1 /* 2 * configparser.y -- yacc grammar for unbound configuration files 3 * 4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. 5 * 6 * Copyright (c) 2007, NLnet Labs. All rights reserved. 7 * 8 * This software is open source. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * Redistributions of source code must retain the above copyright notice, 15 * this list of conditions and the following disclaimer. 16 * 17 * Redistributions in binary form must reproduce the above copyright notice, 18 * this list of conditions and the following disclaimer in the documentation 19 * and/or other materials provided with the distribution. 20 * 21 * Neither the name of the NLNET LABS nor the names of its contributors may 22 * be used to endorse or promote products derived from this software without 23 * specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38 %{ 39 #include "config.h" 40 41 #include <stdarg.h> 42 #include <stdio.h> 43 #include <string.h> 44 #include <stdlib.h> 45 #include <assert.h> 46 47 #include "util/configyyrename.h" 48 #include "util/config_file.h" 49 #include "util/net_help.h" 50 51 int ub_c_lex(void); 52 void ub_c_error(const char *message); 53 54 static void validate_respip_action(const char* action); 55 static void validate_acl_action(const char* action); 56 57 /* these need to be global, otherwise they cannot be used inside yacc */ 58 extern struct config_parser_state* cfg_parser; 59 60 #if 0 61 #define OUTYY(s) printf s /* used ONLY when debugging */ 62 #else 63 #define OUTYY(s) 64 #endif 65 66 %} 67 %union { 68 char* str; 69 }; 70 71 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR 72 %token <str> STRING_ARG 73 %token VAR_FORCE_TOPLEVEL 74 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT 75 %token VAR_OUTGOING_RANGE VAR_INTERFACE VAR_PREFER_IP4 76 %token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP 77 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT 78 %token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT 79 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE 80 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD 81 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP 82 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS 83 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME 84 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY 85 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES 86 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR 87 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION 88 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF 89 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE 90 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE 91 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE 92 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE 93 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG 94 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST 95 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL 96 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC 97 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID 98 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT 99 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR 100 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS 101 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE 102 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE 103 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE 104 %token VAR_CONTROL_USE_CERT VAR_TCP_REUSE_TIMEOUT VAR_MAX_REUSE_TCP_QUERIES 105 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT 106 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII 107 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN 108 %token VAR_VAL_SIG_SKEW_MAX VAR_VAL_MAX_RESTART VAR_CACHE_MIN_TTL 109 %token VAR_VAL_LOG_LEVEL VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING 110 %token VAR_ADD_HOLDDOWN VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE 111 %token VAR_PREFETCH VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT 112 %token VAR_HARDEN_BELOW_NXDOMAIN VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES 113 %token VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS VAR_TCP_UPSTREAM 114 %token VAR_SSL_UPSTREAM VAR_TCP_AUTH_QUERY_TIMEOUT VAR_SSL_SERVICE_KEY 115 %token VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST 116 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE 117 %token VAR_STUB_TCP_UPSTREAM VAR_FORWARD_TCP_UPSTREAM 118 %token VAR_HTTPS_PORT VAR_HTTP_ENDPOINT VAR_HTTP_MAX_STREAMS 119 %token VAR_HTTP_QUERY_BUFFER_SIZE VAR_HTTP_RESPONSE_BUFFER_SIZE 120 %token VAR_HTTP_NODELAY VAR_HTTP_NOTLS_DOWNSTREAM 121 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN 122 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE VAR_UDP_CONNECT 123 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES 124 %token VAR_INFRA_CACHE_MIN_RTT VAR_INFRA_CACHE_MAX_RTT VAR_INFRA_KEEP_PROBING 125 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA 126 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH VAR_DNSTAP_IP 127 %token VAR_DNSTAP_TLS VAR_DNSTAP_TLS_SERVER_NAME VAR_DNSTAP_TLS_CERT_BUNDLE 128 %token VAR_DNSTAP_TLS_CLIENT_KEY_FILE VAR_DNSTAP_TLS_CLIENT_CERT_FILE 129 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION VAR_DNSTAP_BIDIRECTIONAL 130 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION 131 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 132 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 133 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 134 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 135 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 136 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 137 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA 138 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT 139 %token VAR_IP_DSCP 140 %token VAR_DISABLE_DNSSEC_LAME_CHECK 141 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE 142 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE 143 %token VAR_OUTBOUND_MSG_RETRY 144 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN 145 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR 146 %token VAR_IP_RATELIMIT_BACKOFF VAR_RATELIMIT_BACKOFF 147 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE 148 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE 149 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6 150 %token VAR_MIN_CLIENT_SUBNET_IPV4 VAR_MIN_CLIENT_SUBNET_IPV6 151 %token VAR_MAX_ECS_TREE_SIZE_IPV4 VAR_MAX_ECS_TREE_SIZE_IPV6 152 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN 153 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND 154 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG 155 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION 156 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW 157 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_SERVE_EXPIRED_TTL 158 %token VAR_SERVE_EXPIRED_TTL_RESET VAR_SERVE_EXPIRED_REPLY_TTL 159 %token VAR_SERVE_EXPIRED_CLIENT_TIMEOUT VAR_EDE_SERVE_EXPIRED 160 %token VAR_SERVE_ORIGINAL_TTL VAR_FAKE_DSA 161 %token VAR_FAKE_SHA1 VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR 162 %token VAR_HIDE_HTTP_USER_AGENT VAR_HTTP_USER_AGENT 163 %token VAR_TRUST_ANCHOR_SIGNALING VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD 164 %token VAR_SHM_ENABLE VAR_SHM_KEY VAR_ROOT_KEY_SENTINEL 165 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER 166 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT 167 %token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 168 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 169 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 170 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE 171 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS 172 %token VAR_PAD_RESPONSES VAR_PAD_RESPONSES_BLOCK_SIZE 173 %token VAR_PAD_QUERIES VAR_PAD_QUERIES_BLOCK_SIZE 174 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS 175 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT 176 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED 177 %token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISTIMEOUT 178 %token VAR_CACHEDB_REDISEXPIRERECORDS 179 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM 180 %token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM 181 %token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL 182 %token VAR_FAST_SERVER_PERMIL VAR_FAST_SERVER_NUM 183 %token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT VAR_TCP_CONNECTION_LIMIT 184 %token VAR_FORWARD_NO_CACHE VAR_STUB_NO_CACHE VAR_LOG_SERVFAIL VAR_DENY_ANY 185 %token VAR_UNKNOWN_SERVER_TIME_LIMIT VAR_LOG_TAG_QUERYREPLY 186 %token VAR_STREAM_WAIT_SIZE VAR_TLS_CIPHERS VAR_TLS_CIPHERSUITES VAR_TLS_USE_SNI 187 %token VAR_IPSET VAR_IPSET_NAME_V4 VAR_IPSET_NAME_V6 188 %token VAR_TLS_SESSION_TICKET_KEYS VAR_RPZ VAR_TAGS VAR_RPZ_ACTION_OVERRIDE 189 %token VAR_RPZ_CNAME_OVERRIDE VAR_RPZ_LOG VAR_RPZ_LOG_NAME 190 %token VAR_DYNLIB VAR_DYNLIB_FILE VAR_EDNS_CLIENT_STRING 191 %token VAR_EDNS_CLIENT_STRING_OPCODE VAR_NSID 192 %token VAR_ZONEMD_PERMISSIVE_MODE VAR_ZONEMD_CHECK VAR_ZONEMD_REJECT_ABSENCE 193 %token VAR_RPZ_SIGNAL_NXDOMAIN_RA VAR_INTERFACE_AUTOMATIC_PORTS VAR_EDE 194 %token VAR_INTERFACE_ACTION VAR_INTERFACE_VIEW VAR_INTERFACE_TAG 195 %token VAR_INTERFACE_TAG_ACTION VAR_INTERFACE_TAG_DATA 196 %token VAR_PROXY_PROTOCOL_PORT 197 198 %% 199 toplevelvars: /* empty */ | toplevelvars toplevelvar ; 200 toplevelvar: serverstart contents_server | stubstart contents_stub | 201 forwardstart contents_forward | pythonstart contents_py | 202 rcstart contents_rc | dtstart contents_dt | viewstart contents_view | 203 dnscstart contents_dnsc | cachedbstart contents_cachedb | 204 ipsetstart contents_ipset | authstart contents_auth | 205 rpzstart contents_rpz | dynlibstart contents_dl | 206 force_toplevel 207 ; 208 force_toplevel: VAR_FORCE_TOPLEVEL 209 { 210 OUTYY(("\nP(force-toplevel)\n")); 211 cfg_parser->started_toplevel = 0; 212 } 213 ; 214 /* server: declaration */ 215 serverstart: VAR_SERVER 216 { 217 OUTYY(("\nP(server:)\n")); 218 cfg_parser->started_toplevel = 1; 219 } 220 ; 221 contents_server: contents_server content_server 222 | ; 223 content_server: server_num_threads | server_verbosity | server_port | 224 server_outgoing_range | server_do_ip4 | 225 server_do_ip6 | server_prefer_ip4 | server_prefer_ip6 | 226 server_do_udp | server_do_tcp | 227 server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout | 228 server_tcp_keepalive | server_tcp_keepalive_timeout | 229 server_interface | server_chroot | server_username | 230 server_directory | server_logfile | server_pidfile | 231 server_msg_cache_size | server_msg_cache_slabs | 232 server_num_queries_per_thread | server_rrset_cache_size | 233 server_rrset_cache_slabs | server_outgoing_num_tcp | 234 server_infra_host_ttl | server_infra_lame_ttl | 235 server_infra_cache_slabs | server_infra_cache_numhosts | 236 server_infra_cache_lame_size | server_target_fetch_policy | 237 server_harden_short_bufsize | server_harden_large_queries | 238 server_do_not_query_address | server_hide_identity | 239 server_hide_version | server_identity | server_version | 240 server_hide_http_user_agent | server_http_user_agent | 241 server_harden_glue | server_module_conf | server_trust_anchor_file | 242 server_trust_anchor | server_val_override_date | server_bogus_ttl | 243 server_val_clean_additional | server_val_permissive_mode | 244 server_incoming_num_tcp | server_msg_buffer_size | 245 server_key_cache_size | server_key_cache_slabs | 246 server_trusted_keys_file | server_val_nsec3_keysize_iterations | 247 server_use_syslog | server_outgoing_interface | server_root_hints | 248 server_do_not_query_localhost | server_cache_max_ttl | 249 server_harden_dnssec_stripped | server_access_control | 250 server_local_zone | server_local_data | server_interface_automatic | 251 server_statistics_interval | server_do_daemonize | 252 server_use_caps_for_id | server_statistics_cumulative | 253 server_outgoing_port_permit | server_outgoing_port_avoid | 254 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size | 255 server_harden_referral_path | server_private_address | 256 server_private_domain | server_extended_statistics | 257 server_local_data_ptr | server_jostle_timeout | 258 server_unwanted_reply_threshold | server_log_time_ascii | 259 server_domain_insecure | server_val_sig_skew_min | 260 server_val_sig_skew_max | server_val_max_restart | 261 server_cache_min_ttl | server_val_log_level | 262 server_auto_trust_anchor_file | server_add_holddown | 263 server_del_holddown | server_keep_missing | server_so_rcvbuf | 264 server_edns_buffer_size | server_prefetch | server_prefetch_key | 265 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag | 266 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream | 267 server_log_local_actions | 268 server_ssl_service_key | server_ssl_service_pem | server_ssl_port | 269 server_https_port | server_http_endpoint | server_http_max_streams | 270 server_http_query_buffer_size | server_http_response_buffer_size | 271 server_http_nodelay | server_http_notls_downstream | 272 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size | 273 server_so_reuseport | server_delay_close | server_udp_connect | 274 server_unblock_lan_zones | server_insecure_lan_zones | 275 server_dns64_prefix | server_dns64_synthall | server_dns64_ignore_aaaa | 276 server_infra_cache_min_rtt | server_infra_cache_max_rtt | server_harden_algo_downgrade | 277 server_ip_transparent | server_ip_ratelimit | server_ratelimit | 278 server_ip_dscp | server_infra_keep_probing | 279 server_ip_ratelimit_slabs | server_ratelimit_slabs | 280 server_ip_ratelimit_size | server_ratelimit_size | 281 server_ratelimit_for_domain | 282 server_ratelimit_below_domain | server_ratelimit_factor | 283 server_ip_ratelimit_factor | server_ratelimit_backoff | 284 server_ip_ratelimit_backoff | server_outbound_msg_retry | 285 server_send_client_subnet | server_client_subnet_zone | 286 server_client_subnet_always_forward | server_client_subnet_opcode | 287 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 | 288 server_min_client_subnet_ipv4 | server_min_client_subnet_ipv6 | 289 server_max_ecs_tree_size_ipv4 | server_max_ecs_tree_size_ipv6 | 290 server_caps_whitelist | server_cache_max_negative_ttl | 291 server_permit_small_holddown | server_qname_minimisation | 292 server_ip_freebind | server_define_tag | server_local_zone_tag | 293 server_disable_dnssec_lame_check | server_access_control_tag | 294 server_local_zone_override | server_access_control_tag_action | 295 server_access_control_tag_data | server_access_control_view | 296 server_interface_action | server_interface_view | server_interface_tag | 297 server_interface_tag_action | server_interface_tag_data | 298 server_qname_minimisation_strict | 299 server_pad_responses | server_pad_responses_block_size | 300 server_pad_queries | server_pad_queries_block_size | 301 server_serve_expired | 302 server_serve_expired_ttl | server_serve_expired_ttl_reset | 303 server_serve_expired_reply_ttl | server_serve_expired_client_timeout | 304 server_ede_serve_expired | server_serve_original_ttl | server_fake_dsa | 305 server_log_identity | server_use_systemd | 306 server_response_ip_tag | server_response_ip | server_response_ip_data | 307 server_shm_enable | server_shm_key | server_fake_sha1 | 308 server_hide_trustanchor | server_trust_anchor_signaling | 309 server_root_key_sentinel | 310 server_ipsecmod_enabled | server_ipsecmod_hook | 311 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl | 312 server_ipsecmod_whitelist | server_ipsecmod_strict | 313 server_udp_upstream_without_downstream | server_aggressive_nsec | 314 server_tls_cert_bundle | server_tls_additional_port | server_low_rtt | 315 server_fast_server_permil | server_fast_server_num | server_tls_win_cert | 316 server_tcp_connection_limit | server_log_servfail | server_deny_any | 317 server_unknown_server_time_limit | server_log_tag_queryreply | 318 server_stream_wait_size | server_tls_ciphers | 319 server_tls_ciphersuites | server_tls_session_ticket_keys | 320 server_tls_use_sni | server_edns_client_string | 321 server_edns_client_string_opcode | server_nsid | 322 server_zonemd_permissive_mode | server_max_reuse_tcp_queries | 323 server_tcp_reuse_timeout | server_tcp_auth_query_timeout | 324 server_interface_automatic_ports | server_ede | 325 server_proxy_protocol_port 326 ; 327 stubstart: VAR_STUB_ZONE 328 { 329 struct config_stub* s; 330 OUTYY(("\nP(stub_zone:)\n")); 331 cfg_parser->started_toplevel = 1; 332 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 333 if(s) { 334 s->next = cfg_parser->cfg->stubs; 335 cfg_parser->cfg->stubs = s; 336 } else { 337 yyerror("out of memory"); 338 } 339 } 340 ; 341 contents_stub: contents_stub content_stub 342 | ; 343 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first | 344 stub_no_cache | stub_ssl_upstream | stub_tcp_upstream 345 ; 346 forwardstart: VAR_FORWARD_ZONE 347 { 348 struct config_stub* s; 349 OUTYY(("\nP(forward_zone:)\n")); 350 cfg_parser->started_toplevel = 1; 351 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 352 if(s) { 353 s->next = cfg_parser->cfg->forwards; 354 cfg_parser->cfg->forwards = s; 355 } else { 356 yyerror("out of memory"); 357 } 358 } 359 ; 360 contents_forward: contents_forward content_forward 361 | ; 362 content_forward: forward_name | forward_host | forward_addr | forward_first | 363 forward_no_cache | forward_ssl_upstream | forward_tcp_upstream 364 ; 365 viewstart: VAR_VIEW 366 { 367 struct config_view* s; 368 OUTYY(("\nP(view:)\n")); 369 cfg_parser->started_toplevel = 1; 370 s = (struct config_view*)calloc(1, sizeof(struct config_view)); 371 if(s) { 372 s->next = cfg_parser->cfg->views; 373 if(s->next && !s->next->name) 374 yyerror("view without name"); 375 cfg_parser->cfg->views = s; 376 } else { 377 yyerror("out of memory"); 378 } 379 } 380 ; 381 contents_view: contents_view content_view 382 | ; 383 content_view: view_name | view_local_zone | view_local_data | view_first | 384 view_response_ip | view_response_ip_data | view_local_data_ptr 385 ; 386 authstart: VAR_AUTH_ZONE 387 { 388 struct config_auth* s; 389 OUTYY(("\nP(auth_zone:)\n")); 390 cfg_parser->started_toplevel = 1; 391 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 392 if(s) { 393 s->next = cfg_parser->cfg->auths; 394 cfg_parser->cfg->auths = s; 395 /* defaults for auth zone */ 396 s->for_downstream = 1; 397 s->for_upstream = 1; 398 s->fallback_enabled = 0; 399 s->zonemd_check = 0; 400 s->zonemd_reject_absence = 0; 401 s->isrpz = 0; 402 } else { 403 yyerror("out of memory"); 404 } 405 } 406 ; 407 contents_auth: contents_auth content_auth 408 | ; 409 content_auth: auth_name | auth_zonefile | auth_master | auth_url | 410 auth_for_downstream | auth_for_upstream | auth_fallback_enabled | 411 auth_allow_notify | auth_zonemd_check | auth_zonemd_reject_absence 412 ; 413 414 rpz_tag: VAR_TAGS STRING_ARG 415 { 416 uint8_t* bitlist; 417 size_t len = 0; 418 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 419 bitlist = config_parse_taglist(cfg_parser->cfg, $2, 420 &len); 421 free($2); 422 if(!bitlist) { 423 yyerror("could not parse tags, (define-tag them first)"); 424 } 425 if(bitlist) { 426 cfg_parser->cfg->auths->rpz_taglist = bitlist; 427 cfg_parser->cfg->auths->rpz_taglistlen = len; 428 429 } 430 } 431 ; 432 433 rpz_action_override: VAR_RPZ_ACTION_OVERRIDE STRING_ARG 434 { 435 OUTYY(("P(rpz_action_override:%s)\n", $2)); 436 if(strcmp($2, "nxdomain")!=0 && strcmp($2, "nodata")!=0 && 437 strcmp($2, "passthru")!=0 && strcmp($2, "drop")!=0 && 438 strcmp($2, "cname")!=0 && strcmp($2, "disabled")!=0) { 439 yyerror("rpz-action-override action: expected nxdomain, " 440 "nodata, passthru, drop, cname or disabled"); 441 free($2); 442 cfg_parser->cfg->auths->rpz_action_override = NULL; 443 } 444 else { 445 cfg_parser->cfg->auths->rpz_action_override = $2; 446 } 447 } 448 ; 449 450 rpz_cname_override: VAR_RPZ_CNAME_OVERRIDE STRING_ARG 451 { 452 OUTYY(("P(rpz_cname_override:%s)\n", $2)); 453 free(cfg_parser->cfg->auths->rpz_cname); 454 cfg_parser->cfg->auths->rpz_cname = $2; 455 } 456 ; 457 458 rpz_log: VAR_RPZ_LOG STRING_ARG 459 { 460 OUTYY(("P(rpz_log:%s)\n", $2)); 461 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 462 yyerror("expected yes or no."); 463 else cfg_parser->cfg->auths->rpz_log = (strcmp($2, "yes")==0); 464 free($2); 465 } 466 ; 467 468 rpz_log_name: VAR_RPZ_LOG_NAME STRING_ARG 469 { 470 OUTYY(("P(rpz_log_name:%s)\n", $2)); 471 free(cfg_parser->cfg->auths->rpz_log_name); 472 cfg_parser->cfg->auths->rpz_log_name = $2; 473 } 474 ; 475 rpz_signal_nxdomain_ra: VAR_RPZ_SIGNAL_NXDOMAIN_RA STRING_ARG 476 { 477 OUTYY(("P(rpz_signal_nxdomain_ra:%s)\n", $2)); 478 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 479 yyerror("expected yes or no."); 480 else cfg_parser->cfg->auths->rpz_signal_nxdomain_ra = (strcmp($2, "yes")==0); 481 free($2); 482 } 483 ; 484 485 rpzstart: VAR_RPZ 486 { 487 struct config_auth* s; 488 OUTYY(("\nP(rpz:)\n")); 489 cfg_parser->started_toplevel = 1; 490 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 491 if(s) { 492 s->next = cfg_parser->cfg->auths; 493 cfg_parser->cfg->auths = s; 494 /* defaults for RPZ auth zone */ 495 s->for_downstream = 0; 496 s->for_upstream = 0; 497 s->fallback_enabled = 0; 498 s->isrpz = 1; 499 } else { 500 yyerror("out of memory"); 501 } 502 } 503 ; 504 contents_rpz: contents_rpz content_rpz 505 | ; 506 content_rpz: auth_name | auth_zonefile | rpz_tag | auth_master | auth_url | 507 auth_allow_notify | rpz_action_override | rpz_cname_override | 508 rpz_log | rpz_log_name | rpz_signal_nxdomain_ra | auth_for_downstream 509 ; 510 server_num_threads: VAR_NUM_THREADS STRING_ARG 511 { 512 OUTYY(("P(server_num_threads:%s)\n", $2)); 513 if(atoi($2) == 0 && strcmp($2, "0") != 0) 514 yyerror("number expected"); 515 else cfg_parser->cfg->num_threads = atoi($2); 516 free($2); 517 } 518 ; 519 server_verbosity: VAR_VERBOSITY STRING_ARG 520 { 521 OUTYY(("P(server_verbosity:%s)\n", $2)); 522 if(atoi($2) == 0 && strcmp($2, "0") != 0) 523 yyerror("number expected"); 524 else cfg_parser->cfg->verbosity = atoi($2); 525 free($2); 526 } 527 ; 528 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG 529 { 530 OUTYY(("P(server_statistics_interval:%s)\n", $2)); 531 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 532 cfg_parser->cfg->stat_interval = 0; 533 else if(atoi($2) == 0) 534 yyerror("number expected"); 535 else cfg_parser->cfg->stat_interval = atoi($2); 536 free($2); 537 } 538 ; 539 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG 540 { 541 OUTYY(("P(server_statistics_cumulative:%s)\n", $2)); 542 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 543 yyerror("expected yes or no."); 544 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0); 545 free($2); 546 } 547 ; 548 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG 549 { 550 OUTYY(("P(server_extended_statistics:%s)\n", $2)); 551 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 552 yyerror("expected yes or no."); 553 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0); 554 free($2); 555 } 556 ; 557 server_shm_enable: VAR_SHM_ENABLE STRING_ARG 558 { 559 OUTYY(("P(server_shm_enable:%s)\n", $2)); 560 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 561 yyerror("expected yes or no."); 562 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0); 563 free($2); 564 } 565 ; 566 server_shm_key: VAR_SHM_KEY STRING_ARG 567 { 568 OUTYY(("P(server_shm_key:%s)\n", $2)); 569 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 570 cfg_parser->cfg->shm_key = 0; 571 else if(atoi($2) == 0) 572 yyerror("number expected"); 573 else cfg_parser->cfg->shm_key = atoi($2); 574 free($2); 575 } 576 ; 577 server_port: VAR_PORT STRING_ARG 578 { 579 OUTYY(("P(server_port:%s)\n", $2)); 580 if(atoi($2) == 0) 581 yyerror("port number expected"); 582 else cfg_parser->cfg->port = atoi($2); 583 free($2); 584 } 585 ; 586 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG 587 { 588 #ifdef CLIENT_SUBNET 589 OUTYY(("P(server_send_client_subnet:%s)\n", $2)); 590 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2)) 591 fatal_exit("out of memory adding client-subnet"); 592 #else 593 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 594 free($2); 595 #endif 596 } 597 ; 598 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG 599 { 600 #ifdef CLIENT_SUBNET 601 OUTYY(("P(server_client_subnet_zone:%s)\n", $2)); 602 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone, 603 $2)) 604 fatal_exit("out of memory adding client-subnet-zone"); 605 #else 606 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 607 free($2); 608 #endif 609 } 610 ; 611 server_client_subnet_always_forward: 612 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG 613 { 614 #ifdef CLIENT_SUBNET 615 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2)); 616 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 617 yyerror("expected yes or no."); 618 else 619 cfg_parser->cfg->client_subnet_always_forward = 620 (strcmp($2, "yes")==0); 621 #else 622 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 623 #endif 624 free($2); 625 } 626 ; 627 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG 628 { 629 #ifdef CLIENT_SUBNET 630 OUTYY(("P(client_subnet_opcode:%s)\n", $2)); 631 OUTYY(("P(Deprecated option, ignoring)\n")); 632 #else 633 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 634 #endif 635 free($2); 636 } 637 ; 638 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG 639 { 640 #ifdef CLIENT_SUBNET 641 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2)); 642 if(atoi($2) == 0 && strcmp($2, "0") != 0) 643 yyerror("IPv4 subnet length expected"); 644 else if (atoi($2) > 32) 645 cfg_parser->cfg->max_client_subnet_ipv4 = 32; 646 else if (atoi($2) < 0) 647 cfg_parser->cfg->max_client_subnet_ipv4 = 0; 648 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2); 649 #else 650 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 651 #endif 652 free($2); 653 } 654 ; 655 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG 656 { 657 #ifdef CLIENT_SUBNET 658 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2)); 659 if(atoi($2) == 0 && strcmp($2, "0") != 0) 660 yyerror("Ipv6 subnet length expected"); 661 else if (atoi($2) > 128) 662 cfg_parser->cfg->max_client_subnet_ipv6 = 128; 663 else if (atoi($2) < 0) 664 cfg_parser->cfg->max_client_subnet_ipv6 = 0; 665 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2); 666 #else 667 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 668 #endif 669 free($2); 670 } 671 ; 672 server_min_client_subnet_ipv4: VAR_MIN_CLIENT_SUBNET_IPV4 STRING_ARG 673 { 674 #ifdef CLIENT_SUBNET 675 OUTYY(("P(min_client_subnet_ipv4:%s)\n", $2)); 676 if(atoi($2) == 0 && strcmp($2, "0") != 0) 677 yyerror("IPv4 subnet length expected"); 678 else if (atoi($2) > 32) 679 cfg_parser->cfg->min_client_subnet_ipv4 = 32; 680 else if (atoi($2) < 0) 681 cfg_parser->cfg->min_client_subnet_ipv4 = 0; 682 else cfg_parser->cfg->min_client_subnet_ipv4 = (uint8_t)atoi($2); 683 #else 684 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 685 #endif 686 free($2); 687 } 688 ; 689 server_min_client_subnet_ipv6: VAR_MIN_CLIENT_SUBNET_IPV6 STRING_ARG 690 { 691 #ifdef CLIENT_SUBNET 692 OUTYY(("P(min_client_subnet_ipv6:%s)\n", $2)); 693 if(atoi($2) == 0 && strcmp($2, "0") != 0) 694 yyerror("Ipv6 subnet length expected"); 695 else if (atoi($2) > 128) 696 cfg_parser->cfg->min_client_subnet_ipv6 = 128; 697 else if (atoi($2) < 0) 698 cfg_parser->cfg->min_client_subnet_ipv6 = 0; 699 else cfg_parser->cfg->min_client_subnet_ipv6 = (uint8_t)atoi($2); 700 #else 701 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 702 #endif 703 free($2); 704 } 705 ; 706 server_max_ecs_tree_size_ipv4: VAR_MAX_ECS_TREE_SIZE_IPV4 STRING_ARG 707 { 708 #ifdef CLIENT_SUBNET 709 OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", $2)); 710 if(atoi($2) == 0 && strcmp($2, "0") != 0) 711 yyerror("IPv4 ECS tree size expected"); 712 else if (atoi($2) < 0) 713 cfg_parser->cfg->max_ecs_tree_size_ipv4 = 0; 714 else cfg_parser->cfg->max_ecs_tree_size_ipv4 = (uint32_t)atoi($2); 715 #else 716 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 717 #endif 718 free($2); 719 } 720 ; 721 server_max_ecs_tree_size_ipv6: VAR_MAX_ECS_TREE_SIZE_IPV6 STRING_ARG 722 { 723 #ifdef CLIENT_SUBNET 724 OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", $2)); 725 if(atoi($2) == 0 && strcmp($2, "0") != 0) 726 yyerror("IPv6 ECS tree size expected"); 727 else if (atoi($2) < 0) 728 cfg_parser->cfg->max_ecs_tree_size_ipv6 = 0; 729 else cfg_parser->cfg->max_ecs_tree_size_ipv6 = (uint32_t)atoi($2); 730 #else 731 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 732 #endif 733 free($2); 734 } 735 ; 736 server_interface: VAR_INTERFACE STRING_ARG 737 { 738 OUTYY(("P(server_interface:%s)\n", $2)); 739 if(cfg_parser->cfg->num_ifs == 0) 740 cfg_parser->cfg->ifs = calloc(1, sizeof(char*)); 741 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs, 742 (cfg_parser->cfg->num_ifs+1)*sizeof(char*)); 743 if(!cfg_parser->cfg->ifs) 744 yyerror("out of memory"); 745 else 746 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2; 747 } 748 ; 749 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG 750 { 751 OUTYY(("P(server_outgoing_interface:%s)\n", $2)); 752 if(cfg_parser->cfg->num_out_ifs == 0) 753 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*)); 754 else cfg_parser->cfg->out_ifs = realloc( 755 cfg_parser->cfg->out_ifs, 756 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*)); 757 if(!cfg_parser->cfg->out_ifs) 758 yyerror("out of memory"); 759 else 760 cfg_parser->cfg->out_ifs[ 761 cfg_parser->cfg->num_out_ifs++] = $2; 762 } 763 ; 764 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG 765 { 766 OUTYY(("P(server_outgoing_range:%s)\n", $2)); 767 if(atoi($2) == 0) 768 yyerror("number expected"); 769 else cfg_parser->cfg->outgoing_num_ports = atoi($2); 770 free($2); 771 } 772 ; 773 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG 774 { 775 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2)); 776 if(!cfg_mark_ports($2, 1, 777 cfg_parser->cfg->outgoing_avail_ports, 65536)) 778 yyerror("port number or range (\"low-high\") expected"); 779 free($2); 780 } 781 ; 782 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG 783 { 784 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2)); 785 if(!cfg_mark_ports($2, 0, 786 cfg_parser->cfg->outgoing_avail_ports, 65536)) 787 yyerror("port number or range (\"low-high\") expected"); 788 free($2); 789 } 790 ; 791 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG 792 { 793 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2)); 794 if(atoi($2) == 0 && strcmp($2, "0") != 0) 795 yyerror("number expected"); 796 else cfg_parser->cfg->outgoing_num_tcp = atoi($2); 797 free($2); 798 } 799 ; 800 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG 801 { 802 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2)); 803 if(atoi($2) == 0 && strcmp($2, "0") != 0) 804 yyerror("number expected"); 805 else cfg_parser->cfg->incoming_num_tcp = atoi($2); 806 free($2); 807 } 808 ; 809 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG 810 { 811 OUTYY(("P(server_interface_automatic:%s)\n", $2)); 812 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 813 yyerror("expected yes or no."); 814 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0); 