror("expected yes or no."); 2498 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0); 2499 #else 2500 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2501 #endif 2502 free($2); 2503 } 2504 ; 2505server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG 2506 { 2507 #ifdef USE_IPSECMOD 2508 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2)); 2509 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2510 yyerror("expected yes or no."); 2511 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0); 2512 #else 2513 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2514 #endif 2515 free($2); 2516 } 2517 ; 2518server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG 2519 { 2520 #ifdef USE_IPSECMOD 2521 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2)); 2522 free(cfg_parser->cfg->ipsecmod_hook); 2523 cfg_parser->cfg->ipsecmod_hook = $2; 2524 #else 2525 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2526 free($2); 2527 #endif 2528 } 2529 ; 2530server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG 2531 { 2532 #ifdef USE_IPSECMOD 2533 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2)); 2534 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2535 yyerror("number expected"); 2536 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2); 2537 free($2); 2538 #else 2539 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2540 free($2); 2541 #endif 2542 } 2543 ; 2544server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG 2545 { 2546 #ifdef USE_IPSECMOD 2547 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2)); 2548 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2)) 2549 yyerror("out of memory"); 2550 #else 2551 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2552 free($2); 2553 #endif 2554 } 2555 ; 2556server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG 2557 { 2558 #ifdef USE_IPSECMOD 2559 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2)); 2560 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2561 yyerror("expected yes or no."); 2562 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0); 2563 free($2); 2564 #else 2565 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2566 free($2); 2567 #endif 2568 } 2569 ; 2570server_edns_client_string: VAR_EDNS_CLIENT_STRING STRING_ARG STRING_ARG 2571 { 2572 OUTYY(("P(server_edns_client_string:%s %s)\n", $2, $3)); 2573 if(!cfg_str2list_insert( 2574 &cfg_parser->cfg->edns_client_strings, $2, $3)) 2575 fatal_exit("out of memory adding " 2576 "edns-client-string"); 2577 } 2578 ; 2579server_edns_client_string_opcode: VAR_EDNS_CLIENT_STRING_OPCODE STRING_ARG 2580 { 2581 OUTYY(("P(edns_client_string_opcode:%s)\n", $2)); 2582 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2583 yyerror("option code expected"); 2584 else if(atoi($2) > 65535 || atoi($2) < 0) 2585 yyerror("option code must be in interval [0, 65535]"); 2586 else cfg_parser->cfg->edns_client_string_opcode = atoi($2); 2587 free($2); 2588 2589 } 2590 ; 2591stub_name: VAR_NAME STRING_ARG 2592 { 2593 OUTYY(("P(name:%s)\n", $2)); 2594 if(cfg_parser->cfg->stubs->name) 2595 yyerror("stub name override, there must be one name " 2596 "for one stub-zone"); 2597 free(cfg_parser->cfg->stubs->name); 2598 cfg_parser->cfg->stubs->name = $2; 2599 } 2600 ; 2601stub_host: VAR_STUB_HOST STRING_ARG 2602 { 2603 OUTYY(("P(stub-host:%s)\n", $2)); 2604 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2)) 2605 yyerror("out of memory"); 2606 } 2607 ; 2608stub_addr: VAR_STUB_ADDR STRING_ARG 2609 { 2610 OUTYY(("P(stub-addr:%s)\n", $2)); 2611 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2)) 2612 yyerror("out of memory"); 2613 } 2614 ; 2615stub_first: VAR_STUB_FIRST STRING_ARG 2616 { 2617 OUTYY(("P(stub-first:%s)\n", $2)); 2618 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2619 