1 /* 2 * configparser.y -- yacc grammar for unbound configuration files 3 * 4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. 5 * 6 * Copyright (c) 2007, NLnet Labs. All rights reserved. 7 * 8 * This software is open source. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * Redistributions of source code must retain the above copyright notice, 15 * this list of conditions and the following disclaimer. 16 * 17 * Redistributions in binary form must reproduce the above copyright notice, 18 * this list of conditions and the following disclaimer in the documentation 19 * and/or other materials provided with the distribution. 20 * 21 * Neither the name of the NLNET LABS nor the names of its contributors may 22 * be used to endorse or promote products derived from this software without 23 * specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38 %{ 39 #include "config.h" 40 41 #include <stdarg.h> 42 #include <stdio.h> 43 #include <string.h> 44 #include <stdlib.h> 45 #include <assert.h> 46 47 #include "util/configyyrename.h" 48 #include "util/config_file.h" 49 #include "util/net_help.h" 50 #include "sldns/str2wire.h" 51 52 int ub_c_lex(void); 53 void ub_c_error(const char *message); 54 55 static void validate_respip_action(const char* action); 56 static void validate_acl_action(const char* action); 57 58 /* these need to be global, otherwise they cannot be used inside yacc */ 59 extern struct config_parser_state* cfg_parser; 60 61 #if 0 62 #define OUTYY(s) printf s /* used ONLY when debugging */ 63 #else 64 #define OUTYY(s) 65 #endif 66 67 %} 68 %union { 69 char* str; 70 }; 71 72 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR 73 %token <str> STRING_ARG 74 %token VAR_FORCE_TOPLEVEL 75 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT 76 %token VAR_OUTGOING_RANGE VAR_INTERFACE VAR_PREFER_IP4 77 %token VAR_DO_IP4 VAR_DO_IP6 VAR_DO_NAT64 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP 78 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT 79 %token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT 80 %token VAR_SOCK_QUEUE_TIMEOUT 81 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE 82 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD 83 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP 84 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS 85 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME 86 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY 87 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES 88 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR 89 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION 90 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF 91 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE 92 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE 93 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE 94 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE 95 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG 96 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST 97 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL 98 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC 99 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID 100 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT 101 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR 102 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS 103 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE 104 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE 105 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE 106 %token VAR_CONTROL_USE_CERT VAR_TCP_REUSE_TIMEOUT VAR_MAX_REUSE_TCP_QUERIES 107 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT 108 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII 109 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN 110 %token VAR_VAL_SIG_SKEW_MAX VAR_VAL_MAX_RESTART VAR_CACHE_MIN_TTL 111 %token VAR_VAL_LOG_LEVEL VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING 112 %token VAR_ADD_HOLDDOWN VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE 113 %token VAR_PREFETCH VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT 114 %token VAR_HARDEN_BELOW_NXDOMAIN VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES 115 %token VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS VAR_TCP_UPSTREAM 116 %token VAR_SSL_UPSTREAM VAR_TCP_AUTH_QUERY_TIMEOUT VAR_SSL_SERVICE_KEY 117 %token VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST 118 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE 119 %token VAR_STUB_TCP_UPSTREAM VAR_FORWARD_TCP_UPSTREAM 120 %token VAR_HTTPS_PORT VAR_HTTP_ENDPOINT VAR_HTTP_MAX_STREAMS 121 %token VAR_HTTP_QUERY_BUFFER_SIZE VAR_HTTP_RESPONSE_BUFFER_SIZE 122 %token VAR_HTTP_NODELAY VAR_HTTP_NOTLS_DOWNSTREAM 123 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN 124 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE VAR_UDP_CONNECT 125 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES 126 %token VAR_INFRA_CACHE_MIN_RTT VAR_INFRA_CACHE_MAX_RTT VAR_INFRA_KEEP_PROBING 127 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA 128 %token VAR_NAT64_PREFIX 129 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH VAR_DNSTAP_IP 130 %token VAR_DNSTAP_TLS VAR_DNSTAP_TLS_SERVER_NAME VAR_DNSTAP_TLS_CERT_BUNDLE 131 %token VAR_DNSTAP_TLS_CLIENT_KEY_FILE VAR_DNSTAP_TLS_CLIENT_CERT_FILE 132 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION VAR_DNSTAP_BIDIRECTIONAL 133 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION 134 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 135 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 136 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 137 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 138 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 139 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 140 %token VAR_DNSTAP_SAMPLE_RATE 141 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA 142 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT 143 %token VAR_IP_DSCP 144 %token VAR_DISABLE_DNSSEC_LAME_CHECK 145 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE 146 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE 147 %token VAR_OUTBOUND_MSG_RETRY VAR_MAX_SENT_COUNT VAR_MAX_QUERY_RESTARTS 148 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN 149 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR 150 %token VAR_IP_RATELIMIT_BACKOFF VAR_RATELIMIT_BACKOFF 151 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE 152 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE 153 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6 154 %token VAR_MIN_CLIENT_SUBNET_IPV4 VAR_MIN_CLIENT_SUBNET_IPV6 155 %token VAR_MAX_ECS_TREE_SIZE_IPV4 VAR_MAX_ECS_TREE_SIZE_IPV6 156 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN 157 %token VAR_CACHE_MIN_NEGATIVE_TTL 158 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND 159 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG 160 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION 161 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW 162 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_SERVE_EXPIRED_TTL 163 %token VAR_SERVE_EXPIRED_TTL_RESET VAR_SERVE_EXPIRED_REPLY_TTL 164 %token VAR_SERVE_EXPIRED_CLIENT_TIMEOUT VAR_EDE_SERVE_EXPIRED 165 %token VAR_SERVE_ORIGINAL_TTL VAR_FAKE_DSA 166 %token VAR_FAKE_SHA1 VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR 167 %token VAR_HIDE_HTTP_USER_AGENT VAR_HTTP_USER_AGENT 168 %token VAR_TRUST_ANCHOR_SIGNALING VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD 169 %token VAR_SHM_ENABLE VAR_SHM_KEY VAR_ROOT_KEY_SENTINEL 170 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER 171 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT 172 %token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 173 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 174 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 175 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE 176 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS 177 %token VAR_PAD_RESPONSES VAR_PAD_RESPONSES_BLOCK_SIZE 178 %token VAR_PAD_QUERIES VAR_PAD_QUERIES_BLOCK_SIZE 179 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS 180 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT 181 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED 182 %token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISREPLICAHOST 183 %token VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISREPLICAPORT 184 %token VAR_CACHEDB_REDISTIMEOUT VAR_CACHEDB_REDISREPLICATIMEOUT 185 %token VAR_CACHEDB_REDISEXPIRERECORDS 186 %token VAR_CACHEDB_REDISPATH VAR_CACHEDB_REDISREPLICAPATH 187 %token VAR_CACHEDB_REDISPASSWORD VAR_CACHEDB_REDISREPLICAPASSWORD 188 %token VAR_CACHEDB_REDISLOGICALDB VAR_CACHEDB_REDISREPLICALOGICALDB 189 %token VAR_CACHEDB_REDISCOMMANDTIMEOUT VAR_CACHEDB_REDISREPLICACOMMANDTIMEOUT 190 %token VAR_CACHEDB_REDISCONNECTTIMEOUT VAR_CACHEDB_REDISREPLICACONNECTTIMEOUT 191 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM 192 %token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM 193 %token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL 194 %token VAR_FAST_SERVER_PERMIL VAR_FAST_SERVER_NUM 195 %token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT VAR_TCP_CONNECTION_LIMIT 196 %token VAR_ANSWER_COOKIE VAR_COOKIE_SECRET VAR_IP_RATELIMIT_COOKIE 197 %token VAR_FORWARD_NO_CACHE VAR_STUB_NO_CACHE VAR_LOG_SERVFAIL VAR_DENY_ANY 198 %token VAR_UNKNOWN_SERVER_TIME_LIMIT VAR_LOG_TAG_QUERYREPLY 199 %token VAR_DISCARD_TIMEOUT VAR_WAIT_LIMIT VAR_WAIT_LIMIT_COOKIE 200 %token VAR_WAIT_LIMIT_NETBLOCK VAR_WAIT_LIMIT_COOKIE_NETBLOCK 201 %token VAR_STREAM_WAIT_SIZE VAR_TLS_CIPHERS VAR_TLS_CIPHERSUITES VAR_TLS_USE_SNI 202 %token VAR_IPSET VAR_IPSET_NAME_V4 VAR_IPSET_NAME_V6 203 %token VAR_TLS_SESSION_TICKET_KEYS VAR_RPZ VAR_TAGS VAR_RPZ_ACTION_OVERRIDE 204 %token VAR_RPZ_CNAME_OVERRIDE VAR_RPZ_LOG VAR_RPZ_LOG_NAME 205 %token VAR_DYNLIB VAR_DYNLIB_FILE VAR_EDNS_CLIENT_STRING 206 %token VAR_EDNS_CLIENT_STRING_OPCODE VAR_NSID 207 %token VAR_ZONEMD_PERMISSIVE_MODE VAR_ZONEMD_CHECK VAR_ZONEMD_REJECT_ABSENCE 208 %token VAR_RPZ_SIGNAL_NXDOMAIN_RA VAR_INTERFACE_AUTOMATIC_PORTS VAR_EDE 209 %token VAR_DNS_ERROR_REPORTING 210 %token VAR_INTERFACE_ACTION VAR_INTERFACE_VIEW VAR_INTERFACE_TAG 211 %token VAR_INTERFACE_TAG_ACTION VAR_INTERFACE_TAG_DATA 212 %token VAR_QUIC_PORT VAR_QUIC_SIZE 213 %token VAR_PROXY_PROTOCOL_PORT VAR_STATISTICS_INHIBIT_ZERO 214 %token VAR_HARDEN_UNKNOWN_ADDITIONAL VAR_DISABLE_EDNS_DO VAR_CACHEDB_NO_STORE 215 %token VAR_LOG_DESTADDR VAR_CACHEDB_CHECK_WHEN_SERVE_EXPIRED 216 %token VAR_COOKIE_SECRET_FILE VAR_ITER_SCRUB_NS VAR_ITER_SCRUB_CNAME 217 %token VAR_MAX_GLOBAL_QUOTA VAR_HARDEN_UNVERIFIED_GLUE VAR_LOG_TIME_ISO 218 219 %% 220 toplevelvars: /* empty */ | toplevelvars toplevelvar ; 221 toplevelvar: serverstart contents_server | stub_clause | 222 forward_clause | pythonstart contents_py | 223 rcstart contents_rc | dtstart contents_dt | view_clause | 224 dnscstart contents_dnsc | cachedbstart contents_cachedb | 225 ipsetstart contents_ipset | authstart contents_auth | 226 rpzstart contents_rpz | dynlibstart contents_dl | 227 force_toplevel 228 ; 229 force_toplevel: VAR_FORCE_TOPLEVEL 230 { 231 OUTYY(("\nP(force-toplevel)\n")); 232 cfg_parser->started_toplevel = 0; 233 } 234 ; 235 /* server: declaration */ 236 serverstart: VAR_SERVER 237 { 238 OUTYY(("\nP(server:)\n")); 239 cfg_parser->started_toplevel = 1; 240 } 241 ; 242 contents_server: contents_server content_server 243 | ; 244 content_server: server_num_threads | server_verbosity | server_port | 245 server_outgoing_range | server_do_ip4 | 246 server_do_ip6 | server_do_nat64 | server_prefer_ip4 | 247 server_prefer_ip6 | server_do_udp | server_do_tcp | 248 server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout | 249 server_tcp_keepalive | server_tcp_keepalive_timeout | 250 server_sock_queue_timeout | 251 server_interface | server_chroot | server_username | 252 server_directory | server_logfile | server_pidfile | 253 server_msg_cache_size | server_msg_cache_slabs | 254 server_num_queries_per_thread | server_rrset_cache_size | 255 server_rrset_cache_slabs | server_outgoing_num_tcp | 256 server_infra_host_ttl | server_infra_lame_ttl | 257 server_infra_cache_slabs | server_infra_cache_numhosts | 258 server_infra_cache_lame_size | server_target_fetch_policy | 259 server_harden_short_bufsize | server_harden_large_queries | 260 server_do_not_query_address | server_hide_identity | 261 server_hide_version | server_identity | server_version | 262 server_hide_http_user_agent | server_http_user_agent | 263 server_harden_glue | server_module_conf | server_trust_anchor_file | 264 server_trust_anchor | server_val_override_date | server_bogus_ttl | 265 server_val_clean_additional | server_val_permissive_mode | 266 server_incoming_num_tcp | server_msg_buffer_size | 267 server_key_cache_size | server_key_cache_slabs | 268 server_trusted_keys_file | server_val_nsec3_keysize_iterations | 269 server_use_syslog | server_outgoing_interface | server_root_hints | 270 server_do_not_query_localhost | server_cache_max_ttl | 271 server_harden_dnssec_stripped | server_access_control | 272 server_local_zone | server_local_data | server_interface_automatic | 273 server_statistics_interval | server_do_daemonize | 274 server_use_caps_for_id | server_statistics_cumulative | 275 server_outgoing_port_permit | server_outgoing_port_avoid | 276 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size | 277 server_harden_referral_path | server_private_address | 278 server_private_domain | server_extended_statistics | 279 server_local_data_ptr | server_jostle_timeout | 280 server_unwanted_reply_threshold | server_log_time_ascii | 281 server_domain_insecure | server_val_sig_skew_min | 282 server_val_sig_skew_max | server_val_max_restart | 283 server_cache_min_ttl | server_val_log_level | 284 server_auto_trust_anchor_file | server_add_holddown | 285 server_del_holddown | server_keep_missing | server_so_rcvbuf | 286 server_edns_buffer_size | server_prefetch | server_prefetch_key | 287 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag | 288 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream | 289 server_log_local_actions | 290 server_ssl_service_key | server_ssl_service_pem | server_ssl_port | 291 server_https_port | server_http_endpoint | server_http_max_streams | 292 server_http_query_buffer_size | server_http_response_buffer_size | 293 server_http_nodelay | server_http_notls_downstream | 294 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size | 295 server_so_reuseport | server_delay_close | server_udp_connect | 296 server_unblock_lan_zones | server_insecure_lan_zones | 297 server_dns64_prefix | server_dns64_synthall | server_dns64_ignore_aaaa | 298 server_nat64_prefix | 299 server_infra_cache_min_rtt | server_infra_cache_max_rtt | server_harden_algo_downgrade | 300 server_ip_transparent | server_ip_ratelimit | server_ratelimit | 301 server_ip_dscp | server_infra_keep_probing | 302 server_ip_ratelimit_slabs | server_ratelimit_slabs | 303 server_ip_ratelimit_size | server_ratelimit_size | 304 server_ratelimit_for_domain | 305 server_ratelimit_below_domain | server_ratelimit_factor | 306 server_ip_ratelimit_factor | server_ratelimit_backoff | 307 server_ip_ratelimit_backoff | server_outbound_msg_retry | 308 server_max_sent_count | server_max_query_restarts | 309 server_send_client_subnet | server_client_subnet_zone | 310 server_client_subnet_always_forward | server_client_subnet_opcode | 311 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 | 312 server_min_client_subnet_ipv4 | server_min_client_subnet_ipv6 | 313 server_max_ecs_tree_size_ipv4 | server_max_ecs_tree_size_ipv6 | 314 server_caps_whitelist | server_cache_max_negative_ttl | 315 server_cache_min_negative_ttl | 316 server_permit_small_holddown | server_qname_minimisation | 317 server_ip_freebind | server_define_tag | server_local_zone_tag | 318 server_disable_dnssec_lame_check | server_access_control_tag | 319 server_local_zone_override | server_access_control_tag_action | 320 server_access_control_tag_data | server_access_control_view | 321 server_interface_action | server_interface_view | server_interface_tag | 322 server_interface_tag_action | server_interface_tag_data | 323 server_qname_minimisation_strict | 324 server_pad_responses | server_pad_responses_block_size | 325 server_pad_queries | server_pad_queries_block_size | 326 server_serve_expired | 327 server_serve_expired_ttl | server_serve_expired_ttl_reset | 328 server_serve_expired_reply_ttl | server_serve_expired_client_timeout | 329 server_ede_serve_expired | server_serve_original_ttl | server_fake_dsa | 330 server_log_identity | server_use_systemd | 331 server_response_ip_tag | server_response_ip | server_response_ip_data | 332 server_shm_enable | server_shm_key | server_fake_sha1 | 333 server_hide_trustanchor | server_trust_anchor_signaling | 334 server_root_key_sentinel | 335 server_ipsecmod_enabled | server_ipsecmod_hook | 336 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl | 337 server_ipsecmod_whitelist | server_ipsecmod_strict | 338 server_udp_upstream_without_downstream | server_aggressive_nsec | 339 server_tls_cert_bundle | server_tls_additional_port | server_low_rtt | 340 server_fast_server_permil | server_fast_server_num | server_tls_win_cert | 341 server_tcp_connection_limit | server_log_servfail | server_deny_any | 342 server_unknown_server_time_limit | server_log_tag_queryreply | 343 server_discard_timeout | server_wait_limit | server_wait_limit_cookie | 344 server_wait_limit_netblock | server_wait_limit_cookie_netblock | 345 server_stream_wait_size | server_tls_ciphers | 346 server_tls_ciphersuites | server_tls_session_ticket_keys | 347 server_answer_cookie | server_cookie_secret | server_ip_ratelimit_cookie | 348 server_tls_use_sni | server_edns_client_string | 349 server_edns_client_string_opcode | server_nsid | 350 server_zonemd_permissive_mode | server_max_reuse_tcp_queries | 351 server_tcp_reuse_timeout | server_tcp_auth_query_timeout | 352 server_quic_port | server_quic_size | 353 server_interface_automatic_ports | server_ede | 354 server_dns_error_reporting | 355 server_proxy_protocol_port | server_statistics_inhibit_zero | 356 server_harden_unknown_additional | server_disable_edns_do | 357 server_log_destaddr | server_cookie_secret_file | 358 server_iter_scrub_ns | server_iter_scrub_cname | server_max_global_quota | 359 server_harden_unverified_glue | server_log_time_iso 360 ; 361 stub_clause: stubstart contents_stub 362 { 363 /* stub end */ 364 if(cfg_parser->cfg->stubs && 365 !cfg_parser->cfg->stubs->name) 366 yyerror("stub-zone without name"); 367 } 368 ; 369 stubstart: VAR_STUB_ZONE 370 { 371 struct config_stub* s; 372 OUTYY(("\nP(stub_zone:)\n")); 373 cfg_parser->started_toplevel = 1; 374 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 375 if(s) { 376 s->next = cfg_parser->cfg->stubs; 377 cfg_parser->cfg->stubs = s; 378 } else { 379 yyerror("out of memory"); 380 } 381 } 382 ; 383 contents_stub: contents_stub content_stub 384 | ; 385 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first | 386 stub_no_cache | stub_ssl_upstream | stub_tcp_upstream 387 ; 388 forward_clause: forwardstart contents_forward 389 { 390 /* forward end */ 391 if(cfg_parser->cfg->forwards && 392 !cfg_parser->cfg->forwards->name) 393 yyerror("forward-zone without name"); 394 } 395 ; 396 forwardstart: VAR_FORWARD_ZONE 397 { 398 struct config_stub* s; 399 OUTYY(("\nP(forward_zone:)\n")); 400 cfg_parser->started_toplevel = 1; 401 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 402 if(s) { 403 s->next = cfg_parser->cfg->forwards; 404 cfg_parser->cfg->forwards = s; 405 } else { 406 yyerror("out of memory"); 407 } 408 } 409 ; 410 contents_forward: contents_forward content_forward 411 | ; 412 content_forward: forward_name | forward_host | forward_addr | forward_first | 413 forward_no_cache | forward_ssl_upstream | forward_tcp_upstream 414 ; 415 view_clause: viewstart contents_view 416 { 417 /* view end */ 418 if(cfg_parser->cfg->views && 419 !cfg_parser->cfg->views->name) 420 yyerror("view without name"); 421 } 422 ; 423 viewstart: VAR_VIEW 424 { 425 struct config_view* s; 426 OUTYY(("\nP(view:)\n")); 427 cfg_parser->started_toplevel = 1; 428 s = (struct config_view*)calloc(1, sizeof(struct config_view)); 429 if(s) { 430 s->next = cfg_parser->cfg->views; 431 cfg_parser->cfg->views = s; 432 } else { 433 yyerror("out of memory"); 434 } 435 } 436 ; 437 contents_view: contents_view content_view 438 | ; 439 content_view: view_name | view_local_zone | view_local_data | view_first | 440 view_response_ip | view_response_ip_data | view_local_data_ptr 441 ; 442 authstart: VAR_AUTH_ZONE 443 { 444 struct config_auth* s; 445 OUTYY(("\nP(auth_zone:)\n")); 446 cfg_parser->started_toplevel = 1; 447 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 448 if(s) { 449 s->next = cfg_parser->cfg->auths; 450 cfg_parser->cfg->auths = s; 451 /* defaults for auth zone */ 452 s->for_downstream = 1; 453 s->for_upstream = 1; 454 s->fallback_enabled = 0; 455 s->zonemd_check = 0; 456 s->zonemd_reject_absence = 0; 457 s->isrpz = 0; 458 } else { 459 yyerror("out of memory"); 460 } 461 } 462 ; 463 contents_auth: contents_auth content_auth 464 | ; 465 content_auth: auth_name | auth_zonefile | auth_master | auth_url | 466 auth_for_downstream | auth_for_upstream | auth_fallback_enabled | 467 auth_allow_notify | auth_zonemd_check | auth_zonemd_reject_absence 468 ; 469 470 rpz_tag: VAR_TAGS STRING_ARG 471 { 472 uint8_t* bitlist; 473 size_t len = 0; 474 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 475 bitlist = config_parse_taglist(cfg_parser->cfg, $2, 476 &len); 477 free($2); 478 if(!bitlist) { 479 yyerror("could not parse tags, (define-tag them first)"); 480 } 481 if(bitlist) { 482 cfg_parser->cfg->auths->rpz_taglist = bitlist; 483 cfg_parser->cfg->auths->rpz_taglistlen = len; 484 485 } 486 } 487 ; 488 489 rpz_action_override: VAR_RPZ_ACTION_OVERRIDE STRING_ARG 490 { 491 OUTYY(("P(rpz_action_override:%s)\n", $2)); 492 if(strcmp($2, "nxdomain")!=0 && strcmp($2, "nodata")!=0 && 493 strcmp($2, "passthru")!=0 && strcmp($2, "drop")!=0 && 494 strcmp($2, "cname")!=0 && strcmp($2, "disabled")!=0) { 495 yyerror("rpz-action-override action: expected nxdomain, " 496 "nodata, passthru, drop, cname or disabled"); 497 free($2); 498 cfg_parser->cfg->auths->rpz_action_override = NULL; 499 } 500 else { 501 cfg_parser->cfg->auths->rpz_action_override = $2; 502 } 503 } 504 ; 505 506 rpz_cname_override: VAR_RPZ_CNAME_OVERRIDE STRING_ARG 507 { 508 OUTYY(("P(rpz_cname_override:%s)\n", $2)); 509 free(cfg_parser->cfg->auths->rpz_cname); 510 cfg_parser->cfg->auths->rpz_cname = $2; 511 } 512 ; 513 514 rpz_log: VAR_RPZ_LOG STRING_ARG 515 { 516 OUTYY(("P(rpz_log:%s)\n", $2)); 517 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 518 yyerror("expected yes or no."); 519 else cfg_parser->cfg->auths->rpz_log = (strcmp($2, "yes")==0); 520 free($2); 521 } 522 ; 523 524 rpz_log_name: VAR_RPZ_LOG_NAME STRING_ARG 525 { 526 OUTYY(("P(rpz_log_name:%s)\n", $2)); 527 free(cfg_parser->cfg->auths->rpz_log_name); 528 cfg_parser->cfg->auths->rpz_log_name = $2; 529 } 530 ; 531 rpz_signal_nxdomain_ra: VAR_RPZ_SIGNAL_NXDOMAIN_RA STRING_ARG 532 { 533 OUTYY(("P(rpz_signal_nxdomain_ra:%s)\n", $2)); 534 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 535 yyerror("expected yes or no."); 536 else cfg_parser->cfg->auths->rpz_signal_nxdomain_ra = (strcmp($2, "yes")==0); 537 free($2); 538 } 539 ; 540 541 rpzstart: VAR_RPZ 542 { 543 struct config_auth* s; 544 OUTYY(("\nP(rpz:)\n")); 545 cfg_parser->started_toplevel = 1; 546 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 547 if(s) { 548 s->next = cfg_parser->cfg->auths; 549 cfg_parser->cfg->auths = s; 550 /* defaults for RPZ auth zone */ 551 s->for_downstream = 0; 552 s->for_upstream = 0; 553 s->fallback_enabled = 0; 554 s->isrpz = 1; 555 } else { 556 yyerror("out of memory"); 557 } 558 } 559 ; 560 contents_rpz: contents_rpz content_rpz 561 | ; 562 content_rpz: auth_name | auth_zonefile | rpz_tag | auth_master | auth_url | 563 auth_allow_notify | rpz_action_override | rpz_cname_override | 564 rpz_log | rpz_log_name | rpz_signal_nxdomain_ra | auth_for_downstream 565 ; 566 server_num_threads: VAR_NUM_THREADS STRING_ARG 567 { 568 OUTYY(("P(server_num_threads:%s)\n", $2)); 569 if(atoi($2) == 0 && strcmp($2, "0") != 0) 570 yyerror("number expected"); 571 else cfg_parser->cfg->num_threads = atoi($2); 572 free($2); 573 } 574 ; 575 server_verbosity: VAR_VERBOSITY STRING_ARG 576 { 577 OUTYY(("P(server_verbosity:%s)\n", $2)); 578 if(atoi($2) == 0 && strcmp($2, "0") != 0) 579 yyerror("number expected"); 580 else cfg_parser->cfg->verbosity = atoi($2); 581 free($2); 582 } 583 ; 584 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG 585 { 586 OUTYY(("P(server_statistics_interval:%s)\n", $2)); 587 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 588 cfg_parser->cfg->stat_interval = 0; 589 else if(atoi($2) == 0) 590 yyerror("number expected"); 591 else cfg_parser->cfg->stat_interval = atoi($2); 592 free($2); 593 } 594 ; 595 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG 596 { 597 OUTYY(("P(server_statistics_cumulative:%s)\n", $2)); 598 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 599 yyerror("expected yes or no."); 600 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0); 601 free($2); 602 } 603 ; 604 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG 605 { 606 OUTYY(("P(server_extended_statistics:%s)\n", $2)); 607 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 608 yyerror("expected yes or no."); 609 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0); 610 free($2); 611 } 612 ; 613 server_statistics_inhibit_zero: VAR_STATISTICS_INHIBIT_ZERO STRING_ARG 614 { 615 OUTYY(("P(server_statistics_inhibit_zero:%s)\n", $2)); 616 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 617 yyerror("expected yes or no."); 618 else cfg_parser->cfg->stat_inhibit_zero = (strcmp($2, "yes")==0); 619 free($2); 620 } 621 ; 622 server_shm_enable: VAR_SHM_ENABLE STRING_ARG 623 { 624 OUTYY(("P(server_shm_enable:%s)\n", $2)); 625 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 626 yyerror("expected yes or no."); 627 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0); 628 free($2); 629 } 630 ; 631 server_shm_key: VAR_SHM_KEY STRING_ARG 632 { 633 OUTYY(("P(server_shm_key:%s)\n", $2)); 634 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 635 cfg_parser->cfg->shm_key = 0; 636 else if(atoi($2) == 0) 637 yyerror("number expected"); 638 else cfg_parser->cfg->shm_key = atoi($2); 639 free($2); 640 } 641 ; 642 server_port: VAR_PORT STRING_ARG 643 { 644 OUTYY(("P(server_port:%s)\n", $2)); 645 if(atoi($2) == 0) 646 yyerror("port number expected"); 647 else cfg_parser->cfg->port = atoi($2); 648 free($2); 649 } 650 ; 651 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG 652 { 653 #ifdef CLIENT_SUBNET 654 OUTYY(("P(server_send_client_subnet:%s)\n", $2)); 655 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2)) 656 fatal_exit("out of memory adding client-subnet"); 657 #else 658 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 659 free($2); 660 #endif 661 } 662 ; 663 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG 664 { 665 #ifdef CLIENT_SUBNET 666 OUTYY(("P(server_client_subnet_zone:%s)\n", $2)); 667 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone, 668 $2)) 669 fatal_exit("out of memory adding client-subnet-zone"); 670 #else 671 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 672 free($2); 673 #endif 674 } 675 ; 676 server_client_subnet_always_forward: 677 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG 678 { 679 #ifdef CLIENT_SUBNET 680 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2)); 681 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 682 yyerror("expected yes or no."); 683 else 684 cfg_parser->cfg->client_subnet_always_forward = 685 (strcmp($2, "yes")==0); 686 #else 687 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 688 #endif 689 free($2); 690 } 691 ; 692 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG 693 { 694 #ifdef CLIENT_SUBNET 695 OUTYY(("P(client_subnet_opcode:%s)\n", $2)); 696 OUTYY(("P(Deprecated option, ignoring)\n")); 697 #else 698 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 699 #endif 700 free($2); 701 } 702 ; 703 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG 704 { 705 #ifdef CLIENT_SUBNET 706 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2)); 707 if(atoi($2) == 0 && strcmp($2, "0") != 0) 708 yyerror("IPv4 subnet length expected"); 709 else if (atoi($2) > 32) 710 cfg_parser->cfg->max_client_subnet_ipv4 = 32; 711 else if (atoi($2) < 0) 712 cfg_parser->cfg->max_client_subnet_ipv4 = 0; 713 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2); 714 #else 715 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 716 #endif 717 free($2); 718 } 719 ; 720 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG 721 { 722 #ifdef CLIENT_SUBNET 723 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2)); 724 if(atoi($2) == 0 && strcmp($2, "0") != 0) 725 yyerror("Ipv6 subnet length expected"); 726 else if (atoi($2) > 128) 727 cfg_parser->cfg->max_client_subnet_ipv6 = 128; 728 else if (atoi($2) < 0) 729 cfg_parser->cfg->max_client_subnet_ipv6 = 0; 730 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2); 731 #else 732 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 733 #endif 734 free($2); 735 } 736 ; 737 server_min_client_subnet_ipv4: VAR_MIN_CLIENT_SUBNET_IPV4 STRING_ARG 738 { 739 #ifdef CLIENT_SUBNET 740 OUTYY(("P(min_client_subnet_ipv4:%s)\n", $2)); 741 if(atoi($2) == 0 && strcmp($2, "0") != 0) 742 yyerror("IPv4 subnet length expected"); 743 else if (atoi($2) > 32) 744 cfg_parser->cfg->min_client_subnet_ipv4 = 32; 745 else if (atoi($2) < 0) 746 cfg_parser->cfg->min_client_subnet_ipv4 = 0; 747 else cfg_parser->cfg->min_client_subnet_ipv4 = (uint8_t)atoi($2); 748 #else 749 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 750 #endif 751 free($2); 752 } 753 ; 754 server_min_client_subnet_ipv6: VAR_MIN_CLIENT_SUBNET_IPV6 STRING_ARG 755 { 756 #ifdef CLIENT_SUBNET 757 OUTYY(("P(min_client_subnet_ipv6:%s)\n", $2)); 758 if(atoi($2) == 0 && strcmp($2, "0") != 0) 759 yyerror("Ipv6 subnet length expected"); 760 else if (atoi($2) > 128) 761 cfg_parser->cfg->min_client_subnet_ipv6 = 128; 762 else if (atoi($2) < 0) 763 cfg_parser->cfg->min_client_subnet_ipv6 = 0; 764 else cfg_parser->cfg->min_client_subnet_ipv6 = (uint8_t)atoi($2); 765 #else 766 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 767 #endif 768 free($2); 769 } 770 ; 771 server_max_ecs_tree_size_ipv4: VAR_MAX_ECS_TREE_SIZE_IPV4 STRING_ARG 772 { 773 #ifdef CLIENT_SUBNET 774 OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", $2)); 775 if(atoi($2) == 0 && strcmp($2, "0") != 0) 776 yyerror("IPv4 ECS tree size expected"); 777 else if (atoi($2) < 0) 778 cfg_parser->cfg->max_ecs_tree_size_ipv4 = 0; 779 else cfg_parser->cfg->max_ecs_tree_size_ipv4 = (uint32_t)atoi($2); 780 #else 781 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 782 #endif 783 free($2); 784 } 785 ; 786 server_max_ecs_tree_size_ipv6: VAR_MAX_ECS_TREE_SIZE_IPV6 STRING_ARG 787 { 788 #ifdef CLIENT_SUBNET 789 OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", $2)); 790 if(atoi($2) == 0 && strcmp($2, "0") != 0) 791 yyerror("IPv6 ECS tree size expected"); 792 else if (atoi($2) < 0) 793 cfg_parser->cfg->max_ecs_tree_size_ipv6 = 0; 794 else cfg_parser->cfg->max_ecs_tree_size_ipv6 = (uint32_t)atoi($2); 795 #else 796 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 797 #endif 798 free($2); 799 } 800 ; 801 server_interface: VAR_INTERFACE STRING_ARG 802 { 803 OUTYY(("P(server_interface:%s)\n", $2)); 804 if(cfg_parser->cfg->num_ifs == 0) 805 cfg_parser->cfg->ifs = calloc(1, sizeof(char*)); 806 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs, 807 (cfg_parser->cfg->num_ifs+1)*sizeof(char*)); 808 if(!cfg_parser->cfg->ifs) 809 yyerror("out of memory"); 810 else 811 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2; 812 } 813 ; 814 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG 815 { 816 OUTYY(("P(server_outgoing_interface:%s)\n", $2)); 817 if(cfg_parser->cfg->num_out_ifs == 0) 818 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*)); 819 else cfg_parser->cfg->out_ifs = realloc( 820 cfg_parser->cfg->out_ifs, 821 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*)); 822 if(!cfg_parser->cfg->out_ifs) 823 yyerror("out of memory"); 824 else 825 cfg_parser->cfg->out_ifs[ 826 cfg_parser->cfg->num_out_ifs++] = $2; 827 } 828 ; 829 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG 830 { 831 OUTYY(("P(server_outgoing_range:%s)\n", $2)); 832 if(atoi($2) == 0) 833 yyerror("number expected"); 834 else cfg_parser->cfg->outgoing_num_ports = atoi($2); 835 free($2); 836 } 837 ; 838 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG 839 { 840 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2)); 841 if(!cfg_mark_ports($2, 1, 842 cfg_parser->cfg->outgoing_avail_ports, 65536)) 843 yyerror("port number or range (\"low-high\") expected"); 844 free($2); 845 } 846 ; 847 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG 848 { 849 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2)); 850 if(!cfg_mark_ports($2, 0, 851 cfg_parser->cfg->outgoing_avail_ports, 65536)) 852 yyerror("port number or range (\"low-high\") expected"); 853 free($2); 854 } 855 ; 856 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG 857 { 858 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2)); 859 if(atoi($2) == 0 && strcmp($2, "0") != 0) 860 yyerror("number expected"); 861 else cfg_parser->cfg->outgoing_num_tcp = atoi($2); 862 free($2); 863 } 864 ; 865 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG 866 { 867 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2)); 868 if(atoi($2) == 0 && strcmp($2, "0") != 0) 869 yyerror("number expected"); 870 else cfg_parser->cfg->incoming_num_tcp = atoi($2); 871 free($2); 872 } 873 ; 874 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG 875 { 876 OUTYY(("P(server_interface_automatic:%s)\n", $2)); 877 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 878 yyerror("expected yes or no."); 879 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0); 880 free($2); 881 } 882 ; 883 server_interface_automatic_ports: VAR_INTERFACE_AUTOMATIC_PORTS STRING_ARG 884 { 885 OUTYY(("P(server_interface_automatic_ports:%s)\n", $2)); 886 free(cfg_parser->cfg->if_automatic_ports); 887 cfg_parser->cfg->if_automatic_ports = $2; 888 } 889 ; 890 server_do_ip4: VAR_DO_IP4 STRING_ARG 891 { 892 OUTYY(("P(server_do_ip4:%s)\n", $2)); 893 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 894 yyerror("expected yes or no."); 895 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0); 896 free($2); 897 } 898 ; 899 server_do_ip6: VAR_DO_IP6 STRING_ARG 900 { 901 OUTYY(("P(server_do_ip6:%s)\n", $2)); 902 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 903 yyerror("expected yes or no."); 904 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0); 905 free($2); 906 } 907 ; 908 server_do_nat64: VAR_DO_NAT64 STRING_ARG 909 { 910 OUTYY(("P(server_do_nat64:%s)\n", $2)); 911 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 912 yyerror("expected yes or no."); 913 else cfg_parser->cfg->do_nat64 = (strcmp($2, "yes")==0); 914 free($2); 915 } 916 ; 917 server_do_udp: VAR_DO_UDP STRING_ARG 918 { 919 OUTYY(("P(server_do_udp:%s)\n", $2)); 920 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 921 yyerror("expected yes or no."); 922 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0); 923 free($2); 924 } 925 ; 926 server_do_tcp: VAR_DO_TCP STRING_ARG 927 { 928 OUTYY(("P(server_do_tcp:%s)\n", $2)); 929 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 930 yyerror("expected yes or no."); 931 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0); 932 free($2); 933 } 934 ; 935 server_prefer_ip4: VAR_PREFER_IP4 STRING_ARG 936 { 937 OUTYY(("P(server_prefer_ip4:%s)\n", $2)); 938 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 939 