1 /* 2 * configparser.y -- yacc grammar for unbound configuration files 3 * 4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. 5 * 6 * Copyright (c) 2007, NLnet Labs. All rights reserved. 7 * 8 * This software is open source. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * Redistributions of source code must retain the above copyright notice, 15 * this list of conditions and the following disclaimer. 16 * 17 * Redistributions in binary form must reproduce the above copyright notice, 18 * this list of conditions and the following disclaimer in the documentation 19 * and/or other materials provided with the distribution. 20 * 21 * Neither the name of the NLNET LABS nor the names of its contributors may 22 * be used to endorse or promote products derived from this software without 23 * specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38 %{ 39 #include "config.h" 40 41 #include <stdarg.h> 42 #include <stdio.h> 43 #include <string.h> 44 #include <stdlib.h> 45 #include <assert.h> 46 47 #include "util/configyyrename.h" 48 #include "util/config_file.h" 49 #include "util/net_help.h" 50 51 int ub_c_lex(void); 52 void ub_c_error(const char *message); 53 54 static void validate_respip_action(const char* action); 55 56 /* these need to be global, otherwise they cannot be used inside yacc */ 57 extern struct config_parser_state* cfg_parser; 58 59 #if 0 60 #define OUTYY(s) printf s /* used ONLY when debugging */ 61 #else 62 #define OUTYY(s) 63 #endif 64 65 %} 66 %union { 67 char* str; 68 }; 69 70 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR 71 %token <str> STRING_ARG 72 %token VAR_FORCE_TOPLEVEL 73 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT 74 %token VAR_OUTGOING_RANGE VAR_INTERFACE VAR_PREFER_IP4 75 %token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP 76 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT 77 %token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT 78 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE 79 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD 80 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP 81 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS 82 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME 83 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY 84 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES 85 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR 86 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION 87 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF 88 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE 89 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE 90 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE 91 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE 92 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG 93 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST 94 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL 95 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC 96 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID 97 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT 98 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR 99 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS 100 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE 101 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE 102 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE 103 %token VAR_CONTROL_USE_CERT 104 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT 105 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII 106 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN 107 %token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL 108 %token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN 109 %token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH 110 %token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN 111 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS 112 %token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM 113 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST 114 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE 115 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN 116 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE 117 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES 118 %token VAR_INFRA_CACHE_MIN_RTT 119 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA 120 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH VAR_DNSTAP_IP 121 %token VAR_DNSTAP_TLS VAR_DNSTAP_TLS_SERVER_NAME VAR_DNSTAP_TLS_CERT_BUNDLE 122 %token VAR_DNSTAP_TLS_CLIENT_KEY_FILE VAR_DNSTAP_TLS_CLIENT_CERT_FILE 123 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION VAR_DNSTAP_BIDIRECTIONAL 124 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION 125 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 126 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 127 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 128 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 129 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 130 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 131 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA 132 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT 133 %token VAR_IP_DSCP 134 %token VAR_DISABLE_DNSSEC_LAME_CHECK 135 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE 136 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE 137 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN 138 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR 139 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE 140 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE 141 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6 142 %token VAR_MIN_CLIENT_SUBNET_IPV4 VAR_MIN_CLIENT_SUBNET_IPV6 143 %token VAR_MAX_ECS_TREE_SIZE_IPV4 VAR_MAX_ECS_TREE_SIZE_IPV6 144 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN 145 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND 146 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG 147 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION 148 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW 149 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_SERVE_EXPIRED_TTL 150 %token VAR_SERVE_EXPIRED_TTL_RESET VAR_SERVE_EXPIRED_REPLY_TTL 151 %token VAR_SERVE_EXPIRED_CLIENT_TIMEOUT VAR_FAKE_DSA 152 %token VAR_FAKE_SHA1 VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR 153 %token VAR_TRUST_ANCHOR_SIGNALING VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD 154 %token VAR_SHM_ENABLE VAR_SHM_KEY VAR_ROOT_KEY_SENTINEL 155 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER 156 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT 157 %token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 158 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 159 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 160 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE 161 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS 162 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS 163 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT 164 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED 165 %token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISTIMEOUT 166 %token VAR_CACHEDB_REDISEXPIRERECORDS 167 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM 168 %token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM 169 %token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL 170 %token VAR_FAST_SERVER_PERMIL VAR_FAST_SERVER_NUM 171 %token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT VAR_TCP_CONNECTION_LIMIT 172 %token VAR_FORWARD_NO_CACHE VAR_STUB_NO_CACHE VAR_LOG_SERVFAIL VAR_DENY_ANY 173 %token VAR_UNKNOWN_SERVER_TIME_LIMIT VAR_LOG_TAG_QUERYREPLY 174 %token VAR_STREAM_WAIT_SIZE VAR_TLS_CIPHERS VAR_TLS_CIPHERSUITES VAR_TLS_USE_SNI 175 %token VAR_IPSET VAR_IPSET_NAME_V4 VAR_IPSET_NAME_V6 176 %token VAR_TLS_SESSION_TICKET_KEYS VAR_RPZ VAR_TAGS VAR_RPZ_ACTION_OVERRIDE 177 %token VAR_RPZ_CNAME_OVERRIDE VAR_RPZ_LOG VAR_RPZ_LOG_NAME 178 %token VAR_DYNLIB VAR_DYNLIB_FILE 179 180 %% 181 toplevelvars: /* empty */ | toplevelvars toplevelvar ; 182 toplevelvar: serverstart contents_server | stubstart contents_stub | 183 forwardstart contents_forward | pythonstart contents_py | 184 rcstart contents_rc | dtstart contents_dt | viewstart contents_view | 185 dnscstart contents_dnsc | cachedbstart contents_cachedb | 186 ipsetstart contents_ipset | authstart contents_auth | 187 rpzstart contents_rpz | dynlibstart contents_dl | 188 force_toplevel 189 ; 190 force_toplevel: VAR_FORCE_TOPLEVEL 191 { 192 OUTYY(("\nP(force-toplevel)\n")); 193 } 194 ; 195 /* server: declaration */ 196 serverstart: VAR_SERVER 197 { 198 OUTYY(("\nP(server:)\n")); 199 } 200 ; 201 contents_server: contents_server content_server 202 | ; 203 content_server: server_num_threads | server_verbosity | server_port | 204 server_outgoing_range | server_do_ip4 | 205 server_do_ip6 | server_prefer_ip4 | server_prefer_ip6 | 206 server_do_udp | server_do_tcp | 207 server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout | 208 server_tcp_keepalive | server_tcp_keepalive_timeout | 209 server_interface | server_chroot | server_username | 210 server_directory | server_logfile | server_pidfile | 211 server_msg_cache_size | server_msg_cache_slabs | 212 server_num_queries_per_thread | server_rrset_cache_size | 213 server_rrset_cache_slabs | server_outgoing_num_tcp | 214 server_infra_host_ttl | server_infra_lame_ttl | 215 server_infra_cache_slabs | server_infra_cache_numhosts | 216 server_infra_cache_lame_size | server_target_fetch_policy | 217 server_harden_short_bufsize | server_harden_large_queries | 218 server_do_not_query_address | server_hide_identity | 219 server_hide_version | server_identity | server_version | 220 server_harden_glue | server_module_conf | server_trust_anchor_file | 221 server_trust_anchor | server_val_override_date | server_bogus_ttl | 222 server_val_clean_additional | server_val_permissive_mode | 223 server_incoming_num_tcp | server_msg_buffer_size | 224 server_key_cache_size | server_key_cache_slabs | 225 server_trusted_keys_file | server_val_nsec3_keysize_iterations | 226 server_use_syslog | server_outgoing_interface | server_root_hints | 227 server_do_not_query_localhost | server_cache_max_ttl | 228 server_harden_dnssec_stripped | server_access_control | 229 server_local_zone | server_local_data | server_interface_automatic | 230 server_statistics_interval | server_do_daemonize | 231 server_use_caps_for_id | server_statistics_cumulative | 232 server_outgoing_port_permit | server_outgoing_port_avoid | 233 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size | 234 server_harden_referral_path | server_private_address | 235 server_private_domain | server_extended_statistics | 236 server_local_data_ptr | server_jostle_timeout | 237 server_unwanted_reply_threshold | server_log_time_ascii | 238 server_domain_insecure | server_val_sig_skew_min | 239 server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level | 240 server_auto_trust_anchor_file | server_add_holddown | 241 server_del_holddown | server_keep_missing | server_so_rcvbuf | 242 server_edns_buffer_size | server_prefetch | server_prefetch_key | 243 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag | 244 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream | 245 server_log_local_actions | 246 server_ssl_service_key | server_ssl_service_pem | server_ssl_port | 247 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size | 248 server_so_reuseport | server_delay_close | 249 server_unblock_lan_zones | server_insecure_lan_zones | 250 server_dns64_prefix | server_dns64_synthall | server_dns64_ignore_aaaa | 251 server_infra_cache_min_rtt | server_harden_algo_downgrade | 252 server_ip_transparent | server_ip_ratelimit | server_ratelimit | 253 server_ip_dscp | 254 server_ip_ratelimit_slabs | server_ratelimit_slabs | 255 server_ip_ratelimit_size | server_ratelimit_size | 256 server_ratelimit_for_domain | 257 server_ratelimit_below_domain | server_ratelimit_factor | 258 server_ip_ratelimit_factor | server_send_client_subnet | 259 server_client_subnet_zone | server_client_subnet_always_forward | 260 server_client_subnet_opcode | 261 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 | 262 server_min_client_subnet_ipv4 | server_min_client_subnet_ipv6 | 263 server_max_ecs_tree_size_ipv4 | server_max_ecs_tree_size_ipv6 | 264 server_caps_whitelist | server_cache_max_negative_ttl | 265 server_permit_small_holddown | server_qname_minimisation | 266 server_ip_freebind | server_define_tag | server_local_zone_tag | 267 server_disable_dnssec_lame_check | server_access_control_tag | 268 server_local_zone_override | server_access_control_tag_action | 269 server_access_control_tag_data | server_access_control_view | 270 server_qname_minimisation_strict | server_serve_expired | 271 server_serve_expired_ttl | server_serve_expired_ttl_reset | 272 server_serve_expired_reply_ttl | server_serve_expired_client_timeout | 273 server_fake_dsa | server_log_identity | server_use_systemd | 274 server_response_ip_tag | server_response_ip | server_response_ip_data | 275 server_shm_enable | server_shm_key | server_fake_sha1 | 276 server_hide_trustanchor | server_trust_anchor_signaling | 277 server_root_key_sentinel | 278 server_ipsecmod_enabled | server_ipsecmod_hook | 279 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl | 280 