yyerror("expected yes or no."); 2620 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0); 2621 free($2); 2622 } 2623 ; 2624stub_no_cache: VAR_STUB_NO_CACHE STRING_ARG 2625 { 2626 OUTYY(("P(stub-no-cache:%s)\n", $2)); 2627 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2628 yyerror("expected yes or no."); 2629 else cfg_parser->cfg->stubs->no_cache=(strcmp($2, "yes")==0); 2630 free($2); 2631 } 2632 ; 2633stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG 2634 { 2635 OUTYY(("P(stub-ssl-upstream:%s)\n", $2)); 2636 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2637 yyerror("expected yes or no."); 2638 else cfg_parser->cfg->stubs->ssl_upstream = 2639 (strcmp($2, "yes")==0); 2640 free($2); 2641 } 2642 ; 2643stub_prime: VAR_STUB_PRIME STRING_ARG 2644 { 2645 OUTYY(("P(stub-prime:%s)\n", $2)); 2646 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2647 yyerror("expected yes or no."); 2648 else cfg_parser->cfg->stubs->isprime = 2649 (strcmp($2, "yes")==0); 2650 free($2); 2651 } 2652 ; 2653forward_name: VAR_NAME STRING_ARG 2654 { 2655 OUTYY(("P(name:%s)\n", $2)); 2656 if(cfg_parser->cfg->forwards->name) 2657 yyerror("forward name override, there must be one " 2658 "name for one forward-zone"); 2659 free(cfg_parser->cfg->forwards->name); 2660 cfg_parser->cfg->forwards->name = $2; 2661 } 2662 ; 2663forward_host: VAR_FORWARD_HOST STRING_ARG 2664 { 2665 OUTYY(("P(forward-host:%s)\n", $2)); 2666 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2)) 2667 yyerror("out of memory"); 2668 } 2669 ; 2670forward_addr: VAR_FORWARD_ADDR STRING_ARG 2671 { 2672 OUTYY(("P(forward-addr:%s)\n", $2)); 2673 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2)) 2674 yyerror("out of memory"); 2675 } 2676 ; 2677forward_first: VAR_FORWARD_FIRST STRING_ARG 2678 { 2679 OUTYY(("P(forward-first:%s)\n", $2)); 2680 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2681 yyerror("expected yes or no."); 2682 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0); 2683 free($2); 2684 } 2685 ; 2686forward_no_cache: VAR_FORWARD_NO_CACHE STRING_ARG 2687 { 2688 OUTYY(("P(forward-no-cache:%s)\n", $2)); 2689 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2690 yyerror("expected yes or no."); 2691 else cfg_parser->cfg->forwards->no_cache=(strcmp($2, "yes")==0); 2692 free($2); 2693 } 2694 ; 2695forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG 2696 { 2697 OUTYY(("P(forward-ssl-upstream:%s)\n", $2)); 2698 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2699 yyerror("expected yes or no."); 2700 else cfg_parser->cfg->forwards->ssl_upstream = 2701 (strcmp($2, "yes")==0); 2702 free($2); 2703 } 2704 ; 2705auth_name: VAR_NAME STRING_ARG 2706 { 2707 OUTYY(("P(name:%s)\n", $2)); 2708 if(cfg_parser->cfg->auths->name) 2709 yyerror("auth name override, there must be one name " 2710 "for one auth-zone"); 2711 free(cfg_parser->cfg->auths->name); 2712 cfg_parser->cfg->auths->name = $2; 2713 } 2714 ; 2715auth_zonefile: VAR_ZONEFILE STRING_ARG 2716 { 2717 OUTYY(("P(zonefile:%s)\n", $2)); 2718 free(cfg_parser->cfg->auths->zonefile); 2719 cfg_parser->cfg->auths->zonefile = $2; 2720 } 2721 ; 2722auth_master: VAR_MASTER STRING_ARG 2723 { 2724 OUTYY(("P(master:%s)\n", $2)); 2725 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2)) 2726 yyerror("out of memory"); 2727 } 2728 ; 2729auth_url: VAR_URL STRING_ARG 2730 { 2731 OUTYY(("P(url:%s)\n", $2)); 2732 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2)) 2733 yyerror("out of memory"); 2734 } 2735 ; 2736auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG 2737 { 2738 OUTYY(("P(allow-notify:%s)\n", $2)); 2739 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify, 2740 $2)) 2741 yyerror("out of memory"); 2742 } 2743 ; 2744auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG 2745 { 2746 OUTYY(("P(for-downstream:%s)\n", $2)); 