configparser.y revision 356345
1/* 2 * configparser.y -- yacc grammar for unbound configuration files 3 * 4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. 5 * 6 * Copyright (c) 2007, NLnet Labs. All rights reserved. 7 * 8 * This software is open source. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * Redistributions of source code must retain the above copyright notice, 15 * this list of conditions and the following disclaimer. 16 * 17 * Redistributions in binary form must reproduce the above copyright notice, 18 * this list of conditions and the following disclaimer in the documentation 19 * and/or other materials provided with the distribution. 20 * 21 * Neither the name of the NLNET LABS nor the names of its contributors may 22 * be used to endorse or promote products derived from this software without 23 * specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38%{ 39#include "config.h" 40 41#include <stdarg.h> 42#include <stdio.h> 43#include <string.h> 44#include <stdlib.h> 45#include <assert.h> 46 47#include "util/configyyrename.h" 48#include "util/config_file.h" 49#include "util/net_help.h" 50 51int ub_c_lex(void); 52void ub_c_error(const char *message); 53 54static void validate_respip_action(const char* action); 55 56/* these need to be global, otherwise they cannot be used inside yacc */ 57extern struct config_parser_state* cfg_parser; 58 59#if 0 60#define OUTYY(s) printf s /* used ONLY when debugging */ 61#else 62#define OUTYY(s) 63#endif 64 65%} 66%union { 67 char* str; 68}; 69 70%token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR 71%token <str> STRING_ARG 72%token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT 73%token VAR_OUTGOING_RANGE VAR_INTERFACE 74%token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP 75%token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT 76%token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT 77%token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE 78%token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD 79%token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP 80%token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS 81%token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME 82%token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY 83%token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES 84%token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR 85%token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION 86%token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF 87%token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE 88%token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE 89%token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE 90%token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE 91%token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG 92%token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST 93%token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL 94%token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC 95%token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID 96%token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT 97%token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR 98%token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS 99%token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE 100%token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE 101%token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE 102%token VAR_CONTROL_USE_CERT 103%token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT 104%token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII 105%token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN 106%token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL 107%token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN 108%token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH 109%token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN 110%token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS 111%token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM 112%token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST 113%token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE 114%token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN 115%token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE 116%token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES 117%token VAR_INFRA_CACHE_MIN_RTT 118%token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA 119%token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH 120%token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION 121%token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION 122%token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 123%token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 124%token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 125%token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 126%token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 127%token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 128%token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA 129%token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT 130%token VAR_DISABLE_DNSSEC_LAME_CHECK 131%token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE 132%token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE 133%token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN 134%token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR 135%token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE 136%token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE 137%token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6 138%token VAR_MIN_CLIENT_SUBNET_IPV4 VAR_MIN_CLIENT_SUBNET_IPV6 139%token VAR_MAX_ECS_TREE_SIZE_IPV4 VAR_MAX_ECS_TREE_SIZE_IPV6 140%token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN 141%token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND 142%token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG 143%token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION 144%token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW 145%token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_SERVE_EXPIRED_TTL 146%token VAR_SERVE_EXPIRED_TTL_RESET VAR_FAKE_DSA VAR_FAKE_SHA1 147%token VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR VAR_TRUST_ANCHOR_SIGNALING 148%token VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD VAR_SHM_ENABLE VAR_SHM_KEY 149%token VAR_ROOT_KEY_SENTINEL 150%token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER 151%token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT 152%token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 153%token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 154%token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 155%token VAR_DNSCRYPT_NONCE_CACHE_SIZE 156%token VAR_DNSCRYPT_NONCE_CACHE_SLABS 157%token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS 158%token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT 159%token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED 160%token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISTIMEOUT 161%token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM 162%token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM 163%token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL 164%token VAR_FAST_SERVER_PERMIL VAR_FAST_SERVER_NUM 165%token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT VAR_TCP_CONNECTION_LIMIT 166%token VAR_FORWARD_NO_CACHE VAR_STUB_NO_CACHE VAR_LOG_SERVFAIL VAR_DENY_ANY 167%token VAR_UNKNOWN_SERVER_TIME_LIMIT VAR_LOG_TAG_QUERYREPLY 168%token VAR_STREAM_WAIT_SIZE VAR_TLS_CIPHERS VAR_TLS_CIPHERSUITES 169%token VAR_TLS_SESSION_TICKET_KEYS 170%token VAR_IPSET VAR_IPSET_NAME_V4 VAR_IPSET_NAME_V6 171 172%% 173toplevelvars: /* empty */ | toplevelvars toplevelvar ; 174toplevelvar: serverstart contents_server | stubstart contents_stub | 175 forwardstart contents_forward | pythonstart contents_py | 176 rcstart contents_rc | dtstart contents_dt | viewstart contents_view | 177 dnscstart contents_dnsc | cachedbstart contents_cachedb | 178 ipsetstart contents_ipset | authstart contents_auth 179 ; 180 181/* server: declaration */ 182serverstart: VAR_SERVER 183 { 184 OUTYY(("\nP(server:)\n")); 185 } 186 ; 187contents_server: contents_server content_server 188 | ; 189content_server: server_num_threads | server_verbosity | server_port | 190 server_outgoing_range | server_do_ip4 | 191 server_do_ip6 | server_prefer_ip6 | 192 server_do_udp | server_do_tcp | 193 server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout | 194 server_tcp_keepalive | server_tcp_keepalive_timeout | 195 server_interface | server_chroot | server_username | 196 server_directory | server_logfile | server_pidfile | 197 server_msg_cache_size | server_msg_cache_slabs | 198 server_num_queries_per_thread | server_rrset_cache_size | 199 server_rrset_cache_slabs | server_outgoing_num_tcp | 200 server_infra_host_ttl | server_infra_lame_ttl | 201 server_infra_cache_slabs | server_infra_cache_numhosts | 202 server_infra_cache_lame_size | server_target_fetch_policy | 203 server_harden_short_bufsize | server_harden_large_queries | 204 server_do_not_query_address | server_hide_identity | 205 server_hide_version | server_identity | server_version | 206 server_harden_glue | server_module_conf | server_trust_anchor_file | 207 server_trust_anchor | server_val_override_date | server_bogus_ttl | 208 server_val_clean_additional | server_val_permissive_mode | 209 server_incoming_num_tcp | server_msg_buffer_size | 210 server_key_cache_size | server_key_cache_slabs | 211 server_trusted_keys_file | server_val_nsec3_keysize_iterations | 212 server_use_syslog | server_outgoing_interface | server_root_hints | 213 server_do_not_query_localhost | server_cache_max_ttl | 214 server_harden_dnssec_stripped | server_access_control | 215 server_local_zone | server_local_data | server_interface_automatic | 216 server_statistics_interval | server_do_daemonize | 217 server_use_caps_for_id | server_statistics_cumulative | 218 server_outgoing_port_permit | server_outgoing_port_avoid | 219 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size | 220 server_harden_referral_path | server_private_address | 221 server_private_domain | server_extended_statistics | 222 server_local_data_ptr | server_jostle_timeout | 223 server_unwanted_reply_threshold | server_log_time_ascii | 224 server_domain_insecure | server_val_sig_skew_min | 225 server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level | 226 server_auto_trust_anchor_file | server_add_holddown | 227 server_del_holddown | server_keep_missing | server_so_rcvbuf | 228 server_edns_buffer_size | server_prefetch | server_prefetch_key | 229 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag | 230 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream | 231 server_log_local_actions | 232 server_ssl_service_key | server_ssl_service_pem | server_ssl_port | 233 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size | 234 server_so_reuseport | server_delay_close | 235 server_unblock_lan_zones | server_insecure_lan_zones | 236 server_dns64_prefix | server_dns64_synthall | server_dns64_ignore_aaaa | 237 server_infra_cache_min_rtt | server_harden_algo_downgrade | 238 server_ip_transparent | server_ip_ratelimit | server_ratelimit | 239 server_ip_ratelimit_slabs | server_ratelimit_slabs | 240 server_ip_ratelimit_size | server_ratelimit_size | 241 server_ratelimit_for_domain | 242 server_ratelimit_below_domain | server_ratelimit_factor | 243 server_ip_ratelimit_factor | server_send_client_subnet | 244 server_client_subnet_zone | server_client_subnet_always_forward | 245 server_client_subnet_opcode | 246 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 | 247 server_min_client_subnet_ipv4 | server_min_client_subnet_ipv6 | 248 server_max_ecs_tree_size_ipv4 | server_max_ecs_tree_size_ipv6 | 249 server_caps_whitelist | server_cache_max_negative_ttl | 250 server_permit_small_holddown | server_qname_minimisation | 251 server_ip_freebind | server_define_tag | server_local_zone_tag | 252 server_disable_dnssec_lame_check | server_access_control_tag | 253 server_local_zone_override | server_access_control_tag_action | 254 server_access_control_tag_data | server_access_control_view | 255 server_qname_minimisation_strict | server_serve_expired | 256 server_serve_expired_ttl | server_serve_expired_ttl_reset | 257 server_fake_dsa | server_log_identity | server_use_systemd | 258 server_response_ip_tag | server_response_ip | server_response_ip_data | 259 server_shm_enable | server_shm_key | server_fake_sha1 | 260 server_hide_trustanchor | server_trust_anchor_signaling | 261 server_root_key_sentinel | 262 server_ipsecmod_enabled | server_ipsecmod_hook | 263 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl | 264 server_ipsecmod_whitelist | server_ipsecmod_strict | 265 server_udp_upstream_without_downstream | server_aggressive_nsec | 266 server_tls_cert_bundle | server_tls_additional_port | server_low_rtt | 267 server_fast_server_permil | server_fast_server_num | server_tls_win_cert | 268 server_tcp_connection_limit | server_log_servfail | server_deny_any | 269 server_unknown_server_time_limit | server_log_tag_queryreply | 270 server_stream_wait_size | server_tls_ciphers | 271 server_tls_ciphersuites | server_tls_session_ticket_keys 272 ; 273stubstart: VAR_STUB_ZONE 274 { 275 struct config_stub* s; 276 OUTYY(("\nP(stub_zone:)\n")); 277 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 278 if(s) { 279 s->next = cfg_parser->cfg->stubs; 280 cfg_parser->cfg->stubs = s; 281 } else 282 yyerror("out of memory"); 283 } 284 ; 285contents_stub: contents_stub content_stub 286 | ; 287content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first | 288 stub_no_cache | stub_ssl_upstream 289 ; 290forwardstart: VAR_FORWARD_ZONE 291 { 292 struct config_stub* s; 293 OUTYY(("\nP(forward_zone:)\n")); 294 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 295 if(s) { 296 s->next = cfg_parser->cfg->forwards; 297 cfg_parser->cfg->forwards = s; 298 } else 299 yyerror("out of memory"); 300 } 301 ; 302contents_forward: contents_forward content_forward 303 | ; 304content_forward: forward_name | forward_host | forward_addr | forward_first | 305 forward_no_cache | forward_ssl_upstream 306 ; 307viewstart: VAR_VIEW 308 { 309 struct config_view* s; 310 OUTYY(("\nP(view:)\n")); 311 s = (struct config_view*)calloc(1, sizeof(struct config_view)); 312 if(s) { 313 s->next = cfg_parser->cfg->views; 314 if(s->next && !s->next->name) 315 yyerror("view without name"); 316 cfg_parser->cfg->views = s; 317 } else 318 yyerror("out of memory"); 319 } 320 ; 321contents_view: contents_view content_view 322 | ; 323content_view: view_name | view_local_zone | view_local_data | view_first | 324 view_response_ip | view_response_ip_data | view_local_data_ptr 325 ; 326authstart: VAR_AUTH_ZONE 327 { 328 struct config_auth* s; 329 OUTYY(("\nP(auth_zone:)\n")); 330 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 331 if(s) { 332 s->next = cfg_parser->cfg->auths; 333 cfg_parser->cfg->auths = s; 334 /* defaults for auth zone */ 335 s->for_downstream = 1; 336 s->for_upstream = 1; 337 s->fallback_enabled = 0; 338 } else 339 yyerror("out of memory"); 340 } 341 ; 342contents_auth: contents_auth content_auth 343 | ; 344content_auth: auth_name | auth_zonefile | auth_master | auth_url | 345 auth_for_downstream | auth_for_upstream | auth_fallback_enabled | 346 auth_allow_notify 347 ; 348server_num_threads: VAR_NUM_THREADS STRING_ARG 349 { 350 OUTYY(("P(server_num_threads:%s)\n", $2)); 351 if(atoi($2) == 0 && strcmp($2, "0") != 0) 352 yyerror("number expected"); 353 else cfg_parser->cfg->num_threads = atoi($2); 354 free($2); 355 } 356 ; 357server_verbosity: VAR_VERBOSITY STRING_ARG 358 { 359 OUTYY(("P(server_verbosity:%s)\n", $2)); 360 if(atoi($2) == 0 && strcmp($2, "0") != 0) 361 yyerror("number expected"); 362 else cfg_parser->cfg->verbosity = atoi($2); 363 free($2); 364 } 365 ; 366server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG 367 { 368 OUTYY(("P(server_statistics_interval:%s)\n", $2)); 369 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 370 cfg_parser->cfg->stat_interval = 0; 371 else if(atoi($2) == 0) 372 yyerror("number expected"); 373 else cfg_parser->cfg->stat_interval = atoi($2); 374 free($2); 375 } 376 ; 377server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG 378 { 379 OUTYY(("P(server_statistics_cumulative:%s)\n", $2)); 380 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 381 yyerror("expected yes or no."); 382 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0); 383 free($2); 384 } 385 ; 386server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG 387 { 388 OUTYY(("P(server_extended_statistics:%s)\n", $2)); 389 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 390 yyerror("expected yes or no."); 391 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0); 392 free($2); 393 } 394 ; 395server_shm_enable: VAR_SHM_ENABLE STRING_ARG 396 { 397 OUTYY(("P(server_shm_enable:%s)\n", $2)); 398 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 399 yyerror("expected yes or no."); 400 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0); 401 free($2); 402 } 403 ; 404server_shm_key: VAR_SHM_KEY STRING_ARG 405 { 406 OUTYY(("P(server_shm_key:%s)\n", $2)); 407 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 408 cfg_parser->cfg->shm_key = 0; 409 else if(atoi($2) == 0) 410 yyerror("number expected"); 411 else cfg_parser->cfg->shm_key = atoi($2); 412 free($2); 413 } 414 ; 415server_port: VAR_PORT STRING_ARG 416 { 417 OUTYY(("P(server_port:%s)\n", $2)); 418 if(atoi($2) == 0) 419 yyerror("port number expected"); 420 else cfg_parser->cfg->port = atoi($2); 421 free($2); 422 } 423 ; 424server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG 425 { 426 #ifdef CLIENT_SUBNET 427 OUTYY(("P(server_send_client_subnet:%s)\n", $2)); 428 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2)) 429 fatal_exit("out of memory adding client-subnet"); 430 #else 431 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 432 #endif 433 } 434 ; 435server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG 436 { 437 #ifdef CLIENT_SUBNET 438 OUTYY(("P(server_client_subnet_zone:%s)\n", $2)); 439 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone, 440 $2)) 441 fatal_exit("out of memory adding client-subnet-zone"); 442 #else 443 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 444 #endif 445 } 446 ; 447server_client_subnet_always_forward: 448 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG 449 { 450 #ifdef CLIENT_SUBNET 451 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2)); 452 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 453 yyerror("expected yes or no."); 454 else 455 cfg_parser->cfg->client_subnet_always_forward = 456 (strcmp($2, "yes")==0); 457 #else 458 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 459 #endif 460 free($2); 461 } 462 ; 463server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG 464 { 465 #ifdef CLIENT_SUBNET 466 OUTYY(("P(client_subnet_opcode:%s)\n", $2)); 467 OUTYY(("P(Deprecated option, ignoring)\n")); 468 #else 469 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 470 #endif 471 free($2); 472 } 473 ; 474server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG 475 { 476 #ifdef CLIENT_SUBNET 477 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2)); 478 if(atoi($2) == 0 && strcmp($2, "0") != 0) 479 yyerror("IPv4 subnet length expected"); 480 else if (atoi($2) > 32) 481 cfg_parser->cfg->max_client_subnet_ipv4 = 32; 482 else if (atoi($2) < 0) 483 cfg_parser->cfg->max_client_subnet_ipv4 = 0; 484 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2); 485 #else 486 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 487 #endif 488 free($2); 489 } 490 ; 491server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG 492 { 493 #ifdef CLIENT_SUBNET 494 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2)); 495 if(atoi($2) == 0 && strcmp($2, "0") != 0) 496 yyerror("Ipv6 subnet length expected"); 497 else if (atoi($2) > 128) 498 cfg_parser->cfg->max_client_subnet_ipv6 = 128; 499 else if (atoi($2) < 0) 500 cfg_parser->cfg->max_client_subnet_ipv6 = 0; 501 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2); 502 #else 503 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 504 #endif 505 free($2); 506 } 507 ; 508server_min_client_subnet_ipv4: VAR_MIN_CLIENT_SUBNET_IPV4 STRING_ARG 509 { 510 #ifdef CLIENT_SUBNET 511 OUTYY(("P(min_client_subnet_ipv4:%s)\n", $2)); 512 if(atoi($2) == 0 && strcmp($2, "0") != 0) 513 yyerror("IPv4 subnet length expected"); 514 else if (atoi($2) > 32) 515 cfg_parser->cfg->min_client_subnet_ipv4 = 32; 516 else if (atoi($2) < 0) 517 cfg_parser->cfg->min_client_subnet_ipv4 = 0; 518 else cfg_parser->cfg->min_client_subnet_ipv4 = (uint8_t)atoi($2); 519 #else 520 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 521 #endif 522 free($2); 523 } 524 ; 525server_min_client_subnet_ipv6: VAR_MIN_CLIENT_SUBNET_IPV6 STRING_ARG 526 { 527 #ifdef CLIENT_SUBNET 528 OUTYY(("P(min_client_subnet_ipv6:%s)\n", $2)); 529 if(atoi($2) == 0 && strcmp($2, "0") != 0) 530 yyerror("Ipv6 subnet length expected"); 531 else if (atoi($2) > 128) 532 cfg_parser->cfg->min_client_subnet_ipv6 = 128; 533 else if (atoi($2) < 0) 534 cfg_parser->cfg->min_client_subnet_ipv6 = 0; 535 else cfg_parser->cfg->min_client_subnet_ipv6 = (uint8_t)atoi($2); 536 #else 537 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 538 #endif 539 free($2); 540 } 541 ; 542server_max_ecs_tree_size_ipv4: VAR_MAX_ECS_TREE_SIZE_IPV4 STRING_ARG 543 { 544 #ifdef CLIENT_SUBNET 545 OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", $2)); 546 if(atoi($2) == 0 && strcmp($2, "0") != 0) 547 yyerror("IPv4 ECS tree size expected"); 548 else if (atoi($2) < 0) 549 cfg_parser->cfg->max_ecs_tree_size_ipv4 = 0; 550 else cfg_parser->cfg->max_ecs_tree_size_ipv4 = (uint32_t)atoi($2); 551 #else 552 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 553 #endif 554 free($2); 555 } 556 ; 557server_max_ecs_tree_size_ipv6: VAR_MAX_ECS_TREE_SIZE_IPV6 STRING_ARG 558 { 559 #ifdef CLIENT_SUBNET 560 OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", $2)); 561 if(atoi($2) == 0 && strcmp($2, "0") != 0) 562 yyerror("IPv6 ECS tree size expected"); 563 else if (atoi($2) < 0) 564 cfg_parser->cfg->max_ecs_tree_size_ipv6 = 0; 565 else cfg_parser->cfg->max_ecs_tree_size_ipv6 = (uint32_t)atoi($2); 566 #else 567 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 568 #endif 569 free($2); 570 } 571 ; 572server_interface: VAR_INTERFACE STRING_ARG 573 { 574 OUTYY(("P(server_interface:%s)\n", $2)); 575 if(cfg_parser->cfg->num_ifs == 0) 576 cfg_parser->cfg->ifs = calloc(1, sizeof(char*)); 577 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs, 578 (cfg_parser->cfg->num_ifs+1)*sizeof(char*)); 579 if(!cfg_parser->cfg->ifs) 580 yyerror("out of memory"); 581 else 582 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2; 583 } 584 ; 585server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG 586 { 587 OUTYY(("P(server_outgoing_interface:%s)\n", $2)); 588 if(cfg_parser->cfg->num_out_ifs == 0) 589 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*)); 590 else cfg_parser->cfg->out_ifs = realloc( 591 cfg_parser->cfg->out_ifs, 592 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*)); 593 if(!cfg_parser->cfg->out_ifs) 594 yyerror("out of memory"); 595 else 596 cfg_parser->cfg->out_ifs[ 597 cfg_parser->cfg->num_out_ifs++] = $2; 598 } 599 ; 600server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG 601 { 602 OUTYY(("P(server_outgoing_range:%s)\n", $2)); 603 if(atoi($2) == 0) 604 yyerror("number expected"); 605 else cfg_parser->cfg->outgoing_num_ports = atoi($2); 606 free($2); 607 } 608 ; 609server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG 610 { 611 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2)); 612 if(!cfg_mark_ports($2, 1, 613 cfg_parser->cfg->outgoing_avail_ports, 65536)) 614 yyerror("port number or range (\"low-high\") expected"); 615 free($2); 616 } 617 ; 618server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG 619 { 620 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2)); 621 if(!cfg_mark_ports($2, 0, 622 cfg_parser->cfg->outgoing_avail_ports, 65536)) 623 yyerror("port number or range (\"low-high\") expected"); 624 free($2); 625 } 626 ; 627server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG 628 { 629 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2)); 630 if(atoi($2) == 0 && strcmp($2, "0") != 0) 631 yyerror("number expected"); 632 else cfg_parser->cfg->outgoing_num_tcp = atoi($2); 633 free($2); 634 } 635 ; 636server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG 637 { 638 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2)); 639 if(atoi($2) == 0 && strcmp($2, "0") != 0) 640 yyerror("number expected"); 641 else cfg_parser->cfg->incoming_num_tcp = atoi($2); 642 free($2); 643 } 644 ; 645server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG 646 { 647 