1 /* 2 * configparser.y -- yacc grammar for unbound configuration files 3 * 4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. 5 * 6 * Copyright (c) 2007, NLnet Labs. All rights reserved. 7 * 8 * This software is open source. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * Redistributions of source code must retain the above copyright notice, 15 * this list of conditions and the following disclaimer. 16 * 17 * Redistributions in binary form must reproduce the above copyright notice, 18 * this list of conditions and the following disclaimer in the documentation 19 * and/or other materials provided with the distribution. 20 * 21 * Neither the name of the NLNET LABS nor the names of its contributors may 22 * be used to endorse or promote products derived from this software without 23 * specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38 %{ 39 #include "config.h" 40 41 #include <stdarg.h> 42 #include <stdio.h> 43 #include <string.h> 44 #include <stdlib.h> 45 #include <assert.h> 46 47 #include "util/configyyrename.h" 48 #include "util/config_file.h" 49 #include "util/net_help.h" 50 51 int ub_c_lex(void); 52 void ub_c_error(const char *message); 53 54 static void validate_respip_action(const char* action); 55 56 /* these need to be global, otherwise they cannot be used inside yacc */ 57 extern struct config_parser_state* cfg_parser; 58 59 #if 0 60 #define OUTYY(s) printf s /* used ONLY when debugging */ 61 #else 62 #define OUTYY(s) 63 #endif 64 65 %} 66 %union { 67 char* str; 68 }; 69 70 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR 71 %token <str> STRING_ARG 72 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT 73 %token VAR_OUTGOING_RANGE VAR_INTERFACE 74 %token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP 75 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT 76 %token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT 77 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE 78 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD 79 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP 80 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS 81 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME 82 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY 83 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES 84 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR 85 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION 86 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF 87 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE 88 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE 89 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE 90 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE 91 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG 92 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST 93 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL 94 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC 95 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID 96 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT 97 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR 98 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS 99 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE 100 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE 101 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE 102 %token VAR_CONTROL_USE_CERT 103 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT 104 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII 105 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN 106 %token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL 107 %token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN 108 %token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH 109 %token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN 110 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS 111 %token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM 112 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST 113 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE 114 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN 115 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE 116 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES 117 %token VAR_INFRA_CACHE_MIN_RTT 118 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA 119 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH 120 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION 121 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION 122 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 123 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 124 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 125 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 126 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 127 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 128 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA 129 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT 130 %token VAR_DISABLE_DNSSEC_LAME_CHECK 131 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE 132 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE 133 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN 134 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR 135 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE 136 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE 137 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6 138 %token VAR_MIN_CLIENT_SUBNET_IPV4 VAR_MIN_CLIENT_SUBNET_IPV6 139 %token VAR_MAX_ECS_TREE_SIZE_IPV4 VAR_MAX_ECS_TREE_SIZE_IPV6 140 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN 141 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND 142 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG 143 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION 144 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW 145 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_SERVE_EXPIRED_TTL 146 %token VAR_SERVE_EXPIRED_TTL_RESET VAR_SERVE_EXPIRED_REPLY_TTL 147 %token VAR_SERVE_EXPIRED_CLIENT_TIMEOUT VAR_FAKE_DSA 148 %token VAR_FAKE_SHA1 VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR 149 %token VAR_TRUST_ANCHOR_SIGNALING VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD 150 %token VAR_SHM_ENABLE VAR_SHM_KEY VAR_ROOT_KEY_SENTINEL 151 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER 152 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT 153 %token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 154 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 155 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 156 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE 157 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS 158 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS 159 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT 160 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED 161 %token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISTIMEOUT 162 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM 163 %token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM 164 %token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL 165 %token VAR_FAST_SERVER_PERMIL VAR_FAST_SERVER_NUM 166 %token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT VAR_TCP_CONNECTION_LIMIT 167 %token VAR_FORWARD_NO_CACHE VAR_STUB_NO_CACHE VAR_LOG_SERVFAIL VAR_DENY_ANY 168 %token VAR_UNKNOWN_SERVER_TIME_LIMIT VAR_LOG_TAG_QUERYREPLY 169 %token VAR_STREAM_WAIT_SIZE VAR_TLS_CIPHERS VAR_TLS_CIPHERSUITES 170 %token VAR_IPSET VAR_IPSET_NAME_V4 VAR_IPSET_NAME_V6 171 %token VAR_TLS_SESSION_TICKET_KEYS VAR_RPZ VAR_TAGS VAR_RPZ_ACTION_OVERRIDE 172 %token VAR_RPZ_CNAME_OVERRIDE VAR_RPZ_LOG VAR_RPZ_LOG_NAME 173 174 %% 175 toplevelvars: /* empty */ | toplevelvars toplevelvar ; 176 toplevelvar: serverstart contents_server | stubstart contents_stub | 177 forwardstart contents_forward | pythonstart contents_py | 178 rcstart contents_rc | dtstart contents_dt | viewstart contents_view | 179 dnscstart contents_dnsc | cachedbstart contents_cachedb | 180 ipsetstart contents_ipset | authstart contents_auth | 181 rpzstart contents_rpz 182 ; 183 184 /* server: declaration */ 185 serverstart: VAR_SERVER 186 { 187 OUTYY(("\nP(server:)\n")); 188 } 189 ; 190 contents_server: contents_server content_server 191 | ; 192 content_server: server_num_threads | server_verbosity | server_port | 193 server_outgoing_range | server_do_ip4 | 194 server_do_ip6 | server_prefer_ip6 | 195 server_do_udp | server_do_tcp | 196 server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout | 197 server_tcp_keepalive | server_tcp_keepalive_timeout | 198 server_interface | server_chroot | server_username | 199 server_directory | server_logfile | server_pidfile | 200 server_msg_cache_size | server_msg_cache_slabs | 201 server_num_queries_per_thread | server_rrset_cache_size | 202 server_rrset_cache_slabs | server_outgoing_num_tcp | 203 server_infra_host_ttl | server_infra_lame_ttl | 204 server_infra_cache_slabs | server_infra_cache_numhosts | 205 server_infra_cache_lame_size | server_target_fetch_policy | 206 server_harden_short_bufsize | server_harden_large_queries | 207 server_do_not_query_address | server_hide_identity | 208 server_hide_version | server_identity | server_version | 209 server_harden_glue | server_module_conf | server_trust_anchor_file | 210 server_trust_anchor | server_val_override_date | server_bogus_ttl | 211 server_val_clean_additional | server_val_permissive_mode | 212 server_incoming_num_tcp | server_msg_buffer_size | 213 server_key_cache_size | server_key_cache_slabs | 214 server_trusted_keys_file | server_val_nsec3_keysize_iterations | 215 server_use_syslog | server_outgoing_interface | server_root_hints | 216 server_do_not_query_localhost | server_cache_max_ttl | 217 server_harden_dnssec_stripped | server_access_control | 218 server_local_zone | server_local_data | server_interface_automatic | 219 server_statistics_interval | server_do_daemonize | 220 server_use_caps_for_id | server_statistics_cumulative | 221 server_outgoing_port_permit | server_outgoing_port_avoid | 222 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size | 223 server_harden_referral_path | server_private_address | 224 server_private_domain | server_extended_statistics | 225 server_local_data_ptr | server_jostle_timeout | 226 server_unwanted_reply_threshold | server_log_time_ascii | 227 server_domain_insecure | server_val_sig_skew_min | 228 server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level | 229 server_auto_trust_anchor_file | server_add_holddown | 230 server_del_holddown | server_keep_missing | server_so_rcvbuf | 231 server_edns_buffer_size | server_prefetch | server_prefetch_key | 232 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag | 233 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream | 234 server_log_local_actions | 235 server_ssl_service_key | server_ssl_service_pem | server_ssl_port | 236 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size | 237 server_so_reuseport | server_delay_close | 238 server_unblock_lan_zones | server_insecure_lan_zones | 239 server_dns64_prefix | server_dns64_synthall | server_dns64_ignore_aaaa | 240 server_infra_cache_min_rtt | server_harden_algo_downgrade | 241 server_ip_transparent | server_ip_ratelimit | server_ratelimit | 242 server_ip_ratelimit_slabs | server_ratelimit_slabs | 243 server_ip_ratelimit_size | server_ratelimit_size | 244 server_ratelimit_for_domain | 245 server_ratelimit_below_domain | server_ratelimit_factor | 246 server_ip_ratelimit_factor | server_send_client_subnet | 247 server_client_subnet_zone | server_client_subnet_always_forward | 248 server_client_subnet_opcode | 249 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 | 250 server_min_client_subnet_ipv4 | server_min_client_subnet_ipv6 | 251 server_max_ecs_tree_size_ipv4 | server_max_ecs_tree_size_ipv6 | 252 server_caps_whitelist | server_cache_max_negative_ttl | 253 server_permit_small_holddown | server_qname_minimisation | 254 server_ip_freebind | server_define_tag | server_local_zone_tag | 255 server_disable_dnssec_lame_check | server_access_control_tag | 256 server_local_zone_override | server_access_control_tag_action | 257 server_access_control_tag_data | server_access_control_view | 258 server_qname_minimisation_strict | server_serve_expired | 259 server_serve_expired_ttl | server_serve_expired_ttl_reset | 260 server_serve_expired_reply_ttl | server_serve_expired_client_timeout | 261 server_fake_dsa | server_log_identity | server_use_systemd | 262 server_response_ip_tag | server_response_ip | server_response_ip_data | 263 server_shm_enable | server_shm_key | server_fake_sha1 | 264 server_hide_trustanchor | server_trust_anchor_signaling | 265 server_root_key_sentinel | 266 server_ipsecmod_enabled | server_ipsecmod_hook | 267 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl | 268 server_ipsecmod_whitelist | server_ipsecmod_strict | 269 server_udp_upstream_without_downstream | server_aggressive_nsec | 270 server_tls_cert_bundle | server_tls_additional_port | server_low_rtt | 271 server_fast_server_permil | server_fast_server_num | server_tls_win_cert | 272 server_tcp_connection_limit | server_log_servfail | server_deny_any | 273 server_unknown_server_time_limit | server_log_tag_queryreply | 274 server_stream_wait_size | server_tls_ciphers | 275 server_tls_ciphersuites | server_tls_session_ticket_keys 276 ; 277 stubstart: VAR_STUB_ZONE 278 { 279 struct config_stub* s; 280 OUTYY(("\nP(stub_zone:)\n")); 281 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 282 if(s) { 283 s->next = cfg_parser->cfg->stubs; 284 cfg_parser->cfg->stubs = s; 285 } else 286 yyerror("out of memory"); 287 } 288 ; 289 contents_stub: contents_stub content_stub 290 | ; 291 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first | 292 stub_no_cache | stub_ssl_upstream 293 ; 294 forwardstart: VAR_FORWARD_ZONE 295 { 296 struct config_stub* s; 297 OUTYY(("\nP(forward_zone:)\n")); 298 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 299 if(s) { 300 s->next = cfg_parser->cfg->forwards; 301 cfg_parser->cfg->forwards = s; 302 } else 303 yyerror("out of memory"); 304 } 305 ; 306 contents_forward: contents_forward content_forward 307 | ; 308 content_forward: forward_name | forward_host | forward_addr | forward_first | 309 forward_no_cache | forward_ssl_upstream 310 ; 311 viewstart: VAR_VIEW 312 { 313 struct config_view* s; 314 OUTYY(("\nP(view:)\n")); 315 s = (struct config_view*)calloc(1, sizeof(struct config_view)); 316 if(s) { 317 s->next = cfg_parser->cfg->views; 318 if(s->next && !s->next->name) 319 yyerror("view without name"); 320 cfg_parser->cfg->views = s; 321 } else 322 yyerror("out of memory"); 323 } 324 ; 325 contents_view: contents_view content_view 326 | ; 327 content_view: view_name | view_local_zone | view_local_data | view_first | 328 view_response_ip | view_response_ip_data | view_local_data_ptr 329 ; 330 authstart: VAR_AUTH_ZONE 331 { 332 struct config_auth* s; 333 OUTYY(("\nP(auth_zone:)\n")); 334 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 335 if(s) { 336 s->next = cfg_parser->cfg->auths; 337 cfg_parser->cfg->auths = s; 338 /* defaults for auth zone */ 339 s->for_downstream = 1; 340 s->for_upstream = 1; 341 s->fallback_enabled = 0; 342 s->isrpz = 0; 343 } else 344 yyerror("out of memory"); 345 } 346 ; 347 contents_auth: contents_auth content_auth 348 | ; 349 content_auth: auth_name | auth_zonefile | auth_master | auth_url | 350 auth_for_downstream | auth_for_upstream | auth_fallback_enabled | 351 auth_allow_notify 352 ; 353 354 rpz_tag: VAR_TAGS STRING_ARG 355 { 356 uint8_t* bitlist; 357 size_t len = 0; 358 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 359 bitlist = config_parse_taglist(cfg_parser->cfg, $2, 360 &len); 361 free($2); 362 if(!bitlist) { 363 yyerror("could not parse tags, (define-tag them first)"); 364 } 365 if(bitlist) { 366 cfg_parser->cfg->auths->rpz_taglist = bitlist; 367 cfg_parser->cfg->auths->rpz_taglistlen = len; 368 369 } 370 } 371 ; 372 373 rpz_action_override: VAR_RPZ_ACTION_OVERRIDE STRING_ARG 374 { 375 OUTYY(("P(rpz_action_override:%s)\n", $2)); 376 if(strcmp($2, "nxdomain")!=0 && strcmp($2, "nodata")!=0 && 377 strcmp($2, "passthru")!=0 && strcmp($2, "drop")!=0 && 378 strcmp($2, "cname")!=0 && strcmp($2, "disabled")!=0) { 379 yyerror("rpz-action-override action: expected nxdomain, " 380 "nodata, passthru, drop, cname or disabled"); 381 free($2); 382 cfg_parser->cfg->auths->rpz_action_override = NULL; 383 } 384 else { 385 cfg_parser->cfg->auths->rpz_action_override = $2; 386 } 387 } 388 ; 389 390 rpz_cname_override: VAR_RPZ_CNAME_OVERRIDE STRING_ARG 391 { 392 OUTYY(("P(rpz_cname_override:%s)\n", $2)); 393 free(cfg_parser->cfg->auths->rpz_cname); 394 cfg_parser->cfg->auths->rpz_cname = $2; 395 } 396 ; 397 398 rpz_log: VAR_RPZ_LOG STRING_ARG 399 { 400 OUTYY(("P(rpz_log:%s)\n", $2)); 401 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 402 yyerror("expected yes or no."); 403 else cfg_parser->cfg->auths->rpz_log = (strcmp($2, "yes")==0); 404 free($2); 405 } 406 ; 407 408 rpz_log_name: VAR_RPZ_LOG_NAME STRING_ARG 409 { 410 OUTYY(("P(rpz_log_name:%s)\n", $2)); 411 free(cfg_parser->cfg->auths->rpz_log_name); 412 cfg_parser->cfg->auths->rpz_log_name = $2; 413 } 414 ; 415 416 rpzstart: VAR_RPZ 417 { 418 struct config_auth* s; 419 OUTYY(("\nP(rpz:)\n")); 420 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 421 if(s) { 422 s->next = cfg_parser->cfg->auths; 423 cfg_parser->cfg->auths = s; 424 /* defaults for RPZ auth zone */ 425 s->for_downstream = 0; 426 s->for_upstream = 0; 427 s->fallback_enabled = 0; 428 s->isrpz = 1; 429 } else 430 yyerror("out of memory"); 431 } 432 ; 433 contents_rpz: contents_rpz content_rpz 434 | ; 435 content_rpz: auth_name | auth_zonefile | rpz_tag | auth_master | auth_url | 436 auth_allow_notify | rpz_action_override | rpz_cname_override | 437 rpz_log | rpz_log_name 438 ; 439 server_num_threads: VAR_NUM_THREADS STRING_ARG 440 { 441 OUTYY(("P(server_num_threads:%s)\n", $2)); 442 if(atoi($2) == 0 && strcmp($2, "0") != 0) 443 yyerror("number expected"); 444 else cfg_parser->cfg->num_threads = atoi($2); 445 free($2); 446 } 447 ; 448 server_verbosity: VAR_VERBOSITY STRING_ARG 449 { 450 OUTYY(("P(server_verbosity:%s)\n", $2)); 451 if(atoi($2) == 0 && strcmp($2, "0") != 0) 452 yyerror("number expected"); 453 else cfg_parser->cfg->verbosity = atoi($2); 454 free($2); 455 } 456 ; 457 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG 458 { 459 OUTYY(("P(server_statistics_interval:%s)\n", $2)); 460 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 461 cfg_parser->cfg->stat_interval = 0; 462 else if(atoi($2) == 0) 463 yyerror("number expected"); 464 else cfg_parser->cfg->stat_interval = atoi($2); 465 free($2); 466 } 467 ; 468 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG 469 { 470 OUTYY(("P(server_statistics_cumulative:%s)\n", $2)); 471 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 472 yyerror("expected yes or no."); 473 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0); 474 free($2); 475 } 476 ; 477 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG 478 { 479 OUTYY(("P(server_extended_statistics:%s)\n", $2)); 480 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 481 yyerror("expected yes or no."); 482 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0); 483 free($2); 484 } 485 ; 486 server_shm_enable: VAR_SHM_ENABLE STRING_ARG 487 { 488 OUTYY(("P(server_shm_enable:%s)\n", $2)); 489 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 490 yyerror("expected yes or no."); 491 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0); 492 free($2); 493 } 494 ; 495 server_shm_key: VAR_SHM_KEY STRING_ARG 496 { 497 OUTYY(("P(server_shm_key:%s)\n", $2)); 498 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 499 cfg_parser->cfg->shm_key = 0; 500 else if(atoi($2) == 0) 501 yyerror("number expected"); 502 else cfg_parser->cfg->shm_key = atoi($2); 503 free($2); 504 } 505 ; 506 server_port: VAR_PORT STRING_ARG 507 { 508 OUTYY(("P(server_port:%s)\n", $2)); 509 if(atoi($2) == 0) 510 yyerror("port number expected"); 511 else cfg_parser->cfg->port = atoi($2); 512 free($2); 513 } 514 ; 515 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG 516 { 517 #ifdef CLIENT_SUBNET 518 OUTYY(("P(server_send_client_subnet:%s)\n", $2)); 519 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2)) 520 fatal_exit("out of memory adding client-subnet"); 521 #else 522 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 523 free($2); 524 #endif 525 } 526 ; 527 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG 528 { 529 #ifdef CLIENT_SUBNET 530 OUTYY(("P(server_client_subnet_zone:%s)\n", $2)); 531 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone, 532 $2)) 533 fatal_exit("out of memory adding client-subnet-zone"); 534 #else 535 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 536 free($2); 537 #endif 538 } 539 ; 540 server_client_subnet_always_forward: 541 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG 542 { 543 #ifdef CLIENT_SUBNET 544 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2)); 545 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 546 yyerror("expected yes or no."); 547 else 548 cfg_parser->cfg->client_subnet_always_forward = 549 (strcmp($2, "yes")==0); 550 #else 551 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 552 #endif 553 free($2); 554 } 555 ; 556 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG 557 { 558 #ifdef CLIENT_SUBNET 559 OUTYY(("P(client_subnet_opcode:%s)\n", $2)); 560 OUTYY(("P(Deprecated option, ignoring)\n")); 561 #else 562 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 563 #endif 564 free($2); 565 } 566 ; 567 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG 568 { 569 #ifdef CLIENT_SUBNET 570 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2)); 571 if(atoi($2) == 0 && strcmp($2, "0") != 0) 572 yyerror("IPv4 subnet length expected"); 573 else if (atoi($2) > 32) 574 cfg_parser->cfg->max_client_subnet_ipv4 = 32; 575 else if (atoi($2) < 0) 576 cfg_parser->cfg->max_client_subnet_ipv4 = 0; 577 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2); 578 #else 579 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 580 #endif 581 free($2); 582 } 583 ; 584 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG 585 { 586 #ifdef CLIENT_SUBNET 587 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2)); 588 if(atoi($2) == 0 && strcmp($2, "0") != 0) 589 yyerror("Ipv6 subnet length expected"); 590 else if (atoi($2) > 128) 591 cfg_parser->cfg->max_client_subnet_ipv6 = 128; 592 else if (atoi($2) < 0) 593 cfg_parser->cfg->max_client_subnet_ipv6 = 0; 594 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2); 595 #else 596 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 597 #endif 598 free($2); 599 } 600 ; 601 server_min_client_subnet_ipv4: VAR_MIN_CLIENT_SUBNET_IPV4 STRING_ARG 602 { 603 #ifdef CLIENT_SUBNET 604 OUTYY(("P(min_client_subnet_ipv4:%s)\n", $2)); 605 if(atoi($2) == 0 && strcmp($2, "0") != 0) 606 yyerror("IPv4 subnet length expected"); 607 else if (atoi($2) > 32) 608 cfg_parser->cfg->min_client_subnet_ipv4 = 32; 609 else if (atoi($2) < 0) 610 cfg_parser->cfg->min_client_subnet_ipv4 = 0; 611 else cfg_parser->cfg->min_client_subnet_ipv4 = (uint8_t)atoi($2); 612 #else 613 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 614 #endif 615 free($2); 616 } 617 ; 618 server_min_client_subnet_ipv6: VAR_MIN_CLIENT_SUBNET_IPV6 STRING_ARG 619 { 620 #ifdef CLIENT_SUBNET 621 OUTYY(("P(min_client_subnet_ipv6:%s)\n", $2)); 622 if(atoi($2) == 0 && strcmp($2, "0") != 0) 623 yyerror("Ipv6 subnet length expected"); 624 else if (atoi($2) > 128) 625 cfg_parser->cfg->min_client_subnet_ipv6 = 128; 626 else if (atoi($2) < 0) 627 cfg_parser->cfg->min_client_subnet_ipv6 = 0; 628 else cfg_parser->cfg->min_client_subnet_ipv6 = (uint8_t)atoi($2); 629 #else 630 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 631 #endif 632 free($2); 633 } 634 ; 635 server_max_ecs_tree_size_ipv4: VAR_MAX_ECS_TREE_SIZE_IPV4 STRING_ARG 636 { 637 #ifdef CLIENT_SUBNET 638 OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", $2)); 639 if(atoi($2) == 0 && strcmp($2, "0") != 0) 640 yyerror("IPv4 ECS tree size expected"); 641 else if (atoi($2) < 0) 642 cfg_parser->cfg->max_ecs_tree_size_ipv4 = 0; 643 else cfg_parser->cfg->max_ecs_tree_size_ipv4 = (uint32_t)atoi($2); 644 #else 645 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 646 #endif 647 free($2); 648 } 649 ; 650 server_max_ecs_tree_size_ipv6: VAR_MAX_ECS_TREE_SIZE_IPV6 STRING_ARG 651 { 652 #ifdef CLIENT_SUBNET 653 OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", $2)); 654 if(atoi($2) == 0 && strcmp($2, "0") != 0) 655 yyerror("IPv6 ECS tree size expected"); 656 else if (atoi($2) < 0) 657 cfg_parser->cfg->max_ecs_tree_size_ipv6 = 0; 658 else cfg_parser->cfg->max_ecs_tree_size_ipv6 = (uint32_t)atoi($2); 659 #else 660 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 661 #endif 662 free($2); 663 } 664 ; 665 server_interface: VAR_INTERFACE STRING_ARG 666 { 667 OUTYY(("P(server_interface:%s)\n", $2)); 668 if(cfg_parser->cfg->num_ifs == 0) 669 cfg_parser->cfg->ifs = calloc(1, sizeof(char*)); 670 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs, 671 (cfg_parser->cfg->num_ifs+1)*sizeof(char*)); 672 if(!cfg_parser->cfg->ifs) 673 yyerror("out of memory"); 674 else 675 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2; 676 } 677 ; 678 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG 679 { 680 OUTYY(("P(server_outgoing_interface:%s)\n", $2)); 681 if(cfg_parser->cfg->num_out_ifs == 0) 682 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*)); 683 else cfg_parser->cfg->out_ifs = realloc( 684 cfg_parser->cfg->out_ifs, 685 