2747 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2748 yyerror("expected yes or no."); 2749 else cfg_parser->cfg->auths->for_downstream = 2750 (strcmp($2, "yes")==0); 2751 free($2); 2752 } 2753 ; 2754auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG 2755 { 2756 OUTYY(("P(for-upstream:%s)\n", $2)); 2757 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2758 yyerror("expected yes or no."); 2759 else cfg_parser->cfg->auths->for_upstream = 2760 (strcmp($2, "yes")==0); 2761 free($2); 2762 } 2763 ; 2764auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG 2765 { 2766 OUTYY(("P(fallback-enabled:%s)\n", $2)); 2767 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2768 yyerror("expected yes or no."); 2769 else cfg_parser->cfg->auths->fallback_enabled = 2770 (strcmp($2, "yes")==0); 2771 free($2); 2772 } 2773 ; 2774view_name: VAR_NAME STRING_ARG 2775 { 2776 OUTYY(("P(name:%s)\n", $2)); 2777 if(cfg_parser->cfg->views->name) 2778 yyerror("view name override, there must be one " 2779 "name for one view"); 2780 free(cfg_parser->cfg->views->name); 2781 cfg_parser->cfg->views->name = $2; 2782 } 2783 ; 2784view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 2785 { 2786 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3)); 2787 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 2788 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 2789 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 2790 && strcmp($3, "typetransparent")!=0 2791 && strcmp($3, "always_transparent")!=0 2792 && strcmp($3, "always_refuse")!=0 2793 && strcmp($3, "always_nxdomain")!=0 2794 && strcmp($3, "noview")!=0 2795 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0) { 2796 yyerror("local-zone type: expected static, deny, " 2797 "refuse, redirect, transparent, " 2798 "typetransparent, inform, inform_deny, " 2799 "always_transparent, always_refuse, " 2800 "always_nxdomain, noview or nodefault"); 2801 free($2); 2802 free($3); 2803 } else if(strcmp($3, "nodefault")==0) { 2804 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2805 local_zones_nodefault, $2)) 2806 fatal_exit("out of memory adding local-zone"); 2807 free($3); 2808#ifdef USE_IPSET 2809 } else if(strcmp($3, "ipset")==0) { 2810 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2811 local_zones_ipset, $2)) 2812 fatal_exit("out of memory adding local-zone"); 2813 free($3); 2814#endif 2815 } else { 2816 if(!cfg_str2list_insert( 2817 &cfg_parser->cfg->views->local_zones, 2818 $2, $3)) 2819 fatal_exit("out of memory adding local-zone"); 2820 } 2821 } 2822 ; 2823view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 2824 { 2825 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3)); 2826 validate_respip_action($3); 2827 if(!cfg_str2list_insert( 2828 &cfg_parser->cfg->views->respip_actions, $2, $3)) 2829 fatal_exit("out of memory adding per-view " 2830 "response-ip action"); 2831 } 2832 ; 2833view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 2834 { 2835 OUTYY(("P(view_response_ip_data:%s)\n", $2)); 2836 if(!cfg_str2list_insert( 2837 &cfg_parser->cfg->views->respip_data, $2, $3)) 2838 fatal_exit("out of memory adding response-ip-data"); 2839 } 2840 ; 2841view_local_data: VAR_LOCAL_DATA STRING_ARG 2842 { 2843 OUTYY(("P(view_local_data:%s)\n", $2)); 2844 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) { 2845 fatal_exit("out of memory adding local-data"); 2846 } 2847 } 2848 ; 2849view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 2850 { 2851 char* ptr; 2852 OUTYY(("P(view_local_data_ptr:%s)\n", $2)); 2853 ptr = cfg_ptr_reverse($2); 2854 free($2); 2855 if(ptr) { 2856 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2857 local_data, ptr)) 2858 fatal_exit("out of memory adding local-data"); 2859 } else { 2860 yyerror("local-data-ptr could not be reversed"); 