OUTYY(("P(server_interface_automatic:%s)\n", $2)); 648 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 649 yyerror("expected yes or no."); 650 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0); 651 free($2); 652 } 653 ; 654server_do_ip4: VAR_DO_IP4 STRING_ARG 655 { 656 OUTYY(("P(server_do_ip4:%s)\n", $2)); 657 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 658 yyerror("expected yes or no."); 659 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0); 660 free($2); 661 } 662 ; 663server_do_ip6: VAR_DO_IP6 STRING_ARG 664 { 665 OUTYY(("P(server_do_ip6:%s)\n", $2)); 666 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 667 yyerror("expected yes or no."); 668 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0); 669 free($2); 670 } 671 ; 672server_do_udp: VAR_DO_UDP STRING_ARG 673 { 674 OUTYY(("P(server_do_udp:%s)\n", $2)); 675 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 676 yyerror("expected yes or no."); 677 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0); 678 free($2); 679 } 680 ; 681server_do_tcp: VAR_DO_TCP STRING_ARG 682 { 683 OUTYY(("P(server_do_tcp:%s)\n", $2)); 684 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 685 yyerror("expected yes or no."); 686 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0); 687 free($2); 688 } 689 ; 690server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG 691 { 692 OUTYY(("P(server_prefer_ip6:%s)\n", $2)); 693 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 694 yyerror("expected yes or no."); 695 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0); 696 free($2); 697 } 698 ; 699server_tcp_mss: VAR_TCP_MSS STRING_ARG 700 { 701 OUTYY(("P(server_tcp_mss:%s)\n", $2)); 702 if(atoi($2) == 0 && strcmp($2, "0") != 0) 703 yyerror("number expected"); 704 else cfg_parser->cfg->tcp_mss = atoi($2); 705 free($2); 706 } 707 ; 708server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG 709 { 710 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2)); 711 if(atoi($2) == 0 && strcmp($2, "0") != 0) 712 yyerror("number expected"); 713 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2); 714 free($2); 715 } 716 ; 717server_tcp_idle_timeout: VAR_TCP_IDLE_TIMEOUT STRING_ARG 718 { 719 OUTYY(("P(server_tcp_idle_timeout:%s)\n", $2)); 720 if(atoi($2) == 0 && strcmp($2, "0") != 0) 721 yyerror("number expected"); 722 else if (atoi($2) > 120000) 723 cfg_parser->cfg->tcp_idle_timeout = 120000; 724 else if (atoi($2) < 1) 725 cfg_parser->cfg->tcp_idle_timeout = 1; 726 else cfg_parser->cfg->tcp_idle_timeout = atoi($2); 727 free($2); 728 } 729 ; 730server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG 731 { 732 OUTYY(("P(server_tcp_keepalive:%s)\n", $2)); 733 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 734 yyerror("expected yes or no."); 735 else cfg_parser->cfg->do_tcp_keepalive = (strcmp($2, "yes")==0); 736 free($2); 737 } 738 ; 739server_tcp_keepalive_timeout: VAR_EDNS_TCP_KEEPALIVE_TIMEOUT STRING_ARG 740 { 741 OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", $2)); 742 if(atoi($2) == 0 && strcmp($2, "0") != 0) 743 yyerror("number expected"); 744 else if (atoi($2) > 6553500) 745 cfg_parser->cfg->tcp_keepalive_timeout = 6553500; 746 else if (atoi($2) < 1) 747 cfg_parser->cfg->tcp_keepalive_timeout = 0; 748 else cfg_parser->cfg->tcp_keepalive_timeout = atoi($2); 749 free($2); 750 } 751 ; 752server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG 753 { 754 OUTYY(("P(server_tcp_upstream:%s)\n", $2)); 755 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 756 yyerror("expected yes or no."); 757 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0); 758 free($2); 759 } 760 ; 761server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG 762 { 763 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2)); 764 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 765 yyerror("expected yes or no."); 766 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0); 767 free($2); 768 } 769 ; 770server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG 771 { 772 OUTYY(("P(server_ssl_upstream:%s)\n", $2)); 773 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 774 yyerror("expected yes or no."); 775 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0); 776 free($2); 777 } 778 ; 779server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG 780 { 781 OUTYY(("P(server_ssl_service_key:%s)\n", $2)); 782 free(cfg_parser->cfg->ssl_service_key); 783 cfg_parser->cfg->ssl_service_key = $2; 784 } 785 ; 786server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG 787 { 788 OUTYY(("P(server_ssl_service_pem:%s)\n", $2)); 789 free(cfg_parser->cfg->ssl_service_pem); 790 cfg_parser->cfg->ssl_service_pem = $2; 791 } 792 ; 793server_ssl_port: VAR_SSL_PORT STRING_ARG 794 { 795 OUTYY(("P(server_ssl_port:%s)\n", $2)); 796 if(atoi($2) == 0) 797 yyerror("port number expected"); 798 else cfg_parser->cfg->ssl_port = atoi($2); 799 free($2); 800 } 801 ; 802server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG 803 { 804 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2)); 805 free(cfg_parser->cfg->tls_cert_bundle); 806 cfg_parser->cfg->tls_cert_bundle = $2; 807 } 808 ; 809server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG 810 { 811 OUTYY(("P(server_tls_win_cert:%s)\n", $2)); 812 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 813 yyerror("expected yes or no."); 814 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0); 815 free($2); 816 } 817 ; 818server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG 819 { 820 OUTYY(("P(server_tls_additional_port:%s)\n", $2)); 821 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port, 822 $2)) 823 yyerror("out of memory"); 824 } 825 ; 826server_tls_ciphers: VAR_TLS_CIPHERS STRING_ARG 827 { 828 OUTYY(("P(server_tls_ciphers:%s)\n", $2)); 829 free(cfg_parser->cfg->tls_ciphers); 830 cfg_parser->cfg->tls_ciphers = $2; 831 } 832 ; 833server_tls_ciphersuites: VAR_TLS_CIPHERSUITES STRING_ARG 834 { 835 OUTYY(("P(server_tls_ciphersuites:%s)\n", $2)); 836 free(cfg_parser->cfg->tls_ciphersuites); 837 cfg_parser->cfg->tls_ciphersuites = $2; 838 } 839 ; 840server_tls_session_ticket_keys: VAR_TLS_SESSION_TICKET_KEYS STRING_ARG 841 { 842 OUTYY(("P(server_tls_session_ticket_keys:%s)\n", $2)); 843 if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys, 844 $2)) 845 yyerror("out of memory"); 846 } 847 ; 848server_use_systemd: VAR_USE_SYSTEMD STRING_ARG 849 { 850 OUTYY(("P(server_use_systemd:%s)\n", $2)); 851 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 852 yyerror("expected yes or no."); 853 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0); 854 free($2); 855 } 856 ; 857server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG 858 { 859 OUTYY(("P(server_do_daemonize:%s)\n", $2)); 860 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 861 yyerror("expected yes or no."); 862 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0); 863 free($2); 864 } 865 ; 866server_use_syslog: VAR_USE_SYSLOG STRING_ARG 867 { 868 OUTYY(("P(server_use_syslog:%s)\n", $2)); 869 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 870 yyerror("expected yes or no."); 871 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0); 872#if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS) 873 if(strcmp($2, "yes") == 0) 874 yyerror("no syslog services are available. " 875 "(reconfigure and compile to add)"); 876#endif 877 free($2); 878 } 879 ; 880server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG 881 { 882 OUTYY(("P(server_log_time_ascii:%s)\n", $2)); 883 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 884 yyerror("expected yes or no."); 885 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0); 886 free($2); 887 } 888 ; 889server_log_queries: VAR_LOG_QUERIES STRING_ARG 890 { 891 OUTYY(("P(server_log_queries:%s)\n", $2)); 892 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 893 yyerror("expected yes or no."); 894 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0); 895 free($2); 896 } 897 ; 898server_log_replies: VAR_LOG_REPLIES STRING_ARG 899 { 900 OUTYY(("P(server_log_replies:%s)\n", $2)); 901 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 902 yyerror("expected yes or no."); 903 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0); 904 free($2); 905 } 906 ; 907server_log_tag_queryreply: VAR_LOG_TAG_QUERYREPLY STRING_ARG 908 { 909 OUTYY(("P(server_log_tag_queryreply:%s)\n", $2)); 910 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 911 yyerror("expected yes or no."); 912 else cfg_parser->cfg->log_tag_queryreply = (strcmp($2, "yes")==0); 913 free($2); 914 } 915 ; 916server_log_servfail: VAR_LOG_SERVFAIL STRING_ARG 917 { 918 OUTYY(("P(server_log_servfail:%s)\n", $2)); 919 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 920 yyerror("expected yes or no."); 921 else cfg_parser->cfg->log_servfail = (strcmp($2, "yes")==0); 922 free($2); 923 } 924 ; 925server_log_local_actions: VAR_LOG_LOCAL_ACTIONS STRING_ARG 926 { 927 OUTYY(("P(server_log_local_actions:%s)\n", $2)); 928 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 929 yyerror("expected yes or no."); 930 else cfg_parser->cfg->log_local_actions = (strcmp($2, "yes")==0); 931 free($2); 932 } 933 ; 934server_chroot: VAR_CHROOT STRING_ARG 935 { 936 OUTYY(("P(server_chroot:%s)\n", $2)); 937 free(cfg_parser->cfg->chrootdir); 938 cfg_parser->cfg->chrootdir = $2; 939 } 940 ; 941server_username: VAR_USERNAME STRING_ARG 942 { 943 OUTYY(("P(server_username:%s)\n", $2)); 944 free(cfg_parser->cfg->username); 945 cfg_parser->cfg->username = $2; 946 } 947 ; 948server_directory: VAR_DIRECTORY STRING_ARG 949 { 950 OUTYY(("P(server_directory:%s)\n", $2)); 951 free(cfg_parser->cfg->directory); 952 cfg_parser->cfg->directory = $2; 953 /* change there right away for includes relative to this */ 954 if($2[0]) { 955 char* d; 956#ifdef UB_ON_WINDOWS 957 w_config_adjust_directory(cfg_parser->cfg); 958#endif 959 d = cfg_parser->cfg->directory; 960 /* adjust directory if we have already chroot, 961 * like, we reread after sighup */ 962 if(cfg_parser->chroot && cfg_parser->chroot[0] && 963 strncmp(d, cfg_parser->chroot, strlen( 964 cfg_parser->chroot)) == 0) 965 d += strlen(cfg_parser->chroot); 966 if(d[0]) { 967 if(chdir(d)) 968 log_err("cannot chdir to directory: %s (%s)", 969 d, strerror(errno)); 970 } 971 } 972 } 973 ; 974server_logfile: VAR_LOGFILE STRING_ARG 975 { 976 OUTYY(("P(server_logfile:%s)\n", $2)); 977 free(cfg_parser->cfg->logfile); 978 cfg_parser->cfg->logfile = $2; 979 cfg_parser->cfg->use_syslog = 0; 980 } 981 ; 982server_pidfile: VAR_PIDFILE STRING_ARG 983 { 984 OUTYY(("P(server_pidfile:%s)\n", $2)); 985 free(cfg_parser->cfg->pidfile); 986 cfg_parser->cfg->pidfile = $2; 987 } 988 ; 989server_root_hints: VAR_ROOT_HINTS STRING_ARG 990 { 991 OUTYY(("P(server_root_hints:%s)\n", $2)); 992 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2)) 993 yyerror("out of memory"); 994 } 995 ; 996server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG 997 { 998 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2)); 999 free(cfg_parser->cfg->dlv_anchor_file); 1000 cfg_parser->cfg->dlv_anchor_file = $2; 1001 } 1002 ; 1003server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG 1004 { 1005 OUTYY(("P(server_dlv_anchor:%s)\n", $2)); 1006 if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, $2)) 1007 yyerror("out of memory"); 1008 } 1009 ; 1010server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG 1011 { 1012 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2)); 1013 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1014 auto_trust_anchor_file_list, $2)) 1015 yyerror("out of memory"); 1016 } 1017 ; 1018server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG 1019 { 1020 OUTYY(("P(server_trust_anchor_file:%s)\n", $2)); 1021 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1022 trust_anchor_file_list, $2)) 1023 yyerror("out of memory"); 1024 } 1025 ; 1026server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG 1027 { 1028 OUTYY(("P(server_trusted_keys_file:%s)\n", $2)); 1029 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1030 trusted_keys_file_list, $2)) 1031 yyerror("out of memory"); 1032 } 1033 ; 1034server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG 1035 { 1036 OUTYY(("P(server_trust_anchor:%s)\n", $2)); 1037 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2)) 1038 yyerror("out of memory"); 1039 } 1040 ; 1041server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG 1042 { 1043 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2)); 1044 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1045 