815 free($2); 816 } 817 ; 818 server_interface_automatic_ports: VAR_INTERFACE_AUTOMATIC_PORTS STRING_ARG 819 { 820 OUTYY(("P(server_interface_automatic_ports:%s)\n", $2)); 821 free(cfg_parser->cfg->if_automatic_ports); 822 cfg_parser->cfg->if_automatic_ports = $2; 823 } 824 ; 825 server_do_ip4: VAR_DO_IP4 STRING_ARG 826 { 827 OUTYY(("P(server_do_ip4:%s)\n", $2)); 828 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 829 yyerror("expected yes or no."); 830 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0); 831 free($2); 832 } 833 ; 834 server_do_ip6: VAR_DO_IP6 STRING_ARG 835 { 836 OUTYY(("P(server_do_ip6:%s)\n", $2)); 837 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 838 yyerror("expected yes or no."); 839 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0); 840 free($2); 841 } 842 ; 843 server_do_udp: VAR_DO_UDP STRING_ARG 844 { 845 OUTYY(("P(server_do_udp:%s)\n", $2)); 846 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 847 yyerror("expected yes or no."); 848 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0); 849 free($2); 850 } 851 ; 852 server_do_tcp: VAR_DO_TCP STRING_ARG 853 { 854 OUTYY(("P(server_do_tcp:%s)\n", $2)); 855 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 856 yyerror("expected yes or no."); 857 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0); 858 free($2); 859 } 860 ; 861 server_prefer_ip4: VAR_PREFER_IP4 STRING_ARG 862 { 863 OUTYY(("P(server_prefer_ip4:%s)\n", $2)); 864 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 865 yyerror("expected yes or no."); 866 else cfg_parser->cfg->prefer_ip4 = (strcmp($2, "yes")==0); 867 free($2); 868 } 869 ; 870 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG 871 { 872 OUTYY(("P(server_prefer_ip6:%s)\n", $2)); 873 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 874 yyerror("expected yes or no."); 875 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0); 876 free($2); 877 } 878 ; 879 server_tcp_mss: VAR_TCP_MSS STRING_ARG 880 { 881 OUTYY(("P(server_tcp_mss:%s)\n", $2)); 882 if(atoi($2) == 0 && strcmp($2, "0") != 0) 883 yyerror("number expected"); 884 else cfg_parser->cfg->tcp_mss = atoi($2); 885 free($2); 886 } 887 ; 888 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG 889 { 890 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2)); 891 if(atoi($2) == 0 && strcmp($2, "0") != 0) 892 yyerror("number expected"); 893 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2); 894 free($2); 895 } 896 ; 897 server_tcp_idle_timeout: VAR_TCP_IDLE_TIMEOUT STRING_ARG 898 { 899 OUTYY(("P(server_tcp_idle_timeout:%s)\n", $2)); 900 if(atoi($2) == 0 && strcmp($2, "0") != 0) 901 yyerror("number expected"); 902 else if (atoi($2) > 120000) 903 cfg_parser->cfg->tcp_idle_timeout = 120000; 904 else if (atoi($2) < 1) 905 cfg_parser->cfg->tcp_idle_timeout = 1; 906 else cfg_parser->cfg->tcp_idle_timeout = atoi($2); 907 free($2); 908 } 909 ; 910 server_max_reuse_tcp_queries: VAR_MAX_REUSE_TCP_QUERIES STRING_ARG 911 { 912 OUTYY(("P(server_max_reuse_tcp_queries:%s)\n", $2)); 913 if(atoi($2) == 0 && strcmp($2, "0") != 0) 914 yyerror("number expected"); 915 else if (atoi($2) < 1) 916 cfg_parser->cfg->max_reuse_tcp_queries = 0; 917 else cfg_parser->cfg->max_reuse_tcp_queries = atoi($2); 918 free($2); 919 } 920 ; 921 server_tcp_reuse_timeout: VAR_TCP_REUSE_TIMEOUT STRING_ARG 922 { 923 OUTYY(("P(server_tcp_reuse_timeout:%s)\n", $2)); 924 if(atoi($2) == 0 && strcmp($2, "0") != 0) 925 yyerror("number expected"); 926 else if (atoi($2) < 1) 927 cfg_parser->cfg->tcp_reuse_timeout = 0; 928 else cfg_parser->cfg->tcp_reuse_timeout = atoi($2); 929 free($2); 930 } 931 ; 932 server_tcp_auth_query_timeout: VAR_TCP_AUTH_QUERY_TIMEOUT STRING_ARG 933 { 934 OUTYY(("P(server_tcp_auth_query_timeout:%s)\n", $2)); 935 if(atoi($2) == 0 && strcmp($2, "0") != 0) 936 yyerror("number expected"); 937 else if (atoi($2) < 1) 938 cfg_parser->cfg->tcp_auth_query_timeout = 0; 939 else cfg_parser->cfg->tcp_auth_query_timeout = atoi($2); 940 free($2); 941 } 942 ; 943 server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG 944 { 945 OUTYY(("P(server_tcp_keepalive:%s)\n", $2)); 946 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 947 yyerror("expected yes or no."); 948 else cfg_parser->cfg->do_tcp_keepalive = (strcmp($2, "yes")==0); 949 free($2); 950 } 951 ; 952 server_tcp_keepalive_timeout: VAR_EDNS_TCP_KEEPALIVE_TIMEOUT STRING_ARG 953 { 954 OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", $2)); 955 if(atoi($2) == 0 && strcmp($2, "0") != 0) 956 yyerror("number expected"); 957 else if (atoi($2) > 6553500) 958 cfg_parser->cfg->tcp_keepalive_timeout = 6553500; 959 else if (atoi($2) < 1) 960 cfg_parser->cfg->tcp_keepalive_timeout = 0; 961 else cfg_parser->cfg->tcp_keepalive_timeout = atoi($2); 962 free($2); 963 } 964 ; 965 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG 966 { 967 OUTYY(("P(server_tcp_upstream:%s)\n", $2)); 968 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 969 yyerror("expected yes or no."); 970 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0); 971 free($2); 972 } 973 ; 974 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG 975 { 976 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2)); 977 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 978 yyerror("expected yes or no."); 979 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0); 980 free($2); 981 } 982 ; 983 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG 984 { 985 OUTYY(("P(server_ssl_upstream:%s)\n", $2)); 986 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 987 yyerror("expected yes or no."); 988 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0); 989 free($2); 990 } 991 ; 992 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG 993 { 994 OUTYY(("P(server_ssl_service_key:%s)\n", $2)); 995 free(cfg_parser->cfg->ssl_service_key); 996 cfg_parser->cfg->ssl_service_key = $2; 997 } 998 ; 999 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG 1000 { 1001 OUTYY(("P(server_ssl_service_pem:%s)\n", $2)); 1002 free(cfg_parser->cfg->ssl_service_pem); 1003 cfg_parser->cfg->ssl_service_pem = $2; 1004 } 1005 ; 1006 server_ssl_port: VAR_SSL_PORT STRING_ARG 1007 { 1008 OUTYY(("P(server_ssl_port:%s)\n", $2)); 1009 if(atoi($2) == 0) 1010 yyerror("port number expected"); 1011 else cfg_parser->cfg->ssl_port = atoi($2); 1012 free($2); 1013 } 1014 ; 1015 server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG 1016 { 1017 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2)); 1018 free(cfg_parser->cfg->tls_cert_bundle); 1019 cfg_parser->cfg->tls_cert_bundle = $2; 1020 } 1021 ; 1022 server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG 1023 { 1024 OUTYY(("P(server_tls_win_cert:%s)\n", $2)); 1025 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1026 yyerror("expected yes or no."); 1027 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0); 1028 free($2); 1029 } 1030 ; 1031 server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG 1032 { 1033 OUTYY(("P(server_tls_additional_port:%s)\n", $2)); 1034 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port, 1035 $2)) 1036 yyerror("out of memory"); 1037 } 1038 ; 1039 server_tls_ciphers: VAR_TLS_CIPHERS STRING_ARG 1040 { 1041 OUTYY(("P(server_tls_ciphers:%s)\n", $2)); 1042 free(cfg_parser->cfg->tls_ciphers); 1043 cfg_parser->cfg->tls_ciphers = $2; 1044 } 1045 ; 1046 server_tls_ciphersuites: VAR_TLS_CIPHERSUITES STRING_ARG 1047 { 1048 OUTYY(("P(server_tls_ciphersuites:%s)\n", $2)); 1049 free(cfg_parser->cfg->tls_ciphersuites); 1050 cfg_parser->cfg->tls_ciphersuites = $2; 1051 } 1052 ; 1053 server_tls_session_ticket_keys: VAR_TLS_SESSION_TICKET_KEYS STRING_ARG 1054 { 1055 OUTYY(("P(server_tls_session_ticket_keys:%s)\n", $2)); 1056 if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys, 1057 $2)) 1058 yyerror("out of memory"); 1059 } 1060 ; 1061 server_tls_use_sni: VAR_TLS_USE_SNI STRING_ARG 1062 { 1063 OUTYY(("P(server_tls_use_sni:%s)\n", $2)); 1064 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1065 yyerror("expected yes or no."); 1066 else cfg_parser->cfg->tls_use_sni = (strcmp($2, "yes")==0); 1067 free($2); 1068 } 1069 ; 1070 server_https_port: VAR_HTTPS_PORT STRING_ARG 1071 { 1072 OUTYY(("P(server_https_port:%s)\n", $2)); 1073 if(atoi($2) == 0) 1074 yyerror("port number expected"); 1075 else cfg_parser->cfg->https_port = atoi($2); 1076 free($2); 1077 }; 1078 server_http_endpoint: VAR_HTTP_ENDPOINT STRING_ARG 1079 { 1080 OUTYY(("P(server_http_endpoint:%s)\n", $2)); 1081 free(cfg_parser->cfg->http_endpoint); 1082 if($2 && $2[0] != '/') { 1083 cfg_parser->cfg->http_endpoint = malloc(strlen($2)+2); 1084 if(!cfg_parser->cfg->http_endpoint) 1085 yyerror("out of memory"); 1086 cfg_parser->cfg->http_endpoint[0] = '/'; 1087 memmove(cfg_parser->cfg->http_endpoint+1, $2, 1088 strlen($2)+1); 1089 free($2); 1090 } else { 1091 cfg_parser->cfg->http_endpoint = $2; 1092 } 1093 }; 1094 server_http_max_streams: VAR_HTTP_MAX_STREAMS STRING_ARG 1095 { 1096 OUTYY(("P(server_http_max_streams:%s)\n", $2)); 1097 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1098 yyerror("number expected"); 1099 else cfg_parser->cfg->http_max_streams = atoi($2); 1100 free($2); 1101 }; 1102 server_http_query_buffer_size: VAR_HTTP_QUERY_BUFFER_SIZE STRING_ARG 1103 { 1104 OUTYY(("P(server_http_query_buffer_size:%s)\n", $2)); 1105 if(!cfg_parse_memsize($2, 1106 &cfg_parser->cfg->http_query_buffer_size)) 1107 yyerror("memory size expected"); 1108 free($2); 1109 }; 1110 server_http_response_buffer_size: VAR_HTTP_RESPONSE_BUFFER_SIZE STRING_ARG 1111 { 1112 OUTYY(("P(server_http_response_buffer_size:%s)\n", $2)); 1113 if(!cfg_parse_memsize($2, 1114 &cfg_parser->cfg->http_response_buffer_size)) 1115 yyerror("memory size expected"); 1116 free($2); 1117 }; 1118 server_http_nodelay: VAR_HTTP_NODELAY STRING_ARG 1119 { 1120 OUTYY(("P(server_http_nodelay:%s)\n", $2)); 1121 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1122 yyerror("expected yes or no."); 1123 else cfg_parser->cfg->http_nodelay = (strcmp($2, "yes")==0); 1124 free($2); 1125 } 1126 server_http_notls_downstream: VAR_HTTP_NOTLS_DOWNSTREAM STRING_ARG 1127 { 1128 OUTYY(("P(server_http_notls_downstream:%s)\n", $2)); 1129 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1130 yyerror("expected yes or no."); 1131 else cfg_parser->cfg->http_notls_downstream = (strcmp($2, "yes")==0); 1132 free($2); 1133 }; 1134 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG 1135 { 1136 OUTYY(("P(server_use_systemd:%s)\n", $2)); 1137 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1138 yyerror("expected yes or no."); 1139 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0); 1140 free($2); 1141 } 1142 ; 1143 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG 1144 { 1145 OUTYY(("P(server_do_daemonize:%s)\n", $2)); 1146 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1147 yyerror("expected yes or no."); 1148 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0); 1149 free($2); 1150 } 1151 ; 1152 server_use_syslog: VAR_USE_SYSLOG STRING_ARG 1153 { 1154 OUTYY(("P(server_use_syslog:%s)\n", $2)); 1155 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1156 yyerror("expected yes or no."); 1157 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0); 1158 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS) 1159 if(strcmp($2, "yes") == 0) 1160 yyerror("no syslog services are available. " 1161 "(reconfigure and compile to add)"); 1162 #endif 1163 free($2); 1164 } 1165 ; 1166 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG 1167 { 1168 OUTYY(("P(server_log_time_ascii:%s)\n", $2)); 1169 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1170 yyerror("expected yes or no."); 1171 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0); 1172 free($2); 1173 } 1174 ; 1175 server_log_queries: VAR_LOG_QUERIES STRING_ARG 1176 { 1177 OUTYY(("P(server_log_queries:%s)\n", $2)); 1178 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1179 yyerror("expected yes or no."); 1180 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0); 1181 free($2); 1182 } 1183 ; 1184 server_log_replies: VAR_LOG_REPLIES STRING_ARG 1185 { 1186 OUTYY(("P(server_log_replies:%s)\n", $2)); 1187 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1188 yyerror("expected yes or no."); 1189 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0); 1190 free($2); 1191 } 1192 ; 1193 server_log_tag_queryreply: VAR_LOG_TAG_QUERYREPLY STRING_ARG 1194 { 1195 OUTYY(("P(server_log_tag_queryreply:%s)\n", $2)); 1196 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1197 yyerror("expected yes or no."); 1198 else cfg_parser->cfg->log_tag_queryreply = (strcmp($2, "yes")==0); 1199 free($2); 1200 } 1201 ; 1202 server_log_servfail: VAR_LOG_SERVFAIL STRING_ARG 1203 { 1204 OUTYY(("P(server_log_servfail:%s)\n", $2)); 1205 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1206 yyerror("expected yes or no."); 1207 else cfg_parser->cfg->log_servfail = (strcmp($2, "yes")==0); 1208 free($2); 1209 } 1210 ; 1211 server_log_local_actions: VAR_LOG_LOCAL_ACTIONS STRING_ARG 1212 { 1213 OUTYY(("P(server_log_local_actions:%s)\n", $2)); 1214 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1215 yyerror("expected yes or no."); 1216 else cfg_parser->cfg->log_local_actions = (strcmp($2, "yes")==0); 1217 free($2); 1218 } 1219 ; 1220 server_chroot: VAR_CHROOT STRING_ARG 1221 { 1222 OUTYY(("P(server_chroot:%s)\n", $2)); 1223 free(cfg_parser->cfg->chrootdir); 1224 cfg_parser->cfg->chrootdir = $2; 1225 } 1226 ; 1227 server_username: VAR_USERNAME STRING_ARG 1228 { 1229 OUTYY(("P(server_username:%s)\n", $2)); 1230 free(cfg_parser->cfg->username); 1231 cfg_parser->cfg->username = $2; 1232 } 1233 ; 1234 server_directory: VAR_DIRECTORY STRING_ARG 1235 { 1236 OUTYY(("P(server_directory:%s)\n", $2)); 1237 free(cfg_parser->cfg->directory); 1238 cfg_parser->cfg->directory = $2; 1239 /* change there right away for includes relative to this */ 1240 if($2[0]) { 1241 char* d; 1242 #ifdef UB_ON_WINDOWS 1243 w_config_adjust_directory(cfg_parser->cfg); 1244 #endif 1245 d = cfg_parser->cfg->directory; 1246 /* adjust directory if we have already chroot, 1247 * like, we reread after sighup */ 1248 if(cfg_parser->chroot && cfg_parser->chroot[0] && 1249 strncmp(d, cfg_parser->chroot, strlen( 1250 cfg_parser->chroot)) == 0) 1251 d += strlen(cfg_parser->chroot); 1252 if(d[0]) { 1253 if(chdir(d)) 1254 log_err("cannot chdir to directory: %s (%s)", 1255 d, strerror(errno)); 1256 } 1257 } 1258 } 1259 ; 1260 server_logfile: VAR_LOGFILE STRING_ARG 1261 { 1262 OUTYY(("P(server_logfile:%s)\n", $2)); 1263 free(cfg_parser->cfg->logfile); 1264 cfg_parser->cfg->logfile = $2; 1265 cfg_parser->cfg->use_syslog = 0; 1266 } 1267 ; 1268 server_pidfile: VAR_PIDFILE STRING_ARG 1269 { 1270 OUTYY(("P(server_pidfile:%s)\n", $2)); 1271 free(cfg_parser->cfg->pidfile); 1272 cfg_parser->cfg->pidfile = $2; 1273 } 1274 ; 1275 server_root_hints: VAR_ROOT_HINTS STRING_ARG 1276 { 1277 OUTYY(("P(server_root_hints:%s)\n", $2)); 1278 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2)) 1279 yyerror("out of memory"); 1280 } 1281 ; 1282 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG 1283 { 1284 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2)); 1285 log_warn("option dlv-anchor-file ignored: DLV is decommissioned"); 1286 free($2); 1287 } 1288 ; 1289 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG 1290 { 1291 OUTYY(("P(server_dlv_anchor:%s)\n", $2)); 1292 log_warn("option dlv-anchor ignored: DLV is decommissioned"); 1293 free($2); 1294 } 1295 ; 1296 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG 1297 { 1298 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2)); 1299 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1300 auto_trust_anchor_file_list, $2)) 