yyerror("expected yes or no."); 940 else cfg_parser->cfg->prefer_ip4 = (strcmp($2, "yes")==0); 941 free($2); 942 } 943 ; 944 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG 945 { 946 OUTYY(("P(server_prefer_ip6:%s)\n", $2)); 947 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 948 yyerror("expected yes or no."); 949 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0); 950 free($2); 951 } 952 ; 953 server_tcp_mss: VAR_TCP_MSS STRING_ARG 954 { 955 OUTYY(("P(server_tcp_mss:%s)\n", $2)); 956 if(atoi($2) == 0 && strcmp($2, "0") != 0) 957 yyerror("number expected"); 958 else cfg_parser->cfg->tcp_mss = atoi($2); 959 free($2); 960 } 961 ; 962 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG 963 { 964 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2)); 965 if(atoi($2) == 0 && strcmp($2, "0") != 0) 966 yyerror("number expected"); 967 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2); 968 free($2); 969 } 970 ; 971 server_tcp_idle_timeout: VAR_TCP_IDLE_TIMEOUT STRING_ARG 972 { 973 OUTYY(("P(server_tcp_idle_timeout:%s)\n", $2)); 974 if(atoi($2) == 0 && strcmp($2, "0") != 0) 975 yyerror("number expected"); 976 else if (atoi($2) > 120000) 977 cfg_parser->cfg->tcp_idle_timeout = 120000; 978 else if (atoi($2) < 1) 979 cfg_parser->cfg->tcp_idle_timeout = 1; 980 else cfg_parser->cfg->tcp_idle_timeout = atoi($2); 981 free($2); 982 } 983 ; 984 server_max_reuse_tcp_queries: VAR_MAX_REUSE_TCP_QUERIES STRING_ARG 985 { 986 OUTYY(("P(server_max_reuse_tcp_queries:%s)\n", $2)); 987 if(atoi($2) == 0 && strcmp($2, "0") != 0) 988 yyerror("number expected"); 989 else if (atoi($2) < 1) 990 cfg_parser->cfg->max_reuse_tcp_queries = 0; 991 else cfg_parser->cfg->max_reuse_tcp_queries = atoi($2); 992 free($2); 993 } 994 ; 995 server_tcp_reuse_timeout: VAR_TCP_REUSE_TIMEOUT STRING_ARG 996 { 997 OUTYY(("P(server_tcp_reuse_timeout:%s)\n", $2)); 998 if(atoi($2) == 0 && strcmp($2, "0") != 0) 999 yyerror("number expected"); 1000 else if (atoi($2) < 1) 1001 cfg_parser->cfg->tcp_reuse_timeout = 0; 1002 else cfg_parser->cfg->tcp_reuse_timeout = atoi($2); 1003 free($2); 1004 } 1005 ; 1006 server_tcp_auth_query_timeout: VAR_TCP_AUTH_QUERY_TIMEOUT STRING_ARG 1007 { 1008 OUTYY(("P(server_tcp_auth_query_timeout:%s)\n", $2)); 1009 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1010 yyerror("number expected"); 1011 else if (atoi($2) < 1) 1012 cfg_parser->cfg->tcp_auth_query_timeout = 0; 1013 else cfg_parser->cfg->tcp_auth_query_timeout = atoi($2); 1014 free($2); 1015 } 1016 ; 1017 server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG 1018 { 1019 OUTYY(("P(server_tcp_keepalive:%s)\n", $2)); 1020 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1021 yyerror("expected yes or no."); 1022 else cfg_parser->cfg->do_tcp_keepalive = (strcmp($2, "yes")==0); 1023 free($2); 1024 } 1025 ; 1026 server_tcp_keepalive_timeout: VAR_EDNS_TCP_KEEPALIVE_TIMEOUT STRING_ARG 1027 { 1028 OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", $2)); 1029 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1030 yyerror("number expected"); 1031 else if (atoi($2) > 6553500) 1032 cfg_parser->cfg->tcp_keepalive_timeout = 6553500; 1033 else if (atoi($2) < 1) 1034 cfg_parser->cfg->tcp_keepalive_timeout = 0; 1035 else cfg_parser->cfg->tcp_keepalive_timeout = atoi($2); 1036 free($2); 1037 } 1038 ; 1039 server_sock_queue_timeout: VAR_SOCK_QUEUE_TIMEOUT STRING_ARG 1040 { 1041 OUTYY(("P(server_sock_queue_timeout:%s)\n", $2)); 1042 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1043 yyerror("number expected"); 1044 else if (atoi($2) > 6553500) 1045 cfg_parser->cfg->sock_queue_timeout = 6553500; 1046 else if (atoi($2) < 1) 1047 cfg_parser->cfg->sock_queue_timeout = 0; 1048 else cfg_parser->cfg->sock_queue_timeout = atoi($2); 1049 free($2); 1050 } 1051 ; 1052 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG 1053 { 1054 OUTYY(("P(server_tcp_upstream:%s)\n", $2)); 1055 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1056 yyerror("expected yes or no."); 1057 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0); 1058 free($2); 1059 } 1060 ; 1061 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG 1062 { 1063 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2)); 1064 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1065 yyerror("expected yes or no."); 1066 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0); 1067 free($2); 1068 } 1069 ; 1070 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG 1071 { 1072 OUTYY(("P(server_ssl_upstream:%s)\n", $2)); 1073 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1074 yyerror("expected yes or no."); 1075 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0); 1076 free($2); 1077 } 1078 ; 1079 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG 1080 { 1081 OUTYY(("P(server_ssl_service_key:%s)\n", $2)); 1082 free(cfg_parser->cfg->ssl_service_key); 1083 cfg_parser->cfg->ssl_service_key = $2; 1084 } 1085 ; 1086 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG 1087 { 1088 OUTYY(("P(server_ssl_service_pem:%s)\n", $2)); 1089 free(cfg_parser->cfg->ssl_service_pem); 1090 cfg_parser->cfg->ssl_service_pem = $2; 1091 } 1092 ; 1093 server_ssl_port: VAR_SSL_PORT STRING_ARG 1094 { 1095 OUTYY(("P(server_ssl_port:%s)\n", $2)); 1096 if(atoi($2) == 0) 1097 yyerror("port number expected"); 1098 else cfg_parser->cfg->ssl_port = atoi($2); 1099 free($2); 1100 } 1101 ; 1102 server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG 1103 { 1104 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2)); 1105 free(cfg_parser->cfg->tls_cert_bundle); 1106 cfg_parser->cfg->tls_cert_bundle = $2; 1107 } 1108 ; 1109 server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG 1110 { 1111 OUTYY(("P(server_tls_win_cert:%s)\n", $2)); 1112 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1113 yyerror("expected yes or no."); 1114 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0); 1115 free($2); 1116 } 1117 ; 1118 server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG 1119 { 1120 OUTYY(("P(server_tls_additional_port:%s)\n", $2)); 1121 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port, 1122 $2)) 1123 yyerror("out of memory"); 1124 } 1125 ; 1126 server_tls_ciphers: VAR_TLS_CIPHERS STRING_ARG 1127 { 1128 OUTYY(("P(server_tls_ciphers:%s)\n", $2)); 1129 free(cfg_parser->cfg->tls_ciphers); 1130 cfg_parser->cfg->tls_ciphers = $2; 1131 } 1132 ; 1133 server_tls_ciphersuites: VAR_TLS_CIPHERSUITES STRING_ARG 1134 { 1135 OUTYY(("P(server_tls_ciphersuites:%s)\n", $2)); 1136 free(cfg_parser->cfg->tls_ciphersuites); 1137 cfg_parser->cfg->tls_ciphersuites = $2; 1138 } 1139 ; 1140 server_tls_session_ticket_keys: VAR_TLS_SESSION_TICKET_KEYS STRING_ARG 1141 { 1142 OUTYY(("P(server_tls_session_ticket_keys:%s)\n", $2)); 1143 if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys, 1144 $2)) 1145 yyerror("out of memory"); 1146 } 1147 ; 1148 server_tls_use_sni: VAR_TLS_USE_SNI STRING_ARG 1149 { 1150 OUTYY(("P(server_tls_use_sni:%s)\n", $2)); 1151 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1152 yyerror("expected yes or no."); 1153 else cfg_parser->cfg->tls_use_sni = (strcmp($2, "yes")==0); 1154 free($2); 1155 } 1156 ; 1157 server_https_port: VAR_HTTPS_PORT STRING_ARG 1158 { 1159 OUTYY(("P(server_https_port:%s)\n", $2)); 1160 if(atoi($2) == 0) 1161 yyerror("port number expected"); 1162 else cfg_parser->cfg->https_port = atoi($2); 1163 free($2); 1164 }; 1165 server_http_endpoint: VAR_HTTP_ENDPOINT STRING_ARG 1166 { 1167 OUTYY(("P(server_http_endpoint:%s)\n", $2)); 1168 free(cfg_parser->cfg->http_endpoint); 1169 if($2 && $2[0] != '/') { 1170 cfg_parser->cfg->http_endpoint = malloc(strlen($2)+2); 1171 if(cfg_parser->cfg->http_endpoint) { 1172 cfg_parser->cfg->http_endpoint[0] = '/'; 1173 memmove(cfg_parser->cfg->http_endpoint+1, $2, 1174 strlen($2)+1); 1175 } else { 1176 yyerror("out of memory"); 1177 } 1178 free($2); 1179 } else { 1180 cfg_parser->cfg->http_endpoint = $2; 1181 } 1182 }; 1183 server_http_max_streams: VAR_HTTP_MAX_STREAMS STRING_ARG 1184 { 1185 OUTYY(("P(server_http_max_streams:%s)\n", $2)); 1186 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1187 yyerror("number expected"); 1188 else cfg_parser->cfg->http_max_streams = atoi($2); 1189 free($2); 1190 }; 1191 server_http_query_buffer_size: VAR_HTTP_QUERY_BUFFER_SIZE STRING_ARG 1192 { 1193 OUTYY(("P(server_http_query_buffer_size:%s)\n", $2)); 1194 if(!cfg_parse_memsize($2, 1195 &cfg_parser->cfg->http_query_buffer_size)) 1196 yyerror("memory size expected"); 1197 free($2); 1198 }; 1199 server_http_response_buffer_size: VAR_HTTP_RESPONSE_BUFFER_SIZE STRING_ARG 1200 { 1201 OUTYY(("P(server_http_response_buffer_size:%s)\n", $2)); 1202 if(!cfg_parse_memsize($2, 1203 &cfg_parser->cfg->http_response_buffer_size)) 1204 yyerror("memory size expected"); 1205 free($2); 1206 }; 1207 server_http_nodelay: VAR_HTTP_NODELAY STRING_ARG 1208 { 1209 OUTYY(("P(server_http_nodelay:%s)\n", $2)); 1210 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1211 yyerror("expected yes or no."); 1212 else cfg_parser->cfg->http_nodelay = (strcmp($2, "yes")==0); 1213 free($2); 1214 }; 1215 server_http_notls_downstream: VAR_HTTP_NOTLS_DOWNSTREAM STRING_ARG 1216 { 1217 OUTYY(("P(server_http_notls_downstream:%s)\n", $2)); 1218 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1219 yyerror("expected yes or no."); 1220 else cfg_parser->cfg->http_notls_downstream = (strcmp($2, "yes")==0); 1221 free($2); 1222 }; 1223 server_quic_port: VAR_QUIC_PORT STRING_ARG 1224 { 1225 OUTYY(("P(server_quic_port:%s)\n", $2)); 1226 #ifndef HAVE_NGTCP2 1227 log_warn("%s:%d: Unbound is not compiled with " 1228 "ngtcp2. This is required to use DNS " 1229 "over QUIC.", cfg_parser->filename, cfg_parser->line); 1230 #endif 1231 if(atoi($2) == 0) 1232 yyerror("port number expected"); 1233 else cfg_parser->cfg->quic_port = atoi($2); 1234 free($2); 1235 }; 1236 server_quic_size: VAR_QUIC_SIZE STRING_ARG 1237 { 1238 OUTYY(("P(server_quic_size:%s)\n", $2)); 1239 if(!cfg_parse_memsize($2, &cfg_parser->cfg->quic_size)) 1240 yyerror("memory size expected"); 1241 free($2); 1242 }; 1243 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG 1244 { 1245 OUTYY(("P(server_use_systemd:%s)\n", $2)); 1246 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1247 yyerror("expected yes or no."); 1248 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0); 1249 free($2); 1250 } 1251 ; 1252 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG 1253 { 1254 OUTYY(("P(server_do_daemonize:%s)\n", $2)); 1255 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1256 yyerror("expected yes or no."); 1257 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0); 1258 free($2); 1259 } 1260 ; 1261 server_use_syslog: VAR_USE_SYSLOG STRING_ARG 1262 { 1263 OUTYY(("P(server_use_syslog:%s)\n", $2)); 1264 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1265 yyerror("expected yes or no."); 1266 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0); 1267 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS) 1268 if(strcmp($2, "yes") == 0) 1269 yyerror("no syslog services are available. " 1270 "(reconfigure and compile to add)"); 1271 #endif 1272 free($2); 1273 } 1274 ; 1275 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG 1276 { 1277 OUTYY(("P(server_log_time_ascii:%s)\n", $2)); 1278 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1279 yyerror("expected yes or no."); 1280 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0); 1281 free($2); 1282 } 1283 ; 1284 server_log_time_iso: VAR_LOG_TIME_ISO STRING_ARG 1285 { 1286 OUTYY(("P(server_log_time_iso:%s)\n", $2)); 1287 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1288 yyerror("expected yes or no."); 1289 else cfg_parser->cfg->log_time_iso = (strcmp($2, "yes")==0); 1290 free($2); 1291 } 1292 ; 1293 server_log_queries: VAR_LOG_QUERIES STRING_ARG 1294 { 1295 OUTYY(("P(server_log_queries:%s)\n", $2)); 1296 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1297 yyerror("expected yes or no."); 1298 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0); 1299 free($2); 1300 } 1301 ; 1302 server_log_replies: VAR_LOG_REPLIES STRING_ARG 1303 { 1304 OUTYY(("P(server_log_replies:%s)\n", $2)); 1305 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1306 yyerror("expected yes or no."); 1307 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0); 1308 free($2); 1309 } 1310 ; 1311 server_log_tag_queryreply: VAR_LOG_TAG_QUERYREPLY STRING_ARG 1312 { 1313 OUTYY(("P(server_log_tag_queryreply:%s)\n", $2)); 1314 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1315 yyerror("expected yes or no."); 1316 else cfg_parser->cfg->log_tag_queryreply = (strcmp($2, "yes")==0); 1317 free($2); 1318 } 1319 ; 1320 server_log_servfail: VAR_LOG_SERVFAIL STRING_ARG 1321 { 1322 OUTYY(("P(server_log_servfail:%s)\n", $2)); 1323 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1324 yyerror("expected yes or no."); 1325 else cfg_parser->cfg->log_servfail = (strcmp($2, "yes")==0); 1326 free($2); 1327 } 1328 ; 1329 server_log_destaddr: VAR_LOG_DESTADDR STRING_ARG 1330 { 1331 OUTYY(("P(server_log_destaddr:%s)\n", $2)); 1332 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1333 yyerror("expected yes or no."); 1334 else cfg_parser->cfg->log_destaddr = (strcmp($2, "yes")==0); 1335 free($2); 1336 } 1337 ; 1338 server_log_local_actions: VAR_LOG_LOCAL_ACTIONS STRING_ARG 1339 { 1340 OUTYY(("P(server_log_local_actions:%s)\n", $2)); 1341 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1342 yyerror("expected yes or no."); 1343 else cfg_parser->cfg->log_local_actions = (strcmp($2, "yes")==0); 1344 free($2); 1345 } 1346 ; 1347 server_chroot: VAR_CHROOT STRING_ARG 1348 { 1349 OUTYY(("P(server_chroot:%s)\n", $2)); 1350 free(cfg_parser->cfg->chrootdir); 1351 cfg_parser->cfg->chrootdir = $2; 1352 } 1353 ; 1354 server_username: VAR_USERNAME STRING_ARG 1355 { 1356 OUTYY(("P(server_username:%s)\n", $2)); 1357 free(cfg_parser->cfg->username); 1358 cfg_parser->cfg->username = $2; 1359 } 1360 ; 1361 server_directory: VAR_DIRECTORY STRING_ARG 1362 { 1363 OUTYY(("P(server_directory:%s)\n", $2)); 1364 free(cfg_parser->cfg->directory); 1365 cfg_parser->cfg->directory = $2; 1366 /* change there right away for includes relative to this */ 1367 if($2[0]) { 1368 char* d; 1369 #ifdef UB_ON_WINDOWS 1370 w_config_adjust_directory(cfg_parser->cfg); 1371 #endif 1372 d = cfg_parser->cfg->directory; 1373 /* adjust directory if we have already chroot, 1374 * like, we reread after sighup */ 1375 if(cfg_parser->chroot && cfg_parser->chroot[0] && 1376 strncmp(d, cfg_parser->chroot, strlen( 1377 cfg_parser->chroot)) == 0) 1378 d += strlen(cfg_parser->chroot); 1379 if(d[0]) { 1380 if(chdir(d)) 1381 log_err("cannot chdir to directory: %s (%s)", 1382 d, strerror(errno)); 1383 } 1384 } 1385 } 1386 ; 1387 server_logfile: VAR_LOGFILE STRING_ARG 1388 { 1389 OUTYY(("P(server_logfile:%s)\n", $2)); 1390 free(cfg_parser->cfg->logfile); 1391 cfg_parser->cfg->logfile = $2; 1392 cfg_parser->cfg->use_syslog = 0; 1393 } 1394 ; 1395 server_pidfile: VAR_PIDFILE STRING_ARG 1396 { 1397 OUTYY(("P(server_pidfile:%s)\n", $2)); 1398 free(cfg_parser->cfg->pidfile); 1399 cfg_parser->cfg->pidfile = $2; 1400 } 1401 ; 1402 server_root_hints: VAR_ROOT_HINTS STRING_ARG 1403 { 1404 OUTYY(("P(server_root_hints:%s)\n", $2)); 1405 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2)) 1406 yyerror("out of memory"); 1407 } 1408 ; 1409 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG 1410 { 1411 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2)); 1412 log_warn("option dlv-anchor-file ignored: DLV is decommissioned"); 1413 free($2); 1414 } 1415 ; 1416 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG 1417 { 1418 OUTYY(("P(server_dlv_anchor:%s)\n", $2)); 1419 log_warn("option dlv-anchor ignored: DLV is decommissioned"); 1420 free($2); 1421 } 1422 ; 1423 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG 1424 { 1425 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2)); 1426 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1427 auto_trust_anchor_file_list, $2)) 1428 yyerror("out of memory"); 1429 } 1430 ; 1431 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG 1432 { 1433 OUTYY(("P(server_trust_anchor_file:%s)\n", $2)); 1434 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1435 trust_anchor_file_list, $2)) 1436 yyerror("out of memory"); 1437 } 1438 ; 1439 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG 1440 { 1441 OUTYY(("P(server_trusted_keys_file:%s)\n", $2)); 1442 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1443 trusted_keys_file_list, $2)) 1444 yyerror("out of memory"); 1445 } 1446 ; 1447 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG 1448 { 1449 OUTYY(("P(server_trust_anchor:%s)\n", $2)); 1450 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2)) 1451 yyerror("out of memory"); 1452 } 1453 ; 1454 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG 1455 { 1456 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2)); 1457 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1458 yyerror("expected yes or no."); 1459 else 1460 cfg_parser->cfg->trust_anchor_signaling = 1461 (strcmp($2, "yes")==0); 1462 free($2); 1463 } 1464 ; 1465 server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG 1466 { 1467 OUTYY(("P(server_root_key_sentinel:%s)\n", $2)); 1468 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1469 yyerror("expected yes or no."); 1470 else 1471 cfg_parser->cfg->root_key_sentinel = 1472 (strcmp($2, "yes")==0); 1473 free($2); 1474 } 1475 ; 1476 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG 1477 { 1478 OUTYY(("P(server_domain_insecure:%s)\n", $2)); 1479 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2)) 1480 yyerror("out of memory"); 1481 } 1482 ; 1483 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG 1484 { 1485 OUTYY(("P(server_hide_identity:%s)\n", $2)); 1486 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1487 yyerror("expected yes or no."); 1488 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0); 1489 free($2); 1490 } 1491 ; 1492 server_hide_version: VAR_HIDE_VERSION STRING_ARG 1493 { 1494 OUTYY(("P(server_hide_version:%s)\n", $2)); 1495 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1496 yyerror("expected yes or no."); 1497 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0); 1498 free($2); 1499 } 1500 ; 1501 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG 1502 { 1503 OUTYY(("P(server_hide_trustanchor:%s)\n", $2)); 1504 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1505 yyerror("expected yes or no."); 1506 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0); 1507 free($2); 1508 } 1509 ; 1510 server_hide_http_user_agent: VAR_HIDE_HTTP_USER_AGENT STRING_ARG 1511 { 1512 OUTYY(("P(server_hide_user_agent:%s)\n", $2)); 1513 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1514 yyerror("expected yes or no."); 1515 else cfg_parser->cfg->hide_http_user_agent = (strcmp($2, "yes")==0); 1516 free($2); 1517 } 1518 ; 1519 server_identity: VAR_IDENTITY STRING_ARG 1520 { 1521 OUTYY(("P(server_identity:%s)\n", $2)); 1522 free(cfg_parser->cfg->identity); 1523 cfg_parser->cfg->identity = $2; 1524 } 1525 ; 1526 server_version: VAR_VERSION STRING_ARG 1527 { 1528 OUTYY(("P(server_version:%s)\n", $2)); 1529 free(cfg_parser->cfg->version); 1530 cfg_parser->cfg->version = $2; 1531 } 1532 ; 1533 server_http_user_agent: VAR_HTTP_USER_AGENT STRING_ARG 1534 { 1535 OUTYY(("P(server_http_user_agent:%s)\n", $2)); 1536 free(cfg_parser->cfg->http_user_agent); 1537 cfg_parser->cfg->http_user_agent = $2; 1538 } 1539 ; 1540 server_nsid: VAR_NSID STRING_ARG 1541 { 1542 OUTYY(("P(server_nsid:%s)\n", $2)); 1543 free(cfg_parser->cfg->nsid_cfg_str); 1544 cfg_parser->cfg->nsid_cfg_str = $2; 1545 free(cfg_parser->cfg->nsid); 1546 cfg_parser->cfg->nsid = NULL; 1547 cfg_parser->cfg->nsid_len = 0; 1548 if (*$2 == 0) 1549 ; /* pass; empty string is not setting nsid */ 1550 else if (!