1 /* 2 * configparser.y -- yacc grammar for unbound configuration files 3 * 4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. 5 * 6 * Copyright (c) 2007, NLnet Labs. All rights reserved. 7 * 8 * This software is open source. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * Redistributions of source code must retain the above copyright notice, 15 * this list of conditions and the following disclaimer. 16 * 17 * Redistributions in binary form must reproduce the above copyright notice, 18 * this list of conditions and the following disclaimer in the documentation 19 * and/or other materials provided with the distribution. 20 * 21 * Neither the name of the NLNET LABS nor the names of its contributors may 22 * be used to endorse or promote products derived from this software without 23 * specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38 %{ 39 #include "config.h" 40 41 #include <stdarg.h> 42 #include <stdio.h> 43 #include <string.h> 44 #include <stdlib.h> 45 #include <assert.h> 46 47 #include "util/configyyrename.h" 48 #include "util/config_file.h" 49 #include "util/net_help.h" 50 #include "sldns/str2wire.h" 51 52 int ub_c_lex(void); 53 void ub_c_error(const char *message); 54 55 static void validate_respip_action(const char* action); 56 static void validate_acl_action(const char* action); 57 58 /* these need to be global, otherwise they cannot be used inside yacc */ 59 extern struct config_parser_state* cfg_parser; 60 61 #if 0 62 #define OUTYY(s) printf s /* used ONLY when debugging */ 63 #else 64 #define OUTYY(s) 65 #endif 66 67 %} 68 %union { 69 char* str; 70 }; 71 72 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR 73 %token <str> STRING_ARG 74 %token VAR_FORCE_TOPLEVEL 75 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT 76 %token VAR_OUTGOING_RANGE VAR_INTERFACE VAR_PREFER_IP4 77 %token VAR_DO_IP4 VAR_DO_IP6 VAR_DO_NAT64 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP 78 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT 79 %token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT 80 %token VAR_SOCK_QUEUE_TIMEOUT 81 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE 82 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD 83 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP 84 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS 85 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME 86 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY 87 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES 88 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR 89 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION 90 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF 91 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE 92 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE 93 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE 94 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE 95 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG 96 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST 97 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL 98 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC 99 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID 100 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT 101 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR 102 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS 103 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE 104 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE 105 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE 106 %token VAR_CONTROL_USE_CERT VAR_TCP_REUSE_TIMEOUT VAR_MAX_REUSE_TCP_QUERIES 107 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT 108 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII 109 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN 110 %token VAR_VAL_SIG_SKEW_MAX VAR_VAL_MAX_RESTART VAR_CACHE_MIN_TTL 111 %token VAR_VAL_LOG_LEVEL VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING 112 %token VAR_ADD_HOLDDOWN VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE 113 %token VAR_PREFETCH VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT 114 %token VAR_HARDEN_BELOW_NXDOMAIN VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES 115 %token VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS VAR_TCP_UPSTREAM 116 %token VAR_SSL_UPSTREAM VAR_TCP_AUTH_QUERY_TIMEOUT VAR_SSL_SERVICE_KEY 117 %token VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST 118 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE 119 %token VAR_STUB_TCP_UPSTREAM VAR_FORWARD_TCP_UPSTREAM 120 %token VAR_HTTPS_PORT VAR_HTTP_ENDPOINT VAR_HTTP_MAX_STREAMS 121 %token VAR_HTTP_QUERY_BUFFER_SIZE VAR_HTTP_RESPONSE_BUFFER_SIZE 122 %token VAR_HTTP_NODELAY VAR_HTTP_NOTLS_DOWNSTREAM 123 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN 124 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE VAR_UDP_CONNECT 125 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES 126 %token VAR_INFRA_CACHE_MIN_RTT VAR_INFRA_CACHE_MAX_RTT VAR_INFRA_KEEP_PROBING 127 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA 128 %token VAR_NAT64_PREFIX 129 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH VAR_DNSTAP_IP 130 %token VAR_DNSTAP_TLS VAR_DNSTAP_TLS_SERVER_NAME VAR_DNSTAP_TLS_CERT_BUNDLE 131 %token VAR_DNSTAP_TLS_CLIENT_KEY_FILE VAR_DNSTAP_TLS_CLIENT_CERT_FILE 132 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION VAR_DNSTAP_BIDIRECTIONAL 133 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION 134 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 135 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 136 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 137 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 138 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 139 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 140 %token VAR_DNSTAP_SAMPLE_RATE 141 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA 142 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT 143 %token VAR_IP_DSCP 144 %token VAR_DISABLE_DNSSEC_LAME_CHECK 145 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE 146 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE 147 %token VAR_OUTBOUND_MSG_RETRY VAR_MAX_SENT_COUNT VAR_MAX_QUERY_RESTARTS 148 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN 149 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR 150 %token VAR_IP_RATELIMIT_BACKOFF VAR_RATELIMIT_BACKOFF 151 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE 152 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE 153 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6 154 %token VAR_MIN_CLIENT_SUBNET_IPV4 VAR_MIN_CLIENT_SUBNET_IPV6 155 %token VAR_MAX_ECS_TREE_SIZE_IPV4 VAR_MAX_ECS_TREE_SIZE_IPV6 156 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN 157 %token VAR_CACHE_MIN_NEGATIVE_TTL 158 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND 159 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG 160 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION 161 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW 162 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_SERVE_EXPIRED_TTL 163 %token VAR_SERVE_EXPIRED_TTL_RESET VAR_SERVE_EXPIRED_REPLY_TTL 164 %token VAR_SERVE_EXPIRED_CLIENT_TIMEOUT VAR_EDE_SERVE_EXPIRED 165 %token VAR_SERVE_ORIGINAL_TTL VAR_FAKE_DSA 166 %token VAR_FAKE_SHA1 VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR 167 %token VAR_HIDE_HTTP_USER_AGENT VAR_HTTP_USER_AGENT 168 %token VAR_TRUST_ANCHOR_SIGNALING VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD 169 %token VAR_SHM_ENABLE VAR_SHM_KEY VAR_ROOT_KEY_SENTINEL 170 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER 171 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT 172 %token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 173 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 174 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 175 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE 176 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS 177 %token VAR_PAD_RESPONSES VAR_PAD_RESPONSES_BLOCK_SIZE 178 %token VAR_PAD_QUERIES VAR_PAD_QUERIES_BLOCK_SIZE 179 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS 180 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT 181 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED 182 %token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISREPLICAHOST 183 %token VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISREPLICAPORT 184 %token VAR_CACHEDB_REDISTIMEOUT VAR_CACHEDB_REDISREPLICATIMEOUT 185 %token VAR_CACHEDB_REDISEXPIRERECORDS 186 %token VAR_CACHEDB_REDISPATH VAR_CACHEDB_REDISREPLICAPATH 187 %token VAR_CACHEDB_REDISPASSWORD VAR_CACHEDB_REDISREPLICAPASSWORD 188 %token VAR_CACHEDB_REDISLOGICALDB VAR_CACHEDB_REDISREPLICALOGICALDB 189 %token VAR_CACHEDB_REDISCOMMANDTIMEOUT VAR_CACHEDB_REDISREPLICACOMMANDTIMEOUT 190 %token VAR_CACHEDB_REDISCONNECTTIMEOUT VAR_CACHEDB_REDISREPLICACONNECTTIMEOUT 191 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM 192 %token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM 193 %token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL 194 %token VAR_FAST_SERVER_PERMIL VAR_FAST_SERVER_NUM 195 %token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT VAR_TCP_CONNECTION_LIMIT 196 %token VAR_ANSWER_COOKIE VAR_COOKIE_SECRET VAR_IP_RATELIMIT_COOKIE 197 %token VAR_FORWARD_NO_CACHE VAR_STUB_NO_CACHE VAR_LOG_SERVFAIL VAR_DENY_ANY 198 %token VAR_UNKNOWN_SERVER_TIME_LIMIT VAR_LOG_TAG_QUERYREPLY 199 %token VAR_DISCARD_TIMEOUT VAR_WAIT_LIMIT VAR_WAIT_LIMIT_COOKIE 200 %token VAR_WAIT_LIMIT_NETBLOCK VAR_WAIT_LIMIT_COOKIE_NETBLOCK 201 %token VAR_STREAM_WAIT_SIZE VAR_TLS_CIPHERS VAR_TLS_CIPHERSUITES VAR_TLS_USE_SNI 202 %token VAR_IPSET VAR_IPSET_NAME_V4 VAR_IPSET_NAME_V6 203 %token VAR_TLS_SESSION_TICKET_KEYS VAR_RPZ VAR_TAGS VAR_RPZ_ACTION_OVERRIDE 204 %token VAR_RPZ_CNAME_OVERRIDE VAR_RPZ_LOG VAR_RPZ_LOG_NAME 205 %token VAR_DYNLIB VAR_DYNLIB_FILE VAR_EDNS_CLIENT_STRING 206 %token VAR_EDNS_CLIENT_STRING_OPCODE VAR_NSID 207 %token VAR_ZONEMD_PERMISSIVE_MODE VAR_ZONEMD_CHECK VAR_ZONEMD_REJECT_ABSENCE 208 %token VAR_RPZ_SIGNAL_NXDOMAIN_RA VAR_INTERFACE_AUTOMATIC_PORTS VAR_EDE 209 %token VAR_DNS_ERROR_REPORTING 210 %token VAR_INTERFACE_ACTION VAR_INTERFACE_VIEW VAR_INTERFACE_TAG 211 %token VAR_INTERFACE_TAG_ACTION VAR_INTERFACE_TAG_DATA 212 %token VAR_QUIC_PORT VAR_QUIC_SIZE 213 %token VAR_PROXY_PROTOCOL_PORT VAR_STATISTICS_INHIBIT_ZERO 214 %token VAR_HARDEN_UNKNOWN_ADDITIONAL VAR_DISABLE_EDNS_DO VAR_CACHEDB_NO_STORE 215 %token VAR_LOG_DESTADDR VAR_CACHEDB_CHECK_WHEN_SERVE_EXPIRED 216 %token VAR_COOKIE_SECRET_FILE VAR_ITER_SCRUB_NS VAR_ITER_SCRUB_CNAME 217 %token VAR_MAX_GLOBAL_QUOTA VAR_HARDEN_UNVERIFIED_GLUE VAR_LOG_TIME_ISO 218 219 %% 220 toplevelvars: /* empty */ | toplevelvars toplevelvar ; 221 toplevelvar: serverstart contents_server | stub_clause | 222 forward_clause | pythonstart contents_py | 223 rcstart contents_rc | dtstart contents_dt | view_clause | 224 dnscstart contents_dnsc | cachedbstart contents_cachedb | 225 ipsetstart contents_ipset | authstart contents_auth | 226 rpzstart contents_rpz | dynlibstart contents_dl | 227 force_toplevel 228 ; 229 force_toplevel: VAR_FORCE_TOPLEVEL 230 { 231 OUTYY(("\nP(force-toplevel)\n")); 232 cfg_parser->started_toplevel = 0; 233 } 234 ; 235 /* server: declaration */ 236 serverstart: VAR_SERVER 237 { 238 OUTYY(("\nP(server:)\n")); 239 cfg_parser->started_toplevel = 1; 240 } 241 ; 242 contents_server: contents_server content_server 243 | ; 244 content_server: server_num_threads | server_verbosity | server_port | 245 server_outgoing_range | server_do_ip4 | 246 server_do_ip6 | server_do_nat64 | server_prefer_ip4 | 247 server_prefer_ip6 | server_do_udp | server_do_tcp | 248 server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout | 249 server_tcp_keepalive | server_tcp_keepalive_timeout | 250 server_sock_queue_timeout | 251 server_interface | server_chroot | server_username | 252 server_directory | server_logfile | server_pidfile | 253 server_msg_cache_size | server_msg_cache_slabs | 254 server_num_queries_per_thread | server_rrset_cache_size | 255 server_rrset_cache_slabs | server_outgoing_num_tcp | 256 server_infra_host_ttl | server_infra_lame_ttl | 257 server_infra_cache_slabs | server_infra_cache_numhosts | 258 server_infra_cache_lame_size | server_target_fetch_policy | 259 server_harden_short_bufsize | server_harden_large_queries | 260 server_do_not_query_address | server_hide_identity | 261 server_hide_version | server_identity | server_version | 262 server_hide_http_user_agent | server_http_user_agent | 263 server_harden_glue | server_module_conf | server_trust_anchor_file | 264 server_trust_anchor | server_val_override_date | server_bogus_ttl | 265 server_val_clean_additional | server_val_permissive_mode | 266 server_incoming_num_tcp | server_msg_buffer_size | 267 server_key_cache_size | server_key_cache_slabs | 268 server_trusted_keys_file | server_val_nsec3_keysize_iterations | 269 server_use_syslog | server_outgoing_interface | server_root_hints | 270 server_do_not_query_localhost | server_cache_max_ttl | 271 server_harden_dnssec_stripped | server_access_control | 272 server_local_zone | server_local_data | server_interface_automatic | 273 server_statistics_interval | server_do_daemonize | 274 server_use_caps_for_id | server_statistics_cumulative | 275 server_outgoing_port_permit | server_outgoing_port_avoid | 276 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size | 277 server_harden_referral_path | server_private_address | 278 server_private_domain | server_extended_statistics | 279 server_local_data_ptr | server_jostle_timeout | 280 server_unwanted_reply_threshold | server_log_time_ascii | 281 server_domain_insecure | server_val_sig_skew_min | 282 server_val_sig_skew_max | server_val_max_restart | 283 server_cache_min_ttl | server_val_log_level | 284 server_auto_trust_anchor_file | server_add_holddown | 285 server_del_holddown | server_keep_missing | server_so_rcvbuf | 286 server_edns_buffer_size | server_prefetch | server_prefetch_key | 287 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag | 288 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream | 289 server_log_local_actions | 290 server_ssl_service_key | server_ssl_service_pem | server_ssl_port | 291 server_https_port | server_http_endpoint | server_http_max_streams | 292 server_http_query_buffer_size | server_http_response_buffer_size | 293 server_http_nodelay | server_http_notls_downstream | 294 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size | 295 server_so_reuseport | server_delay_close | server_udp_connect | 296 server_unblock_lan_zones | server_insecure_lan_zones | 297 server_dns64_prefix | server_dns64_synthall | server_dns64_ignore_aaaa | 298 server_nat64_prefix | 299 server_infra_cache_min_rtt | server_infra_cache_max_rtt | server_harden_algo_downgrade | 300 server_ip_transparent | server_ip_ratelimit | server_ratelimit | 301 server_ip_dscp | server_infra_keep_probing | 302 server_ip_ratelimit_slabs | server_ratelimit_slabs | 303 server_ip_ratelimit_size | server_ratelimit_size | 304 server_ratelimit_for_domain | 305 server_ratelimit_below_domain | server_ratelimit_factor | 306 server_ip_ratelimit_factor | server_ratelimit_backoff | 307 server_ip_ratelimit_backoff | server_outbound_msg_retry | 308 server_max_sent_count | server_max_query_restarts | 309 server_send_client_subnet | server_client_subnet_zone | 310 server_client_subnet_always_forward | server_client_subnet_opcode | 311 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 | 312 server_min_client_subnet_ipv4 | server_min_client_subnet_ipv6 | 313 server_max_ecs_tree_size_ipv4 | server_max_ecs_tree_size_ipv6 | 314 server_caps_whitelist | server_cache_max_negative_ttl | 315 server_cache_min_negative_ttl | 316 server_permit_small_holddown | server_qname_minimisation | 317 server_ip_freebind | server_define_tag | server_local_zone_tag | 318 server_disable_dnssec_lame_check | server_access_control_tag | 319 server_local_zone_override | server_access_control_tag_action | 320 server_access_control_tag_data | server_access_control_view | 321 server_interface_action | server_interface_view | server_interface_tag | 322 server_interface_tag_action | server_interface_tag_data | 323 server_qname_minimisation_strict | 324 server_pad_responses | server_pad_responses_block_size | 325 server_pad_queries | server_pad_queries_block_size | 326 server_serve_expired | 327 server_serve_expired_ttl | server_serve_expired_ttl_reset | 328 server_serve_expired_reply_ttl | server_serve_expired_client_timeout | 329 server_ede_serve_expired | server_serve_original_ttl | server_fake_dsa | 330 server_log_identity | server_use_systemd | 331 server_response_ip_tag | server_response_ip | server_response_ip_data | 332 server_shm_enable | server_shm_key | server_fake_sha1 | 333 server_hide_trustanchor | server_trust_anchor_signaling | 334 server_root_key_sentinel | 335 server_ipsecmod_enabled | server_ipsecmod_hook | 336 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl | 337 server_ipsecmod_whitelist | server_ipsecmod_strict | 338 server_udp_upstream_without_downstream | server_aggressive_nsec | 339 server_tls_cert_bundle | server_tls_additional_port | server_low_rtt | 340 server_fast_server_permil | server_fast_server_num | server_tls_win_cert | 341 server_tcp_connection_limit | server_log_servfail | server_deny_any | 342 server_unknown_server_time_limit | server_log_tag_queryreply | 343 server_discard_timeout | server_wait_limit | server_wait_limit_cookie | 344 server_wait_limit_netblock | server_wait_limit_cookie_netblock | 345 server_stream_wait_size | server_tls_ciphers | 346 server_tls_ciphersuites | server_tls_session_ticket_keys | 347 server_answer_cookie | server_cookie_secret | server_ip_ratelimit_cookie | 348 server_tls_use_sni | server_edns_client_string | 349 server_edns_client_string_opcode | server_nsid | 350 server_zonemd_permissive_mode | server_max_reuse_tcp_queries | 351 server_tcp_reuse_timeout | server_tcp_auth_query_timeout | 352 server_quic_port | server_quic_size | 353 server_interface_automatic_ports | server_ede | 354 server_dns_error_reporting | 355 server_proxy_protocol_port | server_statistics_inhibit_zero | 356 server_harden_unknown_additional | server_disable_edns_do | 357 server_log_destaddr | server_cookie_secret_file | 358 server_iter_scrub_ns | server_iter_scrub_cname | server_max_global_quota | 359 server_harden_unverified_glue | server_log_time_iso 360 ; 361 stub_clause: stubstart contents_stub 362 { 363 /* stub end */ 364 if(cfg_parser->cfg->stubs && 365 !cfg_parser->cfg->stubs->name) 366 yyerror("stub-zone without name"); 367 } 368 ; 369 stubstart: VAR_STUB_ZONE 370 { 371 struct config_stub* s; 372 OUTYY(("\nP(stub_zone:)\n")); 373 cfg_parser->started_toplevel = 1; 374 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 375 if(s) { 376 s->next = cfg_parser->cfg->stubs; 377 cfg_parser->cfg->stubs = s; 378 } else { 379 yyerror("out of memory"); 380 } 381 } 382 ; 383 contents_stub: contents_stub content_stub 384 | ; 385 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first | 386 stub_no_cache | stub_ssl_upstream | stub_tcp_upstream 387 ; 388 forward_clause: forwardstart contents_forward 389 { 390 /* forward end */ 391 if(cfg_parser->cfg->forwards && 392 !cfg_parser->cfg->forwards->name) 393 yyerror("forward-zone without name"); 394 } 395 ; 396 forwardstart: VAR_FORWARD_ZONE 397 { 398 struct config_stub* s; 399 OUTYY(("\nP(forward_zone:)\n")); 400 cfg_parser->started_toplevel = 1; 401 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 402 if(s) { 403 s->next = cfg_parser->cfg->forwards; 404 cfg_parser->cfg->forwards = s; 405 } else { 406 yyerror("out of memory"); 407 } 408 } 409 ; 410 contents_forward: contents_forward content_forward 411 | ; 412 content_forward: forward_name | forward_host | forward_addr | forward_first | 413 forward_no_cache | forward_ssl_upstream | forward_tcp_upstream 414 ; 415 view_clause: viewstart contents_view 416 { 417 /* view end */ 418 if(cfg_parser->cfg->views && 419 !cfg_parser->cfg->views->name) 420 yyerror("view without name"); 421 } 422 ; 423 viewstart: VAR_VIEW 424 { 425 struct config_view* s; 426 OUTYY(("\nP(view:)\n")); 427 cfg_parser->started_toplevel = 1; 428 s = (struct config_view*)calloc(1, sizeof(struct config_view)); 429 if(s) { 430 s->next = cfg_parser->cfg->views; 431 cfg_parser->cfg->views = s; 432 } else { 433 yyerror("out of memory"); 434 } 435 } 436 ; 437 contents_view: contents_view content_view 438 | ; 439 content_view: view_name | view_local_zone | view_local_data | view_first | 440 view_response_ip | view_response_ip_data | view_local_data_ptr 441 ; 442 authstart: VAR_AUTH_ZONE 443 { 444 struct config_auth* s; 445 OUTYY(("\nP(auth_zone:)\n")); 446 cfg_parser->started_toplevel = 1; 447 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 448 if(s) { 449 s->next = cfg_parser->cfg->auths; 450 cfg_parser->cfg->auths = s; 451 /* defaults for auth zone */ 452 s->for_downstream = 1; 453 s->for_upstream = 1; 454 s->fallback_enabled = 0; 455 s->zonemd_check = 0; 456 s->zonemd_reject_absence = 0; 457 s->isrpz = 0; 458 } else { 459 yyerror("out of memory"); 460 } 461 } 462 ; 463 contents_auth: contents_auth content_auth 464 | ; 465 content_auth: auth_name | auth_zonefile | auth_master | auth_url | 466 auth_for_downstream | auth_for_upstream | auth_fallback_enabled | 467 auth_allow_notify | auth_zonemd_check | auth_zonemd_reject_absence 468 ; 469 470 rpz_tag: VAR_TAGS STRING_ARG 471 { 472 uint8_t* bitlist; 473 size_t len = 0; 474 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 475 bitlist = config_parse_taglist(cfg_parser->cfg, $2, 476 &len); 477 free($2); 478 if(!bitlist) { 479 yyerror("could not parse tags, (define-tag them first)"); 480 } 481 if(bitlist) { 482 cfg_parser->cfg->auths->rpz_taglist = bitlist; 483 cfg_parser->cfg->auths->rpz_taglistlen = len; 484 485 } 486 } 487 ; 488 489 rpz_action_override: VAR_RPZ_ACTION_OVERRIDE STRING_ARG 490 { 491 OUTYY(("P(rpz_action_override:%s)\n", $2)); 492 if(strcmp($2, "nxdomain")!=0 && strcmp($2, "nodata")!=0 && 493 strcmp($2, "passthru")!=0 && strcmp($2, "drop")!=0 && 494 strcmp($2, "cname")!=0 && strcmp($2, "disabled")!=0) { 495 yyerror("rpz-action-override action: expected nxdomain, " 496 "nodata, passthru, drop, cname or disabled"); 497 free($2); 498 cfg_parser->cfg->auths->rpz_action_override = NULL; 499 } 500 else { 501 cfg_parser->cfg->auths->rpz_action_override = $2; 502 } 503 } 504 ; 505 506 rpz_cname_override: VAR_RPZ_CNAME_OVERRIDE STRING_ARG 507 { 508 OUTYY(("P(rpz_cname_override:%s)\n", $2)); 509 free(cfg_parser->cfg->auths->rpz_cname); 510 cfg_parser->cfg->auths->rpz_cname = $2; 511 } 512 ; 513 514 rpz_log: VAR_RPZ_LOG STRING_ARG 515 { 516 OUTYY(("P(rpz_log:%s)\n", $2)); 517 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 518 yyerror("expected yes or no."); 519 else cfg_parser->cfg->auths->rpz_log = (strcmp($2, "yes")==0); 520 free($2); 521 } 522 ; 523 524 rpz_log_name: VAR_RPZ_LOG_NAME STRING_ARG 525 { 526 OUTYY(("P(rpz_log_name:%s)\n", $2)); 527 free(cfg_parser->cfg->auths->rpz_log_name); 528 cfg_parser->cfg->auths->rpz_log_name = $2; 529 } 530 ; 531 rpz_signal_nxdomain_ra: VAR_RPZ_SIGNAL_NXDOMAIN_RA STRING_ARG 532 { 533 OUTYY(("P(rpz_signal_nxdomain_ra:%s)\n", $2)); 534 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 535 yyerror("expected yes or no."); 536 else cfg_parser->cfg->auths->rpz_signal_nxdomain_ra = (strcmp($2, "yes")==0); 537 free($2); 538 } 539 ; 540 541 rpzstart: VAR_RPZ 542 { 543 struct config_auth* s; 544 OUTYY(("\nP(rpz:)\n")); 545 cfg_parser->started_toplevel = 1; 546 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 547 if(s) { 548 s->next = cfg_parser->cfg->auths; 549 cfg_parser->cfg->auths = s; 550 /* defaults for RPZ auth zone */ 551 s->for_downstream = 0; 552 s->for_upstream = 0; 553 s->fallback_enabled = 0; 554 s->isrpz = 1; 555 } else { 556 yyerror("out of memory"); 557 } 558 } 559 ; 560 contents_rpz: contents_rpz content_rpz 561 | ; 562 content_rpz: auth_name | auth_zonefile | rpz_tag | auth_master | auth_url | 563 auth_allow_notify | rpz_action_override | rpz_cname_override | 564 rpz_log | rpz_log_name | rpz_signal_nxdomain_ra | auth_for_downstream 565 ; 566 server_num_threads: VAR_NUM_THREADS STRING_ARG 567 { 568 OUTYY(("P(server_num_threads:%s)\n", $2)); 569 if(atoi($2) == 0 && strcmp($2, "0") != 0) 570 yyerror("number expected"); 571 else cfg_parser->cfg->num_threads = atoi($2); 572 free($2); 573 } 574 ; 575 server_verbosity: VAR_VERBOSITY STRING_ARG 576 { 577 OUTYY(("P(server_verbosity:%s)\n", $2)); 578 if(atoi($2) == 0 && strcmp($2, "0") != 0) 579 yyerror("number expected"); 580 else cfg_parser->cfg->verbosity = atoi($2); 581 free($2); 582 } 583 ; 584 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG 585 { 586 OUTYY(("P(server_statistics_interval:%s)\n", $2)); 587 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 588 cfg_parser->cfg->stat_interval = 0; 589 else if(atoi($2) == 0) 590 yyerror("number expected"); 591 else cfg_parser->cfg->stat_interval = atoi($2); 592 free($2); 593 } 594 ; 595 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG 596 { 597 OUTYY(("P(server_statistics_cumulative:%s)\n", $2)); 598 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 599 yyerror("expected yes or no."); 600 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0); 601 free($2); 602 } 603 ; 604 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG 605 { 606 OUTYY(("P(server_extended_statistics:%s)\n", $2)); 607 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 608 yyerror("expected yes or no."); 609 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0); 610 free($2); 611 } 612 ; 613 server_statistics_inhibit_zero: VAR_STATISTICS_INHIBIT_ZERO STRING_ARG 614 { 615 OUTYY(("P(server_statistics_inhibit_zero:%s)\n", $2)); 616 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 617 yyerror("expected yes or no."); 618 else cfg_parser->cfg->stat_inhibit_zero = (strcmp($2, "yes")==0); 619 free($2); 620 } 621 ; 622 server_shm_enable: VAR_SHM_ENABLE STRING_ARG 623 { 624 OUTYY(("P(server_shm_enable:%s)\n", $2)); 625 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 626 yyerror("expected yes or no."); 627 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0); 628 free($2); 629 } 630 ; 631 server_shm_key: VAR_SHM_KEY STRING_ARG 632 { 633 OUTYY(("P(server_shm_key:%s)\n", $2)); 634 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 635 cfg_parser->cfg->shm_key = 0; 636 else if(atoi($2) == 0) 637 yyerror("number expected"); 638 else cfg_parser->cfg->shm_key = atoi($2); 639 free($2); 640 } 641 ; 642 server_port: VAR_PORT STRING_ARG 643 { 644 OUTYY(("P(server_port:%s)\n", $2)); 645 if(atoi($2) == 0) 646 yyerror("port number expected"); 647 else cfg_parser->cfg->port = atoi($2); 648 free($2); 649 } 650 ; 651 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG 652 { 653 #ifdef CLIENT_SUBNET 654 OUTYY(("P(server_send_client_subnet:%s)\n", $2)); 655 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2)) 656 fatal_exit("out of memory adding client-subnet"); 657 #else 658 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 659 free($2); 660 #endif 661 } 662 ; 663 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG 664 { 665 #ifdef CLIENT_SUBNET 666 OUTYY(("P(server_client_subnet_zone:%s)\n", $2)); 667 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone, 668 $2)) 669 fatal_exit("out of memory adding client-subnet-zone"); 670 #else 671 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 672 free($2); 673 #endif 674 } 675 ; 676 server_client_subnet_always_forward: 677 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG 678 { 679 #ifdef CLIENT_SUBNET 680 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2)); 681 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 682 yyerror("expected yes or no."); 683 else 684 cfg_parser->cfg->client_subnet_always_forward = 685 (strcmp($2, "yes")==0); 686 #else 687 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 688 #endif 689 free($2); 690 } 691 ; 692 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG 693 { 694 #ifdef CLIENT_SUBNET 695 OUTYY(("P(client_subnet_opcode:%s)\n", $2)); 696 OUTYY(("P(Deprecated option, ignoring)\n")); 697 #else 698 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 699 #endif 700 free($2); 701 } 702 ; 703 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG 704 { 705 #ifdef CLIENT_SUBNET 706 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2)); 707 if(atoi($2) == 0 && strcmp($2, "0") != 0) 708 yyerror("IPv4 subnet length expected"); 709 else if (atoi($2) > 32) 710 cfg_parser->cfg->max_client_subnet_ipv4 = 32; 711 else if (atoi($2) < 0) 712 cfg_parser->cfg->max_client_subnet_ipv4 = 0; 713 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2); 714 #else 715 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 716 #endif 717 free($2); 718 } 719 ; 720 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG 721 { 722 #ifdef CLIENT_SUBNET 723 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2)); 724 if(atoi($2) == 0 && strcmp($2, "0") != 0) 725 yyerror("Ipv6 subnet length expected"); 726 else if (atoi($2) > 128) 727 cfg_parser->cfg->max_client_subnet_ipv6 = 128; 728 else if (atoi($2) < 0) 729 cfg_parser->cfg->max_client_subnet_ipv6 = 0; 730 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2); 731 #else 732 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 733 #endif 734 free($2); 735 } 736 ; 737 server_min_client_subnet_ipv4: VAR_MIN_CLIENT_SUBNET_IPV4 STRING_ARG 738 { 739 #ifdef CLIENT_SUBNET 740 OUTYY(("P(min_client_subnet_ipv4:%s)\n", $2)); 741 if(atoi($2) == 0 && strcmp($2, "0") != 0) 742 yyerror("IPv4 subnet length expected"); 743 else if (atoi($2) > 32) 744 cfg_parser->cfg->min_client_subnet_ipv4 = 32; 745 else if (atoi($2) < 0) 746 cfg_parser->cfg->min_client_subnet_ipv4 = 0; 747 else cfg_parser->cfg->min_client_subnet_ipv4 = (uint8_t)atoi($2); 748 #else 749 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 750 #endif 751 free($2); 752 } 753 ; 754 server_min_client_subnet_ipv6: VAR_MIN_CLIENT_SUBNET_IPV6 STRING_ARG 755 { 756 #ifdef CLIENT_SUBNET 757 OUTYY(("P(min_client_subnet_ipv6:%s)\n", $2)); 758 if(atoi($2) == 0 && strcmp($2, "0") != 0) 759 yyerror("Ipv6 subnet length expected"); 760 else if (atoi($2) > 128) 761 cfg_parser->cfg->min_client_subnet_ipv6 = 128; 762 else if (atoi($2) < 0) 763 cfg_parser->cfg->min_client_subnet_ipv6 = 0; 764 else cfg_parser->cfg->min_client_subnet_ipv6 = (uint8_t)atoi($2); 765 #else 766 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 767 #endif 768 free($2); 769 } 770 ; 771 server_max_ecs_tree_size_ipv4: VAR_MAX_ECS_TREE_SIZE_IPV4 STRING_ARG 772 { 773 #ifdef CLIENT_SUBNET 774 OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", $2)); 775 if(atoi($2) == 0 && strcmp($2, "0") != 0) 776 yyerror("IPv4 ECS tree size expected"); 777 else if (atoi($2) < 0) 778 cfg_parser->cfg->max_ecs_tree_size_ipv4 = 0; 779 else cfg_parser->cfg->max_ecs_tree_size_ipv4 = (uint32_t)atoi($2); 780 #else 781 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 782 #endif 783 free($2); 784 } 785 ; 786 server_max_ecs_tree_size_ipv6: VAR_MAX_ECS_TREE_SIZE_IPV6 STRING_ARG 787 { 788 #ifdef CLIENT_SUBNET 789 OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", $2)); 790 if(atoi($2) == 0 && strcmp($2, "0") != 0) 791 yyerror("IPv6 ECS tree size expected"); 792 else if (atoi($2) < 0) 793 cfg_parser->cfg->max_ecs_tree_size_ipv6 = 0; 794 else cfg_parser->cfg->max_ecs_tree_size_ipv6 = (uint32_t)atoi($2); 795 #else 796 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 797 #endif 798 free($2); 799 } 800 ; 801 server_interface: VAR_INTERFACE STRING_ARG 802 { 803 OUTYY(("P(server_interface:%s)\n", $2)); 804 if(cfg_parser->cfg->num_ifs == 0) 805 cfg_parser->cfg->ifs = calloc(1, sizeof(char*)); 806 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs, 807 (cfg_parser->cfg->num_ifs+1)*sizeof(char*)); 808 if(!cfg_parser->cfg->ifs) 809 yyerror("out of memory"); 810 else 811 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2; 812 } 813 ; 814 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG 815 { 816 OUTYY(("P(server_outgoing_interface:%s)\n", $2)); 817 if(cfg_parser->cfg->num_out_ifs == 0) 818 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*)); 819 else cfg_parser->cfg->out_ifs = realloc( 820 cfg_parser->cfg->out_ifs, 821 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*)); 822 if(!cfg_parser->cfg->out_ifs) 823 yyerror("out of memory"); 824 else 825 cfg_parser->cfg->out_ifs[ 826 cfg_parser->cfg->num_out_ifs++] = $2; 827 } 828 ; 829 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG 830 { 831 OUTYY(("P(server_outgoing_range:%s)\n", $2)); 832 if(atoi($2) == 0) 833 yyerror("number expected"); 834 else cfg_parser->cfg->outgoing_num_ports = atoi($2); 835 free($2); 836 } 837 ; 838 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG 839 { 840 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2)); 841 if(!cfg_mark_ports($2, 1, 842 cfg_parser->cfg->outgoing_avail_ports, 65536)) 843 yyerror("port number or range (\"low-high\") expected"); 844 free($2); 845 } 846 ; 847 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG 848 { 849 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2)); 850 if(!cfg_mark_ports($2, 0, 851 cfg_parser->cfg->outgoing_avail_ports, 65536)) 852 yyerror("port number or range (\"low-high\") expected"); 853 free($2); 854 } 855 ; 856 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG 857 { 858 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2)); 859 if(atoi($2) == 0 && strcmp($2, "0") != 0) 860 yyerror("number expected"); 861 else cfg_parser->cfg->outgoing_num_tcp = atoi($2); 862 free($2); 863 } 864 ; 865 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG 866 { 867 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2)); 868 if(atoi($2) == 0 && strcmp($2, "0") != 0) 869 yyerror("number expected"); 870 else cfg_parser->cfg->incoming_num_tcp = atoi($2); 871 free($2); 872 } 873 ; 874 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG 875 { 876 OUTYY(("P(server_interface_automatic:%s)\n", $2)); 877 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 878 yyerror("expected yes or no."); 879 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0); 880 free($2); 881 } 882 ; 883 server_interface_automatic_ports: VAR_INTERFACE_AUTOMATIC_PORTS STRING_ARG 884 { 885 OUTYY(("P(server_interface_automatic_ports:%s)\n", $2)); 886 free(cfg_parser->cfg->if_automatic_ports); 887 cfg_parser->cfg->if_automatic_ports = $2; 888 } 889 ; 890 server_do_ip4: VAR_DO_IP4 STRING_ARG 891 { 892 OUTYY(("P(server_do_ip4:%s)\n", $2)); 893 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 894 yyerror("expected yes or no."); 895 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0); 896 free($2); 897 } 898 ; 899 server_do_ip6: VAR_DO_IP6 STRING_ARG 900 { 901 OUTYY(("P(server_do_ip6:%s)\n", $2)); 902 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 903 yyerror("expected yes or no."); 904 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0); 905 free($2); 906 } 907 ; 908 server_do_nat64: VAR_DO_NAT64 STRING_ARG 909 { 910 OUTYY(("P(server_do_nat64:%s)\n", $2)); 911 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 912 yyerror("expected yes or no."); 913 else cfg_parser->cfg->do_nat64 = (strcmp($2, "yes")==0); 914 free($2); 915 } 916 ; 917 server_do_udp: VAR_DO_UDP STRING_ARG 918 { 919 OUTYY(("P(server_do_udp:%s)\n", $2)); 920 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 921 yyerror("expected yes or no."); 922 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0); 923 free($2); 924 } 925 ; 926 server_do_tcp: VAR_DO_TCP STRING_ARG 927 { 928 OUTYY(("P(server_do_tcp:%s)\n", $2)); 929 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 930 yyerror("expected yes or no."); 931 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0); 932 free($2); 933 } 934 ; 935 server_prefer_ip4: VAR_PREFER_IP4 STRING_ARG 936 { 937 OUTYY(("P(server_prefer_ip4:%s)\n", $2)); 938 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 