yyerror("expected yes or no."); 1046 else 1047 cfg_parser->cfg->trust_anchor_signaling = 1048 (strcmp($2, "yes")==0); 1049 free($2); 1050 } 1051 ; 1052server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG 1053 { 1054 OUTYY(("P(server_root_key_sentinel:%s)\n", $2)); 1055 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1056 yyerror("expected yes or no."); 1057 else 1058 cfg_parser->cfg->root_key_sentinel = 1059 (strcmp($2, "yes")==0); 1060 free($2); 1061 } 1062 ; 1063server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG 1064 { 1065 OUTYY(("P(server_domain_insecure:%s)\n", $2)); 1066 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2)) 1067 yyerror("out of memory"); 1068 } 1069 ; 1070server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG 1071 { 1072 OUTYY(("P(server_hide_identity:%s)\n", $2)); 1073 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1074 yyerror("expected yes or no."); 1075 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0); 1076 free($2); 1077 } 1078 ; 1079server_hide_version: VAR_HIDE_VERSION STRING_ARG 1080 { 1081 OUTYY(("P(server_hide_version:%s)\n", $2)); 1082 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1083 yyerror("expected yes or no."); 1084 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0); 1085 free($2); 1086 } 1087 ; 1088server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG 1089 { 1090 OUTYY(("P(server_hide_trustanchor:%s)\n", $2)); 1091 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1092 yyerror("expected yes or no."); 1093 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0); 1094 free($2); 1095 } 1096 ; 1097server_identity: VAR_IDENTITY STRING_ARG 1098 { 1099 OUTYY(("P(server_identity:%s)\n", $2)); 1100 free(cfg_parser->cfg->identity); 1101 cfg_parser->cfg->identity = $2; 1102 } 1103 ; 1104server_version: VAR_VERSION STRING_ARG 1105 { 1106 OUTYY(("P(server_version:%s)\n", $2)); 1107 free(cfg_parser->cfg->version); 1108 cfg_parser->cfg->version = $2; 1109 } 1110 ; 1111server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG 1112 { 1113 OUTYY(("P(server_so_rcvbuf:%s)\n", $2)); 1114 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf)) 1115 yyerror("buffer size expected"); 1116 free($2); 1117 } 1118 ; 1119server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG 1120 { 1121 OUTYY(("P(server_so_sndbuf:%s)\n", $2)); 1122 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf)) 1123 yyerror("buffer size expected"); 1124 free($2); 1125 } 1126 ; 1127server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG 1128 { 1129 OUTYY(("P(server_so_reuseport:%s)\n", $2)); 1130 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1131 yyerror("expected yes or no."); 1132 else cfg_parser->cfg->so_reuseport = 1133 (strcmp($2, "yes")==0); 1134 free($2); 1135 } 1136 ; 1137server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG 1138 { 1139 OUTYY(("P(server_ip_transparent:%s)\n", $2)); 1140 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1141 yyerror("expected yes or no."); 1142 else cfg_parser->cfg->ip_transparent = 1143 (strcmp($2, "yes")==0); 1144 free($2); 1145 } 1146 ; 1147server_ip_freebind: VAR_IP_FREEBIND STRING_ARG 1148 { 1149 OUTYY(("P(server_ip_freebind:%s)\n", $2)); 1150 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1151 yyerror("expected yes or no."); 1152 else cfg_parser->cfg->ip_freebind = 1153 (strcmp($2, "yes")==0); 1154 free($2); 1155 } 1156 ; 1157server_stream_wait_size: VAR_STREAM_WAIT_SIZE STRING_ARG 1158 { 1159 OUTYY(("P(server_stream_wait_size:%s)\n", $2)); 1160 if(!cfg_parse_memsize($2, &cfg_parser->cfg->stream_wait_size)) 1161 yyerror("memory size expected"); 1162 free($2); 1163 } 1164 ; 1165server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG 1166 { 1167 OUTYY(("P(server_edns_buffer_size:%s)\n", $2)); 1168 if(atoi($2) == 0) 1169 yyerror("number expected"); 1170 else if (atoi($2) < 12) 1171 yyerror("edns buffer size too small"); 1172 else if (atoi($2) > 65535) 1173 cfg_parser->cfg->edns_buffer_size = 65535; 1174 else cfg_parser->cfg->edns_buffer_size = atoi($2); 1175 free($2); 1176 } 1177 ; 1178server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG 1179 { 1180 OUTYY(("P(server_msg_buffer_size:%s)\n", $2)); 1181 if(atoi($2) == 0) 1182 yyerror("number expected"); 1183 else if (atoi($2) < 4096) 1184 yyerror("message buffer size too small (use 4096)"); 1185 else cfg_parser->cfg->msg_buffer_size = atoi($2); 1186 free($2); 1187 } 1188 ; 1189server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG 1190 { 1191 OUTYY(("P(server_msg_cache_size:%s)\n", $2)); 1192 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size)) 1193 yyerror("memory size expected"); 1194 free($2); 1195 } 1196 ; 1197server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG 1198 { 1199 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2)); 1200 if(atoi($2) == 0) 1201 yyerror("number expected"); 1202 else { 1203 cfg_parser->cfg->msg_cache_slabs = atoi($2); 1204 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs)) 1205 yyerror("must be a power of 2"); 1206 } 1207 free($2); 1208 } 1209 ; 1210server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG 1211 { 1212 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2)); 1213 if(atoi($2) == 0) 1214 yyerror("number expected"); 1215 else cfg_parser->cfg->num_queries_per_thread = atoi($2); 1216 free($2); 1217 } 1218 ; 1219server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG 1220 { 1221 OUTYY(("P(server_jostle_timeout:%s)\n", $2)); 1222 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1223 yyerror("number expected"); 1224 else cfg_parser->cfg->jostle_time = atoi($2); 1225 free($2); 1226 } 1227 ; 1228server_delay_close: VAR_DELAY_CLOSE STRING_ARG 1229 { 1230 OUTYY(("P(server_delay_close:%s)\n", $2)); 1231 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1232 yyerror("number expected"); 1233 else cfg_parser->cfg->delay_close = atoi($2); 1234 free($2); 1235 } 1236 ; 1237server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG 1238 { 1239 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2)); 1240 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1241 yyerror("expected yes or no."); 1242 else cfg_parser->cfg->unblock_lan_zones = 1243 (strcmp($2, "yes")==0); 1244 free($2); 1245 } 1246 ; 1247server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG 1248 { 1249 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2)); 1250 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1251 yyerror("expected yes or no."); 1252 else cfg_parser->cfg->insecure_lan_zones = 1253 (strcmp($2, "yes")==0); 1254 free($2); 1255 } 1256 ; 1257server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG 1258 { 1259 OUTYY(("P(server_rrset_cache_size:%s)\n", $2)); 1260 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size)) 1261 yyerror("memory size expected"); 1262 free($2); 1263 } 1264 ; 1265server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG 1266 { 1267 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2)); 1268 if(atoi($2) == 0) 1269 yyerror("number expected"); 1270 else { 1271 cfg_parser->cfg->rrset_cache_slabs = atoi($2); 1272 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs)) 1273 yyerror("must be a power of 2"); 1274 } 1275 free($2); 1276 } 1277 ; 1278server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG 1279 { 1280 OUTYY(("P(server_infra_host_ttl:%s)\n", $2)); 1281 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1282 yyerror("number expected"); 1283 else cfg_parser->cfg->host_ttl = atoi($2); 1284 free($2); 1285 } 1286 ; 1287server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG 1288 { 1289 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2)); 1290 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option " 1291 "removed, use infra-host-ttl)", $2); 1292 free($2); 1293 } 1294 ; 1295server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG 1296 { 1297 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2)); 1298 if(atoi($2) == 0) 1299 yyerror("number expected"); 1300 else cfg_parser->cfg->infra_cache_numhosts = atoi($2); 1301 free($2); 1302 } 1303 ; 1304server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG 1305 { 1306 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2)); 1307 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s " 1308 "(option removed, use infra-cache-numhosts)", $2); 1309 free($2); 1310 } 1311 ; 1312server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG 1313 { 1314 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2)); 1315 if(atoi($2) == 0) 1316 yyerror("number expected"); 1317 else { 1318 cfg_parser->cfg->infra_cache_slabs = atoi($2); 1319 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs)) 1320 yyerror("must be a power of 2"); 1321 } 1322 free($2); 1323 } 1324 ; 1325server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG 1326 { 1327 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2)); 1328 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1329 yyerror("number expected"); 1330 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2); 1331 free($2); 1332 } 1333 ; 1334server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG 1335 { 1336 OUTYY(("P(server_target_fetch_policy:%s)\n", $2)); 1337 free(cfg_parser->cfg->target_fetch_policy); 1338 cfg_parser->cfg->target_fetch_policy = $2; 1339 } 1340 ; 1341server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG 1342 { 1343 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2)); 1344 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1345 yyerror("expected yes or no."); 1346 else cfg_parser->cfg->harden_short_bufsize = 1347 (strcmp($2, "yes")==0); 1348 free($2); 1349 } 1350 ; 1351server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG 1352 { 1353 OUTYY(("P(server_harden_large_queries:%s)\n", $2)); 1354 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1355 yyerror("expected yes or no."); 1356 else cfg_parser->cfg->harden_large_queries = 1357 (strcmp($2, "yes")==0); 1358 free($2); 1359 } 1360 ; 1361server_harden_glue: VAR_HARDEN_GLUE STRING_ARG 1362 { 1363 OUTYY(("P(server_harden_glue:%s)\n", $2)); 1364 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1365 yyerror("expected yes or no."); 1366 else cfg_parser->cfg->harden_glue = 1367 (strcmp($2, "yes")==0); 1368 free($2); 1369 } 1370 ; 1371server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG 1372 { 1373 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2)); 1374 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1375 yyerror("expected yes or no."); 1376 else cfg_parser->cfg->harden_dnssec_stripped = 1377 (strcmp($2, "yes")==0); 1378 free($2); 1379 } 1380 ; 1381server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG 1382 { 1383 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2)); 1384 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1385 yyerror("expected yes or no."); 1386 else cfg_parser->cfg->harden_below_nxdomain = 1387 (strcmp($2, "yes")==0); 1388 free($2); 1389 } 1390 ; 1391server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG 1392 { 1393 OUTYY(("P(server_harden_referral_path:%s)\n", $2)); 1394 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1395 yyerror("expected yes or no."); 1396 else cfg_parser->cfg->harden_referral_path = 1397 (strcmp($2, "yes")==0); 1398 free($2); 1399 } 1400 ; 1401server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG 1402 { 1403 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2)); 1404 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1405 yyerror("expected yes or no."); 1406 else cfg_parser->cfg->harden_algo_downgrade = 1407 (strcmp($2, "yes")==0); 1408 free($2); 1409 } 1410 ; 1411server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG 1412 { 1413 OUTYY(("P(server_use_caps_for_id:%s)\n", $2)); 1414 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1415 yyerror("expected yes or no."); 1416 else cfg_parser->cfg->use_caps_bits_for_id = 1417 (strcmp($2, "yes")==0); 1418 free($2); 1419 } 1420 ; 1421server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG 1422 { 1423 OUTYY(("P(server_caps_whitelist:%s)\n", $2)); 1424 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2)) 1425 yyerror("out of memory"); 1426 } 1427 ; 1428server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG 1429 { 1430 OUTYY(("P(server_private_address:%s)\n", $2)); 1431 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2)) 1432 yyerror("out of memory"); 1433 } 1434 ; 1435server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG 1436 { 1437 OUTYY(("P(server_private_domain:%s)\n", $2)); 1438 