(cfg_parser->cfg->nsid = cfg_parse_nsid( 1551 $2, &cfg_parser->cfg->nsid_len))) 1552 yyerror("the NSID must be either a hex string or an " 1553 "ascii character string prepended with ascii_."); 1554 } 1555 ; 1556 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG 1557 { 1558 OUTYY(("P(server_so_rcvbuf:%s)\n", $2)); 1559 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf)) 1560 yyerror("buffer size expected"); 1561 free($2); 1562 } 1563 ; 1564 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG 1565 { 1566 OUTYY(("P(server_so_sndbuf:%s)\n", $2)); 1567 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf)) 1568 yyerror("buffer size expected"); 1569 free($2); 1570 } 1571 ; 1572 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG 1573 { 1574 OUTYY(("P(server_so_reuseport:%s)\n", $2)); 1575 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1576 yyerror("expected yes or no."); 1577 else cfg_parser->cfg->so_reuseport = 1578 (strcmp($2, "yes")==0); 1579 free($2); 1580 } 1581 ; 1582 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG 1583 { 1584 OUTYY(("P(server_ip_transparent:%s)\n", $2)); 1585 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1586 yyerror("expected yes or no."); 1587 else cfg_parser->cfg->ip_transparent = 1588 (strcmp($2, "yes")==0); 1589 free($2); 1590 } 1591 ; 1592 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG 1593 { 1594 OUTYY(("P(server_ip_freebind:%s)\n", $2)); 1595 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1596 yyerror("expected yes or no."); 1597 else cfg_parser->cfg->ip_freebind = 1598 (strcmp($2, "yes")==0); 1599 free($2); 1600 } 1601 ; 1602 server_ip_dscp: VAR_IP_DSCP STRING_ARG 1603 { 1604 OUTYY(("P(server_ip_dscp:%s)\n", $2)); 1605 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1606 yyerror("number expected"); 1607 else if (atoi($2) > 63) 1608 yyerror("value too large (max 63)"); 1609 else if (atoi($2) < 0) 1610 yyerror("value too small (min 0)"); 1611 else 1612 cfg_parser->cfg->ip_dscp = atoi($2); 1613 free($2); 1614 } 1615 ; 1616 server_stream_wait_size: VAR_STREAM_WAIT_SIZE STRING_ARG 1617 { 1618 OUTYY(("P(server_stream_wait_size:%s)\n", $2)); 1619 if(!cfg_parse_memsize($2, &cfg_parser->cfg->stream_wait_size)) 1620 yyerror("memory size expected"); 1621 free($2); 1622 } 1623 ; 1624 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG 1625 { 1626 OUTYY(("P(server_edns_buffer_size:%s)\n", $2)); 1627 if(atoi($2) == 0) 1628 yyerror("number expected"); 1629 else if (atoi($2) < 12) 1630 yyerror("edns buffer size too small"); 1631 else if (atoi($2) > 65535) 1632 cfg_parser->cfg->edns_buffer_size = 65535; 1633 else cfg_parser->cfg->edns_buffer_size = atoi($2); 1634 free($2); 1635 } 1636 ; 1637 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG 1638 { 1639 OUTYY(("P(server_msg_buffer_size:%s)\n", $2)); 1640 if(atoi($2) == 0) 1641 yyerror("number expected"); 1642 else if (atoi($2) < 4096) 1643 yyerror("message buffer size too small (use 4096)"); 1644 else cfg_parser->cfg->msg_buffer_size = atoi($2); 1645 free($2); 1646 } 1647 ; 1648 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG 1649 { 1650 OUTYY(("P(server_msg_cache_size:%s)\n", $2)); 1651 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size)) 1652 yyerror("memory size expected"); 1653 free($2); 1654 } 1655 ; 1656 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG 1657 { 1658 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2)); 1659 if(atoi($2) == 0) { 1660 yyerror("number expected"); 1661 } else { 1662 cfg_parser->cfg->msg_cache_slabs = atoi($2); 1663 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs)) 1664 yyerror("must be a power of 2"); 1665 } 1666 free($2); 1667 } 1668 ; 1669 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG 1670 { 1671 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2)); 1672 if(atoi($2) == 0) 1673 yyerror("number expected"); 1674 else cfg_parser->cfg->num_queries_per_thread = atoi($2); 1675 free($2); 1676 } 1677 ; 1678 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG 1679 { 1680 OUTYY(("P(server_jostle_timeout:%s)\n", $2)); 1681 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1682 yyerror("number expected"); 1683 else cfg_parser->cfg->jostle_time = atoi($2); 1684 free($2); 1685 } 1686 ; 1687 server_delay_close: VAR_DELAY_CLOSE STRING_ARG 1688 { 1689 OUTYY(("P(server_delay_close:%s)\n", $2)); 1690 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1691 yyerror("number expected"); 1692 else cfg_parser->cfg->delay_close = atoi($2); 1693 free($2); 1694 } 1695 ; 1696 server_udp_connect: VAR_UDP_CONNECT STRING_ARG 1697 { 1698 OUTYY(("P(server_udp_connect:%s)\n", $2)); 1699 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1700 yyerror("expected yes or no."); 1701 else cfg_parser->cfg->udp_connect = (strcmp($2, "yes")==0); 1702 free($2); 1703 } 1704 ; 1705 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG 1706 { 1707 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2)); 1708 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1709 yyerror("expected yes or no."); 1710 else cfg_parser->cfg->unblock_lan_zones = 1711 (strcmp($2, "yes")==0); 1712 free($2); 1713 } 1714 ; 1715 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG 1716 { 1717 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2)); 1718 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1719 yyerror("expected yes or no."); 1720 else cfg_parser->cfg->insecure_lan_zones = 1721 (strcmp($2, "yes")==0); 1722 free($2); 1723 } 1724 ; 1725 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG 1726 { 1727 OUTYY(("P(server_rrset_cache_size:%s)\n", $2)); 1728 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size)) 1729 yyerror("memory size expected"); 1730 free($2); 1731 } 1732 ; 1733 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG 1734 { 1735 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2)); 1736 if(atoi($2) == 0) { 1737 yyerror("number expected"); 1738 } else { 1739 cfg_parser->cfg->rrset_cache_slabs = atoi($2); 1740 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs)) 1741 yyerror("must be a power of 2"); 1742 } 1743 free($2); 1744 } 1745 ; 1746 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG 1747 { 1748 OUTYY(("P(server_infra_host_ttl:%s)\n", $2)); 1749 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1750 yyerror("number expected"); 1751 else cfg_parser->cfg->host_ttl = atoi($2); 1752 free($2); 1753 } 1754 ; 1755 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG 1756 { 1757 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2)); 1758 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option " 1759 "removed, use infra-host-ttl)", $2); 1760 free($2); 1761 } 1762 ; 1763 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG 1764 { 1765 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2)); 1766 if(atoi($2) == 0) 1767 yyerror("number expected"); 1768 else cfg_parser->cfg->infra_cache_numhosts = atoi($2); 1769 free($2); 1770 } 1771 ; 1772 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG 1773 { 1774 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2)); 1775 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s " 1776 "(option removed, use infra-cache-numhosts)", $2); 1777 free($2); 1778 } 1779 ; 1780 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG 1781 { 1782 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2)); 1783 if(atoi($2) == 0) { 1784 yyerror("number expected"); 1785 } else { 1786 cfg_parser->cfg->infra_cache_slabs = atoi($2); 1787 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs)) 1788 yyerror("must be a power of 2"); 1789 } 1790 free($2); 1791 } 1792 ; 1793 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG 1794 { 1795 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2)); 1796 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1797 yyerror("number expected"); 1798 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2); 1799 free($2); 1800 } 1801 ; 1802 server_infra_cache_max_rtt: VAR_INFRA_CACHE_MAX_RTT STRING_ARG 1803 { 1804 OUTYY(("P(server_infra_cache_max_rtt:%s)\n", $2)); 1805 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1806 yyerror("number expected"); 1807 else cfg_parser->cfg->infra_cache_max_rtt = atoi($2); 1808 free($2); 1809 } 1810 ; 1811 server_infra_keep_probing: VAR_INFRA_KEEP_PROBING STRING_ARG 1812 { 1813 OUTYY(("P(server_infra_keep_probing:%s)\n", $2)); 1814 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1815 yyerror("expected yes or no."); 1816 else cfg_parser->cfg->infra_keep_probing = 1817 (strcmp($2, "yes")==0); 1818 free($2); 1819 } 1820 ; 1821 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG 1822 { 1823 OUTYY(("P(server_target_fetch_policy:%s)\n", $2)); 1824 free(cfg_parser->cfg->target_fetch_policy); 1825 cfg_parser->cfg->target_fetch_policy = $2; 1826 } 1827 ; 1828 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG 1829 { 1830 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2)); 1831 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1832 yyerror("expected yes or no."); 1833 else cfg_parser->cfg->harden_short_bufsize = 1834 (strcmp($2, "yes")==0); 1835 free($2); 1836 } 1837 ; 1838 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG 1839 { 1840 OUTYY(("P(server_harden_large_queries:%s)\n", $2)); 1841 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1842 yyerror("expected yes or no."); 1843 else cfg_parser->cfg->harden_large_queries = 1844 (strcmp($2, "yes")==0); 1845 free($2); 1846 } 1847 ; 1848 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG 1849 { 1850 OUTYY(("P(server_harden_glue:%s)\n", $2)); 1851 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1852 yyerror("expected yes or no."); 1853 else cfg_parser->cfg->harden_glue = 1854 (strcmp($2, "yes")==0); 1855 free($2); 1856 } 1857 ; 1858 server_harden_unverified_glue: VAR_HARDEN_UNVERIFIED_GLUE STRING_ARG 1859 { 1860 OUTYY(("P(server_harden_unverified_glue:%s)\n", $2)); 1861 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1862 yyerror("expected yes or no."); 1863 else cfg_parser->cfg->harden_unverified_glue = 1864 (strcmp($2, "yes")==0); 1865 free($2); 1866 } 1867 ; 1868 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG 1869 { 1870 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2)); 1871 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1872 yyerror("expected yes or no."); 1873 else cfg_parser->cfg->harden_dnssec_stripped = 1874 (strcmp($2, "yes")==0); 1875 free($2); 1876 } 1877 ; 1878 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG 1879 { 1880 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2)); 1881 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1882 yyerror("expected yes or no."); 1883 else cfg_parser->cfg->harden_below_nxdomain = 1884 (strcmp($2, "yes")==0); 1885 free($2); 1886 } 1887 ; 1888 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG 1889 { 1890 OUTYY(("P(server_harden_referral_path:%s)\n", $2)); 1891 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1892 yyerror("expected yes or no."); 1893 else cfg_parser->cfg->harden_referral_path = 1894 (strcmp($2, "yes")==0); 1895 free($2); 1896 } 1897 ; 1898 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG 1899 { 1900 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2)); 1901 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1902 yyerror("expected yes or no."); 1903 else cfg_parser->cfg->harden_algo_downgrade = 1904 (strcmp($2, "yes")==0); 1905 free($2); 1906 } 1907 ; 1908 server_harden_unknown_additional: VAR_HARDEN_UNKNOWN_ADDITIONAL STRING_ARG 1909 { 1910 OUTYY(("P(server_harden_unknown_additional:%s)\n", $2)); 1911 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1912 yyerror("expected yes or no."); 1913 else cfg_parser->cfg->harden_unknown_additional = 1914 (strcmp($2, "yes")==0); 1915 free($2); 1916 } 1917 ; 1918 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG 1919 { 1920 OUTYY(("P(server_use_caps_for_id:%s)\n", $2)); 1921 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1922 yyerror("expected yes or no."); 1923 else cfg_parser->cfg->use_caps_bits_for_id = 1924 (strcmp($2, "yes")==0); 1925 free($2); 1926 } 1927 ; 1928 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG 1929 { 1930 OUTYY(("P(server_caps_whitelist:%s)\n", $2)); 1931 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2)) 1932 yyerror("out of memory"); 1933 } 1934 ; 1935 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG 1936 { 1937 OUTYY(("P(server_private_address:%s)\n", $2)); 1938 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2)) 1939 yyerror("out of memory"); 1940 } 1941 ; 1942 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG 1943 { 1944 OUTYY(("P(server_private_domain:%s)\n", $2)); 1945 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2)) 1946 yyerror("out of memory"); 1947 } 1948 ; 1949 server_prefetch: VAR_PREFETCH STRING_ARG 1950 { 1951 OUTYY(("P(server_prefetch:%s)\n", $2)); 1952 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1953 yyerror("expected yes or no."); 1954 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0); 1955 free($2); 1956 } 1957 ; 1958 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG 1959 { 1960 OUTYY(("P(server_prefetch_key:%s)\n", $2)); 1961 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1962 yyerror("expected yes or no."); 1963 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0); 1964 free($2); 1965 } 1966 ; 1967 server_deny_any: VAR_DENY_ANY STRING_ARG 1968 { 1969 OUTYY(("P(server_deny_any:%s)\n", $2)); 1970 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1971 yyerror("expected yes or no."); 1972 else cfg_parser->cfg->deny_any = (strcmp($2, "yes")==0); 1973 free($2); 1974 } 1975 ; 1976 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG 1977 { 1978 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2)); 1979 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1980 yyerror("number expected"); 1981 else cfg_parser->cfg->unwanted_threshold = atoi($2); 1982 free($2); 1983 } 1984 ; 1985 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG 1986 { 1987 OUTYY(("P(server_do_not_query_address:%s)\n", $2)); 1988 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2)) 1989 yyerror("out of memory"); 1990 } 1991 ; 1992 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG 1993 { 1994 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2)); 1995 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1996 yyerror("expected yes or no."); 1997 else cfg_parser->cfg->donotquery_localhost = 1998 (strcmp($2, "yes")==0); 1999 free($2); 2000 } 2001 ; 2002 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG 2003 { 2004 OUTYY(("P(server_access_control:%s %s)\n", $2, $3)); 2005 validate_acl_action($3); 2006 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3)) 2007 fatal_exit("out of memory adding acl"); 2008 } 2009 ; 2010 server_interface_action: VAR_INTERFACE_ACTION STRING_ARG STRING_ARG 2011 { 2012 OUTYY(("P(server_interface_action:%s %s)\n", $2, $3)); 2013 validate_acl_action($3); 2014 if(!cfg_str2list_insert( 2015 &cfg_parser->cfg->interface_actions, $2, $3)) 2016 fatal_exit("out of memory adding acl"); 2017 } 2018 ; 2019 server_module_conf: VAR_MODULE_CONF STRING_ARG 2020 { 2021 OUTYY(("P(server_module_conf:%s)\n", $2)); 2022 free(cfg_parser->cfg->module_conf); 2023 cfg_parser->cfg->module_conf = $2; 2024 } 2025 ; 2026 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG 2027 { 2028 OUTYY(("P(server_val_override_date:%s)\n", $2)); 2029 if(*$2 == '\0' || strcmp($2, "0") == 0) { 2030 cfg_parser->cfg->val_date_override = 0; 2031 } else if(strlen($2) == 14) { 2032 cfg_parser->cfg->val_date_override = 2033 cfg_convert_timeval($2); 2034 if(!cfg_parser->cfg->val_date_override) 2035 yyerror("bad date/time specification"); 2036 } else { 2037 if(atoi($2) == 0) 2038 yyerror("number expected"); 2039 cfg_parser->cfg->val_date_override = atoi($2); 2040 } 2041 free($2); 2042 } 2043 ; 2044 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG 2045 { 2046 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2)); 2047 if(*$2 == '\0' || strcmp($2, "0") == 0) { 2048 cfg_parser->cfg->val_sig_skew_min = 0; 2049 } else { 2050 cfg_parser->cfg->val_sig_skew_min = atoi($2); 2051 if(!cfg_parser->cfg->val_sig_skew_min) 2052 yyerror("number expected"); 