2861 } 2862 } 2863 ; 2864view_first: VAR_VIEW_FIRST STRING_ARG 2865 { 2866 OUTYY(("P(view-first:%s)\n", $2)); 2867 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2868 yyerror("expected yes or no."); 2869 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0); 2870 free($2); 2871 } 2872 ; 2873rcstart: VAR_REMOTE_CONTROL 2874 { 2875 OUTYY(("\nP(remote-control:)\n")); 2876 } 2877 ; 2878contents_rc: contents_rc content_rc 2879 | ; 2880content_rc: rc_control_enable | rc_control_interface | rc_control_port | 2881 rc_server_key_file | rc_server_cert_file | rc_control_key_file | 2882 rc_control_cert_file | rc_control_use_cert 2883 ; 2884rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG 2885 { 2886 OUTYY(("P(control_enable:%s)\n", $2)); 2887 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2888 yyerror("expected yes or no."); 2889 else cfg_parser->cfg->remote_control_enable = 2890 (strcmp($2, "yes")==0); 2891 free($2); 2892 } 2893 ; 2894rc_control_port: VAR_CONTROL_PORT STRING_ARG 2895 { 2896 OUTYY(("P(control_port:%s)\n", $2)); 2897 if(atoi($2) == 0) 2898 yyerror("control port number expected"); 2899 else cfg_parser->cfg->control_port = atoi($2); 2900 free($2); 2901 } 2902 ; 2903rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG 2904 { 2905 OUTYY(("P(control_interface:%s)\n", $2)); 2906 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2)) 2907 yyerror("out of memory"); 2908 } 2909 ; 2910rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG 2911 { 2912 OUTYY(("P(control_use_cert:%s)\n", $2)); 2913 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0); 2914 free($2); 2915 } 2916 ; 2917rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG 2918 { 2919 OUTYY(("P(rc_server_key_file:%s)\n", $2)); 2920 free(cfg_parser->cfg->server_key_file); 2921 cfg_parser->cfg->server_key_file = $2; 2922 } 2923 ; 2924rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG 2925 { 2926 OUTYY(("P(rc_server_cert_file:%s)\n", $2)); 2927 free(cfg_parser->cfg->server_cert_file); 2928 cfg_parser->cfg->server_cert_file = $2; 2929 } 2930 ; 2931rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG 2932 { 2933 OUTYY(("P(rc_control_key_file:%s)\n", $2)); 2934 free(cfg_parser->cfg->control_key_file); 2935 cfg_parser->cfg->control_key_file = $2; 2936 } 2937 ; 2938rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG 2939 { 2940 OUTYY(("P(rc_control_cert_file:%s)\n", $2)); 2941 free(cfg_parser->cfg->control_cert_file); 2942 cfg_parser->cfg->control_cert_file = $2; 2943 } 2944 ; 2945dtstart: VAR_DNSTAP 2946 { 2947 OUTYY(("\nP(dnstap:)\n")); 2948 } 2949 ; 2950contents_dt: contents_dt content_dt 2951 | ; 2952content_dt: dt_dnstap_enable | dt_dnstap_socket_path | dt_dnstap_bidirectional | 2953 dt_dnstap_ip | dt_dnstap_tls | dt_dnstap_tls_server_name | 2954 dt_dnstap_tls_cert_bundle | 2955 dt_dnstap_tls_client_key_file | dt_dnstap_tls_client_cert_file | 2956 dt_dnstap_send_identity | dt_dnstap_send_version | 2957 dt_dnstap_identity | dt_dnstap_version | 2958 dt_dnstap_log_resolver_query_messages | 2959 dt_dnstap_log_resolver_response_messages | 2960 dt_dnstap_log_client_query_messages | 2961 dt_dnstap_log_client_response_messages | 2962 dt_dnstap_log_forwarder_query_messages | 2963 dt_dnstap_log_forwarder_response_messages 2964 ; 2965dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG 2966 { 2967 OUTYY(("P(dt_dnstap_enable:%s)\n", $2)); 2968 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2969 yyerror("expected yes or no."); 2970 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0); 2971 free($2); 2972 } 2973 ; 2974dt_dnstap_bidirectional: VAR_DNSTAP_BIDIRECTIONAL STRING_ARG 2975 { 2976 OUTYY(("P(dt_dnstap_bidirectional:%s)\n", $2)); 2977 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2978 yyerror("expected yes or no."); 2979 else