1 /* 2 * configparser.y -- yacc grammar for unbound configuration files 3 * 4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. 5 * 6 * Copyright (c) 2007, NLnet Labs. All rights reserved. 7 * 8 * This software is open source. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * Redistributions of source code must retain the above copyright notice, 15 * this list of conditions and the following disclaimer. 16 * 17 * Redistributions in binary form must reproduce the above copyright notice, 18 * this list of conditions and the following disclaimer in the documentation 19 * and/or other materials provided with the distribution. 20 * 21 * Neither the name of the NLNET LABS nor the names of its contributors may 22 * be used to endorse or promote products derived from this software without 23 * specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38 %{ 39 #include "config.h" 40 41 #include <stdarg.h> 42 #include <stdio.h> 43 #include <string.h> 44 #include <stdlib.h> 45 #include <assert.h> 46 47 #include "util/configyyrename.h" 48 #include "util/config_file.h" 49 #include "util/net_help.h" 50 #include "sldns/str2wire.h" 51 52 int ub_c_lex(void); 53 void ub_c_error(const char *message); 54 55 static void validate_respip_action(const char* action); 56 static void validate_acl_action(const char* action); 57 58 /* these need to be global, otherwise they cannot be used inside yacc */ 59 extern struct config_parser_state* cfg_parser; 60 61 #if 0 62 #define OUTYY(s) printf s /* used ONLY when debugging */ 63 #else 64 #define OUTYY(s) 65 #endif 66 67 %} 68 %union { 69 char* str; 70 }; 71 72 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR 73 %token <str> STRING_ARG 74 %token VAR_FORCE_TOPLEVEL 75 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT 76 %token VAR_OUTGOING_RANGE VAR_INTERFACE VAR_PREFER_IP4 77 %token VAR_DO_IP4 VAR_DO_IP6 VAR_DO_NAT64 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP 78 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT 79 %token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT 80 %token VAR_SOCK_QUEUE_TIMEOUT 81 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE 82 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD 83 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP 84 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS 85 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME 86 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY 87 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES 88 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR 89 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION 90 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF 91 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE 92 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE 93 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE 94 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE 95 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG 96 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST 97 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL 98 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC 99 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID 100 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT 101 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR 102 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS 103 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE 104 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE 105 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE 106 %token VAR_CONTROL_USE_CERT VAR_TCP_REUSE_TIMEOUT VAR_MAX_REUSE_TCP_QUERIES 107 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT 108 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII 109 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN 110 %token VAR_VAL_SIG_SKEW_MAX VAR_VAL_MAX_RESTART VAR_CACHE_MIN_TTL 111 %token VAR_VAL_LOG_LEVEL VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING 112 %token VAR_ADD_HOLDDOWN VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE 113 %token VAR_PREFETCH VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT 114 %token VAR_HARDEN_BELOW_NXDOMAIN VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES 115 %token VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS VAR_TCP_UPSTREAM 116 %token VAR_SSL_UPSTREAM VAR_TCP_AUTH_QUERY_TIMEOUT VAR_SSL_SERVICE_KEY 117 %token VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST 118 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE 119 %token VAR_STUB_TCP_UPSTREAM VAR_FORWARD_TCP_UPSTREAM 120 %token VAR_HTTPS_PORT VAR_HTTP_ENDPOINT VAR_HTTP_MAX_STREAMS 121 %token VAR_HTTP_QUERY_BUFFER_SIZE VAR_HTTP_RESPONSE_BUFFER_SIZE 122 %token VAR_HTTP_NODELAY VAR_HTTP_NOTLS_DOWNSTREAM 123 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN 124 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE VAR_UDP_CONNECT 125 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES 126 %token VAR_INFRA_CACHE_MIN_RTT VAR_INFRA_CACHE_MAX_RTT VAR_INFRA_KEEP_PROBING 127 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA 128 %token VAR_NAT64_PREFIX 129 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH VAR_DNSTAP_IP 130 %token VAR_DNSTAP_TLS VAR_DNSTAP_TLS_SERVER_NAME VAR_DNSTAP_TLS_CERT_BUNDLE 131 %token VAR_DNSTAP_TLS_CLIENT_KEY_FILE VAR_DNSTAP_TLS_CLIENT_CERT_FILE 132 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION VAR_DNSTAP_BIDIRECTIONAL 133 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION 134 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 135 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 136 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 137 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 138 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 139 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 140 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA 141 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT 142 %token VAR_IP_DSCP 143 %token VAR_DISABLE_DNSSEC_LAME_CHECK 144 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE 145 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE 146 %token VAR_OUTBOUND_MSG_RETRY VAR_MAX_SENT_COUNT VAR_MAX_QUERY_RESTARTS 147 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN 148 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR 149 %token VAR_IP_RATELIMIT_BACKOFF VAR_RATELIMIT_BACKOFF 150 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE 151 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE 152 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6 153 %token VAR_MIN_CLIENT_SUBNET_IPV4 VAR_MIN_CLIENT_SUBNET_IPV6 154 %token VAR_MAX_ECS_TREE_SIZE_IPV4 VAR_MAX_ECS_TREE_SIZE_IPV6 155 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN 156 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND 157 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG 158 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION 159 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW 160 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_SERVE_EXPIRED_TTL 161 %token VAR_SERVE_EXPIRED_TTL_RESET VAR_SERVE_EXPIRED_REPLY_TTL 162 %token VAR_SERVE_EXPIRED_CLIENT_TIMEOUT VAR_EDE_SERVE_EXPIRED 163 %token VAR_SERVE_ORIGINAL_TTL VAR_FAKE_DSA 164 %token VAR_FAKE_SHA1 VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR 165 %token VAR_HIDE_HTTP_USER_AGENT VAR_HTTP_USER_AGENT 166 %token VAR_TRUST_ANCHOR_SIGNALING VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD 167 %token VAR_SHM_ENABLE VAR_SHM_KEY VAR_ROOT_KEY_SENTINEL 168 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER 169 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT 170 %token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 171 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 172 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 173 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE 174 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS 175 %token VAR_PAD_RESPONSES VAR_PAD_RESPONSES_BLOCK_SIZE 176 %token VAR_PAD_QUERIES VAR_PAD_QUERIES_BLOCK_SIZE 177 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS 178 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT 179 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED 180 %token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISTIMEOUT 181 %token VAR_CACHEDB_REDISEXPIRERECORDS VAR_CACHEDB_REDISPATH VAR_CACHEDB_REDISPASSWORD 182 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM 183 %token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM 184 %token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL 185 %token VAR_FAST_SERVER_PERMIL VAR_FAST_SERVER_NUM 186 %token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT VAR_TCP_CONNECTION_LIMIT 187 %token VAR_ANSWER_COOKIE VAR_COOKIE_SECRET VAR_IP_RATELIMIT_COOKIE 188 %token VAR_FORWARD_NO_CACHE VAR_STUB_NO_CACHE VAR_LOG_SERVFAIL VAR_DENY_ANY 189 %token VAR_UNKNOWN_SERVER_TIME_LIMIT VAR_LOG_TAG_QUERYREPLY 190 %token VAR_STREAM_WAIT_SIZE VAR_TLS_CIPHERS VAR_TLS_CIPHERSUITES VAR_TLS_USE_SNI 191 %token VAR_IPSET VAR_IPSET_NAME_V4 VAR_IPSET_NAME_V6 192 %token VAR_TLS_SESSION_TICKET_KEYS VAR_RPZ VAR_TAGS VAR_RPZ_ACTION_OVERRIDE 193 %token VAR_RPZ_CNAME_OVERRIDE VAR_RPZ_LOG VAR_RPZ_LOG_NAME 194 %token VAR_DYNLIB VAR_DYNLIB_FILE VAR_EDNS_CLIENT_STRING 195 %token VAR_EDNS_CLIENT_STRING_OPCODE VAR_NSID 196 %token VAR_ZONEMD_PERMISSIVE_MODE VAR_ZONEMD_CHECK VAR_ZONEMD_REJECT_ABSENCE 197 %token VAR_RPZ_SIGNAL_NXDOMAIN_RA VAR_INTERFACE_AUTOMATIC_PORTS VAR_EDE 198 %token VAR_INTERFACE_ACTION VAR_INTERFACE_VIEW VAR_INTERFACE_TAG 199 %token VAR_INTERFACE_TAG_ACTION VAR_INTERFACE_TAG_DATA 200 %token VAR_PROXY_PROTOCOL_PORT VAR_STATISTICS_INHIBIT_ZERO 201 %token VAR_HARDEN_UNKNOWN_ADDITIONAL 202 203 %% 204 toplevelvars: /* empty */ | toplevelvars toplevelvar ; 205 toplevelvar: serverstart contents_server | stubstart contents_stub | 206 forwardstart contents_forward | pythonstart contents_py | 207 rcstart contents_rc | dtstart contents_dt | viewstart contents_view | 208 dnscstart contents_dnsc | cachedbstart contents_cachedb | 209 ipsetstart contents_ipset | authstart contents_auth | 210 rpzstart contents_rpz | dynlibstart contents_dl | 211 force_toplevel 212 ; 213 force_toplevel: VAR_FORCE_TOPLEVEL 214 { 215 OUTYY(("\nP(force-toplevel)\n")); 216 cfg_parser->started_toplevel = 0; 217 } 218 ; 219 /* server: declaration */ 220 serverstart: VAR_SERVER 221 { 222 OUTYY(("\nP(server:)\n")); 223 cfg_parser->started_toplevel = 1; 224 } 225 ; 226 contents_server: contents_server content_server 227 | ; 228 content_server: server_num_threads | server_verbosity | server_port | 229 server_outgoing_range | server_do_ip4 | 230 server_do_ip6 | server_do_nat64 | server_prefer_ip4 | 231 server_prefer_ip6 | server_do_udp | server_do_tcp | 232 server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout | 233 server_tcp_keepalive | server_tcp_keepalive_timeout | 234 server_sock_queue_timeout | 235 server_interface | server_chroot | server_username | 236 server_directory | server_logfile | server_pidfile | 237 server_msg_cache_size | server_msg_cache_slabs | 238 server_num_queries_per_thread | server_rrset_cache_size | 239 server_rrset_cache_slabs | server_outgoing_num_tcp | 240 server_infra_host_ttl | server_infra_lame_ttl | 241 server_infra_cache_slabs | server_infra_cache_numhosts | 242 server_infra_cache_lame_size | server_target_fetch_policy | 243 server_harden_short_bufsize | server_harden_large_queries | 244 server_do_not_query_address | server_hide_identity | 245 server_hide_version | server_identity | server_version | 246 server_hide_http_user_agent | server_http_user_agent | 247 server_harden_glue | server_module_conf | server_trust_anchor_file | 248 server_trust_anchor | server_val_override_date | server_bogus_ttl | 249 server_val_clean_additional | server_val_permissive_mode | 250 server_incoming_num_tcp | server_msg_buffer_size | 251 server_key_cache_size | server_key_cache_slabs | 252 server_trusted_keys_file | server_val_nsec3_keysize_iterations | 253 server_use_syslog | server_outgoing_interface | server_root_hints | 254 server_do_not_query_localhost | server_cache_max_ttl | 255 server_harden_dnssec_stripped | server_access_control | 256 server_local_zone | server_local_data | server_interface_automatic | 257 server_statistics_interval | server_do_daemonize | 258 server_use_caps_for_id | server_statistics_cumulative | 259 server_outgoing_port_permit | server_outgoing_port_avoid | 260 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size | 261 server_harden_referral_path | server_private_address | 262 server_private_domain | server_extended_statistics | 263 server_local_data_ptr | server_jostle_timeout | 264 server_unwanted_reply_threshold | server_log_time_ascii | 265 server_domain_insecure | server_val_sig_skew_min | 266 server_val_sig_skew_max | server_val_max_restart | 267 server_cache_min_ttl | server_val_log_level | 268 server_auto_trust_anchor_file | server_add_holddown | 269 server_del_holddown | server_keep_missing | server_so_rcvbuf | 270 server_edns_buffer_size | server_prefetch | server_prefetch_key | 271 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag | 272 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream | 273 server_log_local_actions | 274 server_ssl_service_key | server_ssl_service_pem | server_ssl_port | 275 server_https_port | server_http_endpoint | server_http_max_streams | 276 server_http_query_buffer_size | server_http_response_buffer_size | 277 server_http_nodelay | server_http_notls_downstream | 278 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size | 279 server_so_reuseport | server_delay_close | server_udp_connect | 280 server_unblock_lan_zones | server_insecure_lan_zones | 281 server_dns64_prefix | server_dns64_synthall | server_dns64_ignore_aaaa | 282 server_nat64_prefix | 283 server_infra_cache_min_rtt | server_infra_cache_max_rtt | server_harden_algo_downgrade | 284 server_ip_transparent | server_ip_ratelimit | server_ratelimit | 285 server_ip_dscp | server_infra_keep_probing | 286 server_ip_ratelimit_slabs | server_ratelimit_slabs | 287 server_ip_ratelimit_size | server_ratelimit_size | 288 server_ratelimit_for_domain | 289 server_ratelimit_below_domain | server_ratelimit_factor | 290 server_ip_ratelimit_factor | server_ratelimit_backoff | 291 server_ip_ratelimit_backoff | server_outbound_msg_retry | 292 server_max_sent_count | server_max_query_restarts | 293 server_send_client_subnet | server_client_subnet_zone | 294 server_client_subnet_always_forward | server_client_subnet_opcode | 295 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 | 296 server_min_client_subnet_ipv4 | server_min_client_subnet_ipv6 | 297 server_max_ecs_tree_size_ipv4 | server_max_ecs_tree_size_ipv6 | 298 server_caps_whitelist | server_cache_max_negative_ttl | 299 server_permit_small_holddown | server_qname_minimisation | 300 server_ip_freebind | server_define_tag | server_local_zone_tag | 301 server_disable_dnssec_lame_check | server_access_control_tag | 302 server_local_zone_override | server_access_control_tag_action | 303 server_access_control_tag_data | server_access_control_view | 304 server_interface_action | server_interface_view | server_interface_tag | 305 server_interface_tag_action | server_interface_tag_data | 306 server_qname_minimisation_strict | 307 server_pad_responses | server_pad_responses_block_size | 308 server_pad_queries | server_pad_queries_block_size | 309 server_serve_expired | 310 server_serve_expired_ttl | server_serve_expired_ttl_reset | 311 server_serve_expired_reply_ttl | server_serve_expired_client_timeout | 312 server_ede_serve_expired | server_serve_original_ttl | server_fake_dsa | 313 server_log_identity | server_use_systemd | 314 server_response_ip_tag | server_response_ip | server_response_ip_data | 315 server_shm_enable | server_shm_key | server_fake_sha1 | 316 server_hide_trustanchor | server_trust_anchor_signaling | 317 server_root_key_sentinel | 318 server_ipsecmod_enabled | server_ipsecmod_hook | 319 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl | 320 server_ipsecmod_whitelist | server_ipsecmod_strict | 321 server_udp_upstream_without_downstream | server_aggressive_nsec | 322 server_tls_cert_bundle | server_tls_additional_port | server_low_rtt | 323 server_fast_server_permil | server_fast_server_num | server_tls_win_cert | 324 server_tcp_connection_limit | server_log_servfail | server_deny_any | 325 server_unknown_server_time_limit | server_log_tag_queryreply | 326 server_stream_wait_size | server_tls_ciphers | 327 server_tls_ciphersuites | server_tls_session_ticket_keys | 328 server_answer_cookie | server_cookie_secret | server_ip_ratelimit_cookie | 329 server_tls_use_sni | server_edns_client_string | 330 server_edns_client_string_opcode | server_nsid | 331 server_zonemd_permissive_mode | server_max_reuse_tcp_queries | 332 server_tcp_reuse_timeout | server_tcp_auth_query_timeout | 333 server_interface_automatic_ports | server_ede | 334 server_proxy_protocol_port | server_statistics_inhibit_zero | 335 server_harden_unknown_additional 336 ; 337 stubstart: VAR_STUB_ZONE 338 { 339 struct config_stub* s; 340 OUTYY(("\nP(stub_zone:)\n")); 341 cfg_parser->started_toplevel = 1; 342 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 343 if(s) { 344 s->next = cfg_parser->cfg->stubs; 345 cfg_parser->cfg->stubs = s; 346 } else { 347 yyerror("out of memory"); 348 } 349 } 350 ; 351 contents_stub: contents_stub content_stub 352 | ; 353 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first | 354 stub_no_cache | stub_ssl_upstream | stub_tcp_upstream 355 ; 356 forwardstart: VAR_FORWARD_ZONE 357 { 358 struct config_stub* s; 359 OUTYY(("\nP(forward_zone:)\n")); 360 cfg_parser->started_toplevel = 1; 361 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 362 if(s) { 363 s->next = cfg_parser->cfg->forwards; 364 cfg_parser->cfg->forwards = s; 365 } else { 366 yyerror("out of memory"); 367 } 368 } 369 ; 370 contents_forward: contents_forward content_forward 371 | ; 372 content_forward: forward_name | forward_host | forward_addr | forward_first | 373 forward_no_cache | forward_ssl_upstream | forward_tcp_upstream 374 ; 375 viewstart: VAR_VIEW 376 { 377 struct config_view* s; 378 OUTYY(("\nP(view:)\n")); 379 cfg_parser->started_toplevel = 1; 380 s = (struct config_view*)calloc(1, sizeof(struct config_view)); 381 if(s) { 382 s->next = cfg_parser->cfg->views; 383 if(s->next && !s->next->name) 384 yyerror("view without name"); 385 cfg_parser->cfg->views = s; 386 } else { 387 yyerror("out of memory"); 388 } 389 } 390 ; 391 contents_view: contents_view content_view 392 | ; 393 content_view: view_name | view_local_zone | view_local_data | view_first | 394 view_response_ip | view_response_ip_data | view_local_data_ptr 395 ; 396 authstart: VAR_AUTH_ZONE 397 { 398 struct config_auth* s; 399 OUTYY(("\nP(auth_zone:)\n")); 400 cfg_parser->started_toplevel = 1; 401 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 402 if(s) { 403 s->next = cfg_parser->cfg->auths; 404 cfg_parser->cfg->auths = s; 405 /* defaults for auth zone */ 406 s->for_downstream = 1; 407 s->for_upstream = 1; 408 s->fallback_enabled = 0; 409 s->zonemd_check = 0; 410 s->zonemd_reject_absence = 0; 411 s->isrpz = 0; 412 } else { 413 yyerror("out of memory"); 414 } 415 } 416 ; 417 contents_auth: contents_auth content_auth 418 | ; 419 content_auth: auth_name | auth_zonefile | auth_master | auth_url | 420 auth_for_downstream | auth_for_upstream | auth_fallback_enabled | 421 auth_allow_notify | auth_zonemd_check | auth_zonemd_reject_absence 422 ; 423 424 rpz_tag: VAR_TAGS STRING_ARG 425 { 426 uint8_t* bitlist; 427 size_t len = 0; 428 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 429 bitlist = config_parse_taglist(cfg_parser->cfg, $2, 430 &len); 431 free($2); 432 if(!bitlist) { 433 yyerror("could not parse tags, (define-tag them first)"); 434 } 435 if(bitlist) { 436 cfg_parser->cfg->auths->rpz_taglist = bitlist; 437 cfg_parser->cfg->auths->rpz_taglistlen = len; 438 439 } 440 } 441 ; 442 443 rpz_action_override: VAR_RPZ_ACTION_OVERRIDE STRING_ARG 444 { 445 OUTYY(("P(rpz_action_override:%s)\n", $2)); 446 if(strcmp($2, "nxdomain")!=0 && strcmp($2, "nodata")!=0 && 447 strcmp($2, "passthru")!=0 && strcmp($2, "drop")!=0 && 448 strcmp($2, "cname")!=0 && strcmp($2, "disabled")!=0) { 449 yyerror("rpz-action-override action: expected nxdomain, " 450 "nodata, passthru, drop, cname or disabled"); 451 free($2); 452 cfg_parser->cfg->auths->rpz_action_override = NULL; 453 } 454 else { 455 cfg_parser->cfg->auths->rpz_action_override = $2; 456 } 457 } 458 ; 459 460 rpz_cname_override: VAR_RPZ_CNAME_OVERRIDE STRING_ARG 461 { 462 OUTYY(("P(rpz_cname_override:%s)\n", $2)); 463 free(cfg_parser->cfg->auths->rpz_cname); 464 cfg_parser->cfg->auths->rpz_cname = $2; 465 } 466 ; 467 468 rpz_log: VAR_RPZ_LOG STRING_ARG 469 { 470 OUTYY(("P(rpz_log:%s)\n", $2)); 471 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 472 yyerror("expected yes or no."); 473 else cfg_parser->cfg->auths->rpz_log = (strcmp($2, "yes")==0); 474 free($2); 475 } 476 ; 477 478 rpz_log_name: VAR_RPZ_LOG_NAME STRING_ARG 479 { 480 OUTYY(("P(rpz_log_name:%s)\n", $2)); 481 free(cfg_parser->cfg->auths->rpz_log_name); 482 cfg_parser->cfg->auths->rpz_log_name = $2; 483 } 484 ; 485 rpz_signal_nxdomain_ra: VAR_RPZ_SIGNAL_NXDOMAIN_RA STRING_ARG 486 { 487 OUTYY(("P(rpz_signal_nxdomain_ra:%s)\n", $2)); 488 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 489 yyerror("expected yes or no."); 490 else cfg_parser->cfg->auths->rpz_signal_nxdomain_ra = (strcmp($2, "yes")==0); 491 free($2); 492 } 493 ; 494 495 rpzstart: VAR_RPZ 496 { 497 struct config_auth* s; 498 OUTYY(("\nP(rpz:)\n")); 499 cfg_parser->started_toplevel = 1; 500 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 501 if(s) { 502 s->next = cfg_parser->cfg->auths; 503 cfg_parser->cfg->auths = s; 504 /* defaults for RPZ auth zone */ 505 s->for_downstream = 0; 506 s->for_upstream = 0; 507 s->fallback_enabled = 0; 508 s->isrpz = 1; 509 } else { 510 yyerror("out of memory"); 511 } 512 } 513 ; 514 contents_rpz: contents_rpz content_rpz 515 | ; 516 content_rpz: auth_name | auth_zonefile | rpz_tag | auth_master | auth_url | 517 auth_allow_notify | rpz_action_override | rpz_cname_override | 518 rpz_log | rpz_log_name | rpz_signal_nxdomain_ra | auth_for_downstream 519 ; 520 server_num_threads: VAR_NUM_THREADS STRING_ARG 521 { 522 OUTYY(("P(server_num_threads:%s)\n", $2)); 523 if(atoi($2) == 0 && strcmp($2, "0") != 0) 524 yyerror("number expected"); 525 else cfg_parser->cfg->num_threads = atoi($2); 526 free($2); 527 } 528 ; 529 server_verbosity: VAR_VERBOSITY STRING_ARG 530 { 531 OUTYY(("P(server_verbosity:%s)\n", $2)); 532 if(atoi($2) == 0 && strcmp($2, "0") != 0) 533 yyerror("number expected"); 534 else cfg_parser->cfg->verbosity = atoi($2); 535 free($2); 536 } 537 ; 538 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG 539 { 540 OUTYY(("P(server_statistics_interval:%s)\n", $2)); 541 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 542 cfg_parser->cfg->stat_interval = 0; 543 else if(atoi($2) == 0) 544 yyerror("number expected"); 545 else cfg_parser->cfg->stat_interval = atoi($2); 546 free($2); 547 } 548 ; 549 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG 550 { 551 OUTYY(("P(server_statistics_cumulative:%s)\n", $2)); 552 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 553 yyerror("expected yes or no."); 554 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0); 555 free($2); 556 } 557 ; 558 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG 559 { 560 OUTYY(("P(server_extended_statistics:%s)\n", $2)); 561 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 562 yyerror("expected yes or no."); 563 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0); 564 free($2); 565 } 566 ; 567 server_statistics_inhibit_zero: VAR_STATISTICS_INHIBIT_ZERO STRING_ARG 568 { 569 OUTYY(("P(server_statistics_inhibit_zero:%s)\n", $2)); 570 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 571 yyerror("expected yes or no."); 572 else cfg_parser->cfg->stat_inhibit_zero = (strcmp($2, "yes")==0); 573 free($2); 574 } 575 ; 576 server_shm_enable: VAR_SHM_ENABLE STRING_ARG 577 { 578 OUTYY(("P(server_shm_enable:%s)\n", $2)); 579 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 580 yyerror("expected yes or no."); 581 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0); 582 free($2); 583 } 584 ; 585 server_shm_key: VAR_SHM_KEY STRING_ARG 586 { 587 OUTYY(("P(server_shm_key:%s)\n", $2)); 588 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 589 cfg_parser->cfg->shm_key = 0; 590 else if(atoi($2) == 0) 591 yyerror("number expected"); 592 else cfg_parser->cfg->shm_key = atoi($2); 593 free($2); 594 } 595 ; 596 server_port: VAR_PORT STRING_ARG 597 { 598 OUTYY(("P(server_port:%s)\n", $2)); 599 if(atoi($2) == 0) 600 yyerror("port number expected"); 601 else cfg_parser->cfg->port = atoi($2); 602 free($2); 603 } 604 ; 605 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG 606 { 607 #ifdef CLIENT_SUBNET 608 OUTYY(("P(server_send_client_subnet:%s)\n", $2)); 609 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2)) 610 fatal_exit("out of memory adding client-subnet"); 611 #else 612 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 613 free($2); 614 #endif 615 } 616 ; 617 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG 618 { 619 #ifdef CLIENT_SUBNET 620 OUTYY(("P(server_client_subnet_zone:%s)\n", $2)); 621 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone, 622 $2)) 623 fatal_exit("out of memory adding client-subnet-zone"); 624 #else 625 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 626 free($2); 627 #endif 628 } 629 ; 630 server_client_subnet_always_forward: 631 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG 632 { 633 #ifdef CLIENT_SUBNET 634 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2)); 635 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 636 yyerror("expected yes or no."); 637 else 638 cfg_parser->cfg->client_subnet_always_forward = 639 (strcmp($2, "yes")==0); 640 #else 641 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 642 #endif 643 free($2); 644 } 645 ; 646 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG 647 { 648 #ifdef CLIENT_SUBNET 649 OUTYY(("P(client_subnet_opcode:%s)\n", $2)); 650 OUTYY(("P(Deprecated option, ignoring)\n")); 651 #else 652 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 653 #endif 654 free($2); 655 } 656 ; 657 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG 658 { 659 #ifdef CLIENT_SUBNET 660 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2)); 661 if(atoi($2) == 0 && strcmp($2, "0") != 0) 662 yyerror("IPv4 subnet length expected"); 663 else if (atoi($2) > 32) 664 cfg_parser->cfg->max_client_subnet_ipv4 = 32; 665 else if (atoi($2) < 0) 666 cfg_parser->cfg->max_client_subnet_ipv4 = 0; 667 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2); 668 #else 669 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 670 #endif 671 free($2); 672 } 673 ; 674 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG 675 { 676 #ifdef CLIENT_SUBNET 677 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2)); 678 if(atoi($2) == 0 && strcmp($2, "0") != 0) 679 yyerror("Ipv6 subnet length expected"); 680 else if (atoi($2) > 128) 681 cfg_parser->cfg->max_client_subnet_ipv6 = 128; 682 else if (atoi($2) < 0) 683 cfg_parser->cfg->max_client_subnet_ipv6 = 0; 684 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2); 685 #else 686 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 687 #endif 688 free($2); 689 } 690 ; 691 server_min_client_subnet_ipv4: VAR_MIN_CLIENT_SUBNET_IPV4 STRING_ARG 692 { 693 #ifdef CLIENT_SUBNET 694 OUTYY(("P(min_client_subnet_ipv4:%s)\n", $2)); 695 if(atoi($2) == 0 && strcmp($2, "0") != 0) 696 yyerror("IPv4 subnet length expected"); 697 else if (atoi($2) > 32) 698 cfg_parser->cfg->min_client_subnet_ipv4 = 32; 699 else if (atoi($2) < 0) 700 cfg_parser->cfg->min_client_subnet_ipv4 = 0; 701 else cfg_parser->cfg->min_client_subnet_ipv4 = (uint8_t)atoi($2); 702 #else 703 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 704 #endif 705 free($2); 706 } 707 ; 708 server_min_client_subnet_ipv6: VAR_MIN_CLIENT_SUBNET_IPV6 STRING_ARG 709 { 710 #ifdef CLIENT_SUBNET 711 OUTYY(("P(min_client_subnet_ipv6:%s)\n", $2)); 712 if(atoi($2) == 0 && strcmp($2, "0") != 0) 713 yyerror("Ipv6 subnet length expected"); 714 else if (atoi($2) > 128) 715 cfg_parser->cfg->min_client_subnet_ipv6 = 128; 716 else if (atoi($2) < 0) 717 cfg_parser->cfg->min_client_subnet_ipv6 = 0; 718 else cfg_parser->cfg->min_client_subnet_ipv6 = (uint8_t)atoi($2); 719 #else 720 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 721 #endif 722 free($2); 723 } 724 ; 725 server_max_ecs_tree_size_ipv4: VAR_MAX_ECS_TREE_SIZE_IPV4 STRING_ARG 726 { 727 #ifdef CLIENT_SUBNET 728 OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", $2)); 729 if(atoi($2) == 0 && strcmp($2, "0") != 0) 730 yyerror("IPv4 ECS tree size expected"); 731 else if (atoi($2) < 0) 732 cfg_parser->cfg->max_ecs_tree_size_ipv4 = 0; 733 else cfg_parser->cfg->max_ecs_tree_size_ipv4 = (uint32_t)atoi($2); 734 #else 735 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 736 #endif 737 free($2); 738 } 739 ; 740 server_max_ecs_tree_size_ipv6: VAR_MAX_ECS_TREE_SIZE_IPV6 STRING_ARG 741 { 742 #ifdef CLIENT_SUBNET 743 OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", $2)); 744 if(atoi($2) == 0 && strcmp($2, "0") != 0) 745 yyerror("IPv6 ECS tree size expected"); 746 else if (atoi($2) < 0) 747 cfg_parser->cfg->max_ecs_tree_size_ipv6 = 0; 748 else cfg_parser->cfg->max_ecs_tree_size_ipv6 = (uint32_t)atoi($2); 749 #else 750 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 751 #endif 752 free($2); 753 } 754 ; 755 server_interface: VAR_INTERFACE STRING_ARG 756 { 757 OUTYY(("P(server_interface:%s)\n", $2)); 758 if(cfg_parser->cfg->num_ifs == 0) 759 cfg_parser->cfg->ifs = calloc(1, sizeof(char*)); 760 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs, 761 (cfg_parser->cfg->num_ifs+1)*sizeof(char*)); 762 if(!cfg_parser->cfg->ifs) 763 yyerror("out of memory"); 764 else 765 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2; 766 } 767 ; 768 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG 769 { 770 OUTYY(("P(server_outgoing_interface:%s)\n", $2)); 771 if(cfg_parser->cfg->num_out_ifs == 0) 772 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*)); 773 else cfg_parser->cfg->out_ifs = realloc( 774 cfg_parser->cfg->out_ifs, 775 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*)); 776 if(!cfg_parser->cfg->out_ifs) 777 yyerror("out of memory"); 778 else 779 cfg_parser->cfg->out_ifs[ 780 cfg_parser->cfg->num_out_ifs++] = $2; 781 } 782 ; 783 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG 784 { 785 OUTYY(("P(server_outgoing_range:%s)\n", $2)); 786 if(atoi($2) == 0) 787 yyerror("number expected"); 788 else cfg_parser->cfg->outgoing_num_ports = atoi($2); 789 free($2); 790 } 791 ; 792 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG 793 { 794 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2)); 795 if(!cfg_mark_ports($2, 1, 796 cfg_parser->cfg->outgoing_avail_ports, 65536)) 797 yyerror("port number or range (\"low-high\") expected"); 798 free($2); 799 } 800 ; 801 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG 802 { 803 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2)); 804 if(!cfg_mark_ports($2, 0, 805 cfg_parser->cfg->outgoing_avail_ports, 65536)) 806 yyerror("port number or range (\"low-high\") expected"); 807 free($2); 808 } 809 ; 810 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG 811 { 812 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2)); 813 if(atoi($2) == 0 && strcmp($2, "0") != 0) 814 yyerror("number expected"); 815 else cfg_parser->cfg->outgoing_num_tcp = atoi($2); 816 free($2); 817 } 818 ; 819 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG 820 { 821 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2)); 822 if(atoi($2) == 0 && strcmp($2, "0") != 0) 823 yyerror("number expected"); 824 else cfg_parser->cfg->incoming_num_tcp = atoi($2); 825 free($2); 826 } 827 ; 828 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG 829 { 830 OUTYY(("P(server_interface_automatic:%s)\n", $2)); 831 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 832 yyerror("expected yes or no."); 833 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0); 834 free($2); 835 } 836 ; 837 server_interface_automatic_ports: VAR_INTERFACE_AUTOMATIC_PORTS STRING_ARG 838 { 839 OUTYY(("P(server_interface_automatic_ports:%s)\n", $2)); 840 free(cfg_parser->cfg->if_automatic_ports); 841 cfg_parser->cfg->if_automatic_ports = $2; 842 } 843 ; 844 server_do_ip4: VAR_DO_IP4 STRING_ARG 845 { 846 OUTYY(("P(server_do_ip4:%s)\n", $2)); 847 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 848 yyerror("expected yes or no."); 849 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0); 850 free($2); 851 } 852 ; 853 server_do_ip6: VAR_DO_IP6 STRING_ARG 854 { 855 OUTYY(("P(server_do_ip6:%s)\n", $2)); 856 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 857 yyerror("expected yes or no."); 858 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0); 859 free($2); 860 } 861 ; 862 server_do_nat64: VAR_DO_NAT64 STRING_ARG 863 { 864 OUTYY(("P(server_do_nat64:%s)\n", $2)); 865 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 866 yyerror("expected yes or no."); 867 else cfg_parser->cfg->do_nat64 = (strcmp($2, "yes")==0); 868 free($2); 869 } 870 ; 871 server_do_udp: VAR_DO_UDP STRING_ARG 872 { 873 OUTYY(("P(server_do_udp:%s)\n", $2)); 874 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 875 yyerror("expected yes or no."); 876 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0); 877 free($2); 878 } 879 ; 880 server_do_tcp: VAR_DO_TCP STRING_ARG 881 { 882 OUTYY(("P(server_do_tcp:%s)\n", $2)); 883 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 884 yyerror("expected yes or no."); 885 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0); 886 free($2); 887 } 888 ; 889 server_prefer_ip4: VAR_PREFER_IP4 STRING_ARG 890 { 891 OUTYY(("P(server_prefer_ip4:%s)\n", $2)); 892 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 893 yyerror("expected yes or no."); 894 else cfg_parser->cfg->prefer_ip4 = (strcmp($2, "yes")==0); 895 free($2); 896 } 897 ; 898 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG 899 { 900 OUTYY(("P(server_prefer_ip6:%s)\n", $2)); 901 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 902 yyerror("expected yes or no."); 903 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0); 904 free($2); 905 } 906 ; 907 server_tcp_mss: VAR_TCP_MSS STRING_ARG 908 { 909 OUTYY(("P(server_tcp_mss:%s)\n", $2)); 910 if(atoi($2) == 0 && strcmp($2, "0") != 0) 911 yyerror("number expected"); 912 else cfg_parser->cfg->tcp_mss = atoi($2); 913 free($2); 914 } 915 ; 916 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG 917 { 918 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2)); 919 if(atoi($2) == 0 && strcmp($2, "0") != 0) 920 yyerror("number expected"); 921 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2); 922 free($2); 923 } 924 ; 925 server_tcp_idle_timeout: VAR_TCP_IDLE_TIMEOUT STRING_ARG 926 { 927 OUTYY(("P(server_tcp_idle_timeout:%s)\n", $2)); 928 if(atoi($2) == 0 && strcmp($2, "0") != 0) 929 yyerror("number expected"); 930 else if (atoi($2) > 120000) 931 cfg_parser->cfg->tcp_idle_timeout = 120000; 932 else if (atoi($2) < 1) 933 cfg_parser->cfg->tcp_idle_timeout = 1; 934 else cfg_parser->cfg->tcp_idle_timeout = atoi($2); 935 free($2); 936 } 937 ; 938 server_max_reuse_tcp_queries: VAR_MAX_REUSE_TCP_QUERIES STRING_ARG 939 { 940 OUTYY(("P(server_max_reuse_tcp_queries:%s)\n", $2)); 941 if(atoi($2) == 0 && strcmp($2, "0") != 0) 942 yyerror("number expected"); 943 else if (atoi($2) < 1) 944 cfg_parser->cfg->max_reuse_tcp_queries = 0; 945 else cfg_parser->cfg->max_reuse_tcp_queries = atoi($2); 946 free($2); 947 } 948 ; 949 server_tcp_reuse_timeout: VAR_TCP_REUSE_TIMEOUT STRING_ARG 950 { 951 OUTYY(("P(server_tcp_reuse_timeout:%s)\n", $2)); 952 if(atoi($2) == 0 && strcmp($2, "0") != 0) 953 yyerror("number expected"); 954 else if (atoi($2) < 1) 955 cfg_parser->cfg->tcp_reuse_timeout = 0; 956 else cfg_parser->cfg->tcp_reuse_timeout = atoi($2); 957 free($2); 958 } 959 ; 960 server_tcp_auth_query_timeout: VAR_TCP_AUTH_QUERY_TIMEOUT STRING_ARG 961 { 962 OUTYY(("P(server_tcp_auth_query_timeout:%s)\n", $2)); 963 if(atoi($2) == 0 && strcmp($2, "0") != 0) 964 yyerror("number expected"); 965 else if (atoi($2) < 1) 966 cfg_parser->cfg->tcp_auth_query_timeout = 0; 967 else cfg_parser->cfg->tcp_auth_query_timeout = atoi($2); 968 free($2); 969 } 970 ; 971 server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG 972 { 973 OUTYY(("P(server_tcp_keepalive:%s)\n", $2)); 974 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 975 yyerror("expected yes or no."); 976 else cfg_parser->cfg->do_tcp_keepalive = (strcmp($2, "yes")==0); 977 free($2); 978 } 979 ; 980 server_tcp_keepalive_timeout: VAR_EDNS_TCP_KEEPALIVE_TIMEOUT STRING_ARG 981 { 982 OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", $2)); 983 if(atoi($2) == 0 && strcmp($2, "0") != 0) 984 yyerror("number expected"); 985 else if (atoi($2) > 6553500) 986 cfg_parser->cfg->tcp_keepalive_timeout = 6553500; 987 else if (atoi($2) < 1) 988 cfg_parser->cfg->tcp_keepalive_timeout = 0; 989 else cfg_parser->cfg->tcp_keepalive_timeout = atoi($2); 990 free($2); 991 } 992 ; 993 server_sock_queue_timeout: VAR_SOCK_QUEUE_TIMEOUT STRING_ARG 994 { 995 OUTYY(("P(server_sock_queue_timeout:%s)\n", $2)); 996 if(atoi($2) == 0 && strcmp($2, "0") != 0) 997 yyerror("number expected"); 998 else if (atoi($2) > 6553500) 999 cfg_parser->cfg->sock_queue_timeout = 6553500; 1000 else if (atoi($2) < 1) 1001 cfg_parser->cfg->sock_queue_timeout = 0; 1002 else cfg_parser->cfg->sock_queue_timeout = atoi($2); 1003 free($2); 1004 } 1005 ; 1006 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG 1007 { 1008 OUTYY(("P(server_tcp_upstream:%s)\n", $2)); 1009 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1010 yyerror("expected yes or no."); 1011 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0); 1012 free($2); 1013 } 1014 ; 1015 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG 1016 { 1017 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2)); 1018 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1019 yyerror("expected yes or no."); 1020 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0); 1021 free($2); 1022 } 1023 ; 1024 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG 1025 { 1026 OUTYY(("P(server_ssl_upstream:%s)\n", $2)); 1027 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1028 yyerror("expected yes or no."); 1029 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0); 1030 free($2); 1031 } 1032 ; 1033 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG 1034 { 1035 OUTYY(("P(server_ssl_service_key:%s)\n", $2)); 1036 free(cfg_parser->cfg->ssl_service_key); 1037 cfg_parser->cfg->ssl_service_key = $2; 1038 } 1039 ; 1040 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG 1041 { 1042 OUTYY(("P(server_ssl_service_pem:%s)\n", $2)); 1043 free(cfg_parser->cfg->ssl_service_pem); 1044 cfg_parser->cfg->ssl_service_pem = $2; 1045 } 1046 ; 1047 server_ssl_port: VAR_SSL_PORT STRING_ARG 1048 { 1049 OUTYY(("P(server_ssl_port:%s)\n", $2)); 1050 if(atoi($2) == 0) 1051 yyerror("port number expected"); 1052 else cfg_parser->cfg->ssl_port = atoi($2); 1053 free($2); 1054 } 1055 ; 1056 server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG 1057 { 1058 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2)); 1059 free(cfg_parser->cfg->tls_cert_bundle); 1060 cfg_parser->cfg->tls_cert_bundle = $2; 1061 } 1062 ; 1063 server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG 1064 { 1065 OUTYY(("P(server_tls_win_cert:%s)\n", $2)); 1066 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1067 yyerror("expected yes or no."); 1068 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0); 1069 free($2); 1070 } 1071 ; 1072 server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG 1073 { 1074 OUTYY(("P(server_tls_additional_port:%s)\n", $2)); 1075 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port, 1076 $2)) 1077 yyerror("out of memory"); 1078 } 1079 ; 1080 server_tls_ciphers: VAR_TLS_CIPHERS STRING_ARG 1081 { 1082 OUTYY(("P(server_tls_ciphers:%s)\n", $2)); 1083 free(cfg_parser->cfg->tls_ciphers); 1084 cfg_parser->cfg->tls_ciphers = $2; 1085 } 1086 ; 1087 server_tls_ciphersuites: VAR_TLS_CIPHERSUITES STRING_ARG 1088 { 1089 OUTYY(("P(server_tls_ciphersuites:%s)\n", $2)); 1090 free(cfg_parser->cfg->tls_ciphersuites); 1091 cfg_parser->cfg->tls_ciphersuites = $2; 1092 } 1093 ; 1094 server_tls_session_ticket_keys: VAR_TLS_SESSION_TICKET_KEYS STRING_ARG 1095 { 1096 OUTYY(("P(server_tls_session_ticket_keys:%s)\n", $2)); 1097 if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys, 1098 $2)) 1099 yyerror("out of memory"); 1100 } 1101 ; 1102 server_tls_use_sni: VAR_TLS_USE_SNI STRING_ARG 1103 { 1104 OUTYY(("P(server_tls_use_sni:%s)\n", $2)); 1105 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1106 yyerror("expected yes or no."); 1107 else cfg_parser->cfg->tls_use_sni = (strcmp($2, "yes")==0); 1108 free($2); 1109 } 1110 ; 1111 server_https_port: VAR_HTTPS_PORT STRING_ARG 1112 { 1113 OUTYY(("P(server_https_port:%s)\n", $2)); 1114 if(atoi($2) == 0) 1115 yyerror("port number expected"); 1116 else cfg_parser->cfg->https_port = atoi($2); 1117 free($2); 1118 }; 1119 server_http_endpoint: VAR_HTTP_ENDPOINT STRING_ARG 1120 { 1121 OUTYY(("P(server_http_endpoint:%s)\n", $2)); 1122 free(cfg_parser->cfg->http_endpoint); 1123 if($2 && $2[0] != '/') { 1124 cfg_parser->cfg->http_endpoint = malloc(strlen($2)+2); 1125 if(!cfg_parser->cfg->http_endpoint) 1126 yyerror("out of memory"); 1127 cfg_parser->cfg->http_endpoint[0] = '/'; 1128 memmove(cfg_parser->cfg->http_endpoint+1, $2, 1129 strlen($2)+1); 1130 free($2); 1131 } else { 1132 cfg_parser->cfg->http_endpoint = $2; 1133 } 1134 }; 1135 server_http_max_streams: VAR_HTTP_MAX_STREAMS STRING_ARG 1136 { 1137 OUTYY(("P(server_http_max_streams:%s)\n", $2)); 1138 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1139 yyerror("number expected"); 1140 else cfg_parser->cfg->http_max_streams = atoi($2); 1141 free($2); 1142 }; 1143 server_http_query_buffer_size: VAR_HTTP_QUERY_BUFFER_SIZE STRING_ARG 1144 { 1145 OUTYY(("P(server_http_query_buffer_size:%s)\n", $2)); 1146 if(!cfg_parse_memsize($2, 1147 &cfg_parser->cfg->http_query_buffer_size)) 1148 yyerror("memory size expected"); 1149 free($2); 1150 }; 1151 server_http_response_buffer_size: VAR_HTTP_RESPONSE_BUFFER_SIZE STRING_ARG 1152 { 1153 OUTYY(("P(server_http_response_buffer_size:%s)\n", $2)); 1154 if(!cfg_parse_memsize($2, 1155 &cfg_parser->cfg->http_response_buffer_size)) 1156 yyerror("memory size expected"); 1157 free($2); 1158 }; 1159 server_http_nodelay: VAR_HTTP_NODELAY STRING_ARG 1160 { 1161 OUTYY(("P(server_http_nodelay:%s)\n", $2)); 1162 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1163 yyerror("expected yes or no."); 1164 else cfg_parser->cfg->http_nodelay = (strcmp($2, "yes")==0); 1165 free($2); 1166 }; 1167 server_http_notls_downstream: VAR_HTTP_NOTLS_DOWNSTREAM STRING_ARG 1168 { 1169 OUTYY(("P(server_http_notls_downstream:%s)\n", $2)); 1170 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1171 yyerror("expected yes or no."); 1172 else cfg_parser->cfg->http_notls_downstream = (strcmp($2, "yes")==0); 1173 free($2); 1174 }; 1175 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG 1176 { 1177 OUTYY(("P(server_use_systemd:%s)\n", $2)); 1178 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1179 yyerror("expected yes or no."); 1180 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0); 1181 free($2); 1182 } 1183 ; 1184 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG 1185 { 1186 OUTYY(("P(server_do_daemonize:%s)\n", $2)); 1187 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1188 yyerror("expected yes or no."); 1189 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0); 1190 free($2); 1191 } 1192 ; 1193 server_use_syslog: VAR_USE_SYSLOG STRING_ARG 1194 { 1195 OUTYY(("P(server_use_syslog:%s)\n", $2)); 1196 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1197 yyerror("expected yes or no."); 1198 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0); 1199 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS) 1200 if(strcmp($2, "yes") == 0) 1201 yyerror("no syslog services are available. " 1202 "(reconfigure and compile to add)"); 1203 #endif 1204 free($2); 1205 } 1206 ; 1207 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG 1208 { 1209 OUTYY(("P(server_log_time_ascii:%s)\n", $2)); 1210 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1211 yyerror("expected yes or no."); 1212 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0); 1213 free($2); 1214 } 1215 ; 1216 server_log_queries: VAR_LOG_QUERIES STRING_ARG 1217 { 1218 OUTYY(("P(server_log_queries:%s)\n", $2)); 1219 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1220 yyerror("expected yes or no."); 1221 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0); 1222 free($2); 1223 } 1224 ; 1225 server_log_replies: VAR_LOG_REPLIES STRING_ARG 1226 { 1227 OUTYY(("P(server_log_replies:%s)\n", $2)); 1228 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1229 yyerror("expected yes or no."); 1230 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0); 1231 free($2); 1232 } 1233 ; 1234 server_log_tag_queryreply: VAR_LOG_TAG_QUERYREPLY STRING_ARG 1235 { 1236 OUTYY(("P(server_log_tag_queryreply:%s)\n", $2)); 1237 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1238 yyerror("expected yes or no."); 1239 else cfg_parser->cfg->log_tag_queryreply = (strcmp($2, "yes")==0); 1240 free($2); 1241 } 1242 ; 1243 server_log_servfail: VAR_LOG_SERVFAIL STRING_ARG 1244 { 1245 OUTYY(("P(server_log_servfail:%s)\n", $2)); 1246 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1247 yyerror("expected yes or no."); 1248 else cfg_parser->cfg->log_servfail = (strcmp($2, "yes")==0); 1249 free($2); 1250 } 1251 ; 1252 server_log_local_actions: VAR_LOG_LOCAL_ACTIONS STRING_ARG 1253 { 1254 OUTYY(("P(server_log_local_actions:%s)\n", $2)); 1255 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1256 yyerror("expected yes or no."); 1257 else cfg_parser->cfg->log_local_actions = (strcmp($2, "yes")==0); 1258 free($2); 1259 } 1260 ; 1261 server_chroot: VAR_CHROOT STRING_ARG 1262 { 1263 OUTYY(("P(server_chroot:%s)\n", $2)); 1264 free(cfg_parser->cfg->chrootdir); 1265 cfg_parser->cfg->chrootdir = $2; 1266 } 1267 ; 1268 server_username: VAR_USERNAME STRING_ARG 1269 { 1270 OUTYY(("P(server_username:%s)\n", $2)); 1271 free(cfg_parser->cfg->username); 1272 cfg_parser->cfg->username = $2; 1273 } 1274 ; 1275 server_directory: VAR_DIRECTORY STRING_ARG 1276 { 1277 OUTYY(("P(server_directory:%s)\n", $2)); 1278 free(cfg_parser->cfg->directory); 1279 cfg_parser->cfg->directory = $2; 1280 /* change there right away for includes relative to this */ 1281 if($2[0]) { 1282 char* d; 1283 #ifdef UB_ON_WINDOWS 1284 w_config_adjust_directory(cfg_parser->cfg); 1285 #endif 1286 d = cfg_parser->cfg->directory; 1287 /* adjust directory if we have already chroot, 1288 * like, we reread after sighup */ 1289 if(cfg_parser->chroot && cfg_parser->chroot[0] && 1290 strncmp(d, cfg_parser->chroot, strlen( 1291 cfg_parser->chroot)) == 0) 1292 d += strlen(cfg_parser->chroot); 1293 if(d[0]) { 1294 if(chdir(d)) 1295 log_err("cannot chdir to directory: %s (%s)", 1296 d, strerror(errno)); 1297 } 1298 } 1299 } 1300 ; 1301 server_logfile: VAR_LOGFILE STRING_ARG 1302 { 1303 OUTYY(("P(server_logfile:%s)\n", $2)); 1304 free(cfg_parser->cfg->logfile); 1305 cfg_parser->cfg->logfile = $2; 1306 cfg_parser->cfg->use_syslog = 0; 1307 } 1308 ; 1309 server_pidfile: VAR_PIDFILE STRING_ARG 1310 { 1311 OUTYY(("P(server_pidfile:%s)\n", $2)); 1312 free(cfg_parser->cfg->pidfile); 1313 cfg_parser->cfg->pidfile = $2; 1314 } 1315 ; 1316 server_root_hints: VAR_ROOT_HINTS STRING_ARG 1317 { 1318 OUTYY(("P(server_root_hints:%s)\n", $2)); 1319 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2)) 1320 yyerror("out of memory"); 1321 } 1322 ; 1323 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG 1324 { 1325 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2)); 1326 log_warn("option dlv-anchor-file ignored: DLV is decommissioned"); 1327 free($2); 1328 } 1329 ; 1330 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG 1331 { 1332 OUTYY(("P(server_dlv_anchor:%s)\n", $2)); 1333 log_warn("option dlv-anchor ignored: DLV is decommissioned"); 1334 free($2); 1335 } 1336 ; 1337 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG 1338 { 1339 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2)); 1340 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1341 auto_trust_anchor_file_list, $2)) 1342 yyerror("out of memory"); 1343 } 1344 ; 1345 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG 1346 { 1347 OUTYY(("P(server_trust_anchor_file:%s)\n", $2)); 1348 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1349 trust_anchor_file_list, $2)) 1350 yyerror("out of memory"); 1351 } 1352 ; 1353 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG 1354 { 1355 OUTYY(("P(server_trusted_keys_file:%s)\n", $2)); 1356 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1357 trusted_keys_file_list, $2)) 1358 yyerror("out of memory"); 1359 } 1360 ; 1361 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG 1362 { 1363 OUTYY(("P(server_trust_anchor:%s)\n", $2)); 1364 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2)) 1365 yyerror("out of memory"); 1366 } 1367 ; 1368 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG 1369 { 1370 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2)); 1371 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1372 yyerror("expected yes or no."); 1373 else 1374 cfg_parser->cfg->trust_anchor_signaling = 1375 (strcmp($2, "yes")==0); 1376 free($2); 1377 } 1378 ; 1379 server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG 1380 { 1381 OUTYY(("P(server_root_key_sentinel:%s)\n", $2)); 1382 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1383 yyerror("expected yes or no."); 1384 else 1385 cfg_parser->cfg->root_key_sentinel = 1386 (strcmp($2, "yes")==0); 1387 free($2); 1388 } 1389 ; 1390 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG 1391 { 1392 OUTYY(("P(server_domain_insecure:%s)\n", $2)); 1393 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2)) 1394 yyerror("out of memory"); 1395 } 1396 ; 1397 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG 1398 { 1399 OUTYY(("P(server_hide_identity:%s)\n", $2)); 1400 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1401 yyerror("expected yes or no."); 1402 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0); 1403 free($2); 1404 } 1405 ; 1406 server_hide_version: VAR_HIDE_VERSION STRING_ARG 1407 { 1408 OUTYY(("P(server_hide_version:%s)\n", $2)); 1409 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1410 yyerror("expected yes or no."); 1411 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0); 1412 free($2); 1413 } 1414 ; 1415 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG 1416 { 1417 OUTYY(("P(server_hide_trustanchor:%s)\n", $2)); 1418 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1419 yyerror("expected yes or no."); 1420 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0); 1421 free($2); 1422 } 1423 ; 1424 server_hide_http_user_agent: VAR_HIDE_HTTP_USER_AGENT STRING_ARG 1425 { 1426 OUTYY(("P(server_hide_user_agent:%s)\n", $2)); 1427 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1428 yyerror("expected yes or no."); 1429 else cfg_parser->cfg->hide_http_user_agent = (strcmp($2, "yes")==0); 1430 free($2); 1431 } 1432 ; 1433 server_identity: VAR_IDENTITY STRING_ARG 1434 { 1435 OUTYY(("P(server_identity:%s)\n", $2)); 1436 free(cfg_parser->cfg->identity); 1437 cfg_parser->cfg->identity = $2; 1438 } 1439 ; 1440 server_version: VAR_VERSION STRING_ARG 1441 { 1442 OUTYY(("P(server_version:%s)\n", $2)); 1443 free(cfg_parser->cfg->version); 1444 cfg_parser->cfg->version = $2; 1445 } 1446 ; 1447 server_http_user_agent: VAR_HTTP_USER_AGENT STRING_ARG 1448 { 1449 OUTYY(("P(server_http_user_agent:%s)\n", $2)); 1450 free(cfg_parser->cfg->http_user_agent); 1451 cfg_parser->cfg->http_user_agent = $2; 1452 } 1453 ; 1454 server_nsid: VAR_NSID STRING_ARG 1455 { 1456 OUTYY(("P(server_nsid:%s)\n", $2)); 1457 free(cfg_parser->cfg->nsid_cfg_str); 1458 cfg_parser->cfg->nsid_cfg_str = $2; 1459 free(cfg_parser->cfg->nsid); 1460 cfg_parser->cfg->nsid = NULL; 1461 cfg_parser->cfg->nsid_len = 0; 1462 if (*$2 == 0) 1463 ; /* pass; empty string is not setting nsid */ 1464 else if (!(cfg_parser->cfg->nsid = cfg_parse_nsid( 1465 $2, &cfg_parser->cfg->nsid_len))) 1466 yyerror("the NSID must be either a hex string or an " 1467 "ascii character string prepended with ascii_."); 1468 } 1469 ; 1470 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG 1471 { 1472 OUTYY(("P(server_so_rcvbuf:%s)\n", $2)); 1473 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf)) 1474 yyerror("buffer size expected"); 1475 free($2); 1476 } 1477 ; 1478 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG 1479 { 1480 OUTYY(("P(server_so_sndbuf:%s)\n", $2)); 1481 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf)) 1482 yyerror("buffer size expected"); 1483 free($2); 1484 } 1485 ; 1486 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG 1487 { 1488 OUTYY(("P(server_so_reuseport:%s)\n", $2)); 1489 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1490 yyerror("expected yes or no."); 1491 else cfg_parser->cfg->so_reuseport = 1492 (strcmp($2, "yes")==0); 1493 free($2); 1494 } 1495 ; 1496 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG 1497 { 1498 OUTYY(("P(server_ip_transparent:%s)\n", $2)); 1499 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1500 yyerror("expected yes or no."); 1501 else cfg_parser->cfg->ip_transparent = 1502 (strcmp($2, "yes")==0); 1503 free($2); 1504 } 1505 ; 1506 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG 1507 { 1508 OUTYY(("P(server_ip_freebind:%s)\n", $2)); 1509 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1510 yyerror("expected yes or no."); 1511 else cfg_parser->cfg->ip_freebind = 1512 (strcmp($2, "yes")==0); 1513 free($2); 1514 } 1515 ; 1516 server_ip_dscp: VAR_IP_DSCP STRING_ARG 1517 { 1518 OUTYY(("P(server_ip_dscp:%s)\n", $2)); 1519 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1520 yyerror("number expected"); 1521 else if (atoi($2) > 63) 1522 yyerror("value too large (max 63)"); 1523 else if (atoi($2) < 0) 1524 yyerror("value too small (min 0)"); 1525 else 1526 cfg_parser->cfg->ip_dscp = atoi($2); 1527 free($2); 1528 } 1529 ; 1530 server_stream_wait_size: VAR_STREAM_WAIT_SIZE STRING_ARG 1531 { 1532 OUTYY(("P(server_stream_wait_size:%s)\n", $2)); 1533 if(!cfg_parse_memsize($2, &cfg_parser->cfg->stream_wait_size)) 1534 yyerror("memory size expected"); 1535 free($2); 1536 } 1537 ; 1538 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG 1539 { 1540 OUTYY(("P(server_edns_buffer_size:%s)\n", $2)); 1541 if(atoi($2) == 0) 1542 yyerror("number expected"); 1543 else if (atoi($2) < 12) 1544 yyerror("edns buffer size too small"); 1545 else if (atoi($2) > 65535) 1546 cfg_parser->cfg->edns_buffer_size = 65535; 1547 else cfg_parser->cfg->edns_buffer_size = atoi($2); 1548 free($2); 1549 } 1550 ; 1551 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG 1552 { 1553 OUTYY(("P(server_msg_buffer_size:%s)\n", $2)); 1554 if(atoi($2) == 0) 1555 yyerror("number expected"); 1556 else if (atoi($2) < 4096) 1557 yyerror("message buffer size too small (use 4096)"); 1558 else cfg_parser->cfg->msg_buffer_size = atoi($2); 1559 free($2); 1560 } 1561 ; 1562 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG 1563 { 1564 OUTYY(("P(server_msg_cache_size:%s)\n", $2)); 1565 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size)) 1566 yyerror("memory size expected"); 1567 free($2); 1568 } 1569 ; 1570 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG 1571 { 1572 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2)); 1573 if(atoi($2) == 0) { 1574 yyerror("number expected"); 1575 } else { 1576 cfg_parser->cfg->msg_cache_slabs = atoi($2); 1577 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs)) 1578 yyerror("must be a power of 2"); 1579 } 1580 free($2); 1581 } 1582 ; 1583 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG 1584 { 1585 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2)); 1586 if(atoi($2) == 0) 1587 yyerror("number expected"); 1588 else cfg_parser->cfg->num_queries_per_thread = atoi($2); 1589 free($2); 1590 } 1591 ; 1592 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG 1593 { 1594 OUTYY(("P(server_jostle_timeout:%s)\n", $2)); 1595 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1596 yyerror("number expected"); 1597 else cfg_parser->cfg->jostle_time = atoi($2); 1598 free($2); 1599 } 1600 ; 1601 server_delay_close: VAR_DELAY_CLOSE STRING_ARG 1602 { 1603 OUTYY(("P(server_delay_close:%s)\n", $2)); 1604 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1605 yyerror("number expected"); 1606 else cfg_parser->cfg->delay_close = atoi($2); 1607 free($2); 1608 } 1609 ; 1610 server_udp_connect: VAR_UDP_CONNECT STRING_ARG 1611 { 1612 OUTYY(("P(server_udp_connect:%s)\n", $2)); 1613 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1614 yyerror("expected yes or no."); 1615 else cfg_parser->cfg->udp_connect = (strcmp($2, "yes")==0); 1616 free($2); 1617 } 1618 ; 1619 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG 1620 { 1621 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2)); 1622 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1623 yyerror("expected yes or no."); 1624 else cfg_parser->cfg->unblock_lan_zones = 1625 (strcmp($2, "yes")==0); 1626 free($2); 1627 } 1628 ; 1629 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG 1630 { 1631 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2)); 1632 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1633 yyerror("expected yes or no."); 1634 else cfg_parser->cfg->insecure_lan_zones = 1635 (strcmp($2, "yes")==0); 1636 free($2); 1637 } 1638 ; 1639 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG 1640 { 1641 OUTYY(("P(server_rrset_cache_size:%s)\n", $2)); 1642 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size)) 1643 yyerror("memory size expected"); 1644 free($2); 1645 } 1646 ; 1647 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG 1648 { 1649 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2)); 1650 if(atoi($2) == 0) { 1651 yyerror("number expected"); 1652 } else { 1653 cfg_parser->cfg->rrset_cache_slabs = atoi($2); 1654 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs)) 1655 yyerror("must be a power of 2"); 1656 } 1657 free($2); 1658 } 1659 ; 1660 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG 1661 { 1662 OUTYY(("P(server_infra_host_ttl:%s)\n", $2)); 1663 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1664 yyerror("number expected"); 1665 else cfg_parser->cfg->host_ttl = atoi($2); 1666 free($2); 1667 } 1668 ; 1669 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG 1670 { 1671 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2)); 1672 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option " 1673 "removed, use infra-host-ttl)", $2); 1674 free($2); 1675 } 1676 ; 1677 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG 1678 { 1679 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2)); 1680 if(atoi($2) == 0) 1681 yyerror("number expected"); 1682 else cfg_parser->cfg->infra_cache_numhosts = atoi($2); 1683 free($2); 1684 } 1685 ; 1686 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG 1687 { 1688 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2)); 1689 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s " 1690 "(option removed, use infra-cache-numhosts)", $2); 1691 free($2); 1692 } 1693 ; 1694 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG 1695 { 1696 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2)); 1697 if(atoi($2) == 0) { 1698 yyerror("number expected"); 1699 } else { 1700 cfg_parser->cfg->infra_cache_slabs = atoi($2); 1701 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs)) 1702 yyerror("must be a power of 2"); 1703 } 1704 free($2); 1705 } 1706 ; 1707 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG 1708 { 1709 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2)); 1710 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1711 yyerror("number expected"); 1712 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2); 1713 free($2); 1714 } 1715 ; 1716 server_infra_cache_max_rtt: VAR_INFRA_CACHE_MAX_RTT STRING_ARG 1717 { 1718 OUTYY(("P(server_infra_cache_max_rtt:%s)\n", $2)); 1719 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1720 yyerror("number expected"); 1721 else cfg_parser->cfg->infra_cache_max_rtt = atoi($2); 1722 free($2); 1723 } 1724 ; 1725 server_infra_keep_probing: VAR_INFRA_KEEP_PROBING STRING_ARG 1726 { 1727 OUTYY(("P(server_infra_keep_probing:%s)\n", $2)); 1728 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1729 yyerror("expected yes or no."); 1730 else cfg_parser->cfg->infra_keep_probing = 1731 (strcmp($2, "yes")==0); 1732 free($2); 1733 } 1734 ; 1735 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG 1736 { 1737 OUTYY(("P(server_target_fetch_policy:%s)\n", $2)); 1738 free(cfg_parser->cfg->target_fetch_policy); 1739 cfg_parser->cfg->target_fetch_policy = $2; 1740 } 1741 ; 1742 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG 1743 { 1744 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2)); 1745 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1746 yyerror("expected yes or no."); 1747 else cfg_parser->cfg->harden_short_bufsize = 1748 (strcmp($2, "yes")==0); 1749 free($2); 1750 } 1751 ; 1752 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG 1753 { 1754 OUTYY(("P(server_harden_large_queries:%s)\n", $2)); 1755 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1756 yyerror("expected yes or no."); 1757 else cfg_parser->cfg->harden_large_queries = 1758 (strcmp($2, "yes")==0); 1759 free($2); 1760 } 1761 ; 1762 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG 1763 { 1764 OUTYY(("P(server_harden_glue:%s)\n", $2)); 1765 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1766 yyerror("expected yes or no."); 1767 else cfg_parser->cfg->harden_glue = 1768 (strcmp($2, "yes")==0); 1769 free($2); 1770 } 1771 ; 1772 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG 1773 { 1774 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2)); 1775 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1776 yyerror("expected yes or no."); 1777 else cfg_parser->cfg->harden_dnssec_stripped = 1778 (strcmp($2, "yes")==0); 1779 free($2); 1780 } 1781 ; 1782 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG 1783 { 1784 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2)); 1785 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1786 yyerror("expected yes or no."); 1787 else cfg_parser->cfg->harden_below_nxdomain = 1788 (strcmp($2, "yes")==0); 1789 free($2); 1790 } 1791 ; 1792 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG 1793 { 1794 OUTYY(("P(server_harden_referral_path:%s)\n", $2)); 1795 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1796 yyerror("expected yes or no."); 1797 else cfg_parser->cfg->harden_referral_path = 1798 (strcmp($2, "yes")==0); 1799 free($2); 1800 } 1801 ; 1802 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG 1803 { 1804 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2)); 1805 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1806 yyerror("expected yes or no."); 1807 else cfg_parser->cfg->harden_algo_downgrade = 1808 (strcmp($2, "yes")==0); 1809 free($2); 1810 } 1811 ; 1812 server_harden_unknown_additional: VAR_HARDEN_UNKNOWN_ADDITIONAL STRING_ARG 1813 { 1814 OUTYY(("P(server_harden_unknown_additional:%s)\n", $2)); 1815 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1816 yyerror("expected yes or no."); 1817 else cfg_parser->cfg->harden_unknown_additional = 1818 (strcmp($2, "yes")==0); 1819 free($2); 1820 } 1821 ; 1822 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG 1823 { 1824 OUTYY(("P(server_use_caps_for_id:%s)\n", $2)); 1825 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1826 yyerror("expected yes or no."); 1827 else cfg_parser->cfg->use_caps_bits_for_id = 1828 (strcmp($2, "yes")==0); 1829 free($2); 1830 } 1831 ; 1832 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG 1833 { 1834 OUTYY(("P(server_caps_whitelist:%s)\n", $2)); 1835 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2)) 1836 yyerror("out of memory"); 1837 } 1838 ; 1839 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG 1840 { 1841 OUTYY(("P(server_private_address:%s)\n", $2)); 1842 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2)) 1843 yyerror("out of memory"); 1844 } 1845 ; 1846 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG 1847 { 1848 OUTYY(("P(server_private_domain:%s)\n", $2)); 1849 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2)) 1850 yyerror("out of memory"); 1851 } 1852 ; 1853 server_prefetch: VAR_PREFETCH STRING_ARG 1854 { 1855 OUTYY(("P(server_prefetch:%s)\n", $2)); 1856 