1301 yyerror("out of memory"); 1302 } 1303 ; 1304 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG 1305 { 1306 OUTYY(("P(server_trust_anchor_file:%s)\n", $2)); 1307 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1308 trust_anchor_file_list, $2)) 1309 yyerror("out of memory"); 1310 } 1311 ; 1312 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG 1313 { 1314 OUTYY(("P(server_trusted_keys_file:%s)\n", $2)); 1315 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1316 trusted_keys_file_list, $2)) 1317 yyerror("out of memory"); 1318 } 1319 ; 1320 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG 1321 { 1322 OUTYY(("P(server_trust_anchor:%s)\n", $2)); 1323 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2)) 1324 yyerror("out of memory"); 1325 } 1326 ; 1327 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG 1328 { 1329 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2)); 1330 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1331 yyerror("expected yes or no."); 1332 else 1333 cfg_parser->cfg->trust_anchor_signaling = 1334 (strcmp($2, "yes")==0); 1335 free($2); 1336 } 1337 ; 1338 server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG 1339 { 1340 OUTYY(("P(server_root_key_sentinel:%s)\n", $2)); 1341 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1342 yyerror("expected yes or no."); 1343 else 1344 cfg_parser->cfg->root_key_sentinel = 1345 (strcmp($2, "yes")==0); 1346 free($2); 1347 } 1348 ; 1349 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG 1350 { 1351 OUTYY(("P(server_domain_insecure:%s)\n", $2)); 1352 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2)) 1353 yyerror("out of memory"); 1354 } 1355 ; 1356 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG 1357 { 1358 OUTYY(("P(server_hide_identity:%s)\n", $2)); 1359 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1360 yyerror("expected yes or no."); 1361 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0); 1362 free($2); 1363 } 1364 ; 1365 server_hide_version: VAR_HIDE_VERSION STRING_ARG 1366 { 1367 OUTYY(("P(server_hide_version:%s)\n", $2)); 1368 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1369 yyerror("expected yes or no."); 1370 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0); 1371 free($2); 1372 } 1373 ; 1374 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG 1375 { 1376 OUTYY(("P(server_hide_trustanchor:%s)\n", $2)); 1377 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1378 yyerror("expected yes or no."); 1379 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0); 1380 free($2); 1381 } 1382 ; 1383 server_hide_http_user_agent: VAR_HIDE_HTTP_USER_AGENT STRING_ARG 1384 { 1385 OUTYY(("P(server_hide_user_agent:%s)\n", $2)); 1386 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1387 yyerror("expected yes or no."); 1388 else cfg_parser->cfg->hide_http_user_agent = (strcmp($2, "yes")==0); 1389 free($2); 1390 } 1391 ; 1392 server_identity: VAR_IDENTITY STRING_ARG 1393 { 1394 OUTYY(("P(server_identity:%s)\n", $2)); 1395 free(cfg_parser->cfg->identity); 1396 cfg_parser->cfg->identity = $2; 1397 } 1398 ; 1399 server_version: VAR_VERSION STRING_ARG 1400 { 1401 OUTYY(("P(server_version:%s)\n", $2)); 1402 free(cfg_parser->cfg->version); 1403 cfg_parser->cfg->version = $2; 1404 } 1405 ; 1406 server_http_user_agent: VAR_HTTP_USER_AGENT STRING_ARG 1407 { 1408 OUTYY(("P(server_http_user_agent:%s)\n", $2)); 1409 free(cfg_parser->cfg->http_user_agent); 1410 cfg_parser->cfg->http_user_agent = $2; 1411 } 1412 ; 1413 server_nsid: VAR_NSID STRING_ARG 1414 { 1415 OUTYY(("P(server_nsid:%s)\n", $2)); 1416 free(cfg_parser->cfg->nsid_cfg_str); 1417 cfg_parser->cfg->nsid_cfg_str = $2; 1418 free(cfg_parser->cfg->nsid); 1419 cfg_parser->cfg->nsid = NULL; 1420 cfg_parser->cfg->nsid_len = 0; 1421 if (*$2 == 0) 1422 ; /* pass; empty string is not setting nsid */ 1423 else if (!(cfg_parser->cfg->nsid = cfg_parse_nsid( 1424 $2, &cfg_parser->cfg->nsid_len))) 1425 yyerror("the NSID must be either a hex string or an " 1426 "ascii character string prepended with ascii_."); 1427 } 1428 ; 1429 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG 1430 { 1431 OUTYY(("P(server_so_rcvbuf:%s)\n", $2)); 1432 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf)) 1433 yyerror("buffer size expected"); 1434 free($2); 1435 } 1436 ; 1437 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG 1438 { 1439 OUTYY(("P(server_so_sndbuf:%s)\n", $2)); 1440 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf)) 1441 yyerror("buffer size expected"); 1442 free($2); 1443 } 1444 ; 1445 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG 1446 { 1447 OUTYY(("P(server_so_reuseport:%s)\n", $2)); 1448 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1449 yyerror("expected yes or no."); 1450 else cfg_parser->cfg->so_reuseport = 1451 (strcmp($2, "yes")==0); 1452 free($2); 1453 } 1454 ; 1455 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG 1456 { 1457 OUTYY(("P(server_ip_transparent:%s)\n", $2)); 1458 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1459 yyerror("expected yes or no."); 1460 else cfg_parser->cfg->ip_transparent = 1461 (strcmp($2, "yes")==0); 1462 free($2); 1463 } 1464 ; 1465 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG 1466 { 1467 OUTYY(("P(server_ip_freebind:%s)\n", $2)); 1468 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1469 yyerror("expected yes or no."); 1470 else cfg_parser->cfg->ip_freebind = 1471 (strcmp($2, "yes")==0); 1472 free($2); 1473 } 1474 ; 1475 server_ip_dscp: VAR_IP_DSCP STRING_ARG 1476 { 1477 OUTYY(("P(server_ip_dscp:%s)\n", $2)); 1478 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1479 yyerror("number expected"); 1480 else if (atoi($2) > 63) 1481 yyerror("value too large (max 63)"); 1482 else if (atoi($2) < 0) 1483 yyerror("value too small (min 0)"); 1484 else 1485 cfg_parser->cfg->ip_dscp = atoi($2); 1486 free($2); 1487 } 1488 ; 1489 server_stream_wait_size: VAR_STREAM_WAIT_SIZE STRING_ARG 1490 { 1491 OUTYY(("P(server_stream_wait_size:%s)\n", $2)); 1492 if(!cfg_parse_memsize($2, &cfg_parser->cfg->stream_wait_size)) 1493 yyerror("memory size expected"); 1494 free($2); 1495 } 1496 ; 1497 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG 1498 { 1499 OUTYY(("P(server_edns_buffer_size:%s)\n", $2)); 1500 if(atoi($2) == 0) 1501 yyerror("number expected"); 1502 else if (atoi($2) < 12) 1503 yyerror("edns buffer size too small"); 1504 else if (atoi($2) > 65535) 1505 cfg_parser->cfg->edns_buffer_size = 65535; 1506 else cfg_parser->cfg->edns_buffer_size = atoi($2); 1507 free($2); 1508 } 1509 ; 1510 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG 1511 { 1512 OUTYY(("P(server_msg_buffer_size:%s)\n", $2)); 1513 if(atoi($2) == 0) 1514 yyerror("number expected"); 1515 else if (atoi($2) < 4096) 1516 yyerror("message buffer size too small (use 4096)"); 1517 else cfg_parser->cfg->msg_buffer_size = atoi($2); 1518 free($2); 1519 } 1520 ; 1521 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG 1522 { 1523 OUTYY(("P(server_msg_cache_size:%s)\n", $2)); 1524 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size)) 1525 yyerror("memory size expected"); 1526 free($2); 1527 } 1528 ; 1529 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG 1530 { 1531 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2)); 1532 if(atoi($2) == 0) { 1533 yyerror("number expected"); 1534 } else { 1535 cfg_parser->cfg->msg_cache_slabs = atoi($2); 1536 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs)) 1537 yyerror("must be a power of 2"); 1538 } 1539 free($2); 1540 } 1541 ; 1542 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG 1543 { 1544 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2)); 1545 if(atoi($2) == 0) 1546 yyerror("number expected"); 1547 else cfg_parser->cfg->num_queries_per_thread = atoi($2); 1548 free($2); 1549 } 1550 ; 1551 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG 1552 { 1553 OUTYY(("P(server_jostle_timeout:%s)\n", $2)); 1554 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1555 yyerror("number expected"); 1556 else cfg_parser->cfg->jostle_time = atoi($2); 1557 free($2); 1558 } 1559 ; 1560 server_delay_close: VAR_DELAY_CLOSE STRING_ARG 1561 { 1562 OUTYY(("P(server_delay_close:%s)\n", $2)); 1563 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1564 yyerror("number expected"); 1565 else cfg_parser->cfg->delay_close = atoi($2); 1566 free($2); 1567 } 1568 ; 1569 server_udp_connect: VAR_UDP_CONNECT STRING_ARG 1570 { 1571 OUTYY(("P(server_udp_connect:%s)\n", $2)); 1572 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1573 yyerror("expected yes or no."); 1574 else cfg_parser->cfg->udp_connect = (strcmp($2, "yes")==0); 1575 free($2); 1576 } 1577 ; 1578 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG 1579 { 1580 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2)); 1581 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1582 yyerror("expected yes or no."); 1583 else cfg_parser->cfg->unblock_lan_zones = 1584 (strcmp($2, "yes")==0); 1585 free($2); 1586 } 1587 ; 1588 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG 1589 { 1590 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2)); 1591 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1592 yyerror("expected yes or no."); 1593 else cfg_parser->cfg->insecure_lan_zones = 1594 (strcmp($2, "yes")==0); 1595 free($2); 1596 } 1597 ; 1598 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG 1599 { 1600 OUTYY(("P(server_rrset_cache_size:%s)\n", $2)); 1601 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size)) 1602 yyerror("memory size expected"); 1603 free($2); 1604 } 1605 ; 1606 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG 1607 { 1608 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2)); 1609 if(atoi($2) == 0) { 1610 yyerror("number expected"); 1611 } else { 1612 cfg_parser->cfg->rrset_cache_slabs = atoi($2); 1613 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs)) 1614 yyerror("must be a power of 2"); 1615 } 1616 free($2); 1617 } 1618 ; 1619 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG 1620 { 1621 OUTYY(("P(server_infra_host_ttl:%s)\n", $2)); 1622 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1623 yyerror("number expected"); 1624 else cfg_parser->cfg->host_ttl = atoi($2); 1625 free($2); 1626 } 1627 ; 1628 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG 1629 { 1630 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2)); 1631 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option " 1632 "removed, use infra-host-ttl)", $2); 1633 free($2); 1634 } 1635 ; 1636 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG 1637 { 1638 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2)); 1639 if(atoi($2) == 0) 1640 yyerror("number expected"); 1641 else cfg_parser->cfg->infra_cache_numhosts = atoi($2); 1642 free($2); 1643 } 1644 ; 1645 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG 1646 { 1647 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2)); 1648 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s " 1649 "(option removed, use infra-cache-numhosts)", $2); 1650 free($2); 1651 } 1652 ; 1653 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG 1654 { 1655 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2)); 1656 if(atoi($2) == 0) { 1657 yyerror("number expected"); 1658 } else { 1659 cfg_parser->cfg->infra_cache_slabs = atoi($2); 1660 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs)) 1661 yyerror("must be a power of 2"); 1662 } 1663 free($2); 1664 } 1665 ; 1666 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG 1667 { 1668 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2)); 1669 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1670 yyerror("number expected"); 1671 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2); 1672 free($2); 1673 } 1674 ; 1675 server_infra_cache_max_rtt: VAR_INFRA_CACHE_MAX_RTT STRING_ARG 1676 { 1677 OUTYY(("P(server_infra_cache_max_rtt:%s)\n", $2)); 1678 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1679 yyerror("number expected"); 1680 else cfg_parser->cfg->infra_cache_max_rtt = atoi($2); 1681 free($2); 1682 } 1683 ; 1684 server_infra_keep_probing: VAR_INFRA_KEEP_PROBING STRING_ARG 1685 { 1686 OUTYY(("P(server_infra_keep_probing:%s)\n", $2)); 1687 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1688 yyerror("expected yes or no."); 1689 else cfg_parser->cfg->infra_keep_probing = 1690 (strcmp($2, "yes")==0); 1691 free($2); 1692 } 1693 ; 1694 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG 1695 { 1696 OUTYY(("P(server_target_fetch_policy:%s)\n", $2)); 1697 free(cfg_parser->cfg->target_fetch_policy); 1698 cfg_parser->cfg->target_fetch_policy = $2; 1699 } 1700 ; 1701 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG 1702 { 1703 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2)); 1704 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1705 yyerror("expected yes or no."); 1706 else cfg_parser->cfg->harden_short_bufsize = 1707 (strcmp($2, "yes")==0); 1708 free($2); 1709 } 1710 ; 1711 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG 1712 { 1713 OUTYY(("P(server_harden_large_queries:%s)\n", $2)); 1714 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1715 yyerror("expected yes or no."); 1716 else cfg_parser->cfg->harden_large_queries = 1717 (strcmp($2, "yes")==0); 1718 free($2); 1719 } 1720 ; 1721 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG 1722 { 1723 OUTYY(("P(server_harden_glue:%s)\n", $2)); 1724 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1725 yyerror("expected yes or no."); 1726 else cfg_parser->cfg->harden_glue = 1727 (strcmp($2, "yes")==0); 1728 free($2); 1729 } 1730 ; 1731 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG 1732 { 1733 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2)); 1734 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1735 yyerror("expected yes or no."); 1736 else cfg_parser->cfg->harden_dnssec_stripped = 1737 (strcmp($2, "yes")==0); 1738 free($2); 1739 } 1740 ; 1741 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG 1742 { 1743 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2)); 1744 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1745 yyerror("expected yes or no."); 1746 else cfg_parser->cfg->harden_below_nxdomain = 1747 (strcmp($2, "yes")==0); 1748 free($2); 1749 } 1750 ; 1751 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG 1752 { 1753 OUTYY(("P(server_harden_referral_path:%s)\n", $2)); 1754 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1755 yyerror("expected yes or no."); 1756 else cfg_parser->cfg->harden_referral_path = 1757 (strcmp($2, "yes")==0); 1758 free($2); 1759 } 1760 ; 1761 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG 1762 { 1763 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2)); 1764 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1765 yyerror("expected yes or no."); 1766 else cfg_parser->cfg->harden_algo_downgrade = 1767 (strcmp($2, "yes")==0); 1768 free($2); 1769 } 1770 ; 1771 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG 1772 { 1773 OUTYY(("P(server_use_caps_for_id:%s)\n", $2)); 1774 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1775 yyerror("expected yes or no."); 1776 else cfg_parser->cfg->use_caps_bits_for_id = 1777 (strcmp($2, "yes")==0); 1778 free($2); 1779 } 1780 ; 1781 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG 1782 { 1783 OUTYY(("P(server_caps_whitelist:%s)\n", $2)); 1784 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2)) 1785 yyerror("out of memory"); 1786 } 1787 ; 1788 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG 1789 { 1790 OUTYY(("P(server_private_address:%s)\n", $2)); 1791 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2)) 1792 yyerror("out