server_ipsecmod_whitelist | server_ipsecmod_strict | 281 server_udp_upstream_without_downstream | server_aggressive_nsec | 282 server_tls_cert_bundle | server_tls_additional_port | server_low_rtt | 283 server_fast_server_permil | server_fast_server_num | server_tls_win_cert | 284 server_tcp_connection_limit | server_log_servfail | server_deny_any | 285 server_unknown_server_time_limit | server_log_tag_queryreply | 286 server_stream_wait_size | server_tls_ciphers | 287 server_tls_ciphersuites | server_tls_session_ticket_keys | 288 server_tls_use_sni 289 ; 290 stubstart: VAR_STUB_ZONE 291 { 292 struct config_stub* s; 293 OUTYY(("\nP(stub_zone:)\n")); 294 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 295 if(s) { 296 s->next = cfg_parser->cfg->stubs; 297 cfg_parser->cfg->stubs = s; 298 } else 299 yyerror("out of memory"); 300 } 301 ; 302 contents_stub: contents_stub content_stub 303 | ; 304 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first | 305 stub_no_cache | stub_ssl_upstream 306 ; 307 forwardstart: VAR_FORWARD_ZONE 308 { 309 struct config_stub* s; 310 OUTYY(("\nP(forward_zone:)\n")); 311 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 312 if(s) { 313 s->next = cfg_parser->cfg->forwards; 314 cfg_parser->cfg->forwards = s; 315 } else 316 yyerror("out of memory"); 317 } 318 ; 319 contents_forward: contents_forward content_forward 320 | ; 321 content_forward: forward_name | forward_host | forward_addr | forward_first | 322 forward_no_cache | forward_ssl_upstream 323 ; 324 viewstart: VAR_VIEW 325 { 326 struct config_view* s; 327 OUTYY(("\nP(view:)\n")); 328 s = (struct config_view*)calloc(1, sizeof(struct config_view)); 329 if(s) { 330 s->next = cfg_parser->cfg->views; 331 if(s->next && !s->next->name) 332 yyerror("view without name"); 333 cfg_parser->cfg->views = s; 334 } else 335 yyerror("out of memory"); 336 } 337 ; 338 contents_view: contents_view content_view 339 | ; 340 content_view: view_name | view_local_zone | view_local_data | view_first | 341 view_response_ip | view_response_ip_data | view_local_data_ptr 342 ; 343 authstart: VAR_AUTH_ZONE 344 { 345 struct config_auth* s; 346 OUTYY(("\nP(auth_zone:)\n")); 347 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 348 if(s) { 349 s->next = cfg_parser->cfg->auths; 350 cfg_parser->cfg->auths = s; 351 /* defaults for auth zone */ 352 s->for_downstream = 1; 353 s->for_upstream = 1; 354 s->fallback_enabled = 0; 355 s->isrpz = 0; 356 } else 357 yyerror("out of memory"); 358 } 359 ; 360 contents_auth: contents_auth content_auth 361 | ; 362 content_auth: auth_name | auth_zonefile | auth_master | auth_url | 363 auth_for_downstream | auth_for_upstream | auth_fallback_enabled | 364 auth_allow_notify 365 ; 366 367 rpz_tag: VAR_TAGS STRING_ARG 368 { 369 uint8_t* bitlist; 370 size_t len = 0; 371 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 372 bitlist = config_parse_taglist(cfg_parser->cfg, $2, 373 &len); 374 free($2); 375 if(!bitlist) { 376 yyerror("could not parse tags, (define-tag them first)"); 377 } 378 if(bitlist) { 379 cfg_parser->cfg->auths->rpz_taglist = bitlist; 380 cfg_parser->cfg->auths->rpz_taglistlen = len; 381 382 } 383 } 384 ; 385 386 rpz_action_override: VAR_RPZ_ACTION_OVERRIDE STRING_ARG 387 { 388 OUTYY(("P(rpz_action_override:%s)\n", $2)); 389 if(strcmp($2, "nxdomain")!=0 && strcmp($2, "nodata")!=0 && 390 strcmp($2, "passthru")!=0 && strcmp($2, "drop")!=0 && 391 strcmp($2, "cname")!=0 && strcmp($2, "disabled")!=0) { 392 yyerror("rpz-action-override action: expected nxdomain, " 393 "nodata, passthru, drop, cname or disabled"); 394 free($2); 395 cfg_parser->cfg->auths->rpz_action_override = NULL; 396 } 397 else { 398 cfg_parser->cfg->auths->rpz_action_override = $2; 399 } 400 } 401 ; 402 403 rpz_cname_override: VAR_RPZ_CNAME_OVERRIDE STRING_ARG 404 { 405 OUTYY(("P(rpz_cname_override:%s)\n", $2)); 406 free(cfg_parser->cfg->auths->rpz_cname); 407 cfg_parser->cfg->auths->rpz_cname = $2; 408 } 409 ; 410 411 rpz_log: VAR_RPZ_LOG STRING_ARG 412 { 413 OUTYY(("P(rpz_log:%s)\n", $2)); 414 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 415 yyerror("expected yes or no."); 416 else cfg_parser->cfg->auths->rpz_log = (strcmp($2, "yes")==0); 417 free($2); 418 } 419 ; 420 421 rpz_log_name: VAR_RPZ_LOG_NAME STRING_ARG 422 { 423 OUTYY(("P(rpz_log_name:%s)\n", $2)); 424 free(cfg_parser->cfg->auths->rpz_log_name); 425 cfg_parser->cfg->auths->rpz_log_name = $2; 426 } 427 ; 428 429 rpzstart: VAR_RPZ 430 { 431 struct config_auth* s; 432 OUTYY(("\nP(rpz:)\n")); 433 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 434 if(s) { 435 s->next = cfg_parser->cfg->auths; 436 cfg_parser->cfg->auths = s; 437 /* defaults for RPZ auth zone */ 438 s->for_downstream = 0; 439 s->for_upstream = 0; 440 s->fallback_enabled = 0; 441 s->isrpz = 1; 442 } else 443 yyerror("out of memory"); 444 } 445 ; 446 contents_rpz: contents_rpz content_rpz 447 | ; 448 content_rpz: auth_name | auth_zonefile | rpz_tag | auth_master | auth_url | 449 auth_allow_notify | rpz_action_override | rpz_cname_override | 450 rpz_log | rpz_log_name 451 ; 452 server_num_threads: VAR_NUM_THREADS STRING_ARG 453 { 454 OUTYY(("P(server_num_threads:%s)\n", $2)); 455 if(atoi($2) == 0 && strcmp($2, "0") != 0) 456 yyerror("number expected"); 457 else cfg_parser->cfg->num_threads = atoi($2); 458 free($2); 459 } 460 ; 461 server_verbosity: VAR_VERBOSITY STRING_ARG 462 { 463 OUTYY(("P(server_verbosity:%s)\n", $2)); 464 if(atoi($2) == 0 && strcmp($2, "0") != 0) 465 yyerror("number expected"); 466 else cfg_parser->cfg->verbosity = atoi($2); 467 free($2); 468 } 469 ; 470 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG 471 { 472 OUTYY(("P(server_statistics_interval:%s)\n", $2)); 473 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 474 cfg_parser->cfg->stat_interval = 0; 475 else if(atoi($2) == 0) 476 yyerror("number expected"); 477 else cfg_parser->cfg->stat_interval = atoi($2); 478 free($2); 479 } 480 ; 481 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG 482 { 483 OUTYY(("P(server_statistics_cumulative:%s)\n", $2)); 484 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 485 yyerror("expected yes or no."); 486 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0); 487 free($2); 488 } 489 ; 490 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG 491 { 492 OUTYY(("P(server_extended_statistics:%s)\n", $2)); 493 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 494 yyerror("expected yes or no."); 495 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0); 496 free($2); 497 } 498 ; 499 server_shm_enable: VAR_SHM_ENABLE STRING_ARG 500 { 501 OUTYY(("P(server_shm_enable:%s)\n", $2)); 502 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 503 yyerror("expected yes or no."); 504 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0); 505 free($2); 506 } 507 ; 508 server_shm_key: VAR_SHM_KEY STRING_ARG 509 { 510 OUTYY(("P(server_shm_key:%s)\n", $2)); 511 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 512 cfg_parser->cfg->shm_key = 0; 513 else if(atoi($2) == 0) 514 yyerror("number expected"); 515 else cfg_parser->cfg->shm_key = atoi($2); 516 free($2); 517 } 518 ; 519 server_port: VAR_PORT STRING_ARG 520 { 521 OUTYY(("P(server_port:%s)\n", $2)); 522 if(atoi($2) == 0) 523 yyerror("port number expected"); 524 else cfg_parser->cfg->port = atoi($2); 525 free($2); 526 } 527 ; 528 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG 529 { 530 #ifdef CLIENT_SUBNET 531 OUTYY(("P(server_send_client_subnet:%s)\n", $2)); 532 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2)) 533 fatal_exit("out of memory adding client-subnet"); 534 #else 535 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 536 free($2); 537 #endif 538 } 539 ; 540 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG 541 { 542 #ifdef CLIENT_SUBNET 543 OUTYY(("P(server_client_subnet_zone:%s)\n", $2)); 544 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone, 545 $2)) 546 fatal_exit("out of memory adding client-subnet-zone"); 547 #else 548 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 549 free($2); 550 #endif 551 } 552 ; 553 server_client_subnet_always_forward: 554 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG 555 { 556 #ifdef CLIENT_SUBNET 557 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2)); 558 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 559 yyerror("expected yes or no."); 560 else 561 cfg_parser->cfg->client_subnet_always_forward = 562 (strcmp($2, "yes")==0); 563 #else 564 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 565 #endif 566 free($2); 567 } 568 ; 569 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG 570 { 571 #ifdef CLIENT_SUBNET 572 OUTYY(("P(client_subnet_opcode:%s)\n", $2)); 573 OUTYY(("P(Deprecated option, ignoring)\n")); 574 #else 575 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 576 #endif 577 free($2); 578 } 579 ; 580 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG 581 { 582 #ifdef CLIENT_SUBNET 583 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2)); 584 if(atoi($2) == 0 && strcmp($2, "0") != 0) 585 yyerror("IPv4 subnet length expected"); 586 else if (atoi($2) > 32) 587 cfg_parser->cfg->max_client_subnet_ipv4 = 32; 588 else if (atoi($2) < 0) 589 cfg_parser->cfg->max_client_subnet_ipv4 = 0; 590 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2); 591 #else 592 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 593 #endif 594 free($2); 595 } 596 ; 597 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG 598 { 599 #ifdef CLIENT_SUBNET 600 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2)); 601 if(atoi($2) == 0 && strcmp($2, "0") != 0) 602 yyerror("Ipv6 subnet length expected"); 603 else if (atoi($2) > 128) 604 cfg_parser->cfg->max_client_subnet_ipv6 = 128; 605 else if (atoi($2) < 0) 606 cfg_parser->cfg->max_client_subnet_ipv6 = 0; 607 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2); 608 #else 609 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 610 #endif 611 free($2); 612 } 613 ; 614 server_min_client_subnet_ipv4: VAR_MIN_CLIENT_SUBNET_IPV4 STRING_ARG 615 { 616 #ifdef CLIENT_SUBNET 617 OUTYY(("P(min_client_subnet_ipv4:%s)\n", $2)); 618 if(atoi($2) == 0 && strcmp($2, "0") != 0) 619 yyerror("IPv4 subnet length expected"); 620 else if (atoi($2) > 32) 621 cfg_parser->cfg->min_client_subnet_ipv4 = 32; 622 else if (atoi($2) < 0) 623 cfg_parser->cfg->min_client_subnet_ipv4 = 0; 624 else cfg_parser->cfg->min_client_subnet_ipv4 = (uint8_t)atoi($2); 625 #else 626 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 627 #endif 628 free($2); 629 } 630 ; 631 server_min_client_subnet_ipv6: VAR_MIN_CLIENT_SUBNET_IPV6 STRING_ARG 632 { 633 #ifdef CLIENT_SUBNET 634 OUTYY(("P(min_client_subnet_ipv6:%s)\n", $2)); 635 if(atoi($2) == 0 && strcmp($2, "0") != 0) 636 yyerror("Ipv6 subnet length expected"); 637 else if (atoi($2) > 128) 638 cfg_parser->cfg->min_client_subnet_ipv6 = 128; 639 else if (atoi($2) < 0) 640 cfg_parser->cfg->min_client_subnet_ipv6 = 0; 641 else cfg_parser->cfg->min_client_subnet_ipv6 = (uint8_t)atoi($2); 642 #else 643 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 644 #endif 645 free($2); 646 } 647 ; 648 server_max_ecs_tree_size_ipv4: VAR_MAX_ECS_TREE_SIZE_IPV4 STRING_ARG 649 { 650 #ifdef CLIENT_SUBNET 651 OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", $2)); 652 if(atoi($2) == 0 && strcmp($2, "0") != 0) 653 yyerror("IPv4 ECS tree size expected"); 654 else if (atoi($2) < 0) 655 cfg_parser->cfg->max_ecs_tree_size_ipv4 = 0; 656 else cfg_parser->cfg->max_ecs_tree_size_ipv4 = (uint32_t)atoi($2); 657 #else 658 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 659 #endif 660 free($2); 661 } 662 ; 663 server_max_ecs_tree_size_ipv6: VAR_MAX_ECS_TREE_SIZE_IPV6 STRING_ARG 664 { 665 #ifdef CLIENT_SUBNET 666 OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", $2)); 667 if(atoi($2) == 0 && strcmp($2, "0") != 0) 668 yyerror("IPv6 ECS tree size expected"); 669 else if (atoi($2) < 0) 670 cfg_parser->cfg->max_ecs_tree_size_ipv6 = 0; 671 else cfg_parser->cfg->max_ecs_tree_size_ipv6 = (uint32_t)atoi($2); 672 #else 673 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 674 #endif 675 free($2); 676 } 677 ; 678 server_interface: VAR_INTERFACE STRING_ARG 679 { 680 OUTYY(("P(server_interface:%s)\n", $2)); 681 if(cfg_parser->cfg->num_ifs == 0) 682 cfg_parser->cfg->ifs = calloc(1, sizeof(char*)); 683 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs, 684 (cfg_parser->cfg->num_ifs+1)*sizeof(char*)); 685 if(!cfg_parser->cfg->ifs) 686 yyerror("out of memory"); 687 else 688 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2; 689 } 690 ; 691 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG 692 { 693 OUTYY(("P(server_outgoing_interface:%s)\n", $2)); 694 if(cfg_parser->cfg->num_out_ifs == 0) 695 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*)); 696 else cfg_parser->cfg->out_ifs = realloc( 697 cfg_parser->cfg->out_ifs, 698 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*)); 699 if(!cfg_parser->cfg->out_ifs) 700 yyerror("out of memory"); 701 else 702 cfg_parser->cfg->out_ifs[ 703 cfg_parser->cfg->num_out_ifs++] = $2; 704 } 705 ; 706 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG 707 { 708 OUTYY(("P(server_outgoing_range:%s)\n", $2)); 709 if(atoi($2) == 0) 710 yyerror("number expected"); 711 else cfg_parser->cfg->outgoing_num_ports = atoi($2); 712 free($2); 713 } 714 ; 715 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG 716 { 717 