939 yyerror("expected yes or no."); 940 else cfg_parser->cfg->prefer_ip4 = (strcmp($2, "yes")==0); 941 free($2); 942 } 943 ; 944 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG 945 { 946 OUTYY(("P(server_prefer_ip6:%s)\n", $2)); 947 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 948 yyerror("expected yes or no."); 949 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0); 950 free($2); 951 } 952 ; 953 server_tcp_mss: VAR_TCP_MSS STRING_ARG 954 { 955 OUTYY(("P(server_tcp_mss:%s)\n", $2)); 956 if(atoi($2) == 0 && strcmp($2, "0") != 0) 957 yyerror("number expected"); 958 else cfg_parser->cfg->tcp_mss = atoi($2); 959 free($2); 960 } 961 ; 962 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG 963 { 964 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2)); 965 if(atoi($2) == 0 && strcmp($2, "0") != 0) 966 yyerror("number expected"); 967 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2); 968 free($2); 969 } 970 ; 971 server_tcp_idle_timeout: VAR_TCP_IDLE_TIMEOUT STRING_ARG 972 { 973 OUTYY(("P(server_tcp_idle_timeout:%s)\n", $2)); 974 if(atoi($2) == 0 && strcmp($2, "0") != 0) 975 yyerror("number expected"); 976 else if (atoi($2) > 120000) 977 cfg_parser->cfg->tcp_idle_timeout = 120000; 978 else if (atoi($2) < 1) 979 cfg_parser->cfg->tcp_idle_timeout = 1; 980 else cfg_parser->cfg->tcp_idle_timeout = atoi($2); 981 free($2); 982 } 983 ; 984 server_max_reuse_tcp_queries: VAR_MAX_REUSE_TCP_QUERIES STRING_ARG 985 { 986 OUTYY(("P(server_max_reuse_tcp_queries:%s)\n", $2)); 987 if(atoi($2) == 0 && strcmp($2, "0") != 0) 988 yyerror("number expected"); 989 else if (atoi($2) < 1) 990 cfg_parser->cfg->max_reuse_tcp_queries = 0; 991 else cfg_parser->cfg->max_reuse_tcp_queries = atoi($2); 992 free($2); 993 } 994 ; 995 server_tcp_reuse_timeout: VAR_TCP_REUSE_TIMEOUT STRING_ARG 996 { 997 OUTYY(("P(server_tcp_reuse_timeout:%s)\n", $2)); 998 if(atoi($2) == 0 && strcmp($2, "0") != 0) 999 yyerror("number expected"); 1000 else if (atoi($2) < 1) 1001 cfg_parser->cfg->tcp_reuse_timeout = 0; 1002 else cfg_parser->cfg->tcp_reuse_timeout = atoi($2); 1003 free($2); 1004 } 1005 ; 1006 server_tcp_auth_query_timeout: VAR_TCP_AUTH_QUERY_TIMEOUT STRING_ARG 1007 { 1008 OUTYY(("P(server_tcp_auth_query_timeout:%s)\n", $2)); 1009 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1010 yyerror("number expected"); 1011 else if (atoi($2) < 1) 1012 cfg_parser->cfg->tcp_auth_query_timeout = 0; 1013 else cfg_parser->cfg->tcp_auth_query_timeout = atoi($2); 1014 free($2); 1015 } 1016 ; 1017 server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG 1018 { 1019 OUTYY(("P(server_tcp_keepalive:%s)\n", $2)); 1020 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1021 yyerror("expected yes or no."); 1022 else cfg_parser->cfg->do_tcp_keepalive = (strcmp($2, "yes")==0); 1023 free($2); 1024 } 1025 ; 1026 server_tcp_keepalive_timeout: VAR_EDNS_TCP_KEEPALIVE_TIMEOUT STRING_ARG 1027 { 1028 OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", $2)); 1029 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1030 yyerror("number expected"); 1031 else if (atoi($2) > 6553500) 1032 cfg_parser->cfg->tcp_keepalive_timeout = 6553500; 1033 else if (atoi($2) < 1) 1034 cfg_parser->cfg->tcp_keepalive_timeout = 0; 1035 else cfg_parser->cfg->tcp_keepalive_timeout = atoi($2); 1036 free($2); 1037 } 1038 ; 1039 server_sock_queue_timeout: VAR_SOCK_QUEUE_TIMEOUT STRING_ARG 1040 { 1041 OUTYY(("P(server_sock_queue_timeout:%s)\n", $2)); 1042 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1043 yyerror("number expected"); 1044 else if (atoi($2) > 6553500) 1045 cfg_parser->cfg->sock_queue_timeout = 6553500; 1046 else if (atoi($2) < 1) 1047 cfg_parser->cfg->sock_queue_timeout = 0; 1048 else cfg_parser->cfg->sock_queue_timeout = atoi($2); 1049 free($2); 1050 } 1051 ; 1052 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG 1053 { 1054 OUTYY(("P(server_tcp_upstream:%s)\n", $2)); 1055 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1056 yyerror("expected yes or no."); 1057 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0); 1058 free($2); 1059 } 1060 ; 1061 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG 1062 { 1063 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2)); 1064 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1065 yyerror("expected yes or no."); 1066 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0); 1067 free($2); 1068 } 1069 ; 1070 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG 1071 { 1072 OUTYY(("P(server_ssl_upstream:%s)\n", $2)); 1073 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1074 yyerror("expected yes or no."); 1075 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0); 1076 free($2); 1077 } 1078 ; 1079 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG 1080 { 1081 OUTYY(("P(server_ssl_service_key:%s)\n", $2)); 1082 free(cfg_parser->cfg->ssl_service_key); 1083 cfg_parser->cfg->ssl_service_key = $2; 1084 } 1085 ; 1086 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG 1087 { 1088 OUTYY(("P(server_ssl_service_pem:%s)\n", $2)); 1089 free(cfg_parser->cfg->ssl_service_pem); 1090 cfg_parser->cfg->ssl_service_pem = $2; 1091 } 1092 ; 1093 server_ssl_port: VAR_SSL_PORT STRING_ARG 1094 { 1095 OUTYY(("P(server_ssl_port:%s)\n", $2)); 1096 if(atoi($2) == 0) 1097 yyerror("port number expected"); 1098 else cfg_parser->cfg->ssl_port = atoi($2); 1099 free($2); 1100 } 1101 ; 1102 server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG 1103 { 1104 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2)); 1105 free(cfg_parser->cfg->tls_cert_bundle); 1106 cfg_parser->cfg->tls_cert_bundle = $2; 1107 } 1108 ; 1109 server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG 1110 { 1111 OUTYY(("P(server_tls_win_cert:%s)\n", $2)); 1112 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1113 yyerror("expected yes or no."); 1114 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0); 1115 free($2); 1116 } 1117 ; 1118 server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG 1119 { 1120 OUTYY(("P(server_tls_additional_port:%s)\n", $2)); 1121 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port, 1122 $2)) 1123 yyerror("out of memory"); 1124 } 1125 ; 1126 server_tls_ciphers: VAR_TLS_CIPHERS STRING_ARG 1127 { 1128 OUTYY(("P(server_tls_ciphers:%s)\n", $2)); 1129 free(cfg_parser->cfg->tls_ciphers); 1130 cfg_parser->cfg->tls_ciphers = $2; 1131 } 1132 ; 1133 server_tls_ciphersuites: VAR_TLS_CIPHERSUITES STRING_ARG 1134 { 1135 OUTYY(("P(server_tls_ciphersuites:%s)\n", $2)); 1136 free(cfg_parser->cfg->tls_ciphersuites); 1137 cfg_parser->cfg->tls_ciphersuites = $2; 1138 } 1139 ; 1140 server_tls_session_ticket_keys: VAR_TLS_SESSION_TICKET_KEYS STRING_ARG 1141 { 1142 OUTYY(("P(server_tls_session_ticket_keys:%s)\n", $2)); 1143 if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys, 1144 $2)) 1145 yyerror("out of memory"); 1146 } 1147 ; 1148 server_tls_use_sni: VAR_TLS_USE_SNI STRING_ARG 1149 { 1150 OUTYY(("P(server_tls_use_sni:%s)\n", $2)); 1151 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1152 yyerror("expected yes or no."); 1153 else cfg_parser->cfg->tls_use_sni = (strcmp($2, "yes")==0); 1154 free($2); 1155 } 1156 ; 1157 server_https_port: VAR_HTTPS_PORT STRING_ARG 1158 { 1159 OUTYY(("P(server_https_port:%s)\n", $2)); 1160 if(atoi($2) == 0) 1161 yyerror("port number expected"); 1162 else cfg_parser->cfg->https_port = atoi($2); 1163 free($2); 1164 }; 1165 server_http_endpoint: VAR_HTTP_ENDPOINT STRING_ARG 1166 { 1167 OUTYY(("P(server_http_endpoint:%s)\n", $2)); 1168 free(cfg_parser->cfg->http_endpoint); 1169 if($2 && $2[0] != '/') { 1170 cfg_parser->cfg->http_endpoint = malloc(strlen($2)+2); 1171 if(!cfg_parser->cfg->http_endpoint) 1172 yyerror("out of memory"); 1173 cfg_parser->cfg->http_endpoint[0] = '/'; 1174 memmove(cfg_parser->cfg->http_endpoint+1, $2, 1175 strlen($2)+1); 1176 free($2); 1177 } else { 1178 cfg_parser->cfg->http_endpoint = $2; 1179 } 1180 }; 1181 server_http_max_streams: VAR_HTTP_MAX_STREAMS STRING_ARG 1182 { 1183 OUTYY(("P(server_http_max_streams:%s)\n", $2)); 1184 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1185 yyerror("number expected"); 1186 else cfg_parser->cfg->http_max_streams = atoi($2); 1187 free($2); 1188 }; 1189 server_http_query_buffer_size: VAR_HTTP_QUERY_BUFFER_SIZE STRING_ARG 1190 { 1191 OUTYY(("P(server_http_query_buffer_size:%s)\n", $2)); 1192 if(!cfg_parse_memsize($2, 1193 &cfg_parser->cfg->http_query_buffer_size)) 1194 yyerror("memory size expected"); 1195 free($2); 1196 }; 1197 server_http_response_buffer_size: VAR_HTTP_RESPONSE_BUFFER_SIZE STRING_ARG 1198 { 1199 OUTYY(("P(server_http_response_buffer_size:%s)\n", $2)); 1200 if(!cfg_parse_memsize($2, 1201 &cfg_parser->cfg->http_response_buffer_size)) 1202 yyerror("memory size expected"); 1203 free($2); 1204 }; 1205 server_http_nodelay: VAR_HTTP_NODELAY STRING_ARG 1206 { 1207 OUTYY(("P(server_http_nodelay:%s)\n", $2)); 1208 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1209 yyerror("expected yes or no."); 1210 else cfg_parser->cfg->http_nodelay = (strcmp($2, "yes")==0); 1211 free($2); 1212 }; 1213 server_http_notls_downstream: VAR_HTTP_NOTLS_DOWNSTREAM STRING_ARG 1214 { 1215 OUTYY(("P(server_http_notls_downstream:%s)\n", $2)); 1216 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1217 yyerror("expected yes or no."); 1218 else cfg_parser->cfg->http_notls_downstream = (strcmp($2, "yes")==0); 1219 free($2); 1220 }; 1221 server_quic_port: VAR_QUIC_PORT STRING_ARG 1222 { 1223 OUTYY(("P(server_quic_port:%s)\n", $2)); 1224 #ifndef HAVE_NGTCP2 1225 log_warn("%s:%d: Unbound is not compiled with " 1226 "ngtcp2. This is required to use DNS " 1227 "over QUIC.", cfg_parser->filename, cfg_parser->line); 1228 #endif 1229 if(atoi($2) == 0) 1230 yyerror("port number expected"); 1231 else cfg_parser->cfg->quic_port = atoi($2); 1232 free($2); 1233 }; 1234 server_quic_size: VAR_QUIC_SIZE STRING_ARG 1235 { 1236 OUTYY(("P(server_quic_size:%s)\n", $2)); 1237 if(!cfg_parse_memsize($2, &cfg_parser->cfg->quic_size)) 1238 yyerror("memory size expected"); 1239 free($2); 1240 }; 1241 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG 1242 { 1243 OUTYY(("P(server_use_systemd:%s)\n", $2)); 1244 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1245 yyerror("expected yes or no."); 1246 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0); 1247 free($2); 1248 } 1249 ; 1250 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG 1251 { 1252 OUTYY(("P(server_do_daemonize:%s)\n", $2)); 1253 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1254 yyerror("expected yes or no."); 1255 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0); 1256 free($2); 1257 } 1258 ; 1259 server_use_syslog: VAR_USE_SYSLOG STRING_ARG 1260 { 1261 OUTYY(("P(server_use_syslog:%s)\n", $2)); 1262 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1263 yyerror("expected yes or no."); 1264 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0); 1265 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS) 1266 if(strcmp($2, "yes") == 0) 1267 yyerror("no syslog services are available. " 1268 "(reconfigure and compile to add)"); 1269 #endif 1270 free($2); 1271 } 1272 ; 1273 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG 1274 { 1275 OUTYY(("P(server_log_time_ascii:%s)\n", $2)); 1276 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1277 yyerror("expected yes or no."); 1278 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0); 1279 free($2); 1280 } 1281 ; 1282 server_log_time_iso: VAR_LOG_TIME_ISO STRING_ARG 1283 { 1284 OUTYY(("P(server_log_time_iso:%s)\n", $2)); 1285 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1286 yyerror("expected yes or no."); 1287 else cfg_parser->cfg->log_time_iso = (strcmp($2, "yes")==0); 1288 free($2); 1289 } 1290 ; 1291 server_log_queries: VAR_LOG_QUERIES STRING_ARG 1292 { 1293 OUTYY(("P(server_log_queries:%s)\n", $2)); 1294 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1295 yyerror("expected yes or no."); 1296 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0); 1297 free($2); 1298 } 1299 ; 1300 server_log_replies: VAR_LOG_REPLIES STRING_ARG 1301 { 1302 OUTYY(("P(server_log_replies:%s)\n", $2)); 1303 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1304 yyerror("expected yes or no."); 1305 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0); 1306 free($2); 1307 } 1308 ; 1309 server_log_tag_queryreply: VAR_LOG_TAG_QUERYREPLY STRING_ARG 1310 { 1311 OUTYY(("P(server_log_tag_queryreply:%s)\n", $2)); 1312 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1313 yyerror("expected yes or no."); 1314 else cfg_parser->cfg->log_tag_queryreply = (strcmp($2, "yes")==0); 1315 free($2); 1316 } 1317 ; 1318 server_log_servfail: VAR_LOG_SERVFAIL STRING_ARG 1319 { 1320 OUTYY(("P(server_log_servfail:%s)\n", $2)); 1321 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1322 yyerror("expected yes or no."); 1323 else cfg_parser->cfg->log_servfail = (strcmp($2, "yes")==0); 1324 free($2); 1325 } 1326 ; 1327 server_log_destaddr: VAR_LOG_DESTADDR STRING_ARG 1328 { 1329 OUTYY(("P(server_log_destaddr:%s)\n", $2)); 1330 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1331 yyerror("expected yes or no."); 1332 else cfg_parser->cfg->log_destaddr = (strcmp($2, "yes")==0); 1333 free($2); 1334 } 1335 ; 1336 server_log_local_actions: VAR_LOG_LOCAL_ACTIONS STRING_ARG 1337 { 1338 OUTYY(("P(server_log_local_actions:%s)\n", $2)); 1339 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1340 yyerror("expected yes or no."); 1341 else cfg_parser->cfg->log_local_actions = (strcmp($2, "yes")==0); 1342 free($2); 1343 } 1344 ; 1345 server_chroot: VAR_CHROOT STRING_ARG 1346 { 1347 OUTYY(("P(server_chroot:%s)\n", $2)); 1348 free(cfg_parser->cfg->chrootdir); 1349 cfg_parser->cfg->chrootdir = $2; 1350 } 1351 ; 1352 server_username: VAR_USERNAME STRING_ARG 1353 { 1354 OUTYY(("P(server_username:%s)\n", $2)); 1355 free(cfg_parser->cfg->username); 1356 cfg_parser->cfg->username = $2; 1357 } 1358 ; 1359 server_directory: VAR_DIRECTORY STRING_ARG 1360 { 1361 OUTYY(("P(server_directory:%s)\n", $2)); 1362 free(cfg_parser->cfg->directory); 1363 cfg_parser->cfg->directory = $2; 1364 /* change there right away for includes relative to this */ 1365 if($2[0]) { 1366 char* d; 1367 #ifdef UB_ON_WINDOWS 1368 w_config_adjust_directory(cfg_parser->cfg); 1369 #endif 1370 d = cfg_parser->cfg->directory; 1371 /* adjust directory if we have already chroot, 1372 * like, we reread after sighup */ 1373 if(cfg_parser->chroot && cfg_parser->chroot[0] && 1374 strncmp(d, cfg_parser->chroot, strlen( 1375 cfg_parser->chroot)) == 0) 1376 d += strlen(cfg_parser->chroot); 1377 if(d[0]) { 1378 if(chdir(d)) 1379 log_err("cannot chdir to directory: %s (%s)", 1380 d, strerror(errno)); 1381 } 1382 } 1383 } 1384 ; 1385 server_logfile: VAR_LOGFILE STRING_ARG 1386 { 1387 OUTYY(("P(server_logfile:%s)\n", $2)); 1388 free(cfg_parser->cfg->logfile); 1389 cfg_parser->cfg->logfile = $2; 1390 cfg_parser->cfg->use_syslog = 0; 1391 } 1392 ; 1393 server_pidfile: VAR_PIDFILE STRING_ARG 1394 { 1395 OUTYY(("P(server_pidfile:%s)\n", $2)); 1396 free(cfg_parser->cfg->pidfile); 1397 cfg_parser->cfg->pidfile = $2; 1398 } 1399 ; 1400 server_root_hints: VAR_ROOT_HINTS STRING_ARG 1401 { 1402 OUTYY(("P(server_root_hints:%s)\n", $2)); 1403 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2)) 1404 yyerror("out of memory"); 1405 } 1406 ; 1407 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG 1408 { 1409 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2)); 1410 log_warn("option dlv-anchor-file ignored: DLV is decommissioned"); 1411 free($2); 1412 } 1413 ; 1414 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG 1415 { 1416 OUTYY(("P(server_dlv_anchor:%s)\n", $2)); 1417 log_warn("option dlv-anchor ignored: DLV is decommissioned"); 1418 free($2); 1419 } 1420 ; 1421 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG 1422 { 1423 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2)); 1424 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1425 auto_trust_anchor_file_list, $2)) 1426 yyerror("out of memory"); 1427 } 1428 ; 1429 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG 1430 { 1431 OUTYY(("P(server_trust_anchor_file:%s)\n", $2)); 1432 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1433 trust_anchor_file_list, $2)) 1434 yyerror("out of memory"); 1435 } 1436 ; 1437 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG 1438 { 1439 OUTYY(("P(server_trusted_keys_file:%s)\n", $2)); 1440 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1441 trusted_keys_file_list, $2)) 1442 yyerror("out of memory"); 1443 } 1444 ; 1445 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG 1446 { 1447 OUTYY(("P(server_trust_anchor:%s)\n", $2)); 1448 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2)) 1449 yyerror("out of memory"); 1450 } 1451 ; 1452 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG 1453 { 1454 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2)); 1455 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1456 yyerror("expected yes or no."); 1457 else 1458 cfg_parser->cfg->trust_anchor_signaling = 1459 (strcmp($2, "yes")==0); 1460 free($2); 1461 } 1462 ; 1463 server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG 1464 { 1465 OUTYY(("P(server_root_key_sentinel:%s)\n", $2)); 1466 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1467 yyerror("expected yes or no."); 1468 else 1469 cfg_parser->cfg->root_key_sentinel = 1470 (strcmp($2, "yes")==0); 1471 free($2); 1472 } 1473 ; 1474 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG 1475 { 1476 OUTYY(("P(server_domain_insecure:%s)\n", $2)); 1477 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2)) 1478 yyerror("out of memory"); 1479 } 1480 ; 1481 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG 1482 { 1483 OUTYY(("P(server_hide_identity:%s)\n", $2)); 1484 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1485 yyerror("expected yes or no."); 1486 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0); 1487 free($2); 1488 } 1489 ; 1490 server_hide_version: VAR_HIDE_VERSION STRING_ARG 1491 { 1492 OUTYY(("P(server_hide_version:%s)\n", $2)); 1493 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1494 yyerror("expected yes or no."); 1495 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0); 1496 free($2); 1497 } 1498 ; 1499 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG 1500 { 1501 OUTYY(("P(server_hide_trustanchor:%s)\n", $2)); 1502 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1503 yyerror("expected yes or no."); 1504 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0); 1505 free($2); 1506 } 1507 ; 1508 server_hide_http_user_agent: VAR_HIDE_HTTP_USER_AGENT STRING_ARG 1509 { 1510 OUTYY(("P(server_hide_user_agent:%s)\n", $2)); 1511 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1512 yyerror("expected yes or no."); 1513 else cfg_parser->cfg->hide_http_user_agent = (strcmp($2, "yes")==0); 1514 free($2); 1515 } 1516 ; 1517 server_identity: VAR_IDENTITY STRING_ARG 1518 { 1519 OUTYY(("P(server_identity:%s)\n", $2)); 1520 free(cfg_parser->cfg->identity); 1521 cfg_parser->cfg->identity = $2; 1522 } 1523 ; 1524 server_version: VAR_VERSION STRING_ARG 1525 { 1526 OUTYY(("P(server_version:%s)\n", $2)); 1527 free(cfg_parser->cfg->version); 1528 cfg_parser->cfg->version = $2; 1529 } 1530 ; 1531 server_http_user_agent: VAR_HTTP_USER_AGENT STRING_ARG 1532 { 1533 OUTYY(("P(server_http_user_agent:%s)\n", $2)); 1534 free(cfg_parser->cfg->http_user_agent); 1535 cfg_parser->cfg->http_user_agent = $2; 1536 } 1537 ; 1538 server_nsid: VAR_NSID STRING_ARG 1539 { 1540 OUTYY(("P(server_nsid:%s)\n", $2)); 1541 free(cfg_parser->cfg->nsid_cfg_str); 1542 cfg_parser->cfg->nsid_cfg_str = $2; 1543 free(cfg_parser->cfg->nsid); 1544 cfg_parser->cfg->nsid = NULL; 1545 cfg_parser->cfg->nsid_len = 0; 1546 if (*$2 == 0) 1547 ; /* pass; empty string is not setting nsid */ 1548 else if (!