2053 } 2054 free($2); 2055 } 2056 ; 2057 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG 2058 { 2059 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2)); 2060 if(*$2 == '\0' || strcmp($2, "0") == 0) { 2061 cfg_parser->cfg->val_sig_skew_max = 0; 2062 } else { 2063 cfg_parser->cfg->val_sig_skew_max = atoi($2); 2064 if(!cfg_parser->cfg->val_sig_skew_max) 2065 yyerror("number expected"); 2066 } 2067 free($2); 2068 } 2069 ; 2070 server_val_max_restart: VAR_VAL_MAX_RESTART STRING_ARG 2071 { 2072 OUTYY(("P(server_val_max_restart:%s)\n", $2)); 2073 if(*$2 == '\0' || strcmp($2, "0") == 0) { 2074 cfg_parser->cfg->val_max_restart = 0; 2075 } else { 2076 cfg_parser->cfg->val_max_restart = atoi($2); 2077 if(!cfg_parser->cfg->val_max_restart) 2078 yyerror("number expected"); 2079 } 2080 free($2); 2081 } 2082 ; 2083 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG 2084 { 2085 OUTYY(("P(server_cache_max_ttl:%s)\n", $2)); 2086 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2087 yyerror("number expected"); 2088 else cfg_parser->cfg->max_ttl = atoi($2); 2089 free($2); 2090 } 2091 ; 2092 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG 2093 { 2094 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2)); 2095 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2096 yyerror("number expected"); 2097 else cfg_parser->cfg->max_negative_ttl = atoi($2); 2098 free($2); 2099 } 2100 ; 2101 server_cache_min_negative_ttl: VAR_CACHE_MIN_NEGATIVE_TTL STRING_ARG 2102 { 2103 OUTYY(("P(server_cache_min_negative_ttl:%s)\n", $2)); 2104 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2105 yyerror("number expected"); 2106 else cfg_parser->cfg->min_negative_ttl = atoi($2); 2107 free($2); 2108 } 2109 ; 2110 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG 2111 { 2112 OUTYY(("P(server_cache_min_ttl:%s)\n", $2)); 2113 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2114 yyerror("number expected"); 2115 else cfg_parser->cfg->min_ttl = atoi($2); 2116 free($2); 2117 } 2118 ; 2119 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG 2120 { 2121 OUTYY(("P(server_bogus_ttl:%s)\n", $2)); 2122 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2123 yyerror("number expected"); 2124 else cfg_parser->cfg->bogus_ttl = atoi($2); 2125 free($2); 2126 } 2127 ; 2128 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG 2129 { 2130 OUTYY(("P(server_val_clean_additional:%s)\n", $2)); 2131 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2132 yyerror("expected yes or no."); 2133 else cfg_parser->cfg->val_clean_additional = 2134 (strcmp($2, "yes")==0); 2135 free($2); 2136 } 2137 ; 2138 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG 2139 { 2140 OUTYY(("P(server_val_permissive_mode:%s)\n", $2)); 2141 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2142 yyerror("expected yes or no."); 2143 else cfg_parser->cfg->val_permissive_mode = 2144 (strcmp($2, "yes")==0); 2145 free($2); 2146 } 2147 ; 2148 server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG 2149 { 2150 OUTYY(("P(server_aggressive_nsec:%s)\n", $2)); 2151 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2152 yyerror("expected yes or no."); 2153 else 2154 cfg_parser->cfg->aggressive_nsec = 2155 (strcmp($2, "yes")==0); 2156 free($2); 2157 } 2158 ; 2159 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG 2160 { 2161 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2)); 2162 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2163 yyerror("expected yes or no."); 2164 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0); 2165 free($2); 2166 } 2167 ; 2168 server_disable_edns_do: VAR_DISABLE_EDNS_DO STRING_ARG 2169 { 2170 OUTYY(("P(server_disable_edns_do:%s)\n", $2)); 2171 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2172 yyerror("expected yes or no."); 2173 else cfg_parser->cfg->disable_edns_do = (strcmp($2, "yes")==0); 2174 free($2); 2175 } 2176 ; 2177 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG 2178 { 2179 OUTYY(("P(server_serve_expired:%s)\n", $2)); 2180 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2181 yyerror("expected yes or no."); 2182 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0); 2183 free($2); 2184 } 2185 ; 2186 server_serve_expired_ttl: VAR_SERVE_EXPIRED_TTL STRING_ARG 2187 { 2188 OUTYY(("P(server_serve_expired_ttl:%s)\n", $2)); 2189 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2190 yyerror("number expected"); 2191 else cfg_parser->cfg->serve_expired_ttl = atoi($2); 2192 free($2); 2193 } 2194 ; 2195 server_serve_expired_ttl_reset: VAR_SERVE_EXPIRED_TTL_RESET STRING_ARG 2196 { 2197 OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", $2)); 2198 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2199 yyerror("expected yes or no."); 2200 else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp($2, "yes")==0); 2201 free($2); 2202 } 2203 ; 2204 server_serve_expired_reply_ttl: VAR_SERVE_EXPIRED_REPLY_TTL STRING_ARG 2205 { 2206 OUTYY(("P(server_serve_expired_reply_ttl:%s)\n", $2)); 2207 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2208 yyerror("number expected"); 2209 else cfg_parser->cfg->serve_expired_reply_ttl = atoi($2); 2210 free($2); 2211 } 2212 ; 2213 server_serve_expired_client_timeout: VAR_SERVE_EXPIRED_CLIENT_TIMEOUT STRING_ARG 2214 { 2215 OUTYY(("P(server_serve_expired_client_timeout:%s)\n", $2)); 2216 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2217 yyerror("number expected"); 2218 else cfg_parser->cfg->serve_expired_client_timeout = atoi($2); 2219 free($2); 2220 } 2221 ; 2222 server_ede_serve_expired: VAR_EDE_SERVE_EXPIRED STRING_ARG 2223 { 2224 OUTYY(("P(server_ede_serve_expired:%s)\n", $2)); 2225 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2226 yyerror("expected yes or no."); 2227 else cfg_parser->cfg->ede_serve_expired = (strcmp($2, "yes")==0); 2228 free($2); 2229 } 2230 ; 2231 server_serve_original_ttl: VAR_SERVE_ORIGINAL_TTL STRING_ARG 2232 { 2233 OUTYY(("P(server_serve_original_ttl:%s)\n", $2)); 2234 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2235 yyerror("expected yes or no."); 2236 else cfg_parser->cfg->serve_original_ttl = (strcmp($2, "yes")==0); 2237 free($2); 2238 } 2239 ; 2240 server_fake_dsa: VAR_FAKE_DSA STRING_ARG 2241 { 2242 OUTYY(("P(server_fake_dsa:%s)\n", $2)); 2243 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2244 yyerror("expected yes or no."); 2245 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 2246 else fake_dsa = (strcmp($2, "yes")==0); 2247 if(fake_dsa) 2248 log_warn("test option fake_dsa is enabled"); 2249 #endif 2250 free($2); 2251 } 2252 ; 2253 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG 2254 { 2255 OUTYY(("P(server_fake_sha1:%s)\n", $2)); 2256 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2257 yyerror("expected yes or no."); 2258 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 2259 else fake_sha1 = (strcmp($2, "yes")==0); 2260 if(fake_sha1) 2261 log_warn("test option fake_sha1 is enabled"); 2262 #endif 2263 free($2); 2264 } 2265 ; 2266 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG 2267 { 2268 OUTYY(("P(server_val_log_level:%s)\n", $2)); 2269 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2270 yyerror("number expected"); 2271 else cfg_parser->cfg->val_log_level = atoi($2); 2272 free($2); 2273 } 2274 ; 2275 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG 2276 { 2277 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2)); 2278 free(cfg_parser->cfg->val_nsec3_key_iterations); 2279 cfg_parser->cfg->val_nsec3_key_iterations = $2; 2280 } 2281 ; 2282 server_zonemd_permissive_mode: VAR_ZONEMD_PERMISSIVE_MODE STRING_ARG 2283 { 2284 OUTYY(("P(server_zonemd_permissive_mode:%s)\n", $2)); 2285 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2286 yyerror("expected yes or no."); 2287 else cfg_parser->cfg->zonemd_permissive_mode = (strcmp($2, "yes")==0); 2288 free($2); 2289 } 2290 ; 2291 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG 2292 { 2293 OUTYY(("P(server_add_holddown:%s)\n", $2)); 2294 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2295 yyerror("number expected"); 2296 else cfg_parser->cfg->add_holddown = atoi($2); 2297 free($2); 2298 } 2299 ; 2300 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG 2301 { 2302 OUTYY(("P(server_del_holddown:%s)\n", $2)); 2303 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2304 yyerror("number expected"); 2305 else cfg_parser->cfg->del_holddown = atoi($2); 2306 free($2); 2307 } 2308 ; 2309 server_keep_missing: VAR_KEEP_MISSING STRING_ARG 2310 { 2311 OUTYY(("P(server_keep_missing:%s)\n", $2)); 2312 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2313 yyerror("number expected"); 2314 else cfg_parser->cfg->keep_missing = atoi($2); 2315 free($2); 2316 } 2317 ; 2318 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG 2319 { 2320 OUTYY(("P(server_permit_small_holddown:%s)\n", $2)); 2321 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2322 yyerror("expected yes or no."); 2323 else cfg_parser->cfg->permit_small_holddown = 2324 (strcmp($2, "yes")==0); 2325 free($2); 2326 } 2327 ; 2328 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG 2329 { 2330 OUTYY(("P(server_key_cache_size:%s)\n", $2)); 2331 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size)) 2332 yyerror("memory size expected"); 2333 free($2); 2334 } 2335 ; 2336 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG 2337 { 2338 OUTYY(("P(server_key_cache_slabs:%s)\n", $2)); 2339 if(atoi($2) == 0) { 2340 yyerror("number expected"); 2341 } else { 2342 cfg_parser->cfg->key_cache_slabs = atoi($2); 2343 if(!is_pow2(cfg_parser->cfg->key_cache_slabs)) 2344 yyerror("must be a power of 2"); 2345 } 2346 free($2); 2347 } 2348 ; 2349 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG 2350 { 2351 OUTYY(("P(server_neg_cache_size:%s)\n", $2)); 2352 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size)) 2353 yyerror("memory size expected"); 2354 free($2); 2355 } 2356 ; 2357 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 2358 { 2359 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3)); 2360 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 2361 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 2362 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 2363 && strcmp($3, "typetransparent")!=0 2364 && strcmp($3, "always_transparent")!=0 2365 && strcmp($3, "block_a")!=0 2366 && strcmp($3, "always_refuse")!=0 2367 && strcmp($3, "always_nxdomain")!=0 2368 && strcmp($3, "always_nodata")!=0 2369 && strcmp($3, "always_deny")!=0 2370 && strcmp($3, "always_null")!=0 2371 && strcmp($3, "noview")!=0 2372 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 2373 && strcmp($3, "inform_redirect") != 0 2374 && strcmp($3, "ipset") != 0) { 2375 yyerror("local-zone type: expected static, deny, " 2376 "refuse, redirect, transparent, " 2377 "typetransparent, inform, inform_deny, " 2378 "inform_redirect, always_transparent, block_a," 2379 "always_refuse, always_nxdomain, " 2380 "always_nodata, always_deny, always_null, " 2381 "noview, nodefault or ipset"); 2382 free($2); 2383 free($3); 2384 } else if(strcmp($3, "nodefault")==0) { 2385 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2386 local_zones_nodefault, $2)) 2387 fatal_exit("out of memory adding local-zone"); 2388 free($3); 2389 #ifdef USE_IPSET 2390 } else if(strcmp($3, "ipset")==0) { 2391 size_t len = strlen($2); 2392 /* Make sure to add the trailing dot. 2393 * These are str compared to domain names. */ 2394 if($2[len-1] != '.') { 2395 if(!($2 = realloc($2, len+2))) { 2396 fatal_exit("out of memory adding local-zone"); 2397 } 2398 $2[len] = '.'; 2399 $2[len+1] = 0; 2400 } 2401 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2402 local_zones_ipset, $2)) 2403 fatal_exit("out of memory adding local-zone"); 2404 free($3); 2405 #endif 2406 } else { 2407 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones, 2408 $2, $3)) 2409 fatal_exit("out of memory adding local-zone"); 2410 } 2411 } 2412 ; 2413 server_local_data: VAR_LOCAL_DATA STRING_ARG 2414 { 2415 OUTYY(("P(server_local_data:%s)\n", $2)); 2416 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2)) 2417 fatal_exit("out of memory adding local-data"); 2418 } 2419 ; 2420 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 2421 { 2422 char* ptr; 2423 OUTYY(("P(server_local_data_ptr:%s)\n", $2)); 2424 ptr = cfg_ptr_reverse($2); 2425 free($2); 2426 if(ptr) { 2427 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2428 local_data, ptr)) 2429 fatal_exit("out of memory adding local-data"); 2430 } else { 2431 yyerror("local-data-ptr could not be reversed"); 2432 } 2433 } 2434 ; 2435 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG 2436 { 2437 OUTYY(("P(server_minimal_responses:%s)\n", $2)); 2438 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2439 yyerror("expected yes or no."); 2440 else cfg_parser->cfg->minimal_responses = 2441 (strcmp($2, "yes")==0); 2442 free($2); 2443 } 2444 ; 2445 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG 2446 { 2447 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2)); 2448 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2449 yyerror("expected yes or no."); 2450 else cfg_parser->cfg->rrset_roundrobin = 2451 (strcmp($2, "yes")==0); 2452 free($2); 2453 } 2454 ; 2455 server_unknown_server_time_limit: VAR_UNKNOWN_SERVER_TIME_LIMIT STRING_ARG 2456 { 2457 OUTYY(("P(server_unknown_server_time_limit:%s)\n", $2)); 2458 cfg_parser->cfg->unknown_server_time_limit = atoi($2); 2459 free($2); 2460 } 2461 ; 2462 server_discard_timeout: VAR_DISCARD_TIMEOUT STRING_ARG 2463 { 2464 OUTYY(("P(server_discard_timeout:%s)\n", $2)); 2465 cfg_parser->cfg->discard_timeout = atoi($2); 2466 free($2); 2467 } 2468 ; 2469 server_wait_limit: VAR_WAIT_LIMIT STRING_ARG 2470 { 2471 OUTYY(("P(server_wait_limit:%s)\n", $2)); 2472 cfg_parser->cfg->wait_limit = atoi($2); 2473 free($2); 2474 } 2475 ; 2476 server_wait_limit_cookie: VAR_WAIT_LIMIT_COOKIE STRING_ARG 2477 { 2478 OUTYY(("P(server_wait_limit_cookie:%s)\n", $2)); 2479 cfg_parser->cfg->wait_limit_cookie = atoi($2); 2480 free($2); 2481 } 2482 ; 2483 server_wait_limit_netblock: VAR_WAIT_LIMIT_NETBLOCK STRING_ARG STRING_ARG 2484 { 2485 OUTYY(("P(server_wait_limit_netblock:%s %s)\n", $2, $3)); 2486 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2487 yyerror("number expected"); 2488 free($2); 2489 free($3); 2490 } else { 2491 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2492 wait_limit_netblock, $2, $3)) 2493 fatal_exit("out of memory adding " 2494 "wait-limit-netblock"); 2495 } 2496 } 2497 ; 2498 server_wait_limit_cookie_netblock: VAR_WAIT_LIMIT_COOKIE_NETBLOCK STRING_ARG STRING_ARG 2499 { 2500 OUTYY(("P(server_wait_limit_cookie_netblock:%s %s)\n", $2, $3)); 2501 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2502 yyerror("number expected"); 2503 free($2); 2504 free($3); 2505 } else { 2506 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2507 wait_limit_cookie_netblock, $2, $3)) 2508 fatal_exit("out of memory adding " 2509 "wait-limit-cookie-netblock"); 2510 } 2511 } 2512 ; 2513 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG 2514 { 2515 OUTYY(("P(server_max_udp_size:%s)\n", $2)); 2516 cfg_parser->cfg->max_udp_size = atoi($2); 2517 free($2); 2518 } 2519 ; 2520 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG 2521 { 2522 OUTYY(("P(dns64_prefix:%s)\n", $2)); 2523 free(cfg_parser->cfg->dns64_prefix); 2524 cfg_parser->cfg->dns64_prefix = $2; 2525 } 2526 ; 2527 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG 2528 { 2529 OUTYY(("P(server_dns64_synthall:%s)\n", $2)); 2530 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2531 yyerror("expected yes or no."); 2532 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0); 2533 free($2); 2534 } 2535 ; 2536 server_dns64_ignore_aaaa: VAR_DNS64_IGNORE_AAAA STRING_ARG 2537 { 2538 OUTYY(("P(dns64_ignore_aaaa:%s)\n", $2)); 2539 if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa, 2540 $2)) 2541 fatal_exit("out of memory adding dns64-ignore-aaaa"); 2542 } 2543 ; 2544 server_nat64_prefix: VAR_NAT64_PREFIX STRING_ARG 2545 { 2546 OUTYY(("P(nat64_prefix:%s)\n", $2)); 2547 free(cfg_parser->cfg->nat64_prefix); 2548 cfg_parser->cfg->nat64_prefix = $2; 2549 } 2550 ; 2551 server_define_tag: VAR_DEFINE_TAG STRING_ARG 2552 { 2553 char* p, *s = $2; 2554 OUTYY(("P(server_define_tag:%s)\n", $2)); 2555 while((p=strsep(&s, " \t\n")) != NULL) { 2556 if(*p) { 2557 if(!config_add_tag(cfg_parser->cfg, p)) 2558 yyerror("could not define-tag, " 2559 "out of memory"); 2560 } 2561 } 2562 free($2); 2563 } 2564 ; 2565 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG 2566 { 2567 size_t len = 0; 2568 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2569 &len); 2570 free($3); 2571 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 2572 if(!bitlist) { 2573 yyerror("could not parse tags, (define-tag them first)"); 2574 free($2); 2575 } 2576 if(bitlist) { 2577 if(!cfg_strbytelist_insert( 2578 &cfg_parser->cfg->local_zone_tags, 2579 $2, bitlist, len)) { 2580 yyerror("out of memory"); 2581 free($2); 2582 } 2583 } 2584 } 2585 ; 2586 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG 2587 { 2588 size_t len = 0; 2589 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2590 &len); 2591 free($3); 2592 OUTYY(("P(server_access_control_tag:%s)\n", $2)); 2593 if(!bitlist) { 2594 yyerror("could not parse tags, (define-tag them first)"); 2595 free($2); 2596 } 2597 if(bitlist) { 2598 if(!cfg_strbytelist_insert( 2599 &cfg_parser->cfg->acl_tags, 2600 $2, bitlist, len)) { 2601 yyerror("out of memory"); 2602 free($2); 2603 } 2604 } 2605 } 2606 ; 2607 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2608 { 2609 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4)); 2610 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions, 2611 $2, $3, $4)) { 2612 yyerror("out of memory"); 2613 free($2); 2614 free($3); 2615 free($4); 2616 } 2617 } 2618 ; 2619 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2620 { 2621 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4)); 2622 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas, 