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*)); 686 if(!cfg_parser->cfg->out_ifs) 687 yyerror("out of memory"); 688 else 689 cfg_parser->cfg->out_ifs[ 690 cfg_parser->cfg->num_out_ifs++] = $2; 691 } 692 ; 693 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG 694 { 695 OUTYY(("P(server_outgoing_range:%s)\n", $2)); 696 if(atoi($2) == 0) 697 yyerror("number expected"); 698 else cfg_parser->cfg->outgoing_num_ports = atoi($2); 699 free($2); 700 } 701 ; 702 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG 703 { 704 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2)); 705 if(!cfg_mark_ports($2, 1, 706 cfg_parser->cfg->outgoing_avail_ports, 65536)) 707 yyerror("port number or range (\"low-high\") expected"); 708 free($2); 709 } 710 ; 711 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG 712 { 713 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2)); 714 if(!cfg_mark_ports($2, 0, 715 cfg_parser->cfg->outgoing_avail_ports, 65536)) 716 yyerror("port number or range (\"low-high\") expected"); 717 free($2); 718 } 719 ; 720 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG 721 { 722 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2)); 723 if(atoi($2) == 0 && strcmp($2, "0") != 0) 724 yyerror("number expected"); 725 else cfg_parser->cfg->outgoing_num_tcp = atoi($2); 726 free($2); 727 } 728 ; 729 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG 730 { 731 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2)); 732 if(atoi($2) == 0 && strcmp($2, "0") != 0) 733 yyerror("number expected"); 734 else cfg_parser->cfg->incoming_num_tcp = atoi($2); 735 free($2); 736 } 737 ; 738 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG 739 { 740 OUTYY(("P(server_interface_automatic:%s)\n", $2)); 741 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 742 yyerror("expected yes or no."); 743 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0); 744 free($2); 745 } 746 ; 747 server_do_ip4: VAR_DO_IP4 STRING_ARG 748 { 749 OUTYY(("P(server_do_ip4:%s)\n", $2)); 750 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 751 yyerror("expected yes or no."); 752 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0); 753 free($2); 754 } 755 ; 756 server_do_ip6: VAR_DO_IP6 STRING_ARG 757 { 758 OUTYY(("P(server_do_ip6:%s)\n", $2)); 759 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 760 yyerror("expected yes or no."); 761 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0); 762 free($2); 763 } 764 ; 765 server_do_udp: VAR_DO_UDP STRING_ARG 766 { 767 OUTYY(("P(server_do_udp:%s)\n", $2)); 768 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 769 yyerror("expected yes or no."); 770 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0); 771 free($2); 772 } 773 ; 774 server_do_tcp: VAR_DO_TCP STRING_ARG 775 { 776 OUTYY(("P(server_do_tcp:%s)\n", $2)); 777 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 778 yyerror("expected yes or no."); 779 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0); 780 free($2); 781 } 782 ; 783 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG 784 { 785 OUTYY(("P(server_prefer_ip6:%s)\n", $2)); 786 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 787 yyerror("expected yes or no."); 788 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0); 789 free($2); 790 } 791 ; 792 server_tcp_mss: VAR_TCP_MSS STRING_ARG 793 { 794 OUTYY(("P(server_tcp_mss:%s)\n", $2)); 795 if(atoi($2) == 0 && strcmp($2, "0") != 0) 796 yyerror("number expected"); 797 else cfg_parser->cfg->tcp_mss = atoi($2); 798 free($2); 799 } 800 ; 801 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG 802 { 803 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2)); 804 if(atoi($2) == 0 && strcmp($2, "0") != 0) 805 yyerror("number expected"); 806 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2); 807 free($2); 808 } 809 ; 810 server_tcp_idle_timeout: VAR_TCP_IDLE_TIMEOUT STRING_ARG 811 { 812 OUTYY(("P(server_tcp_idle_timeout:%s)\n", $2)); 813 if(atoi($2) == 0 && strcmp($2, "0") != 0) 814 yyerror("number expected"); 815 else if (atoi($2) > 120000) 816 cfg_parser->cfg->tcp_idle_timeout = 120000; 817 else if (atoi($2) < 1) 818 cfg_parser->cfg->tcp_idle_timeout = 1; 819 else cfg_parser->cfg->tcp_idle_timeout = atoi($2); 820 free($2); 821 } 822 ; 823 server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG 824 { 825 OUTYY(("P(server_tcp_keepalive:%s)\n", $2)); 826 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 827 yyerror("expected yes or no."); 828 else cfg_parser->cfg->do_tcp_keepalive = (strcmp($2, "yes")==0); 829 free($2); 830 } 831 ; 832 server_tcp_keepalive_timeout: VAR_EDNS_TCP_KEEPALIVE_TIMEOUT STRING_ARG 833 { 834 OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", $2)); 835 if(atoi($2) == 0 && strcmp($2, "0") != 0) 836 yyerror("number expected"); 837 else if (atoi($2) > 6553500) 838 cfg_parser->cfg->tcp_keepalive_timeout = 6553500; 839 else if (atoi($2) < 1) 840 cfg_parser->cfg->tcp_keepalive_timeout = 0; 841 else cfg_parser->cfg->tcp_keepalive_timeout = atoi($2); 842 free($2); 843 } 844 ; 845 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG 846 { 847 OUTYY(("P(server_tcp_upstream:%s)\n", $2)); 848 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 849 yyerror("expected yes or no."); 850 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0); 851 free($2); 852 } 853 ; 854 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG 855 { 856 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2)); 857 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 858 yyerror("expected yes or no."); 859 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0); 860 free($2); 861 } 862 ; 863 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG 864 { 865 OUTYY(("P(server_ssl_upstream:%s)\n", $2)); 866 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 867 yyerror("expected yes or no."); 868 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0); 869 free($2); 870 } 871 ; 872 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG 873 { 874 OUTYY(("P(server_ssl_service_key:%s)\n", $2)); 875 free(cfg_parser->cfg->ssl_service_key); 876 cfg_parser->cfg->ssl_service_key = $2; 877 } 878 ; 879 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG 880 { 881 OUTYY(("P(server_ssl_service_pem:%s)\n", $2)); 882 free(cfg_parser->cfg->ssl_service_pem); 883 cfg_parser->cfg->ssl_service_pem = $2; 884 } 885 ; 886 server_ssl_port: VAR_SSL_PORT STRING_ARG 887 { 888 OUTYY(("P(server_ssl_port:%s)\n", $2)); 889 if(atoi($2) == 0) 890 yyerror("port number expected"); 891 else cfg_parser->cfg->ssl_port = atoi($2); 892 free($2); 893 } 894 ; 895 server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG 896 { 897 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2)); 898 free(cfg_parser->cfg->tls_cert_bundle); 899 cfg_parser->cfg->tls_cert_bundle = $2; 900 } 901 ; 902 server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG 903 { 904 OUTYY(("P(server_tls_win_cert:%s)\n", $2)); 905 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 906 yyerror("expected yes or no."); 907 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0); 908 free($2); 909 } 910 ; 911 server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG 912 { 913 OUTYY(("P(server_tls_additional_port:%s)\n", $2)); 914 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port, 915 $2)) 916 yyerror("out of memory"); 917 } 918 ; 919 server_tls_ciphers: VAR_TLS_CIPHERS STRING_ARG 920 { 921 OUTYY(("P(server_tls_ciphers:%s)\n", $2)); 922 free(cfg_parser->cfg->tls_ciphers); 923 cfg_parser->cfg->tls_ciphers = $2; 924 } 925 ; 926 server_tls_ciphersuites: VAR_TLS_CIPHERSUITES STRING_ARG 927 { 928 OUTYY(("P(server_tls_ciphersuites:%s)\n", $2)); 929 free(cfg_parser->cfg->tls_ciphersuites); 930 cfg_parser->cfg->tls_ciphersuites = $2; 931 } 932 ; 933 server_tls_session_ticket_keys: VAR_TLS_SESSION_TICKET_KEYS STRING_ARG 934 { 935 OUTYY(("P(server_tls_session_ticket_keys:%s)\n", $2)); 936 if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys, 937 $2)) 938 yyerror("out of memory"); 939 } 940 ; 941 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG 942 { 943 OUTYY(("P(server_use_systemd:%s)\n", $2)); 944 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 945 yyerror("expected yes or no."); 946 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0); 947 free($2); 948 } 949 ; 950 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG 951 { 952 OUTYY(("P(server_do_daemonize:%s)\n", $2)); 953 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 954 yyerror("expected yes or no."); 955 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0); 956 free($2); 957 } 958 ; 959 server_use_syslog: VAR_USE_SYSLOG STRING_ARG 960 { 961 OUTYY(("P(server_use_syslog:%s)\n", $2)); 962 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 963 yyerror("expected yes or no."); 964 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0); 965 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS) 966 if(strcmp($2, "yes") == 0) 967 yyerror("no syslog services are available. " 968 "(reconfigure and compile to add)"); 969 #endif 970 free($2); 971 } 972 ; 973 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG 974 { 975 OUTYY(("P(server_log_time_ascii:%s)\n", $2)); 976 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 977 yyerror("expected yes or no."); 978 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0); 979 free($2); 980 } 981 ; 982 server_log_queries: VAR_LOG_QUERIES STRING_ARG 983 { 984 OUTYY(("P(server_log_queries:%s)\n", $2)); 985 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 986 yyerror("expected yes or no."); 987 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0); 988 free($2); 989 } 990 ; 991 server_log_replies: VAR_LOG_REPLIES STRING_ARG 992 { 993 OUTYY(("P(server_log_replies:%s)\n", $2)); 994 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 995 yyerror("expected yes or no."); 996 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0); 997 free($2); 998 } 999 ; 1000 server_log_tag_queryreply: VAR_LOG_TAG_QUERYREPLY STRING_ARG 1001 { 1002 OUTYY(("P(server_log_tag_queryreply:%s)\n", $2)); 1003 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1004 yyerror("expected yes or no."); 1005 else cfg_parser->cfg->log_tag_queryreply = (strcmp($2, "yes")==0); 1006 free($2); 1007 } 1008 ; 1009 server_log_servfail: VAR_LOG_SERVFAIL STRING_ARG 1010 { 1011 OUTYY(("P(server_log_servfail:%s)\n", $2)); 1012 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1013 yyerror("expected yes or no."); 1014 else cfg_parser->cfg->log_servfail = (strcmp($2, "yes")==0); 1015 free($2); 1016 } 1017 ; 1018 server_log_local_actions: VAR_LOG_LOCAL_ACTIONS STRING_ARG 1019 { 1020 OUTYY(("P(server_log_local_actions:%s)\n", $2)); 1021 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1022 yyerror("expected yes or no."); 1023 else cfg_parser->cfg->log_local_actions = (strcmp($2, "yes")==0); 1024 free($2); 1025 } 1026 ; 1027 server_chroot: VAR_CHROOT STRING_ARG 1028 { 1029 OUTYY(("P(server_chroot:%s)\n", $2)); 1030 free(cfg_parser->cfg->chrootdir); 1031 cfg_parser->cfg->chrootdir = $2; 1032 } 1033 ; 1034 server_username: VAR_USERNAME STRING_ARG 1035 { 1036 OUTYY(("P(server_username:%s)\n", $2)); 1037 free(cfg_parser->cfg->username); 1038 cfg_parser->cfg->username = $2; 1039 } 1040 ; 1041 server_directory: VAR_DIRECTORY STRING_ARG 1042 { 1043 OUTYY(("P(server_directory:%s)\n", $2)); 1044 free(cfg_parser->cfg->directory); 1045 cfg_parser->cfg->directory = $2; 1046 /* change there right away for includes relative to this */ 1047 if($2[0]) { 1048 char* d; 1049 #ifdef UB_ON_WINDOWS 1050 w_config_adjust_directory(cfg_parser->cfg); 1051 #endif 1052 d = cfg_parser->cfg->directory; 1053 /* adjust directory if we have already chroot, 1054 * like, we reread after sighup */ 1055 if(cfg_parser->chroot && cfg_parser->chroot[0] && 1056 strncmp(d, cfg_parser->chroot, strlen( 1057 cfg_parser->chroot)) == 0) 1058 d += strlen(cfg_parser->chroot); 1059 if(d[0]) { 1060 if(chdir(d)) 1061 log_err("cannot chdir to directory: %s (%s)", 1062 d, strerror(errno)); 1063 } 1064 } 1065 } 1066 ; 1067 server_logfile: VAR_LOGFILE STRING_ARG 1068 { 1069 OUTYY(("P(server_logfile:%s)\n", $2)); 1070 free(cfg_parser->cfg->logfile); 1071 cfg_parser->cfg->logfile = $2; 1072 cfg_parser->cfg->use_syslog = 0; 1073 } 1074 ; 1075 server_pidfile: VAR_PIDFILE STRING_ARG 1076 { 1077 OUTYY(("P(server_pidfile:%s)\n", $2)); 1078 free(cfg_parser->cfg->pidfile); 1079 cfg_parser->cfg->pidfile = $2; 1080 } 1081 ; 1082 server_root_hints: VAR_ROOT_HINTS STRING_ARG 1083 { 1084 OUTYY(("P(server_root_hints:%s)\n", $2)); 1085 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2)) 1086 yyerror("out of memory"); 1087 } 1088 ; 1089 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG 1090 { 1091 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2)); 1092 free(cfg_parser->cfg->dlv_anchor_file); 1093 cfg_parser->cfg->dlv_anchor_file = $2; 1094 } 1095 ; 1096 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG 1097 { 1098 OUTYY(("P(server_dlv_anchor:%s)\n", $2)); 1099 if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, $2)) 1100 yyerror("out of memory"); 1101 } 1102 ; 1103 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG 1104 { 1105 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2)); 1106 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1107 auto_trust_anchor_file_list, $2)) 1108 yyerror("out of memory"); 1109 } 1110 ; 1111 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG 1112 { 1113 OUTYY(("P(server_trust_anchor_file:%s)\n", $2)); 1114 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1115 trust_anchor_file_list, $2)) 1116 yyerror("out of memory"); 1117 } 1118 ; 1119 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG 1120 { 1121 OUTYY(("P(server_trusted_keys_file:%s)\n", $2)); 1122 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1123 trusted_keys_file_list, $2)) 1124 yyerror("out of memory"); 1125 } 1126 ; 1127 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG 1128 { 1129 OUTYY(("P(server_trust_anchor:%s)\n", $2)); 1130 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2)) 1131 yyerror("out of memory"); 1132 } 1133 ; 1134 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG 1135 { 1136 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2)); 1137 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1138 yyerror("expected yes or no."); 1139 else 1140 cfg_parser->cfg->trust_anchor_signaling = 1141 (strcmp($2, "yes")==0); 1142 free($2); 1143 } 1144 ; 1145 server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG 1146 { 1147 OUTYY(("P(server_root_key_sentinel:%s)\n", $2)); 1148 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1149 yyerror("expected yes or no."); 1150 else 1151 cfg_parser->cfg->root_key_sentinel = 1152 (strcmp($2, "yes")==0); 1153 free($2); 1154 } 1155 ; 1156 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG 1157 { 1158 OUTYY(("P(server_domain_insecure:%s)\n", $2)); 1159 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2)) 1160 yyerror("out of memory"); 1161 } 1162 ; 1163 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG 1164 { 1165 OUTYY(("P(server_hide_identity:%s)\n", $2)); 1166 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1167 yyerror("expected yes or no."); 1168 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0); 1169 free($2); 1170 } 1171 ; 1172 server_hide_version: VAR_HIDE_VERSION STRING_ARG 1173 { 1174 OUTYY(("P(server_hide_version:%s)\n", $2)); 1175 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1176 yyerror("expected yes or no."); 1177 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0); 1178 free($2); 1179 } 1180 ; 1181 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG 1182 { 1183 OUTYY(("P(server_hide_trustanchor:%s)\n", $2)); 1184 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1185 yyerror("expected yes or no."); 1186 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0); 1187 free($2); 1188 } 1189 ; 1190 server_identity: VAR_IDENTITY STRING_ARG 1191 { 1192 OUTYY(("P(server_identity:%s)\n", $2)); 1193 free(cfg_parser->cfg->identity); 1194 cfg_parser->cfg->identity = $2; 1195 } 1196 ; 1197 server_version: VAR_VERSION STRING_ARG 1198 { 1199 OUTYY(("P(server_version:%s)\n", $2)); 1200 free(cfg_parser->cfg->version); 1201 cfg_parser->cfg->version = $2; 1202 } 1203 ; 1204 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG 1205 { 1206 OUTYY(("P(server_so_rcvbuf:%s)\n", $2)); 1207 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf)) 1208 yyerror("buffer size expected"); 1209 free($2); 1210 } 1211 ; 1212 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG 1213 { 1214 OUTYY(("P(server_so_sndbuf:%s)\n", $2)); 1215 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf)) 1216 yyerror("buffer size expected"); 1217 free($2); 1218 } 1219 ; 1220 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG 1221 { 1222 OUTYY(("P(server_so_reuseport:%s)\n", $2)); 1223 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1224 yyerror("expected yes or no."); 1225 else cfg_parser->cfg->so_reuseport = 1226 (strcmp($2, "yes")==0); 1227 free($2); 1228 } 1229 ; 1230 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG 1231 { 1232 OUTYY(("P(server_ip_transparent:%s)\n", $2)); 1233 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1234 yyerror("expected yes or no."); 1235 else cfg_parser->cfg->ip_transparent = 1236 (strcmp($2, "yes")==0); 1237 free($2); 1238 } 1239 ; 1240 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG 1241 { 1242 OUTYY(("P(server_ip_freebind:%s)\n", $2)); 1243 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1244 yyerror("expected yes or no."); 1245 else cfg_parser->cfg->ip_freebind = 1246 (strcmp($2, "yes")==0); 1247 free($2); 1248 } 1249 ; 1250 server_stream_wait_size: VAR_STREAM_WAIT_SIZE STRING_ARG 1251 { 1252 OUTYY(("P(server_stream_wait_size:%s)\n", $2)); 1253 if(!cfg_parse_memsize($2, &cfg_parser->cfg->stream_wait_size)) 1254 yyerror("memory size expected"); 1255 free($2); 1256 } 1257 ; 1258 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG 1259 { 1260 OUTYY(("P(server_edns_buffer_size:%s)\n", $2)); 1261 if(atoi($2) == 0) 1262 yyerror("number expected"); 1263 else if (atoi($2) < 12) 1264 yyerror("edns buffer size too small"); 1265 else if (atoi($2) > 65535) 1266 cfg_parser->cfg->edns_buffer_size = 65535; 1267 else cfg_parser->cfg->edns_buffer_size = atoi($2); 1268 free($2); 1269 } 1270 ; 1271 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG 1272 { 1273 OUTYY(("P(server_msg_buffer_size:%s)\n", $2)); 1274 if(atoi($2) == 0) 1275 yyerror("number expected"); 1276 else if (atoi($2) < 4096) 1277 yyerror("message buffer size too small (use 4096)"); 1278 else cfg_parser->cfg->msg_buffer_size = atoi($2); 1279 free($2); 1280 } 1281 ; 1282 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG 1283 { 1284 OUTYY(("P(server_msg_cache_size:%s)\n", $2)); 1285 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size)) 1286 yyerror("memory size expected"); 1287 free($2); 1288 } 1289 ; 1290 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG 1291 { 1292 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2)); 1293 if(atoi($2) == 0) 1294 yyerror("number expected"); 1295 else { 1296 cfg_parser->cfg->msg_cache_slabs = atoi($2); 1297 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs)) 1298 yyerror("must be a power of 2"); 1299 } 1300 free($2); 1301 } 1302 ; 1303 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG 1304 { 1305 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2)); 1306 if(atoi($2) == 0) 1307 yyerror("number expected"); 1308 else cfg_parser->cfg->num_queries_per_thread = atoi($2); 1309 free($2); 1310 } 1311 ; 1312 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG 1313 { 1314 OUTYY(("P(server_jostle_timeout:%s)\n", $2)); 1315 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1316 yyerror("number expected"); 1317 else cfg_parser->cfg->jostle_time = atoi($2); 1318 free($2); 1319 } 1320 ; 1321 server_delay_close: VAR_DELAY_CLOSE STRING_ARG 1322 { 1323 OUTYY(("P(server_delay_close:%s)\n", $2)); 1324 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1325 yyerror("number expected"); 1326 else cfg_parser->cfg->delay_close = atoi($2); 1327 free($2); 1328 } 1329 ; 1330 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG 1331 { 1332 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2)); 1333 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1334 yyerror("expected yes or no."); 1335 else cfg_parser->cfg->unblock_lan_zones = 1336 (strcmp($2, "yes")==0); 1337 free($2); 1338 } 1339 ; 1340 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG 1341 { 1342 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2)); 1343 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1344 yyerror("expected yes or no."); 1345 else cfg_parser->cfg->insecure_lan_zones = 1346 (strcmp($2, "yes")==0); 1347 free($2); 1348 } 1349 ; 1350 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG 1351 { 1352 OUTYY(("P(server_rrset_cache_size:%s)\n", $2)); 1353 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size)) 1354 yyerror("memory size expected"); 1355 free($2); 1356 } 1357 ; 1358 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG 1359 { 1360 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2)); 1361 if(atoi($2) == 0) 1362 yyerror("number expected"); 1363 else { 1364 cfg_parser->cfg->rrset_cache_slabs = atoi($2); 1365 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs)) 1366 yyerror("must be a power of 2"); 1367 } 1368 free($2); 1369 } 1370 ; 1371 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG 1372 { 1373 OUTYY(("P(server_infra_host_ttl:%s)\n", $2)); 1374 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1375 yyerror("number expected"); 1376 else cfg_parser->cfg->host_ttl = atoi($2); 1377 free($2); 1378 } 1379 ; 1380 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG 1381 { 1382 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2)); 1383 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option " 1384 "removed, use infra-host-ttl)", $2); 1385 free($2); 1386 } 1387 ; 1388 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG 1389 { 1390 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2)); 1391 if(atoi($2) == 0) 1392 yyerror("number expected"); 1393 else cfg_parser->cfg->infra_cache_numhosts = atoi($2); 1394 free($2); 1395 } 1396 ; 1397 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG 1398 { 1399 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2)); 1400 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s " 1401 "(option removed, use infra-cache-numhosts)", $2); 1402 free($2); 1403 } 1404 ; 1405 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG 1406 { 1407 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2)); 1408 if(atoi($2) == 0) 1409 yyerror("number expected"); 1410 else { 1411 cfg_parser->cfg->infra_cache_slabs = atoi($2); 1412 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs)) 1413 yyerror("must be a power of 2"); 1414 } 1415 free($2); 1416 } 1417 ; 1418 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG 1419 { 1420 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2)); 1421 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1422 yyerror("number expected"); 1423 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2); 1424 free($2); 1425 } 1426 ; 1427 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG 1428 { 1429 OUTYY(("P(server_target_fetch_policy:%s)\n", $2)); 1430 free(cfg_parser->cfg->target_fetch_policy); 1431 cfg_parser->cfg->target_fetch_policy = $2; 1432 } 1433 ; 1434 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG 1435 { 1436 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2)); 1437 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1438 yyerror("expected yes or no."); 1439 else cfg_parser->cfg->harden_short_bufsize = 1440 (strcmp($2, "yes")==0); 1441 free($2); 1442 } 1443 ; 1444 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG 1445 { 1446 OUTYY(("P(server_harden_large_queries:%s)\n", $2)); 1447 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1448 yyerror("expected yes or no."); 1449 else cfg_parser->cfg->harden_large_queries = 1450 (strcmp($2, "yes")==0); 1451 free($2); 1452 } 1453 ; 1454 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG 1455 { 1456 OUTYY(("P(server_harden_glue:%s)\n", $2)); 1457 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1458 yyerror("expected yes or no."); 1459 else cfg_parser->cfg->harden_glue = 1460 (strcmp($2, "yes")==0); 1461 free($2); 1462 } 1463 ; 1464 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG 1465 { 1466 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2)); 1467 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1468 yyerror("expected yes or no."); 1469 else cfg_parser->cfg->harden_dnssec_stripped = 1470 (strcmp($2, "yes")==0); 1471 free($2); 1472 } 1473 ; 1474 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG 1475 { 1476 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2)); 1477 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1478 yyerror("expected yes or no."); 1479 else cfg_parser->cfg->harden_below_nxdomain = 1480 (strcmp($2, "yes")==0); 1481 free($2); 1482 } 1483 ; 1484 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG 1485 { 1486 OUTYY(("P(server_harden_referral_path:%s)\n", $2)); 1487 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1488 yyerror("expected yes or no."); 1489 else cfg_parser->cfg->harden_referral_path = 1490 (strcmp($2, "yes")==0); 1491 free($2); 1492 } 1493 ; 1494 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG 1495 { 1496 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2)); 1497 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1498 yyerror("expected yes or no."); 1499 else cfg_parser->cfg->harden_algo_downgrade = 1500 (strcmp($2, "yes")==0); 1501 free($2); 1502 } 1503 ; 1504 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG 1505 { 1506 OUTYY(("P(server_use_caps_for_id:%s)\n", $2)); 1507 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1508 yyerror("expected yes or no."); 1509 else cfg_parser->cfg->use_caps_bits_for_id = 1510 (strcmp($2, "yes")==0); 1511 free($2); 1512 } 1513 ; 1514 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG 1515 { 1516 OUTYY(("P(server_caps_whitelist:%s)\n", $2)); 1517 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2)) 1518 yyerror("out of memory"); 1519 } 1520 ; 1521 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG 1522 { 1523 OUTYY(("P(server_private_address:%s)\n", $2)); 1524 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2)) 1525 yyerror("out of memory"); 1526 } 1527 ; 1528 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG 1529 { 1530 OUTYY(("P(server_private_domain:%s)\n", $2)); 1531 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2)) 1532 yyerror("out of memory"); 1533 } 1534 ; 1535 server_prefetch: VAR_PREFETCH STRING_ARG 1536 { 1537 OUTYY(("P(server_prefetch:%s)\n", $2)); 1538 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1539 yyerror("expected yes or no."); 1540 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0); 1541 free($2); 1542 } 1543 ; 1544 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG 1545 { 1546 OUTYY(("P(server_prefetch_key:%s)\n", $2)); 1547 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1548 yyerror("expected yes or no."); 1549 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0); 1550 free($2); 1551 } 1552 ; 1553 server_deny_any: VAR_DENY_ANY STRING_ARG 1554 { 1555 OUTYY(("P(server_deny_any:%s)\n", $2)); 1556 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1557 yyerror("expected yes or no."); 1558 else cfg_parser->cfg->deny_any = (strcmp($2, "yes")==0); 1559 free($2); 1560 } 1561 ; 1562 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG 1563 { 1564 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2)); 1565 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1566 yyerror("number expected"); 1567 else cfg_parser->cfg->unwanted_threshold = atoi($2); 1568 free($2); 1569 } 1570 ; 1571 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG 1572 { 1573 OUTYY(("P(server_do_not_query_address:%s)\n", $2)); 1574 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2)) 1575 yyerror("out of memory"); 1576 } 1577 ; 1578 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG 1579 { 1580 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2)); 1581 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1582 yyerror("expected yes or no."); 1583 else cfg_parser->cfg->donotquery_localhost = 1584 (strcmp($2, "yes")==0); 1585 free($2); 1586 } 1587 ; 1588 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG 1589 { 1590 OUTYY(("P(server_access_control:%s %s)\n", $2, $3)); 1591 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 && 1592 strcmp($3, "deny_non_local")!=0 && 1593 strcmp($3, "refuse_non_local")!=0 && 1594 strcmp($3, "allow_setrd")!=0 && 1595 strcmp($3, "allow")!=0 && 1596 strcmp($3, "allow_snoop")!=0) { 1597 yyerror("expected deny, refuse, deny_non_local, " 1598 "refuse_non_local, allow, allow_setrd or " 1599 "allow_snoop in access control action"); 1600 free($2); 1601 free($3); 1602 } else { 1603 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3)) 1604 fatal_exit("out of memory adding acl"); 1605 } 1606 } 1607 ; 1608 server_module_conf: VAR_MODULE_CONF STRING_ARG 1609 { 1610 OUTYY(("P(server_module_conf:%s)\n", $2)); 1611 free(cfg_parser->cfg->module_conf); 1612 cfg_parser->cfg->module_conf = $2; 1613 } 1614 ; 1615 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG 1616 { 1617 OUTYY(("P(server_val_override_date:%s)\n", $2)); 1618 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1619 cfg_parser->cfg->val_date_override = 0; 1620 } else if(strlen($2) == 14) { 1621 cfg_parser->cfg->val_date_override = 1622 cfg_convert_timeval($2); 1623 if(!cfg_parser->cfg->val_date_override) 1624 yyerror("bad date/time specification"); 1625 } else { 1626 if(atoi($2) == 0) 1627 yyerror("number expected"); 1628 cfg_parser->cfg->val_date_override = atoi($2); 1629 } 1630 free($2); 1631 } 1632 ; 1633 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG 1634 { 1635 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2)); 1636 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1637 cfg_parser->cfg->val_sig_skew_min = 0; 1638 } else { 1639 cfg_parser->cfg->val_sig_skew_min = atoi($2); 1640 if(!cfg_parser->cfg->val_sig_skew_min) 1641 yyerror("number expected"); 1642 } 1643 free($2); 1644 } 1645 ; 1646 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG 1647 { 1648 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2)); 1649 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1650 cfg_parser->cfg->val_sig_skew_max = 0; 1651 } else { 1652 cfg_parser->cfg->val_sig_skew_max = atoi($2); 1653 if(!cfg_parser->cfg->val_sig_skew_max) 1654 yyerror("number expected"); 1655 } 1656 free($2); 1657 } 1658 ; 1659 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG 1660 { 1661 OUTYY(("P(server_cache_max_ttl:%s)\n", $2)); 1662 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1663 yyerror("number expected"); 1664 else cfg_parser->cfg->max_ttl = atoi($2); 1665 free($2); 1666 } 1667 ; 1668 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG 1669 { 1670 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2)); 1671 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1672 yyerror("number expected"); 1673 else cfg_parser->cfg->max_negative_ttl = atoi($2); 1674 free($2); 1675 } 1676 ; 1677 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG 1678 { 1679 OUTYY(("P(server_cache_min_ttl:%s)\n", $2)); 1680 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1681 yyerror("number expected"); 1682 else cfg_parser->cfg->min_ttl = atoi($2); 1683 free($2); 1684 } 1685 ; 1686 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG 1687 { 1688 OUTYY(("P(server_bogus_ttl:%s)\n", $2)); 1689 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1690 yyerror("number expected"); 1691 else cfg_parser->cfg->bogus_ttl = atoi($2); 1692 free($2); 1693 } 1694 ; 1695 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG 1696 { 1697 OUTYY(("P(server_val_clean_additional:%s)\n", $2)); 1698 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1699 yyerror("expected yes or no."); 1700 else cfg_parser->cfg->val_clean_additional = 1701 (strcmp($2, "yes")==0); 1702 free($2); 1703 } 1704 ; 1705 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG 1706 { 1707 OUTYY(("P(server_val_permissive_mode:%s)\n", $2)); 1708 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1709 yyerror("expected yes or no."); 1710 else cfg_parser->cfg->val_permissive_mode = 1711 (strcmp($2, "yes")==0); 1712 free($2); 1713 } 1714 ; 1715 server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG 1716 { 1717 OUTYY(("P(server_aggressive_nsec:%s)\n", $2)); 1718 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1719 yyerror("expected yes or no."); 1720 else 1721 cfg_parser->cfg->aggressive_nsec = 1722 (strcmp($2, "yes")==0); 1723 free($2); 1724 } 1725 ; 1726 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG 1727 { 1728 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2)); 1729 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1730 yyerror("expected yes or no."); 1731 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0); 1732 free($2); 1733 } 1734 ; 1735 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG 1736 { 1737 OUTYY(("P(server_serve_expired:%s)\n", $2)); 1738 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1739 yyerror("expected yes or no."); 1740 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0); 1741 free($2); 1742 } 1743 ; 1744 server_serve_expired_ttl: VAR_SERVE_EXPIRED_TTL STRING_ARG 1745 { 1746 OUTYY(("P(server_serve_expired_ttl:%s)\n", $2)); 1747 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1748 yyerror("number expected"); 1749 else cfg_parser->cfg->serve_expired_ttl = atoi($2); 1750 free($2); 1751 } 1752 ; 1753 server_serve_expired_ttl_reset: VAR_SERVE_EXPIRED_TTL_RESET STRING_ARG 1754 { 1755 OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", $2)); 1756 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1757 yyerror("expected yes or no."); 1758 else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp($2, "yes")==0); 1759 free($2); 1760 } 1761 ; 1762 server_serve_expired_reply_ttl: VAR_SERVE_EXPIRED_REPLY_TTL STRING_ARG 1763 { 1764 OUTYY(("P(server_serve_expired_reply_ttl:%s)\n", $2)); 1765 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1766 yyerror("number expected"); 1767 else cfg_parser->cfg->serve_expired_reply_ttl = atoi($2); 1768 free($2); 1769 } 1770 ; 1771 server_serve_expired_client_timeout: VAR_SERVE_EXPIRED_CLIENT_TIMEOUT STRING_ARG 1772 { 1773 OUTYY(("P(server_serve_expired_client_timeout:%s)\n", $2)); 1774 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1775 yyerror("number expected"); 1776 else cfg_parser->cfg->serve_expired_client_timeout = atoi($2); 1777 free($2); 1778 } 1779 ; 1780 server_fake_dsa: VAR_FAKE_DSA STRING_ARG 1781 { 1782 OUTYY(("P(server_fake_dsa:%s)\n", $2)); 1783 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1784 yyerror("expected yes or no."); 1785 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 1786 else fake_dsa = (strcmp($2, "yes")==0); 1787 if(fake_dsa) 1788 log_warn("test option fake_dsa is enabled"); 1789 #endif 1790 free($2); 1791 } 1792 ; 1793 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG 1794 { 1795 OUTYY(("P(server_fake_sha1:%s)\n", $2)); 1796 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1797 yyerror("expected yes or no."); 1798 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 1799 else fake_sha1 = (strcmp($2, "yes")==0); 1800 if(fake_sha1) 1801 log_warn("test option fake_sha1 is enabled"); 1802 #endif 1803 free($2); 1804 } 1805 ; 1806 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG 1807 { 1808 OUTYY(("P(server_val_log_level:%s)\n", $2)); 1809 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1810 yyerror("number expected"); 1811 else cfg_parser->cfg->val_log_level = atoi($2); 1812 free($2); 1813 } 1814 ; 1815 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG 1816 { 1817 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2)); 1818 free(cfg_parser->cfg->val_nsec3_key_iterations); 1819 cfg_parser->cfg->val_nsec3_key_iterations = $2; 1820 } 1821 ; 1822 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG 1823 { 1824 OUTYY(("P(server_add_holddown:%s)\n", $2)); 1825 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1826 yyerror("number expected"); 1827 else cfg_parser->cfg->add_holddown = atoi($2); 1828 free($2); 1829 } 1830 ; 1831 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG 1832 { 1833 OUTYY(("P(server_del_holddown:%s)\n", $2)); 1834 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1835 yyerror("number expected"); 1836 else cfg_parser->cfg->del_holddown = atoi($2); 1837 free($2); 1838 } 1839 ; 1840 server_keep_missing: VAR_KEEP_MISSING STRING_ARG 1841 { 1842 OUTYY(("P(server_keep_missing:%s)\n", $2)); 1843 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1844 yyerror("number expected"); 1845 else cfg_parser->cfg->keep_missing = atoi($2); 1846 free($2); 1847 } 1848 ; 1849 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG 1850 { 1851 OUTYY(("P(server_permit_small_holddown:%s)\n", $2)); 1852 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1853 yyerror("expected yes or no."); 1854 else cfg_parser->cfg->permit_small_holddown = 1855 (strcmp($2, "yes")==0); 1856 free($2); 1857 } 1858 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG 1859 { 1860 OUTYY(("P(server_key_cache_size:%s)\n", $2)); 1861 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size)) 1862 yyerror("memory size expected"); 1863 free($2); 1864 } 1865 ; 1866 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG 1867 { 1868 OUTYY(("P(server_key_cache_slabs:%s)\n", $2)); 1869 if(atoi($2) == 0) 1870 yyerror("number expected"); 1871 else { 1872 cfg_parser->cfg->key_cache_slabs = atoi($2); 1873 if(!is_pow2(cfg_parser->cfg->key_cache_slabs)) 1874 yyerror("must be a power of 2"); 1875 } 1876 free($2); 1877 } 1878 ; 1879 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG 1880 { 1881 OUTYY(("P(server_neg_cache_size:%s)\n", $2)); 1882 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size)) 1883 yyerror("memory size expected"); 1884 free($2); 1885 } 1886 ; 1887 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 1888 { 1889 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3)); 1890 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 1891 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 1892 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 1893 && strcmp($3, "typetransparent")!