of memory"); 1793 } 1794 ; 1795 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG 1796 { 1797 OUTYY(("P(server_private_domain:%s)\n", $2)); 1798 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2)) 1799 yyerror("out of memory"); 1800 } 1801 ; 1802 server_prefetch: VAR_PREFETCH STRING_ARG 1803 { 1804 OUTYY(("P(server_prefetch:%s)\n", $2)); 1805 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1806 yyerror("expected yes or no."); 1807 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0); 1808 free($2); 1809 } 1810 ; 1811 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG 1812 { 1813 OUTYY(("P(server_prefetch_key:%s)\n", $2)); 1814 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1815 yyerror("expected yes or no."); 1816 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0); 1817 free($2); 1818 } 1819 ; 1820 server_deny_any: VAR_DENY_ANY STRING_ARG 1821 { 1822 OUTYY(("P(server_deny_any:%s)\n", $2)); 1823 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1824 yyerror("expected yes or no."); 1825 else cfg_parser->cfg->deny_any = (strcmp($2, "yes")==0); 1826 free($2); 1827 } 1828 ; 1829 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG 1830 { 1831 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2)); 1832 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1833 yyerror("number expected"); 1834 else cfg_parser->cfg->unwanted_threshold = atoi($2); 1835 free($2); 1836 } 1837 ; 1838 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG 1839 { 1840 OUTYY(("P(server_do_not_query_address:%s)\n", $2)); 1841 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2)) 1842 yyerror("out of memory"); 1843 } 1844 ; 1845 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG 1846 { 1847 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2)); 1848 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1849 yyerror("expected yes or no."); 1850 else cfg_parser->cfg->donotquery_localhost = 1851 (strcmp($2, "yes")==0); 1852 free($2); 1853 } 1854 ; 1855 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG 1856 { 1857 OUTYY(("P(server_access_control:%s %s)\n", $2, $3)); 1858 validate_acl_action($3); 1859 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3)) 1860 fatal_exit("out of memory adding acl"); 1861 } 1862 ; 1863 server_interface_action: VAR_INTERFACE_ACTION STRING_ARG STRING_ARG 1864 { 1865 OUTYY(("P(server_interface_action:%s %s)\n", $2, $3)); 1866 validate_acl_action($3); 1867 if(!cfg_str2list_insert( 1868 &cfg_parser->cfg->interface_actions, $2, $3)) 1869 fatal_exit("out of memory adding acl"); 1870 } 1871 ; 1872 server_module_conf: VAR_MODULE_CONF STRING_ARG 1873 { 1874 OUTYY(("P(server_module_conf:%s)\n", $2)); 1875 free(cfg_parser->cfg->module_conf); 1876 cfg_parser->cfg->module_conf = $2; 1877 } 1878 ; 1879 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG 1880 { 1881 OUTYY(("P(server_val_override_date:%s)\n", $2)); 1882 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1883 cfg_parser->cfg->val_date_override = 0; 1884 } else if(strlen($2) == 14) { 1885 cfg_parser->cfg->val_date_override = 1886 cfg_convert_timeval($2); 1887 if(!cfg_parser->cfg->val_date_override) 1888 yyerror("bad date/time specification"); 1889 } else { 1890 if(atoi($2) == 0) 1891 yyerror("number expected"); 1892 cfg_parser->cfg->val_date_override = atoi($2); 1893 } 1894 free($2); 1895 } 1896 ; 1897 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG 1898 { 1899 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2)); 1900 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1901 cfg_parser->cfg->val_sig_skew_min = 0; 1902 } else { 1903 cfg_parser->cfg->val_sig_skew_min = atoi($2); 1904 if(!cfg_parser->cfg->val_sig_skew_min) 1905 yyerror("number expected"); 1906 } 1907 free($2); 1908 } 1909 ; 1910 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG 1911 { 1912 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2)); 1913 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1914 cfg_parser->cfg->val_sig_skew_max = 0; 1915 } else { 1916 cfg_parser->cfg->val_sig_skew_max = atoi($2); 1917 if(!cfg_parser->cfg->val_sig_skew_max) 1918 yyerror("number expected"); 1919 } 1920 free($2); 1921 } 1922 ; 1923 server_val_max_restart: VAR_VAL_MAX_RESTART STRING_ARG 1924 { 1925 OUTYY(("P(server_val_max_restart:%s)\n", $2)); 1926 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1927 cfg_parser->cfg->val_max_restart = 0; 1928 } else { 1929 cfg_parser->cfg->val_max_restart = atoi($2); 1930 if(!cfg_parser->cfg->val_max_restart) 1931 yyerror("number expected"); 1932 } 1933 free($2); 1934 } 1935 ; 1936 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG 1937 { 1938 OUTYY(("P(server_cache_max_ttl:%s)\n", $2)); 1939 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1940 yyerror("number expected"); 1941 else cfg_parser->cfg->max_ttl = atoi($2); 1942 free($2); 1943 } 1944 ; 1945 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG 1946 { 1947 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2)); 1948 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1949 yyerror("number expected"); 1950 else cfg_parser->cfg->max_negative_ttl = atoi($2); 1951 free($2); 1952 } 1953 ; 1954 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG 1955 { 1956 OUTYY(("P(server_cache_min_ttl:%s)\n", $2)); 1957 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1958 yyerror("number expected"); 1959 else cfg_parser->cfg->min_ttl = atoi($2); 1960 free($2); 1961 } 1962 ; 1963 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG 1964 { 1965 OUTYY(("P(server_bogus_ttl:%s)\n", $2)); 1966 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1967 yyerror("number expected"); 1968 else cfg_parser->cfg->bogus_ttl = atoi($2); 1969 free($2); 1970 } 1971 ; 1972 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG 1973 { 1974 OUTYY(("P(server_val_clean_additional:%s)\n", $2)); 1975 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1976 yyerror("expected yes or no."); 1977 else cfg_parser->cfg->val_clean_additional = 1978 (strcmp($2, "yes")==0); 1979 free($2); 1980 } 1981 ; 1982 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG 1983 { 1984 OUTYY(("P(server_val_permissive_mode:%s)\n", $2)); 1985 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1986 yyerror("expected yes or no."); 1987 else cfg_parser->cfg->val_permissive_mode = 1988 (strcmp($2, "yes")==0); 1989 free($2); 1990 } 1991 ; 1992 server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG 1993 { 1994 OUTYY(("P(server_aggressive_nsec:%s)\n", $2)); 1995 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1996 yyerror("expected yes or no."); 1997 else 1998 cfg_parser->cfg->aggressive_nsec = 1999 (strcmp($2, "yes")==0); 2000 free($2); 2001 } 2002 ; 2003 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG 2004 { 2005 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2)); 2006 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2007 yyerror("expected yes or no."); 2008 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0); 2009 free($2); 2010 } 2011 ; 2012 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG 2013 { 2014 OUTYY(("P(server_serve_expired:%s)\n", $2)); 2015 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2016 yyerror("expected yes or no."); 2017 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0); 2018 free($2); 2019 } 2020 ; 2021 server_serve_expired_ttl: VAR_SERVE_EXPIRED_TTL STRING_ARG 2022 { 2023 OUTYY(("P(server_serve_expired_ttl:%s)\n", $2)); 2024 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2025 yyerror("number expected"); 2026 else cfg_parser->cfg->serve_expired_ttl = atoi($2); 2027 free($2); 2028 } 2029 ; 2030 server_serve_expired_ttl_reset: VAR_SERVE_EXPIRED_TTL_RESET STRING_ARG 2031 { 2032 OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", $2)); 2033 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2034 yyerror("expected yes or no."); 2035 else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp($2, "yes")==0); 2036 free($2); 2037 } 2038 ; 2039 server_serve_expired_reply_ttl: VAR_SERVE_EXPIRED_REPLY_TTL STRING_ARG 2040 { 2041 OUTYY(("P(server_serve_expired_reply_ttl:%s)\n", $2)); 2042 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2043 yyerror("number expected"); 2044 else cfg_parser->cfg->serve_expired_reply_ttl = atoi($2); 2045 free($2); 2046 } 2047 ; 2048 server_serve_expired_client_timeout: VAR_SERVE_EXPIRED_CLIENT_TIMEOUT STRING_ARG 2049 { 2050 OUTYY(("P(server_serve_expired_client_timeout:%s)\n", $2)); 2051 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2052 yyerror("number expected"); 2053 else cfg_parser->cfg->serve_expired_client_timeout = atoi($2); 2054 free($2); 2055 } 2056 ; 2057 server_ede_serve_expired: VAR_EDE_SERVE_EXPIRED STRING_ARG 2058 { 2059 OUTYY(("P(server_ede_serve_expired:%s)\n", $2)); 2060 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2061 yyerror("expected yes or no."); 2062 else cfg_parser->cfg->ede_serve_expired = (strcmp($2, "yes")==0); 2063 free($2); 2064 } 2065 ; 2066 server_serve_original_ttl: VAR_SERVE_ORIGINAL_TTL STRING_ARG 2067 { 2068 OUTYY(("P(server_serve_original_ttl:%s)\n", $2)); 2069 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2070 yyerror("expected yes or no."); 2071 else cfg_parser->cfg->serve_original_ttl = (strcmp($2, "yes")==0); 2072 free($2); 2073 } 2074 ; 2075 server_fake_dsa: VAR_FAKE_DSA STRING_ARG 2076 { 2077 OUTYY(("P(server_fake_dsa:%s)\n", $2)); 2078 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2079 yyerror("expected yes or no."); 2080 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 2081 else fake_dsa = (strcmp($2, "yes")==0); 2082 if(fake_dsa) 2083 log_warn("test option fake_dsa is enabled"); 2084 #endif 2085 free($2); 2086 } 2087 ; 2088 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG 2089 { 2090 OUTYY(("P(server_fake_sha1:%s)\n", $2)); 2091 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2092 yyerror("expected yes or no."); 2093 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 2094 else fake_sha1 = (strcmp($2, "yes")==0); 2095 if(fake_sha1) 2096 log_warn("test option fake_sha1 is enabled"); 2097 #endif 2098 free($2); 2099 } 2100 ; 2101 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG 2102 { 2103 OUTYY(("P(server_val_log_level:%s)\n", $2)); 2104 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2105 yyerror("number expected"); 2106 else cfg_parser->cfg->val_log_level = atoi($2); 2107 free($2); 2108 } 2109 ; 2110 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG 2111 { 2112 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2)); 2113 free(cfg_parser->cfg->val_nsec3_key_iterations); 2114 cfg_parser->cfg->val_nsec3_key_iterations = $2; 2115 } 2116 ; 2117 server_zonemd_permissive_mode: VAR_ZONEMD_PERMISSIVE_MODE STRING_ARG 2118 { 2119 OUTYY(("P(server_zonemd_permissive_mode:%s)\n", $2)); 2120 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2121 yyerror("expected yes or no."); 2122 else cfg_parser->cfg->zonemd_permissive_mode = (strcmp($2, "yes")==0); 2123 free($2); 2124 } 2125 ; 2126 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG 2127 { 2128 OUTYY(("P(server_add_holddown:%s)\n", $2)); 2129 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2130 yyerror("number expected"); 2131 else cfg_parser->cfg->add_holddown = atoi($2); 2132 free($2); 2133 } 2134 ; 2135 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG 2136 { 2137 OUTYY(("P(server_del_holddown:%s)\n", $2)); 2138 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2139 yyerror("number expected"); 2140 else cfg_parser->cfg->del_holddown = atoi($2); 2141 free($2); 2142 } 2143 ; 2144 server_keep_missing: VAR_KEEP_MISSING STRING_ARG 2145 { 2146 OUTYY(("P(server_keep_missing:%s)\n", $2)); 2147 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2148 yyerror("number expected"); 2149 else cfg_parser->cfg->keep_missing = atoi($2); 2150 free($2); 2151 } 2152 ; 2153 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG 2154 { 2155 OUTYY(("P(server_permit_small_holddown:%s)\n", $2)); 2156 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2157 yyerror("expected yes or no."); 2158 else cfg_parser->cfg->permit_small_holddown = 2159 (strcmp($2, "yes")==0); 2160 free($2); 2161 } 2162 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG 2163 { 2164 OUTYY(("P(server_key_cache_size:%s)\n", $2)); 2165 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size)) 2166 yyerror("memory size expected"); 2167 free($2); 2168 } 2169 ; 2170 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG 2171 { 2172 OUTYY(("P(server_key_cache_slabs:%s)\n", $2)); 2173 if(atoi($2) == 0) { 2174 yyerror("number expected"); 2175 } else { 2176 cfg_parser->cfg->key_cache_slabs = atoi($2); 2177 if(!is_pow2(cfg_parser->cfg->key_cache_slabs)) 2178 yyerror("must be a power of 2"); 2179 } 2180 free($2); 2181 } 2182 ; 2183 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG 2184 { 2185 OUTYY(("P(server_neg_cache_size:%s)\n", $2)); 2186 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size)) 2187 yyerror("memory size expected"); 2188 free($2); 2189 } 2190 ; 2191 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 2192 { 2193 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3)); 2194 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 2195 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 2196 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 2197 && strcmp($3, "typetransparent")!=0 2198 && strcmp($3, "always_transparent")!=0 2199 && strcmp($3, "always_refuse")!=0 2200 && strcmp($3, "always_nxdomain")!=0 2201 && strcmp($3, "always_nodata")!=0 2202 && strcmp($3, "always_deny")!=0 2203 && strcmp($3, "always_null")!=0 2204 && strcmp($3, "noview")!=0 2205 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 2206 && strcmp($3, "inform_redirect") != 0 2207 && strcmp($3, "ipset") != 0) { 2208 yyerror("local-zone type: expected static, deny, " 2209 "refuse, redirect, transparent, " 2210 "typetransparent, inform, inform_deny, " 2211 "inform_redirect, always_transparent, " 2212 "always_refuse, always_nxdomain, " 2213 "always_nodata, always_deny, always_null, " 2214 "noview, nodefault or ipset"); 2215 free($2); 2216 free($3); 2217 } else if(strcmp($3, "nodefault")==0) { 2218 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2219 local_zones_nodefault, $2)) 2220 fatal_exit("out of memory adding local-zone"); 2221 free($3); 2222 #ifdef USE_IPSET 2223 } else if(strcmp($3, "ipset")==0) { 2224 size_t len = strlen($2); 2225 /* Make sure to add the trailing dot. 2226 * These are str compared to domain names. */ 2227 if($2[len-1] != '.') { 2228 if(!