1 /* 2 * configparser.y -- yacc grammar for unbound configuration files 3 * 4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. 5 * 6 * Copyright (c) 2007, NLnet Labs. All rights reserved. 7 * 8 * This software is open source. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * Redistributions of source code must retain the above copyright notice, 15 * this list of conditions and the following disclaimer. 16 * 17 * Redistributions in binary form must reproduce the above copyright notice, 18 * this list of conditions and the following disclaimer in the documentation 19 * and/or other materials provided with the distribution. 20 * 21 * Neither the name of the NLNET LABS nor the names of its contributors may 22 * be used to endorse or promote products derived from this software without 23 * specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38 %{ 39 #include "config.h" 40 41 #include <stdarg.h> 42 #include <stdio.h> 43 #include <string.h> 44 #include <stdlib.h> 45 #include <assert.h> 46 47 #include "util/configyyrename.h" 48 #include "util/config_file.h" 49 #include "util/net_help.h" 50 51 int ub_c_lex(void); 52 void ub_c_error(const char *message); 53 54 static void validate_respip_action(const char* action); 55 56 /* these need to be global, otherwise they cannot be used inside yacc */ 57 extern struct config_parser_state* cfg_parser; 58 59 #if 0 60 #define OUTYY(s) printf s /* used ONLY when debugging */ 61 #else 62 #define OUTYY(s) 63 #endif 64 65 %} 66 %union { 67 char* str; 68 }; 69 70 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR 71 %token <str> STRING_ARG 72 %token VAR_FORCE_TOPLEVEL 73 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT 74 %token VAR_OUTGOING_RANGE VAR_INTERFACE VAR_PREFER_IP4 75 %token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP 76 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT 77 %token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT 78 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE 79 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD 80 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP 81 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS 82 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME 83 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY 84 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES 85 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR 86 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION 87 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF 88 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE 89 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE 90 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE 91 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE 92 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG 93 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST 94 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL 95 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC 96 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID 97 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT 98 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR 99 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS 100 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE 101 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE 102 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE 103 %token VAR_CONTROL_USE_CERT 104 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT 105 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII 106 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN 107 %token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL 108 %token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN 109 %token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH 110 %token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN 111 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS 112 %token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM 113 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST 114 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE 115 %token VAR_HTTPS_PORT VAR_HTTP_ENDPOINT VAR_HTTP_MAX_STREAMS 116 %token VAR_HTTP_QUERY_BUFFER_SIZE VAR_HTTP_RESPONSE_BUFFER_SIZE 117 %token VAR_HTTP_NODELAY VAR_HTTP_NOTLS_DOWNSTREAM 118 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN 119 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE VAR_UDP_CONNECT 120 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES 121 %token VAR_INFRA_CACHE_MIN_RTT VAR_INFRA_KEEP_PROBING 122 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA 123 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH VAR_DNSTAP_IP 124 %token VAR_DNSTAP_TLS VAR_DNSTAP_TLS_SERVER_NAME VAR_DNSTAP_TLS_CERT_BUNDLE 125 %token VAR_DNSTAP_TLS_CLIENT_KEY_FILE VAR_DNSTAP_TLS_CLIENT_CERT_FILE 126 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION VAR_DNSTAP_BIDIRECTIONAL 127 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION 128 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 129 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 130 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 131 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 132 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 133 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 134 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA 135 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT 136 %token VAR_IP_DSCP 137 %token VAR_DISABLE_DNSSEC_LAME_CHECK 138 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE 139 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE 140 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN 141 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR 142 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE 143 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE 144 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6 145 %token VAR_MIN_CLIENT_SUBNET_IPV4 VAR_MIN_CLIENT_SUBNET_IPV6 146 %token VAR_MAX_ECS_TREE_SIZE_IPV4 VAR_MAX_ECS_TREE_SIZE_IPV6 147 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN 148 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND 149 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG 150 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION 151 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW 152 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_SERVE_EXPIRED_TTL 153 %token VAR_SERVE_EXPIRED_TTL_RESET VAR_SERVE_EXPIRED_REPLY_TTL 154 %token VAR_SERVE_EXPIRED_CLIENT_TIMEOUT VAR_FAKE_DSA 155 %token VAR_FAKE_SHA1 VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR 156 %token VAR_TRUST_ANCHOR_SIGNALING VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD 157 %token VAR_SHM_ENABLE VAR_SHM_KEY VAR_ROOT_KEY_SENTINEL 158 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER 159 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT 160 %token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 161 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 162 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 163 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE 164 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS 165 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS 166 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT 167 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED 168 %token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISTIMEOUT 169 %token VAR_CACHEDB_REDISEXPIRERECORDS 170 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM 171 %token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM 172 %token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL 173 %token VAR_FAST_SERVER_PERMIL VAR_FAST_SERVER_NUM 174 %token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT VAR_TCP_CONNECTION_LIMIT 175 %token VAR_FORWARD_NO_CACHE VAR_STUB_NO_CACHE VAR_LOG_SERVFAIL VAR_DENY_ANY 176 %token VAR_UNKNOWN_SERVER_TIME_LIMIT VAR_LOG_TAG_QUERYREPLY 177 %token VAR_STREAM_WAIT_SIZE VAR_TLS_CIPHERS VAR_TLS_CIPHERSUITES VAR_TLS_USE_SNI 178 %token VAR_IPSET VAR_IPSET_NAME_V4 VAR_IPSET_NAME_V6 179 %token VAR_TLS_SESSION_TICKET_KEYS VAR_RPZ VAR_TAGS VAR_RPZ_ACTION_OVERRIDE 180 %token VAR_RPZ_CNAME_OVERRIDE VAR_RPZ_LOG VAR_RPZ_LOG_NAME 181 %token VAR_DYNLIB VAR_DYNLIB_FILE VAR_EDNS_CLIENT_STRING 182 %token VAR_EDNS_CLIENT_STRING_OPCODE 183 184 %% 185 toplevelvars: /* empty */ | toplevelvars toplevelvar ; 186 toplevelvar: serverstart contents_server | stubstart contents_stub | 187 forwardstart contents_forward | pythonstart contents_py | 188 rcstart contents_rc | dtstart contents_dt | viewstart contents_view | 189 dnscstart contents_dnsc | cachedbstart contents_cachedb | 190 ipsetstart contents_ipset | authstart contents_auth | 191 rpzstart contents_rpz | dynlibstart contents_dl | 192 force_toplevel 193 ; 194 force_toplevel: VAR_FORCE_TOPLEVEL 195 { 196 OUTYY(("\nP(force-toplevel)\n")); 197 } 198 ; 199 /* server: declaration */ 200 serverstart: VAR_SERVER 201 { 202 OUTYY(("\nP(server:)\n")); 203 } 204 ; 205 contents_server: contents_server content_server 206 | ; 207 content_server: server_num_threads | server_verbosity | server_port | 208 server_outgoing_range | server_do_ip4 | 209 server_do_ip6 | server_prefer_ip4 | server_prefer_ip6 | 210 server_do_udp | server_do_tcp | 211 server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout | 212 server_tcp_keepalive | server_tcp_keepalive_timeout | 213 server_interface | server_chroot | server_username | 214 server_directory | server_logfile | server_pidfile | 215 server_msg_cache_size | server_msg_cache_slabs | 216 server_num_queries_per_thread | server_rrset_cache_size | 217 server_rrset_cache_slabs | server_outgoing_num_tcp | 218 server_infra_host_ttl | server_infra_lame_ttl | 219 server_infra_cache_slabs | server_infra_cache_numhosts | 220 server_infra_cache_lame_size | server_target_fetch_policy | 221 server_harden_short_bufsize | server_harden_large_queries | 222 server_do_not_query_address | server_hide_identity | 223 server_hide_version | server_identity | server_version | 224 server_harden_glue | server_module_conf | server_trust_anchor_file | 225 server_trust_anchor | server_val_override_date | server_bogus_ttl | 226 server_val_clean_additional | server_val_permissive_mode | 227 server_incoming_num_tcp | server_msg_buffer_size | 228 server_key_cache_size | server_key_cache_slabs | 229 server_trusted_keys_file | server_val_nsec3_keysize_iterations | 230 server_use_syslog | server_outgoing_interface | server_root_hints | 231 server_do_not_query_localhost | server_cache_max_ttl | 232 server_harden_dnssec_stripped | server_access_control | 233 server_local_zone | server_local_data | server_interface_automatic | 234 server_statistics_interval | server_do_daemonize | 235 server_use_caps_for_id | server_statistics_cumulative | 236 server_outgoing_port_permit | server_outgoing_port_avoid | 237 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size | 238 server_harden_referral_path | server_private_address | 239 server_private_domain | server_extended_statistics | 240 server_local_data_ptr | server_jostle_timeout | 241 server_unwanted_reply_threshold | server_log_time_ascii | 242 server_domain_insecure | server_val_sig_skew_min | 243 server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level | 244 server_auto_trust_anchor_file | server_add_holddown | 245 server_del_holddown | server_keep_missing | server_so_rcvbuf | 246 server_edns_buffer_size | server_prefetch | server_prefetch_key | 247 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag | 248 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream | 249 server_log_local_actions | 250 server_ssl_service_key | server_ssl_service_pem | server_ssl_port | 251 server_https_port | server_http_endpoint | server_http_max_streams | 252 server_http_query_buffer_size | server_http_response_buffer_size | 253 server_http_nodelay | server_http_notls_downstream | 254 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size | 255 server_so_reuseport | server_delay_close | server_udp_connect | 256 server_unblock_lan_zones | server_insecure_lan_zones | 257 server_dns64_prefix | server_dns64_synthall | server_dns64_ignore_aaaa | 258 server_infra_cache_min_rtt | server_harden_algo_downgrade | 259 server_ip_transparent | server_ip_ratelimit | server_ratelimit | 260 server_ip_dscp | server_infra_keep_probing | 261 server_ip_ratelimit_slabs | server_ratelimit_slabs | 262 server_ip_ratelimit_size | server_ratelimit_size | 263 server_ratelimit_for_domain | 264 server_ratelimit_below_domain | server_ratelimit_factor | 265 server_ip_ratelimit_factor | server_send_client_subnet | 266 server_client_subnet_zone | server_client_subnet_always_forward | 267 server_client_subnet_opcode | 268 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 | 269 server_min_client_subnet_ipv4 | server_min_client_subnet_ipv6 | 270 server_max_ecs_tree_size_ipv4 | server_max_ecs_tree_size_ipv6 | 271 server_caps_whitelist | server_cache_max_negative_ttl | 272 server_permit_small_holddown | server_qname_minimisation | 273 server_ip_freebind | server_define_tag | server_local_zone_tag | 274 server_disable_dnssec_lame_check | server_access_control_tag | 275 server_local_zone_override | server_access_control_tag_action | 276 server_access_control_tag_data | server_access_control_view | 277 server_qname_minimisation_strict | server_serve_expired | 278 server_serve_expired_ttl | server_serve_expired_ttl_reset | 279 server_serve_expired_reply_ttl | server_serve_expired_client_timeout | 280 server_fake_dsa | server_log_identity | server_use_systemd | 281 server_response_ip_tag | server_response_ip | server_response_ip_data | 282 server_shm_enable | server_shm_key | server_fake_sha1 | 283 server_hide_trustanchor | server_trust_anchor_signaling | 284 server_root_key_sentinel | 285 server_ipsecmod_enabled | server_ipsecmod_hook | 286 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl | 287 server_ipsecmod_whitelist | server_ipsecmod_strict | 288 server_udp_upstream_without_downstream | server_aggressive_nsec | 289 server_tls_cert_bundle | server_tls_additional_port | server_low_rtt | 290 server_fast_server_permil | server_fast_server_num | server_tls_win_cert | 291 server_tcp_connection_limit | server_log_servfail | server_deny_any | 292 server_unknown_server_time_limit | server_log_tag_queryreply | 293 server_stream_wait_size | server_tls_ciphers | 294 server_tls_ciphersuites | server_tls_session_ticket_keys | 295 server_tls_use_sni | server_edns_client_string | 296 server_edns_client_string_opcode 297 ; 298 stubstart: VAR_STUB_ZONE 299 { 300 struct config_stub* s; 301 OUTYY(("\nP(stub_zone:)\n")); 302 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 303 if(s) { 304 s->next = cfg_parser->cfg->stubs; 305 cfg_parser->cfg->stubs = s; 306 } else 307 yyerror("out of memory"); 308 } 309 ; 310 contents_stub: contents_stub content_stub 311 | ; 312 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first | 313 stub_no_cache | stub_ssl_upstream 314 ; 315 forwardstart: VAR_FORWARD_ZONE 316 { 317 struct config_stub* s; 318 OUTYY(("\nP(forward_zone:)\n")); 319 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 320 if(s) { 321 s->next = cfg_parser->cfg->forwards; 322 cfg_parser->cfg->forwards = s; 323 } else 324 yyerror("out of memory"); 325 } 326 ; 327 contents_forward: contents_forward content_forward 328 | ; 329 content_forward: forward_name | forward_host | forward_addr | forward_first | 330 forward_no_cache | forward_ssl_upstream 331 ; 332 viewstart: VAR_VIEW 333 { 334 struct config_view* s; 335 OUTYY(("\nP(view:)\n")); 336 s = (struct config_view*)calloc(1, sizeof(struct config_view)); 337 if(s) { 338 s->next = cfg_parser->cfg->views; 339 if(s->next && !s->next->name) 340 yyerror("view without name"); 341 cfg_parser->cfg->views = s; 342 } else 343 yyerror("out of memory"); 344 } 345 ; 346 contents_view: contents_view content_view 347 | ; 348 content_view: view_name | view_local_zone | view_local_data | view_first | 349 view_response_ip | view_response_ip_data | view_local_data_ptr 350 ; 351 authstart: VAR_AUTH_ZONE 352 { 353 struct config_auth* s; 354 OUTYY(("\nP(auth_zone:)\n")); 355 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 356 if(s) { 357 s->next = cfg_parser->cfg->auths; 358 cfg_parser->cfg->auths = s; 359 /* defaults for auth zone */ 360 s->for_downstream = 1; 361 s->for_upstream = 1; 362 s->fallback_enabled = 0; 363 s->isrpz = 0; 364 } else 365 yyerror("out of memory"); 366 } 367 ; 368 contents_auth: contents_auth content_auth 369 | ; 370 content_auth: auth_name | auth_zonefile | auth_master | auth_url | 371 auth_for_downstream | auth_for_upstream | auth_fallback_enabled | 372 auth_allow_notify 373 ; 374 375 rpz_tag: VAR_TAGS STRING_ARG 376 { 377 uint8_t* bitlist; 378 size_t len = 0; 379 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 380 bitlist = config_parse_taglist(cfg_parser->cfg, $2, 381 &len); 382 free($2); 383 if(!bitlist) { 384 yyerror("could not parse tags, (define-tag them first)"); 385 } 386 if(bitlist) { 387 cfg_parser->cfg->auths->rpz_taglist = bitlist; 388 cfg_parser->cfg->auths->rpz_taglistlen = len; 389 390 } 391 } 392 ; 393 394 rpz_action_override: VAR_RPZ_ACTION_OVERRIDE STRING_ARG 395 { 396 OUTYY(("P(rpz_action_override:%s)\n", $2)); 397 if(strcmp($2, "nxdomain")!=0 && strcmp($2, "nodata")!=0 && 398 strcmp($2, "passthru")!=0 && strcmp($2, "drop")!=0 && 399 strcmp($2, "cname")!=0 && strcmp($2, "disabled")!=0) { 400 yyerror("rpz-action-override action: expected nxdomain, " 401 "nodata, passthru, drop, cname or disabled"); 402 free($2); 403 cfg_parser->cfg->auths->rpz_action_override = NULL; 404 } 405 else { 406 cfg_parser->cfg->auths->rpz_action_override = $2; 407 } 408 } 409 ; 410 411 rpz_cname_override: VAR_RPZ_CNAME_OVERRIDE STRING_ARG 412 { 413 OUTYY(("P(rpz_cname_override:%s)\n", $2)); 414 free(cfg_parser->cfg->auths->rpz_cname); 415 cfg_parser->cfg->auths->rpz_cname = $2; 416 } 417 ; 418 419 rpz_log: VAR_RPZ_LOG STRING_ARG 420 { 421 OUTYY(("P(rpz_log:%s)\n", $2)); 422 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 423 yyerror("expected yes or no."); 424 else cfg_parser->cfg->auths->rpz_log = (strcmp($2, "yes")==0); 425 free($2); 426 } 427 ; 428 429 rpz_log_name: VAR_RPZ_LOG_NAME STRING_ARG 430 { 431 OUTYY(("P(rpz_log_name:%s)\n", $2)); 432 free(cfg_parser->cfg->auths->rpz_log_name); 433 cfg_parser->cfg->auths->rpz_log_name = $2; 434 } 435 ; 436 437 rpzstart: VAR_RPZ 438 { 439 struct config_auth* s; 440 OUTYY(("\nP(rpz:)\n")); 441 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 442 if(s) { 443 s->next = cfg_parser->cfg->auths; 444 cfg_parser->cfg->auths = s; 445 /* defaults for RPZ auth zone */ 446 s->for_downstream = 0; 447 s->for_upstream = 0; 448 s->fallback_enabled = 0; 449 s->isrpz = 1; 450 } else 451 yyerror("out of memory"); 452 } 453 ; 454 contents_rpz: contents_rpz content_rpz 455 | ; 456 content_rpz: auth_name | auth_zonefile | rpz_tag | auth_master | auth_url | 457 auth_allow_notify | rpz_action_override | rpz_cname_override | 458 rpz_log | rpz_log_name 459 ; 460 server_num_threads: VAR_NUM_THREADS STRING_ARG 461 { 462 OUTYY(("P(server_num_threads:%s)\n", $2)); 463 if(atoi($2) == 0 && strcmp($2, "0") != 0) 464 yyerror("number expected"); 465 else cfg_parser->cfg->num_threads = atoi($2); 466 free($2); 467 } 468 ; 469 server_verbosity: VAR_VERBOSITY STRING_ARG 470 { 471 OUTYY(("P(server_verbosity:%s)\n", $2)); 472 if(atoi($2) == 0 && strcmp($2, "0") != 0) 473 yyerror("number expected"); 474 else cfg_parser->cfg->verbosity = atoi($2); 475 free($2); 476 } 477 ; 478 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG 479 { 480 OUTYY(("P(server_statistics_interval:%s)\n", $2)); 481 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 482 cfg_parser->cfg->stat_interval = 0; 483 else if(atoi($2) == 0) 484 yyerror("number expected"); 485 else cfg_parser->cfg->stat_interval = atoi($2); 486 free($2); 487 } 488 ; 489 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG 490 { 491 OUTYY(("P(server_statistics_cumulative:%s)\n", $2)); 492 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 493 yyerror("expected yes or no."); 494 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0); 495 free($2); 496 } 497 ; 498 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG 499 { 500 OUTYY(("P(server_extended_statistics:%s)\n", $2)); 501 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 502 yyerror("expected yes or no."); 503 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0); 504 free($2); 505 } 506 ; 507 server_shm_enable: VAR_SHM_ENABLE STRING_ARG 508 { 509 OUTYY(("P(server_shm_enable:%s)\n", $2)); 510 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 511 yyerror("expected yes or no."); 512 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0); 513 free($2); 514 } 515 ; 516 server_shm_key: VAR_SHM_KEY STRING_ARG 517 { 518 OUTYY(("P(server_shm_key:%s)\n", $2)); 519 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 520 cfg_parser->cfg->shm_key = 0; 521 else if(atoi($2) == 0) 522 yyerror("number expected"); 523 else cfg_parser->cfg->shm_key = atoi($2); 524 free($2); 525 } 526 ; 527 server_port: VAR_PORT STRING_ARG 528 { 529 OUTYY(("P(server_port:%s)\n", $2)); 530 if(atoi($2) == 0) 531 yyerror("port number expected"); 532 else cfg_parser->cfg->port = atoi($2); 533 free($2); 534 } 535 ; 536 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG 537 { 538 #ifdef CLIENT_SUBNET 539 OUTYY(("P(server_send_client_subnet:%s)\n", $2)); 540 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2)) 541 fatal_exit("out of memory adding client-subnet"); 542 #else 543 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 544 free($2); 545 #endif 546 } 547 ; 548 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG 549 { 550 #ifdef CLIENT_SUBNET 551 OUTYY(("P(server_client_subnet_zone:%s)\n", $2)); 552 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone, 553 $2)) 554 fatal_exit("out of memory adding client-subnet-zone"); 555 #else 556 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 557 free($2); 558 #endif 559 } 560 ; 561 server_client_subnet_always_forward: 562 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG 563 { 564 #ifdef CLIENT_SUBNET 565 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2)); 566 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 567 yyerror("expected yes or no."); 568 else 569 cfg_parser->cfg->client_subnet_always_forward = 570 (strcmp($2, "yes")==0); 571 #else 572 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 573 #endif 574 free($2); 575 } 576 ; 577 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG 578 { 579 #ifdef CLIENT_SUBNET 580 OUTYY(("P(client_subnet_opcode:%s)\n", $2)); 581 OUTYY(("P(Deprecated option, ignoring)\n")); 582 #else 583 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 584 #endif 585 free($2); 586 } 587 ; 588 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG 589 { 590 #ifdef CLIENT_SUBNET 591 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2)); 592 if(atoi($2) == 0 && strcmp($2, "0") != 0) 593 yyerror("IPv4 subnet length expected"); 594 else if (atoi($2) > 32) 595 cfg_parser->cfg->max_client_subnet_ipv4 = 32; 596 else if (atoi($2) < 0) 597 cfg_parser->cfg->max_client_subnet_ipv4 = 0; 598 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2); 599 #else 600 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 601 #endif 602 free($2); 603 } 604 ; 605 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG 606 { 607 #ifdef CLIENT_SUBNET 608 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2)); 609 if(atoi($2) == 0 && strcmp($2, "0") != 0) 610 yyerror("Ipv6 subnet length expected"); 611 else if (atoi($2) > 128) 612 cfg_parser->cfg->max_client_subnet_ipv6 = 128; 613 else if (atoi($2) < 0) 614 cfg_parser->cfg->max_client_subnet_ipv6 = 0; 615 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2); 616 #else 617 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 618 #endif 619 free($2); 620 } 621 ; 622 server_min_client_subnet_ipv4: VAR_MIN_CLIENT_SUBNET_IPV4 STRING_ARG 623 { 624 #ifdef CLIENT_SUBNET 625 OUTYY(("P(min_client_subnet_ipv4:%s)\n", $2)); 626 if(atoi($2) == 0 && strcmp($2, "0") != 0) 627 yyerror("IPv4 subnet length expected"); 628 else if (atoi($2) > 32) 629 cfg_parser->cfg->min_client_subnet_ipv4 = 32; 630 else if (atoi($2) < 0) 631 cfg_parser->cfg->min_client_subnet_ipv4 = 0; 632 else cfg_parser->cfg->min_client_subnet_ipv4 = (uint8_t)atoi($2); 