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2)) 1439 yyerror("out of memory"); 1440 } 1441 ; 1442server_prefetch: VAR_PREFETCH STRING_ARG 1443 { 1444 OUTYY(("P(server_prefetch:%s)\n", $2)); 1445 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1446 yyerror("expected yes or no."); 1447 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0); 1448 free($2); 1449 } 1450 ; 1451server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG 1452 { 1453 OUTYY(("P(server_prefetch_key:%s)\n", $2)); 1454 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1455 yyerror("expected yes or no."); 1456 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0); 1457 free($2); 1458 } 1459 ; 1460server_deny_any: VAR_DENY_ANY STRING_ARG 1461 { 1462 OUTYY(("P(server_deny_any:%s)\n", $2)); 1463 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1464 yyerror("expected yes or no."); 1465 else cfg_parser->cfg->deny_any = (strcmp($2, "yes")==0); 1466 free($2); 1467 } 1468 ; 1469server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG 1470 { 1471 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2)); 1472 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1473 yyerror("number expected"); 1474 else cfg_parser->cfg->unwanted_threshold = atoi($2); 1475 free($2); 1476 } 1477 ; 1478server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG 1479 { 1480 OUTYY(("P(server_do_not_query_address:%s)\n", $2)); 1481 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2)) 1482 yyerror("out of memory"); 1483 } 1484 ; 1485server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG 1486 { 1487 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2)); 1488 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1489 yyerror("expected yes or no."); 1490 else cfg_parser->cfg->donotquery_localhost = 1491 (strcmp($2, "yes")==0); 1492 free($2); 1493 } 1494 ; 1495server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG 1496 { 1497 OUTYY(("P(server_access_control:%s %s)\n", $2, $3)); 1498 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 && 1499 strcmp($3, "deny_non_local")!=0 && 1500 strcmp($3, "refuse_non_local")!=0 && 1501 strcmp($3, "allow_setrd")!=0 && 1502 strcmp($3, "allow")!=0 && 1503 strcmp($3, "allow_snoop")!=0) { 1504 yyerror("expected deny, refuse, deny_non_local, " 1505 "refuse_non_local, allow, allow_setrd or " 1506 "allow_snoop in access control action"); 1507 free($2); 1508 free($3); 1509 } else { 1510 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3)) 1511 fatal_exit("out of memory adding acl"); 1512 } 1513 } 1514 ; 1515server_module_conf: VAR_MODULE_CONF STRING_ARG 1516 { 1517 OUTYY(("P(server_module_conf:%s)\n", $2)); 1518 free(cfg_parser->cfg->module_conf); 1519 cfg_parser->cfg->module_conf = $2; 1520 } 1521 ; 1522server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG 1523 { 1524 OUTYY(("P(server_val_override_date:%s)\n", $2)); 1525 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1526 cfg_parser->cfg->val_date_override = 0; 1527 } else if(strlen($2) == 14) { 1528 cfg_parser->cfg->val_date_override = 1529 cfg_convert_timeval($2); 1530 if(!cfg_parser->cfg->val_date_override) 1531 yyerror("bad date/time specification"); 1532 } else { 1533 if(atoi($2) == 0) 1534 yyerror("number expected"); 1535 cfg_parser->cfg->val_date_override = atoi($2); 1536 } 1537 free($2); 1538 } 1539 ; 1540server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG 1541 { 1542 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2)); 1543 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1544 cfg_parser->cfg->val_sig_skew_min = 0; 1545 } else { 1546 cfg_parser->cfg->val_sig_skew_min = atoi($2); 1547 if(!cfg_parser->cfg->val_sig_skew_min) 1548 yyerror("number expected"); 1549 } 1550 free($2); 1551 } 1552 ; 1553server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG 1554 { 1555 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2)); 1556 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1557 cfg_parser->cfg->val_sig_skew_max = 0; 1558 } else { 1559 cfg_parser->cfg->val_sig_skew_max = atoi($2); 1560 if(!cfg_parser->cfg->val_sig_skew_max) 1561 yyerror("number expected"); 1562 } 1563 free($2); 1564 } 1565 ; 1566server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG 1567 { 1568 OUTYY(("P(server_cache_max_ttl:%s)\n", $2)); 1569 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1570 yyerror("number expected"); 1571 else cfg_parser->cfg->max_ttl = atoi($2); 1572 free($2); 1573 } 1574 ; 1575server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG 1576 { 1577 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2)); 1578 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1579 yyerror("number expected"); 1580 else cfg_parser->cfg->max_negative_ttl = atoi($2); 1581 free($2); 1582 } 1583 ; 1584server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG 1585 { 1586 OUTYY(("P(server_cache_min_ttl:%s)\n", $2)); 1587 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1588 yyerror("number expected"); 1589 else cfg_parser->cfg->min_ttl = atoi($2); 1590 free($2); 1591 } 1592 ; 1593server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG 1594 { 1595 OUTYY(("P(server_bogus_ttl:%s)\n", $2)); 1596 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1597 yyerror("number expected"); 1598 else cfg_parser->cfg->bogus_ttl = atoi($2); 1599 free($2); 1600 } 1601 ; 1602server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG 1603 { 1604 OUTYY(("P(server_val_clean_additional:%s)\n", $2)); 1605 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1606 yyerror("expected yes or no."); 1607 else cfg_parser->cfg->val_clean_additional = 1608 (strcmp($2, "yes")==0); 1609 free($2); 1610 } 1611 ; 1612server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG 1613 { 1614 OUTYY(("P(server_val_permissive_mode:%s)\n", $2)); 1615 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1616 yyerror("expected yes or no."); 1617 else cfg_parser->cfg->val_permissive_mode = 1618 (strcmp($2, "yes")==0); 1619 free($2); 1620 } 1621 ; 1622server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG 1623 { 1624 OUTYY(("P(server_aggressive_nsec:%s)\n", $2)); 1625 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1626 yyerror("expected yes or no."); 1627 else 1628 cfg_parser->cfg->aggressive_nsec = 1629 (strcmp($2, "yes")==0); 1630 free($2); 1631 } 1632 ; 1633server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG 1634 { 1635 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2)); 1636 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1637 yyerror("expected yes or no."); 1638 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0); 1639 free($2); 1640 } 1641 ; 1642server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG 1643 { 1644 OUTYY(("P(server_serve_expired:%s)\n", $2)); 1645 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1646 yyerror("expected yes or no."); 1647 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0); 1648 free($2); 1649 } 1650 ; 1651server_serve_expired_ttl: VAR_SERVE_EXPIRED_TTL STRING_ARG 1652 { 1653 OUTYY(("P(server_serve_expired_ttl:%s)\n", $2)); 1654 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1655 yyerror("number expected"); 1656 else cfg_parser->cfg->serve_expired_ttl = atoi($2); 1657 free($2); 1658 } 1659 ; 1660server_serve_expired_ttl_reset: VAR_SERVE_EXPIRED_TTL_RESET STRING_ARG 1661 { 1662 OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", $2)); 1663 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1664 yyerror("expected yes or no."); 1665 else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp($2, "yes")==0); 1666 free($2); 1667 } 1668 ; 1669server_fake_dsa: VAR_FAKE_DSA STRING_ARG 1670 { 1671 OUTYY(("P(server_fake_dsa:%s)\n", $2)); 1672 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1673 yyerror("expected yes or no."); 1674#ifdef HAVE_SSL 1675 else fake_dsa = (strcmp($2, "yes")==0); 1676 if(fake_dsa) 1677 log_warn("test option fake_dsa is enabled"); 1678#endif 1679 free($2); 1680 } 1681 ; 1682server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG 1683 { 1684 OUTYY(("P(server_fake_sha1:%s)\n", $2)); 1685 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1686 yyerror("expected yes or no."); 1687#ifdef HAVE_SSL 1688 else fake_sha1 = (strcmp($2, "yes")==0); 1689 if(fake_sha1) 1690 log_warn("test option fake_sha1 is enabled"); 1691#endif 1692 free($2); 1693 } 1694 ; 1695server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG 1696 { 1697 OUTYY(("P(server_val_log_level:%s)\n", $2)); 1698 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1699 yyerror("number expected"); 1700 else cfg_parser->cfg->val_log_level = atoi($2); 1701 free($2); 1702 } 1703 ; 1704server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG 1705 { 1706 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2)); 1707 free(cfg_parser->cfg->val_nsec3_key_iterations); 1708 cfg_parser->cfg->val_nsec3_key_iterations = $2; 1709 } 1710 ; 1711server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG 1712 { 1713 OUTYY(("P(server_add_holddown:%s)\n", $2)); 1714 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1715 yyerror("number expected"); 1716 else cfg_parser->cfg->add_holddown = atoi($2); 1717 free($2); 1718 } 1719 ; 1720server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG 1721 { 1722 OUTYY(("P(server_del_holddown:%s)\n", $2)); 1723 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1724 yyerror("number expected"); 1725 else cfg_parser->cfg->del_holddown = atoi($2); 1726 free($2); 1727 } 1728 ; 1729server_keep_missing: VAR_KEEP_MISSING STRING_ARG 1730 { 1731 OUTYY(("P(server_keep_missing:%s)\n", $2)); 1732 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1733 yyerror("number expected"); 1734 else cfg_parser->cfg->keep_missing = atoi($2); 1735 free($2); 1736 } 1737 ; 1738server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG 1739 { 1740 OUTYY(("P(server_permit_small_holddown:%s)\n", $2)); 1741 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1742 yyerror("expected yes or no."); 1743 else cfg_parser->cfg->permit_small_holddown = 1744 (strcmp($2, "yes")==0); 1745 free($2); 1746 } 1747server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG 1748 { 1749 OUTYY(("P(server_key_cache_size:%s)\n", $2)); 1750 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size)) 1751 yyerror("memory size expected"); 1752 free($2); 1753 } 1754 ; 1755server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG 1756 { 1757 OUTYY(("P(server_key_cache_slabs:%s)\n", $2)); 1758 if(atoi($2) == 0) 1759 yyerror("number expected"); 1760 else { 1761 cfg_parser->cfg->key_cache_slabs = atoi($2); 1762 if(!is_pow2(cfg_parser->cfg->key_cache_slabs)) 1763 yyerror("must be a power of 2"); 1764 } 1765 free($2); 1766 } 1767 ; 1768server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG 1769 { 1770 OUTYY(("P(server_neg_cache_size:%s)\n", $2)); 1771 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size)) 1772 yyerror("memory size expected"); 1773 free($2); 1774 } 1775 ; 1776server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 1777 { 1778 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3)); 1779 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 1780 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 1781 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 1782 && strcmp($3, "typetransparent")!=0 1783 && strcmp($3, "always_transparent")!=0 1784 && strcmp($3, "always_refuse")!=0 1785 && strcmp($3, "always_nxdomain")!=0 1786 && strcmp($3, "noview")!