(cfg_parser->cfg->nsid = cfg_parse_nsid( 1549 $2, &cfg_parser->cfg->nsid_len))) 1550 yyerror("the NSID must be either a hex string or an " 1551 "ascii character string prepended with ascii_."); 1552 } 1553 ; 1554 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG 1555 { 1556 OUTYY(("P(server_so_rcvbuf:%s)\n", $2)); 1557 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf)) 1558 yyerror("buffer size expected"); 1559 free($2); 1560 } 1561 ; 1562 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG 1563 { 1564 OUTYY(("P(server_so_sndbuf:%s)\n", $2)); 1565 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf)) 1566 yyerror("buffer size expected"); 1567 free($2); 1568 } 1569 ; 1570 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG 1571 { 1572 OUTYY(("P(server_so_reuseport:%s)\n", $2)); 1573 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1574 yyerror("expected yes or no."); 1575 else cfg_parser->cfg->so_reuseport = 1576 (strcmp($2, "yes")==0); 1577 free($2); 1578 } 1579 ; 1580 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG 1581 { 1582 OUTYY(("P(server_ip_transparent:%s)\n", $2)); 1583 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1584 yyerror("expected yes or no."); 1585 else cfg_parser->cfg->ip_transparent = 1586 (strcmp($2, "yes")==0); 1587 free($2); 1588 } 1589 ; 1590 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG 1591 { 1592 OUTYY(("P(server_ip_freebind:%s)\n", $2)); 1593 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1594 yyerror("expected yes or no."); 1595 else cfg_parser->cfg->ip_freebind = 1596 (strcmp($2, "yes")==0); 1597 free($2); 1598 } 1599 ; 1600 server_ip_dscp: VAR_IP_DSCP STRING_ARG 1601 { 1602 OUTYY(("P(server_ip_dscp:%s)\n", $2)); 1603 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1604 yyerror("number expected"); 1605 else if (atoi($2) > 63) 1606 yyerror("value too large (max 63)"); 1607 else if (atoi($2) < 0) 1608 yyerror("value too small (min 0)"); 1609 else 1610 cfg_parser->cfg->ip_dscp = atoi($2); 1611 free($2); 1612 } 1613 ; 1614 server_stream_wait_size: VAR_STREAM_WAIT_SIZE STRING_ARG 1615 { 1616 OUTYY(("P(server_stream_wait_size:%s)\n", $2)); 1617 if(!cfg_parse_memsize($2, &cfg_parser->cfg->stream_wait_size)) 1618 yyerror("memory size expected"); 1619 free($2); 1620 } 1621 ; 1622 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG 1623 { 1624 OUTYY(("P(server_edns_buffer_size:%s)\n", $2)); 1625 if(atoi($2) == 0) 1626 yyerror("number expected"); 1627 else if (atoi($2) < 12) 1628 yyerror("edns buffer size too small"); 1629 else if (atoi($2) > 65535) 1630 cfg_parser->cfg->edns_buffer_size = 65535; 1631 else cfg_parser->cfg->edns_buffer_size = atoi($2); 1632 free($2); 1633 } 1634 ; 1635 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG 1636 { 1637 OUTYY(("P(server_msg_buffer_size:%s)\n", $2)); 1638 if(atoi($2) == 0) 1639 yyerror("number expected"); 1640 else if (atoi($2) < 4096) 1641 yyerror("message buffer size too small (use 4096)"); 1642 else cfg_parser->cfg->msg_buffer_size = atoi($2); 1643 free($2); 1644 } 1645 ; 1646 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG 1647 { 1648 OUTYY(("P(server_msg_cache_size:%s)\n", $2)); 1649 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size)) 1650 yyerror("memory size expected"); 1651 free($2); 1652 } 1653 ; 1654 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG 1655 { 1656 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2)); 1657 if(atoi($2) == 0) { 1658 yyerror("number expected"); 1659 } else { 1660 cfg_parser->cfg->msg_cache_slabs = atoi($2); 1661 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs)) 1662 yyerror("must be a power of 2"); 1663 } 1664 free($2); 1665 } 1666 ; 1667 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG 1668 { 1669 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2)); 1670 if(atoi($2) == 0) 1671 yyerror("number expected"); 1672 else cfg_parser->cfg->num_queries_per_thread = atoi($2); 1673 free($2); 1674 } 1675 ; 1676 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG 1677 { 1678 OUTYY(("P(server_jostle_timeout:%s)\n", $2)); 1679 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1680 yyerror("number expected"); 1681 else cfg_parser->cfg->jostle_time = atoi($2); 1682 free($2); 1683 } 1684 ; 1685 server_delay_close: VAR_DELAY_CLOSE STRING_ARG 1686 { 1687 OUTYY(("P(server_delay_close:%s)\n", $2)); 1688 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1689 yyerror("number expected"); 1690 else cfg_parser->cfg->delay_close = atoi($2); 1691 free($2); 1692 } 1693 ; 1694 server_udp_connect: VAR_UDP_CONNECT STRING_ARG 1695 { 1696 OUTYY(("P(server_udp_connect:%s)\n", $2)); 1697 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1698 yyerror("expected yes or no."); 1699 else cfg_parser->cfg->udp_connect = (strcmp($2, "yes")==0); 1700 free($2); 1701 } 1702 ; 1703 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG 1704 { 1705 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2)); 1706 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1707 yyerror("expected yes or no."); 1708 else cfg_parser->cfg->unblock_lan_zones = 1709 (strcmp($2, "yes")==0); 1710 free($2); 1711 } 1712 ; 1713 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG 1714 { 1715 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2)); 1716 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1717 yyerror("expected yes or no."); 1718 else cfg_parser->cfg->insecure_lan_zones = 1719 (strcmp($2, "yes")==0); 1720 free($2); 1721 } 1722 ; 1723 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG 1724 { 1725 OUTYY(("P(server_rrset_cache_size:%s)\n", $2)); 1726 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size)) 1727 yyerror("memory size expected"); 1728 free($2); 1729 } 1730 ; 1731 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG 1732 { 1733 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2)); 1734 if(atoi($2) == 0) { 1735 yyerror("number expected"); 1736 } else { 1737 cfg_parser->cfg->rrset_cache_slabs = atoi($2); 1738 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs)) 1739 yyerror("must be a power of 2"); 1740 } 1741 free($2); 1742 } 1743 ; 1744 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG 1745 { 1746 OUTYY(("P(server_infra_host_ttl:%s)\n", $2)); 1747 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1748 yyerror("number expected"); 1749 else cfg_parser->cfg->host_ttl = atoi($2); 1750 free($2); 1751 } 1752 ; 1753 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG 1754 { 1755 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2)); 1756 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option " 1757 "removed, use infra-host-ttl)", $2); 1758 free($2); 1759 } 1760 ; 1761 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG 1762 { 1763 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2)); 1764 if(atoi($2) == 0) 1765 yyerror("number expected"); 1766 else cfg_parser->cfg->infra_cache_numhosts = atoi($2); 1767 free($2); 1768 } 1769 ; 1770 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG 1771 { 1772 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2)); 1773 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s " 1774 "(option removed, use infra-cache-numhosts)", $2); 1775 free($2); 1776 } 1777 ; 1778 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG 1779 { 1780 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2)); 1781 if(atoi($2) == 0) { 1782 yyerror("number expected"); 1783 } else { 1784 cfg_parser->cfg->infra_cache_slabs = atoi($2); 1785 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs)) 1786 yyerror("must be a power of 2"); 1787 } 1788 free($2); 1789 } 1790 ; 1791 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG 1792 { 1793 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2)); 1794 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1795 yyerror("number expected"); 1796 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2); 1797 free($2); 1798 } 1799 ; 1800 server_infra_cache_max_rtt: VAR_INFRA_CACHE_MAX_RTT STRING_ARG 1801 { 1802 OUTYY(("P(server_infra_cache_max_rtt:%s)\n", $2)); 1803 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1804 yyerror("number expected"); 1805 else cfg_parser->cfg->infra_cache_max_rtt = atoi($2); 1806 free($2); 1807 } 1808 ; 1809 server_infra_keep_probing: VAR_INFRA_KEEP_PROBING STRING_ARG 1810 { 1811 OUTYY(("P(server_infra_keep_probing:%s)\n", $2)); 1812 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1813 yyerror("expected yes or no."); 1814 else cfg_parser->cfg->infra_keep_probing = 1815 (strcmp($2, "yes")==0); 1816 free($2); 1817 } 1818 ; 1819 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG 1820 { 1821 OUTYY(("P(server_target_fetch_policy:%s)\n", $2)); 1822 free(cfg_parser->cfg->target_fetch_policy); 1823 cfg_parser->cfg->target_fetch_policy = $2; 1824 } 1825 ; 1826 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG 1827 { 1828 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2)); 1829 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1830 yyerror("expected yes or no."); 1831 else cfg_parser->cfg->harden_short_bufsize = 1832 (strcmp($2, "yes")==0); 1833 free($2); 1834 } 1835 ; 1836 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG 1837 { 1838 OUTYY(("P(server_harden_large_queries:%s)\n", $2)); 1839 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1840 yyerror("expected yes or no."); 1841 else cfg_parser->cfg->harden_large_queries = 1842 (strcmp($2, "yes")==0); 1843 free($2); 1844 } 1845 ; 1846 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG 1847 { 1848 OUTYY(("P(server_harden_glue:%s)\n", $2)); 1849 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1850 yyerror("expected yes or no."); 1851 else cfg_parser->cfg->harden_glue = 1852 (strcmp($2, "yes")==0); 1853 free($2); 1854 } 1855 ; 1856 server_harden_unverified_glue: VAR_HARDEN_UNVERIFIED_GLUE STRING_ARG 1857 { 1858 OUTYY(("P(server_harden_unverified_glue:%s)\n", $2)); 1859 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1860 yyerror("expected yes or no."); 1861 else cfg_parser->cfg->harden_unverified_glue = 1862 (strcmp($2, "yes")==0); 1863 free($2); 1864 } 1865 ; 1866 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG 1867 { 1868 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2)); 1869 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1870 yyerror("expected yes or no."); 1871 else cfg_parser->cfg->harden_dnssec_stripped = 1872 (strcmp($2, "yes")==0); 1873 free($2); 1874 } 1875 ; 1876 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG 1877 { 1878 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2)); 1879 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1880 yyerror("expected yes or no."); 1881 else cfg_parser->cfg->harden_below_nxdomain = 1882 (strcmp($2, "yes")==0); 1883 free($2); 1884 } 1885 ; 1886 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG 1887 { 1888 OUTYY(("P(server_harden_referral_path:%s)\n", $2)); 1889 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1890 yyerror("expected yes or no."); 1891 else cfg_parser->cfg->harden_referral_path = 1892 (strcmp($2, "yes")==0); 1893 free($2); 1894 } 1895 ; 1896 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG 1897 { 1898 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2)); 1899 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1900 yyerror("expected yes or no."); 1901 else cfg_parser->cfg->harden_algo_downgrade = 1902 (strcmp($2, "yes")==0); 1903 free($2); 1904 } 1905 ; 1906 server_harden_unknown_additional: VAR_HARDEN_UNKNOWN_ADDITIONAL STRING_ARG 1907 { 1908 OUTYY(("P(server_harden_unknown_additional:%s)\n", $2)); 1909 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1910 yyerror("expected yes or no."); 1911 else cfg_parser->cfg->harden_unknown_additional = 1912 (strcmp($2, "yes")==0); 1913 free($2); 1914 } 1915 ; 1916 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG 1917 { 1918 OUTYY(("P(server_use_caps_for_id:%s)\n", $2)); 1919 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1920 yyerror("expected yes or no."); 1921 else cfg_parser->cfg->use_caps_bits_for_id = 1922 (strcmp($2, "yes")==0); 1923 free($2); 1924 } 1925 ; 1926 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG 1927 { 1928 OUTYY(("P(server_caps_whitelist:%s)\n", $2)); 1929 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2)) 1930 yyerror("out of memory"); 1931 } 1932 ; 1933 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG 1934 { 1935 OUTYY(("P(server_private_address:%s)\n", $2)); 1936 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2)) 1937 yyerror("out of memory"); 1938 } 1939 ; 1940 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG 1941 { 1942 OUTYY(("P(server_private_domain:%s)\n", $2)); 1943 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2)) 1944 yyerror("out of memory"); 1945 } 1946 ; 1947 server_prefetch: VAR_PREFETCH STRING_ARG 1948 { 1949 OUTYY(("P(server_prefetch:%s)\n", $2)); 1950 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1951 yyerror("expected yes or no."); 1952 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0); 1953 free($2); 1954 } 1955 ; 1956 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG 1957 { 1958 OUTYY(("P(server_prefetch_key:%s)\n", $2)); 1959 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1960 yyerror("expected yes or no."); 1961 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0); 1962 free($2); 1963 } 1964 ; 1965 server_deny_any: VAR_DENY_ANY STRING_ARG 1966 { 1967 OUTYY(("P(server_deny_any:%s)\n", $2)); 1968 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1969 yyerror("expected yes or no."); 1970 else cfg_parser->cfg->deny_any = (strcmp($2, "yes")==0); 1971 free($2); 1972 } 1973 ; 1974 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG 1975 { 1976 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2)); 1977 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1978 yyerror("number expected"); 1979 else cfg_parser->cfg->unwanted_threshold = atoi($2); 1980 free($2); 1981 } 1982 ; 1983 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG 1984 { 1985 OUTYY(("P(server_do_not_query_address:%s)\n", $2)); 1986 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2)) 1987 yyerror("out of memory"); 1988 } 1989 ; 1990 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG 1991 { 1992 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2)); 1993 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1994 yyerror("expected yes or no."); 1995 else cfg_parser->cfg->donotquery_localhost = 1996 (strcmp($2, "yes")==0); 1997 free($2); 1998 } 1999 ; 2000 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG 2001 { 2002 OUTYY(("P(server_access_control:%s %s)\n", $2, $3)); 2003 validate_acl_action($3); 2004 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3)) 2005 fatal_exit("out of memory adding acl"); 2006 } 2007 ; 2008 server_interface_action: VAR_INTERFACE_ACTION STRING_ARG STRING_ARG 2009 { 2010 OUTYY(("P(server_interface_action:%s %s)\n", $2, $3)); 2011 validate_acl_action($3); 2012 if(!cfg_str2list_insert( 2013 &cfg_parser->cfg->interface_actions, $2, $3)) 2014 fatal_exit("out of memory adding acl"); 2015 } 2016 ; 2017 server_module_conf: VAR_MODULE_CONF STRING_ARG 2018 { 2019 OUTYY(("P(server_module_conf:%s)\n", $2)); 2020 free(cfg_parser->cfg->module_conf); 2021 cfg_parser->cfg->module_conf = $2; 2022 } 2023 ; 2024 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG 2025 { 2026 OUTYY(("P(server_val_override_date:%s)\n", $2)); 2027 if(*$2 == '\0' || strcmp($2, "0") == 0) { 2028 cfg_parser->cfg->val_date_override = 0; 2029 } else if(strlen($2) == 14) { 2030 cfg_parser->cfg->val_date_override = 2031 cfg_convert_timeval($2); 2032 if(!cfg_parser->cfg->val_date_override) 2033 yyerror("bad date/time specification"); 2034 } else { 2035 if(atoi($2) == 0) 2036 yyerror("number expected"); 2037 cfg_parser->cfg->val_date_override = atoi($2); 2038 } 2039 free($2); 2040 } 2041 ; 2042 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG 2043 { 2044 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2)); 2045 if(*$2 == '\0' || strcmp($2, "0") == 0) { 2046 cfg_parser->cfg->val_sig_skew_min = 0; 2047 } else { 2048 cfg_parser->cfg->val_sig_skew_min = atoi($2); 2049 if(!cfg_parser->cfg->val_sig_skew_min) 2050 yyerror("number expected"); 2051 } 2052 