=0 1894 && strcmp($3, "always_transparent")!=0 1895 && strcmp($3, "always_refuse")!=0 1896 && strcmp($3, "always_nxdomain")!=0 1897 && strcmp($3, "noview")!=0 1898 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 1899 && strcmp($3, "inform_redirect") != 0 1900 && strcmp($3, "ipset") != 0) { 1901 yyerror("local-zone type: expected static, deny, " 1902 "refuse, redirect, transparent, " 1903 "typetransparent, inform, inform_deny, " 1904 "inform_redirect, always_transparent, " 1905 "always_refuse, always_nxdomain, noview " 1906 ", nodefault or ipset"); 1907 free($2); 1908 free($3); 1909 } else if(strcmp($3, "nodefault")==0) { 1910 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1911 local_zones_nodefault, $2)) 1912 fatal_exit("out of memory adding local-zone"); 1913 free($3); 1914 #ifdef USE_IPSET 1915 } else if(strcmp($3, "ipset")==0) { 1916 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1917 local_zones_ipset, $2)) 1918 fatal_exit("out of memory adding local-zone"); 1919 free($3); 1920 #endif 1921 } else { 1922 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones, 1923 $2, $3)) 1924 fatal_exit("out of memory adding local-zone"); 1925 } 1926 } 1927 ; 1928 server_local_data: VAR_LOCAL_DATA STRING_ARG 1929 { 1930 OUTYY(("P(server_local_data:%s)\n", $2)); 1931 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2)) 1932 fatal_exit("out of memory adding local-data"); 1933 } 1934 ; 1935 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 1936 { 1937 char* ptr; 1938 OUTYY(("P(server_local_data_ptr:%s)\n", $2)); 1939 ptr = cfg_ptr_reverse($2); 1940 free($2); 1941 if(ptr) { 1942 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1943 local_data, ptr)) 1944 fatal_exit("out of memory adding local-data"); 1945 } else { 1946 yyerror("local-data-ptr could not be reversed"); 1947 } 1948 } 1949 ; 1950 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG 1951 { 1952 OUTYY(("P(server_minimal_responses:%s)\n", $2)); 1953 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1954 yyerror("expected yes or no."); 1955 else cfg_parser->cfg->minimal_responses = 1956 (strcmp($2, "yes")==0); 1957 free($2); 1958 } 1959 ; 1960 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG 1961 { 1962 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2)); 1963 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1964 yyerror("expected yes or no."); 1965 else cfg_parser->cfg->rrset_roundrobin = 1966 (strcmp($2, "yes")==0); 1967 free($2); 1968 } 1969 ; 1970 server_unknown_server_time_limit: VAR_UNKNOWN_SERVER_TIME_LIMIT STRING_ARG 1971 { 1972 OUTYY(("P(server_unknown_server_time_limit:%s)\n", $2)); 1973 cfg_parser->cfg->unknown_server_time_limit = atoi($2); 1974 free($2); 1975 } 1976 ; 1977 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG 1978 { 1979 OUTYY(("P(server_max_udp_size:%s)\n", $2)); 1980 cfg_parser->cfg->max_udp_size = atoi($2); 1981 free($2); 1982 } 1983 ; 1984 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG 1985 { 1986 OUTYY(("P(dns64_prefix:%s)\n", $2)); 1987 free(cfg_parser->cfg->dns64_prefix); 1988 cfg_parser->cfg->dns64_prefix = $2; 1989 } 1990 ; 1991 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG 1992 { 1993 OUTYY(("P(server_dns64_synthall:%s)\n", $2)); 1994 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1995 yyerror("expected yes or no."); 1996 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0); 1997 free($2); 1998 } 1999 ; 2000 server_dns64_ignore_aaaa: VAR_DNS64_IGNORE_AAAA STRING_ARG 2001 { 2002 OUTYY(("P(dns64_ignore_aaaa:%s)\n", $2)); 2003 if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa, 2004 $2)) 2005 fatal_exit("out of memory adding dns64-ignore-aaaa"); 2006 } 2007 ; 2008 server_define_tag: VAR_DEFINE_TAG STRING_ARG 2009 { 2010 char* p, *s = $2; 2011 OUTYY(("P(server_define_tag:%s)\n", $2)); 2012 while((p=strsep(&s, " \t\n")) != NULL) { 2013 if(*p) { 2014 if(!config_add_tag(cfg_parser->cfg, p)) 2015 yyerror("could not define-tag, " 2016 "out of memory"); 2017 } 2018 } 2019 free($2); 2020 } 2021 ; 2022 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG 2023 { 2024 size_t len = 0; 2025 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2026 &len); 2027 free($3); 2028 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 2029 if(!bitlist) { 2030 yyerror("could not parse tags, (define-tag them first)"); 2031 free($2); 2032 } 2033 if(bitlist) { 2034 if(!cfg_strbytelist_insert( 2035 &cfg_parser->cfg->local_zone_tags, 2036 $2, bitlist, len)) { 2037 yyerror("out of memory"); 2038 free($2); 2039 } 2040 } 2041 } 2042 ; 2043 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG 2044 { 2045 size_t len = 0; 2046 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2047 &len); 2048 free($3); 2049 OUTYY(("P(server_access_control_tag:%s)\n", $2)); 2050 if(!bitlist) { 2051 yyerror("could not parse tags, (define-tag them first)"); 2052 free($2); 2053 } 2054 if(bitlist) { 2055 if(!cfg_strbytelist_insert( 2056 &cfg_parser->cfg->acl_tags, 2057 $2, bitlist, len)) { 2058 yyerror("out of memory"); 2059 free($2); 2060 } 2061 } 2062 } 2063 ; 2064 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2065 { 2066 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4)); 2067 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions, 2068 $2, $3, $4)) { 2069 yyerror("out of memory"); 2070 free($2); 2071 free($3); 2072 free($4); 2073 } 2074 } 2075 ; 2076 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2077 { 2078 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4)); 2079 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas, 2080 $2, $3, $4)) { 2081 yyerror("out of memory"); 2082 free($2); 2083 free($3); 2084 free($4); 2085 } 2086 } 2087 ; 2088 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG 2089 { 2090 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4)); 2091 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides, 2092 $2, $3, $4)) { 2093 yyerror("out of memory"); 2094 free($2); 2095 free($3); 2096 free($4); 2097 } 2098 } 2099 ; 2100 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG 2101 { 2102 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3)); 2103 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view, 2104 $2, $3)) { 2105 yyerror("out of memory"); 2106 } 2107 } 2108 ; 2109 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG 2110 { 2111 size_t len = 0; 2112 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2113 &len); 2114 free($3); 2115 OUTYY(("P(response_ip_tag:%s)\n", $2)); 2116 if(!bitlist) { 2117 yyerror("could not parse tags, (define-tag them first)"); 2118 free($2); 2119 } 2120 if(bitlist) { 2121 if(!cfg_strbytelist_insert( 2122 &cfg_parser->cfg->respip_tags, 2123 $2, bitlist, len)) { 2124 yyerror("out of memory"); 2125 free($2); 2126 } 2127 } 2128 } 2129 ; 2130 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG 2131 { 2132 OUTYY(("P(server_ip_ratelimit:%s)\n", $2)); 2133 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2134 yyerror("number expected"); 2135 else cfg_parser->cfg->ip_ratelimit = atoi($2); 2136 free($2); 2137 } 2138 ; 2139 2140 server_ratelimit: VAR_RATELIMIT STRING_ARG 2141 { 2142 OUTYY(("P(server_ratelimit:%s)\n", $2)); 2143 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2144 yyerror("number expected"); 2145 else cfg_parser->cfg->ratelimit = atoi($2); 2146 free($2); 2147 } 2148 ; 2149 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG 2150 { 2151 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2)); 2152 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size)) 2153 yyerror("memory size expected"); 2154 free($2); 2155 } 2156 ; 2157 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG 2158 { 2159 OUTYY(("P(server_ratelimit_size:%s)\n", $2)); 2160 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size)) 2161 yyerror("memory size expected"); 2162 free($2); 2163 } 2164 ; 2165 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG 2166 { 2167 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2)); 2168 if(atoi($2) == 0) 2169 yyerror("number expected"); 2170 else { 2171 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2); 2172 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs)) 2173 yyerror("must be a power of 2"); 2174 } 2175 free($2); 2176 } 2177 ; 2178 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG 2179 { 2180 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2)); 2181 if(atoi($2) == 0) 2182 yyerror("number expected"); 2183 else { 2184 cfg_parser->cfg->ratelimit_slabs = atoi($2); 2185 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs)) 2186 yyerror("must be a power of 2"); 2187 } 2188 free($2); 2189 } 2190 ; 2191 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG 2192 { 2193 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3)); 2194 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2195 yyerror("number expected"); 2196 free($2); 2197 free($3); 2198 } else { 2199 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2200 ratelimit_for_domain, $2, $3)) 2201 fatal_exit("out of memory adding " 2202 "ratelimit-for-domain"); 2203 } 2204 } 2205 ; 2206 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG 2207 { 2208 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3)); 2209 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2210 yyerror("number expected"); 2211 free($2); 2212 free($3); 2213 } else { 2214 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2215 ratelimit_below_domain, $2, $3)) 2216 fatal_exit("out of memory adding " 2217 "ratelimit-below-domain"); 2218 } 2219 } 2220 ; 2221 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG 2222 { 2223 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2)); 2224 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2225 yyerror("number expected"); 2226 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2); 2227 free($2); 2228 } 2229 ; 2230 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG 2231 { 2232 OUTYY(("P(server_ratelimit_factor:%s)\n", $2)); 2233 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2234 yyerror("number expected"); 2235 else cfg_parser->cfg->ratelimit_factor = atoi($2); 2236 free($2); 2237 } 2238 ; 2239 server_low_rtt: VAR_LOW_RTT STRING_ARG 2240 { 2241 OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n")); 2242 free($2); 2243 } 2244 ; 2245 server_fast_server_num: VAR_FAST_SERVER_NUM STRING_ARG 2246 { 2247 OUTYY(("P(server_fast_server_num:%s)\n", $2)); 2248 if(atoi($2) <= 0) 2249 yyerror("number expected"); 2250 else cfg_parser->cfg->fast_server_num = atoi($2); 2251 free($2); 2252 } 2253 ; 2254 server_fast_server_permil: VAR_FAST_SERVER_PERMIL STRING_ARG 2255 { 2256 OUTYY(("P(server_fast_server_permil:%s)\n", $2)); 2257 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2258 yyerror("number expected"); 2259 else cfg_parser->cfg->fast_server_permil = atoi($2); 2260 free($2); 2261 } 2262 ; 2263 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG 2264 { 2265 OUTYY(("P(server_qname_minimisation:%s)\n", $2)); 2266 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2267 yyerror("expected yes or no."); 2268 else cfg_parser->cfg->qname_minimisation = 2269 (strcmp($2, "yes")==0); 2270 free($2); 2271 } 2272 ; 2273 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG 2274 { 2275 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2)); 2276 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2277 yyerror("expected yes or no."); 2278 else cfg_parser->cfg->qname_minimisation_strict = 2279 (strcmp($2, "yes")==0); 2280 free($2); 2281 } 2282 ; 2283 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG 2284 { 2285 #ifdef USE_IPSECMOD 2286 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2)); 2287 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2288 yyerror("expected yes or no."); 2289 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0); 2290 #else 2291 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2292 #endif 2293 free($2); 2294 } 2295 ; 2296 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG 2297 { 2298 #ifdef USE_IPSECMOD 2299 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2)); 2300 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2301 yyerror("expected yes or no."); 2302 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0); 2303 #else 2304 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2305 #endif 2306 free($2); 2307 } 2308 ; 2309 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG 2310 { 2311 #ifdef USE_IPSECMOD 2312 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2)); 2313 free(cfg_parser->cfg->ipsecmod_hook); 2314 cfg_parser->cfg->ipsecmod_hook = $2; 2315 #else 2316 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2317 free($2); 2318 #endif 2319 } 2320 ; 2321 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG 2322 { 2323 #ifdef USE_IPSECMOD 2324 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2)); 