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2)); 718 if(!cfg_mark_ports($2, 1, 719 cfg_parser->cfg->outgoing_avail_ports, 65536)) 720 yyerror("port number or range (\"low-high\") expected"); 721 free($2); 722 } 723 ; 724 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG 725 { 726 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2)); 727 if(!cfg_mark_ports($2, 0, 728 cfg_parser->cfg->outgoing_avail_ports, 65536)) 729 yyerror("port number or range (\"low-high\") expected"); 730 free($2); 731 } 732 ; 733 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG 734 { 735 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2)); 736 if(atoi($2) == 0 && strcmp($2, "0") != 0) 737 yyerror("number expected"); 738 else cfg_parser->cfg->outgoing_num_tcp = atoi($2); 739 free($2); 740 } 741 ; 742 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG 743 { 744 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2)); 745 if(atoi($2) == 0 && strcmp($2, "0") != 0) 746 yyerror("number expected"); 747 else cfg_parser->cfg->incoming_num_tcp = atoi($2); 748 free($2); 749 } 750 ; 751 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG 752 { 753 OUTYY(("P(server_interface_automatic:%s)\n", $2)); 754 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 755 yyerror("expected yes or no."); 756 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0); 757 free($2); 758 } 759 ; 760 server_do_ip4: VAR_DO_IP4 STRING_ARG 761 { 762 OUTYY(("P(server_do_ip4:%s)\n", $2)); 763 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 764 yyerror("expected yes or no."); 765 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0); 766 free($2); 767 } 768 ; 769 server_do_ip6: VAR_DO_IP6 STRING_ARG 770 { 771 OUTYY(("P(server_do_ip6:%s)\n", $2)); 772 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 773 yyerror("expected yes or no."); 774 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0); 775 free($2); 776 } 777 ; 778 server_do_udp: VAR_DO_UDP STRING_ARG 779 { 780 OUTYY(("P(server_do_udp:%s)\n", $2)); 781 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 782 yyerror("expected yes or no."); 783 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0); 784 free($2); 785 } 786 ; 787 server_do_tcp: VAR_DO_TCP STRING_ARG 788 { 789 OUTYY(("P(server_do_tcp:%s)\n", $2)); 790 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 791 yyerror("expected yes or no."); 792 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0); 793 free($2); 794 } 795 ; 796 server_prefer_ip4: VAR_PREFER_IP4 STRING_ARG 797 { 798 OUTYY(("P(server_prefer_ip4:%s)\n", $2)); 799 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 800 yyerror("expected yes or no."); 801 else cfg_parser->cfg->prefer_ip4 = (strcmp($2, "yes")==0); 802 free($2); 803 } 804 ; 805 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG 806 { 807 OUTYY(("P(server_prefer_ip6:%s)\n", $2)); 808 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 809 yyerror("expected yes or no."); 810 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0); 811 free($2); 812 } 813 ; 814 server_tcp_mss: VAR_TCP_MSS STRING_ARG 815 { 816 OUTYY(("P(server_tcp_mss:%s)\n", $2)); 817 if(atoi($2) == 0 && strcmp($2, "0") != 0) 818 yyerror("number expected"); 819 else cfg_parser->cfg->tcp_mss = atoi($2); 820 free($2); 821 } 822 ; 823 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG 824 { 825 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2)); 826 if(atoi($2) == 0 && strcmp($2, "0") != 0) 827 yyerror("number expected"); 828 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2); 829 free($2); 830 } 831 ; 832 server_tcp_idle_timeout: VAR_TCP_IDLE_TIMEOUT STRING_ARG 833 { 834 OUTYY(("P(server_tcp_idle_timeout:%s)\n", $2)); 835 if(atoi($2) == 0 && strcmp($2, "0") != 0) 836 yyerror("number expected"); 837 else if (atoi($2) > 120000) 838 cfg_parser->cfg->tcp_idle_timeout = 120000; 839 else if (atoi($2) < 1) 840 cfg_parser->cfg->tcp_idle_timeout = 1; 841 else cfg_parser->cfg->tcp_idle_timeout = atoi($2); 842 free($2); 843 } 844 ; 845 server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG 846 { 847 OUTYY(("P(server_tcp_keepalive:%s)\n", $2)); 848 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 849 yyerror("expected yes or no."); 850 else cfg_parser->cfg->do_tcp_keepalive = (strcmp($2, "yes")==0); 851 free($2); 852 } 853 ; 854 server_tcp_keepalive_timeout: VAR_EDNS_TCP_KEEPALIVE_TIMEOUT STRING_ARG 855 { 856 OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", $2)); 857 if(atoi($2) == 0 && strcmp($2, "0") != 0) 858 yyerror("number expected"); 859 else if (atoi($2) > 6553500) 860 cfg_parser->cfg->tcp_keepalive_timeout = 6553500; 861 else if (atoi($2) < 1) 862 cfg_parser->cfg->tcp_keepalive_timeout = 0; 863 else cfg_parser->cfg->tcp_keepalive_timeout = atoi($2); 864 free($2); 865 } 866 ; 867 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG 868 { 869 OUTYY(("P(server_tcp_upstream:%s)\n", $2)); 870 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 871 yyerror("expected yes or no."); 872 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0); 873 free($2); 874 } 875 ; 876 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG 877 { 878 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2)); 879 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 880 yyerror("expected yes or no."); 881 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0); 882 free($2); 883 } 884 ; 885 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG 886 { 887 OUTYY(("P(server_ssl_upstream:%s)\n", $2)); 888 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 889 yyerror("expected yes or no."); 890 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0); 891 free($2); 892 } 893 ; 894 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG 895 { 896 OUTYY(("P(server_ssl_service_key:%s)\n", $2)); 897 free(cfg_parser->cfg->ssl_service_key); 898 cfg_parser->cfg->ssl_service_key = $2; 899 } 900 ; 901 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG 902 { 903 OUTYY(("P(server_ssl_service_pem:%s)\n", $2)); 904 free(cfg_parser->cfg->ssl_service_pem); 905 cfg_parser->cfg->ssl_service_pem = $2; 906 } 907 ; 908 server_ssl_port: VAR_SSL_PORT STRING_ARG 909 { 910 OUTYY(("P(server_ssl_port:%s)\n", $2)); 911 if(atoi($2) == 0) 912 yyerror("port number expected"); 913 else cfg_parser->cfg->ssl_port = atoi($2); 914 free($2); 915 } 916 ; 917 server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG 918 { 919 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2)); 920 free(cfg_parser->cfg->tls_cert_bundle); 921 cfg_parser->cfg->tls_cert_bundle = $2; 922 } 923 ; 924 server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG 925 { 926 OUTYY(("P(server_tls_win_cert:%s)\n", $2)); 927 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 928 yyerror("expected yes or no."); 929 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0); 930 free($2); 931 } 932 ; 933 server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG 934 { 935 OUTYY(("P(server_tls_additional_port:%s)\n", $2)); 936 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port, 937 $2)) 938 yyerror("out of memory"); 939 } 940 ; 941 server_tls_ciphers: VAR_TLS_CIPHERS STRING_ARG 942 { 943 OUTYY(("P(server_tls_ciphers:%s)\n", $2)); 944 free(cfg_parser->cfg->tls_ciphers); 945 cfg_parser->cfg->tls_ciphers = $2; 946 } 947 ; 948 server_tls_ciphersuites: VAR_TLS_CIPHERSUITES STRING_ARG 949 { 950 OUTYY(("P(server_tls_ciphersuites:%s)\n", $2)); 951 free(cfg_parser->cfg->tls_ciphersuites); 952 cfg_parser->cfg->tls_ciphersuites = $2; 953 } 954 ; 955 server_tls_session_ticket_keys: VAR_TLS_SESSION_TICKET_KEYS STRING_ARG 956 { 957 OUTYY(("P(server_tls_session_ticket_keys:%s)\n", $2)); 958 if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys, 959 $2)) 960 yyerror("out of memory"); 961 } 962 ; 963 server_tls_use_sni: VAR_TLS_USE_SNI STRING_ARG 964 { 965 OUTYY(("P(server_tls_use_sni:%s)\n", $2)); 966 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 967 yyerror("expected yes or no."); 968 else cfg_parser->cfg->tls_use_sni = (strcmp($2, "yes")==0); 969 free($2); 970 } 971 ; 972 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG 973 { 974 OUTYY(("P(server_use_systemd:%s)\n", $2)); 975 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 976 yyerror("expected yes or no."); 977 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0); 978 free($2); 979 } 980 ; 981 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG 982 { 983 OUTYY(("P(server_do_daemonize:%s)\n", $2)); 984 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 985 yyerror("expected yes or no."); 986 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0); 987 free($2); 988 } 989 ; 990 server_use_syslog: VAR_USE_SYSLOG STRING_ARG 991 { 992 OUTYY(("P(server_use_syslog:%s)\n", $2)); 993 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 994 yyerror("expected yes or no."); 995 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0); 996 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS) 997 if(strcmp($2, "yes") == 0) 998 yyerror("no syslog services are available. " 999 "(reconfigure and compile to add)"); 1000 #endif 1001 free($2); 1002 } 1003 ; 1004 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG 1005 { 1006 OUTYY(("P(server_log_time_ascii:%s)\n", $2)); 1007 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1008 yyerror("expected yes or no."); 1009 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0); 1010 free($2); 1011 } 1012 ; 1013 server_log_queries: VAR_LOG_QUERIES STRING_ARG 1014 { 1015 OUTYY(("P(server_log_queries:%s)\n", $2)); 1016 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1017 yyerror("expected yes or no."); 1018 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0); 1019 free($2); 1020 } 1021 ; 1022 server_log_replies: VAR_LOG_REPLIES STRING_ARG 1023 { 1024 OUTYY(("P(server_log_replies:%s)\n", $2)); 1025 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1026 yyerror("expected yes or no."); 1027 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0); 1028 free($2); 1029 } 1030 ; 1031 server_log_tag_queryreply: VAR_LOG_TAG_QUERYREPLY STRING_ARG 1032 { 1033 OUTYY(("P(server_log_tag_queryreply:%s)\n", $2)); 1034 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1035 yyerror("expected yes or no."); 1036 else cfg_parser->cfg->log_tag_queryreply = (strcmp($2, "yes")==0); 1037 free($2); 1038 } 1039 ; 1040 server_log_servfail: VAR_LOG_SERVFAIL STRING_ARG 1041 { 1042 OUTYY(("P(server_log_servfail:%s)\n", $2)); 1043 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1044 yyerror("expected yes or no."); 1045 else cfg_parser->cfg->log_servfail = (strcmp($2, "yes")==0); 1046 free($2); 1047 } 1048 ; 1049 server_log_local_actions: VAR_LOG_LOCAL_ACTIONS STRING_ARG 1050 { 1051 OUTYY(("P(server_log_local_actions:%s)\n", $2)); 1052 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1053 yyerror("expected yes or no."); 1054 else cfg_parser->cfg->log_local_actions = (strcmp($2, "yes")==0); 1055 free($2); 1056 } 1057 ; 1058 server_chroot: VAR_CHROOT STRING_ARG 1059 { 1060 OUTYY(("P(server_chroot:%s)\n", $2)); 1061 free(cfg_parser->cfg->chrootdir); 1062 cfg_parser->cfg->chrootdir = $2; 1063 } 1064 ; 1065 server_username: VAR_USERNAME STRING_ARG 1066 { 1067 OUTYY(("P(server_username:%s)\n", $2)); 1068 free(cfg_parser->cfg->username); 1069 cfg_parser->cfg->username = $2; 1070 } 1071 ; 1072 server_directory: VAR_DIRECTORY STRING_ARG 1073 { 1074 OUTYY(("P(server_directory:%s)\n", $2)); 1075 free(cfg_parser->cfg->directory); 1076 cfg_parser->cfg->directory = $2; 1077 /* change there right away for includes relative to this */ 1078 if($2[0]) { 1079 char* d; 1080 #ifdef UB_ON_WINDOWS 1081 w_config_adjust_directory(cfg_parser->cfg); 1082 #endif 1083 d = cfg_parser->cfg->directory; 1084 /* adjust directory if we have already chroot, 1085 * like, we reread after sighup */ 1086 if(cfg_parser->chroot && cfg_parser->chroot[0] && 1087 strncmp(d, cfg_parser->chroot, strlen( 1088 cfg_parser->chroot)) == 0) 1089 d += strlen(cfg_parser->chroot); 1090 if(d[0]) { 1091 if(chdir(d)) 1092 log_err("cannot chdir to directory: %s (%s)", 1093 d, strerror(errno)); 1094 } 1095 } 1096 } 1097 ; 1098 server_logfile: VAR_LOGFILE STRING_ARG 1099 { 1100 OUTYY(("P(server_logfile:%s)\n", $2)); 1101 free(cfg_parser->cfg->logfile); 1102 cfg_parser->cfg->logfile = $2; 1103 cfg_parser->cfg->use_syslog = 0; 1104 } 1105 ; 1106 server_pidfile: VAR_PIDFILE STRING_ARG 1107 { 1108 OUTYY(("P(server_pidfile:%s)\n", $2)); 1109 free(cfg_parser->cfg->pidfile); 1110 cfg_parser->cfg->pidfile = $2; 1111 } 1112 ; 1113 server_root_hints: VAR_ROOT_HINTS STRING_ARG 1114 { 1115 OUTYY(("P(server_root_hints:%s)\n", $2)); 1116 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2)) 1117 yyerror("out of memory"); 1118 } 1119 ; 1120 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG 1121 { 1122 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2)); 1123 free(cfg_parser->cfg->dlv_anchor_file); 1124 cfg_parser->cfg->dlv_anchor_file = $2; 1125 } 1126 ; 1127 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG 1128 { 1129 OUTYY(("P(server_dlv_anchor:%s)\n", $2)); 1130 if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, $2)) 1131 yyerror("out of memory"); 1132 } 1133 ; 1134 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG 1135 { 1136 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2)); 1137 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1138 auto_trust_anchor_file_list, $2)) 1139 yyerror("out of memory"); 