633 #else 634 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 635 #endif 636 free($2); 637 } 638 ; 639 server_min_client_subnet_ipv6: VAR_MIN_CLIENT_SUBNET_IPV6 STRING_ARG 640 { 641 #ifdef CLIENT_SUBNET 642 OUTYY(("P(min_client_subnet_ipv6:%s)\n", $2)); 643 if(atoi($2) == 0 && strcmp($2, "0") != 0) 644 yyerror("Ipv6 subnet length expected"); 645 else if (atoi($2) > 128) 646 cfg_parser->cfg->min_client_subnet_ipv6 = 128; 647 else if (atoi($2) < 0) 648 cfg_parser->cfg->min_client_subnet_ipv6 = 0; 649 else cfg_parser->cfg->min_client_subnet_ipv6 = (uint8_t)atoi($2); 650 #else 651 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 652 #endif 653 free($2); 654 } 655 ; 656 server_max_ecs_tree_size_ipv4: VAR_MAX_ECS_TREE_SIZE_IPV4 STRING_ARG 657 { 658 #ifdef CLIENT_SUBNET 659 OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", $2)); 660 if(atoi($2) == 0 && strcmp($2, "0") != 0) 661 yyerror("IPv4 ECS tree size expected"); 662 else if (atoi($2) < 0) 663 cfg_parser->cfg->max_ecs_tree_size_ipv4 = 0; 664 else cfg_parser->cfg->max_ecs_tree_size_ipv4 = (uint32_t)atoi($2); 665 #else 666 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 667 #endif 668 free($2); 669 } 670 ; 671 server_max_ecs_tree_size_ipv6: VAR_MAX_ECS_TREE_SIZE_IPV6 STRING_ARG 672 { 673 #ifdef CLIENT_SUBNET 674 OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", $2)); 675 if(atoi($2) == 0 && strcmp($2, "0") != 0) 676 yyerror("IPv6 ECS tree size expected"); 677 else if (atoi($2) < 0) 678 cfg_parser->cfg->max_ecs_tree_size_ipv6 = 0; 679 else cfg_parser->cfg->max_ecs_tree_size_ipv6 = (uint32_t)atoi($2); 680 #else 681 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 682 #endif 683 free($2); 684 } 685 ; 686 server_interface: VAR_INTERFACE STRING_ARG 687 { 688 OUTYY(("P(server_interface:%s)\n", $2)); 689 if(cfg_parser->cfg->num_ifs == 0) 690 cfg_parser->cfg->ifs = calloc(1, sizeof(char*)); 691 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs, 692 (cfg_parser->cfg->num_ifs+1)*sizeof(char*)); 693 if(!cfg_parser->cfg->ifs) 694 yyerror("out of memory"); 695 else 696 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2; 697 } 698 ; 699 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG 700 { 701 OUTYY(("P(server_outgoing_interface:%s)\n", $2)); 702 if(cfg_parser->cfg->num_out_ifs == 0) 703 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*)); 704 else cfg_parser->cfg->out_ifs = realloc( 705 cfg_parser->cfg->out_ifs, 706 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*)); 707 if(!cfg_parser->cfg->out_ifs) 708 yyerror("out of memory"); 709 else 710 cfg_parser->cfg->out_ifs[ 711 cfg_parser->cfg->num_out_ifs++] = $2; 712 } 713 ; 714 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG 715 { 716 OUTYY(("P(server_outgoing_range:%s)\n", $2)); 717 if(atoi($2) == 0) 718 yyerror("number expected"); 719 else cfg_parser->cfg->outgoing_num_ports = atoi($2); 720 free($2); 721 } 722 ; 723 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG 724 { 725 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2)); 726 if(!cfg_mark_ports($2, 1, 727 cfg_parser->cfg->outgoing_avail_ports, 65536)) 728 yyerror("port number or range (\"low-high\") expected"); 729 free($2); 730 } 731 ; 732 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG 733 { 734 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2)); 735 if(!cfg_mark_ports($2, 0, 736 cfg_parser->cfg->outgoing_avail_ports, 65536)) 737 yyerror("port number or range (\"low-high\") expected"); 738 free($2); 739 } 740 ; 741 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG 742 { 743 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2)); 744 if(atoi($2) == 0 && strcmp($2, "0") != 0) 745 yyerror("number expected"); 746 else cfg_parser->cfg->outgoing_num_tcp = atoi($2); 747 free($2); 748 } 749 ; 750 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG 751 { 752 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2)); 753 if(atoi($2) == 0 && strcmp($2, "0") != 0) 754 yyerror("number expected"); 755 else cfg_parser->cfg->incoming_num_tcp = atoi($2); 756 free($2); 757 } 758 ; 759 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG 760 { 761 OUTYY(("P(server_interface_automatic:%s)\n", $2)); 762 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 763 yyerror("expected yes or no."); 764 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0); 765 free($2); 766 } 767 ; 768 server_do_ip4: VAR_DO_IP4 STRING_ARG 769 { 770 OUTYY(("P(server_do_ip4:%s)\n", $2)); 771 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 772 yyerror("expected yes or no."); 773 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0); 774 free($2); 775 } 776 ; 777 server_do_ip6: VAR_DO_IP6 STRING_ARG 778 { 779 OUTYY(("P(server_do_ip6:%s)\n", $2)); 780 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 781 yyerror("expected yes or no."); 782 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0); 783 free($2); 784 } 785 ; 786 server_do_udp: VAR_DO_UDP STRING_ARG 787 { 788 OUTYY(("P(server_do_udp:%s)\n", $2)); 789 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 790 yyerror("expected yes or no."); 791 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0); 792 free($2); 793 } 794 ; 795 server_do_tcp: VAR_DO_TCP STRING_ARG 796 { 797 OUTYY(("P(server_do_tcp:%s)\n", $2)); 798 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 799 yyerror("expected yes or no."); 800 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0); 801 free($2); 802 } 803 ; 804 server_prefer_ip4: VAR_PREFER_IP4 STRING_ARG 805 { 806 OUTYY(("P(server_prefer_ip4:%s)\n", $2)); 807 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 808 yyerror("expected yes or no."); 809 else cfg_parser->cfg->prefer_ip4 = (strcmp($2, "yes")==0); 810 free($2); 811 } 812 ; 813 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG 814 { 815 OUTYY(("P(server_prefer_ip6:%s)\n", $2)); 816 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 817 yyerror("expected yes or no."); 818 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0); 819 free($2); 820 } 821 ; 822 server_tcp_mss: VAR_TCP_MSS STRING_ARG 823 { 824 OUTYY(("P(server_tcp_mss:%s)\n", $2)); 825 if(atoi($2) == 0 && strcmp($2, "0") != 0) 826 yyerror("number expected"); 827 else cfg_parser->cfg->tcp_mss = atoi($2); 828 free($2); 829 } 830 ; 831 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG 832 { 833 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2)); 834 if(atoi($2) == 0 && strcmp($2, "0") != 0) 835 yyerror("number expected"); 836 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2); 837 free($2); 838 } 839 ; 840 server_tcp_idle_timeout: VAR_TCP_IDLE_TIMEOUT STRING_ARG 841 { 842 OUTYY(("P(server_tcp_idle_timeout:%s)\n", $2)); 843 if(atoi($2) == 0 && strcmp($2, "0") != 0) 844 yyerror("number expected"); 845 else if (atoi($2) > 120000) 846 cfg_parser->cfg->tcp_idle_timeout = 120000; 847 else if (atoi($2) < 1) 848 cfg_parser->cfg->tcp_idle_timeout = 1; 849 else cfg_parser->cfg->tcp_idle_timeout = atoi($2); 850 free($2); 851 } 852 ; 853 server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG 854 { 855 OUTYY(("P(server_tcp_keepalive:%s)\n", $2)); 856 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 857 yyerror("expected yes or no."); 858 else cfg_parser->cfg->do_tcp_keepalive = (strcmp($2, "yes")==0); 859 free($2); 860 } 861 ; 862 server_tcp_keepalive_timeout: VAR_EDNS_TCP_KEEPALIVE_TIMEOUT STRING_ARG 863 { 864 OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", $2)); 865 if(atoi($2) == 0 && strcmp($2, "0") != 0) 866 yyerror("number expected"); 867 else if (atoi($2) > 6553500) 868 cfg_parser->cfg->tcp_keepalive_timeout = 6553500; 869 else if (atoi($2) < 1) 870 cfg_parser->cfg->tcp_keepalive_timeout = 0; 871 else cfg_parser->cfg->tcp_keepalive_timeout = atoi($2); 872 free($2); 873 } 874 ; 875 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG 876 { 877 OUTYY(("P(server_tcp_upstream:%s)\n", $2)); 878 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 879 yyerror("expected yes or no."); 880 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0); 881 free($2); 882 } 883 ; 884 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG 885 { 886 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2)); 887 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 888 yyerror("expected yes or no."); 889 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0); 890 free($2); 891 } 892 ; 893 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG 894 { 895 OUTYY(("P(server_ssl_upstream:%s)\n", $2)); 896 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 897 yyerror("expected yes or no."); 898 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0); 899 free($2); 900 } 901 ; 902 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG 903 { 904 OUTYY(("P(server_ssl_service_key:%s)\n", $2)); 905 free(cfg_parser->cfg->ssl_service_key); 906 cfg_parser->cfg->ssl_service_key = $2; 907 } 908 ; 909 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG 910 { 911 OUTYY(("P(server_ssl_service_pem:%s)\n", $2)); 912 free(cfg_parser->cfg->ssl_service_pem); 913 cfg_parser->cfg->ssl_service_pem = $2; 914 } 915 ; 916 server_ssl_port: VAR_SSL_PORT STRING_ARG 917 { 918 OUTYY(("P(server_ssl_port:%s)\n", $2)); 919 if(atoi($2) == 0) 920 yyerror("port number expected"); 921 else cfg_parser->cfg->ssl_port = atoi($2); 922 free($2); 923 } 924 ; 925 server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG 926 { 927 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2)); 928 free(cfg_parser->cfg->tls_cert_bundle); 929 cfg_parser->cfg->tls_cert_bundle = $2; 930 } 931 ; 932 server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG 933 { 934 OUTYY(("P(server_tls_win_cert:%s)\n", $2)); 935 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 936 yyerror("expected yes or no."); 937 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0); 938 free($2); 939 } 940 ; 941 server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG 942 { 943 OUTYY(("P(server_tls_additional_port:%s)\n", $2)); 944 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port, 945 $2)) 946 yyerror("out of memory"); 947 } 948 ; 949 server_tls_ciphers: VAR_TLS_CIPHERS STRING_ARG 950 { 951 OUTYY(("P(server_tls_ciphers:%s)\n", $2)); 952 free(cfg_parser->cfg->tls_ciphers); 953 cfg_parser->cfg->tls_ciphers = $2; 954 } 955 ; 956 server_tls_ciphersuites: VAR_TLS_CIPHERSUITES STRING_ARG 957 { 958 OUTYY(("P(server_tls_ciphersuites:%s)\n", $2)); 959 free(cfg_parser->cfg->tls_ciphersuites); 960 cfg_parser->cfg->tls_ciphersuites = $2; 961 } 962 ; 963 server_tls_session_ticket_keys: VAR_TLS_SESSION_TICKET_KEYS STRING_ARG 964 { 965 OUTYY(("P(server_tls_session_ticket_keys:%s)\n", $2)); 966 if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys, 967 $2)) 968 yyerror("out of memory"); 969 } 970 ; 971 server_tls_use_sni: VAR_TLS_USE_SNI STRING_ARG 972 { 973 OUTYY(("P(server_tls_use_sni:%s)\n", $2)); 974 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 975 yyerror("expected yes or no."); 976 else cfg_parser->cfg->tls_use_sni = (strcmp($2, "yes")==0); 977 free($2); 978 } 979 ; 980 server_https_port: VAR_HTTPS_PORT STRING_ARG 981 { 982 OUTYY(("P(server_https_port:%s)\n", $2)); 983 if(atoi($2) == 0) 984 yyerror("port number expected"); 985 else cfg_parser->cfg->https_port = atoi($2); 986 free($2); 987 }; 988 server_http_endpoint: VAR_HTTP_ENDPOINT STRING_ARG 989 { 990 OUTYY(("P(server_http_endpoint:%s)\n", $2)); 991 free(cfg_parser->cfg->http_endpoint); 992 if($2 && $2[0] != '/') { 993 cfg_parser->cfg->http_endpoint = malloc(strlen($2)+2); 994 if(!cfg_parser->cfg->http_endpoint) 995 yyerror("out of memory"); 996 cfg_parser->cfg->http_endpoint[0] = '/'; 997 memmove(cfg_parser->cfg->http_endpoint+1, $2, 998 strlen($2)+1); 999 free($2); 1000 } else { 1001 cfg_parser->cfg->http_endpoint = $2; 1002 } 1003 }; 1004 server_http_max_streams: VAR_HTTP_MAX_STREAMS STRING_ARG 1005 { 1006 OUTYY(("P(server_http_max_streams:%s)\n", $2)); 1007 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1008 yyerror("number expected"); 1009 else cfg_parser->cfg->http_max_streams = atoi($2); 1010 free($2); 1011 }; 1012 server_http_query_buffer_size: VAR_HTTP_QUERY_BUFFER_SIZE STRING_ARG 1013 { 1014 OUTYY(("P(server_http_query_buffer_size:%s)\n", $2)); 1015 if(!cfg_parse_memsize($2, 