($2 = realloc($2, len+2))) { 2229 fatal_exit("out of memory adding local-zone"); 2230 } 2231 $2[len] = '.'; 2232 $2[len+1] = 0; 2233 } 2234 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2235 local_zones_ipset, $2)) 2236 fatal_exit("out of memory adding local-zone"); 2237 free($3); 2238 #endif 2239 } else { 2240 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones, 2241 $2, $3)) 2242 fatal_exit("out of memory adding local-zone"); 2243 } 2244 } 2245 ; 2246 server_local_data: VAR_LOCAL_DATA STRING_ARG 2247 { 2248 OUTYY(("P(server_local_data:%s)\n", $2)); 2249 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2)) 2250 fatal_exit("out of memory adding local-data"); 2251 } 2252 ; 2253 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 2254 { 2255 char* ptr; 2256 OUTYY(("P(server_local_data_ptr:%s)\n", $2)); 2257 ptr = cfg_ptr_reverse($2); 2258 free($2); 2259 if(ptr) { 2260 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2261 local_data, ptr)) 2262 fatal_exit("out of memory adding local-data"); 2263 } else { 2264 yyerror("local-data-ptr could not be reversed"); 2265 } 2266 } 2267 ; 2268 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG 2269 { 2270 OUTYY(("P(server_minimal_responses:%s)\n", $2)); 2271 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2272 yyerror("expected yes or no."); 2273 else cfg_parser->cfg->minimal_responses = 2274 (strcmp($2, "yes")==0); 2275 free($2); 2276 } 2277 ; 2278 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG 2279 { 2280 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2)); 2281 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2282 yyerror("expected yes or no."); 2283 else cfg_parser->cfg->rrset_roundrobin = 2284 (strcmp($2, "yes")==0); 2285 free($2); 2286 } 2287 ; 2288 server_unknown_server_time_limit: VAR_UNKNOWN_SERVER_TIME_LIMIT STRING_ARG 2289 { 2290 OUTYY(("P(server_unknown_server_time_limit:%s)\n", $2)); 2291 cfg_parser->cfg->unknown_server_time_limit = atoi($2); 2292 free($2); 2293 } 2294 ; 2295 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG 2296 { 2297 OUTYY(("P(server_max_udp_size:%s)\n", $2)); 2298 cfg_parser->cfg->max_udp_size = atoi($2); 2299 free($2); 2300 } 2301 ; 2302 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG 2303 { 2304 OUTYY(("P(dns64_prefix:%s)\n", $2)); 2305 free(cfg_parser->cfg->dns64_prefix); 2306 cfg_parser->cfg->dns64_prefix = $2; 2307 } 2308 ; 2309 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG 2310 { 2311 OUTYY(("P(server_dns64_synthall:%s)\n", $2)); 2312 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2313 yyerror("expected yes or no."); 2314 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0); 2315 free($2); 2316 } 2317 ; 2318 server_dns64_ignore_aaaa: VAR_DNS64_IGNORE_AAAA STRING_ARG 2319 { 2320 OUTYY(("P(dns64_ignore_aaaa:%s)\n", $2)); 2321 if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa, 2322 $2)) 2323 fatal_exit("out of memory adding dns64-ignore-aaaa"); 2324 } 2325 ; 2326 server_define_tag: VAR_DEFINE_TAG STRING_ARG 2327 { 2328 char* p, *s = $2; 2329 OUTYY(("P(server_define_tag:%s)\n", $2)); 2330 while((p=strsep(&s, " \t\n")) != NULL) { 2331 if(*p) { 2332 if(!config_add_tag(cfg_parser->cfg, p)) 2333 yyerror("could not define-tag, " 2334 "out of memory"); 2335 } 2336 } 2337 free($2); 2338 } 2339 ; 2340 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG 2341 { 2342 size_t len = 0; 2343 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2344 &len); 2345 free($3); 2346 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 2347 if(!bitlist) { 2348 yyerror("could not parse tags, (define-tag them first)"); 2349 free($2); 2350 } 2351 if(bitlist) { 2352 if(!cfg_strbytelist_insert( 2353 &cfg_parser->cfg->local_zone_tags, 2354 $2, bitlist, len)) { 2355 yyerror("out of memory"); 2356 free($2); 2357 } 2358 } 2359 } 2360 ; 2361 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG 2362 { 2363 size_t len = 0; 2364 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2365 &len); 2366 free($3); 2367 OUTYY(("P(server_access_control_tag:%s)\n", $2)); 2368 if(!bitlist) { 2369 yyerror("could not parse tags, (define-tag them first)"); 2370 free($2); 2371 } 2372 if(bitlist) { 2373 if(!cfg_strbytelist_insert( 2374 &cfg_parser->cfg->acl_tags, 2375 $2, bitlist, len)) { 2376 yyerror("out of memory"); 2377 free($2); 2378 } 2379 } 2380 } 2381 ; 2382 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2383 { 2384 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4)); 2385 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions, 2386 $2, $3, $4)) { 2387 yyerror("out of memory"); 2388 free($2); 2389 free($3); 2390 free($4); 2391 } 2392 } 2393 ; 2394 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2395 { 2396 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4)); 2397 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas, 2398 $2, $3, $4)) { 2399 yyerror("out of memory"); 2400 free($2); 2401 free($3); 2402 free($4); 2403 } 2404 } 2405 ; 2406 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG 2407 { 2408 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4)); 2409 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides, 2410 $2, $3, $4)) { 2411 yyerror("out of memory"); 2412 free($2); 2413 free($3); 2414 free($4); 2415 } 2416 } 2417 ; 2418 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG 2419 { 2420 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3)); 2421 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view, 2422 $2, $3)) { 2423 yyerror("out of memory"); 2424 } 2425 } 2426 ; 2427 server_interface_tag: VAR_INTERFACE_TAG STRING_ARG STRING_ARG 2428 { 2429 size_t len = 0; 2430 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2431 &len); 2432 free($3); 2433 OUTYY(("P(server_interface_tag:%s)\n", $2)); 2434 if(!bitlist) { 2435 yyerror("could not parse tags, (define-tag them first)"); 2436 free($2); 2437 } 2438 if(bitlist) { 2439 if(!cfg_strbytelist_insert( 2440 &cfg_parser->cfg->interface_tags, 2441 $2, bitlist, len)) { 2442 yyerror("out of memory"); 2443 free($2); 2444 } 2445 } 2446 } 2447 ; 2448 server_interface_tag_action: VAR_INTERFACE_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2449 { 2450 OUTYY(("P(server_interface_tag_action:%s %s %s)\n", $2, $3, $4)); 2451 if(!cfg_str3list_insert(&cfg_parser->cfg->interface_tag_actions, 2452 $2, $3, $4)) { 2453 yyerror("out of memory"); 2454 free($2); 2455 free($3); 2456 free($4); 2457 } 2458 } 2459 ; 2460 server_interface_tag_data: VAR_INTERFACE_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2461 { 2462 OUTYY(("P(server_interface_tag_data:%s %s %s)\n", $2, $3, $4)); 2463 if(!cfg_str3list_insert(&cfg_parser->cfg->interface_tag_datas, 2464 $2, $3, $4)) { 2465 yyerror("out of memory"); 2466 free($2); 2467 free($3); 2468 free($4); 2469 } 2470 } 2471 ; 2472 server_interface_view: VAR_INTERFACE_VIEW STRING_ARG STRING_ARG 2473 { 2474 OUTYY(("P(server_interface_view:%s %s)\n", $2, $3)); 2475 if(!cfg_str2list_insert(&cfg_parser->cfg->interface_view, 2476 $2, $3)) { 2477 yyerror("out of memory"); 2478 } 2479 } 2480 ; 2481 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG 2482 { 2483 size_t len = 0; 2484 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2485 &len); 2486 free($3); 2487 OUTYY(("P(response_ip_tag:%s)\n", $2)); 2488 if(!bitlist) { 2489 yyerror("could not parse tags, (define-tag them first)"); 2490 free($2); 2491 } 2492 if(bitlist) { 2493 if(!cfg_strbytelist_insert( 2494 &cfg_parser->cfg->respip_tags, 2495 $2, bitlist, len)) { 2496 yyerror("out of memory"); 2497 free($2); 2498 } 2499 } 2500 } 2501 ; 2502 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG 2503 { 2504 OUTYY(("P(server_ip_ratelimit:%s)\n", $2)); 2505 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2506 yyerror("number expected"); 2507 else cfg_parser->cfg->ip_ratelimit = atoi($2); 2508 free($2); 2509 } 2510 ; 2511 server_ratelimit: VAR_RATELIMIT STRING_ARG 2512 { 2513 OUTYY(("P(server_ratelimit:%s)\n", $2)); 2514 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2515 yyerror("number expected"); 2516 else cfg_parser->cfg->ratelimit = atoi($2); 2517 free($2); 2518 } 2519 ; 2520 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG 2521 { 2522 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2)); 2523 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size)) 2524 yyerror("memory size expected"); 2525 free($2); 2526 } 2527 ; 2528 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG 2529 { 2530 OUTYY(("P(server_ratelimit_size:%s)\n", $2)); 2531 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size)) 2532 yyerror("memory size expected"); 2533 free($2); 2534 } 2535 ; 2536 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG 2537 { 2538 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2)); 2539 if(atoi($2) == 0) { 2540 yyerror("number expected"); 2541 } else { 2542 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2); 2543 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs)) 2544 yyerror("must be a power of 2"); 2545 } 2546 free($2); 2547 } 2548 ; 2549 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG 2550 { 2551 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2)); 2552 if(atoi($2) == 0) { 2553 yyerror("number expected"); 2554 } else { 2555 cfg_parser->cfg->ratelimit_slabs = atoi($2); 2556 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs)) 2557 yyerror("must be a power of 2"); 2558 } 2559 free($2); 2560 } 2561 ; 2562 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG 2563 { 2564 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3)); 2565 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2566 yyerror("number expected"); 2567 free($2); 2568 free($3); 2569 } else { 2570 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2571 ratelimit_for_domain, $2, $3)) 2572 fatal_exit("out of memory adding " 2573 "ratelimit-for-domain"); 2574 } 2575 } 2576 ; 2577 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG 2578 { 2579 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3)); 2580 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2581 yyerror("number expected"); 2582 free($2); 2583 free($3); 2584 } else { 2585 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2586 ratelimit_below_domain, $2, $3)) 2587 fatal_exit("out of memory adding " 2588 "ratelimit-below-domain"); 2589 } 2590 } 2591 ; 2592 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG 2593 { 2594 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2)); 2595 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2596 yyerror("number expected"); 2597 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2); 2598 free($2); 2599 } 2600 ; 2601 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG 2602 { 2603 OUTYY(("P(server_ratelimit_factor:%s)\n", $2)); 2604 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2605 yyerror("number expected"); 2606 else cfg_parser->cfg->ratelimit_factor = atoi($2); 2607 free($2); 2608 } 2609 ; 2610 server_ip_ratelimit_backoff: VAR_IP_RATELIMIT_BACKOFF STRING_ARG 2611 { 2612 OUTYY(("P(server_ip_ratelimit_backoff:%s)\n", $2)); 2613 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2614 yyerror("expected yes or no."); 2615 else cfg_parser->cfg->ip_ratelimit_backoff = 2616 (strcmp($2, "yes")==0); 2617 free($2); 2618 } 2619 ; 2620 server_ratelimit_backoff: VAR_RATELIMIT_BACKOFF STRING_ARG 2621 { 2622 OUTYY(("P(server_ratelimit_backoff:%s)\n", $2)); 2623 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2624 yyerror("expected yes or no."); 2625 else cfg_parser->cfg->ratelimit_backoff = 2626 (strcmp($2, "yes")==0); 2627 free($2); 2628 } 2629 ; 2630 server_outbound_msg_retry: VAR_OUTBOUND_MSG_RETRY STRING_ARG 2631 { 2632 OUTYY(("P(server_outbound_msg_retry:%s)\n", $2)); 2633 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2634 yyerror("number expected"); 2635 else cfg_parser->cfg->outbound_msg_retry = atoi($2); 2636 free($2); 2637 } 2638 ; 2639 server_low_rtt: VAR_LOW_RTT STRING_ARG 2640 { 2641 OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n")); 2642 free($2); 2643 } 2644 ; 2645 server_fast_server_num: VAR_FAST_SERVER_NUM STRING_ARG 2646 { 2647 OUTYY(("P(server_fast_server_num:%s)\n", $2)); 2648 if(atoi($2) <= 0) 2649 yyerror("number expected"); 2650 else cfg_parser->cfg->fast_server_num = atoi($2); 2651 free($2); 2652 } 2653 ; 2654 server_fast_server_permil: VAR_FAST_SERVER_PERMIL STRING_ARG 2655 { 2656 OUTYY(("P(server_fast_server_permil:%s)\n", $2)); 2657 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2658 yyerror("number expected"); 2659 else cfg_parser->cfg->fast_server_permil = atoi($2); 2660 free($2); 2661 } 2662 ; 2663 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG 2664 { 2665 OUTYY(("P(server_qname_minimisation:%s)\n", $2)); 2666 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2667 yyerror("expected yes or no."); 2668 else cfg_parser->cfg->qname_minimisation = 2669 (strcmp($2, "yes")==0); 2670 free($2); 2671 } 2672 ; 2673 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG 2674 { 2675 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2)); 2676 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2677 yyerror("expected yes or no."); 2678 else cfg_parser->cfg->qname_minimisation_strict = 2679 (strcmp($2, "yes")==0); 2680 free($2); 2681 } 2682 ; 2683 server_pad_responses: VAR_PAD_RESPONSES STRING_ARG 2684 { 2685 OUTYY(("P(server_pad_responses:%s)\n", $2)); 2686 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2687 yyerror("expected yes or no."); 2688 else cfg_parser->cfg->pad_responses = 2689 (strcmp($2, "yes")==0); 2690 free($2); 2691 } 2692 ; 2693 server_pad_responses_block_size: VAR_PAD_RESPONSES_BLOCK_SIZE STRING_ARG 2694 { 2695 OUTYY(("P(server_pad_responses_block_size:%s)\n", $2)); 2696 if(atoi($2) == 0) 2697 yyerror("number expected"); 2698 else cfg_parser->cfg->pad_responses_block_size = atoi($2); 2699 free($2); 2700 } 2701 ; 2702 server_pad_queries: VAR_PAD_QUERIES STRING_ARG 2703 { 2704 OUTYY(("P(server_pad_queries:%s)\n", $2)); 2705 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2706 yyerror("expected yes or no."); 2707 else cfg_parser->cfg->pad_queries = 2708 (strcmp($2, "yes")==0); 2709 free($2); 2710 } 2711 ; 2712 server_pad_queries_block_size: VAR_PAD_QUERIES_BLOCK_SIZE STRING_ARG 2713 { 2714 OUTYY(("P(server_pad_queries_block_size:%s)\n", $2)); 2715 if(atoi($2) == 0) 2716 yyerror("number expected"); 2717 else cfg_parser->cfg->pad_queries_block_size = atoi($2); 2718 free($2); 2719 } 2720 ; 2721 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG 2722 { 2723 #ifdef USE_IPSECMOD 2724 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2)); 2725 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2726 yyerror("expected yes or no."); 2727 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0); 2728 #else 2729 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2730 #endif 2731 free($2); 2732 } 2733 ; 2734 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG 2735 { 2736 #ifdef USE_IPSECMOD 2737 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2)); 2738 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2739 yyerror("expected yes or no."); 2740 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0); 2741 #else 2742 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2743 #endif 2744 free($2); 2745 } 2746 ; 2747 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG 2748 { 2749 #ifdef USE_IPSECMOD 2750 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2)); 2751 free(cfg_parser->cfg->ipsecmod_hook); 2752 cfg_parser->cfg->ipsecmod_hook = $2; 2753 #else 2754 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2755 free($2); 2756 #endif 2757 } 2758 ; 2759 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG 2760 { 2761 #ifdef USE_IPSECMOD 2762 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2)); 2763 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2764 yyerror("number expected"); 2765 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2); 2766 free($2); 2767 #else 2768 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2769 free($2); 2770 #endif 2771 } 2772 ; 2773 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG 2774 { 2775 #ifdef USE_IPSECMOD 2776 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2)); 2777 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2)) 2778 yyerror("out of memory"); 2779 #else 2780 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2781 free($2); 2782 #endif 2783 } 2784 ; 2785 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG 2786 { 2787 #ifdef USE_IPSECMOD 2788 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2)); 2789 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2790 yyerror("expected yes or no."); 2791 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0); 2792 free($2); 2793 #else 2794 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2795 free($2); 2796 #endif 2797 } 2798 ; 2799 