=0 1787 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 1788 && strcmp($3, "inform_redirect") != 0 1789 && strcmp($3, "ipset") != 0) { 1790 yyerror("local-zone type: expected static, deny, " 1791 "refuse, redirect, transparent, " 1792 "typetransparent, inform, inform_deny, " 1793 "inform_redirect, always_transparent, " 1794 "always_refuse, always_nxdomain, noview " 1795 ", nodefault or ipset"); 1796 free($2); 1797 free($3); 1798 } else if(strcmp($3, "nodefault")==0) { 1799 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1800 local_zones_nodefault, $2)) 1801 fatal_exit("out of memory adding local-zone"); 1802 free($3); 1803#ifdef USE_IPSET 1804 } else if(strcmp($3, "ipset")==0) { 1805 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1806 local_zones_ipset, $2)) 1807 fatal_exit("out of memory adding local-zone"); 1808 free($3); 1809#endif 1810 } else { 1811 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones, 1812 $2, $3)) 1813 fatal_exit("out of memory adding local-zone"); 1814 } 1815 } 1816 ; 1817server_local_data: VAR_LOCAL_DATA STRING_ARG 1818 { 1819 OUTYY(("P(server_local_data:%s)\n", $2)); 1820 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2)) 1821 fatal_exit("out of memory adding local-data"); 1822 } 1823 ; 1824server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 1825 { 1826 char* ptr; 1827 OUTYY(("P(server_local_data_ptr:%s)\n", $2)); 1828 ptr = cfg_ptr_reverse($2); 1829 free($2); 1830 if(ptr) { 1831 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1832 local_data, ptr)) 1833 fatal_exit("out of memory adding local-data"); 1834 } else { 1835 yyerror("local-data-ptr could not be reversed"); 1836 } 1837 } 1838 ; 1839server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG 1840 { 1841 OUTYY(("P(server_minimal_responses:%s)\n", $2)); 1842 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1843 yyerror("expected yes or no."); 1844 else cfg_parser->cfg->minimal_responses = 1845 (strcmp($2, "yes")==0); 1846 free($2); 1847 } 1848 ; 1849server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG 1850 { 1851 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2)); 1852 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1853 yyerror("expected yes or no."); 1854 else cfg_parser->cfg->rrset_roundrobin = 1855 (strcmp($2, "yes")==0); 1856 free($2); 1857 } 1858 ; 1859server_unknown_server_time_limit: VAR_UNKNOWN_SERVER_TIME_LIMIT STRING_ARG 1860 { 1861 OUTYY(("P(server_unknown_server_time_limit:%s)\n", $2)); 1862 cfg_parser->cfg->unknown_server_time_limit = atoi($2); 1863 free($2); 1864 } 1865 ; 1866server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG 1867 { 1868 OUTYY(("P(server_max_udp_size:%s)\n", $2)); 1869 cfg_parser->cfg->max_udp_size = atoi($2); 1870 free($2); 1871 } 1872 ; 1873server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG 1874 { 1875 OUTYY(("P(dns64_prefix:%s)\n", $2)); 1876 free(cfg_parser->cfg->dns64_prefix); 1877 cfg_parser->cfg->dns64_prefix = $2; 1878 } 1879 ; 1880server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG 1881 { 1882 OUTYY(("P(server_dns64_synthall:%s)\n", $2)); 1883 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1884 yyerror("expected yes or no."); 1885 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0); 1886 free($2); 1887 } 1888 ; 1889server_dns64_ignore_aaaa: VAR_DNS64_IGNORE_AAAA STRING_ARG 1890 { 1891 OUTYY(("P(dns64_ignore_aaaa:%s)\n", $2)); 1892 if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa, 1893 $2)) 1894 fatal_exit("out of memory adding dns64-ignore-aaaa"); 1895 } 1896 ; 1897server_define_tag: VAR_DEFINE_TAG STRING_ARG 1898 { 1899 char* p, *s = $2; 1900 OUTYY(("P(server_define_tag:%s)\n", $2)); 1901 while((p=strsep(&s, " \t\n")) != NULL) { 1902 if(*p) { 1903 if(!config_add_tag(cfg_parser->cfg, p)) 1904 yyerror("could not define-tag, " 1905 "out of memory"); 1906 } 1907 } 1908 free($2); 1909 } 1910 ; 1911server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG 1912 { 1913 size_t len = 0; 1914 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 1915 &len); 1916 free($3); 1917 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 1918 if(!bitlist) { 1919 yyerror("could not parse tags, (define-tag them first)"); 1920 free($2); 1921 } 1922 if(bitlist) { 1923 if(!cfg_strbytelist_insert( 1924 &cfg_parser->cfg->local_zone_tags, 1925 $2, bitlist, len)) { 1926 yyerror("out of memory"); 1927 free($2); 1928 } 1929 } 1930 } 1931 ; 1932server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG 1933 { 1934 size_t len = 0; 1935 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 1936 &len); 1937 free($3); 1938 OUTYY(("P(server_access_control_tag:%s)\n", $2)); 1939 if(!bitlist) { 1940 yyerror("could not parse tags, (define-tag them first)"); 1941 free($2); 1942 } 1943 if(bitlist) { 1944 if(!cfg_strbytelist_insert( 1945 &cfg_parser->cfg->acl_tags, 1946 $2, bitlist, len)) { 1947 yyerror("out of memory"); 1948 free($2); 1949 } 1950 } 1951 } 1952 ; 1953server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 1954 { 1955 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4)); 1956 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions, 1957 $2, $3, $4)) { 1958 yyerror("out of memory"); 1959 free($2); 1960 free($3); 1961 free($4); 1962 } 1963 } 1964 ; 1965server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 1966 { 1967 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4)); 1968 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas, 1969 $2, $3, $4)) { 1970 yyerror("out of memory"); 1971 free($2); 1972 free($3); 1973 free($4); 1974 } 1975 } 1976 ; 1977server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG 1978 { 1979 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4)); 1980 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides, 1981 $2, $3, $4)) { 1982 yyerror("out of memory"); 1983 free($2); 1984 free($3); 1985 free($4); 1986 } 1987 } 1988 ; 1989server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG 1990 { 1991 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3)); 1992 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view, 1993 $2, $3)) { 1994 yyerror("out of memory"); 1995 } 1996 } 1997 ; 1998server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG 1999 { 2000 size_t len = 0; 2001 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2002 &len); 2003 free($3); 2004 OUTYY(("P(response_ip_tag:%s)\n", $2)); 2005 if(!bitlist) { 2006 yyerror("could not parse tags, (define-tag them first)"); 2007 free($2); 2008 } 2009 if(bitlist) { 2010 if(!cfg_strbytelist_insert( 2011 &cfg_parser->cfg->respip_tags, 2012 $2, bitlist, len)) { 2013 yyerror("out of memory"); 2014 free($2); 2015 } 2016 } 2017 } 2018 ; 2019server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG 2020 { 2021 OUTYY(("P(server_ip_ratelimit:%s)\n", $2)); 2022 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2023 yyerror("number expected"); 2024 else cfg_parser->cfg->ip_ratelimit = atoi($2); 2025 free($2); 2026 } 2027 ; 2028 2029server_ratelimit: VAR_RATELIMIT STRING_ARG 2030 { 2031 OUTYY(("P(server_ratelimit:%s)\n", $2)); 2032 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2033 yyerror("number expected"); 2034 else cfg_parser->cfg->ratelimit = atoi($2); 2035 free($2); 2036 } 2037 ; 2038server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG 2039 { 2040 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2)); 2041 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size)) 2042 yyerror("memory size expected"); 2043 free($2); 2044 } 2045 ; 2046server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG 2047 { 2048 OUTYY(("P(server_ratelimit_size:%s)\n", $2)); 2049 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size)) 2050 yyerror("memory size expected"); 2051 free($2); 2052 } 2053 ; 2054server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG 2055 { 2056 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2)); 2057 if(atoi($2) == 0) 2058 yyerror("number expected"); 2059 else { 2060 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2); 2061 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs)) 2062 yyerror("must be a power of 2"); 2063 } 2064 free($2); 2065 } 2066 ; 2067server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG 2068 { 2069 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2)); 2070 if(atoi($2) == 0) 2071 yyerror("number expected"); 2072 else { 2073 cfg_parser->cfg->ratelimit_slabs = atoi($2); 2074 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs)) 2075 yyerror("must be a power of 2"); 2076 } 2077 free($2); 2078 } 2079 ; 2080server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG 2081 { 2082 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3)); 2083 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2084 yyerror("number expected"); 2085 free($2); 2086 free($3); 2087 } else { 2088 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2089 ratelimit_for_domain, $2, $3)) 2090 fatal_exit("out of memory adding " 2091 "ratelimit-for-domain"); 2092 } 2093 } 2094 ; 2095server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG 2096 { 2097 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3)); 2098 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2099 yyerror("number expected"); 2100 free($2); 2101 free($3); 2102 } else { 2103 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2104 ratelimit_below_domain, $2, $3)) 2105 fatal_exit("out of memory adding " 2106 "ratelimit-below-domain"); 2107 } 2108 } 2109 ; 2110server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG 2111 { 2112 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2)); 2113 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2114 yyerror("number expected"); 2115 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2); 2116 free($2); 2117 } 2118 ; 2119server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG 2120 { 2121 OUTYY(("P(server_ratelimit_factor:%s)\n", $2)); 2122 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2123 yyerror("number expected"); 2124 else cfg_parser->cfg->ratelimit_factor = atoi($2); 2125 free($2); 2126 } 2127 ; 2128server_low_rtt: VAR_LOW_RTT STRING_ARG 2129 { 2130 OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n")); 2131 free($2); 2132 } 2133 ; 2134server_fast_server_num: VAR_FAST_SERVER_NUM STRING_ARG 2135 { 2136 OUTYY(("P(server_fast_server_num:%s)\n", $2)); 2137 if(atoi($2) <= 0) 2138 yyerror("number expected"); 2139 else cfg_parser->cfg->fast_server_num = atoi($2); 2140 free($2); 2141 } 2142 ; 2143server_fast_server_permil: VAR_FAST_SERVER_PERMIL STRING_ARG 2144 { 2145 OUTYY(("P(server_fast_server_permil:%s)\n", $2)); 2146 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2147 yyerror("number expected"); 2148 else cfg_parser->cfg->fast_server_permil = atoi($2); 2149 free($2); 2150 } 2151 ; 2152server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG 2153 { 2154 OUTYY(("P(server_qname_minimisation:%s)\n", $2)); 2155 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2156 yyerror("expected yes or no."); 2157 else cfg_parser->cfg->qname_minimisation = 2158 (strcmp($2, "yes")==0); 2159 free($2); 2160 } 2161 ; 2162server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG 2163 { 2164 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2)); 2165 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2166 yyerror("expected yes or no."); 2167 else cfg_parser->cfg->qname_minimisation_strict = 2168 (strcmp($2, "yes")==0); 2169 free($2); 2170 } 2171 ; 2172server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG 2173 { 2174 #ifdef USE_IPSECMOD 2175 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2)); 2176 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2177 yyerror("expected yes or no."); 2178 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0); 2179 #else 2180 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2181 #endif 2182 free($2); 2183 } 2184 ; 2185server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG 2186 { 2187 #ifdef USE_IPSECMOD 2188 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2)); 2189 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2190 yyerror("expected yes or no."); 2191 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0); 2192 #else 2193 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2194 #endif 2195 free($2); 2196 } 2197 ; 2198server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG 2199 { 2200 #ifdef USE_IPSECMOD 2201 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2)); 2202 free(cfg_parser->cfg->ipsecmod_hook); 2203 cfg_parser->cfg->ipsecmod_hook = $2; 2204 #else 2205 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2206 free($2); 2207 #endif 2208 } 2209 ; 2210server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG 2211 { 2212 #ifdef USE_IPSECMOD 2213 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2)); 2214 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2215 yyerror("number expected"); 2216 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2); 2217 free($2); 2218 #else 2219 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2220 free($2); 2221 #endif 2222 } 2223 ; 2224server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG 2225 { 2226 #ifdef USE_IPSECMOD 2227 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2)); 2228 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2)) 2229 yyerror("out of memory"); 2230 #else 2231 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2232 free($2); 2233 #endif 2234 } 2235 ; 2236server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG 2237 { 2238 #ifdef USE_IPSECMOD 2239 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2)); 2240 