1016 &cfg_parser->cfg->http_query_buffer_size)) 1017 yyerror("memory size expected"); 1018 free($2); 1019 }; 1020 server_http_response_buffer_size: VAR_HTTP_RESPONSE_BUFFER_SIZE STRING_ARG 1021 { 1022 OUTYY(("P(server_http_response_buffer_size:%s)\n", $2)); 1023 if(!cfg_parse_memsize($2, 1024 &cfg_parser->cfg->http_response_buffer_size)) 1025 yyerror("memory size expected"); 1026 free($2); 1027 }; 1028 server_http_nodelay: VAR_HTTP_NODELAY STRING_ARG 1029 { 1030 OUTYY(("P(server_http_nodelay:%s)\n", $2)); 1031 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1032 yyerror("expected yes or no."); 1033 else cfg_parser->cfg->http_nodelay = (strcmp($2, "yes")==0); 1034 free($2); 1035 } 1036 server_http_notls_downstream: VAR_HTTP_NOTLS_DOWNSTREAM STRING_ARG 1037 { 1038 OUTYY(("P(server_http_notls_downstream:%s)\n", $2)); 1039 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1040 yyerror("expected yes or no."); 1041 else cfg_parser->cfg->http_notls_downstream = (strcmp($2, "yes")==0); 1042 free($2); 1043 }; 1044 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG 1045 { 1046 OUTYY(("P(server_use_systemd:%s)\n", $2)); 1047 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1048 yyerror("expected yes or no."); 1049 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0); 1050 free($2); 1051 } 1052 ; 1053 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG 1054 { 1055 OUTYY(("P(server_do_daemonize:%s)\n", $2)); 1056 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1057 yyerror("expected yes or no."); 1058 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0); 1059 free($2); 1060 } 1061 ; 1062 server_use_syslog: VAR_USE_SYSLOG STRING_ARG 1063 { 1064 OUTYY(("P(server_use_syslog:%s)\n", $2)); 1065 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1066 yyerror("expected yes or no."); 1067 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0); 1068 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS) 1069 if(strcmp($2, "yes") == 0) 1070 yyerror("no syslog services are available. " 1071 "(reconfigure and compile to add)"); 1072 #endif 1073 free($2); 1074 } 1075 ; 1076 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG 1077 { 1078 OUTYY(("P(server_log_time_ascii:%s)\n", $2)); 1079 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1080 yyerror("expected yes or no."); 1081 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0); 1082 free($2); 1083 } 1084 ; 1085 server_log_queries: VAR_LOG_QUERIES STRING_ARG 1086 { 1087 OUTYY(("P(server_log_queries:%s)\n", $2)); 1088 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1089 yyerror("expected yes or no."); 1090 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0); 1091 free($2); 1092 } 1093 ; 1094 server_log_replies: VAR_LOG_REPLIES STRING_ARG 1095 { 1096 OUTYY(("P(server_log_replies:%s)\n", $2)); 1097 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1098 yyerror("expected yes or no."); 1099 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0); 1100 free($2); 1101 } 1102 ; 1103 server_log_tag_queryreply: VAR_LOG_TAG_QUERYREPLY STRING_ARG 1104 { 1105 OUTYY(("P(server_log_tag_queryreply:%s)\n", $2)); 1106 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1107 yyerror("expected yes or no."); 1108 else cfg_parser->cfg->log_tag_queryreply = (strcmp($2, "yes")==0); 1109 free($2); 1110 } 1111 ; 1112 server_log_servfail: VAR_LOG_SERVFAIL STRING_ARG 1113 { 1114 OUTYY(("P(server_log_servfail:%s)\n", $2)); 1115 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1116 yyerror("expected yes or no."); 1117 else cfg_parser->cfg->log_servfail = (strcmp($2, "yes")==0); 1118 free($2); 1119 } 1120 ; 1121 server_log_local_actions: VAR_LOG_LOCAL_ACTIONS STRING_ARG 1122 { 1123 OUTYY(("P(server_log_local_actions:%s)\n", $2)); 1124 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1125 yyerror("expected yes or no."); 1126 else cfg_parser->cfg->log_local_actions = (strcmp($2, "yes")==0); 1127 free($2); 1128 } 1129 ; 1130 server_chroot: VAR_CHROOT STRING_ARG 1131 { 1132 OUTYY(("P(server_chroot:%s)\n", $2)); 1133 free(cfg_parser->cfg->chrootdir); 1134 cfg_parser->cfg->chrootdir = $2; 1135 } 1136 ; 1137 server_username: VAR_USERNAME STRING_ARG 1138 { 1139 OUTYY(("P(server_username:%s)\n", $2)); 1140 free(cfg_parser->cfg->username); 1141 cfg_parser->cfg->username = $2; 1142 } 1143 ; 1144 server_directory: VAR_DIRECTORY STRING_ARG 1145 { 1146 OUTYY(("P(server_directory:%s)\n", $2)); 1147 free(cfg_parser->cfg->directory); 1148 cfg_parser->cfg->directory = $2; 1149 /* change there right away for includes relative to this */ 1150 if($2[0]) { 1151 char* d; 1152 #ifdef UB_ON_WINDOWS 1153 w_config_adjust_directory(cfg_parser->cfg); 1154 #endif 1155 d = cfg_parser->cfg->directory; 1156 /* adjust directory if we have already chroot, 1157 * like, we reread after sighup */ 1158 if(cfg_parser->chroot && cfg_parser->chroot[0] && 1159 strncmp(d, cfg_parser->chroot, strlen( 1160 cfg_parser->chroot)) == 0) 1161 d += strlen(cfg_parser->chroot); 1162 if(d[0]) { 1163 if(chdir(d)) 1164 log_err("cannot chdir to directory: %s (%s)", 1165 d, strerror(errno)); 1166 } 1167 } 1168 } 1169 ; 1170 server_logfile: VAR_LOGFILE STRING_ARG 1171 { 1172 OUTYY(("P(server_logfile:%s)\n", $2)); 1173 free(cfg_parser->cfg->logfile); 1174 cfg_parser->cfg->logfile = $2; 1175 cfg_parser->cfg->use_syslog = 0; 1176 } 1177 ; 1178 server_pidfile: VAR_PIDFILE STRING_ARG 1179 { 1180 OUTYY(("P(server_pidfile:%s)\n", $2)); 1181 free(cfg_parser->cfg->pidfile); 1182 cfg_parser->cfg->pidfile = $2; 1183 } 1184 ; 1185 server_root_hints: VAR_ROOT_HINTS STRING_ARG 1186 { 1187 OUTYY(("P(server_root_hints:%s)\n", $2)); 1188 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2)) 1189 yyerror("out of memory"); 1190 } 1191 ; 1192 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG 1193 { 1194 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2)); 1195 log_warn("option dlv-anchor-file ignored: DLV is decommissioned"); 1196 free($2); 1197 } 1198 ; 1199 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG 1200 { 1201 OUTYY(("P(server_dlv_anchor:%s)\n", $2)); 1202 log_warn("option dlv-anchor ignored: DLV is decommissioned"); 1203 free($2); 1204 } 1205 ; 1206 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG 1207 { 1208 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2)); 1209 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1210 auto_trust_anchor_file_list, $2)) 1211 yyerror("out of memory"); 1212 } 1213 ; 1214 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG 1215 { 1216 OUTYY(("P(server_trust_anchor_file:%s)\n", $2)); 1217 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1218 trust_anchor_file_list, $2)) 1219 yyerror("out of memory"); 1220 } 1221 ; 1222 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG 1223 { 1224 OUTYY(("P(server_trusted_keys_file:%s)\n", $2)); 1225 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1226 trusted_keys_file_list, $2)) 1227 yyerror("out of memory"); 1228 } 1229 ; 1230 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG 1231 { 1232 OUTYY(("P(server_trust_anchor:%s)\n", $2)); 1233 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2)) 1234 yyerror("out of memory"); 1235 } 1236 ; 1237 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG 1238 { 1239 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2)); 1240 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1241 yyerror("expected yes or no."); 1242 else 1243 cfg_parser->cfg->trust_anchor_signaling = 1244 (strcmp($2, "yes")==0); 1245 free($2); 1246 } 1247 ; 1248 server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG 1249 { 1250 OUTYY(("P(server_root_key_sentinel:%s)\n", $2)); 1251 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1252 yyerror("expected yes or no."); 1253 else 1254 cfg_parser->cfg->root_key_sentinel = 1255 (strcmp($2, "yes")==0); 1256 free($2); 1257 } 1258 ; 1259 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG 1260 { 1261 OUTYY(("P(server_domain_insecure:%s)\n", $2)); 1262 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2)) 1263 yyerror("out of memory"); 1264 } 1265 ; 1266 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG 1267 { 1268 OUTYY(("P(server_hide_identity:%s)\n", $2)); 1269 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1270 yyerror("expected yes or no."); 1271 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0); 1272 free($2); 1273 } 1274 ; 1275 server_hide_version: VAR_HIDE_VERSION STRING_ARG 1276 { 1277 OUTYY(("P(server_hide_version:%s)\n", $2)); 1278 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1279 yyerror("expected yes or no."); 1280 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0); 1281 free($2); 1282 } 1283 ; 1284 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG 1285 { 1286 OUTYY(("P(server_hide_trustanchor:%s)\n", $2)); 1287 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1288 yyerror("expected yes or no."); 1289 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0); 1290 free($2); 1291 } 1292 ; 1293 server_identity: VAR_IDENTITY STRING_ARG 1294 { 1295 OUTYY(("P(server_identity:%s)\n", $2)); 1296 free(cfg_parser->cfg->identity); 1297 cfg_parser->cfg->identity = $2; 1298 } 1299 ; 1300 server_version: VAR_VERSION STRING_ARG 1301 { 1302 OUTYY(("P(server_version:%s)\n", $2)); 1303 free(cfg_parser->cfg->version); 1304 cfg_parser->cfg->version = $2; 1305 } 1306 ; 1307 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG 1308 { 1309 OUTYY(("P(server_so_rcvbuf:%s)\n", $2)); 1310 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf)) 1311 yyerror("buffer size expected"); 1312 free($2); 1313 } 1314 ; 1315 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG 1316 { 1317 OUTYY(("P(server_so_sndbuf:%s)\n", $2)); 1318 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf)) 1319 yyerror("buffer size expected"); 1320 free($2); 1321 } 1322 ; 1323 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG 1324 { 1325 OUTYY(("P(server_so_reuseport:%s)\n", $2)); 1326 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1327 yyerror("expected yes or no."); 1328 else cfg_parser->cfg->so_reuseport = 1329 (strcmp($2, "yes")==0); 1330 free($2); 1331 } 1332 ; 1333 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG 1334 { 1335 OUTYY(("P(server_ip_transparent:%s)\n", $2)); 1336 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1337 yyerror("expected yes or no."); 1338 else cfg_parser->cfg->ip_transparent = 1339 (strcmp($2, "yes")==0); 1340 free($2); 1341 } 1342 ; 1343 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG 1344 { 1345 OUTYY(("P(server_ip_freebind:%s)\n", $2)); 1346 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1347 yyerror("expected yes or no."); 1348 else cfg_parser->cfg->ip_freebind = 1349 (strcmp($2, "yes")==0); 1350 free($2); 1351 } 1352 ; 1353 server_ip_dscp: VAR_IP_DSCP STRING_ARG 1354 { 1355 OUTYY(("P(server_ip_dscp:%s)\n", $2)); 1356 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1357 yyerror("number expected"); 1358 else if (atoi($2) > 63) 1359 yyerror("value too large (max 63)"); 1360 else if (atoi($2) < 0) 1361 yyerror("value too small (min 0)"); 1362 else 1363 cfg_parser->cfg->ip_dscp = atoi($2); 1364 free($2); 1365 } 1366 ; 1367 server_stream_wait_size: VAR_STREAM_WAIT_SIZE STRING_ARG 1368 { 1369 OUTYY(("P(server_stream_wait_size:%s)\n", $2)); 1370 if(!cfg_parse_memsize($2, &cfg_parser->cfg->stream_wait_size)) 1371 yyerror("memory size expected"); 1372 free($2); 1373 } 1374 ; 1375 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG 1376 { 1377 OUTYY(("P(server_edns_buffer_size:%s)\n", $2)); 1378 if(atoi($2) == 0) 1379 yyerror("number expected"); 1380 else if (atoi($2) < 12) 1381 yyerror("edns buffer size too small"); 1382 else if (atoi($2) > 65535) 1383 cfg_parser->cfg->edns_buffer_size = 65535; 1384 else cfg_parser->cfg->edns_buffer_size = atoi($2); 1385 free($2); 1386 } 1387 ; 1388 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG 1389 { 1390 OUTYY(("P(server_msg_buffer_size:%s)\n", $2)); 1391 if(atoi($2) == 0) 1392 yyerror("number expected"); 1393 else if (atoi($2) < 4096) 1394 yyerror("message buffer size too small (use 4096)"); 1395 else cfg_parser->cfg->msg_buffer_size = atoi($2); 1396 free($2); 1397 } 1398 ; 1399 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG 1400 { 1401 OUTYY(("P(server_msg_cache_size:%s)\n", $2)); 1402 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size)) 1403 yyerror("memory size expected"); 1404 free($2); 1405 } 1406 ; 1407 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG 1408 { 1409 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2)); 1410 if(atoi($2) == 0) 1411 yyerror("number expected"); 1412 else { 1413 cfg_parser->cfg->msg_cache_slabs = atoi($2); 1414 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs)) 1415 yyerror("must be a power of 2"); 1416 } 1417 free($2); 1418 } 1419 ; 1420 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG 1421 { 1422 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2)); 1423 if(atoi($2) == 0) 1424 yyerror("number expected"); 1425 else cfg_parser->cfg->num_queries_per_thread = atoi($2); 1426 free($2); 1427 } 1428 ; 1429 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG 1430 { 1431 OUTYY(("P(server_jostle_timeout:%s)\n", $2)); 1432 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1433 yyerror("number expected"); 1434 else cfg_parser->cfg->jostle_time = atoi($2); 1435 free($2); 1436 } 1437 ; 1438 server_delay_close: VAR_DELAY_CLOSE STRING_ARG 1439 { 1440 OUTYY(("P(server_delay_close:%s)\n", $2)); 1441 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1442 yyerror("number expected"); 1443 else cfg_parser->cfg->delay_close = atoi($2); 1444 free($2); 1445 } 1446 ; 1447 server_udp_connect: VAR_UDP_CONNECT STRING_ARG 1448 { 1449 OUTYY(("P(server_udp_connect:%s)\n", $2)); 1450 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1451 yyerror("expected yes or no."); 1452 else cfg_parser->cfg->udp_connect = (strcmp($2, "yes")==0); 1453 free($2); 1454 } 1455 ; 1456 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG 1457 { 1458 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2)); 1459 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1460 yyerror("expected yes or no."); 1461 else cfg_parser->cfg->unblock_lan_zones = 1462 (strcmp($2, "yes")==0); 1463 free($2); 1464 } 1465 ; 1466 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG 1467 { 1468 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2)); 1469 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1470 yyerror("expected yes or no."); 1471 else cfg_parser->cfg->insecure_lan_zones = 1472 (strcmp($2, "yes")==0); 1473 free($2); 1474 } 1475 ; 1476 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG 1477 { 1478 OUTYY(("P(server_rrset_cache_size:%s)\n", $2)); 1479 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size)) 1480 yyerror("memory size expected"); 1481 free($2); 1482 } 1483 ; 1484 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG 1485 { 1486 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2)); 1487 if(atoi($2) == 0) 1488 yyerror("number expected"); 1489 else { 1490 cfg_parser->cfg->rrset_cache_slabs = atoi($2); 1491 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs)) 1492 yyerror("must be a power of 2"); 1493 } 1494 free($2); 1495 } 1496 ; 1497 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG 1498 { 1499 OUTYY(("P(server_infra_host_ttl:%s)\n", $2)); 1500 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1501 yyerror("number expected"); 1502 else cfg_parser->cfg->host_ttl = atoi($2); 1503 free($2); 1504 } 1505 ; 1506 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG 1507 { 1508 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2)); 1509 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option " 1510 "removed, use infra-host-ttl)", $2); 1511 free($2); 1512 } 1513 ; 1514 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG 1515 { 1516 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2)); 1517 if(atoi($2) == 0) 1518 yyerror("number expected"); 1519 else cfg_parser->cfg->infra_cache_numhosts = atoi($2); 1520 free($2); 1521 } 1522 ; 1523 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG 1524 { 1525 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2)); 1526 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s " 1527 "(option removed, use infra-cache-numhosts)", $2); 1528 free($2); 1529 } 1530 ; 1531 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG 1532 { 1533 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2)); 1534 if(atoi($2) == 0) 1535 yyerror("number expected"); 1536 else { 1537 cfg_parser->cfg->infra_cache_slabs = atoi($2); 1538 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs)) 1539 yyerror("must be a power of 2"); 1540 } 1541 free($2); 1542 } 1543 ; 1544 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG 1545 { 1546 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2)); 1547 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1548 yyerror("number expected"); 1549 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2); 1550 free($2); 1551 } 1552 ; 1553 server_infra_keep_probing: VAR_INFRA_KEEP_PROBING STRING_ARG 1554 { 1555 OUTYY(("P(server_infra_keep_probing:%s)\n", $2)); 1556 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1557 yyerror("expected yes or no."); 1558 else cfg_parser->cfg->infra_keep_probing = 1559 (strcmp($2, "yes")==0); 1560 free($2); 1561 } 1562 ; 1563 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG 1564 { 1565 OUTYY(("P(server_target_fetch_policy:%s)\n", $2)); 1566 free(cfg_parser->cfg->target_fetch_policy); 1567 cfg_parser->cfg->target_fetch_policy = $2; 1568 } 1569 ; 1570 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG 1571 { 1572 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2)); 1573 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1574 yyerror("expected yes or no."); 1575 else cfg_parser->cfg->harden_short_bufsize = 1576 (strcmp($2, "yes")==0); 1577 free($2); 1578 } 1579 ; 1580 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG 1581 { 1582 OUTYY(("P(server_harden_large_queries:%s)\n", $2)); 1583 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1584 yyerror("expected yes or no."); 1585 else cfg_parser->cfg->harden_large_queries = 1586 (strcmp($2, "yes")==0); 1587 free($2); 1588 } 1589 ; 1590 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG 1591 { 1592 OUTYY(("P(server_harden_glue:%s)\n", $2)); 1593 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1594 yyerror("expected yes or no."); 1595 else cfg_parser->cfg->harden_glue = 1596 (strcmp($2, "yes")==0); 1597 free($2); 1598 } 1599 ; 1600 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG 1601 { 1602 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2)); 1603 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1604 yyerror("expected yes or no."); 1605 else cfg_parser->cfg->harden_dnssec_stripped = 1606 (strcmp($2, "yes")==0); 1607 free($2); 1608 } 1609 ; 1610 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG 1611 { 1612 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2)); 1613 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1614 yyerror("expected yes or no."); 1615 else cfg_parser->cfg->harden_below_nxdomain = 1616 (strcmp($2, "yes")==0); 1617 free($2); 1618 } 1619 ; 1620 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG 1621 { 1622 OUTYY(("P(server_harden_referral_path:%s)\n", $2)); 1623 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1624 yyerror("expected yes or no."); 1625 else cfg_parser->cfg->harden_referral_path = 1626 (strcmp($2, "yes")==0); 1627 free($2); 1628 } 1629 ; 1630 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG 1631 { 1632 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2)); 1633 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1634 yyerror("expected yes or no."); 1635 else cfg_parser->cfg->harden_algo_downgrade = 1636 (strcmp($2, "yes")==0); 1637 free($2); 1638 } 1639 ; 1640 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG 1641 { 1642 OUTYY(("P(server_use_caps_for_id:%s)\n", $2)); 1643 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1644 yyerror("expected yes or no."); 1645 else cfg_parser->cfg->use_caps_bits_for_id = 1646 (strcmp($2, "yes")==0); 1647 free($2); 1648 } 1649 ; 1650 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG 1651 { 1652 OUTYY(("P(server_caps_whitelist:%s)\n", $2)); 1653 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2)) 1654 yyerror("out of memory"); 1655 } 1656 ; 1657 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG 1658 { 1659 OUTYY(("P(server_private_address:%s)\n", $2)); 1660 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2)) 1661 yyerror("out of memory"); 1662 } 1663 ; 1664 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG 1665 { 1666 OUTYY(("P(server_private_domain:%s)\n", $2)); 1667 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2)) 1668 yyerror("out of memory"); 1669 } 1670 ; 1671 server_prefetch: VAR_PREFETCH STRING_ARG 1672 { 1673 OUTYY(("P(server_prefetch:%s)\n", $2)); 1674 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1675 yyerror("expected yes or no."); 1676 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0); 1677 free($2); 1678 } 1679 ; 1680 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG 1681 { 1682 OUTYY(("P(server_prefetch_key:%s)\n", $2)); 1683 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1684 yyerror("expected yes or no."); 1685 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0); 1686 free($2); 1687 } 1688 ; 1689 server_deny_any: VAR_DENY_ANY STRING_ARG 1690 { 1691 OUTYY(("P(server_deny_any:%s)\n", $2)); 1692 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1693 yyerror("expected yes or no."); 1694 else cfg_parser->cfg->deny_any = (strcmp($2, "yes")==0); 1695 free($2); 1696 } 1697 ; 1698 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG 1699 { 1700 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2)); 1701 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1702 yyerror("number expected"); 1703 else cfg_parser->cfg->unwanted_threshold = atoi($2); 1704 free($2); 1705 } 1706 ; 1707 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG 1708 { 1709 OUTYY(("P(server_do_not_query_address:%s)\n", $2)); 1710 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2)) 1711 yyerror("out of memory"); 1712 } 1713 ; 1714 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG 1715 { 1716 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2)); 1717 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1718 yyerror("expected yes or no."); 1719 else cfg_parser->cfg->donotquery_localhost = 1720 (strcmp($2, "yes")==0); 1721 free($2); 1722 } 1723 ; 1724 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG 1725 { 1726 OUTYY(("P(server_access_control:%s %s)\n", $2, $3)); 1727 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 && 1728 strcmp($3, "deny_non_local")!=0 && 1729 strcmp($3, "refuse_non_local")!=0 && 1730 strcmp($3, "allow_setrd")!=0 && 1731 strcmp($3, "allow")!=0 && 1732 strcmp($3, "allow_snoop")!