cfg_parser->cfg->dnstap_bidirectional = 2980 (strcmp($2, "yes")==0); 2981 free($2); 2982 } 2983 ; 2984dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG 2985 { 2986 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2)); 2987 free(cfg_parser->cfg->dnstap_socket_path); 2988 cfg_parser->cfg->dnstap_socket_path = $2; 2989 } 2990 ; 2991dt_dnstap_ip: VAR_DNSTAP_IP STRING_ARG 2992 { 2993 OUTYY(("P(dt_dnstap_ip:%s)\n", $2)); 2994 free(cfg_parser->cfg->dnstap_ip); 2995 cfg_parser->cfg->dnstap_ip = $2; 2996 } 2997 ; 2998dt_dnstap_tls: VAR_DNSTAP_TLS STRING_ARG 2999 { 3000 OUTYY(("P(dt_dnstap_tls:%s)\n", $2)); 3001 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3002 yyerror("expected yes or no."); 3003 else cfg_parser->cfg->dnstap_tls = (strcmp($2, "yes")==0); 3004 free($2); 3005 } 3006 ; 3007dt_dnstap_tls_server_name: VAR_DNSTAP_TLS_SERVER_NAME STRING_ARG 3008 { 3009 OUTYY(("P(dt_dnstap_tls_server_name:%s)\n", $2)); 3010 free(cfg_parser->cfg->dnstap_tls_server_name); 3011 cfg_parser->cfg->dnstap_tls_server_name = $2; 3012 } 3013 ; 3014dt_dnstap_tls_cert_bundle: VAR_DNSTAP_TLS_CERT_BUNDLE STRING_ARG 3015 { 3016 OUTYY(("P(dt_dnstap_tls_cert_bundle:%s)\n", $2)); 3017 free(cfg_parser->cfg->dnstap_tls_cert_bundle); 3018 cfg_parser->cfg->dnstap_tls_cert_bundle = $2; 3019 } 3020 ; 3021dt_dnstap_tls_client_key_file: VAR_DNSTAP_TLS_CLIENT_KEY_FILE STRING_ARG 3022 { 3023 OUTYY(("P(dt_dnstap_tls_client_key_file:%s)\n", $2)); 3024 free(cfg_parser->cfg->dnstap_tls_client_key_file); 3025 cfg_parser->cfg->dnstap_tls_client_key_file = $2; 3026 } 3027 ; 3028dt_dnstap_tls_client_cert_file: VAR_DNSTAP_TLS_CLIENT_CERT_FILE STRING_ARG 3029 { 3030 OUTYY(("P(dt_dnstap_tls_client_cert_file:%s)\n", $2)); 3031 free(cfg_parser->cfg->dnstap_tls_client_cert_file); 3032 cfg_parser->cfg->dnstap_tls_client_cert_file = $2; 3033 } 3034 ; 3035dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG 3036 { 3037 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2)); 3038 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3039 yyerror("expected yes or no."); 3040 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0); 3041 free($2); 3042 } 3043 ; 3044dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG 3045 { 3046 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2)); 3047 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3048 yyerror("expected yes or no."); 3049 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0); 3050 free($2); 3051 } 3052 ; 3053dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG 3054 { 3055 OUTYY(("P(dt_dnstap_identity:%s)\n", $2)); 3056 free(cfg_parser->cfg->dnstap_identity); 3057 cfg_parser->cfg->dnstap_identity = $2; 3058 } 3059 ; 3060dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG 3061 { 3062 OUTYY(("P(dt_dnstap_version:%s)\n", $2)); 3063 free(cfg_parser->cfg->dnstap_version); 3064 cfg_parser->cfg->dnstap_version = $2; 3065 } 3066 ; 3067dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG 3068 { 3069 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2)); 3070 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3071 yyerror("expected yes or no."); 3072 else cfg_parser->cfg->dnstap_log_resolver_query_messages = 3073 (strcmp($2, "yes")==0); 3074 free($2); 3075 } 3076 ; 3077dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG 3078 { 3079 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2)); 3080 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3081 yyerror("expected yes or no."); 3082 else cfg_parser->cfg->dnstap_log_resolver_response_messages = 3083 (strcmp($2, "yes")==0); 3084 free($2); 3085 } 3086 ; 3087dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG 3088 { 3089 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2)); 3090 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3091 yyerror("expected yes or no."); 