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1857 yyerror("expected yes or no."); 1858 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0); 1859 free($2); 1860 } 1861 ; 1862 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG 1863 { 1864 OUTYY(("P(server_prefetch_key:%s)\n", $2)); 1865 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1866 yyerror("expected yes or no."); 1867 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0); 1868 free($2); 1869 } 1870 ; 1871 server_deny_any: VAR_DENY_ANY STRING_ARG 1872 { 1873 OUTYY(("P(server_deny_any:%s)\n", $2)); 1874 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1875 yyerror("expected yes or no."); 1876 else cfg_parser->cfg->deny_any = (strcmp($2, "yes")==0); 1877 free($2); 1878 } 1879 ; 1880 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG 1881 { 1882 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2)); 1883 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1884 yyerror("number expected"); 1885 else cfg_parser->cfg->unwanted_threshold = atoi($2); 1886 free($2); 1887 } 1888 ; 1889 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG 1890 { 1891 OUTYY(("P(server_do_not_query_address:%s)\n", $2)); 1892 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2)) 1893 yyerror("out of memory"); 1894 } 1895 ; 1896 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG 1897 { 1898 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2)); 1899 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1900 yyerror("expected yes or no."); 1901 else cfg_parser->cfg->donotquery_localhost = 1902 (strcmp($2, "yes")==0); 1903 free($2); 1904 } 1905 ; 1906 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG 1907 { 1908 OUTYY(("P(server_access_control:%s %s)\n", $2, $3)); 1909 validate_acl_action($3); 1910 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3)) 1911 fatal_exit("out of memory adding acl"); 1912 } 1913 ; 1914 server_interface_action: VAR_INTERFACE_ACTION STRING_ARG STRING_ARG 1915 { 1916 OUTYY(("P(server_interface_action:%s %s)\n", $2, $3)); 1917 validate_acl_action($3); 1918 if(!cfg_str2list_insert( 1919 &cfg_parser->cfg->interface_actions, $2, $3)) 1920 fatal_exit("out of memory adding acl"); 1921 } 1922 ; 1923 server_module_conf: VAR_MODULE_CONF STRING_ARG 1924 { 1925 OUTYY(("P(server_module_conf:%s)\n", $2)); 1926 free(cfg_parser->cfg->module_conf); 1927 cfg_parser->cfg->module_conf = $2; 1928 } 1929 ; 1930 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG 1931 { 1932 OUTYY(("P(server_val_override_date:%s)\n", $2)); 1933 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1934 cfg_parser->cfg->val_date_override = 0; 1935 } else if(strlen($2) == 14) { 1936 cfg_parser->cfg->val_date_override = 1937 cfg_convert_timeval($2); 1938 if(!cfg_parser->cfg->val_date_override) 1939 yyerror("bad date/time specification"); 1940 } else { 1941 if(atoi($2) == 0) 1942 yyerror("number expected"); 1943 cfg_parser->cfg->val_date_override = atoi($2); 1944 } 1945 free($2); 1946 } 1947 ; 1948 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG 1949 { 1950 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2)); 1951 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1952 cfg_parser->cfg->val_sig_skew_min = 0; 1953 } else { 1954 cfg_parser->cfg->val_sig_skew_min = atoi($2); 1955 if(!cfg_parser->cfg->val_sig_skew_min) 1956 yyerror("number expected"); 1957 } 1958 free($2); 1959 } 1960 ; 1961 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG 1962 { 1963 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2)); 1964 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1965 cfg_parser->cfg->val_sig_skew_max = 0; 1966 } else { 1967 cfg_parser->cfg->val_sig_skew_max = atoi($2); 1968 if(!cfg_parser->cfg->val_sig_skew_max) 1969 yyerror("number expected"); 1970 } 1971 free($2); 1972 } 1973 ; 1974 server_val_max_restart: VAR_VAL_MAX_RESTART STRING_ARG 1975 { 1976 OUTYY(("P(server_val_max_restart:%s)\n", $2)); 1977 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1978 cfg_parser->cfg->val_max_restart = 0; 1979 } else { 1980 cfg_parser->cfg->val_max_restart = atoi($2); 1981 if(!cfg_parser->cfg->val_max_restart) 1982 yyerror("number expected"); 1983 } 1984 free($2); 1985 } 1986 ; 1987 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG 1988 { 1989 OUTYY(("P(server_cache_max_ttl:%s)\n", $2)); 1990 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1991 yyerror("number expected"); 1992 else cfg_parser->cfg->max_ttl = atoi($2); 1993 free($2); 1994 } 1995 ; 1996 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG 1997 { 1998 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2)); 1999 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2000 yyerror("number expected"); 2001 else cfg_parser->cfg->max_negative_ttl = atoi($2); 2002 free($2); 2003 } 2004 ; 2005 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG 2006 { 2007 OUTYY(("P(server_cache_min_ttl:%s)\n", $2)); 2008 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2009 yyerror("number expected"); 2010 else cfg_parser->cfg->min_ttl = atoi($2); 2011 free($2); 2012 } 2013 ; 2014 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG 2015 { 2016 OUTYY(("P(server_bogus_ttl:%s)\n", $2)); 2017 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2018 yyerror("number expected"); 2019 else cfg_parser->cfg->bogus_ttl = atoi($2); 2020 free($2); 2021 } 2022 ; 2023 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG 2024 { 2025 OUTYY(("P(server_val_clean_additional:%s)\n", $2)); 2026 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2027 yyerror("expected yes or no."); 2028 else cfg_parser->cfg->val_clean_additional = 2029 (strcmp($2, "yes")==0); 2030 free($2); 2031 } 2032 ; 2033 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG 2034 { 2035 OUTYY(("P(server_val_permissive_mode:%s)\n", $2)); 2036 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2037 yyerror("expected yes or no."); 2038 else cfg_parser->cfg->val_permissive_mode = 2039 (strcmp($2, "yes")==0); 2040 free($2); 2041 } 2042 ; 2043 server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG 2044 { 2045 OUTYY(("P(server_aggressive_nsec:%s)\n", $2)); 2046 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2047 yyerror("expected yes or no."); 2048 else 2049 cfg_parser->cfg->aggressive_nsec = 2050 (strcmp($2, "yes")==0); 2051 free($2); 2052 } 2053 ; 2054 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG 2055 { 2056 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2)); 2057 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2058 yyerror("expected yes or no."); 2059 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0); 2060 free($2); 2061 } 2062 ; 2063 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG 2064 { 2065 OUTYY(("P(server_serve_expired:%s)\n", $2)); 2066 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2067 yyerror("expected yes or no."); 2068 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0); 2069 free($2); 2070 } 2071 ; 2072 server_serve_expired_ttl: VAR_SERVE_EXPIRED_TTL STRING_ARG 2073 { 2074 OUTYY(("P(server_serve_expired_ttl:%s)\n", $2)); 2075 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2076 yyerror("number expected"); 2077 else cfg_parser->cfg->serve_expired_ttl = atoi($2); 2078 free($2); 2079 } 2080 ; 2081 server_serve_expired_ttl_reset: VAR_SERVE_EXPIRED_TTL_RESET STRING_ARG 2082 { 2083 OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", $2)); 2084 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2085 yyerror("expected yes or no."); 2086 else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp($2, "yes")==0); 2087 free($2); 2088 } 2089 ; 2090 server_serve_expired_reply_ttl: VAR_SERVE_EXPIRED_REPLY_TTL STRING_ARG 2091 { 2092 OUTYY(("P(server_serve_expired_reply_ttl:%s)\n", $2)); 2093 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2094 yyerror("number expected"); 2095 else cfg_parser->cfg->serve_expired_reply_ttl = atoi($2); 2096 free($2); 2097 } 2098 ; 2099 server_serve_expired_client_timeout: VAR_SERVE_EXPIRED_CLIENT_TIMEOUT STRING_ARG 2100 { 2101 OUTYY(("P(server_serve_expired_client_timeout:%s)\n", $2)); 2102 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2103 yyerror("number expected"); 2104 else cfg_parser->cfg->serve_expired_client_timeout = atoi($2); 2105 free($2); 2106 } 2107 ; 2108 server_ede_serve_expired: VAR_EDE_SERVE_EXPIRED STRING_ARG 2109 { 2110 OUTYY(("P(server_ede_serve_expired:%s)\n", $2)); 2111 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2112 yyerror("expected yes or no."); 2113 else cfg_parser->cfg->ede_serve_expired = (strcmp($2, "yes")==0); 2114 free($2); 2115 } 2116 ; 2117 server_serve_original_ttl: VAR_SERVE_ORIGINAL_TTL STRING_ARG 2118 { 2119 OUTYY(("P(server_serve_original_ttl:%s)\n", $2)); 2120 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2121 yyerror("expected yes or no."); 2122 else cfg_parser->cfg->serve_original_ttl = (strcmp($2, "yes")==0); 2123 free($2); 2124 } 2125 ; 2126 server_fake_dsa: VAR_FAKE_DSA STRING_ARG 2127 { 2128 OUTYY(("P(server_fake_dsa:%s)\n", $2)); 2129 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2130 yyerror("expected yes or no."); 2131 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 2132 else fake_dsa = (strcmp($2, "yes")==0); 2133 if(fake_dsa) 2134 log_warn("test option fake_dsa is enabled"); 2135 #endif 2136 free($2); 2137 } 2138 ; 2139 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG 2140 { 2141 OUTYY(("P(server_fake_sha1:%s)\n", $2)); 2142 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2143 yyerror("expected yes or no."); 2144 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 2145 else fake_sha1 = (strcmp($2, "yes")==0); 2146 if(fake_sha1) 2147 log_warn("test option fake_sha1 is enabled"); 2148 #endif 2149 free($2); 2150 } 2151 ; 2152 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG 2153 { 2154 OUTYY(("P(server_val_log_level:%s)\n", $2)); 2155 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2156 yyerror("number expected"); 2157 else cfg_parser->cfg->val_log_level = atoi($2); 2158 free($2); 2159 } 2160 ; 2161 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG 2162 { 2163 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2)); 2164 free(cfg_parser->cfg->val_nsec3_key_iterations); 2165 cfg_parser->cfg->val_nsec3_key_iterations = $2; 2166 } 2167 ; 2168 server_zonemd_permissive_mode: VAR_ZONEMD_PERMISSIVE_MODE STRING_ARG 2169 { 2170 OUTYY(("P(server_zonemd_permissive_mode:%s)\n", $2)); 2171 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2172 yyerror("expected yes or no."); 2173 else cfg_parser->cfg->zonemd_permissive_mode = (strcmp($2, "yes")==0); 2174 free($2); 2175 } 2176 ; 2177 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG 2178 { 2179 OUTYY(("P(server_add_holddown:%s)\n", $2)); 2180 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2181 yyerror("number expected"); 2182 else cfg_parser->cfg->add_holddown = atoi($2); 2183 free($2); 2184 } 2185 ; 2186 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG 2187 { 2188 OUTYY(("P(server_del_holddown:%s)\n", $2)); 2189 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2190 yyerror("number expected"); 2191 else cfg_parser->cfg->del_holddown = atoi($2); 2192 free($2); 2193 } 2194 ; 2195 server_keep_missing: VAR_KEEP_MISSING STRING_ARG 2196 { 2197 OUTYY(("P(server_keep_missing:%s)\n", $2)); 2198 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2199 yyerror("number expected"); 2200 else cfg_parser->cfg->keep_missing = atoi($2); 2201 free($2); 2202 } 2203 ; 2204 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG 2205 { 2206 OUTYY(("P(server_permit_small_holddown:%s)\n", $2)); 2207 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2208 yyerror("expected yes or no."); 2209 else cfg_parser->cfg->permit_small_holddown = 2210 (strcmp($2, "yes")==0); 2211 free($2); 2212 } 2213 ; 2214 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG 2215 { 2216 OUTYY(("P(server_key_cache_size:%s)\n", $2)); 2217 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size)) 2218 yyerror("memory size expected"); 2219 free($2); 2220 } 2221 ; 2222 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG 2223 { 2224 OUTYY(("P(server_key_cache_slabs:%s)\n", $2)); 2225 if(atoi($2) == 0) { 2226 yyerror("number expected"); 2227 } else { 2228 cfg_parser->cfg->key_cache_slabs = atoi($2); 2229 if(!is_pow2(cfg_parser->cfg->key_cache_slabs)) 2230 yyerror("must be a power of 2"); 2231 } 2232 free($2); 2233 } 2234 ; 2235 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG 2236 { 2237 OUTYY(("P(server_neg_cache_size:%s)\n", $2)); 2238 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size)) 2239 yyerror("memory size expected"); 2240 free($2); 2241 } 2242 ; 2243 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 2244 { 2245 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3)); 2246 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 2247 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 2248 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 2249 && strcmp($3, "typetransparent")!=0 2250 && strcmp($3, "always_transparent")!=0 2251 && strcmp($3, "block_a")!=0 2252 && strcmp($3, "always_refuse")!=0 2253 && strcmp($3, "always_nxdomain")!=0 2254 && strcmp($3, "always_nodata")!=0 2255 && strcmp($3, "always_deny")!=0 2256 && strcmp($3, "always_null")!=0 2257 && strcmp($3, "noview")!=0 2258 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 2259 && strcmp($3, "inform_redirect") != 0 2260 && strcmp($3, "ipset") != 0) { 2261 yyerror("local-zone type: expected static, deny, " 2262 "refuse, redirect, transparent, " 2263 "typetransparent, inform, inform_deny, " 2264 "inform_redirect, always_transparent, block_a," 2265 "always_refuse, always_nxdomain, " 2266 "always_nodata, always_deny, always_null, " 2267 "noview, nodefault or ipset"); 2268 free($2); 2269 free($3); 2270 } else if(strcmp($3, "nodefault")==0) { 2271 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2272 local_zones_nodefault, $2)) 2273 fatal_exit("out of memory adding local-zone"); 2274 free($3); 2275 #ifdef USE_IPSET 2276 } else if(strcmp($3, "ipset")==0) { 2277 size_t len = strlen($2); 2278 /* Make sure to add the trailing dot. 2279 * These are str compared to domain names. */ 2280 if($2[len-1] != '.') { 2281 if(!