2325 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2326 yyerror("number expected"); 2327 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2); 2328 free($2); 2329 #else 2330 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2331 free($2); 2332 #endif 2333 } 2334 ; 2335 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG 2336 { 2337 #ifdef USE_IPSECMOD 2338 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2)); 2339 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2)) 2340 yyerror("out of memory"); 2341 #else 2342 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2343 free($2); 2344 #endif 2345 } 2346 ; 2347 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG 2348 { 2349 #ifdef USE_IPSECMOD 2350 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2)); 2351 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2352 yyerror("expected yes or no."); 2353 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0); 2354 free($2); 2355 #else 2356 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2357 free($2); 2358 #endif 2359 } 2360 ; 2361 stub_name: VAR_NAME STRING_ARG 2362 { 2363 OUTYY(("P(name:%s)\n", $2)); 2364 if(cfg_parser->cfg->stubs->name) 2365 yyerror("stub name override, there must be one name " 2366 "for one stub-zone"); 2367 free(cfg_parser->cfg->stubs->name); 2368 cfg_parser->cfg->stubs->name = $2; 2369 } 2370 ; 2371 stub_host: VAR_STUB_HOST STRING_ARG 2372 { 2373 OUTYY(("P(stub-host:%s)\n", $2)); 2374 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2)) 2375 yyerror("out of memory"); 2376 } 2377 ; 2378 stub_addr: VAR_STUB_ADDR STRING_ARG 2379 { 2380 OUTYY(("P(stub-addr:%s)\n", $2)); 2381 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2)) 2382 yyerror("out of memory"); 2383 } 2384 ; 2385 stub_first: VAR_STUB_FIRST STRING_ARG 2386 { 2387 OUTYY(("P(stub-first:%s)\n", $2)); 2388 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2389 yyerror("expected yes or no."); 2390 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0); 2391 free($2); 2392 } 2393 ; 2394 stub_no_cache: VAR_STUB_NO_CACHE STRING_ARG 2395 { 2396 OUTYY(("P(stub-no-cache:%s)\n", $2)); 2397 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2398 yyerror("expected yes or no."); 2399 else cfg_parser->cfg->stubs->no_cache=(strcmp($2, "yes")==0); 2400 free($2); 2401 } 2402 ; 2403 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG 2404 { 2405 OUTYY(("P(stub-ssl-upstream:%s)\n", $2)); 2406 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2407 yyerror("expected yes or no."); 2408 else cfg_parser->cfg->stubs->ssl_upstream = 2409 (strcmp($2, "yes")==0); 2410 free($2); 2411 } 2412 ; 2413 stub_prime: VAR_STUB_PRIME STRING_ARG 2414 { 2415 OUTYY(("P(stub-prime:%s)\n", $2)); 2416 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2417 yyerror("expected yes or no."); 2418 else cfg_parser->cfg->stubs->isprime = 2419 (strcmp($2, "yes")==0); 2420 free($2); 2421 } 2422 ; 2423 forward_name: VAR_NAME STRING_ARG 2424 { 2425 OUTYY(("P(name:%s)\n", $2)); 2426 if(cfg_parser->cfg->forwards->name) 2427 yyerror("forward name override, there must be one " 2428 "name for one forward-zone"); 2429 free(cfg_parser->cfg->forwards->name); 2430 cfg_parser->cfg->forwards->name = $2; 2431 } 2432 ; 2433 forward_host: VAR_FORWARD_HOST STRING_ARG 2434 { 2435 OUTYY(("P(forward-host:%s)\n", $2)); 2436 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2)) 2437 yyerror("out of memory"); 2438 } 2439 ; 2440 forward_addr: VAR_FORWARD_ADDR STRING_ARG 2441 { 2442 OUTYY(("P(forward-addr:%s)\n", $2)); 2443 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2)) 2444 yyerror("out of memory"); 2445 } 2446 ; 2447 forward_first: VAR_FORWARD_FIRST STRING_ARG 2448 { 2449 OUTYY(("P(forward-first:%s)\n", $2)); 2450 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2451 yyerror("expected yes or no."); 2452 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0); 2453 free($2); 2454 } 2455 ; 2456 forward_no_cache: VAR_FORWARD_NO_CACHE STRING_ARG 2457 { 2458 OUTYY(("P(forward-no-cache:%s)\n", $2)); 2459 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2460 yyerror("expected yes or no."); 2461 else cfg_parser->cfg->forwards->no_cache=(strcmp($2, "yes")==0); 2462 free($2); 2463 } 2464 ; 2465 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG 2466 { 2467 OUTYY(("P(forward-ssl-upstream:%s)\n", $2)); 2468 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2469 yyerror("expected yes or no."); 2470 else cfg_parser->cfg->forwards->ssl_upstream = 2471 (strcmp($2, "yes")==0); 2472 free($2); 2473 } 2474 ; 2475 auth_name: VAR_NAME STRING_ARG 2476 { 2477 OUTYY(("P(name:%s)\n", $2)); 2478 if(cfg_parser->cfg->auths->name) 2479 yyerror("auth name override, there must be one name " 2480 "for one auth-zone"); 2481 free(cfg_parser->cfg->auths->name); 2482 cfg_parser->cfg->auths->name = $2; 2483 } 2484 ; 2485 auth_zonefile: VAR_ZONEFILE STRING_ARG 2486 { 2487 OUTYY(("P(zonefile:%s)\n", $2)); 2488 free(cfg_parser->cfg->auths->zonefile); 2489 cfg_parser->cfg->auths->zonefile = $2; 2490 } 2491 ; 2492 auth_master: VAR_MASTER STRING_ARG 2493 { 2494 OUTYY(("P(master:%s)\n", $2)); 2495 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2)) 2496 yyerror("out of memory"); 2497 } 2498 ; 2499 auth_url: VAR_URL STRING_ARG 2500 { 2501 OUTYY(("P(url:%s)\n", $2)); 2502 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2)) 2503 yyerror("out of memory"); 2504 } 2505 ; 2506 auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG 2507 { 2508 OUTYY(("P(allow-notify:%s)\n", $2)); 2509 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify, 2510 $2)) 2511 yyerror("out of memory"); 2512 } 2513 ; 2514 auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG 2515 { 2516 OUTYY(("P(for-downstream:%s)\n", $2)); 2517 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2518 yyerror("expected yes or no."); 2519 else cfg_parser->cfg->auths->for_downstream = 2520 (strcmp($2, "yes")==0); 2521 free($2); 2522 } 2523 ; 2524 auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG 2525 { 2526 OUTYY(("P(for-upstream:%s)\n", $2)); 2527 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2528 yyerror("expected yes or no."); 2529 else cfg_parser->cfg->auths->for_upstream = 2530 (strcmp($2, "yes")==0); 2531 free($2); 2532 } 2533 ; 2534 auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG 2535 { 2536 OUTYY(("P(fallback-enabled:%s)\n", $2)); 2537 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2538 yyerror("expected yes or no."); 2539 else cfg_parser->cfg->auths->fallback_enabled = 2540 (strcmp($2, "yes")==0); 2541 free($2); 2542 } 2543 ; 2544 view_name: VAR_NAME STRING_ARG 2545 { 2546 OUTYY(("P(name:%s)\n", $2)); 2547 if(cfg_parser->cfg->views->name) 2548 yyerror("view name override, there must be one " 2549 "name for one view"); 2550 free(cfg_parser->cfg->views->name); 2551 cfg_parser->cfg->views->name = $2; 2552 } 2553 ; 2554 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 2555 { 2556 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3)); 2557 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 2558 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 2559 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 2560 && strcmp($3, "typetransparent")!=0 2561 && strcmp($3, "always_transparent")!=0 2562 && strcmp($3, "always_refuse")!=0 2563 && strcmp($3, "always_nxdomain")!=0 2564 && strcmp($3, "noview")!=0 2565 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0) { 2566 yyerror("local-zone type: expected static, deny, " 2567 "refuse, redirect, transparent, " 2568 "typetransparent, inform, inform_deny, " 2569 "always_transparent, always_refuse, " 2570 "always_nxdomain, noview or nodefault"); 2571 free($2); 2572 free($3); 2573 } else if(strcmp($3, "nodefault")==0) { 2574 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2575 local_zones_nodefault, $2)) 2576 fatal_exit("out of memory adding local-zone"); 2577 free($3); 2578 #ifdef USE_IPSET 2579 } else if(strcmp($3, "ipset")==0) { 2580 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2581 local_zones_ipset, $2)) 2582 fatal_exit("out of memory adding local-zone"); 2583 free($3); 2584 #endif 2585 } else { 2586 if(!cfg_str2list_insert( 2587 &cfg_parser->cfg->views->local_zones, 2588 $2, $3)) 2589 fatal_exit("out of memory adding local-zone"); 2590 } 2591 } 2592 ; 2593 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 2594 { 2595 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3)); 2596 validate_respip_action($3); 2597 if(!cfg_str2list_insert( 2598 &cfg_parser->cfg->views->respip_actions, $2, $3)) 2599 fatal_exit("out of memory adding per-view " 2600 "response-ip action"); 2601 } 2602 ; 2603 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 2604 { 2605 OUTYY(("P(view_response_ip_data:%s)\n", $2)); 2606 if(!cfg_str2list_insert( 2607 &cfg_parser->cfg->views->respip_data, $2, $3)) 2608 fatal_exit("out of memory adding response-ip-data"); 2609 } 2610 ; 2611 view_local_data: VAR_LOCAL_DATA STRING_ARG 2612 { 2613 OUTYY(("P(view_local_data:%s)\n", $2)); 2614 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) { 2615 fatal_exit("out of memory adding local-data"); 2616 } 2617 } 2618 ; 2619 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 2620 { 2621 char* ptr; 2622 OUTYY(("P(view_local_data_ptr:%s)\n", $2)); 2623 ptr = cfg_ptr_reverse($2); 2624 free($2); 2625 if(ptr) { 2626 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2627 local_data, ptr)) 2628 fatal_exit("out of memory adding local-data"); 2629 } else { 2630 yyerror("local-data-ptr could not be reversed"); 2631 } 2632 } 2633 ; 2634 view_first: VAR_VIEW_FIRST STRING_ARG 2635 { 2636 OUTYY(("P(view-first:%s)\n", $2)); 2637 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2638 yyerror("expected yes or no."); 2639 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0); 2640 free($2); 2641 } 2642 ; 2643 rcstart: VAR_REMOTE_CONTROL 2644 { 2645 OUTYY(("\nP(remote-control:)\n")); 2646 } 2647 ; 2648 contents_rc: contents_rc content_rc 2649 | ; 2650 content_rc: rc_control_enable | rc_control_interface | rc_control_port | 2651 rc_server_key_file | rc_server_cert_file | rc_control_key_file | 2652 rc_control_cert_file | rc_control_use_cert 2653 ; 2654 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG 2655 { 2656 OUTYY(("P(control_enable:%s)\n", $2)); 2657 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2658 yyerror("expected yes or no."); 2659 else cfg_parser->cfg->remote_control_enable = 2660 (strcmp($2, "yes")==0); 2661 free($2); 2662 } 2663 ; 2664 rc_control_port: VAR_CONTROL_PORT STRING_ARG 2665 { 2666 OUTYY(("P(control_port:%s)\n", $2)); 2667 if(atoi($2) == 0) 2668 yyerror("control port number expected"); 2669 else cfg_parser->cfg->control_port = atoi($2); 2670 free($2); 2671 } 2672 ; 2673 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG 2674 { 2675 OUTYY(("P(control_interface:%s)\n", $2)); 2676 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2)) 2677 yyerror("out of memory"); 2678 } 2679 ; 2680 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG 2681 { 2682 OUTYY(("P(control_use_cert:%s)\n", $2)); 2683 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0); 2684 free($2); 2685 } 2686 ; 2687 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG 2688 { 2689 OUTYY(("P(rc_server_key_file:%s)\n", $2)); 2690 free(cfg_parser->cfg->server_key_file); 2691 cfg_parser->cfg->server_key_file = $2; 2692 } 2693 ; 2694 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG 2695 { 2696 OUTYY(("P(rc_server_cert_file:%s)\n", $2)); 2697 free(cfg_parser->cfg->server_cert_file); 2698 cfg_parser->cfg->server_cert_file = $2; 2699 } 2700 ; 2701 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG 2702 { 2703 OUTYY(("P(rc_control_key_file:%s)\n", $2)); 2704 free(cfg_parser->cfg->control_key_file); 2705 cfg_parser->cfg->control_key_file = $2; 2706 } 2707 ; 2708 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG 2709 { 2710 OUTYY(("P(rc_control_cert_file:%s)\n", $2)); 2711 free(cfg_parser->cfg->control_cert_file); 2712 cfg_parser->cfg->control_cert_file = $2; 2713 } 2714 ; 2715 dtstart: VAR_DNSTAP 2716 { 2717 OUTYY(("\nP(dnstap:)\n")); 2718 } 2719 ; 2720 contents_dt: contents_dt content_dt 2721 | ; 2722 content_dt: dt_dnstap_enable | dt_dnstap_socket_path | 2723 dt_dnstap_send_identity | dt_dnstap_send_version | 2724 dt_dnstap_identity | dt_dnstap_version | 2725 dt_dnstap_log_resolver_query_messages | 2726 dt_dnstap_log_resolver_response_messages | 2727 dt_dnstap_log_client_query_messages | 2728 dt_dnstap_log_client_response_messages | 2729 dt_dnstap_log_forwarder_query_messages | 2730 dt_dnstap_log_forwarder_response_messages 2731 ; 2732 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG 2733 { 2734 OUTYY(("P(dt_dnstap_enable:%s)\n", $2)); 2735 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2736 yyerror("expected yes or no."); 2737 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0); 