=0) { 1733 yyerror("expected deny, refuse, deny_non_local, " 1734 "refuse_non_local, allow, allow_setrd or " 1735 "allow_snoop in access control action"); 1736 free($2); 1737 free($3); 1738 } else { 1739 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3)) 1740 fatal_exit("out of memory adding acl"); 1741 } 1742 } 1743 ; 1744 server_module_conf: VAR_MODULE_CONF STRING_ARG 1745 { 1746 OUTYY(("P(server_module_conf:%s)\n", $2)); 1747 free(cfg_parser->cfg->module_conf); 1748 cfg_parser->cfg->module_conf = $2; 1749 } 1750 ; 1751 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG 1752 { 1753 OUTYY(("P(server_val_override_date:%s)\n", $2)); 1754 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1755 cfg_parser->cfg->val_date_override = 0; 1756 } else if(strlen($2) == 14) { 1757 cfg_parser->cfg->val_date_override = 1758 cfg_convert_timeval($2); 1759 if(!cfg_parser->cfg->val_date_override) 1760 yyerror("bad date/time specification"); 1761 } else { 1762 if(atoi($2) == 0) 1763 yyerror("number expected"); 1764 cfg_parser->cfg->val_date_override = atoi($2); 1765 } 1766 free($2); 1767 } 1768 ; 1769 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG 1770 { 1771 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2)); 1772 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1773 cfg_parser->cfg->val_sig_skew_min = 0; 1774 } else { 1775 cfg_parser->cfg->val_sig_skew_min = atoi($2); 1776 if(!cfg_parser->cfg->val_sig_skew_min) 1777 yyerror("number expected"); 1778 } 1779 free($2); 1780 } 1781 ; 1782 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG 1783 { 1784 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2)); 1785 if(*$2 == '\0' || strcmp($2, "0") == 0) { 1786 cfg_parser->cfg->val_sig_skew_max = 0; 1787 } else { 1788 cfg_parser->cfg->val_sig_skew_max = atoi($2); 1789 if(!cfg_parser->cfg->val_sig_skew_max) 1790 yyerror("number expected"); 1791 } 1792 free($2); 1793 } 1794 ; 1795 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG 1796 { 1797 OUTYY(("P(server_cache_max_ttl:%s)\n", $2)); 1798 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1799 yyerror("number expected"); 1800 else cfg_parser->cfg->max_ttl = atoi($2); 1801 free($2); 1802 } 1803 ; 1804 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG 1805 { 1806 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2)); 1807 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1808 yyerror("number expected"); 1809 else cfg_parser->cfg->max_negative_ttl = atoi($2); 1810 free($2); 1811 } 1812 ; 1813 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG 1814 { 1815 OUTYY(("P(server_cache_min_ttl:%s)\n", $2)); 1816 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1817 yyerror("number expected"); 1818 else cfg_parser->cfg->min_ttl = atoi($2); 1819 free($2); 1820 } 1821 ; 1822 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG 1823 { 1824 OUTYY(("P(server_bogus_ttl:%s)\n", $2)); 1825 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1826 yyerror("number expected"); 1827 else cfg_parser->cfg->bogus_ttl = atoi($2); 1828 free($2); 1829 } 1830 ; 1831 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG 1832 { 1833 OUTYY(("P(server_val_clean_additional:%s)\n", $2)); 1834 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1835 yyerror("expected yes or no."); 1836 else cfg_parser->cfg->val_clean_additional = 1837 (strcmp($2, "yes")==0); 1838 free($2); 1839 } 1840 ; 1841 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG 1842 { 1843 OUTYY(("P(server_val_permissive_mode:%s)\n", $2)); 1844 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1845 yyerror("expected yes or no."); 1846 else cfg_parser->cfg->val_permissive_mode = 1847 (strcmp($2, "yes")==0); 1848 free($2); 1849 } 1850 ; 1851 server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG 1852 { 1853 OUTYY(("P(server_aggressive_nsec:%s)\n", $2)); 1854 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1855 yyerror("expected yes or no."); 1856 else 1857 cfg_parser->cfg->aggressive_nsec = 1858 (strcmp($2, "yes")==0); 1859 free($2); 1860 } 1861 ; 1862 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG 1863 { 1864 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2)); 1865 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1866 yyerror("expected yes or no."); 1867 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0); 1868 free($2); 1869 } 1870 ; 1871 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG 1872 { 1873 OUTYY(("P(server_serve_expired:%s)\n", $2)); 1874 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1875 yyerror("expected yes or no."); 1876 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0); 1877 free($2); 1878 } 1879 ; 1880 server_serve_expired_ttl: VAR_SERVE_EXPIRED_TTL STRING_ARG 1881 { 1882 OUTYY(("P(server_serve_expired_ttl:%s)\n", $2)); 1883 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1884 yyerror("number expected"); 1885 else cfg_parser->cfg->serve_expired_ttl = atoi($2); 1886 free($2); 1887 } 1888 ; 1889 server_serve_expired_ttl_reset: VAR_SERVE_EXPIRED_TTL_RESET STRING_ARG 1890 { 1891 OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", $2)); 1892 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1893 yyerror("expected yes or no."); 1894 else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp($2, "yes")==0); 1895 free($2); 1896 } 1897 ; 1898 server_serve_expired_reply_ttl: VAR_SERVE_EXPIRED_REPLY_TTL STRING_ARG 1899 { 1900 OUTYY(("P(server_serve_expired_reply_ttl:%s)\n", $2)); 1901 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1902 yyerror("number expected"); 1903 else cfg_parser->cfg->serve_expired_reply_ttl = atoi($2); 1904 free($2); 1905 } 1906 ; 1907 server_serve_expired_client_timeout: VAR_SERVE_EXPIRED_CLIENT_TIMEOUT STRING_ARG 1908 { 1909 OUTYY(("P(server_serve_expired_client_timeout:%s)\n", $2)); 1910 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1911 yyerror("number expected"); 1912 else cfg_parser->cfg->serve_expired_client_timeout = atoi($2); 1913 free($2); 1914 } 1915 ; 1916 server_fake_dsa: VAR_FAKE_DSA STRING_ARG 1917 { 1918 OUTYY(("P(server_fake_dsa:%s)\n", $2)); 1919 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1920 yyerror("expected yes or no."); 1921 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 1922 else fake_dsa = (strcmp($2, "yes")==0); 1923 if(fake_dsa) 1924 log_warn("test option fake_dsa is enabled"); 1925 #endif 1926 free($2); 1927 } 1928 ; 1929 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG 1930 { 1931 OUTYY(("P(server_fake_sha1:%s)\n", $2)); 1932 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1933 yyerror("expected yes or no."); 1934 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 1935 else fake_sha1 = (strcmp($2, "yes")==0); 1936 if(fake_sha1) 1937 log_warn("test option fake_sha1 is enabled"); 1938 #endif 1939 free($2); 1940 } 1941 ; 1942 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG 1943 { 1944 OUTYY(("P(server_val_log_level:%s)\n", $2)); 1945 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1946 yyerror("number expected"); 1947 else cfg_parser->cfg->val_log_level = atoi($2); 1948 free($2); 1949 } 1950 ; 1951 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG 1952 { 1953 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2)); 1954 free(cfg_parser->cfg->val_nsec3_key_iterations); 1955 cfg_parser->cfg->val_nsec3_key_iterations = $2; 1956 } 1957 ; 1958 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG 1959 { 1960 OUTYY(("P(server_add_holddown:%s)\n", $2)); 1961 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1962 yyerror("number expected"); 1963 else cfg_parser->cfg->add_holddown = atoi($2); 1964 free($2); 1965 } 1966 ; 1967 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG 1968 { 1969 OUTYY(("P(server_del_holddown:%s)\n", $2)); 1970 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1971 yyerror("number expected"); 1972 else cfg_parser->cfg->del_holddown = atoi($2); 1973 free($2); 1974 } 1975 ; 1976 server_keep_missing: VAR_KEEP_MISSING STRING_ARG 1977 { 1978 OUTYY(("P(server_keep_missing:%s)\n", $2)); 1979 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1980 yyerror("number expected"); 1981 else cfg_parser->cfg->keep_missing = atoi($2); 1982 free($2); 1983 } 1984 ; 1985 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG 1986 { 1987 OUTYY(("P(server_permit_small_holddown:%s)\n", $2)); 1988 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1989 yyerror("expected yes or no."); 1990 else cfg_parser->cfg->permit_small_holddown = 1991 (strcmp($2, "yes")==0); 1992 free($2); 1993 } 1994 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG 1995 { 1996 OUTYY(("P(server_key_cache_size:%s)\n", $2)); 1997 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size)) 1998 yyerror("memory size expected"); 1999 free($2); 2000 } 2001 ; 2002 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG 2003 { 2004 OUTYY(("P(server_key_cache_slabs:%s)\n", $2)); 2005 if(atoi($2) == 0) 2006 yyerror("number expected"); 2007 else { 2008 cfg_parser->cfg->key_cache_slabs = atoi($2); 2009 if(!is_pow2(cfg_parser->cfg->key_cache_slabs)) 2010 yyerror("must be a power of 2"); 2011 } 2012 free($2); 2013 } 2014 ; 2015 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG 2016 { 2017 OUTYY(("P(server_neg_cache_size:%s)\n", $2)); 2018 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size)) 2019 yyerror("memory size expected"); 2020 free($2); 2021 } 2022 ; 2023 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 2024 { 2025 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3)); 2026 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 2027 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 2028 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 2029 && strcmp($3, "typetransparent")!=0 2030 && strcmp($3, "always_transparent")!=0 2031 && strcmp($3, "always_refuse")!=0 2032 && strcmp($3, "always_nxdomain")!=0 2033 && strcmp($3, "noview")!=0 2034 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 2035 && strcmp($3, "inform_redirect") != 0 2036 && strcmp($3, "ipset") != 0) { 2037 yyerror("local-zone type: expected static, deny, " 2038 "refuse, redirect, transparent, " 2039 "typetransparent, inform, inform_deny, " 2040 "inform_redirect, always_transparent, " 2041 "always_refuse, always_nxdomain, noview " 2042 ", nodefault or ipset"); 2043 free($2); 2044 free($3); 2045 } else if(strcmp($3, "nodefault")==0) { 2046 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2047 local_zones_nodefault, $2)) 2048 fatal_exit("out of memory adding local-zone"); 2049 free($3); 2050 #ifdef USE_IPSET 2051 } else if(strcmp($3, "ipset")==0) { 2052 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2053 local_zones_ipset, $2)) 2054 fatal_exit("out of memory adding local-zone"); 2055 free($3); 2056 #endif 2057 } else { 2058 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones, 2059 $2, $3)) 2060 fatal_exit("out of memory adding local-zone"); 2061 } 2062 } 2063 ; 2064 server_local_data: VAR_LOCAL_DATA STRING_ARG 2065 { 2066 OUTYY(("P(server_local_data:%s)\n", $2)); 2067 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2)) 2068 fatal_exit("out of memory adding local-data"); 2069 } 2070 ; 2071 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 2072 { 2073 char* ptr; 2074 OUTYY(("P(server_local_data_ptr:%s)\n", $2)); 2075 ptr = cfg_ptr_reverse($2); 2076 free($2); 2077 if(ptr) { 2078 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2079 local_data, ptr)) 2080 fatal_exit("out of memory adding local-data"); 2081 } else { 2082 yyerror("local-data-ptr could not be reversed"); 2083 } 2084 } 2085 ; 2086 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG 2087 { 2088 OUTYY(("P(server_minimal_responses:%s)\n", $2)); 2089 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2090 yyerror("expected yes or no."); 2091 else cfg_parser->cfg->minimal_responses = 2092 (strcmp($2, "yes")==0); 2093 free($2); 2094 } 2095 ; 2096 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG 2097 { 2098 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2)); 2099 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2100 yyerror("expected yes or no."); 2101 else cfg_parser->cfg->rrset_roundrobin = 2102 (strcmp($2, "yes")==0); 2103 free($2); 2104 } 2105 ; 2106 server_unknown_server_time_limit: VAR_UNKNOWN_SERVER_TIME_LIMIT STRING_ARG 2107 { 2108 OUTYY(("P(server_unknown_server_time_limit:%s)\n", $2)); 2109 cfg_parser->cfg->unknown_server_time_limit = atoi($2); 2110 free($2); 2111 } 2112 ; 2113 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG 2114 { 2115 OUTYY(("P(server_max_udp_size:%s)\n", $2)); 2116 cfg_parser->cfg->max_udp_size = atoi($2); 2117 free($2); 2118 } 2119 ; 2120 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG 2121 { 2122 OUTYY(("P(dns64_prefix:%s)\n", $2)); 2123 free(cfg_parser->cfg->dns64_prefix); 2124 cfg_parser->cfg->dns64_prefix = $2; 2125 } 2126 ; 2127 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG 2128 { 2129 OUTYY(("P(server_dns64_synthall:%s)\n", $2)); 2130 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2131 yyerror("expected yes or no."); 2132 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0); 2133 free($2); 2134 } 2135 ; 2136 server_dns64_ignore_aaaa: VAR_DNS64_IGNORE_AAAA STRING_ARG 2137 { 2138 OUTYY(("P(dns64_ignore_aaaa:%s)\n", $2)); 2139 if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa, 2140 $2)) 2141 fatal_exit("out of memory adding dns64-ignore-aaaa"); 2142 } 2143 ; 2144 server_define_tag: VAR_DEFINE_TAG STRING_ARG 2145 { 2146 char* p, *s = $2; 2147 OUTYY(("P(server_define_tag:%s)\n", $2)); 2148 while((p=strsep(&s, " \t\n")) != NULL) { 2149 if(*p) { 2150 if(!config_add_tag(cfg_parser->cfg, p)) 2151 yyerror("could not define-tag, " 