free($2); 2053 } 2054 ; 2055 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG 2056 { 2057 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2)); 2058 if(*$2 == '\0' || strcmp($2, "0") == 0) { 2059 cfg_parser->cfg->val_sig_skew_max = 0; 2060 } else { 2061 cfg_parser->cfg->val_sig_skew_max = atoi($2); 2062 if(!cfg_parser->cfg->val_sig_skew_max) 2063 yyerror("number expected"); 2064 } 2065 free($2); 2066 } 2067 ; 2068 server_val_max_restart: VAR_VAL_MAX_RESTART STRING_ARG 2069 { 2070 OUTYY(("P(server_val_max_restart:%s)\n", $2)); 2071 if(*$2 == '\0' || strcmp($2, "0") == 0) { 2072 cfg_parser->cfg->val_max_restart = 0; 2073 } else { 2074 cfg_parser->cfg->val_max_restart = atoi($2); 2075 if(!cfg_parser->cfg->val_max_restart) 2076 yyerror("number expected"); 2077 } 2078 free($2); 2079 } 2080 ; 2081 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG 2082 { 2083 OUTYY(("P(server_cache_max_ttl:%s)\n", $2)); 2084 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2085 yyerror("number expected"); 2086 else cfg_parser->cfg->max_ttl = atoi($2); 2087 free($2); 2088 } 2089 ; 2090 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG 2091 { 2092 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2)); 2093 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2094 yyerror("number expected"); 2095 else cfg_parser->cfg->max_negative_ttl = atoi($2); 2096 free($2); 2097 } 2098 ; 2099 server_cache_min_negative_ttl: VAR_CACHE_MIN_NEGATIVE_TTL STRING_ARG 2100 { 2101 OUTYY(("P(server_cache_min_negative_ttl:%s)\n", $2)); 2102 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2103 yyerror("number expected"); 2104 else cfg_parser->cfg->min_negative_ttl = atoi($2); 2105 free($2); 2106 } 2107 ; 2108 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG 2109 { 2110 OUTYY(("P(server_cache_min_ttl:%s)\n", $2)); 2111 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2112 yyerror("number expected"); 2113 else cfg_parser->cfg->min_ttl = atoi($2); 2114 free($2); 2115 } 2116 ; 2117 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG 2118 { 2119 OUTYY(("P(server_bogus_ttl:%s)\n", $2)); 2120 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2121 yyerror("number expected"); 2122 else cfg_parser->cfg->bogus_ttl = atoi($2); 2123 free($2); 2124 } 2125 ; 2126 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG 2127 { 2128 OUTYY(("P(server_val_clean_additional:%s)\n", $2)); 2129 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2130 yyerror("expected yes or no."); 2131 else cfg_parser->cfg->val_clean_additional = 2132 (strcmp($2, "yes")==0); 2133 free($2); 2134 } 2135 ; 2136 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG 2137 { 2138 OUTYY(("P(server_val_permissive_mode:%s)\n", $2)); 2139 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2140 yyerror("expected yes or no."); 2141 else cfg_parser->cfg->val_permissive_mode = 2142 (strcmp($2, "yes")==0); 2143 free($2); 2144 } 2145 ; 2146 server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG 2147 { 2148 OUTYY(("P(server_aggressive_nsec:%s)\n", $2)); 2149 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2150 yyerror("expected yes or no."); 2151 else 2152 cfg_parser->cfg->aggressive_nsec = 2153 (strcmp($2, "yes")==0); 2154 free($2); 2155 } 2156 ; 2157 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG 2158 { 2159 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2)); 2160 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2161 yyerror("expected yes or no."); 2162 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0); 2163 free($2); 2164 } 2165 ; 2166 server_disable_edns_do: VAR_DISABLE_EDNS_DO STRING_ARG 2167 { 2168 OUTYY(("P(server_disable_edns_do:%s)\n", $2)); 2169 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2170 yyerror("expected yes or no."); 2171 else cfg_parser->cfg->disable_edns_do = (strcmp($2, "yes")==0); 2172 free($2); 2173 } 2174 ; 2175 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG 2176 { 2177 OUTYY(("P(server_serve_expired:%s)\n", $2)); 2178 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2179 yyerror("expected yes or no."); 2180 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0); 2181 free($2); 2182 } 2183 ; 2184 server_serve_expired_ttl: VAR_SERVE_EXPIRED_TTL STRING_ARG 2185 { 2186 OUTYY(("P(server_serve_expired_ttl:%s)\n", $2)); 2187 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2188 yyerror("number expected"); 2189 else cfg_parser->cfg->serve_expired_ttl = atoi($2); 2190 free($2); 2191 } 2192 ; 2193 server_serve_expired_ttl_reset: VAR_SERVE_EXPIRED_TTL_RESET STRING_ARG 2194 { 2195 OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", $2)); 2196 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2197 yyerror("expected yes or no."); 2198 else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp($2, "yes")==0); 2199 free($2); 2200 } 2201 ; 2202 server_serve_expired_reply_ttl: VAR_SERVE_EXPIRED_REPLY_TTL STRING_ARG 2203 { 2204 OUTYY(("P(server_serve_expired_reply_ttl:%s)\n", $2)); 2205 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2206 yyerror("number expected"); 2207 else cfg_parser->cfg->serve_expired_reply_ttl = atoi($2); 2208 free($2); 2209 } 2210 ; 2211 server_serve_expired_client_timeout: VAR_SERVE_EXPIRED_CLIENT_TIMEOUT STRING_ARG 2212 { 2213 OUTYY(("P(server_serve_expired_client_timeout:%s)\n", $2)); 2214 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2215 yyerror("number expected"); 2216 else cfg_parser->cfg->serve_expired_client_timeout = atoi($2); 2217 free($2); 2218 } 2219 ; 2220 server_ede_serve_expired: VAR_EDE_SERVE_EXPIRED STRING_ARG 2221 { 2222 OUTYY(("P(server_ede_serve_expired:%s)\n", $2)); 2223 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2224 yyerror("expected yes or no."); 2225 else cfg_parser->cfg->ede_serve_expired = (strcmp($2, "yes")==0); 2226 free($2); 2227 } 2228 ; 2229 server_serve_original_ttl: VAR_SERVE_ORIGINAL_TTL STRING_ARG 2230 { 2231 OUTYY(("P(server_serve_original_ttl:%s)\n", $2)); 2232 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2233 yyerror("expected yes or no."); 2234 else cfg_parser->cfg->serve_original_ttl = (strcmp($2, "yes")==0); 2235 free($2); 2236 } 2237 ; 2238 server_fake_dsa: VAR_FAKE_DSA STRING_ARG 2239 { 2240 OUTYY(("P(server_fake_dsa:%s)\n", $2)); 2241 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2242 yyerror("expected yes or no."); 2243 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 2244 else fake_dsa = (strcmp($2, "yes")==0); 2245 if(fake_dsa) 2246 log_warn("test option fake_dsa is enabled"); 2247 #endif 2248 free($2); 2249 } 2250 ; 2251 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG 2252 { 2253 OUTYY(("P(server_fake_sha1:%s)\n", $2)); 2254 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2255 yyerror("expected yes or no."); 2256 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 2257 else fake_sha1 = (strcmp($2, "yes")==0); 2258 if(fake_sha1) 2259 log_warn("test option fake_sha1 is enabled"); 2260 #endif 2261 free($2); 2262 } 2263 ; 2264 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG 2265 { 2266 OUTYY(("P(server_val_log_level:%s)\n", $2)); 2267 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2268 yyerror("number expected"); 2269 else cfg_parser->cfg->val_log_level = atoi($2); 2270 free($2); 2271 } 2272 ; 2273 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG 2274 { 2275 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2)); 2276 free(cfg_parser->cfg->val_nsec3_key_iterations); 2277 cfg_parser->cfg->val_nsec3_key_iterations = $2; 2278 } 2279 ; 2280 server_zonemd_permissive_mode: VAR_ZONEMD_PERMISSIVE_MODE STRING_ARG 2281 { 2282 OUTYY(("P(server_zonemd_permissive_mode:%s)\n", $2)); 2283 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2284 yyerror("expected yes or no."); 2285 else cfg_parser->cfg->zonemd_permissive_mode = (strcmp($2, "yes")==0); 2286 free($2); 2287 } 2288 ; 2289 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG 2290 { 2291 OUTYY(("P(server_add_holddown:%s)\n", $2)); 2292 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2293 yyerror("number expected"); 2294 else cfg_parser->cfg->add_holddown = atoi($2); 2295 free($2); 2296 } 2297 ; 2298 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG 2299 { 2300 OUTYY(("P(server_del_holddown:%s)\n", $2)); 2301 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2302 yyerror("number expected"); 2303 else cfg_parser->cfg->del_holddown = atoi($2); 2304 free($2); 2305 } 2306 ; 2307 server_keep_missing: VAR_KEEP_MISSING STRING_ARG 2308 { 2309 OUTYY(("P(server_keep_missing:%s)\n", $2)); 2310 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2311 yyerror("number expected"); 2312 else cfg_parser->cfg->keep_missing = atoi($2); 2313 free($2); 2314 } 2315 ; 2316 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG 2317 { 2318 OUTYY(("P(server_permit_small_holddown:%s)\n", $2)); 2319 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2320 yyerror("expected yes or no."); 2321 else cfg_parser->cfg->permit_small_holddown = 2322 (strcmp($2, "yes")==0); 2323 free($2); 2324 } 2325 ; 2326 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG 2327 { 2328 OUTYY(("P(server_key_cache_size:%s)\n", $2)); 2329 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size)) 2330 yyerror("memory size expected"); 2331 free($2); 2332 } 2333 ; 2334 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG 2335 { 2336 OUTYY(("P(server_key_cache_slabs:%s)\n", $2)); 2337 if(atoi($2) == 0) { 2338 yyerror("number expected"); 2339 } else { 2340 cfg_parser->cfg->key_cache_slabs = atoi($2); 2341 if(!is_pow2(cfg_parser->cfg->key_cache_slabs)) 2342 yyerror("must be a power of 2"); 2343 } 2344 free($2); 2345 } 2346 ; 2347 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG 2348 { 2349 OUTYY(("P(server_neg_cache_size:%s)\n", $2)); 2350 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size)) 2351 yyerror("memory size expected"); 2352 free($2); 2353 } 2354 ; 2355 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 2356 { 2357 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3)); 2358 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 2359 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 2360 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 2361 && strcmp($3, "typetransparent")!=0 2362 && strcmp($3, "always_transparent")!=0 2363 && strcmp($3, "block_a")!=0 2364 && strcmp($3, "always_refuse")!=0 2365 && strcmp($3, "always_nxdomain")!=0 2366 && strcmp($3, "always_nodata")!=0 2367 && strcmp($3, "always_deny")!=0 2368 && strcmp($3, "always_null")!=0 2369 && strcmp($3, "noview")!=0 2370 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 2371 && strcmp($3, "inform_redirect") != 0 2372 && strcmp($3, "ipset") != 0) { 2373 yyerror("local-zone type: expected static, deny, " 2374 "refuse, redirect, transparent, " 2375 "typetransparent, inform, inform_deny, " 2376 "inform_redirect, always_transparent, block_a," 2377 "always_refuse, always_nxdomain, " 2378 "always_nodata, always_deny, always_null, " 2379 "noview, nodefault or ipset"); 2380 free($2); 2381 free($3); 2382 } else if(strcmp($3, "nodefault")==0) { 2383 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2384 local_zones_nodefault, $2)) 2385 fatal_exit("out of memory adding local-zone"); 2386 free($3); 2387 #ifdef USE_IPSET 2388 } else if(strcmp($3, "ipset")==0) { 2389 size_t len = strlen($2); 2390 /* Make sure to add the trailing dot. 2391 * These are str compared to domain names. */ 2392 if($2[len-1] != '.') { 2393 if(!($2 = realloc($2, len+2))) { 2394 fatal_exit("out of memory adding local-zone"); 2395 } 2396 $2[len] = '.'; 2397 $2[len+1] = 0; 2398 } 2399 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2400 local_zones_ipset, $2)) 2401 fatal_exit("out of memory adding local-zone"); 2402 free($3); 2403 #endif 2404 } else { 2405 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones, 2406 $2, $3)) 2407 fatal_exit("out of memory adding local-zone"); 2408 } 2409 } 2410 ; 2411 server_local_data: VAR_LOCAL_DATA STRING_ARG 2412 { 2413 OUTYY(("P(server_local_data:%s)\n", $2)); 2414 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2)) 2415 fatal_exit("out of memory adding local-data"); 2416 } 2417 ; 2418 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 2419 { 2420 char* ptr; 2421 OUTYY(("P(server_local_data_ptr:%s)\n", $2)); 2422 ptr = cfg_ptr_reverse($2); 2423 free($2); 2424 if(ptr) { 2425 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2426 local_data, ptr)) 2427 fatal_exit("out of memory adding local-data"); 2428 } else { 2429 yyerror("local-data-ptr could not be reversed"); 2430 } 2431 } 2432 ; 2433 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG 2434 { 2435 OUTYY(("P(server_minimal_responses:%s)\n", $2)); 2436 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2437 yyerror("expected yes or no."); 2438 else cfg_parser->cfg->minimal_responses = 2439 (strcmp($2, "yes")==0); 2440 free($2); 2441 } 2442 ; 2443 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG 2444 { 2445 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2)); 2446 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2447 yyerror("expected yes or no."); 2448 else cfg_parser->cfg->rrset_roundrobin = 2449 (strcmp($2, "yes")==0); 2450 free($2); 2451 } 2452 ; 2453 server_unknown_server_time_limit: VAR_UNKNOWN_SERVER_TIME_LIMIT STRING_ARG 2454 { 2455 OUTYY(("P(server_unknown_server_time_limit:%s)\n", $2)); 2456 cfg_parser->cfg->unknown_server_time_limit = atoi($2); 2457 free($2); 2458 } 2459 ; 2460 server_discard_timeout: VAR_DISCARD_TIMEOUT STRING_ARG 2461 { 2462 OUTYY(("P(server_discard_timeout:%s)\n", $2)); 2463 cfg_parser->cfg->discard_timeout = atoi($2); 2464 free($2); 2465 } 2466 ; 2467 server_wait_limit: VAR_WAIT_LIMIT STRING_ARG 2468 { 2469 OUTYY(("P(server_wait_limit:%s)\n", $2)); 2470 cfg_parser->cfg->wait_limit = atoi($2); 2471 free($2); 2472 } 2473 ; 2474 server_wait_limit_cookie: VAR_WAIT_LIMIT_COOKIE STRING_ARG 2475 { 2476 OUTYY(("P(server_wait_limit_cookie:%s)\n", $2)); 2477 cfg_parser->cfg->wait_limit_cookie = atoi($2); 2478 free($2); 2479 } 2480 ; 2481 server_wait_limit_netblock: VAR_WAIT_LIMIT_NETBLOCK STRING_ARG STRING_ARG 2482 { 2483 OUTYY(("P(server_wait_limit_netblock:%s %s)\n", $2, $3)); 2484 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2485 yyerror("number expected"); 2486 free($2); 2487 free($3); 2488 } else { 2489 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2490 wait_limit_netblock, $2, $3)) 2491 fatal_exit("out of memory adding " 2492 "wait-limit-netblock"); 2493 } 2494 } 2495 ; 2496 server_wait_limit_cookie_netblock: VAR_WAIT_LIMIT_COOKIE_NETBLOCK STRING_ARG STRING_ARG 2497 { 2498 OUTYY(("P(server_wait_limit_cookie_netblock:%s %s)\n", $2, $3)); 2499 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2500 yyerror("number expected"); 2501 free($2); 2502 free($3); 2503 } else { 2504 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2505 wait_limit_cookie_netblock, $2, $3)) 2506 fatal_exit("out of memory adding " 2507 "wait-limit-cookie-netblock"); 2508 } 2509 } 2510 ; 2511 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG 2512 { 2513 OUTYY(("P(server_max_udp_size:%s)\n", $2)); 2514 cfg_parser->cfg->max_udp_size = atoi($2); 2515 free($2); 2516 } 2517 ; 2518 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG 2519 { 2520 OUTYY(("P(dns64_prefix:%s)\n", $2)); 2521 free(cfg_parser->cfg->dns64_prefix); 2522 cfg_parser->cfg->dns64_prefix = $2; 2523 } 2524 ; 2525 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG 2526 { 2527 OUTYY(("P(server_dns64_synthall:%s)\n", $2)); 2528 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2529 yyerror("expected yes or no."); 2530 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0); 2531 free($2); 2532 } 2533 ; 2534 server_dns64_ignore_aaaa: VAR_DNS64_IGNORE_AAAA STRING_ARG 2535 { 2536 OUTYY(("P(dns64_ignore_aaaa:%s)\n", $2)); 2537 if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa, 2538 $2)) 2539 fatal_exit("out of memory adding dns64-ignore-aaaa"); 2540 } 2541 ; 2542 server_nat64_prefix: VAR_NAT64_PREFIX STRING_ARG 2543 { 2544 OUTYY(("P(nat64_prefix:%s)\n", $2)); 2545 free(cfg_parser->cfg->nat64_prefix); 2546 cfg_parser->cfg->nat64_prefix = $2; 2547 } 2548 ; 2549 server_define_tag: VAR_DEFINE_TAG STRING_ARG 2550 { 2551 char* p, *s = $2; 2552 OUTYY(("P(server_define_tag:%s)\n", $2)); 2553 while((p=strsep(&s, " \t\n")) != NULL) { 2554 if(*p) { 2555 if(!config_add_tag(cfg_parser->cfg, p)) 2556 yyerror("could not define-tag, " 2557 "out of memory"); 2558 } 2559 } 2560 free($2); 2561 } 2562 ; 2563 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG 2564 { 2565 size_t len = 0; 2566 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2567 &len); 2568 free($3); 2569 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 2570 if(!bitlist) { 2571 yyerror("could not parse tags, (define-tag them first)"); 2572 free($2); 2573 } 2574 if(bitlist) { 2575 if(!cfg_strbytelist_insert( 2576 &cfg_parser->cfg->local_zone_tags, 2577 $2, bitlist, len)) { 2578 yyerror("out of memory"); 2579 free($2); 2580 } 2581 } 2582 } 2583 ; 2584 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG 2585 { 2586 size_t len = 0; 2587 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2588 &len); 2589 free($3); 2590 OUTYY(("P(server_access_control_tag:%s)\n", $2)); 2591 if(!bitlist) { 2592 yyerror("could not parse tags, (define-tag them first)"); 2593 free($2); 2594 } 2595 if(bitlist) { 2596 if(!cfg_strbytelist_insert( 2597 &cfg_parser->cfg->acl_tags, 2598 $2, bitlist, len)) { 2599 yyerror("out of memory"); 2600 free($2); 2601 } 2602 } 2603 } 2604 ; 2605 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2606 { 2607 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4)); 2608 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions, 2609 $2, $3, $4)) { 2610 yyerror("out of memory"); 2611 free($2); 2612 free($3); 2613 free($4); 2614 } 2615 } 2616 ; 2617 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2618 { 2619 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4)); 2620 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas, 2621 $2, $3, $4)) { 2622 yyerror("out of memory"); 2623 free($2); 2624 free($3); 2625 free($4); 2626 } 2627 } 2628 ; 2629 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG 2630 { 2631 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4)); 2632 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides, 2633 $2, $3, $4)) { 2634 yyerror("out of memory"); 2635 free($2); 2636 free($3); 2637 free($4); 2638 } 2639 } 2640 ; 2641 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG 2642 { 2643 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3)); 2644 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view, 2645 $2, $3)) { 2646 yyerror("out of memory"); 2647 } 2648 } 2649 ; 2650 server_interface_tag: VAR_INTERFACE_TAG STRING_ARG STRING_ARG 2651 { 2652 size_t len = 0; 2653 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2654 &len); 2655 free($3); 2656 OUTYY(("P(server_interface_tag:%s)\n", $2)); 2657 if(!bitlist) { 2658 yyerror("could not parse tags, (define-tag them first)"); 2659 free($2); 2660 } 2661 if(bitlist) { 2662 if(!cfg_strbytelist_insert( 2663 &cfg_parser->cfg->interface_tags, 2664 $2, bitlist, len)) { 2665 yyerror("out of memory"); 2666 free($2); 2667 } 2668 } 2669 } 2670 ; 2671 server_interface_tag_action: VAR_INTERFACE_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2672 { 2673 OUTYY(("P(server_interface_tag_action:%s %s %s)\n", $2, $3, $4)); 2674 if(!cfg_str3list_insert(&cfg_parser->cfg->interface_tag_actions, 2675 $2, $3, $4)) { 2676 yyerror("out of memory"); 2677 free($2); 2678 free($3); 2679 free($4); 2680 } 2681 } 2682 ; 2683 server_interface_tag_data: VAR_INTERFACE_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2684 { 2685 OUTYY(("P(server_interface_tag_data:%s %s %s)\n", $2, $3, $4)); 2686 if(!cfg_str3list_insert(&cfg_parser->cfg->interface_tag_datas, 2687 $2, $3, $4)) { 2688 yyerror("out of memory"); 2689 free($2); 2690 free($3); 2691 free($4); 2692 } 2693 } 2694 ; 2695 server_interface_view: VAR_INTERFACE_VIEW STRING_ARG STRING_ARG 2696 { 2697 OUTYY(("P(server_interface_view:%s %s)\n", $2, $3)); 2698 if(!cfg_str2list_insert(&cfg_parser->cfg->interface_view, 2699 $2, $3)) { 2700 yyerror("out of memory"); 2701 } 2702 } 2703 ; 2704 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG 2705 { 2706 size_t len = 0; 2707 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2708 &len); 2709 free($3); 2710 OUTYY(("P(response_ip_tag:%s)\n", $2)); 2711 if(!bitlist) { 2712 yyerror("could not parse tags, (define-tag them first)"); 2713 free($2); 2714 } 2715 if(bitlist) { 2716 if(!cfg_strbytelist_insert( 2717 &cfg_parser->cfg->respip_tags, 2718 $2, bitlist, len)) { 2719 yyerror("out of memory"); 2720 free($2); 2721 } 2722 } 2723 } 2724 ; 2725 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG 2726 { 2727 OUTYY(("P(server_ip_ratelimit:%s)\n", $2)); 2728 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2729 yyerror("number expected"); 2730 else cfg_parser->cfg->ip_ratelimit = atoi($2); 2731 free($2); 2732 } 2733 ; 2734 server_ip_ratelimit_cookie: VAR_IP_RATELIMIT_COOKIE STRING_ARG 2735 { 2736 OUTYY(("P(server_ip_ratelimit_cookie:%s)\n", $2)); 2737 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2738 yyerror("number expected"); 2739 else cfg_parser->cfg->ip_ratelimit_cookie = atoi($2); 2740 free($2); 2741 } 2742 ; 2743 server_ratelimit: VAR_RATELIMIT STRING_ARG 2744 { 2745 OUTYY(("P(server_ratelimit:%s)\n", $2)); 2746 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2747 yyerror("number expected"); 2748 else cfg_parser->cfg->ratelimit = atoi($2); 2749 free($2); 2750 } 2751 ; 2752 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG 2753 { 2754 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2)); 2755 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size)) 2756 yyerror("memory size expected"); 2757 free($2); 2758 } 2759 ; 2760 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG 2761 { 2762 OUTYY(("P(server_ratelimit_size:%s)\n", $2)); 2763 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size)) 2764 yyerror("memory size expected"); 2765 free($2); 2766 } 2767 ; 2768 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG 2769 { 2770 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2)); 2771 if(atoi($2) == 0) { 2772 yyerror("number expected"); 2773 } else { 2774 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2); 2775 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs)) 2776 yyerror("must be a power of 2"); 2777 } 2778 free($2); 2779 } 2780 ; 2781 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG 2782 { 2783 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2)); 2784 if(atoi($2) == 0) { 2785 yyerror("number expected"); 2786 } else { 2787 cfg_parser->cfg->ratelimit_slabs = atoi($2); 2788 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs)) 2789 yyerror("must be a power of 2"); 2790 } 2791 free($2); 2792 } 2793 ; 2794 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG 2795 { 2796 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3)); 2797 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2798 yyerror("number expected"); 2799 free($2); 2800 free($3); 2801 } else { 2802 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2803 ratelimit_for_domain, $2, $3)) 2804 fatal_exit("out of memory adding " 2805 "ratelimit-for-domain"); 2806 } 2807 } 2808 ; 2809 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG 2810 { 2811 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3)); 2812 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2813 yyerror("number expected"); 2814 free($2); 2815 free($3); 2816 } else { 2817 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2818 ratelimit_below_domain, $2, $3)) 2819 fatal_exit("out of memory adding " 2820 "ratelimit-below-domain"); 2821 } 2822 } 2823 ; 2824 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG 2825 { 2826 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2)); 2827 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2828 yyerror("number expected"); 2829 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2); 2830 free($2); 2831 } 2832 ; 2833 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG 2834 { 2835 OUTYY(("P(server_ratelimit_factor:%s)\n", $2)); 2836 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2837 yyerror("number expected"); 2838 else cfg_parser->cfg->ratelimit_factor = atoi($2); 2839 free($2); 2840 } 2841 ; 2842 server_ip_ratelimit_backoff: VAR_IP_RATELIMIT_BACKOFF STRING_ARG 2843 { 2844 OUTYY(("P(server_ip_ratelimit_backoff:%s)\n", $2)); 2845 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2846 yyerror("expected yes or no."); 2847 else cfg_parser->cfg->ip_ratelimit_backoff = 2848 (strcmp($2, "yes")==0); 2849 free($2); 2850 } 2851 ; 2852 server_ratelimit_backoff: VAR_RATELIMIT_BACKOFF STRING_ARG 2853 { 2854 OUTYY(("P(server_ratelimit_backoff:%s)\n", $2)); 2855 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2856 yyerror("expected yes or no."); 2857 else cfg_parser->cfg->ratelimit_backoff = 2858 (strcmp($2, "yes")==0); 2859 free($2); 2860 } 2861 ; 2862 server_outbound_msg_retry: VAR_OUTBOUND_MSG_RETRY STRING_ARG 2863 { 2864 OUTYY(("P(server_outbound_msg_retry:%s)\n", $2)); 2865 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2866 yyerror("number expected"); 2867 else cfg_parser->cfg->outbound_msg_retry = atoi($2); 2868 free($2); 2869 } 2870 ; 2871 server_max_sent_count: VAR_MAX_SENT_COUNT STRING_ARG 2872 { 2873 OUTYY(("P(server_max_sent_count:%s)\n", $2)); 2874 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2875 yyerror("number expected"); 2876 else cfg_parser->cfg->max_sent_count = atoi($2); 2877 free($2); 2878 } 2879 ; 2880 server_max_query_restarts: VAR_MAX_QUERY_RESTARTS STRING_ARG 2881 { 2882 OUTYY(("P(server_max_query_restarts:%s)\n", $2)); 2883 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2884 yyerror("number expected"); 2885 else cfg_parser->cfg->max_query_restarts = atoi($2); 2886 free($2); 2887 } 2888 ; 2889 server_low_rtt: VAR_LOW_RTT STRING_ARG 2890 { 2891 OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n")); 2892 free($2); 2893 } 2894 ; 2895 server_fast_server_num: VAR_FAST_SERVER_NUM STRING_ARG 2896 { 2897 OUTYY(("P(server_fast_server_num:%s)\n", $2)); 2898 if(atoi($2) <= 0) 2899 yyerror("number expected"); 2900 else cfg_parser->cfg->fast_server_num = atoi($2); 2901 free($2); 2902 } 2903 ; 2904 server_fast_server_permil: VAR_FAST_SERVER_PERMIL STRING_ARG 2905 { 2906 OUTYY(("P(server_fast_server_permil:%s)\n", $2)); 2907 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2908 yyerror("number expected"); 2909 else cfg_parser->cfg->fast_server_permil = atoi($2); 2910 free($2); 2911 } 2912 ; 2913 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG 2914 { 2915 OUTYY(("P(server_qname_minimisation:%s)\n", $2)); 2916 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2917 yyerror("expected yes or no."); 2918 else cfg_parser->cfg->qname_minimisation = 2919 (strcmp($2, "yes")==0); 2920 free($2); 2921 } 2922 ; 2923 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG 2924 { 2925 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2)); 2926 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2927 yyerror("expected yes or no."); 2928 else cfg_parser->cfg->qname_minimisation_strict = 2929 (strcmp($2, "yes")==0); 2930 free($2); 2931 } 2932 ; 2933 server_pad_responses: VAR_PAD_RESPONSES STRING_ARG 2934 { 2935 OUTYY(("P(server_pad_responses:%s)\n", $2)); 2936 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2937 yyerror("expected yes or no."); 2938 else cfg_parser->cfg->pad_responses = 2939 (strcmp($2, "yes")==0); 2940 free($2); 2941 } 2942 ; 2943 server_pad_responses_block_size: VAR_PAD_RESPONSES_BLOCK_SIZE STRING_ARG 2944 { 2945 OUTYY(("P(server_pad_responses_block_size:%s)\n", $2)); 2946 if(atoi($2) == 0) 2947 yyerror("number expected"); 2948 else cfg_parser->cfg->pad_responses_block_size = atoi($2); 2949 free($2); 2950 } 2951 ; 2952 server_pad_queries: VAR_PAD_QUERIES STRING_ARG 2953 { 2954 OUTYY(("P(server_pad_queries:%s)\n", $2)); 2955 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2956 yyerror("expected yes or no."); 2957 else cfg_parser->cfg->pad_queries = 2958 (strcmp($2, "yes")==0); 2959 free($2); 2960 } 2961 ; 2962 server_pad_queries_block_size: VAR_PAD_QUERIES_BLOCK_SIZE STRING_ARG 2963 { 2964 OUTYY(("P(server_pad_queries_block_size:%s)\n", $2)); 2965 if(atoi($2) == 0) 2966 yyerror("number expected"); 2967 else cfg_parser->cfg->pad_queries_block_size = atoi($2); 2968 free($2); 2969 } 2970 ; 2971 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG 2972 { 2973 #ifdef USE_IPSECMOD 2974 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2)); 2975 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2976 yyerror("expected yes or no."); 2977 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0); 2978 #else 2979 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2980 #endif 2981 free($2); 2982 } 2983 ; 2984 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG 2985 { 2986 #ifdef USE_IPSECMOD 2987 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2)); 2988 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2989 yyerror("expected yes or no."); 2990 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0); 2991 #else 2992 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2993 #endif 2994 free($2); 2995 } 2996 ; 2997 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG 2998 { 2999 #ifdef USE_IPSECMOD 3000 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2)); 3001 free(cfg_parser->cfg->ipsecmod_hook); 3002 cfg_parser->cfg->ipsecmod_hook = $2; 3003 #else 3004 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 3005 free($2); 3006 #endif 3007 } 3008 ; 3009 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG 3010 { 3011 #ifdef USE_IPSECMOD 3012 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2)); 3013 if(atoi($2) == 0 && strcmp($2, "0") != 0) 3014 yyerror("number expected"); 3015 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2); 3016 free($2); 3017 #else 3018 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 3019 free($2); 3020 #endif 3021 } 3022 ; 3023 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG 3024 { 3025 #ifdef USE_IPSECMOD 3026 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2)); 3027 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2)) 3028 yyerror("out of memory"); 3029 #else 3030 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 3031 free($2); 3032 #endif 3033 } 3034 ; 3035 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG 3036 { 3037 #ifdef USE_IPSECMOD 3038 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2)); 3039 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3040 yyerror("expected yes or no."); 3041 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0); 3042 free($2); 3043 #else 3044 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 3045 free($2); 3046 #endif 3047 } 3048 ; 3049 server_edns_client_string: VAR_EDNS_CLIENT_STRING STRING_ARG STRING_ARG 3050 { 3051 OUTYY(("P(server_edns_client_string:%s %s)\n", $2, $3)); 3052 if(!cfg_str2list_insert( 3053 &cfg_parser->cfg->edns_client_strings, $2, $3)) 3054 fatal_exit("out of memory adding " 3055 "edns-client-string"); 3056 } 3057 ; 3058 server_edns_client_string_opcode: VAR_EDNS_CLIENT_STRING_OPCODE STRING_ARG 3059 { 3060 OUTYY(("P(edns_client_string_opcode:%s)\n", $2)); 3061 if(atoi($2) == 0 && strcmp($2, "0") != 0) 3062 yyerror("option code expected"); 3063 else if(atoi($2) > 65535 || atoi($2) < 0) 3064 yyerror("option code must be in interval [0, 65535]"); 3065 else cfg_parser->cfg->edns_client_string_opcode = atoi($2); 3066 free($2); 3067 } 3068 ; 3069 server_ede: VAR_EDE STRING_ARG 3070 { 3071 OUTYY(("P(server_ede:%s)\n", $2)); 3072 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3073 yyerror("expected yes or no."); 3074 else cfg_parser->cfg->ede = (strcmp($2, "yes")==0); 3075 free($2); 3076 } 3077 ; 3078 server_dns_error_reporting: VAR_DNS_ERROR_REPORTING STRING_ARG 3079 { 3080 OUTYY(("P(server_dns_error_reporting:%s)\n", $2)); 3081 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3082 yyerror("expected yes or no."); 3083 else cfg_parser->cfg->dns_error_reporting = (strcmp($2, "yes")==0); 3084 free($2); 3085 } 3086 ; 3087 server_proxy_protocol_port: VAR_PROXY_PROTOCOL_PORT STRING_ARG 3088 { 3089 OUTYY(("P(server_proxy_protocol_port:%s)\n", $2)); 3090 if(!cfg_strlist_insert(&cfg_parser->cfg->proxy_protocol_port, $2)) 3091 yyerror("out of memory"); 3092 } 3093 ; 3094 stub_name: VAR_NAME STRING_ARG 3095 { 3096 OUTYY(("P(name:%s)\n", $2)); 3097 if(cfg_parser->cfg->stubs->name) 3098 yyerror("stub name override, there must be one name " 3099 "for one stub-zone"); 3100 free(cfg_parser->cfg->stubs->name); 3101 cfg_parser->cfg->stubs->name = $2; 3102 } 3103 ; 3104 stub_host: VAR_STUB_HOST STRING_ARG 3105 { 3106 OUTYY(("P(stub-host:%s)\n", $2)); 3107 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2)) 3108 yyerror("out of memory"); 3109 } 3110 ; 3111 stub_addr: VAR_STUB_ADDR STRING_ARG 3112 { 3113 OUTYY(("P(stub-addr:%s)\n", $2)); 3114 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2)) 3115 yyerror("out of memory"); 3116 } 3117 ; 3118 stub_first: VAR_STUB_FIRST STRING_ARG 3119 { 3120 OUTYY(("P(stub-first:%s)\n", $2)); 3121 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3122 yyerror("expected yes or no."); 3123 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0); 3124 free($2); 3125 } 3126 ; 3127 stub_no_cache: VAR_STUB_NO_CACHE STRING_ARG 3128 { 3129 OUTYY(("P(stub-no-cache:%s)\n", $2)); 3130 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3131 yyerror("expected yes or no."); 3132 else cfg_parser->cfg->stubs->no_cache=(strcmp($2, "yes")==0); 3133 free($2); 3134 } 3135 ; 3136 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG 3137 { 3138 OUTYY(("P(stub-ssl-upstream:%s)\n", $2)); 3139 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3140 yyerror("expected yes or no."); 3141 else cfg_parser->cfg->stubs->ssl_upstream = 3142 (strcmp($2, "yes")==0); 3143 free($2); 3144 } 3145 ; 3146 stub_tcp_upstream: VAR_STUB_TCP_UPSTREAM STRING_ARG 3147 { 3148 OUTYY(("P(stub-tcp-upstream:%s)\n", $2)); 3149 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3150 yyerror("expected yes or no."); 3151 else cfg_parser->cfg->stubs->tcp_upstream = 3152 (strcmp($2, "yes")==0); 3153 free($2); 3154 } 3155 ; 3156 stub_prime: VAR_STUB_PRIME STRING_ARG 3157 { 3158 OUTYY(("P(stub-prime:%s)\n", $2)); 3159 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3160 yyerror("expected yes or no."); 3161 else cfg_parser->cfg->stubs->isprime = 3162 (strcmp($2, "yes")==0); 3163 free($2); 3164 } 3165 ; 3166 forward_name: VAR_NAME STRING_ARG 3167 { 3168 OUTYY(("P(name:%s)\n", $2)); 3169 if(cfg_parser->cfg->forwards->name) 3170 yyerror("forward name override, there must be one " 3171 "name for one forward-zone"); 3172 free(cfg_parser->cfg->forwards->name); 3173 cfg_parser->cfg->forwards->name = $2; 3174 } 3175 ; 3176 forward_host: VAR_FORWARD_HOST STRING_ARG 3177 { 3178 OUTYY(("P(forward-host:%s)\n", $2)); 3179 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2)) 3180 yyerror("out of memory"); 3181 } 3182 ; 3183 forward_addr: VAR_FORWARD_ADDR STRING_ARG 3184 { 3185 OUTYY(("P(forward-addr:%s)\n", $2)); 3186 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2)) 3187 yyerror("out of memory"); 3188 } 3189 ; 3190 forward_first: VAR_FORWARD_FIRST STRING_ARG 3191 { 3192 OUTYY(("P(forward-first:%s)\n", $2)); 3193 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3194 yyerror("expected yes or no."); 3195 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0); 3196 free($2); 3197 } 3198 ; 3199 forward_no_cache: VAR_FORWARD_NO_CACHE STRING_ARG 3200 { 3201 OUTYY(("P(forward-no-cache:%s)\n", $2)); 3202 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3203 yyerror("expected yes or no."); 3204 else cfg_parser->cfg->forwards->no_cache=(strcmp($2, "yes")==0); 3205 free($2); 3206 } 3207 ; 3208 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG 3209 { 3210 OUTYY(("P(forward-ssl-upstream:%s)\n", $2)); 