($2 = realloc($2, len+2))) { 2282 fatal_exit("out of memory adding local-zone"); 2283 } 2284 $2[len] = '.'; 2285 $2[len+1] = 0; 2286 } 2287 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2288 local_zones_ipset, $2)) 2289 fatal_exit("out of memory adding local-zone"); 2290 free($3); 2291 #endif 2292 } else { 2293 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones, 2294 $2, $3)) 2295 fatal_exit("out of memory adding local-zone"); 2296 } 2297 } 2298 ; 2299 server_local_data: VAR_LOCAL_DATA STRING_ARG 2300 { 2301 OUTYY(("P(server_local_data:%s)\n", $2)); 2302 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2)) 2303 fatal_exit("out of memory adding local-data"); 2304 } 2305 ; 2306 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 2307 { 2308 char* ptr; 2309 OUTYY(("P(server_local_data_ptr:%s)\n", $2)); 2310 ptr = cfg_ptr_reverse($2); 2311 free($2); 2312 if(ptr) { 2313 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2314 local_data, ptr)) 2315 fatal_exit("out of memory adding local-data"); 2316 } else { 2317 yyerror("local-data-ptr could not be reversed"); 2318 } 2319 } 2320 ; 2321 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG 2322 { 2323 OUTYY(("P(server_minimal_responses:%s)\n", $2)); 2324 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2325 yyerror("expected yes or no."); 2326 else cfg_parser->cfg->minimal_responses = 2327 (strcmp($2, "yes")==0); 2328 free($2); 2329 } 2330 ; 2331 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG 2332 { 2333 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2)); 2334 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2335 yyerror("expected yes or no."); 2336 else cfg_parser->cfg->rrset_roundrobin = 2337 (strcmp($2, "yes")==0); 2338 free($2); 2339 } 2340 ; 2341 server_unknown_server_time_limit: VAR_UNKNOWN_SERVER_TIME_LIMIT STRING_ARG 2342 { 2343 OUTYY(("P(server_unknown_server_time_limit:%s)\n", $2)); 2344 cfg_parser->cfg->unknown_server_time_limit = atoi($2); 2345 free($2); 2346 } 2347 ; 2348 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG 2349 { 2350 OUTYY(("P(server_max_udp_size:%s)\n", $2)); 2351 cfg_parser->cfg->max_udp_size = atoi($2); 2352 free($2); 2353 } 2354 ; 2355 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG 2356 { 2357 OUTYY(("P(dns64_prefix:%s)\n", $2)); 2358 free(cfg_parser->cfg->dns64_prefix); 2359 cfg_parser->cfg->dns64_prefix = $2; 2360 } 2361 ; 2362 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG 2363 { 2364 OUTYY(("P(server_dns64_synthall:%s)\n", $2)); 2365 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2366 yyerror("expected yes or no."); 2367 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0); 2368 free($2); 2369 } 2370 ; 2371 server_dns64_ignore_aaaa: VAR_DNS64_IGNORE_AAAA STRING_ARG 2372 { 2373 OUTYY(("P(dns64_ignore_aaaa:%s)\n", $2)); 2374 if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa, 2375 $2)) 2376 fatal_exit("out of memory adding dns64-ignore-aaaa"); 2377 } 2378 ; 2379 server_nat64_prefix: VAR_NAT64_PREFIX STRING_ARG 2380 { 2381 OUTYY(("P(nat64_prefix:%s)\n", $2)); 2382 free(cfg_parser->cfg->nat64_prefix); 2383 cfg_parser->cfg->nat64_prefix = $2; 2384 } 2385 ; 2386 server_define_tag: VAR_DEFINE_TAG STRING_ARG 2387 { 2388 char* p, *s = $2; 2389 OUTYY(("P(server_define_tag:%s)\n", $2)); 2390 while((p=strsep(&s, " \t\n")) != NULL) { 2391 if(*p) { 2392 if(!config_add_tag(cfg_parser->cfg, p)) 2393 yyerror("could not define-tag, " 2394 "out of memory"); 2395 } 2396 } 2397 free($2); 2398 } 2399 ; 2400 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG 2401 { 2402 size_t len = 0; 2403 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2404 &len); 2405 free($3); 2406 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 2407 if(!bitlist) { 2408 yyerror("could not parse tags, (define-tag them first)"); 2409 free($2); 2410 } 2411 if(bitlist) { 2412 if(!cfg_strbytelist_insert( 2413 &cfg_parser->cfg->local_zone_tags, 2414 $2, bitlist, len)) { 2415 yyerror("out of memory"); 2416 free($2); 2417 } 2418 } 2419 } 2420 ; 2421 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG 2422 { 2423 size_t len = 0; 2424 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2425 &len); 2426 free($3); 2427 OUTYY(("P(server_access_control_tag:%s)\n", $2)); 2428 if(!bitlist) { 2429 yyerror("could not parse tags, (define-tag them first)"); 2430 free($2); 2431 } 2432 if(bitlist) { 2433 if(!cfg_strbytelist_insert( 2434 &cfg_parser->cfg->acl_tags, 2435 $2, bitlist, len)) { 2436 yyerror("out of memory"); 2437 free($2); 2438 } 2439 } 2440 } 2441 ; 2442 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2443 { 2444 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4)); 2445 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions, 2446 $2, $3, $4)) { 2447 yyerror("out of memory"); 2448 free($2); 2449 free($3); 2450 free($4); 2451 } 2452 } 2453 ; 2454 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2455 { 2456 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4)); 2457 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas, 2458 $2, $3, $4)) { 2459 yyerror("out of memory"); 2460 free($2); 2461 free($3); 2462 free($4); 2463 } 2464 } 2465 ; 2466 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG 2467 { 2468 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4)); 2469 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides, 2470 $2, $3, $4)) { 2471 yyerror("out of memory"); 2472 free($2); 2473 free($3); 2474 free($4); 2475 } 2476 } 2477 ; 2478 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG 2479 { 2480 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3)); 2481 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view, 2482 $2, $3)) { 2483 yyerror("out of memory"); 2484 } 2485 } 2486 ; 2487 server_interface_tag: VAR_INTERFACE_TAG STRING_ARG STRING_ARG 2488 { 2489 size_t len = 0; 2490 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2491 &len); 2492 free($3); 2493 OUTYY(("P(server_interface_tag:%s)\n", $2)); 2494 if(!bitlist) { 2495 yyerror("could not parse tags, (define-tag them first)"); 2496 free($2); 2497 } 2498 if(bitlist) { 2499 if(!cfg_strbytelist_insert( 2500 &cfg_parser->cfg->interface_tags, 2501 $2, bitlist, len)) { 2502 yyerror("out of memory"); 2503 free($2); 2504 } 2505 } 2506 } 2507 ; 2508 server_interface_tag_action: VAR_INTERFACE_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2509 { 2510 OUTYY(("P(server_interface_tag_action:%s %s %s)\n", $2, $3, $4)); 2511 if(!cfg_str3list_insert(&cfg_parser->cfg->interface_tag_actions, 2512 $2, $3, $4)) { 2513 yyerror("out of memory"); 2514 free($2); 2515 free($3); 2516 free($4); 2517 } 2518 } 2519 ; 2520 server_interface_tag_data: VAR_INTERFACE_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2521 { 2522 OUTYY(("P(server_interface_tag_data:%s %s %s)\n", $2, $3, $4)); 2523 if(!cfg_str3list_insert(&cfg_parser->cfg->interface_tag_datas, 2524 $2, $3, $4)) { 2525 yyerror("out of memory"); 2526 free($2); 2527 free($3); 2528 free($4); 2529 } 2530 } 2531 ; 2532 server_interface_view: VAR_INTERFACE_VIEW STRING_ARG STRING_ARG 2533 { 2534 OUTYY(("P(server_interface_view:%s %s)\n", $2, $3)); 2535 if(!cfg_str2list_insert(&cfg_parser->cfg->interface_view, 2536 $2, $3)) { 2537 yyerror("out of memory"); 2538 } 2539 } 2540 ; 2541 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG 2542 { 2543 size_t len = 0; 2544 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2545 &len); 2546 free($3); 2547 OUTYY(("P(response_ip_tag:%s)\n", $2)); 2548 if(!bitlist) { 2549 yyerror("could not parse tags, (define-tag them first)"); 2550 free($2); 2551 } 2552 if(bitlist) { 2553 if(!cfg_strbytelist_insert( 2554 &cfg_parser->cfg->respip_tags, 2555 $2, bitlist, len)) { 2556 yyerror("out of memory"); 2557 free($2); 2558 } 2559 } 2560 } 2561 ; 2562 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG 2563 { 2564 OUTYY(("P(server_ip_ratelimit:%s)\n", $2)); 2565 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2566 yyerror("number expected"); 2567 else cfg_parser->cfg->ip_ratelimit = atoi($2); 2568 free($2); 2569 } 2570 ; 2571 server_ip_ratelimit_cookie: VAR_IP_RATELIMIT_COOKIE STRING_ARG 2572 { 2573 OUTYY(("P(server_ip_ratelimit_cookie:%s)\n", $2)); 2574 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2575 yyerror("number expected"); 2576 else cfg_parser->cfg->ip_ratelimit_cookie = atoi($2); 2577 free($2); 2578 } 2579 ; 2580 server_ratelimit: VAR_RATELIMIT STRING_ARG 2581 { 2582 OUTYY(("P(server_ratelimit:%s)\n", $2)); 2583 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2584 yyerror("number expected"); 2585 else cfg_parser->cfg->ratelimit = atoi($2); 2586 free($2); 2587 } 2588 ; 2589 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG 2590 { 2591 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2)); 2592 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size)) 2593 yyerror("memory size expected"); 2594 free($2); 2595 } 2596 ; 2597 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG 2598 { 2599 OUTYY(("P(server_ratelimit_size:%s)\n", $2)); 2600 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size)) 2601 yyerror("memory size expected"); 2602 free($2); 2603 } 2604 ; 2605 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG 2606 { 2607 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2)); 2608 if(atoi($2) == 0) { 2609 yyerror("number expected"); 2610 } else { 2611 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2); 2612 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs)) 2613 yyerror("must be a power of 2"); 2614 } 2615 free($2); 2616 } 2617 ; 2618 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG 2619 { 2620 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2)); 2621 if(atoi($2) == 0) { 2622 yyerror("number expected"); 2623 } else { 2624 cfg_parser->cfg->ratelimit_slabs = atoi($2); 2625 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs)) 2626 yyerror("must be a power of 2"); 2627 } 2628 free($2); 2629 } 2630 ; 2631 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG 2632 { 2633 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3)); 2634 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2635 yyerror("number expected"); 2636 free($2); 2637 free($3); 2638 } else { 2639 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2640 ratelimit_for_domain, $2, $3)) 2641 fatal_exit("out of memory adding " 2642 "ratelimit-for-domain"); 2643 } 2644 } 2645 ; 2646 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG 2647 { 2648 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3)); 2649 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2650 yyerror("number expected"); 2651 free($2); 2652 free($3); 2653 } else { 2654 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2655 ratelimit_below_domain, $2, $3)) 2656 fatal_exit("out of memory adding " 2657 "ratelimit-below-domain"); 2658 } 2659 } 2660 ; 2661 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG 2662 { 2663 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2)); 2664 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2665 yyerror("number expected"); 2666 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2); 2667 free($2); 2668 } 2669 ; 2670 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG 2671 { 2672 OUTYY(("P(server_ratelimit_factor:%s)\n", $2)); 2673 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2674 yyerror("number expected"); 2675 else cfg_parser->cfg->ratelimit_factor = atoi($2); 2676 free($2); 2677 } 2678 ; 2679 server_ip_ratelimit_backoff: VAR_IP_RATELIMIT_BACKOFF STRING_ARG 2680 { 2681 OUTYY(("P(server_ip_ratelimit_backoff:%s)\n", $2)); 2682 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2683 yyerror("expected yes or no."); 2684 else cfg_parser->cfg->ip_ratelimit_backoff = 2685 (strcmp($2, "yes")==0); 2686 free($2); 2687 } 2688 ; 2689 server_ratelimit_backoff: VAR_RATELIMIT_BACKOFF STRING_ARG 2690 { 2691 OUTYY(("P(server_ratelimit_backoff:%s)\n", $2)); 2692 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2693 yyerror("expected yes or no."); 2694 else cfg_parser->cfg->ratelimit_backoff = 2695 (strcmp($2, "yes")==0); 2696 free($2); 2697 } 2698 ; 2699 server_outbound_msg_retry: VAR_OUTBOUND_MSG_RETRY STRING_ARG 2700 { 2701 OUTYY(("P(server_outbound_msg_retry:%s)\n", $2)); 2702 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2703 yyerror("number expected"); 2704 else cfg_parser->cfg->outbound_msg_retry = atoi($2); 2705 free($2); 2706 } 2707 ; 2708 server_max_sent_count: VAR_MAX_SENT_COUNT STRING_ARG 2709 { 2710 OUTYY(("P(server_max_sent_count:%s)\n", $2)); 2711 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2712 yyerror("number expected"); 2713 else cfg_parser->cfg->max_sent_count = atoi($2); 2714 free($2); 2715 } 2716 ; 2717 server_max_query_restarts: VAR_MAX_QUERY_RESTARTS STRING_ARG 2718 { 2719 OUTYY(("P(server_max_query_restarts:%s)\n", $2)); 2720 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2721 yyerror("number expected"); 2722 else cfg_parser->cfg->max_query_restarts = atoi($2); 2723 free($2); 2724 } 2725 ; 2726 server_low_rtt: VAR_LOW_RTT STRING_ARG 2727 { 2728 OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n")); 2729 free($2); 2730 } 2731 ; 2732 server_fast_server_num: VAR_FAST_SERVER_NUM STRING_ARG 2733 { 2734 OUTYY(("P(server_fast_server_num:%s)\n", $2)); 2735 if(atoi($2) <= 0) 2736 yyerror("number expected"); 2737 else cfg_parser->cfg->fast_server_num = atoi($2); 2738 free($2); 2739 } 2740 ; 2741 server_fast_server_permil: VAR_FAST_SERVER_PERMIL STRING_ARG 2742 { 2743 OUTYY(("P(server_fast_server_permil:%s)\n", $2)); 2744 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2745 yyerror("number expected"); 2746 else cfg_parser->cfg->fast_server_permil = atoi($2); 2747 free($2); 2748 } 2749 ; 2750 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG 2751 { 2752 OUTYY(("P(server_qname_minimisation:%s)\n", $2)); 2753 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2754 yyerror("expected yes or no."); 2755 else cfg_parser->cfg->qname_minimisation = 2756 (strcmp($2, "yes")==0); 2757 free($2); 2758 } 2759 ; 2760 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG 2761 { 2762 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2)); 2763 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2764 yyerror("expected yes or no."); 2765 else cfg_parser->cfg->qname_minimisation_strict = 2766 (strcmp($2, "yes")==0); 2767 free($2); 2768 } 2769 ; 2770 server_pad_responses: VAR_PAD_RESPONSES STRING_ARG 2771 { 2772 OUTYY(("P(server_pad_responses:%s)\n", $2)); 2773 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2774 yyerror("expected yes or no."); 2775 else cfg_parser->cfg->pad_responses = 2776 (strcmp($2, "yes")==0); 2777 free($2); 2778 } 2779 ; 2780 server_pad_responses_block_size: VAR_PAD_RESPONSES_BLOCK_SIZE STRING_ARG 2781 { 2782 OUTYY(("P(server_pad_responses_block_size:%s)\n", $2)); 2783 if(atoi($2) == 0) 2784 yyerror("number expected"); 2785 else cfg_parser->cfg->pad_responses_block_size = atoi($2); 2786 free($2); 2787 } 2788 ; 2789 server_pad_queries: VAR_PAD_QUERIES STRING_ARG 2790 { 2791 OUTYY(("P(server_pad_queries:%s)\n", $2)); 2792 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2793 yyerror("expected yes or no."); 2794 else cfg_parser->cfg->pad_queries = 2795 (strcmp($2, "yes")==0); 2796 free($2); 2797 } 2798 ; 2799 server_pad_queries_block_size: VAR_PAD_QUERIES_BLOCK_SIZE STRING_ARG 2800 { 2801 OUTYY(("P(server_pad_queries_block_size:%s)\n", $2)); 2802 if(atoi($2) == 0) 2803 yyerror("number expected"); 2804 else cfg_parser->cfg->pad_queries_block_size = atoi($2); 2805 free($2); 2806 } 2807 ; 2808 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG 2809 { 2810 #ifdef USE_IPSECMOD 2811 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2)); 2812 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2813 yyerror("expected yes or no."); 2814 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0); 2815 #else 2816 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2817 #endif 2818 free($2); 2819 } 2820 ; 2821 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG 2822 { 2823 #ifdef USE_IPSECMOD 2824 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2)); 2825 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2826 yyerror("expected yes or no."); 2827 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0); 2828 #else 2829 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2830 #endif 2831 free($2); 2832 } 2833 ; 2834 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG 2835 { 2836 #ifdef USE_IPSECMOD 2837 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2)); 2838 free(cfg_parser->cfg->ipsecmod_hook); 2839 cfg_parser->cfg->ipsecmod_hook = $2; 2840 #else 2841 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2842 free($2); 2843 #endif 2844 } 2845 ; 2846 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG 2847 { 2848 #ifdef USE_IPSECMOD 2849 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2)); 2850 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2851 yyerror("number expected"); 2852 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2); 2853 free($2); 2854 #else 2855 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2856 free($2); 2857 #endif 2858 } 2859 ; 2860 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG 2861 { 2862 #ifdef USE_IPSECMOD 2863 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2)); 2864 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2)) 2865 yyerror("out of memory"); 2866 #else 2867 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2868 free($2); 2869 #endif 2870 } 2871 ; 2872 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG 2873 { 2874 #ifdef USE_IPSECMOD 2875 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2)); 2876 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2877 yyerror("expected yes or no."); 2878 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0); 2879 free($2); 2880 #else 2881 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2882 free($2); 2883 #endif 2884 } 2885 ; 2886 server_edns_client_string: VAR_EDNS_CLIENT_STRING STRING_ARG STRING_ARG 2887 { 2888 OUTYY(("P(server_edns_client_string:%s %s)\n", $2, $3)); 2889 if(!cfg_str2list_insert( 2890 &cfg_parser->cfg->edns_client_strings, $2, $3)) 2891 fatal_exit("out of memory adding " 2892 "edns-client-string"); 2893 } 2894 ; 2895 server_edns_client_string_opcode: VAR_EDNS_CLIENT_STRING_OPCODE STRING_ARG 2896 { 2897 OUTYY(("P(edns_client_string_opcode:%s)\n", $2)); 