3092 else cfg_parser->cfg->dnstap_log_client_query_messages = 3093 (strcmp($2, "yes")==0); 3094 free($2); 3095 } 3096 ; 3097dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG 3098 { 3099 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2)); 3100 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3101 yyerror("expected yes or no."); 3102 else cfg_parser->cfg->dnstap_log_client_response_messages = 3103 (strcmp($2, "yes")==0); 3104 free($2); 3105 } 3106 ; 3107dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG 3108 { 3109 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2)); 3110 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3111 yyerror("expected yes or no."); 3112 else cfg_parser->cfg->dnstap_log_forwarder_query_messages = 3113 (strcmp($2, "yes")==0); 3114 free($2); 3115 } 3116 ; 3117dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG 3118 { 3119 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2)); 3120 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3121 yyerror("expected yes or no."); 3122 else cfg_parser->cfg->dnstap_log_forwarder_response_messages = 3123 (strcmp($2, "yes")==0); 3124 free($2); 3125 } 3126 ; 3127pythonstart: VAR_PYTHON 3128 { 3129 OUTYY(("\nP(python:)\n")); 3130 } 3131 ; 3132contents_py: contents_py content_py 3133 | ; 3134content_py: py_script 3135 ; 3136py_script: VAR_PYTHON_SCRIPT STRING_ARG 3137 { 3138 OUTYY(("P(python-script:%s)\n", $2)); 3139 if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, $2)) 3140 yyerror("out of memory"); 3141 } 3142dynlibstart: VAR_DYNLIB 3143 { 3144 OUTYY(("\nP(dynlib:)\n")); 3145 } 3146 ; 3147contents_dl: contents_dl content_dl 3148 | ; 3149content_dl: dl_file 3150 ; 3151dl_file: VAR_DYNLIB_FILE STRING_ARG 3152 { 3153 OUTYY(("P(dynlib-file:%s)\n", $2)); 3154 if(!cfg_strlist_append_ex(&cfg_parser->cfg->dynlib_file, $2)) 3155 yyerror("out of memory"); 3156 } 3157server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG 3158 { 3159 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2)); 3160 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3161 yyerror("expected yes or no."); 3162 else cfg_parser->cfg->disable_dnssec_lame_check = 3163 (strcmp($2, "yes")==0); 3164 free($2); 3165 } 3166 ; 3167server_log_identity: VAR_LOG_IDENTITY STRING_ARG 3168 { 3169 OUTYY(("P(server_log_identity:%s)\n", $2)); 3170 free(cfg_parser->cfg->log_identity); 3171 cfg_parser->cfg->log_identity = $2; 3172 } 3173 ; 3174server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 3175 { 3176 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3)); 3177 validate_respip_action($3); 3178 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions, 3179 $2, $3)) 3180 fatal_exit("out of memory adding response-ip"); 3181 } 3182 ; 3183server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 3184 { 3185 OUTYY(("P(server_response_ip_data:%s)\n", $2)); 3186 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data, 3187 $2, $3)) 3188 fatal_exit("out of memory adding response-ip-data"); 3189 } 3190 ; 3191dnscstart: VAR_DNSCRYPT 3192 { 3193 OUTYY(("\nP(dnscrypt:)\n")); 3194 } 3195 ; 3196contents_dnsc: contents_dnsc content_dnsc 3197 | ; 3198content_dnsc: 3199 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider | 3200 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert | 3201 dnsc_dnscrypt_provider_cert_rotated | 3202 dnsc_dnscrypt_shared_secret_cache_size | 3203 dnsc_dnscrypt_shared_secret_cache_slabs | 3204 dnsc_dnscrypt_nonce_cache_size | 3205 dnsc_dnscrypt_nonce_cache_slabs 3206 ; 3207dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG 3208 { 3209 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2)); 3210 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3211 yyerror("expected yes or no."); 3212 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0); 3213 