2623 $2, $3, $4)) { 2624 yyerror("out of memory"); 2625 free($2); 2626 free($3); 2627 free($4); 2628 } 2629 } 2630 ; 2631 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG 2632 { 2633 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4)); 2634 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides, 2635 $2, $3, $4)) { 2636 yyerror("out of memory"); 2637 free($2); 2638 free($3); 2639 free($4); 2640 } 2641 } 2642 ; 2643 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG 2644 { 2645 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3)); 2646 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view, 2647 $2, $3)) { 2648 yyerror("out of memory"); 2649 } 2650 } 2651 ; 2652 server_interface_tag: VAR_INTERFACE_TAG STRING_ARG STRING_ARG 2653 { 2654 size_t len = 0; 2655 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2656 &len); 2657 free($3); 2658 OUTYY(("P(server_interface_tag:%s)\n", $2)); 2659 if(!bitlist) { 2660 yyerror("could not parse tags, (define-tag them first)"); 2661 free($2); 2662 } 2663 if(bitlist) { 2664 if(!cfg_strbytelist_insert( 2665 &cfg_parser->cfg->interface_tags, 2666 $2, bitlist, len)) { 2667 yyerror("out of memory"); 2668 free($2); 2669 } 2670 } 2671 } 2672 ; 2673 server_interface_tag_action: VAR_INTERFACE_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2674 { 2675 OUTYY(("P(server_interface_tag_action:%s %s %s)\n", $2, $3, $4)); 2676 if(!cfg_str3list_insert(&cfg_parser->cfg->interface_tag_actions, 2677 $2, $3, $4)) { 2678 yyerror("out of memory"); 2679 free($2); 2680 free($3); 2681 free($4); 2682 } 2683 } 2684 ; 2685 server_interface_tag_data: VAR_INTERFACE_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2686 { 2687 OUTYY(("P(server_interface_tag_data:%s %s %s)\n", $2, $3, $4)); 2688 if(!cfg_str3list_insert(&cfg_parser->cfg->interface_tag_datas, 2689 $2, $3, $4)) { 2690 yyerror("out of memory"); 2691 free($2); 2692 free($3); 2693 free($4); 2694 } 2695 } 2696 ; 2697 server_interface_view: VAR_INTERFACE_VIEW STRING_ARG STRING_ARG 2698 { 2699 OUTYY(("P(server_interface_view:%s %s)\n", $2, $3)); 2700 if(!cfg_str2list_insert(&cfg_parser->cfg->interface_view, 2701 $2, $3)) { 2702 yyerror("out of memory"); 2703 } 2704 } 2705 ; 2706 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG 2707 { 2708 size_t len = 0; 2709 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2710 &len); 2711 free($3); 2712 OUTYY(("P(response_ip_tag:%s)\n", $2)); 2713 if(!bitlist) { 2714 yyerror("could not parse tags, (define-tag them first)"); 2715 free($2); 2716 } 2717 if(bitlist) { 2718 if(!cfg_strbytelist_insert( 2719 &cfg_parser->cfg->respip_tags, 2720 $2, bitlist, len)) { 2721 yyerror("out of memory"); 2722 free($2); 2723 } 2724 } 2725 } 2726 ; 2727 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG 2728 { 2729 OUTYY(("P(server_ip_ratelimit:%s)\n", $2)); 2730 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2731 yyerror("number expected"); 2732 else cfg_parser->cfg->ip_ratelimit = atoi($2); 2733 free($2); 2734 } 2735 ; 2736 server_ip_ratelimit_cookie: VAR_IP_RATELIMIT_COOKIE STRING_ARG 2737 { 2738 OUTYY(("P(server_ip_ratelimit_cookie:%s)\n", $2)); 2739 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2740 yyerror("number expected"); 2741 else cfg_parser->cfg->ip_ratelimit_cookie = atoi($2); 2742 free($2); 2743 } 2744 ; 2745 server_ratelimit: VAR_RATELIMIT STRING_ARG 2746 { 2747 OUTYY(("P(server_ratelimit:%s)\n", $2)); 2748 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2749 yyerror("number expected"); 2750 else cfg_parser->cfg->ratelimit = atoi($2); 2751 free($2); 2752 } 2753 ; 2754 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG 2755 { 2756 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2)); 2757 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size)) 2758 yyerror("memory size expected"); 2759 free($2); 2760 } 2761 ; 2762 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG 2763 { 2764 OUTYY(("P(server_ratelimit_size:%s)\n", $2)); 2765 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size)) 2766 yyerror("memory size expected"); 2767 free($2); 2768 } 2769 ; 2770 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG 2771 { 2772 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2)); 2773 if(atoi($2) == 0) { 2774 yyerror("number expected"); 2775 } else { 2776 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2); 2777 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs)) 2778 yyerror("must be a power of 2"); 2779 } 2780 free($2); 2781 } 2782 ; 2783 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG 2784 { 2785 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2)); 2786 if(atoi($2) == 0) { 2787 yyerror("number expected"); 2788 } else { 2789 cfg_parser->cfg->ratelimit_slabs = atoi($2); 2790 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs)) 2791 yyerror("must be a power of 2"); 2792 } 2793 free($2); 2794 } 2795 ; 2796 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG 2797 { 2798 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3)); 2799 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2800 yyerror("number expected"); 2801 free($2); 2802 free($3); 2803 } else { 2804 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2805 ratelimit_for_domain, $2, $3)) 2806 fatal_exit("out of memory adding " 2807 "ratelimit-for-domain"); 2808 } 2809 } 2810 ; 2811 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG 2812 { 2813 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3)); 2814 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2815 yyerror("number expected"); 2816 free($2); 2817 free($3); 2818 } else { 2819 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2820 ratelimit_below_domain, $2, $3)) 2821 fatal_exit("out of memory adding " 2822 "ratelimit-below-domain"); 2823 } 2824 } 2825 ; 2826 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG 2827 { 2828 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2)); 2829 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2830 yyerror("number expected"); 2831 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2); 2832 free($2); 2833 } 2834 ; 2835 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG 2836 { 2837 OUTYY(("P(server_ratelimit_factor:%s)\n", $2)); 2838 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2839 yyerror("number expected"); 2840 else cfg_parser->cfg->ratelimit_factor = atoi($2); 2841 free($2); 2842 } 2843 ; 2844 server_ip_ratelimit_backoff: VAR_IP_RATELIMIT_BACKOFF STRING_ARG 2845 { 2846 OUTYY(("P(server_ip_ratelimit_backoff:%s)\n", $2)); 2847 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2848 yyerror("expected yes or no."); 2849 else cfg_parser->cfg->ip_ratelimit_backoff = 2850 (strcmp($2, "yes")==0); 2851 free($2); 2852 } 2853 ; 2854 server_ratelimit_backoff: VAR_RATELIMIT_BACKOFF STRING_ARG 2855 { 2856 OUTYY(("P(server_ratelimit_backoff:%s)\n", $2)); 2857 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2858 yyerror("expected yes or no."); 2859 else cfg_parser->cfg->ratelimit_backoff = 2860 (strcmp($2, "yes")==0); 2861 free($2); 2862 } 2863 ; 2864 server_outbound_msg_retry: VAR_OUTBOUND_MSG_RETRY STRING_ARG 2865 { 2866 OUTYY(("P(server_outbound_msg_retry:%s)\n", $2)); 2867 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2868 yyerror("number expected"); 2869 else cfg_parser->cfg->outbound_msg_retry = atoi($2); 2870 free($2); 2871 } 2872 ; 2873 server_max_sent_count: VAR_MAX_SENT_COUNT STRING_ARG 2874 { 2875 OUTYY(("P(server_max_sent_count:%s)\n", $2)); 2876 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2877 yyerror("number expected"); 2878 else cfg_parser->cfg->max_sent_count = atoi($2); 2879 free($2); 2880 } 2881 ; 2882 server_max_query_restarts: VAR_MAX_QUERY_RESTARTS STRING_ARG 2883 { 2884 OUTYY(("P(server_max_query_restarts:%s)\n", $2)); 2885 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2886 yyerror("number expected"); 2887 else cfg_parser->cfg->max_query_restarts = atoi($2); 2888 free($2); 2889 } 2890 ; 2891 server_low_rtt: VAR_LOW_RTT STRING_ARG 2892 { 2893 OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n")); 2894 free($2); 2895 } 2896 ; 2897 server_fast_server_num: VAR_FAST_SERVER_NUM STRING_ARG 2898 { 2899 OUTYY(("P(server_fast_server_num:%s)\n", $2)); 2900 if(atoi($2) <= 0) 2901 yyerror("number expected"); 2902 else cfg_parser->cfg->fast_server_num = atoi($2); 2903 free($2); 2904 } 2905 ; 2906 server_fast_server_permil: VAR_FAST_SERVER_PERMIL STRING_ARG 2907 { 2908 OUTYY(("P(server_fast_server_permil:%s)\n", $2)); 2909 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2910 yyerror("number expected"); 2911 else cfg_parser->cfg->fast_server_permil = atoi($2); 2912 free($2); 2913 } 2914 ; 2915 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG 2916 { 2917 OUTYY(("P(server_qname_minimisation:%s)\n", $2)); 2918 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2919 yyerror("expected yes or no."); 2920 else cfg_parser->cfg->qname_minimisation = 2921 (strcmp($2, "yes")==0); 2922 free($2); 2923 } 2924 ; 2925 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG 2926 { 2927 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2)); 2928 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2929 yyerror("expected yes or no."); 2930 else cfg_parser->cfg->qname_minimisation_strict = 2931 (strcmp($2, "yes")==0); 2932 free($2); 2933 } 2934 ; 2935 server_pad_responses: VAR_PAD_RESPONSES STRING_ARG 2936 { 2937 OUTYY(("P(server_pad_responses:%s)\n", $2)); 2938 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2939 yyerror("expected yes or no."); 2940 else cfg_parser->cfg->pad_responses = 2941 (strcmp($2, "yes")==0); 2942 free($2); 2943 } 2944 ; 2945 server_pad_responses_block_size: VAR_PAD_RESPONSES_BLOCK_SIZE STRING_ARG 2946 { 2947 OUTYY(("P(server_pad_responses_block_size:%s)\n", $2)); 2948 if(atoi($2) == 0) 2949 yyerror("number expected"); 2950 else cfg_parser->cfg->pad_responses_block_size = atoi($2); 2951 free($2); 2952 } 2953 ; 2954 server_pad_queries: VAR_PAD_QUERIES STRING_ARG 2955 { 2956 OUTYY(("P(server_pad_queries:%s)\n", $2)); 2957 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2958 yyerror("expected yes or no."); 2959 else cfg_parser->cfg->pad_queries = 2960 (strcmp($2, "yes")==0); 2961 free($2); 2962 } 2963 ; 2964 server_pad_queries_block_size: VAR_PAD_QUERIES_BLOCK_SIZE STRING_ARG 2965 { 2966 OUTYY(("P(server_pad_queries_block_size:%s)\n", $2)); 2967 if(atoi($2) == 0) 2968 yyerror("number expected"); 2969 else cfg_parser->cfg->pad_queries_block_size = atoi($2); 2970 free($2); 2971 } 2972 ; 2973 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG 2974 { 2975 #ifdef USE_IPSECMOD 2976 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2)); 2977 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2978 yyerror("expected yes or no."); 2979 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0); 2980 #else 2981 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2982 #endif 2983 free($2); 2984 } 2985 ; 2986 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG 2987 { 2988 #ifdef USE_IPSECMOD 2989 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2)); 2990 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2991 yyerror("expected yes or no."); 2992 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0); 2993 #else 2994 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2995 #endif 2996 free($2); 2997 } 2998 ; 2999 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG 3000 { 3001 #ifdef USE_IPSECMOD 3002 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2)); 3003 free(cfg_parser->cfg->ipsecmod_hook); 3004 cfg_parser->cfg->ipsecmod_hook = $2; 3005 #else 3006 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 3007 free($2); 3008 #endif 3009 } 3010 ; 3011 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG 3012 { 3013 #ifdef USE_IPSECMOD 3014 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2)); 3015 if(atoi($2) == 0 && strcmp($2, "0") != 0) 3016 yyerror("number expected"); 3017 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2); 3018 free($2); 3019 #else 3020 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 3021 free($2); 3022 #endif 3023 } 3024 ; 3025 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG 3026 { 3027 #ifdef USE_IPSECMOD 3028 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2)); 3029 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2)) 3030 yyerror("out of memory"); 3031 #else 3032 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 3033 free($2); 3034 #endif 3035 } 3036 ; 3037 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG 3038 { 3039 #ifdef USE_IPSECMOD 3040 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2)); 3041 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3042 yyerror("expected yes or no."); 3043 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0); 3044 free($2); 3045 #else 3046 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 3047 free($2); 3048 #endif 3049 } 3050 ; 3051 server_edns_client_string: VAR_EDNS_CLIENT_STRING STRING_ARG STRING_ARG 3052 { 3053 OUTYY(("P(server_edns_client_string:%s %s)\n", $2, $3)); 3054 if(!cfg_str2list_insert( 3055 &cfg_parser->cfg->edns_client_strings, $2, $3)) 3056 fatal_exit("out of memory adding " 3057 "edns-client-string"); 3058 } 3059 ; 3060 server_edns_client_string_opcode: VAR_EDNS_CLIENT_STRING_OPCODE STRING_ARG 3061 { 3062 OUTYY(("P(edns_client_string_opcode:%s)\n", $2)); 3063 if(atoi($2) == 0 && strcmp($2, "0") != 0) 3064 yyerror("option code expected"); 3065 else if(atoi($2) > 65535 || atoi($2) < 0) 3066 yyerror("option code must be in interval [0, 65535]"); 3067 else cfg_parser->cfg->edns_client_string_opcode = atoi($2); 3068 free($2); 3069 } 3070 ; 3071 server_ede: VAR_EDE STRING_ARG 3072 { 3073 OUTYY(("P(server_ede:%s)\n", $2)); 3074 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3075 yyerror("expected yes or no."); 3076 else cfg_parser->cfg->ede = (strcmp($2, "yes")==0); 3077 free($2); 3078 } 3079 ; 3080 server_dns_error_reporting: VAR_DNS_ERROR_REPORTING STRING_ARG 3081 { 3082 OUTYY(("P(server_dns_error_reporting:%s)\n", $2)); 3083 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3084 yyerror("expected yes or no."); 3085 else cfg_parser->cfg->dns_error_reporting = (strcmp($2, "yes")==0); 3086 free($2); 3087 } 3088 ; 3089 server_proxy_protocol_port: VAR_PROXY_PROTOCOL_PORT STRING_ARG 3090 { 3091 OUTYY(("P(server_proxy_protocol_port:%s)\n", $2)); 3092 if(!cfg_strlist_insert(&cfg_parser->cfg->proxy_protocol_port, $2)) 3093 yyerror("out of memory"); 3094 } 3095 ; 3096 stub_name: VAR_NAME STRING_ARG 3097 { 3098 OUTYY(("P(name:%s)\n", $2)); 3099 if(cfg_parser->cfg->stubs->name) 3100 yyerror("stub name override, there must be one name " 3101 "for one stub-zone"); 3102 free(cfg_parser->cfg->stubs->name); 3103 cfg_parser->cfg->stubs->name = $2; 3104 } 3105 ; 3106 stub_host: VAR_STUB_HOST STRING_ARG 3107 { 3108 OUTYY(("P(stub-host:%s)\n", $2)); 3109 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2)) 3110 yyerror("out of memory"); 3111 } 3112 ; 3113 stub_addr: VAR_STUB_ADDR STRING_ARG 3114 { 3115 OUTYY(("P(stub-addr:%s)\n", $2)); 3116 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2)) 3117 yyerror("out of memory"); 3118 } 3119 ; 3120 stub_first: VAR_STUB_FIRST STRING_ARG 3121 { 3122 OUTYY(("P(stub-first:%s)\n", $2)); 3123 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3124 yyerror("expected yes or no."); 3125 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0); 3126 free($2); 3127 } 3128 ; 3129 stub_no_cache: VAR_STUB_NO_CACHE STRING_ARG 3130 { 3131 OUTYY(("P(stub-no-cache:%s)\n", $2)); 3132 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3133 yyerror("expected yes or no."); 3134 else cfg_parser->cfg->stubs->no_cache=(strcmp($2, "yes")==0); 3135 free($2); 3136 } 3137 ; 3138 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG 3139 { 3140 OUTYY(("P(stub-ssl-upstream:%s)\n", $2)); 3141 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3142 yyerror("expected yes or no."); 3143 else cfg_parser->cfg->stubs->ssl_upstream = 3144 (strcmp($2, "yes")==0); 3145 free($2); 3146 } 3147 ; 3148 stub_tcp_upstream: VAR_STUB_TCP_UPSTREAM STRING_ARG 3149 { 3150 OUTYY(("P(stub-tcp-upstream:%s)\n", $2)); 3151 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3152 yyerror("expected yes or no."); 3153 else cfg_parser->cfg->stubs->tcp_upstream = 3154 (strcmp($2, "yes")==0); 3155 free($2); 3156 } 3157 ; 3158 stub_prime: VAR_STUB_PRIME STRING_ARG 3159 { 3160 OUTYY(("P(stub-prime:%s)\n", $2)); 3161 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3162 yyerror("expected yes or no."); 3163 else cfg_parser->cfg->stubs->isprime = 3164 (strcmp($2, "yes")==0); 3165 free($2); 3166 } 3167 ; 3168 forward_name: VAR_NAME STRING_ARG 3169 { 3170 OUTYY(("P(name:%s)\n", $2)); 3171 if(cfg_parser->cfg->forwards->name) 3172 yyerror("forward name override, there must be one " 3173 "name for one forward-zone"); 3174 free(cfg_parser->cfg->forwards->name); 3175 cfg_parser->cfg->forwards->name = $2; 3176 } 3177 ; 3178 forward_host: VAR_FORWARD_HOST STRING_ARG 3179 { 3180 OUTYY(("P(forward-host:%s)\n", $2)); 3181 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2)) 3182 yyerror("out of memory"); 3183 } 3184 ; 3185 forward_addr: VAR_FORWARD_ADDR STRING_ARG 3186 { 3187 OUTYY(("P(forward-addr:%s)\n", $2)); 3188 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2)) 3189 yyerror("out of memory"); 3190 } 3191 ; 3192 forward_first: VAR_FORWARD_FIRST STRING_ARG 3193 { 3194 OUTYY(("P(forward-first:%s)\n", $2)); 3195 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3196 yyerror("expected yes or no."); 3197 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0); 3198 free($2); 3199 } 3200 ; 3201 forward_no_cache: VAR_FORWARD_NO_CACHE STRING_ARG 3202 { 3203 OUTYY(("P(forward-no-cache:%s)\n", $2)); 3204 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3205 yyerror("expected yes or no."); 3206 else cfg_parser->cfg->forwards->no_cache=(strcmp($2, "yes")==0); 3207 free($2); 3208 } 3209 ; 3210 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG 3211 { 3212 OUTYY(("P(forward-ssl-upstream:%s)\n", $2)); 