2898 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2899 yyerror("option code expected"); 2900 else if(atoi($2) > 65535 || atoi($2) < 0) 2901 yyerror("option code must be in interval [0, 65535]"); 2902 else cfg_parser->cfg->edns_client_string_opcode = atoi($2); 2903 free($2); 2904 } 2905 ; 2906 server_ede: VAR_EDE STRING_ARG 2907 { 2908 OUTYY(("P(server_ede:%s)\n", $2)); 2909 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2910 yyerror("expected yes or no."); 2911 else cfg_parser->cfg->ede = (strcmp($2, "yes")==0); 2912 free($2); 2913 } 2914 ; 2915 server_proxy_protocol_port: VAR_PROXY_PROTOCOL_PORT STRING_ARG 2916 { 2917 OUTYY(("P(server_proxy_protocol_port:%s)\n", $2)); 2918 if(!cfg_strlist_insert(&cfg_parser->cfg->proxy_protocol_port, $2)) 2919 yyerror("out of memory"); 2920 } 2921 ; 2922 stub_name: VAR_NAME STRING_ARG 2923 { 2924 OUTYY(("P(name:%s)\n", $2)); 2925 if(cfg_parser->cfg->stubs->name) 2926 yyerror("stub name override, there must be one name " 2927 "for one stub-zone"); 2928 free(cfg_parser->cfg->stubs->name); 2929 cfg_parser->cfg->stubs->name = $2; 2930 } 2931 ; 2932 stub_host: VAR_STUB_HOST STRING_ARG 2933 { 2934 OUTYY(("P(stub-host:%s)\n", $2)); 2935 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2)) 2936 yyerror("out of memory"); 2937 } 2938 ; 2939 stub_addr: VAR_STUB_ADDR STRING_ARG 2940 { 2941 OUTYY(("P(stub-addr:%s)\n", $2)); 2942 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2)) 2943 yyerror("out of memory"); 2944 } 2945 ; 2946 stub_first: VAR_STUB_FIRST STRING_ARG 2947 { 2948 OUTYY(("P(stub-first:%s)\n", $2)); 2949 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2950 yyerror("expected yes or no."); 2951 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0); 2952 free($2); 2953 } 2954 ; 2955 stub_no_cache: VAR_STUB_NO_CACHE STRING_ARG 2956 { 2957 OUTYY(("P(stub-no-cache:%s)\n", $2)); 2958 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2959 yyerror("expected yes or no."); 2960 else cfg_parser->cfg->stubs->no_cache=(strcmp($2, "yes")==0); 2961 free($2); 2962 } 2963 ; 2964 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG 2965 { 2966 OUTYY(("P(stub-ssl-upstream:%s)\n", $2)); 2967 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2968 yyerror("expected yes or no."); 2969 else cfg_parser->cfg->stubs->ssl_upstream = 2970 (strcmp($2, "yes")==0); 2971 free($2); 2972 } 2973 ; 2974 stub_tcp_upstream: VAR_STUB_TCP_UPSTREAM STRING_ARG 2975 { 2976 OUTYY(("P(stub-tcp-upstream:%s)\n", $2)); 2977 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2978 yyerror("expected yes or no."); 2979 else cfg_parser->cfg->stubs->tcp_upstream = 2980 (strcmp($2, "yes")==0); 2981 free($2); 2982 } 2983 ; 2984 stub_prime: VAR_STUB_PRIME STRING_ARG 2985 { 2986 OUTYY(("P(stub-prime:%s)\n", $2)); 2987 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2988 yyerror("expected yes or no."); 2989 else cfg_parser->cfg->stubs->isprime = 2990 (strcmp($2, "yes")==0); 2991 free($2); 2992 } 2993 ; 2994 forward_name: VAR_NAME STRING_ARG 2995 { 2996 OUTYY(("P(name:%s)\n", $2)); 2997 if(cfg_parser->cfg->forwards->name) 2998 yyerror("forward name override, there must be one " 2999 "name for one forward-zone"); 3000 free(cfg_parser->cfg->forwards->name); 3001 cfg_parser->cfg->forwards->name = $2; 3002 } 3003 ; 3004 forward_host: VAR_FORWARD_HOST STRING_ARG 3005 { 3006 OUTYY(("P(forward-host:%s)\n", $2)); 3007 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2)) 3008 yyerror("out of memory"); 3009 } 3010 ; 3011 forward_addr: VAR_FORWARD_ADDR STRING_ARG 3012 { 3013 OUTYY(("P(forward-addr:%s)\n", $2)); 3014 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2)) 3015 yyerror("out of memory"); 3016 } 3017 ; 3018 forward_first: VAR_FORWARD_FIRST STRING_ARG 3019 { 3020 OUTYY(("P(forward-first:%s)\n", $2)); 3021 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3022 yyerror("expected yes or no."); 3023 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0); 3024 free($2); 3025 } 3026 ; 3027 forward_no_cache: VAR_FORWARD_NO_CACHE STRING_ARG 3028 { 3029 OUTYY(("P(forward-no-cache:%s)\n", $2)); 3030 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3031 yyerror("expected yes or no."); 3032 else cfg_parser->cfg->forwards->no_cache=(strcmp($2, "yes")==0); 3033 free($2); 3034 } 3035 ; 3036 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG 3037 { 3038 OUTYY(("P(forward-ssl-upstream:%s)\n", $2)); 3039 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3040 yyerror("expected yes or no."); 3041 else cfg_parser->cfg->forwards->ssl_upstream = 3042 (strcmp($2, "yes")==0); 3043 free($2); 3044 } 3045 ; 3046 forward_tcp_upstream: VAR_FORWARD_TCP_UPSTREAM STRING_ARG 3047 { 3048 OUTYY(("P(forward-tcp-upstream:%s)\n", $2)); 3049 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3050 yyerror("expected yes or no."); 3051 else cfg_parser->cfg->forwards->tcp_upstream = 3052 (strcmp($2, "yes")==0); 3053 free($2); 3054 } 3055 ; 3056 auth_name: VAR_NAME STRING_ARG 3057 { 3058 OUTYY(("P(name:%s)\n", $2)); 3059 if(cfg_parser->cfg->auths->name) 3060 yyerror("auth name override, there must be one name " 3061 "for one auth-zone"); 3062 free(cfg_parser->cfg->auths->name); 3063 cfg_parser->cfg->auths->name = $2; 3064 } 3065 ; 3066 auth_zonefile: VAR_ZONEFILE STRING_ARG 3067 { 3068 OUTYY(("P(zonefile:%s)\n", $2)); 3069 free(cfg_parser->cfg->auths->zonefile); 3070 cfg_parser->cfg->auths->zonefile = $2; 3071 } 3072 ; 3073 auth_master: VAR_MASTER STRING_ARG 3074 { 3075 OUTYY(("P(master:%s)\n", $2)); 3076 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2)) 3077 yyerror("out of memory"); 3078 } 3079 ; 3080 auth_url: VAR_URL STRING_ARG 3081 { 3082 OUTYY(("P(url:%s)\n", $2)); 3083 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2)) 3084 yyerror("out of memory"); 3085 } 3086 ; 3087 auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG 3088 { 3089 OUTYY(("P(allow-notify:%s)\n", $2)); 3090 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify, 3091 $2)) 3092 yyerror("out of memory"); 3093 } 3094 ; 3095 auth_zonemd_check: VAR_ZONEMD_CHECK STRING_ARG 3096 { 3097 OUTYY(("P(zonemd-check:%s)\n", $2)); 3098 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3099 yyerror("expected yes or no."); 3100 else cfg_parser->cfg->auths->zonemd_check = 3101 (strcmp($2, "yes")==0); 3102 free($2); 3103 } 3104 ; 3105 auth_zonemd_reject_absence: VAR_ZONEMD_REJECT_ABSENCE STRING_ARG 3106 { 3107 OUTYY(("P(zonemd-reject-absence:%s)\n", $2)); 3108 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3109 yyerror("expected yes or no."); 3110 else cfg_parser->cfg->auths->zonemd_reject_absence = 3111 (strcmp($2, "yes")==0); 3112 free($2); 3113 } 3114 ; 3115 auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG 3116 { 3117 OUTYY(("P(for-downstream:%s)\n", $2)); 3118 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3119 yyerror("expected yes or no."); 3120 else cfg_parser->cfg->auths->for_downstream = 3121 (strcmp($2, "yes")==0); 3122 free($2); 3123 } 3124 ; 3125 auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG 3126 { 3127 OUTYY(("P(for-upstream:%s)\n", $2)); 3128 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3129 yyerror("expected yes or no."); 3130 else cfg_parser->cfg->auths->for_upstream = 3131 (strcmp($2, "yes")==0); 3132 free($2); 3133 } 3134 ; 3135 auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG 3136 { 3137 OUTYY(("P(fallback-enabled:%s)\n", $2)); 3138 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3139 yyerror("expected yes or no."); 3140 else cfg_parser->cfg->auths->fallback_enabled = 3141 (strcmp($2, "yes")==0); 3142 free($2); 3143 } 3144 ; 3145 view_name: VAR_NAME STRING_ARG 3146 { 3147 OUTYY(("P(name:%s)\n", $2)); 3148 if(cfg_parser->cfg->views->name) 3149 yyerror("view name override, there must be one " 3150 "name for one view"); 3151 free(cfg_parser->cfg->views->name); 3152 cfg_parser->cfg->views->name = $2; 3153 } 3154 ; 3155 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 3156 { 3157 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3)); 3158 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 3159 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 3160 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 3161 && strcmp($3, "typetransparent")!=0 3162 && strcmp($3, "always_transparent")!=0 3163 && strcmp($3, "always_refuse")!=0 3164 && strcmp($3, "always_nxdomain")!=0 3165 && strcmp($3, "always_nodata")!=0 3166 && strcmp($3, "always_deny")!=0 3167 && strcmp($3, "always_null")!=0 3168 && strcmp($3, "noview")!=0 3169 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 3170 && strcmp($3, "inform_redirect") != 0 3171 && strcmp($3, "ipset") != 0) { 3172 yyerror("local-zone type: expected static, deny, " 3173 "refuse, redirect, transparent, " 3174 "typetransparent, inform, inform_deny, " 3175 "inform_redirect, always_transparent, " 3176 "always_refuse, always_nxdomain, " 3177 "always_nodata, always_deny, always_null, " 3178 "noview, nodefault or ipset"); 3179 free($2); 3180 free($3); 3181 } else if(strcmp($3, "nodefault")==0) { 3182 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3183 local_zones_nodefault, $2)) 3184 fatal_exit("out of memory adding local-zone"); 3185 free($3); 3186 #ifdef USE_IPSET 3187 } else if(strcmp($3, "ipset")==0) { 3188 size_t len = strlen($2); 3189 /* Make sure to add the trailing dot. 3190 * These are str compared to domain names. */ 3191 if($2[len-1] != '.') { 3192 if(!($2 = realloc($2, len+2))) { 3193 fatal_exit("out of memory adding local-zone"); 3194 } 3195 $2[len] = '.'; 3196 $2[len+1] = 0; 3197 } 3198 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3199 local_zones_ipset, $2)) 3200 fatal_exit("out of memory adding local-zone"); 3201 free($3); 3202 #endif 3203 } else { 3204 if(!cfg_str2list_insert( 3205 &cfg_parser->cfg->views->local_zones, 3206 $2, $3)) 3207 fatal_exit("out of memory adding local-zone"); 3208 } 3209 } 3210 ; 3211 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 3212 { 3213 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3)); 3214 validate_respip_action($3); 3215 if(!cfg_str2list_insert( 3216 &cfg_parser->cfg->views->respip_actions, $2, $3)) 3217 fatal_exit("out of memory adding per-view " 3218 "response-ip action"); 3219 } 3220 ; 3221 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 3222 { 3223 OUTYY(("P(view_response_ip_data:%s)\n", $2)); 3224 if(!cfg_str2list_insert( 3225 &cfg_parser->cfg->views->respip_data, $2, $3)) 3226 fatal_exit("out of memory adding response-ip-data"); 3227 } 3228 ; 3229 view_local_data: VAR_LOCAL_DATA STRING_ARG 3230 { 3231 OUTYY(("P(view_local_data:%s)\n", $2)); 3232 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) { 3233 fatal_exit("out of memory adding local-data"); 3234 } 3235 } 3236 ; 3237 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 3238 { 3239 char* ptr; 3240 OUTYY(("P(view_local_data_ptr:%s)\n", $2)); 3241 ptr = cfg_ptr_reverse($2); 3242 free($2); 3243 if(ptr) { 3244 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3245 local_data, ptr)) 3246 fatal_exit("out of memory adding local-data"); 3247 } else { 3248 yyerror("local-data-ptr could not be reversed"); 3249 } 3250 } 3251 ; 3252 view_first: VAR_VIEW_FIRST STRING_ARG 3253 { 3254 OUTYY(("P(view-first:%s)\n", $2)); 3255 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3256 yyerror("expected yes or no."); 3257 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0); 3258 free($2); 3259 } 3260 ; 3261 rcstart: VAR_REMOTE_CONTROL 3262 { 3263 OUTYY(("\nP(remote-control:)\n")); 3264 cfg_parser->started_toplevel = 1; 3265 } 3266 ; 3267 contents_rc: contents_rc content_rc 3268 | ; 3269 content_rc: rc_control_enable | rc_control_interface | rc_control_port | 3270 rc_server_key_file | rc_server_cert_file | rc_control_key_file | 3271 rc_control_cert_file | rc_control_use_cert 3272 ; 3273 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG 3274 { 3275 OUTYY(("P(control_enable:%s)\n", $2)); 3276 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3277 yyerror("expected yes or no."); 3278 else cfg_parser->cfg->remote_control_enable = 3279 (strcmp($2, "yes")==0); 3280 free($2); 3281 } 3282 ; 3283 rc_control_port: VAR_CONTROL_PORT STRING_ARG 3284 { 3285 OUTYY(("P(control_port:%s)\n", $2)); 3286 if(atoi($2) == 0) 3287 yyerror("control port number expected"); 3288 else cfg_parser->cfg->control_port = atoi($2); 3289 free($2); 3290 } 3291 ; 3292 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG 3293 { 3294 OUTYY(("P(control_interface:%s)\n", $2)); 3295 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2)) 3296 yyerror("out of memory"); 3297 } 3298 ; 3299 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG 3300 { 3301 OUTYY(("P(control_use_cert:%s)\n", $2)); 3302 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0); 3303 free($2); 3304 } 3305 ; 3306 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG 3307 { 3308 OUTYY(("P(rc_server_key_file:%s)\n", $2)); 3309 free(cfg_parser->cfg->server_key_file); 3310 cfg_parser->cfg->server_key_file = $2; 3311 } 3312 ; 3313 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG 3314 { 3315 OUTYY(("P(rc_server_cert_file:%s)\n", $2)); 3316 free(cfg_parser->cfg->server_cert_file); 3317 cfg_parser->cfg->server_cert_file = $2; 3318 } 3319 ; 3320 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG 3321 { 3322 OUTYY(("P(rc_control_key_file:%s)\n", $2)); 3323 free(cfg_parser->cfg->control_key_file); 3324 cfg_parser->cfg->control_key_file = $2; 3325 } 3326 ; 3327 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG 3328 { 3329 OUTYY(("P(rc_control_cert_file:%s)\n", $2)); 3330 free(cfg_parser->cfg->control_cert_file); 3331 cfg_parser->cfg->control_cert_file = $2; 3332 } 3333 ; 3334 dtstart: VAR_DNSTAP 3335 { 3336 OUTYY(("\nP(dnstap:)\n")); 3337 cfg_parser->started_toplevel = 1; 3338 } 3339 ; 3340 contents_dt: contents_dt content_dt 3341 | ; 3342 content_dt: dt_dnstap_enable | dt_dnstap_socket_path | dt_dnstap_bidirectional | 3343 dt_dnstap_ip | dt_dnstap_tls | dt_dnstap_tls_server_name | 3344 dt_dnstap_tls_cert_bundle | 3345 dt_dnstap_tls_client_key_file | dt_dnstap_tls_client_cert_file | 3346 dt_dnstap_send_identity | dt_dnstap_send_version | 3347 dt_dnstap_identity | dt_dnstap_version | 3348 dt_dnstap_log_resolver_query_messages | 3349 dt_dnstap_log_resolver_response_messages | 3350 dt_dnstap_log_client_query_messages | 3351 dt_dnstap_log_client_response_messages | 3352 dt_dnstap_log_forwarder_query_messages | 3353 dt_dnstap_log_forwarder_response_messages 3354 ; 3355 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG 3356 { 3357 OUTYY(("P(dt_dnstap_enable:%s)\n", $2)); 3358 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3359 yyerror("expected yes or no."); 3360 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0); 3361 free($2); 3362 } 3363 ; 3364 dt_dnstap_bidirectional: VAR_DNSTAP_BIDIRECTIONAL STRING_ARG 3365 { 3366 OUTYY(("P(dt_dnstap_bidirectional:%s)\n", $2)); 3367 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3368 yyerror("expected yes or no."); 3369 else cfg_parser->cfg->dnstap_bidirectional = 3370 (strcmp($2, "yes")==0); 3371 free($2); 3372 } 3373 ; 3374 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG 3375 { 3376 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2)); 3377 free(cfg_parser->cfg->dnstap_socket_path); 3378 cfg_parser->cfg->dnstap_socket_path = $2; 3379 } 3380 ; 3381 dt_dnstap_ip: VAR_DNSTAP_IP STRING_ARG 3382 { 3383 OUTYY(("P(dt_dnstap_ip:%s)\n", $2)); 3384 free(cfg_parser->cfg->dnstap_ip); 3385 cfg_parser->cfg->dnstap_ip = $2; 3386 } 3387 ; 3388 dt_dnstap_tls: VAR_DNSTAP_TLS STRING_ARG 3389 { 3390 OUTYY(("P(dt_dnstap_tls:%s)\n", $2)); 3391 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3392 yyerror("expected yes or no."); 3393 else cfg_parser->cfg->dnstap_tls = (strcmp($2, "yes")==0); 3394 free($2); 3395 } 3396 ; 3397 dt_dnstap_tls_server_name: VAR_DNSTAP_TLS_SERVER_NAME STRING_ARG 3398 { 3399 OUTYY(("P(dt_dnstap_tls_server_name:%s)\n", $2)); 3400 free(cfg_parser->cfg->dnstap_tls_server_name); 3401 cfg_parser->cfg->dnstap_tls_server_name = $2; 3402 } 3403 ; 3404 dt_dnstap_tls_cert_bundle: VAR_DNSTAP_TLS_CERT_BUNDLE STRING_ARG 3405 { 3406 OUTYY(("P(dt_dnstap_tls_cert_bundle:%s)\n", $2)); 3407 free(cfg_parser->cfg->dnstap_tls_cert_bundle); 3408 cfg_parser->cfg->dnstap_tls_cert_bundle = $2; 3409 } 3410 ; 3411 