1140 } 1141 ; 1142 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG 1143 { 1144 OUTYY(("P(server_trust_anchor_file:%s)\n", $2)); 1145 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1146 trust_anchor_file_list, $2)) 1147 yyerror("out of memory"); 1148 } 1149 ; 1150 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG 1151 { 1152 OUTYY(("P(server_trusted_keys_file:%s)\n", $2)); 1153 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1154 trusted_keys_file_list, $2)) 1155 yyerror("out of memory"); 1156 } 1157 ; 1158 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG 1159 { 1160 OUTYY(("P(server_trust_anchor:%s)\n", $2)); 1161 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2)) 1162 yyerror("out of memory"); 1163 } 1164 ; 1165 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG 1166 { 1167 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2)); 1168 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1169 yyerror("expected yes or no."); 1170 else 1171 cfg_parser->cfg->trust_anchor_signaling = 1172 (strcmp($2, "yes")==0); 1173 free($2); 1174 } 1175 ; 1176 server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG 1177 { 1178 OUTYY(("P(server_root_key_sentinel:%s)\n", $2)); 1179 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1180 yyerror("expected yes or no."); 1181 else 1182 cfg_parser->cfg->root_key_sentinel = 1183 (strcmp($2, "yes")==0); 1184 free($2); 1185 } 1186 ; 1187 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG 1188 { 1189 OUTYY(("P(server_domain_insecure:%s)\n", $2)); 1190 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2)) 1191 yyerror("out of memory"); 1192 } 1193 ; 1194 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG 1195 { 1196 OUTYY(("P(server_hide_identity:%s)\n", $2)); 1197 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1198 yyerror("expected yes or no."); 1199 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0); 1200 free($2); 1201 } 1202 ; 1203 server_hide_version: VAR_HIDE_VERSION STRING_ARG 1204 { 1205 OUTYY(("P(server_hide_version:%s)\n", $2)); 1206 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1207 yyerror("expected yes or no."); 1208 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0); 1209 free($2); 1210 } 1211 ; 1212 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG 1213 { 1214 OUTYY(("P(server_hide_trustanchor:%s)\n", $2)); 1215 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1216 yyerror("expected yes or no."); 1217 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0); 1218 free($2); 1219 } 1220 ; 1221 server_identity: VAR_IDENTITY STRING_ARG 1222 { 1223 OUTYY(("P(server_identity:%s)\n", $2)); 1224 free(cfg_parser->cfg->identity); 1225 cfg_parser->cfg->identity = $2; 1226 } 1227 ; 1228 server_version: VAR_VERSION STRING_ARG 1229 { 1230 OUTYY(("P(server_version:%s)\n", $2)); 1231 free(cfg_parser->cfg->version); 1232 cfg_parser->cfg->version = $2; 1233 } 1234 ; 1235 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG 1236 { 1237 OUTYY(("P(server_so_rcvbuf:%s)\n", $2)); 1238 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf)) 1239 yyerror("buffer size expected"); 1240 free($2); 1241 } 1242 ; 1243 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG 1244 { 1245 OUTYY(("P(server_so_sndbuf:%s)\n", $2)); 1246 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf)) 1247 yyerror("buffer size expected"); 1248 free($2); 1249 } 1250 ; 1251 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG 1252 { 1253 OUTYY(("P(server_so_reuseport:%s)\n", $2)); 1254 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1255 yyerror("expected yes or no."); 1256 else cfg_parser->cfg->so_reuseport = 1257 (strcmp($2, "yes")==0); 1258 free($2); 1259 } 1260 ; 1261 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG 1262 { 1263 OUTYY(("P(server_ip_transparent:%s)\n", $2)); 1264 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1265 yyerror("expected yes or no."); 1266 else cfg_parser->cfg->ip_transparent = 1267 (strcmp($2, "yes")==0); 1268 free($2); 1269 } 1270 ; 1271 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG 1272 { 1273 OUTYY(("P(server_ip_freebind:%s)\n", $2)); 1274 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1275 yyerror("expected yes or no."); 1276 else cfg_parser->cfg->ip_freebind = 1277 (strcmp($2, "yes")==0); 1278 free($2); 1279 } 1280 ; 1281 server_ip_dscp: VAR_IP_DSCP STRING_ARG 1282 { 1283 OUTYY(("P(server_ip_dscp:%s)\n", $2)); 1284 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1285 yyerror("number expected"); 1286 else if (atoi($2) > 63) 1287 yyerror("value too large (max 63)"); 1288 else if (atoi($2) < 0) 1289 yyerror("value too small (min 0)"); 1290 else 1291 cfg_parser->cfg->ip_dscp = atoi($2); 1292 free($2); 1293 } 1294 ; 1295 server_stream_wait_size: VAR_STREAM_WAIT_SIZE STRING_ARG 1296 { 1297 OUTYY(("P(server_stream_wait_size:%s)\n", $2)); 1298 if(!cfg_parse_memsize($2, &cfg_parser->cfg->stream_wait_size)) 1299 yyerror("memory size expected"); 1300 free($2); 1301 } 1302 ; 1303 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG 1304 { 1305 OUTYY(("P(server_edns_buffer_size:%s)\n", $2)); 1306 if(atoi($2) == 0) 1307 yyerror("number expected"); 1308 else if (atoi($2) < 12) 1309 yyerror("edns buffer size too small"); 1310 else if (atoi($2) > 65535) 1311 cfg_parser->cfg->edns_buffer_size = 65535; 1312 else cfg_parser->cfg->edns_buffer_size = atoi($2); 1313 free($2); 1314 } 1315 ; 1316 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG 1317 { 1318 OUTYY(("P(server_msg_buffer_size:%s)\n", $2)); 1319 if(atoi($2) == 0) 1320 yyerror("number expected"); 1321 else if (atoi($2) < 4096) 1322 yyerror("message buffer size too small (use 4096)"); 1323 else cfg_parser->cfg->msg_buffer_size = atoi($2); 1324 free($2); 1325 } 1326 ; 1327 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG 1328 { 1329 OUTYY(("P(server_msg_cache_size:%s)\n", $2)); 1330 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size)) 1331 yyerror("memory size expected"); 1332 free($2); 1333 } 1334 ; 1335 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG 1336 { 1337 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2)); 1338 if(atoi($2) == 0) 1339 yyerror("number expected"); 1340 else { 1341 cfg_parser->cfg->msg_cache_slabs = atoi($2); 1342 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs)) 1343 yyerror("must be a power of 2"); 1344 } 1345 free($2); 1346 } 1347 ; 1348 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG 1349 { 1350 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2)); 1351 if(atoi($2) == 0) 1352 yyerror("number expected"); 1353 else cfg_parser->cfg->num_queries_per_thread = atoi($2); 1354 free($2); 1355 } 1356 ; 1357 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG 1358 { 1359 OUTYY(("P(server_jostle_timeout:%s)\n", $2)); 1360 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1361 yyerror("number expected"); 1362 else cfg_parser->cfg->jostle_time = atoi($2); 1363 free($2); 1364 } 1365 ; 1366 server_delay_close: VAR_DELAY_CLOSE STRING_ARG 1367 { 1368 OUTYY(("P(server_delay_close:%s)\n", $2)); 1369 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1370 yyerror("number expected"); 1371 else cfg_parser->cfg->delay_close = atoi($2); 1372 free($2); 1373 } 1374 ; 1375 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG 1376 { 1377 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2)); 1378 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1379 yyerror("expected yes or no."); 1380 else cfg_parser->cfg->unblock_lan_zones = 1381 (strcmp($2, "yes")==0); 1382 free($2); 1383 } 1384 ; 1385 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG 1386 { 1387 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2)); 1388 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1389 yyerror("expected yes or no."); 1390 else cfg_parser->cfg->insecure_lan_zones = 1391 (strcmp($2, "yes")==0); 1392 free($2); 1393 } 1394 ; 1395 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG 1396 { 1397 OUTYY(("P(server_rrset_cache_size:%s)\n", $2)); 1398 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size)) 1399 yyerror("memory size expected"); 1400 free($2); 1401 } 1402 ; 1403 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG 1404 { 1405 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2)); 1406 if(atoi($2) == 0) 1407 yyerror("number expected"); 1408 else { 1409 cfg_parser->cfg->rrset_cache_slabs = atoi($2); 1410 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs)) 1411 yyerror("must be a power of 2"); 1412 } 1413 free($2); 1414 } 1415 ; 1416 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG 1417 { 1418 OUTYY(("P(server_infra_host_ttl:%s)\n", $2)); 1419 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1420 yyerror("number expected"); 1421 else cfg_parser->cfg->host_ttl = atoi($2); 1422 free($2); 1423 } 1424 ; 1425 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG 1426 { 1427 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2)); 1428 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option " 1429 "removed, use infra-host-ttl)", $2); 1430 free($2); 1431 } 1432 ; 1433 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG 1434 { 1435 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2)); 1436 if(atoi($2) == 0) 1437 yyerror("number expected"); 1438 else cfg_parser->cfg->infra_cache_numhosts = atoi($2); 1439 free($2); 1440 } 1441 ; 1442 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG 1443 { 1444 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2)); 1445 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s " 1446 "(option removed, use infra-cache-numhosts)", $2); 1447 free($2); 1448 } 1449 ; 1450 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG 1451 { 1452 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2)); 1453 if(atoi($2) == 0) 1454 yyerror("number expected"); 1455 else { 1456 cfg_parser->cfg->infra_cache_slabs = atoi($2); 1457 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs)) 1458 yyerror("must be a power of 2"); 1459 } 1460 free($2); 1461 } 1462 ; 1463 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG 1464 { 1465 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2)); 1466 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1467 yyerror("number expected"); 1468 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2); 1469 free($2); 1470 } 1471 ; 1472 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG 1473 { 1474 OUTYY(("P(server_target_fetch_policy:%s)\n", $2)); 1475 free(cfg_parser->cfg->target_fetch_policy); 1476 cfg_parser->cfg->target_fetch_policy = $2; 1477 } 1478 ; 1479 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG 1480 { 1481 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2)); 1482 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1483 yyerror("expected yes or no."); 1484 else cfg_parser->cfg->harden_short_bufsize = 1485 (strcmp($2, "yes")==0); 1486 free($2); 1487 } 1488 ; 1489 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG 1490 { 1491 OUTYY(("P(server_harden_large_queries:%s)\n", $2)); 1492 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1493 yyerror("expected yes or no."); 1494 else cfg_parser->cfg->harden_large_queries = 1495 (strcmp($2, "yes")==0); 1496 free($2); 1497 } 1498 ; 1499 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG 1500 { 1501 OUTYY(("P(server_harden_glue:%s)\n", $2)); 1502 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1503 yyerror("expected yes or no."); 1504 else cfg_parser->cfg->harden_glue = 1505 (strcmp($2, "yes")==0); 1506 free($2); 1507 } 1508 ; 1509 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG 1510 { 1511 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2)); 1512 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1513 yyerror("expected yes or no."); 1514 else cfg_parser->cfg->harden_dnssec_stripped = 1515 (strcmp($2, "yes")==0); 1516 free($2); 1517 } 1518 ; 1519 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG 1520 { 1521 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2)); 1522 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1523 yyerror("expected yes or no."); 1524 else cfg_parser->cfg->harden_below_nxdomain = 1525 (strcmp($2, "yes")==0); 1526 free($2); 1527 } 1528 ; 1529 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG 1530 { 1531 OUTYY(("P(server_harden_referral_path:%s)\n", $2)); 1532 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1533 yyerror("expected yes or no."); 1534 else cfg_parser->cfg->harden_referral_path = 1535 (strcmp($2, "yes")==0); 1536 free($2); 1537 } 1538 ; 1539 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG 1540 { 1541 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2)); 1542 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1543 yyerror("expected yes or no."); 1544 else cfg_parser->cfg->harden_algo_downgrade = 1545 (strcmp($2, "yes")==0); 1546 free($2); 1547 } 1548 ; 1549 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG 1550 { 1551 OUTYY(("P(server_use_caps_for_id:%s)\n", $2)); 1552 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1553 yyerror("expected yes or no."); 1554 else cfg_parser->cfg->use_caps_bits_for_id = 1555 (strcmp($2, "yes")==0); 1556 free($2); 1557 } 1558 ; 1559 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG 1560 { 1561 OUTYY(("P(server_caps_whitelist:%s)\n", $2)); 1562 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2)) 1563 yyerror("out of memory"); 1564 } 1565 ; 1566 