free($2); 3214 } 3215 ; 3216 3217dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG 3218 { 3219 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2)); 3220 if(atoi($2) == 0) 3221 yyerror("port number expected"); 3222 else cfg_parser->cfg->dnscrypt_port = atoi($2); 3223 free($2); 3224 } 3225 ; 3226dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG 3227 { 3228 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2)); 3229 free(cfg_parser->cfg->dnscrypt_provider); 3230 cfg_parser->cfg->dnscrypt_provider = $2; 3231 } 3232 ; 3233dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG 3234 { 3235 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2)); 3236 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3237 log_warn("dnscrypt-provider-cert %s is a duplicate", $2); 3238 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3239 fatal_exit("out of memory adding dnscrypt-provider-cert"); 3240 } 3241 ; 3242dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG 3243 { 3244 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2)); 3245 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2)) 3246 fatal_exit("out of memory adding dnscrypt-provider-cert-rotated"); 3247 } 3248 ; 3249dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG 3250 { 3251 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2)); 3252 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2)) 3253 log_warn("dnscrypt-secret-key: %s is a duplicate", $2); 3254 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2)) 3255 fatal_exit("out of memory adding dnscrypt-secret-key"); 3256 } 3257 ; 3258dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG 3259 { 3260 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2)); 3261 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size)) 3262 yyerror("memory size expected"); 3263 free($2); 3264 } 3265 ; 3266dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG 3267 { 3268 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2)); 3269 if(atoi($2) == 0) 3270 yyerror("number expected"); 3271 else { 3272 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2); 3273 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs)) 3274 yyerror("must be a power of 2"); 3275 } 3276 free($2); 3277 } 3278 ; 3279dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG 3280 { 3281 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2)); 3282 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size)) 3283 yyerror("memory size expected"); 3284 free($2); 3285 } 3286 ; 3287dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG 3288 { 3289 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2)); 3290 if(atoi($2) == 0) 3291 yyerror("number expected"); 3292 else { 3293 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2); 3294 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs)) 3295 yyerror("must be a power of 2"); 3296 } 3297 free($2); 3298 } 3299 ; 3300cachedbstart: VAR_CACHEDB 3301 { 3302 OUTYY(("\nP(cachedb:)\n")); 3303 } 3304 ; 3305contents_cachedb: contents_cachedb content_cachedb 3306 | ; 3307content_cachedb: cachedb_backend_name | cachedb_secret_seed | 3308 redis_server_host | redis_server_port | redis_timeout | 3309 redis_expire_records 3310 ; 3311cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG 3312 { 3313 #ifdef USE_CACHEDB 3314 OUTYY(("P(backend:%s)\n", $2)); 3315 free(cfg_parser->cfg->cachedb_backend); 3316 cfg_parser->cfg->cachedb_backend = $2; 3317 #else 3318 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3319 free($2); 3320 #endif 3321 } 3322 ; 3323cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG 3324 { 3325 #ifdef USE_CACHEDB 3326 OUTYY(("P(secret-seed:%s)\n", $2)); 3327 free(cfg_parser->cfg->cachedb_secret); 3328 cfg_parser->cfg->cachedb_secret = $2; 3329 #else 3330 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3331 