3213 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3214 yyerror("expected yes or no."); 3215 else cfg_parser->cfg->forwards->ssl_upstream = 3216 (strcmp($2, "yes")==0); 3217 free($2); 3218 } 3219 ; 3220 forward_tcp_upstream: VAR_FORWARD_TCP_UPSTREAM STRING_ARG 3221 { 3222 OUTYY(("P(forward-tcp-upstream:%s)\n", $2)); 3223 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3224 yyerror("expected yes or no."); 3225 else cfg_parser->cfg->forwards->tcp_upstream = 3226 (strcmp($2, "yes")==0); 3227 free($2); 3228 } 3229 ; 3230 auth_name: VAR_NAME STRING_ARG 3231 { 3232 OUTYY(("P(name:%s)\n", $2)); 3233 if(cfg_parser->cfg->auths->name) 3234 yyerror("auth name override, there must be one name " 3235 "for one auth-zone"); 3236 free(cfg_parser->cfg->auths->name); 3237 cfg_parser->cfg->auths->name = $2; 3238 } 3239 ; 3240 auth_zonefile: VAR_ZONEFILE STRING_ARG 3241 { 3242 OUTYY(("P(zonefile:%s)\n", $2)); 3243 free(cfg_parser->cfg->auths->zonefile); 3244 cfg_parser->cfg->auths->zonefile = $2; 3245 } 3246 ; 3247 auth_master: VAR_MASTER STRING_ARG 3248 { 3249 OUTYY(("P(master:%s)\n", $2)); 3250 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2)) 3251 yyerror("out of memory"); 3252 } 3253 ; 3254 auth_url: VAR_URL STRING_ARG 3255 { 3256 OUTYY(("P(url:%s)\n", $2)); 3257 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2)) 3258 yyerror("out of memory"); 3259 } 3260 ; 3261 auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG 3262 { 3263 OUTYY(("P(allow-notify:%s)\n", $2)); 3264 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify, 3265 $2)) 3266 yyerror("out of memory"); 3267 } 3268 ; 3269 auth_zonemd_check: VAR_ZONEMD_CHECK STRING_ARG 3270 { 3271 OUTYY(("P(zonemd-check:%s)\n", $2)); 3272 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3273 yyerror("expected yes or no."); 3274 else cfg_parser->cfg->auths->zonemd_check = 3275 (strcmp($2, "yes")==0); 3276 free($2); 3277 } 3278 ; 3279 auth_zonemd_reject_absence: VAR_ZONEMD_REJECT_ABSENCE STRING_ARG 3280 { 3281 OUTYY(("P(zonemd-reject-absence:%s)\n", $2)); 3282 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3283 yyerror("expected yes or no."); 3284 else cfg_parser->cfg->auths->zonemd_reject_absence = 3285 (strcmp($2, "yes")==0); 3286 free($2); 3287 } 3288 ; 3289 auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG 3290 { 3291 OUTYY(("P(for-downstream:%s)\n", $2)); 3292 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3293 yyerror("expected yes or no."); 3294 else cfg_parser->cfg->auths->for_downstream = 3295 (strcmp($2, "yes")==0); 3296 free($2); 3297 } 3298 ; 3299 auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG 3300 { 3301 OUTYY(("P(for-upstream:%s)\n", $2)); 3302 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3303 yyerror("expected yes or no."); 3304 else cfg_parser->cfg->auths->for_upstream = 3305 (strcmp($2, "yes")==0); 3306 free($2); 3307 } 3308 ; 3309 auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG 3310 { 3311 OUTYY(("P(fallback-enabled:%s)\n", $2)); 3312 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3313 yyerror("expected yes or no."); 3314 else cfg_parser->cfg->auths->fallback_enabled = 3315 (strcmp($2, "yes")==0); 3316 free($2); 3317 } 3318 ; 3319 view_name: VAR_NAME STRING_ARG 3320 { 3321 OUTYY(("P(name:%s)\n", $2)); 3322 if(cfg_parser->cfg->views->name) 3323 yyerror("view name override, there must be one " 3324 "name for one view"); 3325 free(cfg_parser->cfg->views->name); 3326 cfg_parser->cfg->views->name = $2; 3327 } 3328 ; 3329 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 3330 { 3331 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3)); 3332 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 3333 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 3334 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 3335 && strcmp($3, "typetransparent")!=0 3336 && strcmp($3, "always_transparent")!=0 3337 && strcmp($3, "always_refuse")!=0 3338 && strcmp($3, "always_nxdomain")!=0 3339 && strcmp($3, "always_nodata")!=0 3340 && strcmp($3, "always_deny")!=0 3341 && strcmp($3, "always_null")!=0 3342 && strcmp($3, "noview")!=0 3343 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 3344 && strcmp($3, "inform_redirect") != 0 3345 && strcmp($3, "ipset") != 0) { 3346 yyerror("local-zone type: expected static, deny, " 3347 "refuse, redirect, transparent, " 3348 "typetransparent, inform, inform_deny, " 3349 "inform_redirect, always_transparent, " 3350 "always_refuse, always_nxdomain, " 3351 "always_nodata, always_deny, always_null, " 3352 "noview, nodefault or ipset"); 3353 free($2); 3354 free($3); 3355 } else if(strcmp($3, "nodefault")==0) { 3356 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3357 local_zones_nodefault, $2)) 3358 fatal_exit("out of memory adding local-zone"); 3359 free($3); 3360 #ifdef USE_IPSET 3361 } else if(strcmp($3, "ipset")==0) { 3362 size_t len = strlen($2); 3363 /* Make sure to add the trailing dot. 3364 * These are str compared to domain names. */ 3365 if($2[len-1] != '.') { 3366 if(!($2 = realloc($2, len+2))) { 3367 fatal_exit("out of memory adding local-zone"); 3368 } 3369 $2[len] = '.'; 3370 $2[len+1] = 0; 3371 } 3372 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3373 local_zones_ipset, $2)) 3374 fatal_exit("out of memory adding local-zone"); 3375 free($3); 3376 #endif 3377 } else { 3378 if(!cfg_str2list_insert( 3379 &cfg_parser->cfg->views->local_zones, 3380 $2, $3)) 3381 fatal_exit("out of memory adding local-zone"); 3382 } 3383 } 3384 ; 3385 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 3386 { 3387 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3)); 3388 validate_respip_action($3); 3389 if(!cfg_str2list_insert( 3390 &cfg_parser->cfg->views->respip_actions, $2, $3)) 3391 fatal_exit("out of memory adding per-view " 3392 "response-ip action"); 3393 } 3394 ; 3395 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 3396 { 3397 OUTYY(("P(view_response_ip_data:%s)\n", $2)); 3398 if(!cfg_str2list_insert( 3399 &cfg_parser->cfg->views->respip_data, $2, $3)) 3400 fatal_exit("out of memory adding response-ip-data"); 3401 } 3402 ; 3403 view_local_data: VAR_LOCAL_DATA STRING_ARG 3404 { 3405 OUTYY(("P(view_local_data:%s)\n", $2)); 3406 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) { 3407 fatal_exit("out of memory adding local-data"); 3408 } 3409 } 3410 ; 3411 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 3412 { 3413 char* ptr; 3414 OUTYY(("P(view_local_data_ptr:%s)\n", $2)); 3415 ptr = cfg_ptr_reverse($2); 3416 free($2); 3417 if(ptr) { 3418 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3419 local_data, ptr)) 3420 fatal_exit("out of memory adding local-data"); 3421 } else { 3422 yyerror("local-data-ptr could not be reversed"); 3423 } 3424 } 3425 ; 3426 view_first: VAR_VIEW_FIRST STRING_ARG 3427 { 3428 OUTYY(("P(view-first:%s)\n", $2)); 3429 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3430 yyerror("expected yes or no."); 3431 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0); 3432 free($2); 3433 } 3434 ; 3435 rcstart: VAR_REMOTE_CONTROL 3436 { 3437 OUTYY(("\nP(remote-control:)\n")); 3438 cfg_parser->started_toplevel = 1; 3439 } 3440 ; 3441 contents_rc: contents_rc content_rc 3442 | ; 3443 content_rc: rc_control_enable | rc_control_interface | rc_control_port | 3444 rc_server_key_file | rc_server_cert_file | rc_control_key_file | 3445 rc_control_cert_file | rc_control_use_cert 3446 ; 3447 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG 3448 { 3449 OUTYY(("P(control_enable:%s)\n", $2)); 3450 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3451 yyerror("expected yes or no."); 3452 else cfg_parser->cfg->remote_control_enable = 3453 (strcmp($2, "yes")==0); 3454 free($2); 3455 } 3456 ; 3457 rc_control_port: VAR_CONTROL_PORT STRING_ARG 3458 { 3459 OUTYY(("P(control_port:%s)\n", $2)); 3460 if(atoi($2) == 0) 3461 yyerror("control port number expected"); 3462 else cfg_parser->cfg->control_port = atoi($2); 3463 free($2); 3464 } 3465 ; 3466 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG 3467 { 3468 OUTYY(("P(control_interface:%s)\n", $2)); 3469 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2)) 3470 yyerror("out of memory"); 3471 } 3472 ; 3473 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG 3474 { 3475 OUTYY(("P(control_use_cert:%s)\n", $2)); 3476 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0); 3477 free($2); 3478 } 3479 ; 3480 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG 3481 { 3482 OUTYY(("P(rc_server_key_file:%s)\n", $2)); 3483 free(cfg_parser->cfg->server_key_file); 3484 cfg_parser->cfg->server_key_file = $2; 3485 } 3486 ; 3487 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG 3488 { 3489 OUTYY(("P(rc_server_cert_file:%s)\n", $2)); 3490 free(cfg_parser->cfg->server_cert_file); 3491 cfg_parser->cfg->server_cert_file = $2; 3492 } 3493 ; 3494 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG 3495 { 3496 OUTYY(("P(rc_control_key_file:%s)\n", $2)); 3497 free(cfg_parser->cfg->control_key_file); 3498 cfg_parser->cfg->control_key_file = $2; 3499 } 3500 ; 3501 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG 3502 { 3503 OUTYY(("P(rc_control_cert_file:%s)\n", $2)); 3504 free(cfg_parser->cfg->control_cert_file); 3505 cfg_parser->cfg->control_cert_file = $2; 3506 } 3507 ; 3508 dtstart: VAR_DNSTAP 3509 { 3510 OUTYY(("\nP(dnstap:)\n")); 3511 cfg_parser->started_toplevel = 1; 3512 } 3513 ; 3514 contents_dt: contents_dt content_dt 3515 | ; 3516 content_dt: dt_dnstap_enable | dt_dnstap_socket_path | dt_dnstap_bidirectional | 3517 dt_dnstap_ip | dt_dnstap_tls | dt_dnstap_tls_server_name | 3518 dt_dnstap_tls_cert_bundle | 3519 dt_dnstap_tls_client_key_file | dt_dnstap_tls_client_cert_file | 3520 dt_dnstap_send_identity | dt_dnstap_send_version | 3521 dt_dnstap_identity | dt_dnstap_version | 3522 dt_dnstap_log_resolver_query_messages | 3523 dt_dnstap_log_resolver_response_messages | 3524 dt_dnstap_log_client_query_messages | 3525 dt_dnstap_log_client_response_messages | 3526 dt_dnstap_log_forwarder_query_messages | 3527 dt_dnstap_log_forwarder_response_messages | 3528 dt_dnstap_sample_rate 3529 ; 3530 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG 3531 { 3532 OUTYY(("P(dt_dnstap_enable:%s)\n", $2)); 3533 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3534 yyerror("expected yes or no."); 3535 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0); 3536 free($2); 3537 } 3538 ; 3539 dt_dnstap_bidirectional: VAR_DNSTAP_BIDIRECTIONAL STRING_ARG 3540 { 3541 OUTYY(("P(dt_dnstap_bidirectional:%s)\n", $2)); 3542 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3543 yyerror("expected yes or no."); 3544 else cfg_parser->cfg->dnstap_bidirectional = 3545 (strcmp($2, "yes")==0); 3546 free($2); 3547 } 3548 ; 3549 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG 3550 { 3551 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2)); 3552 free(cfg_parser->cfg->dnstap_socket_path); 3553 cfg_parser->cfg->dnstap_socket_path = $2; 3554 } 3555 ; 3556 dt_dnstap_ip: VAR_DNSTAP_IP STRING_ARG 3557 { 3558 OUTYY(("P(dt_dnstap_ip:%s)\n", $2)); 3559 free(cfg_parser->cfg->dnstap_ip); 3560 cfg_parser->cfg->dnstap_ip = $2; 3561 } 3562 ; 3563 dt_dnstap_tls: VAR_DNSTAP_TLS STRING_ARG 3564 { 3565 OUTYY(("P(dt_dnstap_tls:%s)\n", $2)); 3566 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3567 yyerror("expected yes or no."); 3568 else cfg_parser->cfg->dnstap_tls = (strcmp($2, "yes")==0); 3569 free($2); 3570 } 3571 ; 3572 dt_dnstap_tls_server_name: VAR_DNSTAP_TLS_SERVER_NAME STRING_ARG 3573 { 3574 OUTYY(("P(dt_dnstap_tls_server_name:%s)\n", $2)); 3575 free(cfg_parser->cfg->dnstap_tls_server_name); 3576 cfg_parser->cfg->dnstap_tls_server_name = $2; 3577 } 3578 ; 3579 dt_dnstap_tls_cert_bundle: VAR_DNSTAP_TLS_CERT_BUNDLE STRING_ARG 3580 { 3581 OUTYY(("P(dt_dnstap_tls_cert_bundle:%s)\n", $2)); 3582 free(cfg_parser->cfg->dnstap_tls_cert_bundle); 3583 cfg_parser->cfg->dnstap_tls_cert_bundle = $2; 3584 } 3585 ; 3586 dt_dnstap_tls_client_key_file: VAR_DNSTAP_TLS_CLIENT_KEY_FILE STRING_ARG 3587 { 3588 OUTYY(("P(dt_dnstap_tls_client_key_file:%s)\n", $2)); 3589 free(cfg_parser->cfg->dnstap_tls_client_key_file); 3590 cfg_parser->cfg->dnstap_tls_client_key_file = $2; 3591 } 3592 ; 3593 dt_dnstap_tls_client_cert_file: VAR_DNSTAP_TLS_CLIENT_CERT_FILE STRING_ARG 3594 { 3595 OUTYY(("P(dt_dnstap_tls_client_cert_file:%s)\n", $2)); 3596 free(cfg_parser->cfg->dnstap_tls_client_cert_file); 3597 cfg_parser->cfg->dnstap_tls_client_cert_file = $2; 3598 } 3599 ; 3600 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG 3601 { 3602 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2)); 3603 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3604 yyerror("expected yes or no."); 3605 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0); 3606 free($2); 3607 } 3608 ; 3609 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG 3610 { 3611 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2)); 3612 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3613 yyerror("expected yes or no."); 3614 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0); 3615 free($2); 3616 } 3617 ; 3618 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG 3619 { 3620 OUTYY(("P(dt_dnstap_identity:%s)\n", $2)); 3621 free(cfg_parser->cfg->dnstap_identity); 3622 cfg_parser->cfg->dnstap_identity = $2; 3623 } 3624 ; 3625 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG 3626 { 3627 OUTYY(("P(dt_dnstap_version:%s)\n", $2)); 3628 free(cfg_parser->cfg->dnstap_version); 3629 cfg_parser->cfg->dnstap_version = $2; 3630 } 3631 ; 3632 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG 3633 { 3634 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2)); 3635 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3636 yyerror("expected yes or no."); 3637 else cfg_parser->cfg->dnstap_log_resolver_query_messages = 3638 (strcmp($2, "yes")==0); 3639 free($2); 3640 } 3641 ; 3642 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG 3643 { 3644 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2)); 3645 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3646 yyerror("expected yes or no."); 3647 else cfg_parser->cfg->dnstap_log_resolver_response_messages = 3648 (strcmp($2, "yes")==0); 3649 free($2); 3650 } 3651 ; 3652 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG 3653 { 3654 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2)); 3655 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3656 yyerror("expected yes or no."); 3657 else cfg_parser->cfg->dnstap_log_client_query_messages = 3658 (strcmp($2, "yes")==0); 3659 free($2); 3660 } 3661 ; 3662 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG 3663 { 3664 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2)); 3665 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3666 yyerror("expected yes or no."); 3667 else cfg_parser->cfg->dnstap_log_client_response_messages = 3668 (strcmp($2, "yes")==0); 3669 free($2); 3670 } 3671 ; 3672 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG 3673 { 3674 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2)); 3675 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3676 yyerror("expected yes or no."); 3677 else cfg_parser->cfg->dnstap_log_forwarder_query_messages = 3678 (strcmp($2, "yes")==0); 3679 free($2); 3680 } 3681 ; 3682 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG 3683 { 3684 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2)); 3685 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3686 yyerror("expected yes or no."); 3687 else cfg_parser->cfg->dnstap_log_forwarder_response_messages = 3688 (strcmp($2, "yes")==0); 3689 free($2); 3690 } 3691 ; 3692 dt_dnstap_sample_rate: VAR_DNSTAP_SAMPLE_RATE STRING_ARG 3693 { 3694 OUTYY(("P(dt_dnstap_sample_rate:%s)\n", $2)); 3695 if(atoi($2) == 0 && strcmp($2, "0") != 0) 3696 yyerror("number expected"); 3697 else if(atoi($2) < 0) 3698 yyerror("dnstap sample rate too small"); 3699 else cfg_parser->cfg->dnstap_sample_rate = atoi($2); 3700 free($2); 3701 } 3702 ; 3703 pythonstart: VAR_PYTHON 3704 { 3705 OUTYY(("\nP(python:)\n")); 3706 cfg_parser->started_toplevel = 1; 3707 } 3708 ; 3709 contents_py: contents_py content_py 3710 | ; 3711 content_py: py_script 3712 ; 3713 py_script: VAR_PYTHON_SCRIPT STRING_ARG 3714 { 3715 OUTYY(("P(python-script:%s)\n", $2)); 3716 if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, $2)) 3717 yyerror("out of memory"); 3718 } 3719 ; 3720 dynlibstart: VAR_DYNLIB 3721 { 3722 OUTYY(("\nP(dynlib:)\n")); 3723 cfg_parser->started_toplevel = 1; 3724 } 3725 ; 3726 contents_dl: contents_dl content_dl 3727 | ; 3728 content_dl: dl_file 3729 ; 3730 dl_file: VAR_DYNLIB_FILE STRING_ARG 3731 { 3732 OUTYY(("P(dynlib-file:%s)\n", $2)); 3733 if(!cfg_strlist_append_ex(&cfg_parser->cfg->dynlib_file, $2)) 3734 yyerror("out of memory"); 3735 } 3736 ; 3737 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG 3738 { 3739 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2)); 3740 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3741 yyerror("expected yes or no."); 3742 else cfg_parser->cfg->disable_dnssec_lame_check = 3743 (strcmp($2, "yes")==0); 3744 free($2); 3745 } 3746 ; 3747 server_log_identity: VAR_LOG_IDENTITY STRING_ARG 3748 { 3749 OUTYY(("P(server_log_identity:%s)\n", $2)); 3750 free(cfg_parser->cfg->log_identity); 3751 cfg_parser->cfg->log_identity = $2; 3752 } 3753 ; 3754 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 3755 { 3756 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3)); 3757 validate_respip_action($3); 3758 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions, 3759 $2, $3)) 3760 fatal_exit("out of memory adding response-ip"); 3761 } 3762 ; 3763 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 3764 { 3765 OUTYY(("P(server_response_ip_data:%s)\n", $2)); 3766 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data, 3767 $2, $3)) 3768 fatal_exit("out of memory adding response-ip-data"); 3769 } 3770 ; 3771 dnscstart: VAR_DNSCRYPT 3772 { 3773 OUTYY(("\nP(dnscrypt:)\n")); 3774 cfg_parser->started_toplevel = 1; 3775 } 3776 ; 3777 