server_edns_client_string: VAR_EDNS_CLIENT_STRING STRING_ARG STRING_ARG 2800 { 2801 OUTYY(("P(server_edns_client_string:%s %s)\n", $2, $3)); 2802 if(!cfg_str2list_insert( 2803 &cfg_parser->cfg->edns_client_strings, $2, $3)) 2804 fatal_exit("out of memory adding " 2805 "edns-client-string"); 2806 } 2807 ; 2808 server_edns_client_string_opcode: VAR_EDNS_CLIENT_STRING_OPCODE STRING_ARG 2809 { 2810 OUTYY(("P(edns_client_string_opcode:%s)\n", $2)); 2811 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2812 yyerror("option code expected"); 2813 else if(atoi($2) > 65535 || atoi($2) < 0) 2814 yyerror("option code must be in interval [0, 65535]"); 2815 else cfg_parser->cfg->edns_client_string_opcode = atoi($2); 2816 free($2); 2817 } 2818 ; 2819 server_ede: VAR_EDE STRING_ARG 2820 { 2821 OUTYY(("P(server_ede:%s)\n", $2)); 2822 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2823 yyerror("expected yes or no."); 2824 else cfg_parser->cfg->ede = (strcmp($2, "yes")==0); 2825 free($2); 2826 } 2827 ; 2828 server_proxy_protocol_port: VAR_PROXY_PROTOCOL_PORT STRING_ARG 2829 { 2830 OUTYY(("P(server_proxy_protocol_port:%s)\n", $2)); 2831 if(!cfg_strlist_insert(&cfg_parser->cfg->proxy_protocol_port, $2)) 2832 yyerror("out of memory"); 2833 } 2834 ; 2835 stub_name: VAR_NAME STRING_ARG 2836 { 2837 OUTYY(("P(name:%s)\n", $2)); 2838 if(cfg_parser->cfg->stubs->name) 2839 yyerror("stub name override, there must be one name " 2840 "for one stub-zone"); 2841 free(cfg_parser->cfg->stubs->name); 2842 cfg_parser->cfg->stubs->name = $2; 2843 } 2844 ; 2845 stub_host: VAR_STUB_HOST STRING_ARG 2846 { 2847 OUTYY(("P(stub-host:%s)\n", $2)); 2848 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2)) 2849 yyerror("out of memory"); 2850 } 2851 ; 2852 stub_addr: VAR_STUB_ADDR STRING_ARG 2853 { 2854 OUTYY(("P(stub-addr:%s)\n", $2)); 2855 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2)) 2856 yyerror("out of memory"); 2857 } 2858 ; 2859 stub_first: VAR_STUB_FIRST STRING_ARG 2860 { 2861 OUTYY(("P(stub-first:%s)\n", $2)); 2862 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2863 yyerror("expected yes or no."); 2864 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0); 2865 free($2); 2866 } 2867 ; 2868 stub_no_cache: VAR_STUB_NO_CACHE STRING_ARG 2869 { 2870 OUTYY(("P(stub-no-cache:%s)\n", $2)); 2871 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2872 yyerror("expected yes or no."); 2873 else cfg_parser->cfg->stubs->no_cache=(strcmp($2, "yes")==0); 2874 free($2); 2875 } 2876 ; 2877 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG 2878 { 2879 OUTYY(("P(stub-ssl-upstream:%s)\n", $2)); 2880 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2881 yyerror("expected yes or no."); 2882 else cfg_parser->cfg->stubs->ssl_upstream = 2883 (strcmp($2, "yes")==0); 2884 free($2); 2885 } 2886 ; 2887 stub_tcp_upstream: VAR_STUB_TCP_UPSTREAM STRING_ARG 2888 { 2889 OUTYY(("P(stub-tcp-upstream:%s)\n", $2)); 2890 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2891 yyerror("expected yes or no."); 2892 else cfg_parser->cfg->stubs->tcp_upstream = 2893 (strcmp($2, "yes")==0); 2894 free($2); 2895 } 2896 ; 2897 stub_prime: VAR_STUB_PRIME STRING_ARG 2898 { 2899 OUTYY(("P(stub-prime:%s)\n", $2)); 2900 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2901 yyerror("expected yes or no."); 2902 else cfg_parser->cfg->stubs->isprime = 2903 (strcmp($2, "yes")==0); 2904 free($2); 2905 } 2906 ; 2907 forward_name: VAR_NAME STRING_ARG 2908 { 2909 OUTYY(("P(name:%s)\n", $2)); 2910 if(cfg_parser->cfg->forwards->name) 2911 yyerror("forward name override, there must be one " 2912 "name for one forward-zone"); 2913 free(cfg_parser->cfg->forwards->name); 2914 cfg_parser->cfg->forwards->name = $2; 2915 } 2916 ; 2917 forward_host: VAR_FORWARD_HOST STRING_ARG 2918 { 2919 OUTYY(("P(forward-host:%s)\n", $2)); 2920 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2)) 2921 yyerror("out of memory"); 2922 } 2923 ; 2924 forward_addr: VAR_FORWARD_ADDR STRING_ARG 2925 { 2926 OUTYY(("P(forward-addr:%s)\n", $2)); 2927 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2)) 2928 yyerror("out of memory"); 2929 } 2930 ; 2931 forward_first: VAR_FORWARD_FIRST STRING_ARG 2932 { 2933 OUTYY(("P(forward-first:%s)\n", $2)); 2934 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2935 yyerror("expected yes or no."); 2936 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0); 2937 free($2); 2938 } 2939 ; 2940 forward_no_cache: VAR_FORWARD_NO_CACHE STRING_ARG 2941 { 2942 OUTYY(("P(forward-no-cache:%s)\n", $2)); 2943 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2944 yyerror("expected yes or no."); 2945 else cfg_parser->cfg->forwards->no_cache=(strcmp($2, "yes")==0); 2946 free($2); 2947 } 2948 ; 2949 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG 2950 { 2951 OUTYY(("P(forward-ssl-upstream:%s)\n", $2)); 2952 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2953 yyerror("expected yes or no."); 2954 else cfg_parser->cfg->forwards->ssl_upstream = 2955 (strcmp($2, "yes")==0); 2956 free($2); 2957 } 2958 ; 2959 forward_tcp_upstream: VAR_FORWARD_TCP_UPSTREAM STRING_ARG 2960 { 2961 OUTYY(("P(forward-tcp-upstream:%s)\n", $2)); 2962 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2963 yyerror("expected yes or no."); 2964 else cfg_parser->cfg->forwards->tcp_upstream = 2965 (strcmp($2, "yes")==0); 2966 free($2); 2967 } 2968 ; 2969 auth_name: VAR_NAME STRING_ARG 2970 { 2971 OUTYY(("P(name:%s)\n", $2)); 2972 if(cfg_parser->cfg->auths->name) 2973 yyerror("auth name override, there must be one name " 2974 "for one auth-zone"); 2975 free(cfg_parser->cfg->auths->name); 2976 cfg_parser->cfg->auths->name = $2; 2977 } 2978 ; 2979 auth_zonefile: VAR_ZONEFILE STRING_ARG 2980 { 2981 OUTYY(("P(zonefile:%s)\n", $2)); 2982 free(cfg_parser->cfg->auths->zonefile); 2983 cfg_parser->cfg->auths->zonefile = $2; 2984 } 2985 ; 2986 auth_master: VAR_MASTER STRING_ARG 2987 { 2988 OUTYY(("P(master:%s)\n", $2)); 2989 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2)) 2990 yyerror("out of memory"); 2991 } 2992 ; 2993 auth_url: VAR_URL STRING_ARG 2994 { 2995 OUTYY(("P(url:%s)\n", $2)); 2996 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2)) 2997 yyerror("out of memory"); 2998 } 2999 ; 3000 auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG 3001 { 3002 OUTYY(("P(allow-notify:%s)\n", $2)); 3003 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify, 3004 $2)) 3005 yyerror("out of memory"); 3006 } 3007 ; 3008 auth_zonemd_check: VAR_ZONEMD_CHECK STRING_ARG 3009 { 3010 OUTYY(("P(zonemd-check:%s)\n", $2)); 3011 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3012 yyerror("expected yes or no."); 3013 else cfg_parser->cfg->auths->zonemd_check = 3014 (strcmp($2, "yes")==0); 3015 free($2); 3016 } 3017 ; 3018 auth_zonemd_reject_absence: VAR_ZONEMD_REJECT_ABSENCE STRING_ARG 3019 { 3020 OUTYY(("P(zonemd-reject-absence:%s)\n", $2)); 3021 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3022 yyerror("expected yes or no."); 3023 else cfg_parser->cfg->auths->zonemd_reject_absence = 3024 (strcmp($2, "yes")==0); 3025 free($2); 3026 } 3027 ; 3028 auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG 3029 { 3030 OUTYY(("P(for-downstream:%s)\n", $2)); 3031 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3032 yyerror("expected yes or no."); 3033 else cfg_parser->cfg->auths->for_downstream = 3034 (strcmp($2, "yes")==0); 3035 free($2); 3036 } 3037 ; 3038 auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG 3039 { 3040 OUTYY(("P(for-upstream:%s)\n", $2)); 3041 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3042 yyerror("expected yes or no."); 3043 else cfg_parser->cfg->auths->for_upstream = 3044 (strcmp($2, "yes")==0); 3045 free($2); 3046 } 3047 ; 3048 auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG 3049 { 3050 OUTYY(("P(fallback-enabled:%s)\n", $2)); 3051 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3052 yyerror("expected yes or no."); 3053 else cfg_parser->cfg->auths->fallback_enabled = 3054 (strcmp($2, "yes")==0); 3055 free($2); 3056 } 3057 ; 3058 view_name: VAR_NAME STRING_ARG 3059 { 3060 OUTYY(("P(name:%s)\n", $2)); 3061 if(cfg_parser->cfg->views->name) 3062 yyerror("view name override, there must be one " 3063 "name for one view"); 3064 free(cfg_parser->cfg->views->name); 3065 cfg_parser->cfg->views->name = $2; 3066 } 3067 ; 3068 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 3069 { 3070 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3)); 3071 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 3072 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 3073 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 3074 && strcmp($3, "typetransparent")!=0 3075 && strcmp($3, "always_transparent")!=0 3076 && strcmp($3, "always_refuse")!=0 3077 && strcmp($3, "always_nxdomain")!=0 3078 && strcmp($3, "always_nodata")!=0 3079 && strcmp($3, "always_deny")!=0 3080 && strcmp($3, "always_null")!=0 3081 && strcmp($3, "noview")!=0 3082 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 3083 && strcmp($3, "inform_redirect") != 0 3084 && strcmp($3, "ipset") != 0) { 3085 yyerror("local-zone type: expected static, deny, " 3086 "refuse, redirect, transparent, " 3087 "typetransparent, inform, inform_deny, " 3088 "inform_redirect, always_transparent, " 3089 "always_refuse, always_nxdomain, " 3090 "always_nodata, always_deny, always_null, " 3091 "noview, nodefault or ipset"); 3092 free($2); 3093 free($3); 3094 } else if(strcmp($3, "nodefault")==0) { 3095 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3096 local_zones_nodefault, $2)) 3097 fatal_exit("out of memory adding local-zone"); 3098 free($3); 3099 #ifdef USE_IPSET 3100 } else if(strcmp($3, "ipset")==0) { 3101 size_t len = strlen($2); 3102 /* Make sure to add the trailing dot. 3103 * These are str compared to domain names. */ 3104 if($2[len-1] != '.') { 3105 if(!($2 = realloc($2, len+2))) { 3106 fatal_exit("out of memory adding local-zone"); 3107 } 3108 $2[len] = '.'; 3109 $2[len+1] = 0; 3110 } 3111 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3112 local_zones_ipset, $2)) 3113 fatal_exit("out of memory adding local-zone"); 3114 free($3); 3115 #endif 3116 } else { 3117 if(!cfg_str2list_insert( 3118 &cfg_parser->cfg->views->local_zones, 3119 $2, $3)) 3120 fatal_exit("out of memory adding local-zone"); 3121 } 3122 } 3123 ; 3124 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 3125 { 3126 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3)); 3127 validate_respip_action($3); 3128 if(!cfg_str2list_insert( 3129 &cfg_parser->cfg->views->respip_actions, $2, $3)) 3130 fatal_exit("out of memory adding per-view " 3131 "response-ip action"); 3132 } 3133 ; 3134 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 3135 { 3136 OUTYY(("P(view_response_ip_data:%s)\n", $2)); 3137 if(!cfg_str2list_insert( 3138 &cfg_parser->cfg->views->respip_data, $2, $3)) 3139 fatal_exit("out of memory adding response-ip-data"); 3140 } 3141 ; 3142 view_local_data: VAR_LOCAL_DATA STRING_ARG 3143 { 3144 OUTYY(("P(view_local_data:%s)\n", $2)); 3145 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) { 3146 fatal_exit("out of memory adding local-data"); 3147 } 3148 } 3149 ; 3150 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 3151 { 3152 char* ptr; 3153 OUTYY(("P(view_local_data_ptr:%s)\n", $2)); 3154 ptr = cfg_ptr_reverse($2); 3155 free($2); 3156 if(ptr) { 3157 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3158 local_data, ptr)) 3159 fatal_exit("out of memory adding local-data"); 3160 } else { 3161 yyerror("local-data-ptr could not be reversed"); 3162 } 3163 } 3164 ; 3165 view_first: VAR_VIEW_FIRST STRING_ARG 3166 { 3167 OUTYY(("P(view-first:%s)\n", $2)); 3168 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3169 yyerror("expected yes or no."); 3170 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0); 3171 free($2); 3172 } 3173 ; 3174 rcstart: VAR_REMOTE_CONTROL 3175 { 3176 OUTYY(("\nP(remote-control:)\n")); 3177 cfg_parser->started_toplevel = 1; 3178 } 3179 ; 3180 contents_rc: contents_rc content_rc 3181 | ; 3182 content_rc: rc_control_enable | rc_control_interface | rc_control_port | 3183 rc_server_key_file | rc_server_cert_file | rc_control_key_file | 3184 rc_control_cert_file | rc_control_use_cert 3185 ; 3186 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG 3187 { 3188 OUTYY(("P(control_enable:%s)\n", $2)); 3189 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3190 yyerror("expected yes or no."); 3191 else cfg_parser->cfg->remote_control_enable = 3192 (strcmp($2, "yes")==0); 3193 free($2); 3194 } 3195 ; 3196 rc_control_port: VAR_CONTROL_PORT STRING_ARG 3197 { 3198 OUTYY(("P(control_port:%s)\n", $2)); 3199 if(atoi($2) == 0) 3200 yyerror("control port number expected"); 3201 else cfg_parser->cfg->control_port = atoi($2); 3202 free($2); 3203 } 3204 ; 3205 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG 3206 { 3207 OUTYY(("P(control_interface:%s)\n", $2)); 3208 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2)) 3209 yyerror("out of memory"); 3210 } 3211 ; 3212 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG 3213 { 3214 OUTYY(("P(control_use_cert:%s)\n", $2)); 3215 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0); 3216 free($2); 3217 } 3218 ; 3219 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG 3220 { 3221 OUTYY(("P(rc_server_key_file:%s)\n", $2)); 3222 free(cfg_parser->cfg->server_key_file); 3223 cfg_parser->cfg->server_key_file = $2; 3224 } 3225 ; 3226 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG 3227 { 3228 OUTYY(("P(rc_server_cert_file:%s)\n", $2)); 3229 free(cfg_parser->cfg->server_cert_file); 3230 cfg_parser->cfg->server_cert_file = $2; 3231 } 3232 ; 3233 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG 3234 { 3235 OUTYY(("P(rc_control_key_file:%s)\n", $2)); 3236 free(cfg_parser->cfg->control_key_file); 3237 cfg_parser->cfg->control_key_file = $2; 3238 } 3239 ; 3240 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG 3241 { 3242 OUTYY(("P(rc_control_cert_file:%s)\n", $2)); 3243 free(cfg_parser->cfg->control_cert_file); 3244 cfg_parser->cfg->control_cert_file = $2; 3245 } 3246 ; 3247 dtstart: VAR_DNSTAP 3248 { 3249 OUTYY(("\nP(dnstap:)\n")); 3250 cfg_parser->started_toplevel = 1; 3251 } 3252 ; 3253 contents_dt: contents_dt content_dt 3254 | ; 3255 content_dt: dt_dnstap_enable | dt_dnstap_socket_path | dt_dnstap_bidirectional | 3256 dt_dnstap_ip | dt_dnstap_tls | dt_dnstap_tls_server_name | 3257 dt_dnstap_tls_cert_bundle | 3258 dt_dnstap_tls_client_key_file | dt_dnstap_tls_client_cert_file | 3259 dt_dnstap_send_identity | dt_dnstap_send_version | 3260 dt_dnstap_identity | dt_dnstap_version | 3261 dt_dnstap_log_resolver_query_messages | 3262 dt_dnstap_log_resolver_response_messages | 3263 dt_dnstap_log_client_query_messages | 3264 dt_dnstap_log_client_response_messages | 3265 dt_dnstap_log_forwarder_query_messages | 3266 dt_dnstap_log_forwarder_response_messages 3267 ; 3268 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG 3269 { 3270 OUTYY(("P(dt_dnstap_enable:%s)\n", $2)); 3271 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3272 yyerror("expected yes or no."); 3273 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0); 3274 free($2); 3275 } 3276 ; 3277 dt_dnstap_bidirectional: VAR_DNSTAP_BIDIRECTIONAL STRING_ARG 3278 { 3279 OUTYY(("P(dt_dnstap_bidirectional:%s)\n", $2)); 3280 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3281 yyerror("expected yes or no."); 3282 else cfg_parser->cfg->dnstap_bidirectional = 3283 (strcmp($2, "yes")==0); 3284 free($2); 3285 } 3286 ; 3287 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG 3288 { 3289 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2)); 3290 free(cfg_parser->cfg->dnstap_socket_path); 