3211 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3212 yyerror("expected yes or no."); 3213 else cfg_parser->cfg->forwards->ssl_upstream = 3214 (strcmp($2, "yes")==0); 3215 free($2); 3216 } 3217 ; 3218 forward_tcp_upstream: VAR_FORWARD_TCP_UPSTREAM STRING_ARG 3219 { 3220 OUTYY(("P(forward-tcp-upstream:%s)\n", $2)); 3221 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3222 yyerror("expected yes or no."); 3223 else cfg_parser->cfg->forwards->tcp_upstream = 3224 (strcmp($2, "yes")==0); 3225 free($2); 3226 } 3227 ; 3228 auth_name: VAR_NAME STRING_ARG 3229 { 3230 OUTYY(("P(name:%s)\n", $2)); 3231 if(cfg_parser->cfg->auths->name) 3232 yyerror("auth name override, there must be one name " 3233 "for one auth-zone"); 3234 free(cfg_parser->cfg->auths->name); 3235 cfg_parser->cfg->auths->name = $2; 3236 } 3237 ; 3238 auth_zonefile: VAR_ZONEFILE STRING_ARG 3239 { 3240 OUTYY(("P(zonefile:%s)\n", $2)); 3241 free(cfg_parser->cfg->auths->zonefile); 3242 cfg_parser->cfg->auths->zonefile = $2; 3243 } 3244 ; 3245 auth_master: VAR_MASTER STRING_ARG 3246 { 3247 OUTYY(("P(master:%s)\n", $2)); 3248 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2)) 3249 yyerror("out of memory"); 3250 } 3251 ; 3252 auth_url: VAR_URL STRING_ARG 3253 { 3254 OUTYY(("P(url:%s)\n", $2)); 3255 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2)) 3256 yyerror("out of memory"); 3257 } 3258 ; 3259 auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG 3260 { 3261 OUTYY(("P(allow-notify:%s)\n", $2)); 3262 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify, 3263 $2)) 3264 yyerror("out of memory"); 3265 } 3266 ; 3267 auth_zonemd_check: VAR_ZONEMD_CHECK STRING_ARG 3268 { 3269 OUTYY(("P(zonemd-check:%s)\n", $2)); 3270 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3271 yyerror("expected yes or no."); 3272 else cfg_parser->cfg->auths->zonemd_check = 3273 (strcmp($2, "yes")==0); 3274 free($2); 3275 } 3276 ; 3277 auth_zonemd_reject_absence: VAR_ZONEMD_REJECT_ABSENCE STRING_ARG 3278 { 3279 OUTYY(("P(zonemd-reject-absence:%s)\n", $2)); 3280 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3281 yyerror("expected yes or no."); 3282 else cfg_parser->cfg->auths->zonemd_reject_absence = 3283 (strcmp($2, "yes")==0); 3284 free($2); 3285 } 3286 ; 3287 auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG 3288 { 3289 OUTYY(("P(for-downstream:%s)\n", $2)); 3290 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3291 yyerror("expected yes or no."); 3292 else cfg_parser->cfg->auths->for_downstream = 3293 (strcmp($2, "yes")==0); 3294 free($2); 3295 } 3296 ; 3297 auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG 3298 { 3299 OUTYY(("P(for-upstream:%s)\n", $2)); 3300 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3301 yyerror("expected yes or no."); 3302 else cfg_parser->cfg->auths->for_upstream = 3303 (strcmp($2, "yes")==0); 3304 free($2); 3305 } 3306 ; 3307 auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG 3308 { 3309 OUTYY(("P(fallback-enabled:%s)\n", $2)); 3310 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3311 yyerror("expected yes or no."); 3312 else cfg_parser->cfg->auths->fallback_enabled = 3313 (strcmp($2, "yes")==0); 3314 free($2); 3315 } 3316 ; 3317 view_name: VAR_NAME STRING_ARG 3318 { 3319 OUTYY(("P(name:%s)\n", $2)); 3320 if(cfg_parser->cfg->views->name) 3321 yyerror("view name override, there must be one " 3322 "name for one view"); 3323 free(cfg_parser->cfg->views->name); 3324 cfg_parser->cfg->views->name = $2; 3325 } 3326 ; 3327 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 3328 { 3329 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3)); 3330 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 3331 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 3332 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 3333 && strcmp($3, "typetransparent")!=0 3334 && strcmp($3, "always_transparent")!=0 3335 && strcmp($3, "always_refuse")!=0 3336 && strcmp($3, "always_nxdomain")!=0 3337 && strcmp($3, "always_nodata")!=0 3338 && strcmp($3, "always_deny")!=0 3339 && strcmp($3, "always_null")!=0 3340 && strcmp($3, "noview")!=0 3341 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 3342 && strcmp($3, "inform_redirect") != 0 3343 && strcmp($3, "ipset") != 0) { 3344 yyerror("local-zone type: expected static, deny, " 3345 "refuse, redirect, transparent, " 3346 "typetransparent, inform, inform_deny, " 3347 "inform_redirect, always_transparent, " 3348 "always_refuse, always_nxdomain, " 3349 "always_nodata, always_deny, always_null, " 3350 "noview, nodefault or ipset"); 3351 free($2); 3352 free($3); 3353 } else if(strcmp($3, "nodefault")==0) { 3354 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3355 local_zones_nodefault, $2)) 3356 fatal_exit("out of memory adding local-zone"); 3357 free($3); 3358 #ifdef USE_IPSET 3359 } else if(strcmp($3, "ipset")==0) { 3360 size_t len = strlen($2); 3361 /* Make sure to add the trailing dot. 3362 * These are str compared to domain names. */ 3363 if($2[len-1] != '.') { 3364 if(!($2 = realloc($2, len+2))) { 3365 fatal_exit("out of memory adding local-zone"); 3366 } 3367 $2[len] = '.'; 3368 $2[len+1] = 0; 3369 } 3370 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3371 local_zones_ipset, $2)) 3372 fatal_exit("out of memory adding local-zone"); 3373 free($3); 3374 #endif 3375 } else { 3376 if(!cfg_str2list_insert( 3377 &cfg_parser->cfg->views->local_zones, 3378 $2, $3)) 3379 fatal_exit("out of memory adding local-zone"); 3380 } 3381 } 3382 ; 3383 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 3384 { 3385 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3)); 3386 validate_respip_action($3); 3387 if(!cfg_str2list_insert( 3388 &cfg_parser->cfg->views->respip_actions, $2, $3)) 3389 fatal_exit("out of memory adding per-view " 3390 "response-ip action"); 3391 } 3392 ; 3393 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 3394 { 3395 OUTYY(("P(view_response_ip_data:%s)\n", $2)); 3396 if(!cfg_str2list_insert( 3397 &cfg_parser->cfg->views->respip_data, $2, $3)) 3398 fatal_exit("out of memory adding response-ip-data"); 3399 } 3400 ; 3401 view_local_data: VAR_LOCAL_DATA STRING_ARG 3402 { 3403 OUTYY(("P(view_local_data:%s)\n", $2)); 3404 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) { 3405 fatal_exit("out of memory adding local-data"); 3406 } 3407 } 3408 ; 3409 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 3410 { 3411 char* ptr; 3412 OUTYY(("P(view_local_data_ptr:%s)\n", $2)); 3413 ptr = cfg_ptr_reverse($2); 3414 free($2); 3415 if(ptr) { 3416 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3417 local_data, ptr)) 3418 fatal_exit("out of memory adding local-data"); 3419 } else { 3420 yyerror("local-data-ptr could not be reversed"); 3421 } 3422 } 3423 ; 3424 view_first: VAR_VIEW_FIRST STRING_ARG 3425 { 3426 OUTYY(("P(view-first:%s)\n", $2)); 3427 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3428 yyerror("expected yes or no."); 3429 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0); 3430 free($2); 3431 } 3432 ; 3433 rcstart: VAR_REMOTE_CONTROL 3434 { 3435 OUTYY(("\nP(remote-control:)\n")); 3436 cfg_parser->started_toplevel = 1; 3437 } 3438 ; 3439 contents_rc: contents_rc content_rc 3440 | ; 3441 content_rc: rc_control_enable | rc_control_interface | rc_control_port | 3442 rc_server_key_file | rc_server_cert_file | rc_control_key_file | 3443 rc_control_cert_file | rc_control_use_cert 3444 ; 3445 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG 3446 { 3447 OUTYY(("P(control_enable:%s)\n", $2)); 3448 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3449 yyerror("expected yes or no."); 3450 else cfg_parser->cfg->remote_control_enable = 3451 (strcmp($2, "yes")==0); 3452 free($2); 3453 } 3454 ; 3455 rc_control_port: VAR_CONTROL_PORT STRING_ARG 3456 { 3457 OUTYY(("P(control_port:%s)\n", $2)); 3458 if(atoi($2) == 0) 3459 yyerror("control port number expected"); 3460 else cfg_parser->cfg->control_port = atoi($2); 3461 free($2); 3462 } 3463 ; 3464 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG 3465 { 3466 OUTYY(("P(control_interface:%s)\n", $2)); 3467 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2)) 3468 yyerror("out of memory"); 3469 } 3470 ; 3471 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG 3472 { 3473 OUTYY(("P(control_use_cert:%s)\n", $2)); 3474 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0); 3475 free($2); 3476 } 3477 ; 3478 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG 3479 { 3480 OUTYY(("P(rc_server_key_file:%s)\n", $2)); 3481 free(cfg_parser->cfg->server_key_file); 3482 cfg_parser->cfg->server_key_file = $2; 3483 } 3484 ; 3485 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG 3486 { 3487 OUTYY(("P(rc_server_cert_file:%s)\n", $2)); 3488 free(cfg_parser->cfg->server_cert_file); 3489 cfg_parser->cfg->server_cert_file = $2; 3490 } 3491 ; 3492 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG 3493 { 3494 OUTYY(("P(rc_control_key_file:%s)\n", $2)); 3495 free(cfg_parser->cfg->control_key_file); 3496 cfg_parser->cfg->control_key_file = $2; 3497 } 3498 ; 3499 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG 3500 { 3501 OUTYY(("P(rc_control_cert_file:%s)\n", $2)); 3502 free(cfg_parser->cfg->control_cert_file); 3503 cfg_parser->cfg->control_cert_file = $2; 3504 } 3505 ; 3506 dtstart: VAR_DNSTAP 3507 { 3508 OUTYY(("\nP(dnstap:)\n")); 3509 cfg_parser->started_toplevel = 1; 3510 } 3511 ; 3512 contents_dt: contents_dt content_dt 3513 | ; 3514 content_dt: dt_dnstap_enable | dt_dnstap_socket_path | dt_dnstap_bidirectional | 3515 dt_dnstap_ip | dt_dnstap_tls | dt_dnstap_tls_server_name | 3516 dt_dnstap_tls_cert_bundle | 3517 dt_dnstap_tls_client_key_file | dt_dnstap_tls_client_cert_file | 3518 dt_dnstap_send_identity | dt_dnstap_send_version | 3519 dt_dnstap_identity | dt_dnstap_version | 3520 dt_dnstap_log_resolver_query_messages | 3521 dt_dnstap_log_resolver_response_messages | 3522 dt_dnstap_log_client_query_messages | 3523 dt_dnstap_log_client_response_messages | 3524 dt_dnstap_log_forwarder_query_messages | 3525 dt_dnstap_log_forwarder_response_messages | 3526 dt_dnstap_sample_rate 3527 ; 3528 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG 3529 { 3530 OUTYY(("P(dt_dnstap_enable:%s)\n", $2)); 3531 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3532 yyerror("expected yes or no."); 3533 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0); 3534 free($2); 3535 } 3536 ; 3537 dt_dnstap_bidirectional: VAR_DNSTAP_BIDIRECTIONAL STRING_ARG 3538 { 3539 OUTYY(("P(dt_dnstap_bidirectional:%s)\n", $2)); 3540 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3541 yyerror("expected yes or no."); 3542 else cfg_parser->cfg->dnstap_bidirectional = 3543 (strcmp($2, "yes")==0); 3544 free($2); 3545 } 3546 ; 3547 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG 3548 { 3549 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2)); 3550 free(cfg_parser->cfg->dnstap_socket_path); 3551 cfg_parser->cfg->dnstap_socket_path = $2; 3552 } 3553 ; 3554 dt_dnstap_ip: VAR_DNSTAP_IP STRING_ARG 3555 { 3556 OUTYY(("P(dt_dnstap_ip:%s)\n", $2)); 3557 free(cfg_parser->cfg->dnstap_ip); 3558 cfg_parser->cfg->dnstap_ip = $2; 3559 } 3560 ; 3561 dt_dnstap_tls: VAR_DNSTAP_TLS STRING_ARG 3562 { 3563 OUTYY(("P(dt_dnstap_tls:%s)\n", $2)); 3564 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3565 yyerror("expected yes or no."); 3566 else cfg_parser->cfg->dnstap_tls = (strcmp($2, "yes")==0); 3567 free($2); 3568 } 3569 ; 3570 dt_dnstap_tls_server_name: VAR_DNSTAP_TLS_SERVER_NAME STRING_ARG 3571 { 3572 OUTYY(("P(dt_dnstap_tls_server_name:%s)\n", $2)); 3573 free(cfg_parser->cfg->dnstap_tls_server_name); 3574 cfg_parser->cfg->dnstap_tls_server_name = $2; 3575 } 3576 ; 3577 dt_dnstap_tls_cert_bundle: VAR_DNSTAP_TLS_CERT_BUNDLE STRING_ARG 3578 { 3579 OUTYY(("P(dt_dnstap_tls_cert_bundle:%s)\n", $2)); 3580 free(cfg_parser->cfg->dnstap_tls_cert_bundle); 3581 cfg_parser->cfg->dnstap_tls_cert_bundle = $2; 3582 } 3583 ; 3584 dt_dnstap_tls_client_key_file: VAR_DNSTAP_TLS_CLIENT_KEY_FILE STRING_ARG 3585 { 3586 OUTYY(("P(dt_dnstap_tls_client_key_file:%s)\n", $2)); 3587 free(cfg_parser->cfg->dnstap_tls_client_key_file); 3588 cfg_parser->cfg->dnstap_tls_client_key_file = $2; 3589 } 3590 ; 3591 dt_dnstap_tls_client_cert_file: VAR_DNSTAP_TLS_CLIENT_CERT_FILE STRING_ARG 3592 { 3593 OUTYY(("P(dt_dnstap_tls_client_cert_file:%s)\n", $2)); 3594 free(cfg_parser->cfg->dnstap_tls_client_cert_file); 3595 cfg_parser->cfg->dnstap_tls_client_cert_file = $2; 3596 } 3597 ; 3598 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG 3599 { 3600 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2)); 3601 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3602 yyerror("expected yes or no."); 3603 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0); 3604 free($2); 3605 } 3606 ; 3607 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG 3608 { 3609 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2)); 3610 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3611 yyerror("expected yes or no."); 3612 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0); 3613 free($2); 3614 } 3615 ; 3616 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG 3617 { 3618 OUTYY(("P(dt_dnstap_identity:%s)\n", $2)); 3619 free(cfg_parser->cfg->dnstap_identity); 3620 cfg_parser->cfg->dnstap_identity = $2; 3621 } 3622 ; 3623 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG 3624 { 3625 OUTYY(("P(dt_dnstap_version:%s)\n", $2)); 3626 free(cfg_parser->cfg->dnstap_version); 3627 cfg_parser->cfg->dnstap_version = $2; 3628 } 3629 ; 3630 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG 3631 { 3632 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2)); 3633 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3634 yyerror("expected yes or no."); 3635 else cfg_parser->cfg->dnstap_log_resolver_query_messages = 3636 (strcmp($2, "yes")==0); 3637 free($2); 3638 } 3639 ; 3640 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG 3641 { 3642 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2)); 3643 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3644 yyerror("expected yes or no."); 3645 else cfg_parser->cfg->dnstap_log_resolver_response_messages = 3646 (strcmp($2, "yes")==0); 3647 free($2); 3648 } 3649 ; 3650 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG 3651 { 3652 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2)); 3653 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3654 yyerror("expected yes or no."); 3655 else cfg_parser->cfg->dnstap_log_client_query_messages = 3656 (strcmp($2, "yes")==0); 3657 free($2); 3658 } 3659 ; 3660 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG 3661 { 3662 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2)); 3663 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3664 yyerror("expected yes or no."); 3665 else cfg_parser->cfg->dnstap_log_client_response_messages = 3666 (strcmp($2, "yes")==0); 3667 free($2); 3668 } 3669 ; 3670 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG 3671 { 3672 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2)); 3673 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3674 yyerror("expected yes or no."); 3675 else cfg_parser->cfg->dnstap_log_forwarder_query_messages = 3676 (strcmp($2, "yes")==0); 3677 free($2); 3678 } 3679 ; 3680 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG 3681 { 3682 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2)); 3683 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3684 yyerror("expected yes or no."); 3685 else cfg_parser->cfg->dnstap_log_forwarder_response_messages = 3686 (strcmp($2, "yes")==0); 3687 free($2); 3688 } 3689 ; 3690 dt_dnstap_sample_rate: VAR_DNSTAP_SAMPLE_RATE STRING_ARG 3691 { 3692 OUTYY(("P(dt_dnstap_sample_rate:%s)\n", $2)); 3693 if(atoi($2) == 0 && strcmp($2, "0") != 0) 3694 yyerror("number expected"); 3695 else if(atoi($2) < 0) 3696 yyerror("dnstap sample rate too small"); 3697 else cfg_parser->cfg->dnstap_sample_rate = atoi($2); 3698 free($2); 3699 } 3700 ; 3701 pythonstart: VAR_PYTHON 3702 { 3703 OUTYY(("\nP(python:)\n")); 3704 cfg_parser->started_toplevel = 1; 3705 } 3706 ; 3707 contents_py: contents_py content_py 3708 | ; 3709 content_py: py_script 3710 ; 3711 py_script: VAR_PYTHON_SCRIPT STRING_ARG 3712 { 3713 OUTYY(("P(python-script:%s)\n", $2)); 3714 if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, $2)) 3715 yyerror("out of memory"); 3716 } 3717 ; 3718 dynlibstart: VAR_DYNLIB 3719 { 3720 OUTYY(("\nP(dynlib:)\n")); 3721 cfg_parser->started_toplevel = 1; 3722 } 3723 ; 3724 contents_dl: contents_dl content_dl 3725 | ; 3726 content_dl: dl_file 3727 ; 3728 dl_file: VAR_DYNLIB_FILE STRING_ARG 3729 { 3730 OUTYY(("P(dynlib-file:%s)\n", $2)); 3731 if(!cfg_strlist_append_ex(&cfg_parser->cfg->dynlib_file, $2)) 3732 yyerror("out of memory"); 3733 } 3734 ; 3735 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG 3736 { 3737 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2)); 3738 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3739 yyerror("expected yes or no."); 3740 else cfg_parser->cfg->disable_dnssec_lame_check = 3741 (strcmp($2, "yes")==0); 3742 free($2); 3743 } 3744 ; 3745 server_log_identity: VAR_LOG_IDENTITY STRING_ARG 3746 { 3747 OUTYY(("P(server_log_identity:%s)\n", $2)); 3748 free(cfg_parser->cfg->log_identity); 3749 cfg_parser->cfg->log_identity = $2; 3750 } 3751 ; 3752 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 3753 { 3754 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3)); 3755 validate_respip_action($3); 3756 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions, 3757 $2, $3)) 3758 fatal_exit("out of memory adding response-ip"); 3759 } 3760 ; 3761 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 3762 { 3763 OUTYY(("P(server_response_ip_data:%s)\n", $2)); 3764 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data, 3765 $2, $3)) 3766 fatal_exit("out of memory adding response-ip-data"); 3767 } 3768 ; 3769 dnscstart: VAR_DNSCRYPT 3770 { 3771 OUTYY(("\nP(dnscrypt:)\n")); 3772 cfg_parser->started_toplevel = 1; 3773 } 3774 ; 3775 contents_dnsc: contents_dnsc content_dnsc 3776 | ; 3777 content_dnsc: 3778 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider | 3779 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert | 3780 dnsc_dnscrypt_provider_cert_rotated | 3781 dnsc_dnscrypt_shared_secret_cache_size | 3782 dnsc_dnscrypt_shared_secret_cache_slabs | 3783 dnsc_dnscrypt_nonce_cache_size | 3784 dnsc_dnscrypt_nonce_cache_slabs 3785 ; 3786 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG 3787 { 3788 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2)); 3789 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3790 yyerror("expected yes or no."); 3791 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0); 3792 free($2); 3793 } 3794 ; 3795 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG 3796 { 3797 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2)); 3798 if(atoi($2) == 0) 3799 yyerror("port number expected"); 3800 else cfg_parser->cfg->dnscrypt_port = atoi($2); 3801 free($2); 3802 } 3803 ; 3804 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG 3805 { 3806 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2)); 3807 free(cfg_parser->cfg->dnscrypt_provider); 3808 cfg_parser->cfg->dnscrypt_provider = $2; 3809 } 3810 ; 3811 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG 3812 { 3813 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2)); 3814 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3815 log_warn("dnscrypt-provider-cert %s is a duplicate", $2); 3816 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3817 fatal_exit("out of memory adding dnscrypt-provider-cert"); 3818 } 3819 ; 3820 dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG 3821 { 3822 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2)); 3823 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2)) 3824 fatal_exit("out of memory adding dnscrypt-provider-cert-rotated"); 3825 } 3826 ; 3827 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG 3828 { 3829 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2)); 3830 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2)) 3831 log_warn("dnscrypt-secret-key: %s is a duplicate", $2); 3832 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2)) 3833 fatal_exit("out of memory adding dnscrypt-secret-key"); 3834 } 3835 ; 3836 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG 3837 { 3838 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2)); 3839 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size)) 3840 yyerror("memory size expected"); 3841 free($2); 3842 } 3843 ; 3844 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG 3845 { 3846 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2)); 3847 if(atoi($2) == 0) { 3848 yyerror("number expected"); 3849 } else { 3850 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2); 3851 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs)) 3852 yyerror("must be a power of 2"); 3853 } 3854 free($2); 3855 } 3856 ; 3857 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG 3858 { 3859 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2)); 3860 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size)) 3861 yyerror("memory size expected"); 3862 free($2); 3863 } 3864 ; 3865 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG 3866 { 3867 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2)); 3868 if(atoi($2) == 0) { 3869 yyerror("number expected"); 3870 } else { 3871 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2); 3872 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs)) 3873 yyerror("must be a power of 2"); 3874 } 3875 free($2); 3876 } 3877 ; 3878 cachedbstart: VAR_CACHEDB 3879 { 3880 OUTYY(("\nP(cachedb:)\n")); 3881 cfg_parser->started_toplevel = 1; 3882 } 3883 ; 3884 contents_cachedb: contents_cachedb content_cachedb 3885 | ; 3886 content_cachedb: cachedb_backend_name | cachedb_secret_seed | 3887 redis_server_host | redis_replica_server_host | 3888 redis_server_port | redis_replica_server_port | 3889 redis_timeout | redis_replica_timeout | 3890 redis_command_timeout | redis_replica_command_timeout | 3891 redis_connect_timeout | redis_replica_connect_timeout | 3892 redis_server_path | redis_replica_server_path | 3893 redis_server_password | redis_replica_server_password | 3894 redis_logical_db | redis_replica_logical_db | 3895 cachedb_no_store | redis_expire_records | 3896 cachedb_check_when_serve_expired 3897 ; 3898 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG 3899 { 3900 #ifdef USE_CACHEDB 3901 OUTYY(("P(backend:%s)\n", $2)); 3902 free(cfg_parser->cfg->cachedb_backend); 3903 cfg_parser->cfg->cachedb_backend = $2; 3904 #else 3905 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3906 free($2); 3907 #endif 3908 } 3909 ; 3910 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG 3911 { 3912 #ifdef USE_CACHEDB 3913 OUTYY(("P(secret-seed:%s)\n", $2)); 3914 free(cfg_parser->cfg->cachedb_secret); 3915 cfg_parser->cfg->cachedb_secret = $2; 3916 #else 3917 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3918 free($2); 3919 #endif 3920 } 3921 ; 3922 cachedb_no_store: VAR_CACHEDB_NO_STORE STRING_ARG 3923 { 3924 #ifdef USE_CACHEDB 3925 OUTYY(("P(cachedb_no_store:%s)\n", $2)); 3926 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3927 yyerror("expected yes or no."); 3928 else cfg_parser->cfg->cachedb_no_store = (strcmp($2, "yes")==0); 3929 #else 3930 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3931 #endif 3932 free($2); 3933 } 3934 ; 3935 cachedb_check_when_serve_expired: VAR_CACHEDB_CHECK_WHEN_SERVE_EXPIRED STRING_ARG 3936 { 3937 #ifdef USE_CACHEDB 3938 OUTYY(("P(cachedb_check_when_serve_expired:%s)\n", $2)); 3939 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3940 yyerror("expected yes or no."); 3941 else cfg_parser->cfg->cachedb_check_when_serve_expired = (strcmp($2, "yes")==0); 3942 #else 3943 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3944 #endif 3945 free($2); 3946 } 3947 ; 3948 redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG 3949 { 3950 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3951 OUTYY(("P(redis_server_host:%s)\n", $2)); 3952 free(cfg_parser->cfg->redis_server_host); 3953 cfg_parser->cfg->redis_server_host = $2; 3954 #else 3955 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3956 free($2); 3957 #endif 3958 } 3959 ; 3960 redis_replica_server_host: VAR_CACHEDB_REDISREPLICAHOST STRING_ARG 3961 { 3962 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3963 OUTYY(("P(redis_replica_server_host:%s)\n", $2)); 3964 free(cfg_parser->cfg->redis_replica_server_host); 3965 cfg_parser->cfg->redis_replica_server_host = $2; 3966 #else 3967 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3968 free($2); 3969 #endif 3970 } 3971 ; 3972 redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG 3973 { 3974 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3975 int port; 3976 OUTYY(("P(redis_server_port:%s)\n", $2)); 3977 port = atoi($2); 3978 if(port == 0 || port < 0 || port > 65535) 3979 yyerror("valid redis server port number expected"); 3980 else cfg_parser->cfg->redis_server_port = port; 3981 #else 3982 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3983 #endif 3984 free($2); 3985 } 3986 ; 3987 redis_replica_server_port: VAR_CACHEDB_REDISREPLICAPORT STRING_ARG 3988 { 3989 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3990 int port; 3991 OUTYY(("P(redis_replica_server_port:%s)\n", $2)); 3992 port = atoi($2); 3993 if(port == 0 || port < 0 || port > 65535) 3994 yyerror("valid redis server port number expected"); 3995 else cfg_parser->cfg->redis_replica_server_port = port; 3996 #else 3997 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3998 #endif 3999 free($2); 4000 } 4001 ; 4002 redis_server_path: VAR_CACHEDB_REDISPATH STRING_ARG 4003 { 4004 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4005 OUTYY(("P(redis_server_path:%s)\n", $2)); 4006 free(cfg_parser->cfg->redis_server_path); 4007 cfg_parser->cfg->redis_server_path = $2; 4008 #else 4009 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4010 free($2); 4011 #endif 4012 } 4013 ; 4014 redis_replica_server_path: VAR_CACHEDB_REDISREPLICAPATH STRING_ARG 4015 { 4016 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4017 OUTYY(("P(redis_replica_server_path:%s)\n", $2)); 4018 free(cfg_parser->cfg->redis_replica_server_path); 4019 cfg_parser->cfg->redis_replica_server_path = $2; 4020 #else 4021 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4022 free($2); 4023 #endif 4024 } 4025 ; 4026 redis_server_password: VAR_CACHEDB_REDISPASSWORD STRING_ARG 4027 { 4028 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4029 OUTYY(("P(redis_server_password:%s)\n", $2)); 4030 free(cfg_parser->cfg->redis_server_password); 4031 cfg_parser->cfg->redis_server_password = $2; 4032 #else 4033 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4034 free($2); 4035 #endif 4036 } 4037 ; 4038 redis_replica_server_password: VAR_CACHEDB_REDISREPLICAPASSWORD STRING_ARG 4039 { 4040 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4041 OUTYY(("P(redis_replica_server_password:%s)\n", $2)); 4042 free(cfg_parser->cfg->redis_replica_server_password); 4043 cfg_parser->cfg->redis_replica_server_password = $2; 4044 #else 4045 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4046 free($2); 4047 #endif 4048 } 4049 ; 4050 redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG 4051 { 4052 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4053 OUTYY(("P(redis_timeout:%s)\n", $2)); 4054 if(atoi($2) == 0) 4055 yyerror("redis timeout value expected"); 4056 else cfg_parser->cfg->redis_timeout = atoi($2); 4057 #else 4058 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4059 #endif 4060 free($2); 4061 } 4062 ; 4063 redis_replica_timeout: VAR_CACHEDB_REDISREPLICATIMEOUT STRING_ARG 4064 { 4065 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4066 OUTYY(("P(redis_replica_timeout:%s)\n", $2)); 4067 if(atoi($2) == 0) 4068 yyerror("redis timeout value expected"); 4069 else cfg_parser->cfg->redis_replica_timeout = atoi($2); 4070 #else 4071 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4072 #endif 4073 free($2); 4074 } 4075 ; 4076 redis_command_timeout: VAR_CACHEDB_REDISCOMMANDTIMEOUT STRING_ARG 4077 { 4078 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4079 OUTYY(("P(redis_command_timeout:%s)\n", $2)); 4080 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4081 yyerror("redis command timeout value expected"); 4082 else cfg_parser->cfg->redis_command_timeout = atoi($2); 4083 #else 4084 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4085 #endif 4086 free($2); 4087 } 4088 ; 4089 redis_replica_command_timeout: VAR_CACHEDB_REDISREPLICACOMMANDTIMEOUT STRING_ARG 4090 { 4091 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4092 OUTYY(("P(redis_replica_command_timeout:%s)\n", $2)); 4093 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4094 yyerror("redis command timeout value expected"); 4095 else cfg_parser->cfg->redis_replica_command_timeout = atoi($2); 4096 #else 4097 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4098 #endif 4099 free($2); 4100 } 4101 ; 4102 redis_connect_timeout: VAR_CACHEDB_REDISCONNECTTIMEOUT STRING_ARG 4103 { 4104 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4105 OUTYY(("P(redis_connect_timeout:%s)\n", $2)); 4106 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4107 yyerror("redis connect timeout value expected"); 4108 else cfg_parser->cfg->redis_connect_timeout = atoi($2); 4109 #else 4110 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4111 #endif 4112 free($2); 4113 } 4114 ; 4115 redis_replica_connect_timeout: VAR_CACHEDB_REDISREPLICACONNECTTIMEOUT STRING_ARG 4116 { 4117 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4118 OUTYY(("P(redis_replica_connect_timeout:%s)\n", $2)); 4119 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4120 yyerror("redis connect timeout value expected"); 4121 else cfg_parser->cfg->redis_replica_connect_timeout = atoi($2); 4122 #else 4123 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4124 #endif 4125 free($2); 4126 } 4127 ; 4128 redis_expire_records: VAR_CACHEDB_REDISEXPIRERECORDS STRING_ARG 4129 { 4130 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4131 OUTYY(("P(redis_expire_records:%s)\n", $2)); 4132 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 4133 yyerror("expected yes or no."); 4134 else cfg_parser->cfg->redis_expire_records = (strcmp($2, "yes")==0); 4135 #else 4136 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4137 #endif 4138 free($2); 4139 } 4140 ; 4141 redis_logical_db: VAR_CACHEDB_REDISLOGICALDB STRING_ARG 4142 { 4143 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4144 int db; 4145 OUTYY(("P(redis_logical_db:%s)\n", $2)); 4146 db = atoi($2); 4147 if((db == 0 && strcmp($2, "0") != 0) || db < 0) 4148 yyerror("valid redis logical database index expected"); 4149 else cfg_parser->cfg->redis_logical_db = db; 4150 #else 4151 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4152 #endif 4153 free($2); 4154 } 4155 ; 4156 redis_replica_logical_db: VAR_CACHEDB_REDISREPLICALOGICALDB STRING_ARG 4157 { 4158 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4159 int db; 4160 OUTYY(("P(redis_replica_logical_db:%s)\n", $2)); 4161 db = atoi($2); 4162 if((db == 0 && strcmp($2, "0") != 0) || db < 0) 4163 yyerror("valid redis logical database index expected"); 4164 else cfg_parser->cfg->redis_replica_logical_db = db; 4165 #else 4166 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4167 #endif 4168 free($2); 4169 } 4170 ; 4171 server_tcp_connection_limit: VAR_TCP_CONNECTION_LIMIT STRING_ARG STRING_ARG 4172 { 4173 OUTYY(("P(server_tcp_connection_limit:%s %s)\n", $2, $3)); 4174 if (atoi($3) < 0) 4175 yyerror("positive number expected"); 4176 else { 4177 if(!cfg_str2list_insert(&cfg_parser->cfg->tcp_connection_limits, $2, $3)) 4178 fatal_exit("out of memory adding tcp connection limit"); 4179 } 4180 } 4181 ; 4182 server_answer_cookie: VAR_ANSWER_COOKIE STRING_ARG 4183 { 4184 OUTYY(("P(server_answer_cookie:%s)\n", $2)); 4185 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 4186 yyerror("expected yes or no."); 4187 else cfg_parser->cfg->do_answer_cookie = (strcmp($2, "yes")==0); 4188 free($2); 4189 } 4190 ; 4191 server_cookie_secret: VAR_COOKIE_SECRET STRING_ARG 4192 { 4193 uint8_t secret[32]; 4194 size_t secret_len = sizeof(secret); 4195 4196 OUTYY(("P(server_cookie_secret:%s)\n", $2)); 4197 if(sldns_str2wire_hex_buf($2, secret, &secret_len) 4198 || (secret_len != 16)) 4199 yyerror("expected 128 bit hex string"); 4200 else { 4201 cfg_parser->cfg->cookie_secret_len = secret_len; 4202 memcpy(cfg_parser->cfg->cookie_secret, secret, sizeof(secret)); 4203 } 4204 free($2); 4205 } 4206 ; 4207 server_cookie_secret_file: VAR_COOKIE_SECRET_FILE STRING_ARG 4208 { 4209 OUTYY(("P(cookie_secret_file:%s)\n", $2)); 4210 free(cfg_parser->cfg->cookie_secret_file); 4211 cfg_parser->cfg->cookie_secret_file = $2; 4212 } 4213 ; 4214 server_iter_scrub_ns: VAR_ITER_SCRUB_NS STRING_ARG 4215 { 4216 OUTYY(("P(server_iter_scrub_ns:%s)\n", $2)); 4217 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4218 yyerror("number expected"); 4219 else cfg_parser->cfg->iter_scrub_ns = atoi($2); 4220 free($2); 4221 } 4222 ; 4223 server_iter_scrub_cname: VAR_ITER_SCRUB_CNAME STRING_ARG 4224 { 4225 OUTYY(("P(server_iter_scrub_cname:%s)\n", $2)); 4226 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4227 yyerror("number expected"); 4228 else cfg_parser->cfg->iter_scrub_cname = atoi($2); 4229 free($2); 4230 } 4231 ; 4232 server_max_global_quota: VAR_MAX_GLOBAL_QUOTA STRING_ARG 4233 { 4234 OUTYY(("P(server_max_global_quota:%s)\n", $2)); 4235 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4236 yyerror("number expected"); 4237 else cfg_parser->cfg->max_global_quota = atoi($2); 4238 free($2); 4239 } 4240 ; 4241 ipsetstart: VAR_IPSET 4242 { 4243 OUTYY(("\nP(ipset:)\n")); 4244 cfg_parser->started_toplevel = 1; 4245 } 4246 ; 4247 contents_ipset: contents_ipset content_ipset 4248 | ; 4249 content_ipset: ipset_name_v4 | ipset_name_v6 4250 ; 4251 ipset_name_v4: VAR_IPSET_NAME_V4 STRING_ARG 4252 { 4253 #ifdef USE_IPSET 4254 OUTYY(("P(name-v4:%s)\n", $2)); 4255 if(cfg_parser->cfg->ipset_name_v4) 4256 yyerror("ipset name v4 override, there must be one " 4257 "name for ip v4"); 4258 free(cfg_parser->cfg->ipset_name_v4); 4259 cfg_parser->cfg->ipset_name_v4 = $2; 4260 #else 4261 OUTYY(("P(Compiled without ipset, ignoring)\n")); 4262 free($2); 4263 #endif 4264 } 4265 ; 4266 ipset_name_v6: VAR_IPSET_NAME_V6 STRING_ARG 4267 { 4268 #ifdef USE_IPSET 4269 OUTYY(("P(name-v6:%s)\n", $2)); 4270 if(cfg_parser->cfg->ipset_name_v6) 4271 yyerror("ipset name v6 override, there must be one " 4272 "name for ip v6"); 4273 free(cfg_parser->cfg->ipset_name_v6); 4274 cfg_parser->cfg->ipset_name_v6 = $2; 4275 #else 4276 OUTYY(("P(Compiled without ipset, ignoring)\n")); 4277 free($2); 4278 #endif 4279 } 4280 ; 4281 %% 4282 4283 /* parse helper routines could be here */ 4284 static void 4285 validate_respip_action(const char* action) 4286 { 4287 if(strcmp(action, "deny")!=0 && 4288 strcmp(action, "redirect")!=0 && 4289 strcmp(action, "inform")!=0 && 4290 strcmp(action, "inform_deny")!=0 && 4291 strcmp(action, "always_transparent")!=0 && 4292 strcmp(action, "always_refuse")!=0 && 4293 strcmp(action, "always_nxdomain")!=0) 4294 { 4295 yyerror("response-ip action: expected deny, redirect, " 4296 "inform, inform_deny, always_transparent, " 4297 "always_refuse or always_nxdomain"); 4298 } 4299 } 4300 4301 static void 4302 validate_acl_action(const char* action) 4303 { 4304 if(strcmp(action, "deny")!=0 && 4305 strcmp(action, "refuse")!=0 && 4306 strcmp(action, "deny_non_local")!=0 && 4307 strcmp(action, "refuse_non_local")!=0 && 4308 strcmp(action, "allow_setrd")!=0 && 4309 strcmp(action, "allow")!=0 && 4310 strcmp(action, "allow_snoop")!=0 && 4311 strcmp(action, "allow_cookie")!=0) 4312 { 4313 yyerror("expected deny, refuse, deny_non_local, " 4314 "refuse_non_local, allow, allow_setrd, " 4315 "allow_snoop or allow_cookie as access control action"); 4316 } 4317 } 4318