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2241 yyerror("expected yes or no."); 2242 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0); 2243 free($2); 2244 #else 2245 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2246 free($2); 2247 #endif 2248 } 2249 ; 2250stub_name: VAR_NAME STRING_ARG 2251 { 2252 OUTYY(("P(name:%s)\n", $2)); 2253 if(cfg_parser->cfg->stubs->name) 2254 yyerror("stub name override, there must be one name " 2255 "for one stub-zone"); 2256 free(cfg_parser->cfg->stubs->name); 2257 cfg_parser->cfg->stubs->name = $2; 2258 } 2259 ; 2260stub_host: VAR_STUB_HOST STRING_ARG 2261 { 2262 OUTYY(("P(stub-host:%s)\n", $2)); 2263 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2)) 2264 yyerror("out of memory"); 2265 } 2266 ; 2267stub_addr: VAR_STUB_ADDR STRING_ARG 2268 { 2269 OUTYY(("P(stub-addr:%s)\n", $2)); 2270 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2)) 2271 yyerror("out of memory"); 2272 } 2273 ; 2274stub_first: VAR_STUB_FIRST STRING_ARG 2275 { 2276 OUTYY(("P(stub-first:%s)\n", $2)); 2277 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2278 yyerror("expected yes or no."); 2279 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0); 2280 free($2); 2281 } 2282 ; 2283stub_no_cache: VAR_STUB_NO_CACHE STRING_ARG 2284 { 2285 OUTYY(("P(stub-no-cache:%s)\n", $2)); 2286 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2287 yyerror("expected yes or no."); 2288 else cfg_parser->cfg->stubs->no_cache=(strcmp($2, "yes")==0); 2289 free($2); 2290 } 2291 ; 2292stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG 2293 { 2294 OUTYY(("P(stub-ssl-upstream:%s)\n", $2)); 2295 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2296 yyerror("expected yes or no."); 2297 else cfg_parser->cfg->stubs->ssl_upstream = 2298 (strcmp($2, "yes")==0); 2299 free($2); 2300 } 2301 ; 2302stub_prime: VAR_STUB_PRIME STRING_ARG 2303 { 2304 OUTYY(("P(stub-prime:%s)\n", $2)); 2305 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2306 yyerror("expected yes or no."); 2307 else cfg_parser->cfg->stubs->isprime = 2308 (strcmp($2, "yes")==0); 2309 free($2); 2310 } 2311 ; 2312forward_name: VAR_NAME STRING_ARG 2313 { 2314 OUTYY(("P(name:%s)\n", $2)); 2315 if(cfg_parser->cfg->forwards->name) 2316 yyerror("forward name override, there must be one " 2317 "name for one forward-zone"); 2318 free(cfg_parser->cfg->forwards->name); 2319 cfg_parser->cfg->forwards->name = $2; 2320 } 2321 ; 2322forward_host: VAR_FORWARD_HOST STRING_ARG 2323 { 2324 OUTYY(("P(forward-host:%s)\n", $2)); 2325 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2)) 2326 yyerror("out of memory"); 2327 } 2328 ; 2329forward_addr: VAR_FORWARD_ADDR STRING_ARG 2330 { 2331 OUTYY(("P(forward-addr:%s)\n", $2)); 2332 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2)) 2333 yyerror("out of memory"); 2334 } 2335 ; 2336forward_first: VAR_FORWARD_FIRST STRING_ARG 2337 { 2338 OUTYY(("P(forward-first:%s)\n", $2)); 2339 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2340 yyerror("expected yes or no."); 2341 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0); 2342 free($2); 2343 } 2344 ; 2345forward_no_cache: VAR_FORWARD_NO_CACHE STRING_ARG 2346 { 2347 OUTYY(("P(forward-no-cache:%s)\n", $2)); 2348 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2349 yyerror("expected yes or no."); 2350 else cfg_parser->cfg->forwards->no_cache=(strcmp($2, "yes")==0); 2351 free($2); 2352 } 2353 ; 2354forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG 2355 { 2356 OUTYY(("P(forward-ssl-upstream:%s)\n", $2)); 2357 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2358 yyerror("expected yes or no."); 2359 else cfg_parser->cfg->forwards->ssl_upstream = 2360 (strcmp($2, "yes")==0); 2361 free($2); 2362 } 2363 ; 2364auth_name: VAR_NAME STRING_ARG 2365 { 2366 OUTYY(("P(name:%s)\n", $2)); 2367 if(cfg_parser->cfg->auths->name) 2368 yyerror("auth name override, there must be one name " 2369 "for one auth-zone"); 2370 free(cfg_parser->cfg->auths->name); 2371 cfg_parser->cfg->auths->name = $2; 2372 } 2373 ; 2374auth_zonefile: VAR_ZONEFILE STRING_ARG 2375 { 2376 OUTYY(("P(zonefile:%s)\n", $2)); 2377 free(cfg_parser->cfg->auths->zonefile); 2378 cfg_parser->cfg->auths->zonefile = $2; 2379 } 2380 ; 2381auth_master: VAR_MASTER STRING_ARG 2382 { 2383 OUTYY(("P(master:%s)\n", $2)); 2384 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2)) 2385 yyerror("out of memory"); 2386 } 2387 ; 2388auth_url: VAR_URL STRING_ARG 2389 { 2390 OUTYY(("P(url:%s)\n", $2)); 2391 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2)) 2392 yyerror("out of memory"); 2393 } 2394 ; 2395auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG 2396 { 2397 OUTYY(("P(allow-notify:%s)\n", $2)); 2398 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify, 2399 $2)) 2400 yyerror("out of memory"); 2401 } 2402 ; 2403auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG 2404 { 2405 OUTYY(("P(for-downstream:%s)\n", $2)); 2406 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2407 yyerror("expected yes or no."); 2408 else cfg_parser->cfg->auths->for_downstream = 2409 (strcmp($2, "yes")==0); 2410 free($2); 2411 } 2412 ; 2413auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG 2414 { 2415 OUTYY(("P(for-upstream:%s)\n", $2)); 2416 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2417 yyerror("expected yes or no."); 2418 else cfg_parser->cfg->auths->for_upstream = 2419 (strcmp($2, "yes")==0); 2420 free($2); 2421 } 2422 ; 2423auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG 2424 { 2425 OUTYY(("P(fallback-enabled:%s)\n", $2)); 2426 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2427 yyerror("expected yes or no."); 2428 else cfg_parser->cfg->auths->fallback_enabled = 2429 (strcmp($2, "yes")==0); 2430 free($2); 2431 } 2432 ; 2433view_name: VAR_NAME STRING_ARG 2434 { 2435 OUTYY(("P(name:%s)\n", $2)); 2436 if(cfg_parser->cfg->views->name) 2437 yyerror("view name override, there must be one " 2438 "name for one view"); 2439 free(cfg_parser->cfg->views->name); 2440 cfg_parser->cfg->views->name = $2; 2441 } 2442 ; 2443view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 2444 { 2445 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3)); 2446 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 2447 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 2448 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 2449 && strcmp($3, "typetransparent")!=0 2450 && strcmp($3, "always_transparent")!=0 2451 && strcmp($3, "always_refuse")!=0 2452 && strcmp($3, "always_nxdomain")!=0 2453 && strcmp($3, "noview")!=0 2454 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0) { 2455 yyerror("local-zone type: expected static, deny, " 2456 "refuse, redirect, transparent, " 2457 "typetransparent, inform, inform_deny, " 2458 "always_transparent, always_refuse, " 2459 "always_nxdomain, noview or nodefault"); 2460 free($2); 2461 free($3); 2462 } else if(strcmp($3, "nodefault")==0) { 2463 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2464 local_zones_nodefault, $2)) 2465 fatal_exit("out of memory adding local-zone"); 2466 free($3); 2467#ifdef USE_IPSET 2468 } else if(strcmp($3, "ipset")==0) { 2469 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2470 local_zones_ipset, $2)) 2471 fatal_exit("out of memory adding local-zone"); 2472 free($3); 2473#endif 2474 } else { 2475 if(!cfg_str2list_insert( 2476 &cfg_parser->cfg->views->local_zones, 2477 $2, $3)) 2478 fatal_exit("out of memory adding local-zone"); 2479 } 2480 } 2481 ; 2482view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 2483 { 2484 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3)); 2485 validate_respip_action($3); 2486 if(!cfg_str2list_insert( 2487 &cfg_parser->cfg->views->respip_actions, $2, $3)) 2488 fatal_exit("out of memory adding per-view " 2489 "response-ip action"); 2490 } 2491 ; 2492view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 2493 { 2494 OUTYY(("P(view_response_ip_data:%s)\n", $2)); 2495 if(!cfg_str2list_insert( 2496 &cfg_parser->cfg->views->respip_data, $2, $3)) 2497 fatal_exit("out of memory adding response-ip-data"); 2498 } 2499 ; 2500view_local_data: VAR_LOCAL_DATA STRING_ARG 2501 { 2502 OUTYY(("P(view_local_data:%s)\n", $2)); 2503 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) { 2504 fatal_exit("out of memory adding local-data"); 2505 } 2506 } 2507 ; 2508view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 2509 { 2510 char* ptr; 2511 OUTYY(("P(view_local_data_ptr:%s)\n", $2)); 2512 ptr = cfg_ptr_reverse($2); 2513 free($2); 2514 if(ptr) { 2515 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2516 local_data, ptr)) 2517 fatal_exit("out of memory adding local-data"); 2518 } else { 2519 yyerror("local-data-ptr could not be reversed"); 2520 } 2521 } 2522 ; 2523view_first: VAR_VIEW_FIRST STRING_ARG 2524 { 2525 OUTYY(("P(view-first:%s)\n", $2)); 2526 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2527 yyerror("expected yes or no."); 2528 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0); 2529 free($2); 2530 } 2531 ; 2532rcstart: VAR_REMOTE_CONTROL 2533 { 2534 OUTYY(("\nP(remote-control:)\n")); 2535 } 2536 ; 2537contents_rc: contents_rc content_rc 2538 | ; 2539content_rc: rc_control_enable | rc_control_interface | rc_control_port | 2540 rc_server_key_file | rc_server_cert_file | rc_control_key_file | 2541 rc_control_cert_file | rc_control_use_cert 2542 ; 2543rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG 2544 { 2545 OUTYY(("P(control_enable:%s)\n", $2)); 2546 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2547 yyerror("expected yes or no."); 2548 else cfg_parser->cfg->remote_control_enable = 2549 (strcmp($2, "yes")==0); 2550 free($2); 2551 } 2552 ; 2553rc_control_port: VAR_CONTROL_PORT STRING_ARG 2554 { 2555 OUTYY(("P(control_port:%s)\n", $2)); 2556 if(atoi($2) == 0) 2557 yyerror("control port number expected"); 2558 else cfg_parser->cfg->control_port = atoi($2); 2559 free($2); 2560 } 2561 ; 2562rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG 2563 { 2564 OUTYY(("P(control_interface:%s)\n", $2)); 2565 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2)) 2566 yyerror("out of memory"); 2567 } 2568 ; 2569rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG 2570 { 2571 OUTYY(("P(control_use_cert:%s)\n", $2)); 2572 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0); 2573 free($2); 2574 } 2575 ; 2576rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG 2577 { 2578 OUTYY(("P(rc_server_key_file:%s)\n", $2)); 2579 free(cfg_parser->cfg->server_key_file); 2580 cfg_parser->cfg->server_key_file = $2; 2581 } 2582 ; 2583rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG 2584 { 2585 OUTYY(("P(rc_server_cert_file:%s)\n", $2)); 2586 free(cfg_parser->cfg->server_cert_file); 2587 cfg_parser->cfg->server_cert_file = $2; 2588 } 2589 ; 2590rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG 2591 { 2592 OUTYY(("P(rc_control_key_file:%s)\n", $2)); 2593 free(cfg_parser->cfg->control_key_file); 2594 cfg_parser->cfg->control_key_file = $2; 2595 } 2596 ; 2597rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG 2598 { 2599 OUTYY(("P(rc_control_cert_file:%s)\n", $2)); 2600 free(cfg_parser->cfg->control_cert_file); 2601 cfg_parser->cfg->control_cert_file = $2; 2602 } 2603 ; 2604dtstart: VAR_DNSTAP 2605 { 2606 OUTYY(("\nP(dnstap:)\n")); 2607 } 2608 ; 2609contents_dt: contents_dt content_dt 2610 | ; 2611content_dt: dt_dnstap_enable | dt_dnstap_socket_path | 2612 dt_dnstap_send_identity | dt_dnstap_send_version | 2613 dt_dnstap_identity | dt_dnstap_version | 2614 dt_dnstap_log_resolver_query_messages | 2615 dt_dnstap_log_resolver_response_messages | 2616 dt_dnstap_log_client_query_messages | 2617 dt_dnstap_log_client_response_messages | 2618 dt_dnstap_log_forwarder_query_messages | 2619 dt_dnstap_log_forwarder_response_messages 2620 ; 2621dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG 2622 { 2623 OUTYY(("P(dt_dnstap_enable:%s)\n", $2)); 2624 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2625 yyerror("expected yes or no."); 2626 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0); 2627 free($2); 2628 } 2629 ; 2630dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG 2631 { 2632 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2)); 2633 free(cfg_parser->cfg->dnstap_socket_path); 2634 cfg_parser->cfg->dnstap_socket_path = $2; 2635 } 2636 ; 2637dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG 2638 { 2639 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2)); 2640 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2641 yyerror("expected yes or no."); 2642 