3291 cfg_parser->cfg->dnstap_socket_path = $2; 3292 } 3293 ; 3294 dt_dnstap_ip: VAR_DNSTAP_IP STRING_ARG 3295 { 3296 OUTYY(("P(dt_dnstap_ip:%s)\n", $2)); 3297 free(cfg_parser->cfg->dnstap_ip); 3298 cfg_parser->cfg->dnstap_ip = $2; 3299 } 3300 ; 3301 dt_dnstap_tls: VAR_DNSTAP_TLS STRING_ARG 3302 { 3303 OUTYY(("P(dt_dnstap_tls:%s)\n", $2)); 3304 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3305 yyerror("expected yes or no."); 3306 else cfg_parser->cfg->dnstap_tls = (strcmp($2, "yes")==0); 3307 free($2); 3308 } 3309 ; 3310 dt_dnstap_tls_server_name: VAR_DNSTAP_TLS_SERVER_NAME STRING_ARG 3311 { 3312 OUTYY(("P(dt_dnstap_tls_server_name:%s)\n", $2)); 3313 free(cfg_parser->cfg->dnstap_tls_server_name); 3314 cfg_parser->cfg->dnstap_tls_server_name = $2; 3315 } 3316 ; 3317 dt_dnstap_tls_cert_bundle: VAR_DNSTAP_TLS_CERT_BUNDLE STRING_ARG 3318 { 3319 OUTYY(("P(dt_dnstap_tls_cert_bundle:%s)\n", $2)); 3320 free(cfg_parser->cfg->dnstap_tls_cert_bundle); 3321 cfg_parser->cfg->dnstap_tls_cert_bundle = $2; 3322 } 3323 ; 3324 dt_dnstap_tls_client_key_file: VAR_DNSTAP_TLS_CLIENT_KEY_FILE STRING_ARG 3325 { 3326 OUTYY(("P(dt_dnstap_tls_client_key_file:%s)\n", $2)); 3327 free(cfg_parser->cfg->dnstap_tls_client_key_file); 3328 cfg_parser->cfg->dnstap_tls_client_key_file = $2; 3329 } 3330 ; 3331 dt_dnstap_tls_client_cert_file: VAR_DNSTAP_TLS_CLIENT_CERT_FILE STRING_ARG 3332 { 3333 OUTYY(("P(dt_dnstap_tls_client_cert_file:%s)\n", $2)); 3334 free(cfg_parser->cfg->dnstap_tls_client_cert_file); 3335 cfg_parser->cfg->dnstap_tls_client_cert_file = $2; 3336 } 3337 ; 3338 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG 3339 { 3340 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2)); 3341 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3342 yyerror("expected yes or no."); 3343 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0); 3344 free($2); 3345 } 3346 ; 3347 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG 3348 { 3349 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2)); 3350 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3351 yyerror("expected yes or no."); 3352 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0); 3353 free($2); 3354 } 3355 ; 3356 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG 3357 { 3358 OUTYY(("P(dt_dnstap_identity:%s)\n", $2)); 3359 free(cfg_parser->cfg->dnstap_identity); 3360 cfg_parser->cfg->dnstap_identity = $2; 3361 } 3362 ; 3363 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG 3364 { 3365 OUTYY(("P(dt_dnstap_version:%s)\n", $2)); 3366 free(cfg_parser->cfg->dnstap_version); 3367 cfg_parser->cfg->dnstap_version = $2; 3368 } 3369 ; 3370 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG 3371 { 3372 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2)); 3373 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3374 yyerror("expected yes or no."); 3375 else cfg_parser->cfg->dnstap_log_resolver_query_messages = 3376 (strcmp($2, "yes")==0); 3377 free($2); 3378 } 3379 ; 3380 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG 3381 { 3382 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2)); 3383 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3384 yyerror("expected yes or no."); 3385 else cfg_parser->cfg->dnstap_log_resolver_response_messages = 3386 (strcmp($2, "yes")==0); 3387 free($2); 3388 } 3389 ; 3390 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG 3391 { 3392 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2)); 3393 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3394 yyerror("expected yes or no."); 3395 else cfg_parser->cfg->dnstap_log_client_query_messages = 3396 (strcmp($2, "yes")==0); 3397 free($2); 3398 } 3399 ; 3400 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG 3401 { 3402 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2)); 3403 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3404 yyerror("expected yes or no."); 3405 else cfg_parser->cfg->dnstap_log_client_response_messages = 3406 (strcmp($2, "yes")==0); 3407 free($2); 3408 } 3409 ; 3410 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG 3411 { 3412 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2)); 3413 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3414 yyerror("expected yes or no."); 3415 else cfg_parser->cfg->dnstap_log_forwarder_query_messages = 3416 (strcmp($2, "yes")==0); 3417 free($2); 3418 } 3419 ; 3420 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG 3421 { 3422 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2)); 3423 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3424 yyerror("expected yes or no."); 3425 else cfg_parser->cfg->dnstap_log_forwarder_response_messages = 3426 (strcmp($2, "yes")==0); 3427 free($2); 3428 } 3429 ; 3430 pythonstart: VAR_PYTHON 3431 { 3432 OUTYY(("\nP(python:)\n")); 3433 cfg_parser->started_toplevel = 1; 3434 } 3435 ; 3436 contents_py: contents_py content_py 3437 | ; 3438 content_py: py_script 3439 ; 3440 py_script: VAR_PYTHON_SCRIPT STRING_ARG 3441 { 3442 OUTYY(("P(python-script:%s)\n", $2)); 3443 if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, $2)) 3444 yyerror("out of memory"); 3445 } 3446 dynlibstart: VAR_DYNLIB 3447 { 3448 OUTYY(("\nP(dynlib:)\n")); 3449 cfg_parser->started_toplevel = 1; 3450 } 3451 ; 3452 contents_dl: contents_dl content_dl 3453 | ; 3454 content_dl: dl_file 3455 ; 3456 dl_file: VAR_DYNLIB_FILE STRING_ARG 3457 { 3458 OUTYY(("P(dynlib-file:%s)\n", $2)); 3459 if(!cfg_strlist_append_ex(&cfg_parser->cfg->dynlib_file, $2)) 3460 yyerror("out of memory"); 3461 } 3462 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG 3463 { 3464 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2)); 3465 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3466 yyerror("expected yes or no."); 3467 else cfg_parser->cfg->disable_dnssec_lame_check = 3468 (strcmp($2, "yes")==0); 3469 free($2); 3470 } 3471 ; 3472 server_log_identity: VAR_LOG_IDENTITY STRING_ARG 3473 { 3474 OUTYY(("P(server_log_identity:%s)\n", $2)); 3475 free(cfg_parser->cfg->log_identity); 3476 cfg_parser->cfg->log_identity = $2; 3477 } 3478 ; 3479 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 3480 { 3481 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3)); 3482 validate_respip_action($3); 3483 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions, 3484 $2, $3)) 3485 fatal_exit("out of memory adding response-ip"); 3486 } 3487 ; 3488 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 3489 { 3490 OUTYY(("P(server_response_ip_data:%s)\n", $2)); 3491 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data, 3492 $2, $3)) 3493 fatal_exit("out of memory adding response-ip-data"); 3494 } 3495 ; 3496 dnscstart: VAR_DNSCRYPT 3497 { 3498 OUTYY(("\nP(dnscrypt:)\n")); 3499 cfg_parser->started_toplevel = 1; 3500 } 3501 ; 3502 contents_dnsc: contents_dnsc content_dnsc 3503 | ; 3504 content_dnsc: 3505 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider | 3506 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert | 3507 dnsc_dnscrypt_provider_cert_rotated | 3508 dnsc_dnscrypt_shared_secret_cache_size | 3509 dnsc_dnscrypt_shared_secret_cache_slabs | 3510 dnsc_dnscrypt_nonce_cache_size | 3511 dnsc_dnscrypt_nonce_cache_slabs 3512 ; 3513 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG 3514 { 3515 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2)); 3516 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3517 yyerror("expected yes or no."); 3518 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0); 3519 free($2); 3520 } 3521 ; 3522 3523 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG 3524 { 3525 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2)); 3526 if(atoi($2) == 0) 3527 yyerror("port number expected"); 3528 else cfg_parser->cfg->dnscrypt_port = atoi($2); 3529 free($2); 3530 } 3531 ; 3532 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG 3533 { 3534 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2)); 3535 free(cfg_parser->cfg->dnscrypt_provider); 3536 cfg_parser->cfg->dnscrypt_provider = $2; 3537 } 3538 ; 3539 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG 3540 { 3541 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2)); 3542 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3543 log_warn("dnscrypt-provider-cert %s is a duplicate", $2); 3544 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3545 fatal_exit("out of memory adding dnscrypt-provider-cert"); 3546 } 3547 ; 3548 dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG 3549 { 3550 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2)); 3551 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2)) 3552 fatal_exit("out of memory adding dnscrypt-provider-cert-rotated"); 3553 } 3554 ; 3555 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG 3556 { 3557 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2)); 3558 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2)) 3559 log_warn("dnscrypt-secret-key: %s is a duplicate", $2); 3560 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2)) 3561 fatal_exit("out of memory adding dnscrypt-secret-key"); 3562 } 3563 ; 3564 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG 3565 { 3566 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2)); 3567 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size)) 3568 yyerror("memory size expected"); 3569 free($2); 3570 } 3571 ; 3572 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG 3573 { 3574 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2)); 3575 if(atoi($2) == 0) { 3576 yyerror("number expected"); 3577 } else { 3578 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2); 3579 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs)) 3580 yyerror("must be a power of 2"); 3581 } 3582 free($2); 3583 } 3584 ; 3585 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG 3586 { 3587 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2)); 3588 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size)) 3589 yyerror("memory size expected"); 3590 free($2); 3591 } 3592 ; 3593 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG 3594 { 3595 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2)); 3596 if(atoi($2) == 0) { 3597 yyerror("number expected"); 3598 } else { 3599 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2); 3600 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs)) 3601 yyerror("must be a power of 2"); 3602 } 3603 free($2); 3604 } 3605 ; 3606 cachedbstart: VAR_CACHEDB 3607 { 3608 OUTYY(("\nP(cachedb:)\n")); 3609 cfg_parser->started_toplevel = 1; 3610 } 3611 ; 3612 contents_cachedb: contents_cachedb content_cachedb 3613 | ; 3614 content_cachedb: cachedb_backend_name | cachedb_secret_seed | 3615 redis_server_host | redis_server_port | redis_timeout | 3616 redis_expire_records 3617 ; 3618 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG 3619 { 3620 #ifdef USE_CACHEDB 3621 OUTYY(("P(backend:%s)\n", $2)); 3622 free(cfg_parser->cfg->cachedb_backend); 3623 cfg_parser->cfg->cachedb_backend = $2; 3624 #else 3625 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3626 free($2); 3627 #endif 3628 } 3629 ; 3630 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG 3631 { 3632 #ifdef USE_CACHEDB 3633 OUTYY(("P(secret-seed:%s)\n", $2)); 3634 free(cfg_parser->cfg->cachedb_secret); 3635 cfg_parser->cfg->cachedb_secret = $2; 3636 #else 3637 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3638 free($2); 3639 #endif 3640 } 3641 ; 3642 redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG 3643 { 3644 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3645 OUTYY(("P(redis_server_host:%s)\n", $2)); 3646 free(cfg_parser->cfg->redis_server_host); 3647 cfg_parser->cfg->redis_server_host = $2; 3648 #else 3649 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3650 free($2); 3651 #endif 3652 } 3653 ; 3654 redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG 3655 { 3656 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3657 int port; 3658 OUTYY(("P(redis_server_port:%s)\n", $2)); 3659 port = atoi($2); 3660 if(port == 0 || port < 0 || port > 65535) 3661 yyerror("valid redis server port number expected"); 3662 else cfg_parser->cfg->redis_server_port = port; 3663 #else 3664 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3665 #endif 3666 free($2); 3667 } 3668 ; 3669 redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG 3670 { 3671 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3672 OUTYY(("P(redis_timeout:%s)\n", $2)); 3673 if(atoi($2) == 0) 3674 yyerror("redis timeout value expected"); 3675 else cfg_parser->cfg->redis_timeout = atoi($2); 3676 #else 3677 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3678 #endif 3679 free($2); 3680 } 3681 ; 3682 redis_expire_records: VAR_CACHEDB_REDISEXPIRERECORDS STRING_ARG 3683 { 3684 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3685 OUTYY(("P(redis_expire_records:%s)\n", $2)); 3686 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3687 yyerror("expected yes or no."); 3688 else cfg_parser->cfg->redis_expire_records = (strcmp($2, "yes")==0); 3689 #else 3690 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3691 #endif 3692 free($2); 3693 } 3694 ; 3695 server_tcp_connection_limit: VAR_TCP_CONNECTION_LIMIT STRING_ARG STRING_ARG 3696 { 3697 OUTYY(("P(server_tcp_connection_limit:%s %s)\n", $2, $3)); 3698 if (atoi($3) < 0) 3699 yyerror("positive number expected"); 3700 else { 3701 if(!cfg_str2list_insert(&cfg_parser->cfg->tcp_connection_limits, $2, $3)) 3702 fatal_exit("out of memory adding tcp connection limit"); 3703 } 3704 } 3705 ; 3706 ipsetstart: VAR_IPSET 3707 { 3708 OUTYY(("\nP(ipset:)\n")); 3709 cfg_parser->started_toplevel = 1; 3710 } 3711 ; 3712 contents_ipset: contents_ipset content_ipset 3713 | ; 3714 content_ipset: ipset_name_v4 | ipset_name_v6 3715 ; 3716 ipset_name_v4: VAR_IPSET_NAME_V4 STRING_ARG 3717 { 3718 #ifdef USE_IPSET 3719 OUTYY(("P(name-v4:%s)\n", $2)); 3720 if(cfg_parser->cfg->ipset_name_v4) 3721 yyerror("ipset name v4 override, there must be one " 3722 "name for ip v4"); 3723 free(cfg_parser->cfg->ipset_name_v4); 3724 cfg_parser->cfg->ipset_name_v4 = $2; 3725 #else 3726 OUTYY(("P(Compiled without ipset, ignoring)\n")); 3727 free($2); 3728 #endif 3729 } 3730 ; 3731 ipset_name_v6: VAR_IPSET_NAME_V6 STRING_ARG 3732 { 3733 #ifdef USE_IPSET 3734 OUTYY(("P(name-v6:%s)\n", $2)); 3735 if(cfg_parser->cfg->ipset_name_v6) 3736 yyerror("ipset name v6 override, there must be one " 3737 "name for ip v6"); 3738 free(cfg_parser->cfg->ipset_name_v6); 3739 cfg_parser->cfg->ipset_name_v6 = $2; 3740 #else 3741 OUTYY(("P(Compiled without ipset, ignoring)\n")); 3742 free($2); 3743 #endif 3744 } 3745 ; 3746 %% 3747 3748 /* parse helper routines could be here */ 3749 static void 3750 validate_respip_action(const char* action) 3751 { 3752 if(strcmp(action, "deny")!=0 && 3753 strcmp(action, "redirect")!=0 && 3754 strcmp(action, "inform")!=0 && 3755 strcmp(action, "inform_deny")!=0 && 3756 strcmp(action, "always_transparent")!=0 && 3757 strcmp(action, "always_refuse")!=0 && 3758 strcmp(action, "always_nxdomain")!=0) 3759 { 3760 yyerror("response-ip action: expected deny, redirect, " 3761 "inform, inform_deny, always_transparent, " 3762 "always_refuse or always_nxdomain"); 3763 } 3764 } 3765 3766 static void 3767 validate_acl_action(const char* action) 3768 { 3769 if(strcmp(action, "deny")!=0 && 3770 strcmp(action, "refuse")!=0 && 3771 strcmp(action, "deny_non_local")!=0 && 3772 strcmp(action, "refuse_non_local")!=0 && 3773 strcmp(action, "allow_setrd")!=0 && 3774 strcmp(action, "allow")!=0 && 3775 strcmp(action, "allow_snoop")!=0) 3776 { 3777 yyerror("expected deny, refuse, deny_non_local, " 3778 "refuse_non_local, allow, allow_setrd or " 3779 "allow_snoop as access control action"); 3780 } 3781 } 3782