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG 1567 { 1568 OUTYY(("P(server_private_address:%s)\n", $2)); 1569 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2)) 1570 yyerror("out of memory"); 1571 } 1572 ; 1573 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG 1574 { 1575 OUTYY(("P(server_private_domain:%s)\n", $2)); 1576 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2)) 1577 yyerror("out of memory"); 1578 } 1579 ; 1580 server_prefetch: VAR_PREFETCH STRING_ARG 1581 { 1582 OUTYY(("P(server_prefetch:%s)\n", $2)); 1583 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1584 yyerror("expected yes or no."); 1585 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0); 1586 free($2); 1587 } 1588 ; 1589 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG 1590 { 1591 OUTYY(("P(server_prefetch_key:%s)\n", $2)); 1592 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1593 yyerror("expected yes or no."); 1594 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0); 1595 free($2); 1596 } 1597 ; 1598 server_deny_any: VAR_DENY_ANY STRING_ARG 1599 { 1600 OUTYY(("P(server_deny_any:%s)\n", $2)); 1601 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1602 yyerror("expected yes or no."); 1603 else cfg_parser->cfg->deny_any = (strcmp($2, "yes")==0); 1604 free($2); 1605 } 1606 ; 1607 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG 1608 { 1609 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2)); 1610 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1611 yyerror("number expected"); 1612 else cfg_parser->cfg->unwanted_threshold = atoi($2); 1613 free($2); 1614 } 1615 ; 1616 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG 1617 { 1618 OUTYY(("P(server_do_not_query_address:%s)\n", $2)); 1619 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2)) 1620 yyerror("out of memory"); 1621 } 1622 ; 1623 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG 1624 { 1625 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2)); 1626 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1627 yyerror("expected yes or no."); 1628 else cfg_parser->cfg->donotquery_localhost = 1629 (strcmp($2, "yes")==0); 1630 free($2); 1631 } 1632 ; 1633 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG 1634 { 1635 OUTYY(("P(server_access_control:%s %s)\n", $2, $3)); 1636 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 && 1637 strcmp($3, "deny_non_local")!=0 && 1638 strcmp($3, "refuse_non_local")!=0 && 1639 strcmp($3, "allow_setrd")!=0 && 1640 strcmp($3, "allow")!=0 && 1641 strcmp($3, "allow_snoop")!=0) { 1642 yyerror("expected deny, refuse, deny_non_local, " 1643 "refuse_non_local, allow, allow_setrd or " 1644 "allow_snoop in access control action"); 1645 free($2); 1646 free($3); 1647 } else { 1648 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3)) 1649 fatal_exit("out of memory adding acl"); 1650 } 1651 } 1652 ; 1653 server_module_conf: VAR_MODULE_CONF STRING_ARG 1654 { 1655 OUTYY(("P(server_module_conf:%s)\n", $2)); 1656 free(cfg_parser->cfg->module_conf); 1657 cfg_parser->cfg->module_conf = $2; 1658 } 1659 ; 1660 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG 1661 { 1662 OUTYY(("P(server_val_override_date:%s)\n", $2)); 1663 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1664 cfg_parser->cfg->val_date_override = 0; 1665 } else if(strlen($2) == 14) { 1666 cfg_parser->cfg->val_date_override = 1667 cfg_convert_timeval($2); 1668 if(!cfg_parser->cfg->val_date_override) 1669 yyerror("bad date/time specification"); 1670 } else { 1671 if(atoi($2) == 0) 1672 yyerror("number expected"); 1673 cfg_parser->cfg->val_date_override = atoi($2); 1674 } 1675 free($2); 1676 } 1677 ; 1678 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG 1679 { 1680 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2)); 1681 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1682 cfg_parser->cfg->val_sig_skew_min = 0; 1683 } else { 1684 cfg_parser->cfg->val_sig_skew_min = atoi($2); 1685 if(!cfg_parser->cfg->val_sig_skew_min) 1686 yyerror("number expected"); 1687 } 1688 free($2); 1689 } 1690 ; 1691 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG 1692 { 1693 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2)); 1694 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1695 cfg_parser->cfg->val_sig_skew_max = 0; 1696 } else { 1697 cfg_parser->cfg->val_sig_skew_max = atoi($2); 1698 if(!cfg_parser->cfg->val_sig_skew_max) 1699 yyerror("number expected"); 1700 } 1701 free($2); 1702 } 1703 ; 1704 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG 1705 { 1706 OUTYY(("P(server_cache_max_ttl:%s)\n", $2)); 1707 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1708 yyerror("number expected"); 1709 else cfg_parser->cfg->max_ttl = atoi($2); 1710 free($2); 1711 } 1712 ; 1713 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG 1714 { 1715 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2)); 1716 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1717 yyerror("number expected"); 1718 else cfg_parser->cfg->max_negative_ttl = atoi($2); 1719 free($2); 1720 } 1721 ; 1722 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG 1723 { 1724 OUTYY(("P(server_cache_min_ttl:%s)\n", $2)); 1725 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1726 yyerror("number expected"); 1727 else cfg_parser->cfg->min_ttl = atoi($2); 1728 free($2); 1729 } 1730 ; 1731 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG 1732 { 1733 OUTYY(("P(server_bogus_ttl:%s)\n", $2)); 1734 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1735 yyerror("number expected"); 1736 else cfg_parser->cfg->bogus_ttl = atoi($2); 1737 free($2); 1738 } 1739 ; 1740 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG 1741 { 1742 OUTYY(("P(server_val_clean_additional:%s)\n", $2)); 1743 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1744 yyerror("expected yes or no."); 1745 else cfg_parser->cfg->val_clean_additional = 1746 (strcmp($2, "yes")==0); 1747 free($2); 1748 } 1749 ; 1750 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG 1751 { 1752 OUTYY(("P(server_val_permissive_mode:%s)\n", $2)); 1753 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1754 yyerror("expected yes or no."); 1755 else cfg_parser->cfg->val_permissive_mode = 1756 (strcmp($2, "yes")==0); 1757 free($2); 1758 } 1759 ; 1760 server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG 1761 { 1762 OUTYY(("P(server_aggressive_nsec:%s)\n", $2)); 1763 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1764 yyerror("expected yes or no."); 1765 else 1766 cfg_parser->cfg->aggressive_nsec = 1767 (strcmp($2, "yes")==0); 1768 free($2); 1769 } 1770 ; 1771 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG 1772 { 1773 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2)); 1774 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1775 yyerror("expected yes or no."); 1776 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0); 1777 free($2); 1778 } 1779 ; 1780 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG 1781 { 1782 OUTYY(("P(server_serve_expired:%s)\n", $2)); 1783 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1784 yyerror("expected yes or no."); 1785 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0); 1786 free($2); 1787 } 1788 ; 1789 server_serve_expired_ttl: VAR_SERVE_EXPIRED_TTL STRING_ARG 1790 { 1791 OUTYY(("P(server_serve_expired_ttl:%s)\n", $2)); 1792 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1793 yyerror("number expected"); 1794 else cfg_parser->cfg->serve_expired_ttl = atoi($2); 1795 free($2); 1796 } 1797 ; 1798 server_serve_expired_ttl_reset: VAR_SERVE_EXPIRED_TTL_RESET STRING_ARG 1799 { 1800 OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", $2)); 1801 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1802 yyerror("expected yes or no."); 1803 else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp($2, "yes")==0); 1804 free($2); 1805 } 1806 ; 1807 server_serve_expired_reply_ttl: VAR_SERVE_EXPIRED_REPLY_TTL STRING_ARG 1808 { 1809 OUTYY(("P(server_serve_expired_reply_ttl:%s)\n", $2)); 1810 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1811 yyerror("number expected"); 1812 else cfg_parser->cfg->serve_expired_reply_ttl = atoi($2); 1813 free($2); 1814 } 1815 ; 1816 server_serve_expired_client_timeout: VAR_SERVE_EXPIRED_CLIENT_TIMEOUT STRING_ARG 1817 { 1818 OUTYY(("P(server_serve_expired_client_timeout:%s)\n", $2)); 1819 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1820 yyerror("number expected"); 1821 else cfg_parser->cfg->serve_expired_client_timeout = atoi($2); 1822 free($2); 1823 } 1824 ; 1825 server_fake_dsa: VAR_FAKE_DSA STRING_ARG 1826 { 1827 OUTYY(("P(server_fake_dsa:%s)\n", $2)); 1828 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1829 yyerror("expected yes or no."); 1830 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 1831 else fake_dsa = (strcmp($2, "yes")==0); 1832 if(fake_dsa) 1833 log_warn("test option fake_dsa is enabled"); 1834 #endif 1835 free($2); 1836 } 1837 ; 1838 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG 1839 { 1840 OUTYY(("P(server_fake_sha1:%s)\n", $2)); 1841 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1842 yyerror("expected yes or no."); 1843 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 1844 else fake_sha1 = (strcmp($2, "yes")==0); 1845 if(fake_sha1) 1846 log_warn("test option fake_sha1 is enabled"); 1847 #endif 1848 free($2); 1849 } 1850 ; 1851 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG 1852 { 1853 OUTYY(("P(server_val_log_level:%s)\n", $2)); 1854 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1855 yyerror("number expected"); 1856 else cfg_parser->cfg->val_log_level = atoi($2); 1857 free($2); 1858 } 1859 ; 1860 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG 1861 { 1862 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2)); 1863 free(cfg_parser->cfg->val_nsec3_key_iterations); 1864 cfg_parser->cfg->val_nsec3_key_iterations = $2; 1865 } 1866 ; 1867 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG 1868 { 1869 OUTYY(("P(server_add_holddown:%s)\n", $2)); 1870 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1871 yyerror("number expected"); 1872 else cfg_parser->cfg->add_holddown = atoi($2); 1873 free($2); 1874 } 1875 ; 1876 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG 1877 { 1878 OUTYY(("P(server_del_holddown:%s)\n", $2)); 1879 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1880 yyerror("number expected"); 1881 else cfg_parser->cfg->del_holddown = atoi($2); 1882 free($2); 1883 } 1884 ; 1885 server_keep_missing: VAR_KEEP_MISSING STRING_ARG 1886 { 1887 OUTYY(("P(server_keep_missing:%s)\n", $2)); 1888 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1889 yyerror("number expected"); 1890 else cfg_parser->cfg->keep_missing = atoi($2); 1891 free($2); 1892 } 1893 ; 1894 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG 1895 { 1896 OUTYY(("P(server_permit_small_holddown:%s)\n", $2)); 1897 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1898 yyerror("expected yes or no."); 1899 else cfg_parser->cfg->permit_small_holddown = 1900 (strcmp($2, "yes")==0); 1901 free($2); 1902 } 1903 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG 1904 { 1905 OUTYY(("P(server_key_cache_size:%s)\n", $2)); 1906 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size)) 1907 yyerror("memory size expected"); 1908 free($2); 1909 } 1910 ; 1911 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG 1912 { 1913 OUTYY(("P(server_key_cache_slabs:%s)\n", $2)); 1914 if(atoi($2) == 0) 1915 yyerror("number expected"); 1916 else { 1917 cfg_parser->cfg->key_cache_slabs = atoi($2); 1918 if(!is_pow2(cfg_parser->cfg->key_cache_slabs)) 1919 yyerror("must be a power of 2"); 1920 } 1921 free($2); 1922 } 1923 ; 1924 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG 1925 { 1926 OUTYY(("P(server_neg_cache_size:%s)\n", $2)); 1927 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size)) 1928 yyerror("memory size expected"); 1929 free($2); 1930 } 1931 ; 1932 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 1933 { 1934 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3)); 1935 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 1936 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 1937 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 1938 && strcmp($3, "typetransparent")!=0 1939 && strcmp($3, "always_transparent")!=0 1940 && strcmp($3, "always_refuse")!=0 1941 && strcmp($3, "always_nxdomain")!=0 1942 && strcmp($3, "noview")!