free($2); 3332 #endif 3333 } 3334 ; 3335redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG 3336 { 3337 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3338 OUTYY(("P(redis_server_host:%s)\n", $2)); 3339 free(cfg_parser->cfg->redis_server_host); 3340 cfg_parser->cfg->redis_server_host = $2; 3341 #else 3342 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3343 free($2); 3344 #endif 3345 } 3346 ; 3347redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG 3348 { 3349 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3350 int port; 3351 OUTYY(("P(redis_server_port:%s)\n", $2)); 3352 port = atoi($2); 3353 if(port == 0 || port < 0 || port > 65535) 3354 yyerror("valid redis server port number expected"); 3355 else cfg_parser->cfg->redis_server_port = port; 3356 #else 3357 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3358 #endif 3359 free($2); 3360 } 3361 ; 3362redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG 3363 { 3364 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3365 OUTYY(("P(redis_timeout:%s)\n", $2)); 3366 if(atoi($2) == 0) 3367 yyerror("redis timeout value expected"); 3368 else cfg_parser->cfg->redis_timeout = atoi($2); 3369 #else 3370 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3371 #endif 3372 free($2); 3373 } 3374 ; 3375redis_expire_records: VAR_CACHEDB_REDISEXPIRERECORDS STRING_ARG 3376 { 3377 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3378 OUTYY(("P(redis_expire_records:%s)\n", $2)); 3379 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3380 yyerror("expected yes or no."); 3381 else cfg_parser->cfg->redis_expire_records = (strcmp($2, "yes")==0); 3382 #else 3383 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3384 #endif 3385 free($2); 3386 } 3387 ; 3388server_tcp_connection_limit: VAR_TCP_CONNECTION_LIMIT STRING_ARG STRING_ARG 3389 { 3390 OUTYY(("P(server_tcp_connection_limit:%s %s)\n", $2, $3)); 3391 if (atoi($3) < 0) 3392 yyerror("positive number expected"); 3393 else { 3394 if(!cfg_str2list_insert(&cfg_parser->cfg->tcp_connection_limits, $2, $3)) 3395 fatal_exit("out of memory adding tcp connection limit"); 3396 } 3397 } 3398 ; 3399 ipsetstart: VAR_IPSET 3400 { 3401 OUTYY(("\nP(ipset:)\n")); 3402 } 3403 ; 3404 contents_ipset: contents_ipset content_ipset 3405 | ; 3406 content_ipset: ipset_name_v4 | ipset_name_v6 3407 ; 3408 ipset_name_v4: VAR_IPSET_NAME_V4 STRING_ARG 3409 { 3410 #ifdef USE_IPSET 3411 OUTYY(("P(name-v4:%s)\n", $2)); 3412 if(cfg_parser->cfg->ipset_name_v4) 3413 yyerror("ipset name v4 override, there must be one " 3414 "name for ip v4"); 3415 free(cfg_parser->cfg->ipset_name_v4); 3416 cfg_parser->cfg->ipset_name_v4 = $2; 3417 #else 3418 OUTYY(("P(Compiled without ipset, ignoring)\n")); 3419 free($2); 3420 #endif 3421 } 3422 ; 3423 ipset_name_v6: VAR_IPSET_NAME_V6 STRING_ARG 3424 { 3425 #ifdef USE_IPSET 3426 OUTYY(("P(name-v6:%s)\n", $2)); 3427 if(cfg_parser->cfg->ipset_name_v6) 3428 yyerror("ipset name v6 override, there must be one " 3429 "name for ip v6"); 3430 free(cfg_parser->cfg->ipset_name_v6); 3431 cfg_parser->cfg->ipset_name_v6 = $2; 3432 #else 3433 OUTYY(("P(Compiled without ipset, ignoring)\n")); 3434 free($2); 3435 #endif 3436 } 3437 ; 3438%% 3439 3440/* parse helper routines could be here */ 3441static void 3442validate_respip_action(const char* action) 3443{ 3444 if(strcmp(action, "deny")!=0 && 3445 strcmp(action, "redirect")!=0 && 3446 strcmp(action, "inform")!=0 && 3447 strcmp(action, "inform_deny")!=0 && 3448 strcmp(action, "always_transparent")!=0 && 3449 strcmp(action, "always_refuse")!=0 && 3450 strcmp(action, "always_nxdomain")!=0) 3451 { 3452 yyerror("response-ip action: expected deny, redirect, " 3453 "inform, inform_deny, always_transparent, " 3454 "always_refuse or always_nxdomain"); 3455 } 3456} 3457 3458 3459