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0); 2643 free($2); 2644 } 2645 ; 2646dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG 2647 { 2648 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2)); 2649 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2650 yyerror("expected yes or no."); 2651 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0); 2652 free($2); 2653 } 2654 ; 2655dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG 2656 { 2657 OUTYY(("P(dt_dnstap_identity:%s)\n", $2)); 2658 free(cfg_parser->cfg->dnstap_identity); 2659 cfg_parser->cfg->dnstap_identity = $2; 2660 } 2661 ; 2662dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG 2663 { 2664 OUTYY(("P(dt_dnstap_version:%s)\n", $2)); 2665 free(cfg_parser->cfg->dnstap_version); 2666 cfg_parser->cfg->dnstap_version = $2; 2667 } 2668 ; 2669dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG 2670 { 2671 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2)); 2672 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2673 yyerror("expected yes or no."); 2674 else cfg_parser->cfg->dnstap_log_resolver_query_messages = 2675 (strcmp($2, "yes")==0); 2676 free($2); 2677 } 2678 ; 2679dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG 2680 { 2681 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2)); 2682 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2683 yyerror("expected yes or no."); 2684 else cfg_parser->cfg->dnstap_log_resolver_response_messages = 2685 (strcmp($2, "yes")==0); 2686 free($2); 2687 } 2688 ; 2689dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG 2690 { 2691 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2)); 2692 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2693 yyerror("expected yes or no."); 2694 else cfg_parser->cfg->dnstap_log_client_query_messages = 2695 (strcmp($2, "yes")==0); 2696 free($2); 2697 } 2698 ; 2699dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG 2700 { 2701 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2)); 2702 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2703 yyerror("expected yes or no."); 2704 else cfg_parser->cfg->dnstap_log_client_response_messages = 2705 (strcmp($2, "yes")==0); 2706 free($2); 2707 } 2708 ; 2709dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG 2710 { 2711 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2)); 2712 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2713 yyerror("expected yes or no."); 2714 else cfg_parser->cfg->dnstap_log_forwarder_query_messages = 2715 (strcmp($2, "yes")==0); 2716 free($2); 2717 } 2718 ; 2719dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG 2720 { 2721 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2)); 2722 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2723 yyerror("expected yes or no."); 2724 else cfg_parser->cfg->dnstap_log_forwarder_response_messages = 2725 (strcmp($2, "yes")==0); 2726 free($2); 2727 } 2728 ; 2729pythonstart: VAR_PYTHON 2730 { 2731 OUTYY(("\nP(python:)\n")); 2732 } 2733 ; 2734contents_py: contents_py content_py 2735 | ; 2736content_py: py_script 2737 ; 2738py_script: VAR_PYTHON_SCRIPT STRING_ARG 2739 { 2740 OUTYY(("P(python-script:%s)\n", $2)); 2741 if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, $2)) 2742 yyerror("out of memory"); 2743 } 2744server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG 2745 { 2746 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2)); 2747 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2748 yyerror("expected yes or no."); 2749 else cfg_parser->cfg->disable_dnssec_lame_check = 2750 (strcmp($2, "yes")==0); 2751 free($2); 2752 } 2753 ; 2754server_log_identity: VAR_LOG_IDENTITY STRING_ARG 2755 { 2756 OUTYY(("P(server_log_identity:%s)\n", $2)); 2757 free(cfg_parser->cfg->log_identity); 2758 cfg_parser->cfg->log_identity = $2; 2759 } 2760 ; 2761server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 2762 { 2763 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3)); 2764 validate_respip_action($3); 2765 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions, 2766 $2, $3)) 2767 fatal_exit("out of memory adding response-ip"); 2768 } 2769 ; 2770server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 2771 { 2772 OUTYY(("P(server_response_ip_data:%s)\n", $2)); 2773 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data, 2774 $2, $3)) 2775 fatal_exit("out of memory adding response-ip-data"); 2776 } 2777 ; 2778dnscstart: VAR_DNSCRYPT 2779 { 2780 OUTYY(("\nP(dnscrypt:)\n")); 2781 } 2782 ; 2783contents_dnsc: contents_dnsc content_dnsc 2784 | ; 2785content_dnsc: 2786 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider | 2787 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert | 2788 dnsc_dnscrypt_provider_cert_rotated | 2789 dnsc_dnscrypt_shared_secret_cache_size | 2790 dnsc_dnscrypt_shared_secret_cache_slabs | 2791 dnsc_dnscrypt_nonce_cache_size | 2792 dnsc_dnscrypt_nonce_cache_slabs 2793 ; 2794dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG 2795 { 2796 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2)); 2797 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2798 yyerror("expected yes or no."); 2799 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0); 2800 free($2); 2801 } 2802 ; 2803 2804dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG 2805 { 2806 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2)); 2807 if(atoi($2) == 0) 2808 yyerror("port number expected"); 2809 else cfg_parser->cfg->dnscrypt_port = atoi($2); 2810 free($2); 2811 } 2812 ; 2813dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG 2814 { 2815 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2)); 2816 free(cfg_parser->cfg->dnscrypt_provider); 2817 cfg_parser->cfg->dnscrypt_provider = $2; 2818 } 2819 ; 2820dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG 2821 { 2822 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2)); 2823 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2)) 2824 log_warn("dnscrypt-provider-cert %s is a duplicate", $2); 2825 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2)) 2826 fatal_exit("out of memory adding dnscrypt-provider-cert"); 2827 } 2828 ; 2829dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG 2830 { 2831 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2)); 2832 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2)) 2833 fatal_exit("out of memory adding dnscrypt-provider-cert-rotated"); 2834 } 2835 ; 2836dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG 2837 { 2838 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2)); 2839 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2)) 2840 log_warn("dnscrypt-secret-key: %s is a duplicate", $2); 2841 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2)) 2842 fatal_exit("out of memory adding dnscrypt-secret-key"); 2843 } 2844 ; 2845dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG 2846 { 2847 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2)); 2848 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size)) 2849 yyerror("memory size expected"); 2850 free($2); 2851 } 2852 ; 2853dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG 2854 { 2855 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2)); 2856 if(atoi($2) == 0) 2857 yyerror("number expected"); 2858 else { 2859 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2); 2860 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs)) 2861 yyerror("must be a power of 2"); 2862 } 2863 free($2); 2864 } 2865 ; 2866dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG 2867 { 2868 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2)); 2869 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size)) 2870 yyerror("memory size expected"); 2871 free($2); 2872 } 2873 ; 2874dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG 2875 { 2876 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2)); 2877 if(atoi($2) == 0) 2878 yyerror("number expected"); 2879 else { 2880 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2); 2881 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs)) 2882 yyerror("must be a power of 2"); 2883 } 2884 free($2); 2885 } 2886 ; 2887cachedbstart: VAR_CACHEDB 2888 { 2889 OUTYY(("\nP(cachedb:)\n")); 2890 } 2891 ; 2892contents_cachedb: contents_cachedb content_cachedb 2893 | ; 2894content_cachedb: cachedb_backend_name | cachedb_secret_seed | 2895 redis_server_host | redis_server_port | redis_timeout 2896 ; 2897cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG 2898 { 2899 #ifdef USE_CACHEDB 2900 OUTYY(("P(backend:%s)\n", $2)); 2901 if(cfg_parser->cfg->cachedb_backend) 2902 yyerror("cachedb backend override, there must be one " 2903 "backend"); 2904 free(cfg_parser->cfg->cachedb_backend); 2905 cfg_parser->cfg->cachedb_backend = $2; 2906 #else 2907 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 2908 free($2); 2909 #endif 2910 } 2911 ; 2912cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG 2913 { 2914 #ifdef USE_CACHEDB 2915 OUTYY(("P(secret-seed:%s)\n", $2)); 2916 if(cfg_parser->cfg->cachedb_secret) 2917 yyerror("cachedb secret-seed override, there must be " 2918 "only one secret"); 2919 free(cfg_parser->cfg->cachedb_secret); 2920 cfg_parser->cfg->cachedb_secret = $2; 2921 #else 2922 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 2923 free($2); 2924 #endif 2925 } 2926 ; 2927redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG 2928 { 2929 #if defined(USE_CACHEDB) && defined(USE_REDIS) 2930 OUTYY(("P(redis_server_host:%s)\n", $2)); 2931 free(cfg_parser->cfg->redis_server_host); 2932 cfg_parser->cfg->redis_server_host = $2; 2933 #else 2934 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 2935 free($2); 2936 #endif 2937 } 2938 ; 2939redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG 2940 { 2941 #if defined(USE_CACHEDB) && defined(USE_REDIS) 2942 int port; 2943 OUTYY(("P(redis_server_port:%s)\n", $2)); 2944 port = atoi($2); 2945 if(port == 0 || port < 0 || port > 65535) 2946 yyerror("valid redis server port number expected"); 2947 else cfg_parser->cfg->redis_server_port = port; 2948 #else 2949 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 2950 #endif 2951 free($2); 2952 } 2953 ; 2954redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG 2955 { 2956 #if defined(USE_CACHEDB) && defined(USE_REDIS) 2957 OUTYY(("P(redis_timeout:%s)\n", $2)); 2958 if(atoi($2) == 0) 2959 yyerror("redis timeout value expected"); 2960 else cfg_parser->cfg->redis_timeout = atoi($2); 2961 #else 2962 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 2963 #endif 2964 free($2); 2965 } 2966 ; 2967server_tcp_connection_limit: VAR_TCP_CONNECTION_LIMIT STRING_ARG STRING_ARG 2968 { 2969 OUTYY(("P(server_tcp_connection_limit:%s %s)\n", $2, $3)); 2970 if (atoi($3) < 0) 2971 yyerror("positive number expected"); 2972 else { 2973 if(!cfg_str2list_insert(&cfg_parser->cfg->tcp_connection_limits, $2, $3)) 2974 fatal_exit("out of memory adding tcp connection limit"); 2975 } 2976 } 2977 ; 2978 ipsetstart: VAR_IPSET 2979 { 2980 OUTYY(("\nP(ipset:)\n")); 2981 } 2982 ; 2983 contents_ipset: contents_ipset content_ipset 2984 | ; 2985 content_ipset: ipset_name_v4 | ipset_name_v6 2986 ; 2987 ipset_name_v4: VAR_IPSET_NAME_V4 STRING_ARG 2988 { 2989 #ifdef USE_IPSET 2990 OUTYY(("P(name-v4:%s)\n", $2)); 2991 if(cfg_parser->cfg->ipset_name_v4) 2992 yyerror("ipset name v4 override, there must be one " 2993 "name for ip v4"); 2994 free(cfg_parser->cfg->ipset_name_v4); 2995 cfg_parser->cfg->ipset_name_v4 = $2; 2996 #else 2997 OUTYY(("P(Compiled without ipset, ignoring)\n")); 2998 free($2); 2999 #endif 3000 } 3001 ; 3002 ipset_name_v6: VAR_IPSET_NAME_V6 STRING_ARG 3003 { 3004 #ifdef USE_IPSET 3005 OUTYY(("P(name-v6:%s)\n", $2)); 3006 if(cfg_parser->cfg->ipset_name_v6) 3007 yyerror("ipset name v6 override, there must be one " 3008 "name for ip v6"); 3009 free(cfg_parser->cfg->ipset_name_v6); 3010 cfg_parser->cfg->ipset_name_v6 = $2; 3011 #else 3012 OUTYY(("P(Compiled without ipset, ignoring)\n")); 3013 free($2); 3014 #endif 3015 } 3016 ; 3017%% 3018 3019/* parse helper routines could be here */ 3020static void 3021validate_respip_action(const char* action) 3022{ 3023 if(strcmp(action, "deny")!=0 && 3024 strcmp(action, "redirect")!=0 && 3025 strcmp(action, "inform")!=0 && 3026 strcmp(action, "inform_deny")!=0 && 3027 strcmp(action, "always_transparent")!=0 && 3028 strcmp(action, "always_refuse")!=0 && 3029 strcmp(action, "always_nxdomain")!=0) 3030 { 3031 yyerror("response-ip action: expected deny, redirect, " 3032 "inform, inform_deny, always_transparent, " 3033 "always_refuse or always_nxdomain"); 3034 } 3035} 3036 3037 3038