dt_dnstap_tls_client_key_file: VAR_DNSTAP_TLS_CLIENT_KEY_FILE STRING_ARG 3412 { 3413 OUTYY(("P(dt_dnstap_tls_client_key_file:%s)\n", $2)); 3414 free(cfg_parser->cfg->dnstap_tls_client_key_file); 3415 cfg_parser->cfg->dnstap_tls_client_key_file = $2; 3416 } 3417 ; 3418 dt_dnstap_tls_client_cert_file: VAR_DNSTAP_TLS_CLIENT_CERT_FILE STRING_ARG 3419 { 3420 OUTYY(("P(dt_dnstap_tls_client_cert_file:%s)\n", $2)); 3421 free(cfg_parser->cfg->dnstap_tls_client_cert_file); 3422 cfg_parser->cfg->dnstap_tls_client_cert_file = $2; 3423 } 3424 ; 3425 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG 3426 { 3427 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2)); 3428 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3429 yyerror("expected yes or no."); 3430 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0); 3431 free($2); 3432 } 3433 ; 3434 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG 3435 { 3436 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2)); 3437 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3438 yyerror("expected yes or no."); 3439 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0); 3440 free($2); 3441 } 3442 ; 3443 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG 3444 { 3445 OUTYY(("P(dt_dnstap_identity:%s)\n", $2)); 3446 free(cfg_parser->cfg->dnstap_identity); 3447 cfg_parser->cfg->dnstap_identity = $2; 3448 } 3449 ; 3450 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG 3451 { 3452 OUTYY(("P(dt_dnstap_version:%s)\n", $2)); 3453 free(cfg_parser->cfg->dnstap_version); 3454 cfg_parser->cfg->dnstap_version = $2; 3455 } 3456 ; 3457 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG 3458 { 3459 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2)); 3460 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3461 yyerror("expected yes or no."); 3462 else cfg_parser->cfg->dnstap_log_resolver_query_messages = 3463 (strcmp($2, "yes")==0); 3464 free($2); 3465 } 3466 ; 3467 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG 3468 { 3469 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2)); 3470 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3471 yyerror("expected yes or no."); 3472 else cfg_parser->cfg->dnstap_log_resolver_response_messages = 3473 (strcmp($2, "yes")==0); 3474 free($2); 3475 } 3476 ; 3477 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG 3478 { 3479 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2)); 3480 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3481 yyerror("expected yes or no."); 3482 else cfg_parser->cfg->dnstap_log_client_query_messages = 3483 (strcmp($2, "yes")==0); 3484 free($2); 3485 } 3486 ; 3487 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG 3488 { 3489 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2)); 3490 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3491 yyerror("expected yes or no."); 3492 else cfg_parser->cfg->dnstap_log_client_response_messages = 3493 (strcmp($2, "yes")==0); 3494 free($2); 3495 } 3496 ; 3497 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG 3498 { 3499 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2)); 3500 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3501 yyerror("expected yes or no."); 3502 else cfg_parser->cfg->dnstap_log_forwarder_query_messages = 3503 (strcmp($2, "yes")==0); 3504 free($2); 3505 } 3506 ; 3507 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG 3508 { 3509 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2)); 3510 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3511 yyerror("expected yes or no."); 3512 else cfg_parser->cfg->dnstap_log_forwarder_response_messages = 3513 (strcmp($2, "yes")==0); 3514 free($2); 3515 } 3516 ; 3517 pythonstart: VAR_PYTHON 3518 { 3519 OUTYY(("\nP(python:)\n")); 3520 cfg_parser->started_toplevel = 1; 3521 } 3522 ; 3523 contents_py: contents_py content_py 3524 | ; 3525 content_py: py_script 3526 ; 3527 py_script: VAR_PYTHON_SCRIPT STRING_ARG 3528 { 3529 OUTYY(("P(python-script:%s)\n", $2)); 3530 if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, $2)) 3531 yyerror("out of memory"); 3532 } 3533 ; 3534 dynlibstart: VAR_DYNLIB 3535 { 3536 OUTYY(("\nP(dynlib:)\n")); 3537 cfg_parser->started_toplevel = 1; 3538 } 3539 ; 3540 contents_dl: contents_dl content_dl 3541 | ; 3542 content_dl: dl_file 3543 ; 3544 dl_file: VAR_DYNLIB_FILE STRING_ARG 3545 { 3546 OUTYY(("P(dynlib-file:%s)\n", $2)); 3547 if(!cfg_strlist_append_ex(&cfg_parser->cfg->dynlib_file, $2)) 3548 yyerror("out of memory"); 3549 } 3550 ; 3551 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG 3552 { 3553 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2)); 3554 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3555 yyerror("expected yes or no."); 3556 else cfg_parser->cfg->disable_dnssec_lame_check = 3557 (strcmp($2, "yes")==0); 3558 free($2); 3559 } 3560 ; 3561 server_log_identity: VAR_LOG_IDENTITY STRING_ARG 3562 { 3563 OUTYY(("P(server_log_identity:%s)\n", $2)); 3564 free(cfg_parser->cfg->log_identity); 3565 cfg_parser->cfg->log_identity = $2; 3566 } 3567 ; 3568 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 3569 { 3570 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3)); 3571 validate_respip_action($3); 3572 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions, 3573 $2, $3)) 3574 fatal_exit("out of memory adding response-ip"); 3575 } 3576 ; 3577 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 3578 { 3579 OUTYY(("P(server_response_ip_data:%s)\n", $2)); 3580 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data, 3581 $2, $3)) 3582 fatal_exit("out of memory adding response-ip-data"); 3583 } 3584 ; 3585 dnscstart: VAR_DNSCRYPT 3586 { 3587 OUTYY(("\nP(dnscrypt:)\n")); 3588 cfg_parser->started_toplevel = 1; 3589 } 3590 ; 3591 contents_dnsc: contents_dnsc content_dnsc 3592 | ; 3593 content_dnsc: 3594 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider | 3595 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert | 3596 dnsc_dnscrypt_provider_cert_rotated | 3597 dnsc_dnscrypt_shared_secret_cache_size | 3598 dnsc_dnscrypt_shared_secret_cache_slabs | 3599 dnsc_dnscrypt_nonce_cache_size | 3600 dnsc_dnscrypt_nonce_cache_slabs 3601 ; 3602 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG 3603 { 3604 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2)); 3605 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3606 yyerror("expected yes or no."); 3607 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0); 3608 free($2); 3609 } 3610 ; 3611 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG 3612 { 3613 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2)); 3614 if(atoi($2) == 0) 3615 yyerror("port number expected"); 3616 else cfg_parser->cfg->dnscrypt_port = atoi($2); 3617 free($2); 3618 } 3619 ; 3620 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG 3621 { 3622 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2)); 3623 free(cfg_parser->cfg->dnscrypt_provider); 3624 cfg_parser->cfg->dnscrypt_provider = $2; 3625 } 3626 ; 3627 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG 3628 { 3629 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2)); 3630 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3631 log_warn("dnscrypt-provider-cert %s is a duplicate", $2); 3632 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3633 fatal_exit("out of memory adding dnscrypt-provider-cert"); 3634 } 3635 ; 3636 dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG 3637 { 3638 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2)); 3639 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2)) 3640 fatal_exit("out of memory adding dnscrypt-provider-cert-rotated"); 3641 } 3642 ; 3643 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG 3644 { 3645 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2)); 3646 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2)) 3647 log_warn("dnscrypt-secret-key: %s is a duplicate", $2); 3648 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2)) 3649 fatal_exit("out of memory adding dnscrypt-secret-key"); 3650 } 3651 ; 3652 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG 3653 { 3654 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2)); 3655 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size)) 3656 yyerror("memory size expected"); 3657 free($2); 3658 } 3659 ; 3660 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG 3661 { 3662 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2)); 3663 if(atoi($2) == 0) { 3664 yyerror("number expected"); 3665 } else { 3666 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2); 3667 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs)) 3668 yyerror("must be a power of 2"); 3669 } 3670 free($2); 3671 } 3672 ; 3673 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG 3674 { 3675 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2)); 3676 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size)) 3677 yyerror("memory size expected"); 3678 free($2); 3679 } 3680 ; 3681 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG 3682 { 3683 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2)); 3684 if(atoi($2) == 0) { 3685 yyerror("number expected"); 3686 } else { 3687 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2); 3688 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs)) 3689 yyerror("must be a power of 2"); 3690 } 3691 free($2); 3692 } 3693 ; 3694 cachedbstart: VAR_CACHEDB 3695 { 3696 OUTYY(("\nP(cachedb:)\n")); 3697 cfg_parser->started_toplevel = 1; 3698 } 3699 ; 3700 contents_cachedb: contents_cachedb content_cachedb 3701 | ; 3702 content_cachedb: cachedb_backend_name | cachedb_secret_seed | 3703 redis_server_host | redis_server_port | redis_timeout | 3704 redis_expire_records | redis_server_path | redis_server_password 3705 ; 3706 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG 3707 { 3708 #ifdef USE_CACHEDB 3709 OUTYY(("P(backend:%s)\n", $2)); 3710 free(cfg_parser->cfg->cachedb_backend); 3711 cfg_parser->cfg->cachedb_backend = $2; 3712 #else 3713 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3714 free($2); 3715 #endif 3716 } 3717 ; 3718 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG 3719 { 3720 #ifdef USE_CACHEDB 3721 OUTYY(("P(secret-seed:%s)\n", $2)); 3722 free(cfg_parser->cfg->cachedb_secret); 3723 cfg_parser->cfg->cachedb_secret = $2; 3724 #else 3725 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3726 free($2); 3727 #endif 3728 } 3729 ; 3730 redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG 3731 { 3732 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3733 OUTYY(("P(redis_server_host:%s)\n", $2)); 3734 free(cfg_parser->cfg->redis_server_host); 3735 cfg_parser->cfg->redis_server_host = $2; 3736 #else 3737 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3738 free($2); 3739 #endif 3740 } 3741 ; 3742 redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG 3743 { 3744 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3745 int port; 3746 OUTYY(("P(redis_server_port:%s)\n", $2)); 3747 port = atoi($2); 3748 if(port == 0 || port < 0 || port > 65535) 3749 yyerror("valid redis server port number expected"); 3750 else cfg_parser->cfg->redis_server_port = port; 3751 #else 3752 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3753 #endif 3754 free($2); 3755 } 3756 ; 3757 redis_server_path: VAR_CACHEDB_REDISPATH STRING_ARG 3758 { 3759 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3760 OUTYY(("P(redis_server_path:%s)\n", $2)); 3761 free(cfg_parser->cfg->redis_server_path); 3762 cfg_parser->cfg->redis_server_path = $2; 3763 #else 3764 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3765 free($2); 3766 #endif 3767 } 3768 ; 3769 redis_server_password: VAR_CACHEDB_REDISPASSWORD STRING_ARG 3770 { 3771 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3772 OUTYY(("P(redis_server_password:%s)\n", $2)); 3773 free(cfg_parser->cfg->redis_server_password); 3774 cfg_parser->cfg->redis_server_password = $2; 3775 #else 3776 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3777 free($2); 3778 #endif 3779 } 3780 ; 3781 redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG 3782 { 3783 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3784 OUTYY(("P(redis_timeout:%s)\n", $2)); 3785 if(atoi($2) == 0) 3786 yyerror("redis timeout value expected"); 3787 else cfg_parser->cfg->redis_timeout = atoi($2); 3788 #else 3789 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3790 #endif 3791 free($2); 3792 } 3793 ; 3794 redis_expire_records: VAR_CACHEDB_REDISEXPIRERECORDS STRING_ARG 3795 { 3796 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3797 OUTYY(("P(redis_expire_records:%s)\n", $2)); 3798 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3799 yyerror("expected yes or no."); 3800 else cfg_parser->cfg->redis_expire_records = (strcmp($2, "yes")==0); 3801 #else 3802 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3803 #endif 3804 free($2); 3805 } 3806 ; 3807 server_tcp_connection_limit: VAR_TCP_CONNECTION_LIMIT STRING_ARG STRING_ARG 3808 { 3809 OUTYY(("P(server_tcp_connection_limit:%s %s)\n", $2, $3)); 3810 if (atoi($3) < 0) 3811 yyerror("positive number expected"); 3812 else { 3813 if(!cfg_str2list_insert(&cfg_parser->cfg->tcp_connection_limits, $2, $3)) 3814 fatal_exit("out of memory adding tcp connection limit"); 3815 } 3816 } 3817 ; 3818 server_answer_cookie: VAR_ANSWER_COOKIE STRING_ARG 3819 { 3820 OUTYY(("P(server_answer_cookie:%s)\n", $2)); 3821 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3822 yyerror("expected yes or no."); 3823 else cfg_parser->cfg->do_answer_cookie = (strcmp($2, "yes")==0); 3824 free($2); 3825 } 3826 ; 3827 server_cookie_secret: VAR_COOKIE_SECRET STRING_ARG 3828 { 3829 uint8_t secret[32]; 3830 size_t secret_len = sizeof(secret); 3831 3832 OUTYY(("P(server_cookie_secret:%s)\n", $2)); 3833 if(sldns_str2wire_hex_buf($2, secret, &secret_len) 3834 || (secret_len != 16)) 3835 yyerror("expected 128 bit hex string"); 3836 else { 3837 cfg_parser->cfg->cookie_secret_len = secret_len; 3838 memcpy(cfg_parser->cfg->cookie_secret, secret, sizeof(secret)); 3839 } 3840 free($2); 3841 } 3842 ; 3843 ipsetstart: VAR_IPSET 3844 { 3845 OUTYY(("\nP(ipset:)\n")); 3846 cfg_parser->started_toplevel = 1; 3847 } 3848 ; 3849 contents_ipset: contents_ipset content_ipset 3850 | ; 3851 content_ipset: ipset_name_v4 | ipset_name_v6 3852 ; 3853 ipset_name_v4: VAR_IPSET_NAME_V4 STRING_ARG 3854 { 3855 #ifdef USE_IPSET 3856 OUTYY(("P(name-v4:%s)\n", $2)); 3857 if(cfg_parser->cfg->ipset_name_v4) 3858 yyerror("ipset name v4 override, there must be one " 3859 "name for ip v4"); 3860 free(cfg_parser->cfg->ipset_name_v4); 3861 cfg_parser->cfg->ipset_name_v4 = $2; 3862 #else 3863 OUTYY(("P(Compiled without ipset, ignoring)\n")); 3864 free($2); 3865 #endif 3866 } 3867 ; 3868 ipset_name_v6: VAR_IPSET_NAME_V6 STRING_ARG 3869 { 3870 #ifdef USE_IPSET 3871 OUTYY(("P(name-v6:%s)\n", $2)); 3872 if(cfg_parser->cfg->ipset_name_v6) 3873 yyerror("ipset name v6 override, there must be one " 3874 "name for ip v6"); 3875 free(cfg_parser->cfg->ipset_name_v6); 3876 cfg_parser->cfg->ipset_name_v6 = $2; 3877 #else 3878 OUTYY(("P(Compiled without ipset, ignoring)\n")); 3879 free($2); 3880 #endif 3881 } 3882 ; 3883 %% 3884 3885 /* parse helper routines could be here */ 3886 static void 3887 validate_respip_action(const char* action) 3888 { 3889 if(strcmp(action, "deny")!=0 && 3890 strcmp(action, "redirect")!=0 && 3891 strcmp(action, "inform")!=0 && 3892 strcmp(action, "inform_deny")!=0 && 3893 strcmp(action, "always_transparent")!=0 && 3894 strcmp(action, "always_refuse")!=0 && 3895 strcmp(action, "always_nxdomain")!=0) 3896 { 3897 yyerror("response-ip action: expected deny, redirect, " 3898 "inform, inform_deny, always_transparent, " 3899 "always_refuse or always_nxdomain"); 3900 } 3901 } 3902 3903 static void 3904 validate_acl_action(const char* action) 3905 { 3906 if(strcmp(action, "deny")!=0 && 3907 strcmp(action, "refuse")!=0 && 3908 strcmp(action, "deny_non_local")!=0 && 3909 strcmp(action, "refuse_non_local")!=0 && 3910 strcmp(action, "allow_setrd")!=0 && 3911 strcmp(action, "allow")!=0 && 3912 strcmp(action, "allow_snoop")!=0 && 3913 strcmp(action, "allow_cookie")!=0) 3914 { 3915 yyerror("expected deny, refuse, deny_non_local, " 3916 "refuse_non_local, allow, allow_setrd, " 3917 "allow_snoop or allow_cookie as access control action"); 3918 } 3919 } 3920