2738 free($2); 2739 } 2740 ; 2741 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG 2742 { 2743 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2)); 2744 free(cfg_parser->cfg->dnstap_socket_path); 2745 cfg_parser->cfg->dnstap_socket_path = $2; 2746 } 2747 ; 2748 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG 2749 { 2750 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2)); 2751 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2752 yyerror("expected yes or no."); 2753 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0); 2754 free($2); 2755 } 2756 ; 2757 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG 2758 { 2759 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2)); 2760 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2761 yyerror("expected yes or no."); 2762 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0); 2763 free($2); 2764 } 2765 ; 2766 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG 2767 { 2768 OUTYY(("P(dt_dnstap_identity:%s)\n", $2)); 2769 free(cfg_parser->cfg->dnstap_identity); 2770 cfg_parser->cfg->dnstap_identity = $2; 2771 } 2772 ; 2773 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG 2774 { 2775 OUTYY(("P(dt_dnstap_version:%s)\n", $2)); 2776 free(cfg_parser->cfg->dnstap_version); 2777 cfg_parser->cfg->dnstap_version = $2; 2778 } 2779 ; 2780 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG 2781 { 2782 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2)); 2783 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2784 yyerror("expected yes or no."); 2785 else cfg_parser->cfg->dnstap_log_resolver_query_messages = 2786 (strcmp($2, "yes")==0); 2787 free($2); 2788 } 2789 ; 2790 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG 2791 { 2792 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2)); 2793 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2794 yyerror("expected yes or no."); 2795 else cfg_parser->cfg->dnstap_log_resolver_response_messages = 2796 (strcmp($2, "yes")==0); 2797 free($2); 2798 } 2799 ; 2800 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG 2801 { 2802 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2)); 2803 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2804 yyerror("expected yes or no."); 2805 else cfg_parser->cfg->dnstap_log_client_query_messages = 2806 (strcmp($2, "yes")==0); 2807 free($2); 2808 } 2809 ; 2810 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG 2811 { 2812 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2)); 2813 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2814 yyerror("expected yes or no."); 2815 else cfg_parser->cfg->dnstap_log_client_response_messages = 2816 (strcmp($2, "yes")==0); 2817 free($2); 2818 } 2819 ; 2820 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG 2821 { 2822 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2)); 2823 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2824 yyerror("expected yes or no."); 2825 else cfg_parser->cfg->dnstap_log_forwarder_query_messages = 2826 (strcmp($2, "yes")==0); 2827 free($2); 2828 } 2829 ; 2830 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG 2831 { 2832 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2)); 2833 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2834 yyerror("expected yes or no."); 2835 else cfg_parser->cfg->dnstap_log_forwarder_response_messages = 2836 (strcmp($2, "yes")==0); 2837 free($2); 2838 } 2839 ; 2840 pythonstart: VAR_PYTHON 2841 { 2842 OUTYY(("\nP(python:)\n")); 2843 } 2844 ; 2845 contents_py: contents_py content_py 2846 | ; 2847 content_py: py_script 2848 ; 2849 py_script: VAR_PYTHON_SCRIPT STRING_ARG 2850 { 2851 OUTYY(("P(python-script:%s)\n", $2)); 2852 if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, $2)) 2853 yyerror("out of memory"); 2854 } 2855 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG 2856 { 2857 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2)); 2858 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2859 yyerror("expected yes or no."); 2860 else cfg_parser->cfg->disable_dnssec_lame_check = 2861 (strcmp($2, "yes")==0); 2862 free($2); 2863 } 2864 ; 2865 server_log_identity: VAR_LOG_IDENTITY STRING_ARG 2866 { 2867 OUTYY(("P(server_log_identity:%s)\n", $2)); 2868 free(cfg_parser->cfg->log_identity); 2869 cfg_parser->cfg->log_identity = $2; 2870 } 2871 ; 2872 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 2873 { 2874 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3)); 2875 validate_respip_action($3); 2876 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions, 2877 $2, $3)) 2878 fatal_exit("out of memory adding response-ip"); 2879 } 2880 ; 2881 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 2882 { 2883 OUTYY(("P(server_response_ip_data:%s)\n", $2)); 2884 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data, 2885 $2, $3)) 2886 fatal_exit("out of memory adding response-ip-data"); 2887 } 2888 ; 2889 dnscstart: VAR_DNSCRYPT 2890 { 2891 OUTYY(("\nP(dnscrypt:)\n")); 2892 } 2893 ; 2894 contents_dnsc: contents_dnsc content_dnsc 2895 | ; 2896 content_dnsc: 2897 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider | 2898 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert | 2899 dnsc_dnscrypt_provider_cert_rotated | 2900 dnsc_dnscrypt_shared_secret_cache_size | 2901 dnsc_dnscrypt_shared_secret_cache_slabs | 2902 dnsc_dnscrypt_nonce_cache_size | 2903 dnsc_dnscrypt_nonce_cache_slabs 2904 ; 2905 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG 2906 { 2907 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2)); 2908 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2909 yyerror("expected yes or no."); 2910 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0); 2911 free($2); 2912 } 2913 ; 2914 2915 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG 2916 { 2917 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2)); 2918 if(atoi($2) == 0) 2919 yyerror("port number expected"); 2920 else cfg_parser->cfg->dnscrypt_port = atoi($2); 2921 free($2); 2922 } 2923 ; 2924 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG 2925 { 2926 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2)); 2927 free(cfg_parser->cfg->dnscrypt_provider); 2928 cfg_parser->cfg->dnscrypt_provider = $2; 2929 } 2930 ; 2931 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG 2932 { 2933 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2)); 2934 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2)) 2935 log_warn("dnscrypt-provider-cert %s is a duplicate", $2); 2936 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2)) 2937 fatal_exit("out of memory adding dnscrypt-provider-cert"); 2938 } 2939 ; 2940 dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG 2941 { 2942 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2)); 2943 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2)) 2944 fatal_exit("out of memory adding dnscrypt-provider-cert-rotated"); 2945 } 2946 ; 2947 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG 2948 { 2949 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2)); 2950 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2)) 2951 log_warn("dnscrypt-secret-key: %s is a duplicate", $2); 2952 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2)) 2953 fatal_exit("out of memory adding dnscrypt-secret-key"); 2954 } 2955 ; 2956 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG 2957 { 2958 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2)); 2959 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size)) 2960 yyerror("memory size expected"); 2961 free($2); 2962 } 2963 ; 2964 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG 2965 { 2966 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2)); 2967 if(atoi($2) == 0) 2968 yyerror("number expected"); 2969 else { 2970 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2); 2971 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs)) 2972 yyerror("must be a power of 2"); 2973 } 2974 free($2); 2975 } 2976 ; 2977 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG 2978 { 2979 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2)); 2980 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size)) 2981 yyerror("memory size expected"); 2982 free($2); 2983 } 2984 ; 2985 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG 2986 { 2987 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2)); 2988 if(atoi($2) == 0) 2989 yyerror("number expected"); 2990 else { 2991 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2); 2992 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs)) 2993 yyerror("must be a power of 2"); 2994 } 2995 free($2); 2996 } 2997 ; 2998 cachedbstart: VAR_CACHEDB 2999 { 3000 OUTYY(("\nP(cachedb:)\n")); 3001 } 3002 ; 3003 contents_cachedb: contents_cachedb content_cachedb 3004 | ; 3005 content_cachedb: cachedb_backend_name | cachedb_secret_seed | 3006 redis_server_host | redis_server_port | redis_timeout 3007 ; 3008 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG 3009 { 3010 #ifdef USE_CACHEDB 3011 OUTYY(("P(backend:%s)\n", $2)); 3012 free(cfg_parser->cfg->cachedb_backend); 3013 cfg_parser->cfg->cachedb_backend = $2; 3014 #else 3015 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3016 free($2); 3017 #endif 3018 } 3019 ; 3020 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG 3021 { 3022 #ifdef USE_CACHEDB 3023 OUTYY(("P(secret-seed:%s)\n", $2)); 3024 free(cfg_parser->cfg->cachedb_secret); 3025 cfg_parser->cfg->cachedb_secret = $2; 3026 #else 3027 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3028 free($2); 3029 #endif 3030 } 3031 ; 3032 redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG 3033 { 3034 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3035 OUTYY(("P(redis_server_host:%s)\n", $2)); 3036 free(cfg_parser->cfg->redis_server_host); 3037 cfg_parser->cfg->redis_server_host = $2; 3038 #else 3039 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3040 free($2); 3041 #endif 3042 } 3043 ; 3044 redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG 3045 { 3046 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3047 int port; 3048 OUTYY(("P(redis_server_port:%s)\n", $2)); 3049 port = atoi($2); 3050 if(port == 0 || port < 0 || port > 65535) 3051 yyerror("valid redis server port number expected"); 3052 else cfg_parser->cfg->redis_server_port = port; 3053 #else 3054 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3055 #endif 3056 free($2); 3057 } 3058 ; 3059 redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG 3060 { 3061 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3062 OUTYY(("P(redis_timeout:%s)\n", $2)); 3063 if(atoi($2) == 0) 3064 yyerror("redis timeout value expected"); 3065 else cfg_parser->cfg->redis_timeout = atoi($2); 3066 #else 3067 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3068 #endif 3069 free($2); 3070 } 3071 ; 3072 server_tcp_connection_limit: VAR_TCP_CONNECTION_LIMIT STRING_ARG STRING_ARG 3073 { 3074 OUTYY(("P(server_tcp_connection_limit:%s %s)\n", $2, $3)); 3075 if (atoi($3) < 0) 3076 yyerror("positive number expected"); 3077 else { 3078 if(!cfg_str2list_insert(&cfg_parser->cfg->tcp_connection_limits, $2, $3)) 3079 fatal_exit("out of memory adding tcp connection limit"); 3080 } 3081 } 3082 ; 3083 ipsetstart: VAR_IPSET 3084 { 3085 OUTYY(("\nP(ipset:)\n")); 3086 } 3087 ; 3088 contents_ipset: contents_ipset content_ipset 3089 | ; 3090 content_ipset: ipset_name_v4 | ipset_name_v6 3091 ; 3092 ipset_name_v4: VAR_IPSET_NAME_V4 STRING_ARG 3093 { 3094 #ifdef USE_IPSET 3095 OUTYY(("P(name-v4:%s)\n", $2)); 3096 if(cfg_parser->cfg->ipset_name_v4) 3097 yyerror("ipset name v4 override, there must be one " 3098 "name for ip v4"); 3099 free(cfg_parser->cfg->ipset_name_v4); 3100 cfg_parser->cfg->ipset_name_v4 = $2; 3101 #else 3102 OUTYY(("P(Compiled without ipset, ignoring)\n")); 3103 free($2); 3104 #endif 3105 } 3106 ; 3107 ipset_name_v6: VAR_IPSET_NAME_V6 STRING_ARG 3108 { 3109 #ifdef USE_IPSET 3110 OUTYY(("P(name-v6:%s)\n", $2)); 3111 if(cfg_parser->cfg->ipset_name_v6) 3112 yyerror("ipset name v6 override, there must be one " 3113 "name for ip v6"); 3114 free(cfg_parser->cfg->ipset_name_v6); 3115 cfg_parser->cfg->ipset_name_v6 = $2; 3116 #else 3117 OUTYY(("P(Compiled without ipset, ignoring)\n")); 3118 free($2); 3119 #endif 3120 } 3121 ; 3122 %% 3123 3124 /* parse helper routines could be here */ 3125 static void 3126 validate_respip_action(const char* action) 3127 { 3128 if(strcmp(action, "deny")!=0 && 3129 strcmp(action, "redirect")!=0 && 3130 strcmp(action, "inform")!=0 && 3131 strcmp(action, "inform_deny")!=0 && 3132 strcmp(action, "always_transparent")!=0 && 3133 strcmp(action, "always_refuse")!=0 && 3134 strcmp(action, "always_nxdomain")!=0) 3135 { 3136 yyerror("response-ip action: expected deny, redirect, " 3137 "inform, inform_deny, always_transparent, " 3138 "always_refuse or always_nxdomain"); 3139 } 3140 } 3141 3142 3143