contents_dnsc: contents_dnsc content_dnsc 3778 | ; 3779 content_dnsc: 3780 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider | 3781 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert | 3782 dnsc_dnscrypt_provider_cert_rotated | 3783 dnsc_dnscrypt_shared_secret_cache_size | 3784 dnsc_dnscrypt_shared_secret_cache_slabs | 3785 dnsc_dnscrypt_nonce_cache_size | 3786 dnsc_dnscrypt_nonce_cache_slabs 3787 ; 3788 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG 3789 { 3790 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2)); 3791 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3792 yyerror("expected yes or no."); 3793 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0); 3794 free($2); 3795 } 3796 ; 3797 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG 3798 { 3799 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2)); 3800 if(atoi($2) == 0) 3801 yyerror("port number expected"); 3802 else cfg_parser->cfg->dnscrypt_port = atoi($2); 3803 free($2); 3804 } 3805 ; 3806 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG 3807 { 3808 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2)); 3809 free(cfg_parser->cfg->dnscrypt_provider); 3810 cfg_parser->cfg->dnscrypt_provider = $2; 3811 } 3812 ; 3813 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG 3814 { 3815 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2)); 3816 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3817 log_warn("dnscrypt-provider-cert %s is a duplicate", $2); 3818 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3819 fatal_exit("out of memory adding dnscrypt-provider-cert"); 3820 } 3821 ; 3822 dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG 3823 { 3824 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2)); 3825 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2)) 3826 fatal_exit("out of memory adding dnscrypt-provider-cert-rotated"); 3827 } 3828 ; 3829 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG 3830 { 3831 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2)); 3832 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2)) 3833 log_warn("dnscrypt-secret-key: %s is a duplicate", $2); 3834 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2)) 3835 fatal_exit("out of memory adding dnscrypt-secret-key"); 3836 } 3837 ; 3838 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG 3839 { 3840 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2)); 3841 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size)) 3842 yyerror("memory size expected"); 3843 free($2); 3844 } 3845 ; 3846 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG 3847 { 3848 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2)); 3849 if(atoi($2) == 0) { 3850 yyerror("number expected"); 3851 } else { 3852 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2); 3853 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs)) 3854 yyerror("must be a power of 2"); 3855 } 3856 free($2); 3857 } 3858 ; 3859 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG 3860 { 3861 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2)); 3862 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size)) 3863 yyerror("memory size expected"); 3864 free($2); 3865 } 3866 ; 3867 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG 3868 { 3869 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2)); 3870 if(atoi($2) == 0) { 3871 yyerror("number expected"); 3872 } else { 3873 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2); 3874 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs)) 3875 yyerror("must be a power of 2"); 3876 } 3877 free($2); 3878 } 3879 ; 3880 cachedbstart: VAR_CACHEDB 3881 { 3882 OUTYY(("\nP(cachedb:)\n")); 3883 cfg_parser->started_toplevel = 1; 3884 } 3885 ; 3886 contents_cachedb: contents_cachedb content_cachedb 3887 | ; 3888 content_cachedb: cachedb_backend_name | cachedb_secret_seed | 3889 redis_server_host | redis_replica_server_host | 3890 redis_server_port | redis_replica_server_port | 3891 redis_timeout | redis_replica_timeout | 3892 redis_command_timeout | redis_replica_command_timeout | 3893 redis_connect_timeout | redis_replica_connect_timeout | 3894 redis_server_path | redis_replica_server_path | 3895 redis_server_password | redis_replica_server_password | 3896 redis_logical_db | redis_replica_logical_db | 3897 cachedb_no_store | redis_expire_records | 3898 cachedb_check_when_serve_expired 3899 ; 3900 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG 3901 { 3902 #ifdef USE_CACHEDB 3903 OUTYY(("P(backend:%s)\n", $2)); 3904 free(cfg_parser->cfg->cachedb_backend); 3905 cfg_parser->cfg->cachedb_backend = $2; 3906 #else 3907 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3908 free($2); 3909 #endif 3910 } 3911 ; 3912 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG 3913 { 3914 #ifdef USE_CACHEDB 3915 OUTYY(("P(secret-seed:%s)\n", $2)); 3916 free(cfg_parser->cfg->cachedb_secret); 3917 cfg_parser->cfg->cachedb_secret = $2; 3918 #else 3919 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3920 free($2); 3921 #endif 3922 } 3923 ; 3924 cachedb_no_store: VAR_CACHEDB_NO_STORE STRING_ARG 3925 { 3926 #ifdef USE_CACHEDB 3927 OUTYY(("P(cachedb_no_store:%s)\n", $2)); 3928 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3929 yyerror("expected yes or no."); 3930 else cfg_parser->cfg->cachedb_no_store = (strcmp($2, "yes")==0); 3931 #else 3932 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3933 #endif 3934 free($2); 3935 } 3936 ; 3937 cachedb_check_when_serve_expired: VAR_CACHEDB_CHECK_WHEN_SERVE_EXPIRED STRING_ARG 3938 { 3939 #ifdef USE_CACHEDB 3940 OUTYY(("P(cachedb_check_when_serve_expired:%s)\n", $2)); 3941 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3942 yyerror("expected yes or no."); 3943 else cfg_parser->cfg->cachedb_check_when_serve_expired = (strcmp($2, "yes")==0); 3944 #else 3945 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3946 #endif 3947 free($2); 3948 } 3949 ; 3950 redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG 3951 { 3952 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3953 OUTYY(("P(redis_server_host:%s)\n", $2)); 3954 free(cfg_parser->cfg->redis_server_host); 3955 cfg_parser->cfg->redis_server_host = $2; 3956 #else 3957 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3958 free($2); 3959 #endif 3960 } 3961 ; 3962 redis_replica_server_host: VAR_CACHEDB_REDISREPLICAHOST STRING_ARG 3963 { 3964 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3965 OUTYY(("P(redis_replica_server_host:%s)\n", $2)); 3966 free(cfg_parser->cfg->redis_replica_server_host); 3967 cfg_parser->cfg->redis_replica_server_host = $2; 3968 #else 3969 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3970 free($2); 3971 #endif 3972 } 3973 ; 3974 redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG 3975 { 3976 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3977 int port; 3978 OUTYY(("P(redis_server_port:%s)\n", $2)); 3979 port = atoi($2); 3980 if(port == 0 || port < 0 || port > 65535) 3981 yyerror("valid redis server port number expected"); 3982 else cfg_parser->cfg->redis_server_port = port; 3983 #else 3984 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3985 #endif 3986 free($2); 3987 } 3988 ; 3989 redis_replica_server_port: VAR_CACHEDB_REDISREPLICAPORT STRING_ARG 3990 { 3991 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3992 int port; 3993 OUTYY(("P(redis_replica_server_port:%s)\n", $2)); 3994 port = atoi($2); 3995 if(port == 0 || port < 0 || port > 65535) 3996 yyerror("valid redis server port number expected"); 3997 else cfg_parser->cfg->redis_replica_server_port = port; 3998 #else 3999 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4000 #endif 4001 free($2); 4002 } 4003 ; 4004 redis_server_path: VAR_CACHEDB_REDISPATH STRING_ARG 4005 { 4006 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4007 OUTYY(("P(redis_server_path:%s)\n", $2)); 4008 free(cfg_parser->cfg->redis_server_path); 4009 cfg_parser->cfg->redis_server_path = $2; 4010 #else 4011 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4012 free($2); 4013 #endif 4014 } 4015 ; 4016 redis_replica_server_path: VAR_CACHEDB_REDISREPLICAPATH STRING_ARG 4017 { 4018 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4019 OUTYY(("P(redis_replica_server_path:%s)\n", $2)); 4020 free(cfg_parser->cfg->redis_replica_server_path); 4021 cfg_parser->cfg->redis_replica_server_path = $2; 4022 #else 4023 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4024 free($2); 4025 #endif 4026 } 4027 ; 4028 redis_server_password: VAR_CACHEDB_REDISPASSWORD STRING_ARG 4029 { 4030 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4031 OUTYY(("P(redis_server_password:%s)\n", $2)); 4032 free(cfg_parser->cfg->redis_server_password); 4033 cfg_parser->cfg->redis_server_password = $2; 4034 #else 4035 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4036 free($2); 4037 #endif 4038 } 4039 ; 4040 redis_replica_server_password: VAR_CACHEDB_REDISREPLICAPASSWORD STRING_ARG 4041 { 4042 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4043 OUTYY(("P(redis_replica_server_password:%s)\n", $2)); 4044 free(cfg_parser->cfg->redis_replica_server_password); 4045 cfg_parser->cfg->redis_replica_server_password = $2; 4046 #else 4047 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4048 free($2); 4049 #endif 4050 } 4051 ; 4052 redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG 4053 { 4054 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4055 OUTYY(("P(redis_timeout:%s)\n", $2)); 4056 if(atoi($2) == 0) 4057 yyerror("redis timeout value expected"); 4058 else cfg_parser->cfg->redis_timeout = atoi($2); 4059 #else 4060 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4061 #endif 4062 free($2); 4063 } 4064 ; 4065 redis_replica_timeout: VAR_CACHEDB_REDISREPLICATIMEOUT STRING_ARG 4066 { 4067 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4068 OUTYY(("P(redis_replica_timeout:%s)\n", $2)); 4069 if(atoi($2) == 0) 4070 yyerror("redis timeout value expected"); 4071 else cfg_parser->cfg->redis_replica_timeout = atoi($2); 4072 #else 4073 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4074 #endif 4075 free($2); 4076 } 4077 ; 4078 redis_command_timeout: VAR_CACHEDB_REDISCOMMANDTIMEOUT STRING_ARG 4079 { 4080 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4081 OUTYY(("P(redis_command_timeout:%s)\n", $2)); 4082 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4083 yyerror("redis command timeout value expected"); 4084 else cfg_parser->cfg->redis_command_timeout = atoi($2); 4085 #else 4086 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4087 #endif 4088 free($2); 4089 } 4090 ; 4091 redis_replica_command_timeout: VAR_CACHEDB_REDISREPLICACOMMANDTIMEOUT STRING_ARG 4092 { 4093 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4094 OUTYY(("P(redis_replica_command_timeout:%s)\n", $2)); 4095 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4096 yyerror("redis command timeout value expected"); 4097 else cfg_parser->cfg->redis_replica_command_timeout = atoi($2); 4098 #else 4099 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4100 #endif 4101 free($2); 4102 } 4103 ; 4104 redis_connect_timeout: VAR_CACHEDB_REDISCONNECTTIMEOUT STRING_ARG 4105 { 4106 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4107 OUTYY(("P(redis_connect_timeout:%s)\n", $2)); 4108 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4109 yyerror("redis connect timeout value expected"); 4110 else cfg_parser->cfg->redis_connect_timeout = atoi($2); 4111 #else 4112 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4113 #endif 4114 free($2); 4115 } 4116 ; 4117 redis_replica_connect_timeout: VAR_CACHEDB_REDISREPLICACONNECTTIMEOUT STRING_ARG 4118 { 4119 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4120 OUTYY(("P(redis_replica_connect_timeout:%s)\n", $2)); 4121 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4122 yyerror("redis connect timeout value expected"); 4123 else cfg_parser->cfg->redis_replica_connect_timeout = atoi($2); 4124 #else 4125 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4126 #endif 4127 free($2); 4128 } 4129 ; 4130 redis_expire_records: VAR_CACHEDB_REDISEXPIRERECORDS STRING_ARG 4131 { 4132 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4133 OUTYY(("P(redis_expire_records:%s)\n", $2)); 4134 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 4135 yyerror("expected yes or no."); 4136 else cfg_parser->cfg->redis_expire_records = (strcmp($2, "yes")==0); 4137 #else 4138 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4139 #endif 4140 free($2); 4141 } 4142 ; 4143 redis_logical_db: VAR_CACHEDB_REDISLOGICALDB STRING_ARG 4144 { 4145 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4146 int db; 4147 OUTYY(("P(redis_logical_db:%s)\n", $2)); 4148 db = atoi($2); 4149 if((db == 0 && strcmp($2, "0") != 0) || db < 0) 4150 yyerror("valid redis logical database index expected"); 4151 else cfg_parser->cfg->redis_logical_db = db; 4152 #else 4153 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4154 #endif 4155 free($2); 4156 } 4157 ; 4158 redis_replica_logical_db: VAR_CACHEDB_REDISREPLICALOGICALDB STRING_ARG 4159 { 4160 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4161 int db; 4162 OUTYY(("P(redis_replica_logical_db:%s)\n", $2)); 4163 db = atoi($2); 4164 if((db == 0 && strcmp($2, "0") != 0) || db < 0) 4165 yyerror("valid redis logical database index expected"); 4166 else cfg_parser->cfg->redis_replica_logical_db = db; 4167 #else 4168 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4169 #endif 4170 free($2); 4171 } 4172 ; 4173 server_tcp_connection_limit: VAR_TCP_CONNECTION_LIMIT STRING_ARG STRING_ARG 4174 { 4175 OUTYY(("P(server_tcp_connection_limit:%s %s)\n", $2, $3)); 4176 if (atoi($3) < 0) 4177 yyerror("positive number expected"); 4178 else { 4179 if(!cfg_str2list_insert(&cfg_parser->cfg->tcp_connection_limits, $2, $3)) 4180 fatal_exit("out of memory adding tcp connection limit"); 4181 } 4182 } 4183 ; 4184 server_answer_cookie: VAR_ANSWER_COOKIE STRING_ARG 4185 { 4186 OUTYY(("P(server_answer_cookie:%s)\n", $2)); 4187 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 4188 yyerror("expected yes or no."); 4189 else cfg_parser->cfg->do_answer_cookie = (strcmp($2, "yes")==0); 4190 free($2); 4191 } 4192 ; 4193 server_cookie_secret: VAR_COOKIE_SECRET STRING_ARG 4194 { 4195 uint8_t secret[32]; 4196 size_t secret_len = sizeof(secret); 4197 4198 OUTYY(("P(server_cookie_secret:%s)\n", $2)); 4199 if(sldns_str2wire_hex_buf($2, secret, &secret_len) 4200 || (secret_len != 16)) 4201 yyerror("expected 128 bit hex string"); 4202 else { 4203 cfg_parser->cfg->cookie_secret_len = secret_len; 4204 memcpy(cfg_parser->cfg->cookie_secret, secret, sizeof(secret)); 4205 } 4206 free($2); 4207 } 4208 ; 4209 server_cookie_secret_file: VAR_COOKIE_SECRET_FILE STRING_ARG 4210 { 4211 OUTYY(("P(cookie_secret_file:%s)\n", $2)); 4212 free(cfg_parser->cfg->cookie_secret_file); 4213 cfg_parser->cfg->cookie_secret_file = $2; 4214 } 4215 ; 4216 server_iter_scrub_ns: VAR_ITER_SCRUB_NS STRING_ARG 4217 { 4218 OUTYY(("P(server_iter_scrub_ns:%s)\n", $2)); 4219 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4220 yyerror("number expected"); 4221 else cfg_parser->cfg->iter_scrub_ns = atoi($2); 4222 free($2); 4223 } 4224 ; 4225 server_iter_scrub_cname: VAR_ITER_SCRUB_CNAME STRING_ARG 4226 { 4227 OUTYY(("P(server_iter_scrub_cname:%s)\n", $2)); 4228 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4229 yyerror("number expected"); 4230 else cfg_parser->cfg->iter_scrub_cname = atoi($2); 4231 free($2); 4232 } 4233 ; 4234 server_max_global_quota: VAR_MAX_GLOBAL_QUOTA STRING_ARG 4235 { 4236 OUTYY(("P(server_max_global_quota:%s)\n", $2)); 4237 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4238 yyerror("number expected"); 4239 else cfg_parser->cfg->max_global_quota = atoi($2); 4240 free($2); 4241 } 4242 ; 4243 ipsetstart: VAR_IPSET 4244 { 4245 OUTYY(("\nP(ipset:)\n")); 4246 cfg_parser->started_toplevel = 1; 4247 } 4248 ; 4249 contents_ipset: contents_ipset content_ipset 4250 | ; 4251 content_ipset: ipset_name_v4 | ipset_name_v6 4252 ; 4253 ipset_name_v4: VAR_IPSET_NAME_V4 STRING_ARG 4254 { 4255 #ifdef USE_IPSET 4256 OUTYY(("P(name-v4:%s)\n", $2)); 4257 if(cfg_parser->cfg->ipset_name_v4) 4258 yyerror("ipset name v4 override, there must be one " 4259 "name for ip v4"); 4260 free(cfg_parser->cfg->ipset_name_v4); 4261 cfg_parser->cfg->ipset_name_v4 = $2; 4262 #else 4263 OUTYY(("P(Compiled without ipset, ignoring)\n")); 4264 free($2); 4265 #endif 4266 } 4267 ; 4268 ipset_name_v6: VAR_IPSET_NAME_V6 STRING_ARG 4269 { 4270 #ifdef USE_IPSET 4271 OUTYY(("P(name-v6:%s)\n", $2)); 4272 if(cfg_parser->cfg->ipset_name_v6) 4273 yyerror("ipset name v6 override, there must be one " 4274 "name for ip v6"); 4275 free(cfg_parser->cfg->ipset_name_v6); 4276 cfg_parser->cfg->ipset_name_v6 = $2; 4277 #else 4278 OUTYY(("P(Compiled without ipset, ignoring)\n")); 4279 free($2); 4280 #endif 4281 } 4282 ; 4283 %% 4284 4285 /* parse helper routines could be here */ 4286 static void 4287 validate_respip_action(const char* action) 4288 { 4289 if(strcmp(action, "deny")!=0 && 4290 strcmp(action, "redirect")!=0 && 4291 strcmp(action, "inform")!=0 && 4292 strcmp(action, "inform_deny")!=0 && 4293 strcmp(action, "always_transparent")!=0 && 4294 strcmp(action, "always_refuse")!=0 && 4295 strcmp(action, "always_nxdomain")!=0) 4296 { 4297 yyerror("response-ip action: expected deny, redirect, " 4298 "inform, inform_deny, always_transparent, " 4299 "always_refuse or always_nxdomain"); 4300 } 4301 } 4302 4303 static void 4304 validate_acl_action(const char* action) 4305 { 4306 if(strcmp(action, "deny")!=0 && 4307 strcmp(action, "refuse")!=0 && 4308 strcmp(action, "deny_non_local")!=0 && 4309 strcmp(action, "refuse_non_local")!=0 && 4310 strcmp(action, "allow_setrd")!=0 && 4311 strcmp(action, "allow")!=0 && 4312 strcmp(action, "allow_snoop")!=0 && 4313 strcmp(action, "allow_cookie")!=0) 4314 { 4315 yyerror("expected deny, refuse, deny_non_local, " 4316 "refuse_non_local, allow, allow_setrd, " 4317 "allow_snoop or allow_cookie as access control action"); 4318 } 4319 } 4320