=0 1943 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 1944 && strcmp($3, "inform_redirect") != 0 1945 && strcmp($3, "ipset") != 0) { 1946 yyerror("local-zone type: expected static, deny, " 1947 "refuse, redirect, transparent, " 1948 "typetransparent, inform, inform_deny, " 1949 "inform_redirect, always_transparent, " 1950 "always_refuse, always_nxdomain, noview " 1951 ", nodefault or ipset"); 1952 free($2); 1953 free($3); 1954 } else if(strcmp($3, "nodefault")==0) { 1955 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1956 local_zones_nodefault, $2)) 1957 fatal_exit("out of memory adding local-zone"); 1958 free($3); 1959 #ifdef USE_IPSET 1960 } else if(strcmp($3, "ipset")==0) { 1961 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1962 local_zones_ipset, $2)) 1963 fatal_exit("out of memory adding local-zone"); 1964 free($3); 1965 #endif 1966 } else { 1967 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones, 1968 $2, $3)) 1969 fatal_exit("out of memory adding local-zone"); 1970 } 1971 } 1972 ; 1973 server_local_data: VAR_LOCAL_DATA STRING_ARG 1974 { 1975 OUTYY(("P(server_local_data:%s)\n", $2)); 1976 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2)) 1977 fatal_exit("out of memory adding local-data"); 1978 } 1979 ; 1980 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 1981 { 1982 char* ptr; 1983 OUTYY(("P(server_local_data_ptr:%s)\n", $2)); 1984 ptr = cfg_ptr_reverse($2); 1985 free($2); 1986 if(ptr) { 1987 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1988 local_data, ptr)) 1989 fatal_exit("out of memory adding local-data"); 1990 } else { 1991 yyerror("local-data-ptr could not be reversed"); 1992 } 1993 } 1994 ; 1995 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG 1996 { 1997 OUTYY(("P(server_minimal_responses:%s)\n", $2)); 1998 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1999 yyerror("expected yes or no."); 2000 else cfg_parser->cfg->minimal_responses = 2001 (strcmp($2, "yes")==0); 2002 free($2); 2003 } 2004 ; 2005 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG 2006 { 2007 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2)); 2008 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2009 yyerror("expected yes or no."); 2010 else cfg_parser->cfg->rrset_roundrobin = 2011 (strcmp($2, "yes")==0); 2012 free($2); 2013 } 2014 ; 2015 server_unknown_server_time_limit: VAR_UNKNOWN_SERVER_TIME_LIMIT STRING_ARG 2016 { 2017 OUTYY(("P(server_unknown_server_time_limit:%s)\n", $2)); 2018 cfg_parser->cfg->unknown_server_time_limit = atoi($2); 2019 free($2); 2020 } 2021 ; 2022 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG 2023 { 2024 OUTYY(("P(server_max_udp_size:%s)\n", $2)); 2025 cfg_parser->cfg->max_udp_size = atoi($2); 2026 free($2); 2027 } 2028 ; 2029 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG 2030 { 2031 OUTYY(("P(dns64_prefix:%s)\n", $2)); 2032 free(cfg_parser->cfg->dns64_prefix); 2033 cfg_parser->cfg->dns64_prefix = $2; 2034 } 2035 ; 2036 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG 2037 { 2038 OUTYY(("P(server_dns64_synthall:%s)\n", $2)); 2039 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2040 yyerror("expected yes or no."); 2041 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0); 2042 free($2); 2043 } 2044 ; 2045 server_dns64_ignore_aaaa: VAR_DNS64_IGNORE_AAAA STRING_ARG 2046 { 2047 OUTYY(("P(dns64_ignore_aaaa:%s)\n", $2)); 2048 if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa, 2049 $2)) 2050 fatal_exit("out of memory adding dns64-ignore-aaaa"); 2051 } 2052 ; 2053 server_define_tag: VAR_DEFINE_TAG STRING_ARG 2054 { 2055 char* p, *s = $2; 2056 OUTYY(("P(server_define_tag:%s)\n", $2)); 2057 while((p=strsep(&s, " \t\n")) != NULL) { 2058 if(*p) { 2059 if(!config_add_tag(cfg_parser->cfg, p)) 2060 yyerror("could not define-tag, " 2061 "out of memory"); 2062 } 2063 } 2064 free($2); 2065 } 2066 ; 2067 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG 2068 { 2069 size_t len = 0; 2070 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2071 &len); 2072 free($3); 2073 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 2074 if(!bitlist) { 2075 yyerror("could not parse tags, (define-tag them first)"); 2076 free($2); 2077 } 2078 if(bitlist) { 2079 if(!cfg_strbytelist_insert( 2080 &cfg_parser->cfg->local_zone_tags, 2081 $2, bitlist, len)) { 2082 yyerror("out of memory"); 2083 free($2); 2084 } 2085 } 2086 } 2087 ; 2088 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG 2089 { 2090 size_t len = 0; 2091 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2092 &len); 2093 free($3); 2094 OUTYY(("P(server_access_control_tag:%s)\n", $2)); 2095 if(!bitlist) { 2096 yyerror("could not parse tags, (define-tag them first)"); 2097 free($2); 2098 } 2099 if(bitlist) { 2100 if(!cfg_strbytelist_insert( 2101 &cfg_parser->cfg->acl_tags, 2102 $2, bitlist, len)) { 2103 yyerror("out of memory"); 2104 free($2); 2105 } 2106 } 2107 } 2108 ; 2109 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2110 { 2111 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4)); 2112 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions, 2113 $2, $3, $4)) { 2114 yyerror("out of memory"); 2115 free($2); 2116 free($3); 2117 free($4); 2118 } 2119 } 2120 ; 2121 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2122 { 2123 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4)); 2124 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas, 2125 $2, $3, $4)) { 2126 yyerror("out of memory"); 2127 free($2); 2128 free($3); 2129 free($4); 2130 } 2131 } 2132 ; 2133 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG 2134 { 2135 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4)); 2136 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides, 2137 $2, $3, $4)) { 2138 yyerror("out of memory"); 2139 free($2); 2140 free($3); 2141 free($4); 2142 } 2143 } 2144 ; 2145 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG 2146 { 2147 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3)); 2148 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view, 2149 $2, $3)) { 2150 yyerror("out of memory"); 2151 } 2152 } 2153 ; 2154 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG 2155 { 2156 size_t len = 0; 2157 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2158 &len); 2159 free($3); 2160 OUTYY(("P(response_ip_tag:%s)\n", $2)); 2161 if(!bitlist) { 2162 yyerror("could not parse tags, (define-tag them first)"); 2163 free($2); 2164 } 2165 if(bitlist) { 2166 if(!cfg_strbytelist_insert( 2167 &cfg_parser->cfg->respip_tags, 2168 $2, bitlist, len)) { 2169 yyerror("out of memory"); 2170 free($2); 2171 } 2172 } 2173 } 2174 ; 2175 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG 2176 { 2177 OUTYY(("P(server_ip_ratelimit:%s)\n", $2)); 2178 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2179 yyerror("number expected"); 2180 else cfg_parser->cfg->ip_ratelimit = atoi($2); 2181 free($2); 2182 } 2183 ; 2184 2185 server_ratelimit: VAR_RATELIMIT STRING_ARG 2186 { 2187 OUTYY(("P(server_ratelimit:%s)\n", $2)); 2188 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2189 yyerror("number expected"); 2190 else cfg_parser->cfg->ratelimit = atoi($2); 2191 free($2); 2192 } 2193 ; 2194 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG 2195 { 2196 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2)); 2197 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size)) 2198 yyerror("memory size expected"); 2199 free($2); 2200 } 2201 ; 2202 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG 2203 { 2204 OUTYY(("P(server_ratelimit_size:%s)\n", $2)); 2205 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size)) 2206 yyerror("memory size expected"); 2207 free($2); 2208 } 2209 ; 2210 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG 2211 { 2212 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2)); 2213 if(atoi($2) == 0) 2214 yyerror("number expected"); 2215 else { 2216 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2); 2217 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs)) 2218 yyerror("must be a power of 2"); 2219 } 2220 free($2); 2221 } 2222 ; 2223 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG 2224 { 2225 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2)); 2226 if(atoi($2) == 0) 2227 yyerror("number expected"); 2228 else { 2229 cfg_parser->cfg->ratelimit_slabs = atoi($2); 2230 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs)) 2231 yyerror("must be a power of 2"); 2232 } 2233 free($2); 2234 } 2235 ; 2236 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG 2237 { 2238 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3)); 2239 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2240 yyerror("number expected"); 2241 free($2); 2242 free($3); 2243 } else { 2244 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2245 ratelimit_for_domain, $2, $3)) 2246 fatal_exit("out of memory adding " 2247 "ratelimit-for-domain"); 2248 } 2249 } 2250 ; 2251 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG 2252 { 2253 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3)); 2254 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2255 yyerror("number expected"); 2256 free($2); 2257 free($3); 2258 } else { 2259 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2260 ratelimit_below_domain, $2, $3)) 2261 fatal_exit("out of memory adding " 2262 "ratelimit-below-domain"); 2263 } 2264 } 2265 ; 2266 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG 2267 { 2268 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2)); 2269 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2270 yyerror("number expected"); 2271 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2); 2272 free($2); 2273 } 2274 ; 2275 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG 2276 { 2277 OUTYY(("P(server_ratelimit_factor:%s)\n", $2)); 2278 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2279 yyerror("number expected"); 2280 else cfg_parser->cfg->ratelimit_factor = atoi($2); 2281 free($2); 2282 } 2283 ; 2284 server_low_rtt: VAR_LOW_RTT STRING_ARG 2285 { 2286 OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n")); 2287 free($2); 2288 } 2289 ; 2290 server_fast_server_num: VAR_FAST_SERVER_NUM STRING_ARG 2291 { 2292 OUTYY(("P(server_fast_server_num:%s)\n", $2)); 2293 if(atoi($2) <= 0) 2294 yyerror("number expected"); 2295 else cfg_parser->cfg->fast_server_num = atoi($2); 2296 free($2); 2297 } 2298 ; 2299 server_fast_server_permil: VAR_FAST_SERVER_PERMIL STRING_ARG 2300 { 2301 OUTYY(("P(server_fast_server_permil:%s)\n", $2)); 2302 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2303 yyerror("number expected"); 2304 else cfg_parser->cfg->fast_server_permil = atoi($2); 2305 free($2); 2306 } 2307 ; 2308 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG 2309 { 2310 OUTYY(("P(server_qname_minimisation:%s)\n", $2)); 2311 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2312 yyerror("expected yes or no."); 2313 else cfg_parser->cfg->qname_minimisation = 2314 (strcmp($2, "yes")==0); 2315 free($2); 2316 } 2317 ; 2318 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG 2319 { 2320 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2)); 2321 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2322 yyerror("expected yes or no."); 2323 else cfg_parser->cfg->qname_minimisation_strict = 2324 (strcmp($2, "yes")==0); 2325 free($2); 2326 } 2327 ; 2328 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG 2329 { 2330 #ifdef USE_IPSECMOD 2331 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2)); 2332 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2333 yyerror("expected yes or no."); 2334 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0); 2335 #else 2336 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2337 #endif 2338 free($2); 2339 } 2340 ; 2341 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG 2342 { 2343 #ifdef USE_IPSECMOD 2344 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2)); 2345 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2346 yyerror("expected yes or no."); 2347 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0); 2348 #else 2349 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2350 #endif 2351 free($2); 2352 } 2353 ; 2354 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG 2355 { 2356 #ifdef USE_IPSECMOD 2357 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2)); 2358 free(cfg_parser->cfg->ipsecmod_hook); 2359 cfg_parser->cfg->ipsecmod_hook = $2; 2360 #else 2361 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2362 free($2); 2363 #endif 2364 } 2365 ; 2366 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG 2367 { 2368 #ifdef USE_IPSECMOD 2369 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2)); 2370 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2371 yyerror("number expected"); 2372 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2); 2373 free($2); 2374 #else 2375 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2376 free($2); 2377 #endif 2378 } 2379 ; 2380 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG 2381 { 2382 #ifdef USE_IPSECMOD 2383 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2)); 2384 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2)) 2385 yyerror("out of memory"); 2386 #else 2387 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2388 free($2); 2389 #endif 2390 } 2391 ; 2392 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG 2393 { 2394 #ifdef USE_IPSECMOD 2395 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2)); 2396 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2397 yyerror("expected yes or no."); 2398 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0); 2399 free($2); 2400 #else 2401 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2402 free($2); 2403 #endif 2404 } 2405 ; 2406 stub_name: VAR_NAME STRING_ARG 2407 { 2408 OUTYY(("P(name:%s)\n", $2)); 2409 if(cfg_parser->cfg->stubs->name) 2410 yyerror("stub name override, there must be one name " 2411 "for one stub-zone"); 2412 free(cfg_parser->cfg->stubs->name); 2413 cfg_parser->cfg->stubs->name = $2; 2414 } 2415 ; 2416 stub_host: VAR_STUB_HOST STRING_ARG 2417 { 2418 OUTYY(("P(stub-host:%s)\n", $2)); 2419 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2)) 2420 yyerror("out of memory"); 2421 } 2422 ; 2423 stub_addr: VAR_STUB_ADDR STRING_ARG 2424 { 2425 OUTYY(("P(stub-addr:%s)\n", $2)); 2426 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2)) 2427 yyerror("out of memory"); 2428 } 2429 ; 2430 stub_first: VAR_STUB_FIRST STRING_ARG 2431 { 2432 OUTYY(("P(stub-first:%s)\n", $2)); 2433 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2434 yyerror("expected yes or no."); 2435 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0); 2436 free($2); 2437 } 2438 ; 2439 stub_no_cache: VAR_STUB_NO_CACHE STRING_ARG 2440 { 2441 OUTYY(("P(stub-no-cache:%s)\n", $2)); 2442 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2443 yyerror("expected yes or no."); 2444 else cfg_parser->cfg->stubs->no_cache=(strcmp($2, "yes")==0); 2445 free($2); 2446 } 2447 ; 2448 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG 2449 { 2450 OUTYY(("P(stub-ssl-upstream:%s)\n", $2)); 2451 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2452 yyerror("expected yes or no."); 2453 else cfg_parser->cfg->stubs->ssl_upstream = 2454 (strcmp($2, "yes")==0); 2455 free($2); 2456 } 2457 ; 2458 stub_prime: VAR_STUB_PRIME STRING_ARG 2459 { 2460 OUTYY(("P(stub-prime:%s)\n", $2)); 2461 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2462 yyerror("expected yes or no."); 2463 else cfg_parser->cfg->stubs->isprime = 2464 (strcmp($2, "yes")==0); 2465 free($2); 2466 } 2467 ; 2468 forward_name: VAR_NAME STRING_ARG 2469 { 2470 OUTYY(("P(name:%s)\n", $2)); 2471 if(cfg_parser->cfg->forwards->name) 2472 yyerror("forward name override, there must be one " 2473 "name for one forward-zone"); 2474 free(cfg_parser->cfg->forwards->name); 2475 cfg_parser->cfg->forwards->name = $2; 2476 } 2477 ; 2478 forward_host: VAR_FORWARD_HOST STRING_ARG 2479 { 2480 OUTYY(("P(forward-host:%s)\n", $2)); 2481 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2)) 2482 yyerror("out of memory"); 2483 } 2484 ; 2485 forward_addr: VAR_FORWARD_ADDR STRING_ARG 2486 { 2487 OUTYY(("P(forward-addr:%s)\n", $2)); 2488 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2)) 2489 yyerror("out of memory"); 2490 } 2491 ; 2492 forward_first: VAR_FORWARD_FIRST STRING_ARG 2493 { 2494 OUTYY(("P(forward-first:%s)\n", $2)); 2495 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2496 yyerror("expected yes or no."); 2497 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0); 2498 free($2); 2499 } 2500 ; 2501 forward_no_cache: VAR_FORWARD_NO_CACHE STRING_ARG 2502 { 2503 OUTYY(("P(forward-no-cache:%s)\n", $2)); 2504 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2505 yyerror("expected yes or no."); 2506 else cfg_parser->cfg->forwards->no_cache=(strcmp($2, "yes")==0); 2507 free($2); 2508 } 2509 ; 2510 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG 2511 { 2512 OUTYY(("P(forward-ssl-upstream:%s)\n", $2)); 2513 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2514 yyerror("expected yes or no."); 2515 else cfg_parser->cfg->forwards->ssl_upstream = 2516 (strcmp($2, "yes")==0); 2517 free($2); 2518 } 2519 ; 2520 auth_name: VAR_NAME STRING_ARG 2521 { 2522 OUTYY(("P(name:%s)\n", $2)); 2523 if(cfg_parser->cfg->auths->name) 2524 yyerror("auth name override, there must be one name " 2525 "for one auth-zone"); 2526 free(cfg_parser->cfg->auths->name); 2527 cfg_parser->cfg->auths->name = $2; 2528 } 2529 ; 2530 auth_zonefile: VAR_ZONEFILE STRING_ARG 2531 { 2532 OUTYY(("P(zonefile:%s)\n", $2)); 2533 free(cfg_parser->cfg->auths->zonefile); 2534 cfg_parser->cfg->auths->zonefile = $2; 2535 } 2536 ; 2537 auth_master: VAR_MASTER STRING_ARG 2538 { 2539 OUTYY(("P(master:%s)\n", $2)); 2540 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2)) 2541 yyerror("out of memory"); 2542 } 2543 ; 2544 auth_url: VAR_URL STRING_ARG 2545 { 2546 OUTYY(("P(url:%s)\n", $2)); 2547 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2)) 2548 yyerror("out of memory"); 2549 } 2550 ; 2551 auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG 2552 { 2553 OUTYY(("P(allow-notify:%s)\n", $2)); 2554 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify, 2555 $2)) 2556 yyerror("out of memory"); 2557 } 2558 ; 2559 auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG 2560 { 2561 OUTYY(("P(for-downstream:%s)\n", $2)); 2562 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2563 yyerror("expected yes or no."); 2564 else cfg_parser->cfg->auths->for_downstream = 2565 (strcmp($2, "yes")==0); 2566 free($2); 2567 } 2568 ; 2569 auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG 2570 { 2571 OUTYY(("P(for-upstream:%s)\n", $2)); 2572 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2573 yyerror("expected yes or no."); 2574 else cfg_parser->cfg->auths->for_upstream = 2575 (strcmp($2, "yes")==0); 2576 free($2); 2577 } 2578 ; 2579 auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG 2580 { 2581 OUTYY(("P(fallback-enabled:%s)\n", $2)); 2582 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2583 yyerror("expected yes or no."); 2584 else cfg_parser->cfg->auths->fallback_enabled = 2585 (strcmp($2, "yes")==0); 2586 free($2); 2587 } 2588 ; 2589 view_name: VAR_NAME STRING_ARG 2590 { 2591 OUTYY(("P(name:%s)\n", $2)); 2592 if(cfg_parser->cfg->views->name) 2593 yyerror("view name override, there must be one " 2594 "name for one view"); 2595 free(cfg_parser->cfg->views->name); 2596 cfg_parser->cfg->views->name = $2; 2597 } 2598 ; 2599 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 2600 { 2601 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3)); 2602 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 2603 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 2604 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 2605 && strcmp($3, "typetransparent")!=0 2606 && strcmp($3, "always_transparent")!=0 2607 && strcmp($3, "always_refuse")!=0 2608 && strcmp($3, "always_nxdomain")!=0 2609 && strcmp($3, "noview")!=0 2610 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0) { 2611 yyerror("local-zone type: expected static, deny, " 2612 "refuse, redirect, transparent, " 2613 "typetransparent, inform, inform_deny, " 2614 "always_transparent, always_refuse, " 2615 "always_nxdomain, noview or nodefault"); 2616 free($2); 2617 free($3); 2618 } else if(strcmp($3, "nodefault")==0) { 2619 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2620 local_zones_nodefault, $2)) 2621 fatal_exit("out of memory adding local-zone"); 2622 free($3); 2623 #ifdef USE_IPSET 2624 } else if(strcmp($3, "ipset")==0) { 2625 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2626 local_zones_ipset, $2)) 2627 fatal_exit("out of memory adding local-zone"); 2628 free($3); 2629 #endif 2630 } else { 2631 if(!cfg_str2list_insert( 2632 &cfg_parser->cfg->views->local_zones, 2633 $2, $3)) 2634 fatal_exit("out of memory adding local-zone"); 2635 } 2636 } 2637 ; 2638 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 2639 { 2640 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3)); 2641 validate_respip_action($3); 2642 if(!cfg_str2list_insert( 2643 &cfg_parser->cfg->views->respip_actions, $2, $3)) 2644 fatal_exit("out of memory adding per-view " 2645 "response-ip action"); 2646 } 2647 ; 2648 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 2649 { 2650 OUTYY(("P(view_response_ip_data:%s)\n", $2)); 2651 if(!cfg_str2list_insert( 2652 &cfg_parser->cfg->views->respip_data, $2, $3)) 2653 fatal_exit("out of memory adding response-ip-data"); 2654 } 2655 ; 2656 view_local_data: VAR_LOCAL_DATA STRING_ARG 2657 { 2658 OUTYY(("P(view_local_data:%s)\n", $2)); 2659 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) { 2660 fatal_exit("out of memory adding local-data"); 2661 } 2662 } 2663 ; 2664 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 2665 { 2666 char* ptr; 2667 OUTYY(("P(view_local_data_ptr:%s)\n", $2)); 2668 ptr = cfg_ptr_reverse($2); 2669 free($2); 2670 if(ptr) { 2671 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2672 local_data, ptr)) 2673 fatal_exit("out of memory adding local-data"); 2674 } else { 2675 yyerror("local-data-ptr could not be reversed"); 2676 } 2677 } 2678 ; 2679 view_first: VAR_VIEW_FIRST STRING_ARG 2680 { 2681 OUTYY(("P(view-first:%s)\n", $2)); 2682 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2683 yyerror("expected yes or no."); 2684 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0); 2685 free($2); 2686 } 2687 ; 2688 rcstart: VAR_REMOTE_CONTROL 2689 { 2690 OUTYY(("\nP(remote-control:)\n")); 2691 } 2692 ; 2693 contents_rc: contents_rc content_rc 2694 | ; 2695 content_rc: rc_control_enable | rc_control_interface | rc_control_port | 2696 rc_server_key_file | rc_server_cert_file | rc_control_key_file | 2697 rc_control_cert_file | rc_control_use_cert 2698 ; 2699 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG 2700 { 2701 OUTYY(("P(control_enable:%s)\n", $2)); 2702 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2703 yyerror("expected yes or no."); 2704 else cfg_parser->cfg->remote_control_enable = 2705 (strcmp($2, "yes")==0); 2706 free($2); 2707 } 2708 ; 2709 rc_control_port: VAR_CONTROL_PORT STRING_ARG 2710 { 2711 OUTYY(("P(control_port:%s)\n", $2)); 2712 if(atoi($2) == 0) 2713 yyerror("control port number expected"); 2714 else cfg_parser->cfg->control_port = atoi($2); 2715 free($2); 2716 } 2717 ; 2718 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG 2719 { 2720 OUTYY(("P(control_interface:%s)\n", $2)); 2721 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2)) 2722 yyerror("out of memory"); 2723 } 2724 ; 2725 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG 2726 { 2727 OUTYY(("P(control_use_cert:%s)\n", $2)); 2728 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0); 2729 free($2); 2730 } 2731 ; 2732 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG 2733 { 2734 OUTYY(("P(rc_server_key_file:%s)\n", $2)); 2735 free(cfg_parser->cfg->server_key_file); 2736 cfg_parser->cfg->server_key_file = $2; 2737 } 2738 ; 2739 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG 2740 { 2741 OUTYY(("P(rc_server_cert_file:%s)\n", $2)); 2742 free(cfg_parser->cfg->server_cert_file); 2743 cfg_parser->cfg->server_cert_file = $2; 2744 } 2745 ; 2746 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG 2747 { 2748 OUTYY(("P(rc_control_key_file:%s)\n", $2)); 2749 free(cfg_parser->cfg->control_key_file); 2750 cfg_parser->cfg->control_key_file = $2; 2751 } 2752 ; 2753 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG 2754 { 2755 OUTYY(("P(rc_control_cert_file:%s)\n", $2)); 2756 free(cfg_parser->cfg->control_cert_file); 2757 cfg_parser->cfg->control_cert_file = $2; 2758 } 2759 ; 2760 dtstart: VAR_DNSTAP 2761 { 2762 OUTYY(("\nP(dnstap:)\n")); 2763 } 2764 ; 2765 contents_dt: contents_dt content_dt 2766 | ; 2767 content_dt: dt_dnstap_enable | dt_dnstap_socket_path | dt_dnstap_bidirectional | 2768 dt_dnstap_ip | dt_dnstap_tls | dt_dnstap_tls_server_name | 2769 dt_dnstap_tls_cert_bundle | 2770 dt_dnstap_tls_client_key_file | dt_dnstap_tls_client_cert_file | 2771 dt_dnstap_send_identity | dt_dnstap_send_version | 2772 dt_dnstap_identity | dt_dnstap_version | 2773 dt_dnstap_log_resolver_query_messages | 2774 dt_dnstap_log_resolver_response_messages | 2775 dt_dnstap_log_client_query_messages | 2776 dt_dnstap_log_client_response_messages | 2777 dt_dnstap_log_forwarder_query_messages | 2778 dt_dnstap_log_forwarder_response_messages 2779 ; 2780 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG 2781 { 2782 OUTYY(("P(dt_dnstap_enable:%s)\n", $2)); 2783 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2784 yyerror("expected yes or no."); 2785 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0); 2786 free($2); 2787 } 2788 ; 2789 dt_dnstap_bidirectional: VAR_DNSTAP_BIDIRECTIONAL STRING_ARG 2790 { 2791 OUTYY(("P(dt_dnstap_bidirectional:%s)\n", $2)); 2792 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2793 yyerror("expected yes or no."); 2794 else cfg_parser->cfg->dnstap_bidirectional = 2795 (strcmp($2, "yes")==0); 2796 free($2); 2797 } 2798 ; 2799 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG 2800 { 2801 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2)); 2802 free(cfg_parser->cfg->dnstap_socket_path); 2803 cfg_parser->cfg->dnstap_socket_path = $2; 2804 } 2805 ; 2806 dt_dnstap_ip: VAR_DNSTAP_IP STRING_ARG 2807 { 2808 OUTYY(("P(dt_dnstap_ip:%s)\n", $2)); 2809 free(cfg_parser->cfg->dnstap_ip); 2810 cfg_parser->cfg->dnstap_ip = $2; 2811 } 2812 ; 2813 dt_dnstap_tls: VAR_DNSTAP_TLS STRING_ARG 2814 { 2815 OUTYY(("P(dt_dnstap_tls:%s)\n", $2)); 2816 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2817 yyerror("expected yes or no."); 2818 else cfg_parser->cfg->dnstap_tls = (strcmp($2, "yes")==0); 2819 free($2); 2820 } 2821 ; 2822 dt_dnstap_tls_server_name: VAR_DNSTAP_TLS_SERVER_NAME STRING_ARG 2823 { 2824 OUTYY(("P(dt_dnstap_tls_server_name:%s)\n", $2)); 2825 free(cfg_parser->cfg->dnstap_tls_server_name); 2826 cfg_parser->cfg->dnstap_tls_server_name = $2; 2827 } 2828 ; 2829 dt_dnstap_tls_cert_bundle: VAR_DNSTAP_TLS_CERT_BUNDLE STRING_ARG 2830 { 2831 OUTYY(("P(dt_dnstap_tls_cert_bundle:%s)\n", $2)); 2832 free(cfg_parser->cfg->dnstap_tls_cert_bundle); 2833 cfg_parser->cfg->dnstap_tls_cert_bundle = $2; 2834 } 2835 ; 2836 dt_dnstap_tls_client_key_file: VAR_DNSTAP_TLS_CLIENT_KEY_FILE STRING_ARG 2837 { 2838 OUTYY(("P(dt_dnstap_tls_client_key_file:%s)\n", $2)); 2839 free(cfg_parser->cfg->dnstap_tls_client_key_file); 2840 cfg_parser->cfg->dnstap_tls_client_key_file = $2; 2841 } 2842 ; 2843 dt_dnstap_tls_client_cert_file: VAR_DNSTAP_TLS_CLIENT_CERT_FILE STRING_ARG 2844 { 2845 OUTYY(("P(dt_dnstap_tls_client_cert_file:%s)\n", $2)); 2846 free(cfg_parser->cfg->dnstap_tls_client_cert_file); 2847 cfg_parser->cfg->dnstap_tls_client_cert_file = $2; 2848 } 2849 ; 2850 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG 2851 { 2852 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2)); 2853 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2854 yyerror("expected yes or no."); 2855 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0); 2856 free($2); 2857 } 2858 ; 2859 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG 2860 { 2861 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2)); 2862 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2863 yyerror("expected yes or no."); 2864 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0); 2865 free($2); 2866 } 2867 ; 2868 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG 2869 { 2870 OUTYY(("P(dt_dnstap_identity:%s)\n", $2)); 2871 free(cfg_parser->cfg->dnstap_identity); 2872 cfg_parser->cfg->dnstap_identity = $2; 2873 } 2874 ; 2875 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG 2876 { 2877 OUTYY(("P(dt_dnstap_version:%s)\n", $2)); 2878 free(cfg_parser->cfg->dnstap_version); 2879 cfg_parser->cfg->dnstap_version = $2; 2880 } 2881 ; 2882 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG 2883 { 2884 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2)); 2885 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2886 yyerror("expected yes or no."); 2887 else cfg_parser->cfg->dnstap_log_resolver_query_messages = 2888 (strcmp($2, "yes")==0); 2889 free($2); 2890 } 2891 ; 2892 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG 2893 { 2894 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2)); 2895 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2896 yyerror("expected yes or no."); 2897 else cfg_parser->cfg->dnstap_log_resolver_response_messages = 2898 (strcmp($2, "yes")==0); 2899 free($2); 2900 } 2901 ; 2902 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG 2903 { 2904 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2)); 2905 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2906 yyerror("expected yes or no."); 2907 else cfg_parser->cfg->dnstap_log_client_query_messages = 2908 (strcmp($2, "yes")==0); 2909 free($2); 2910 } 2911 ; 2912 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG 2913 { 2914 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2)); 2915 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2916 yyerror("expected yes or no."); 2917 else cfg_parser->cfg->dnstap_log_client_response_messages = 2918 (strcmp($2, "yes")==0); 2919 free($2); 2920 } 2921 ; 2922 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG 2923 { 2924 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2)); 2925 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2926 yyerror("expected yes or no."); 2927 else cfg_parser->cfg->dnstap_log_forwarder_query_messages = 2928 (strcmp($2, "yes")==0); 2929 free($2); 2930 } 2931 ; 2932 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG 2933 { 2934 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2)); 2935 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2936 yyerror("expected yes or no."); 2937 else cfg_parser->cfg->dnstap_log_forwarder_response_messages = 2938 (strcmp($2, "yes")==0); 2939 free($2); 2940 } 2941 ; 2942 pythonstart: VAR_PYTHON 2943 { 2944 OUTYY(("\nP(python:)\n")); 2945 } 2946 ; 2947 contents_py: contents_py content_py 2948 | ; 2949 content_py: py_script 2950 ; 2951 py_script: VAR_PYTHON_SCRIPT STRING_ARG 2952 { 2953 OUTYY(("P(python-script:%s)\n", $2)); 2954 if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, $2)) 2955 yyerror("out of memory"); 2956 } 2957 dynlibstart: VAR_DYNLIB 2958 { 2959 OUTYY(("\nP(dynlib:)\n")); 2960 } 2961 ; 2962 contents_dl: contents_dl content_dl 2963 | ; 2964 content_dl: dl_file 2965 ; 2966 dl_file: VAR_DYNLIB_FILE STRING_ARG 2967 { 2968 OUTYY(("P(dynlib-file:%s)\n", $2)); 2969 if(!cfg_strlist_append_ex(&cfg_parser->cfg->dynlib_file, $2)) 2970 yyerror("out of memory"); 2971 } 2972 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG 2973 { 2974 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2)); 2975 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2976 yyerror("expected yes or no."); 2977 else cfg_parser->cfg->disable_dnssec_lame_check = 2978 (strcmp($2, "yes")==0); 2979 free($2); 2980 } 2981 ; 2982 server_log_identity: VAR_LOG_IDENTITY STRING_ARG 2983 { 2984 OUTYY(("P(server_log_identity:%s)\n", $2)); 2985 free(cfg_parser->cfg->log_identity); 2986 cfg_parser->cfg->log_identity = $2; 2987 } 2988 ; 2989 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 2990 { 2991 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3)); 2992 validate_respip_action($3); 2993 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions, 2994 $2, $3)) 2995 fatal_exit("out of memory adding response-ip"); 2996 } 2997 ; 2998 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 2999 { 3000 OUTYY(("P(server_response_ip_data:%s)\n", $2)); 3001 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data, 3002 $2, $3)) 3003 fatal_exit("out of memory adding response-ip-data"); 3004 } 3005 ; 3006 dnscstart: VAR_DNSCRYPT 3007 { 3008 OUTYY(("\nP(dnscrypt:)\n")); 3009 } 3010 ; 3011 contents_dnsc: contents_dnsc content_dnsc 3012 | ; 3013 content_dnsc: 3014 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider | 3015 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert | 3016 dnsc_dnscrypt_provider_cert_rotated | 3017 dnsc_dnscrypt_shared_secret_cache_size | 3018 dnsc_dnscrypt_shared_secret_cache_slabs | 3019 dnsc_dnscrypt_nonce_cache_size | 3020 dnsc_dnscrypt_nonce_cache_slabs 3021 ; 3022 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG 3023 { 3024 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2)); 3025 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3026 yyerror("expected yes or no."); 3027 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0); 3028 free($2); 3029 } 3030 ; 3031 3032 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG 3033 { 3034 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2)); 3035 if(atoi($2) == 0) 3036 yyerror("port number expected"); 3037 else cfg_parser->cfg->dnscrypt_port = atoi($2); 3038 free($2); 3039 } 3040 ; 3041 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG 3042 { 3043 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2)); 3044 free(cfg_parser->cfg->dnscrypt_provider); 3045 cfg_parser->cfg->dnscrypt_provider = $2; 3046 } 3047 ; 3048 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG 3049 { 3050 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2)); 3051 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3052 log_warn("dnscrypt-provider-cert %s is a duplicate", $2); 3053 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3054 fatal_exit("out of memory adding dnscrypt-provider-cert"); 3055 } 3056 ; 3057 dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG 3058 { 3059 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2)); 3060 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2)) 3061 fatal_exit("out of memory adding dnscrypt-provider-cert-rotated"); 3062 } 3063 ; 3064 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG 3065 { 3066 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2)); 3067 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2)) 3068 log_warn("dnscrypt-secret-key: %s is a duplicate", $2); 3069 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2)) 3070 fatal_exit("out of memory adding dnscrypt-secret-key"); 3071 } 3072 ; 3073 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG 3074 { 3075 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2)); 3076 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size)) 3077 yyerror("memory size expected"); 3078 free($2); 3079 } 3080 ; 3081 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG 3082 { 3083 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2)); 3084 if(atoi($2) == 0) 3085 yyerror("number expected"); 3086 else { 3087 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2); 3088 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs)) 3089 yyerror("must be a power of 2"); 3090 } 3091 free($2); 3092 } 3093 ; 3094 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG 3095 { 3096 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2)); 3097 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size)) 3098 yyerror("memory size expected"); 3099 free($2); 3100 } 3101 ; 3102 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG 3103 { 3104 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2)); 3105 if(atoi($2) == 0) 3106 yyerror("number expected"); 3107 else { 3108 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2); 3109 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs)) 3110 yyerror("must be a power of 2"); 3111 } 3112 free($2); 3113 } 3114 ; 3115 cachedbstart: VAR_CACHEDB 3116 { 3117 OUTYY(("\nP(cachedb:)\n")); 3118 } 3119 ; 3120 contents_cachedb: contents_cachedb content_cachedb 3121 | ; 3122 content_cachedb: cachedb_backend_name | cachedb_secret_seed | 3123 redis_server_host | redis_server_port | redis_timeout | 3124 redis_expire_records 3125 ; 3126 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG 3127 { 3128 #ifdef USE_CACHEDB 3129 OUTYY(("P(backend:%s)\n", $2)); 3130 free(cfg_parser->cfg->cachedb_backend); 3131 cfg_parser->cfg->cachedb_backend = $2; 3132 #else 3133 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3134 free($2); 3135 #endif 3136 } 3137 ; 3138 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG 3139 { 3140 #ifdef USE_CACHEDB 3141 OUTYY(("P(secret-seed:%s)\n", $2)); 3142 free(cfg_parser->cfg->cachedb_secret); 3143 cfg_parser->cfg->cachedb_secret = $2; 3144 #else 3145 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3146 free($2); 3147 #endif 3148 } 3149 ; 3150 redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG 3151 { 3152 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3153 OUTYY(("P(redis_server_host:%s)\n", $2)); 3154 free(cfg_parser->cfg->redis_server_host); 3155 cfg_parser->cfg->redis_server_host = $2; 3156 #else 3157 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3158 free($2); 3159 #endif 3160 } 3161 ; 3162 redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG 3163 { 3164 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3165 int port; 3166 OUTYY(("P(redis_server_port:%s)\n", $2)); 3167 port = atoi($2); 3168 if(port == 0 || port < 0 || port > 65535) 3169 yyerror("valid redis server port number expected"); 3170 else cfg_parser->cfg->redis_server_port = port; 3171 #else 3172 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3173 #endif 3174 free($2); 3175 } 3176 ; 3177 redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG 3178 { 3179 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3180 OUTYY(("P(redis_timeout:%s)\n", $2)); 3181 if(atoi($2) == 0) 3182 yyerror("redis timeout value expected"); 3183 else cfg_parser->cfg->redis_timeout = atoi($2); 3184 #else 3185 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3186 #endif 3187 free($2); 3188 } 3189 ; 3190 redis_expire_records: VAR_CACHEDB_REDISEXPIRERECORDS STRING_ARG 3191 { 3192 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3193 OUTYY(("P(redis_expire_records:%s)\n", $2)); 3194 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3195 yyerror("expected yes or no."); 3196 else cfg_parser->cfg->redis_expire_records = (strcmp($2, "yes")==0); 3197 #else 3198 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3199 #endif 3200 free($2); 3201 } 3202 ; 3203 server_tcp_connection_limit: VAR_TCP_CONNECTION_LIMIT STRING_ARG STRING_ARG 3204 { 3205 OUTYY(("P(server_tcp_connection_limit:%s %s)\n", $2, $3)); 3206 if (atoi($3) < 0) 3207 yyerror("positive number expected"); 3208 else { 3209 if(!cfg_str2list_insert(&cfg_parser->cfg->tcp_connection_limits, $2, $3)) 3210 fatal_exit("out of memory adding tcp connection limit"); 3211 } 3212 } 3213 ; 3214 ipsetstart: VAR_IPSET 3215 { 3216 OUTYY(("\nP(ipset:)\n")); 3217 } 3218 ; 3219 contents_ipset: contents_ipset content_ipset 3220 | ; 3221 content_ipset: ipset_name_v4 | ipset_name_v6 3222 ; 3223 ipset_name_v4: VAR_IPSET_NAME_V4 STRING_ARG 3224 { 3225 #ifdef USE_IPSET 3226 OUTYY(("P(name-v4:%s)\n", $2)); 3227 if(cfg_parser->cfg->ipset_name_v4) 3228 yyerror("ipset name v4 override, there must be one " 3229 "name for ip v4"); 3230 free(cfg_parser->cfg->ipset_name_v4); 3231 cfg_parser->cfg->ipset_name_v4 = $2; 3232 #else 3233 OUTYY(("P(Compiled without ipset, ignoring)\n")); 3234 free($2); 3235 #endif 3236 } 3237 ; 3238 ipset_name_v6: VAR_IPSET_NAME_V6 STRING_ARG 3239 { 3240 #ifdef USE_IPSET 3241 OUTYY(("P(name-v6:%s)\n", $2)); 3242 if(cfg_parser->cfg->ipset_name_v6) 3243 yyerror("ipset name v6 override, there must be one " 3244 "name for ip v6"); 3245 free(cfg_parser->cfg->ipset_name_v6); 3246 cfg_parser->cfg->ipset_name_v6 = $2; 3247 #else 3248 OUTYY(("P(Compiled without ipset, ignoring)\n")); 3249 free($2); 3250 #endif 3251 } 3252 ; 3253 %% 3254 3255 /* parse helper routines could be here */ 3256 static void 3257 validate_respip_action(const char* action) 3258 { 3259 if(strcmp(action, "deny")!=0 && 3260 strcmp(action, "redirect")!=0 && 3261 strcmp(action, "inform")!=0 && 3262 strcmp(action, "inform_deny")!=0 && 3263 strcmp(action, "always_transparent")!=0 && 3264 strcmp(action, "always_refuse")!=0 && 3265 strcmp(action, "always_nxdomain")!=0) 3266 { 3267 yyerror("response-ip action: expected deny, redirect, " 3268 "inform, inform_deny, always_transparent, " 3269 "always_refuse or always_nxdomain"); 3270 } 3271 } 3272 3273 3274