2152 "out of memory"); 2153 } 2154 } 2155 free($2); 2156 } 2157 ; 2158 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG 2159 { 2160 size_t len = 0; 2161 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2162 &len); 2163 free($3); 2164 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 2165 if(!bitlist) { 2166 yyerror("could not parse tags, (define-tag them first)"); 2167 free($2); 2168 } 2169 if(bitlist) { 2170 if(!cfg_strbytelist_insert( 2171 &cfg_parser->cfg->local_zone_tags, 2172 $2, bitlist, len)) { 2173 yyerror("out of memory"); 2174 free($2); 2175 } 2176 } 2177 } 2178 ; 2179 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG 2180 { 2181 size_t len = 0; 2182 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2183 &len); 2184 free($3); 2185 OUTYY(("P(server_access_control_tag:%s)\n", $2)); 2186 if(!bitlist) { 2187 yyerror("could not parse tags, (define-tag them first)"); 2188 free($2); 2189 } 2190 if(bitlist) { 2191 if(!cfg_strbytelist_insert( 2192 &cfg_parser->cfg->acl_tags, 2193 $2, bitlist, len)) { 2194 yyerror("out of memory"); 2195 free($2); 2196 } 2197 } 2198 } 2199 ; 2200 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2201 { 2202 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4)); 2203 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions, 2204 $2, $3, $4)) { 2205 yyerror("out of memory"); 2206 free($2); 2207 free($3); 2208 free($4); 2209 } 2210 } 2211 ; 2212 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2213 { 2214 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4)); 2215 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas, 2216 $2, $3, $4)) { 2217 yyerror("out of memory"); 2218 free($2); 2219 free($3); 2220 free($4); 2221 } 2222 } 2223 ; 2224 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG 2225 { 2226 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4)); 2227 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides, 2228 $2, $3, $4)) { 2229 yyerror("out of memory"); 2230 free($2); 2231 free($3); 2232 free($4); 2233 } 2234 } 2235 ; 2236 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG 2237 { 2238 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3)); 2239 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view, 2240 $2, $3)) { 2241 yyerror("out of memory"); 2242 } 2243 } 2244 ; 2245 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG 2246 { 2247 size_t len = 0; 2248 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2249 &len); 2250 free($3); 2251 OUTYY(("P(response_ip_tag:%s)\n", $2)); 2252 if(!bitlist) { 2253 yyerror("could not parse tags, (define-tag them first)"); 2254 free($2); 2255 } 2256 if(bitlist) { 2257 if(!cfg_strbytelist_insert( 2258 &cfg_parser->cfg->respip_tags, 2259 $2, bitlist, len)) { 2260 yyerror("out of memory"); 2261 free($2); 2262 } 2263 } 2264 } 2265 ; 2266 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG 2267 { 2268 OUTYY(("P(server_ip_ratelimit:%s)\n", $2)); 2269 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2270 yyerror("number expected"); 2271 else cfg_parser->cfg->ip_ratelimit = atoi($2); 2272 free($2); 2273 } 2274 ; 2275 2276 server_ratelimit: VAR_RATELIMIT STRING_ARG 2277 { 2278 OUTYY(("P(server_ratelimit:%s)\n", $2)); 2279 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2280 yyerror("number expected"); 2281 else cfg_parser->cfg->ratelimit = atoi($2); 2282 free($2); 2283 } 2284 ; 2285 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG 2286 { 2287 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2)); 2288 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size)) 2289 yyerror("memory size expected"); 2290 free($2); 2291 } 2292 ; 2293 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG 2294 { 2295 OUTYY(("P(server_ratelimit_size:%s)\n", $2)); 2296 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size)) 2297 yyerror("memory size expected"); 2298 free($2); 2299 } 2300 ; 2301 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG 2302 { 2303 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2)); 2304 if(atoi($2) == 0) 2305 yyerror("number expected"); 2306 else { 2307 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2); 2308 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs)) 2309 yyerror("must be a power of 2"); 2310 } 2311 free($2); 2312 } 2313 ; 2314 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG 2315 { 2316 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2)); 2317 if(atoi($2) == 0) 2318 yyerror("number expected"); 2319 else { 2320 cfg_parser->cfg->ratelimit_slabs = atoi($2); 2321 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs)) 2322 yyerror("must be a power of 2"); 2323 } 2324 free($2); 2325 } 2326 ; 2327 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG 2328 { 2329 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3)); 2330 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2331 yyerror("number expected"); 2332 free($2); 2333 free($3); 2334 } else { 2335 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2336 ratelimit_for_domain, $2, $3)) 2337 fatal_exit("out of memory adding " 2338 "ratelimit-for-domain"); 2339 } 2340 } 2341 ; 2342 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG 2343 { 2344 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3)); 2345 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2346 yyerror("number expected"); 2347 free($2); 2348 free($3); 2349 } else { 2350 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2351 ratelimit_below_domain, $2, $3)) 2352 fatal_exit("out of memory adding " 2353 "ratelimit-below-domain"); 2354 } 2355 } 2356 ; 2357 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG 2358 { 2359 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2)); 2360 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2361 yyerror("number expected"); 2362 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2); 2363 free($2); 2364 } 2365 ; 2366 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG 2367 { 2368 OUTYY(("P(server_ratelimit_factor:%s)\n", $2)); 2369 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2370 yyerror("number expected"); 2371 else cfg_parser->cfg->ratelimit_factor = atoi($2); 2372 free($2); 2373 } 2374 ; 2375 server_low_rtt: VAR_LOW_RTT STRING_ARG 2376 { 2377 OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n")); 2378 free($2); 2379 } 2380 ; 2381 server_fast_server_num: VAR_FAST_SERVER_NUM STRING_ARG 2382 { 2383 OUTYY(("P(server_fast_server_num:%s)\n", $2)); 2384 if(atoi($2) <= 0) 2385 yyerror("number expected"); 2386 else cfg_parser->cfg->fast_server_num = atoi($2); 2387 free($2); 2388 } 2389 ; 2390 server_fast_server_permil: VAR_FAST_SERVER_PERMIL STRING_ARG 2391 { 2392 OUTYY(("P(server_fast_server_permil:%s)\n", $2)); 2393 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2394 yyerror("number expected"); 2395 else cfg_parser->cfg->fast_server_permil = atoi($2); 2396 free($2); 2397 } 2398 ; 2399 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG 2400 { 2401 OUTYY(("P(server_qname_minimisation:%s)\n", $2)); 2402 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2403 yyerror("expected yes or no."); 2404 else cfg_parser->cfg->qname_minimisation = 2405 (strcmp($2, "yes")==0); 2406 free($2); 2407 } 2408 ; 2409 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG 2410 { 2411 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2)); 2412 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2413 yyerror("expected yes or no."); 2414 else cfg_parser->cfg->qname_minimisation_strict = 2415 (strcmp($2, "yes")==0); 2416 free($2); 2417 } 2418 ; 2419 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG 2420 { 2421 #ifdef USE_IPSECMOD 2422 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2)); 2423 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2424 yyerror("expected yes or no."); 2425 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0); 2426 #else 2427 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2428 #endif 2429 free($2); 2430 } 2431 ; 2432 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG 2433 { 2434 #ifdef USE_IPSECMOD 2435 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2)); 2436 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2437 yyerror("expected yes or no."); 2438 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0); 2439 #else 2440 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2441 #endif 2442 free($2); 2443 } 2444 ; 2445 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG 2446 { 2447 #ifdef USE_IPSECMOD 2448 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2)); 2449 free(cfg_parser->cfg->ipsecmod_hook); 2450 cfg_parser->cfg->ipsecmod_hook = $2; 2451 #else 2452 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2453 free($2); 2454 #endif 2455 } 2456 ; 2457 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG 2458 { 2459 #ifdef USE_IPSECMOD 2460 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2)); 2461 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2462 yyerror("number expected"); 2463 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2); 2464 free($2); 2465 #else 2466 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2467 free($2); 2468 #endif 2469 } 2470 ; 2471 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG 2472 { 2473 #ifdef USE_IPSECMOD 2474 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2)); 2475 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2)) 2476 yyerror("out of memory"); 2477 #else 2478 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2479 free($2); 2480 #endif 2481 } 2482 ; 2483 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG 2484 { 2485 #ifdef USE_IPSECMOD 2486 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2)); 2487 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2488 yyerror("expected yes or no."); 2489 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0); 2490 free($2); 2491 #else 2492 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2493 free($2); 2494 #endif 2495 } 2496 ; 2497 server_edns_client_string: VAR_EDNS_CLIENT_STRING STRING_ARG STRING_ARG 2498 { 2499 OUTYY(("P(server_edns_client_string:%s %s)\n", $2, $3)); 2500 if(!cfg_str2list_insert( 2501 &cfg_parser->cfg->edns_client_strings, $2, $3)) 2502 fatal_exit("out of memory adding " 2503 "edns-client-string"); 2504 } 2505 ; 2506 server_edns_client_string_opcode: VAR_EDNS_CLIENT_STRING_OPCODE STRING_ARG 2507 { 2508 OUTYY(("P(edns_client_string_opcode:%s)\n", $2)); 2509 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2510 yyerror("option code expected"); 2511 else if(atoi($2) > 65535 || atoi($2) < 0) 2512 yyerror("option code must be in interval [0, 65535]"); 2513 else cfg_parser->cfg->edns_client_string_opcode = atoi($2); 2514 free($2); 2515 2516 } 2517 ; 2518 stub_name: VAR_NAME STRING_ARG 2519 { 2520 OUTYY(("P(name:%s)\n", $2)); 2521 if(cfg_parser->cfg->stubs->name) 2522 yyerror("stub name override, there must be one name " 2523 "for one stub-zone"); 2524 free(cfg_parser->cfg->stubs->name); 2525 cfg_parser->cfg->stubs->name = $2; 2526 } 2527 ; 2528 stub_host: VAR_STUB_HOST STRING_ARG 2529 { 2530 OUTYY(("P(stub-host:%s)\n", $2)); 2531 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2)) 2532 yyerror("out of memory"); 2533 } 2534 ; 2535 stub_addr: VAR_STUB_ADDR STRING_ARG 2536 { 2537 OUTYY(("P(stub-addr:%s)\n", $2)); 2538 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2)) 2539 yyerror("out of memory"); 2540 } 2541 ; 2542 stub_first: VAR_STUB_FIRST STRING_ARG 2543 { 2544 OUTYY(("P(stub-first:%s)\n", $2)); 2545 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2546 yyerror("expected yes or no."); 2547 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0); 2548 free($2); 2549 } 2550 ; 2551 stub_no_cache: VAR_STUB_NO_CACHE STRING_ARG 2552 { 2553 OUTYY(("P(stub-no-cache:%s)\n", $2)); 2554 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2555 yyerror("expected yes or no."); 2556 else cfg_parser->cfg->stubs->no_cache=(strcmp($2, "yes")==0); 2557 free($2); 2558 } 2559 ; 2560 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG 2561 { 2562 OUTYY(("P(stub-ssl-upstream:%s)\n", $2)); 2563 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2564 yyerror("expected yes or no."); 2565 else cfg_parser->cfg->stubs->ssl_upstream = 2566 (strcmp($2, "yes")==0); 2567 free($2); 2568 } 2569 ; 2570 stub_prime: VAR_STUB_PRIME STRING_ARG 2571 { 2572 OUTYY(("P(stub-prime:%s)\n", $2)); 2573 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2574 yyerror("expected yes or no."); 2575 else cfg_parser->cfg->stubs->isprime = 2576 (strcmp($2, "yes")==0); 2577 free($2); 2578 } 2579 ; 2580 forward_name: VAR_NAME STRING_ARG 2581 { 2582 OUTYY(("P(name:%s)\n", $2)); 2583 if(cfg_parser->cfg->forwards->name) 2584 yyerror("forward name override, there must be one " 2585 "name for one forward-zone"); 2586 free(cfg_parser->cfg->forwards->name); 2587 cfg_parser->cfg->forwards->name = $2; 2588 } 2589 ; 2590 forward_host: VAR_FORWARD_HOST STRING_ARG 2591 { 2592 OUTYY(("P(forward-host:%s)\n", $2)); 2593 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2)) 2594 yyerror("out of memory"); 2595 } 2596 ; 2597 forward_addr: VAR_FORWARD_ADDR STRING_ARG 2598 { 2599 OUTYY(("P(forward-addr:%s)\n", $2)); 2600 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2)) 2601 yyerror("out of memory"); 2602 } 2603 ; 2604 forward_first: VAR_FORWARD_FIRST STRING_ARG 2605 { 2606 OUTYY(("P(forward-first:%s)\n", $2)); 2607 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2608 yyerror("expected yes or no."); 2609 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0); 2610 free($2); 2611 } 2612 ; 2613 forward_no_cache: VAR_FORWARD_NO_CACHE STRING_ARG 2614 { 2615 OUTYY(("P(forward-no-cache:%s)\n", $2)); 2616 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2617 yyerror("expected yes or no."); 2618 else cfg_parser->cfg->forwards->no_cache=(strcmp($2, "yes")==0); 2619 free($2); 2620 } 2621 ; 2622 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG 2623 { 2624 OUTYY(("P(forward-ssl-upstream:%s)\n", $2)); 2625 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2626 yyerror("expected yes or no."); 2627 else cfg_parser->cfg->forwards->ssl_upstream = 2628 (strcmp($2, "yes")==0); 2629 free($2); 2630 } 2631 ; 2632 auth_name: VAR_NAME STRING_ARG 2633 { 2634 OUTYY(("P(name:%s)\n", $2)); 2635 if(cfg_parser->cfg->auths->name) 2636 yyerror("auth name override, there must be one name " 2637 "for one auth-zone"); 2638 free(cfg_parser->cfg->auths->name); 2639 cfg_parser->cfg->auths->name = $2; 2640 } 2641 ; 2642 auth_zonefile: VAR_ZONEFILE STRING_ARG 2643 { 2644 OUTYY(("P(zonefile:%s)\n", $2)); 2645 free(cfg_parser->cfg->auths->zonefile); 2646 cfg_parser->cfg->auths->zonefile = $2; 2647 } 2648 ; 2649 auth_master: VAR_MASTER STRING_ARG 2650 { 2651 OUTYY(("P(master:%s)\n", $2)); 2652 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2)) 2653 yyerror("out of memory"); 2654 } 2655 ; 2656 auth_url: VAR_URL STRING_ARG 2657 { 2658 OUTYY(("P(url:%s)\n", $2)); 2659 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2)) 2660 yyerror("out of memory"); 2661 } 2662 ; 2663 auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG 2664 { 2665 OUTYY(("P(allow-notify:%s)\n", $2)); 2666 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify, 2667 $2)) 2668 yyerror("out of memory"); 2669 } 2670 ; 2671 auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG 2672 { 2673 OUTYY(("P(for-downstream:%s)\n", $2)); 2674 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2675 yyerror("expected yes or no."); 2676 else cfg_parser->cfg->auths->for_downstream = 2677 (strcmp($2, "yes")==0); 2678 free($2); 2679 } 2680 ; 2681 auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG 2682 { 2683 OUTYY(("P(for-upstream:%s)\n", $2)); 2684 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2685 yyerror("expected yes or no."); 2686 else cfg_parser->cfg->auths->for_upstream = 2687 (strcmp($2, "yes")==0); 2688 free($2); 2689 } 2690 ; 2691 auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG 2692 { 2693 OUTYY(("P(fallback-enabled:%s)\n", $2)); 2694 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2695 yyerror("expected yes or no."); 2696 else cfg_parser->cfg->auths->fallback_enabled = 2697 (strcmp($2, "yes")==0); 2698 free($2); 2699 } 2700 ; 2701 view_name: VAR_NAME STRING_ARG 2702 { 2703 OUTYY(("P(name:%s)\n", $2)); 2704 if(cfg_parser->cfg->views->name) 2705 yyerror("view name override, there must be one " 2706 "name for one view"); 2707 free(cfg_parser->cfg->views->name); 2708 cfg_parser->cfg->views->name = $2; 2709 } 2710 ; 2711 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 2712 { 2713 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3)); 2714 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 2715 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 2716 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 2717 && strcmp($3, "typetransparent")!=0 2718 && strcmp($3, "always_transparent")!=0 2719 && strcmp($3, "always_refuse")!=0 2720 && strcmp($3, "always_nxdomain")!=0 2721 && strcmp($3, "noview")!=0 2722 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0) { 2723 yyerror("local-zone type: expected static, deny, " 2724 "refuse, redirect, transparent, " 2725 "typetransparent, inform, inform_deny, " 2726 "always_transparent, always_refuse, " 2727 "always_nxdomain, noview or nodefault"); 2728 free($2); 2729 free($3); 2730 } else if(strcmp($3, "nodefault")==0) { 2731 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2732 local_zones_nodefault, $2)) 2733 fatal_exit("out of memory adding local-zone"); 2734 free($3); 2735 #ifdef USE_IPSET 2736 } else if(strcmp($3, "ipset")==0) { 2737 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2738 local_zones_ipset, $2)) 2739 fatal_exit("out of memory adding local-zone"); 2740 free($3); 2741 #endif 2742 } else { 2743 if(!cfg_str2list_insert( 2744 &cfg_parser->cfg->views->local_zones, 2745 $2, $3)) 2746 fatal_exit("out of memory adding local-zone"); 2747 } 2748 } 2749 ; 2750 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 2751 { 2752 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3)); 2753 validate_respip_action($3); 2754 if(!cfg_str2list_insert( 2755 &cfg_parser->cfg->views->respip_actions, $2, $3)) 2756 fatal_exit("out of memory adding per-view " 2757 "response-ip action"); 2758 } 2759 ; 2760 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 2761 { 2762 OUTYY(("P(view_response_ip_data:%s)\n", $2)); 2763 if(!cfg_str2list_insert( 2764 &cfg_parser->cfg->views->respip_data, $2, $3)) 2765 fatal_exit("out of memory adding response-ip-data"); 2766 } 2767 ; 2768 view_local_data: VAR_LOCAL_DATA STRING_ARG 2769 { 2770 OUTYY(("P(view_local_data:%s)\n", $2)); 2771 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) { 2772 fatal_exit("out of memory adding local-data"); 2773 } 2774 } 2775 ; 2776 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 2777 { 2778 char* ptr; 2779 OUTYY(("P(view_local_data_ptr:%s)\n", $2)); 2780 ptr = cfg_ptr_reverse($2); 2781 free($2); 2782 if(ptr) { 2783 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 2784 local_data, ptr)) 2785 fatal_exit("out of memory adding local-data"); 2786 } else { 2787 yyerror("local-data-ptr could not be reversed"); 2788 } 2789 } 2790 ; 2791 view_first: VAR_VIEW_FIRST STRING_ARG 2792 { 2793 OUTYY(("P(view-first:%s)\n", $2)); 2794 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2795 yyerror("expected yes or no."); 2796 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0); 2797 free($2); 2798 } 2799 ; 2800 rcstart: VAR_REMOTE_CONTROL 2801 { 2802 OUTYY(("\nP(remote-control:)\n")); 2803 } 2804 ; 2805 contents_rc: contents_rc content_rc 2806 | ; 2807 content_rc: rc_control_enable | rc_control_interface | rc_control_port | 2808 rc_server_key_file | rc_server_cert_file | rc_control_key_file | 2809 rc_control_cert_file | rc_control_use_cert 2810 ; 2811 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG 2812 { 2813 OUTYY(("P(control_enable:%s)\n", $2)); 2814 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2815 yyerror("expected yes or no."); 2816 else cfg_parser->cfg->remote_control_enable = 2817 (strcmp($2, "yes")==0); 2818 free($2); 2819 } 2820 ; 2821 rc_control_port: VAR_CONTROL_PORT STRING_ARG 2822 { 2823 OUTYY(("P(control_port:%s)\n", $2)); 2824 if(atoi($2) == 0) 2825 yyerror("control port number expected"); 2826 else cfg_parser->cfg->control_port = atoi($2); 2827 free($2); 2828 } 2829 ; 2830 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG 2831 { 2832 OUTYY(("P(control_interface:%s)\n", $2)); 2833 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2)) 2834 yyerror("out of memory"); 2835 } 2836 ; 2837 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG 2838 { 2839 OUTYY(("P(control_use_cert:%s)\n", $2)); 2840 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0); 2841 free($2); 2842 } 2843 ; 2844 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG 2845 { 2846 OUTYY(("P(rc_server_key_file:%s)\n", $2)); 2847 free(cfg_parser->cfg->server_key_file); 2848 cfg_parser->cfg->server_key_file = $2; 2849 } 2850 ; 2851 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG 2852 { 2853 OUTYY(("P(rc_server_cert_file:%s)\n", $2)); 2854 free(cfg_parser->cfg->server_cert_file); 2855 cfg_parser->cfg->server_cert_file = $2; 2856 } 2857 ; 2858 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG 2859 { 2860 OUTYY(("P(rc_control_key_file:%s)\n", $2)); 2861 free(cfg_parser->cfg->control_key_file); 2862 cfg_parser->cfg->control_key_file = $2; 2863 } 2864 ; 2865 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG 2866 { 2867 OUTYY(("P(rc_control_cert_file:%s)\n", $2)); 2868 free(cfg_parser->cfg->control_cert_file); 2869 cfg_parser->cfg->control_cert_file = $2; 2870 } 2871 ; 2872 dtstart: VAR_DNSTAP 2873 { 2874 OUTYY(("\nP(dnstap:)\n")); 2875 } 2876 ; 2877 contents_dt: contents_dt content_dt 2878 | ; 2879 content_dt: dt_dnstap_enable | dt_dnstap_socket_path | dt_dnstap_bidirectional | 2880 dt_dnstap_ip | dt_dnstap_tls | dt_dnstap_tls_server_name | 2881 dt_dnstap_tls_cert_bundle | 2882 dt_dnstap_tls_client_key_file | dt_dnstap_tls_client_cert_file | 2883 dt_dnstap_send_identity | dt_dnstap_send_version | 2884 dt_dnstap_identity | dt_dnstap_version | 2885 dt_dnstap_log_resolver_query_messages | 2886 dt_dnstap_log_resolver_response_messages | 2887 dt_dnstap_log_client_query_messages | 2888 dt_dnstap_log_client_response_messages | 2889 dt_dnstap_log_forwarder_query_messages | 2890 dt_dnstap_log_forwarder_response_messages 2891 ; 2892 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG 2893 { 2894 OUTYY(("P(dt_dnstap_enable:%s)\n", $2)); 2895 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2896 yyerror("expected yes or no."); 2897 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0); 2898 free($2); 2899 } 2900 ; 2901 dt_dnstap_bidirectional: VAR_DNSTAP_BIDIRECTIONAL STRING_ARG 2902 { 2903 OUTYY(("P(dt_dnstap_bidirectional:%s)\n", $2)); 2904 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2905 yyerror("expected yes or no."); 2906 else cfg_parser->cfg->dnstap_bidirectional = 2907 (strcmp($2, "yes")==0); 2908 free($2); 2909 } 2910 ; 2911 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG 2912 { 2913 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2)); 2914 free(cfg_parser->cfg->dnstap_socket_path); 2915 cfg_parser->cfg->dnstap_socket_path = $2; 2916 } 2917 ; 2918 dt_dnstap_ip: VAR_DNSTAP_IP STRING_ARG 2919 { 2920 OUTYY(("P(dt_dnstap_ip:%s)\n", $2)); 2921 free(cfg_parser->cfg->dnstap_ip); 2922 cfg_parser->cfg->dnstap_ip = $2; 2923 } 2924 ; 2925 dt_dnstap_tls: VAR_DNSTAP_TLS STRING_ARG 2926 { 2927 OUTYY(("P(dt_dnstap_tls:%s)\n", $2)); 2928 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2929 yyerror("expected yes or no."); 2930 else cfg_parser->cfg->dnstap_tls = (strcmp($2, "yes")==0); 2931 free($2); 2932 } 2933 ; 2934 dt_dnstap_tls_server_name: VAR_DNSTAP_TLS_SERVER_NAME STRING_ARG 2935 { 2936 OUTYY(("P(dt_dnstap_tls_server_name:%s)\n", $2)); 2937 free(cfg_parser->cfg->dnstap_tls_server_name); 2938 cfg_parser->cfg->dnstap_tls_server_name = $2; 2939 } 2940 ; 2941 dt_dnstap_tls_cert_bundle: VAR_DNSTAP_TLS_CERT_BUNDLE STRING_ARG 2942 { 2943 OUTYY(("P(dt_dnstap_tls_cert_bundle:%s)\n", $2)); 2944 free(cfg_parser->cfg->dnstap_tls_cert_bundle); 2945 cfg_parser->cfg->dnstap_tls_cert_bundle = $2; 2946 } 2947 ; 2948 dt_dnstap_tls_client_key_file: VAR_DNSTAP_TLS_CLIENT_KEY_FILE STRING_ARG 2949 { 2950 OUTYY(("P(dt_dnstap_tls_client_key_file:%s)\n", $2)); 2951 free(cfg_parser->cfg->dnstap_tls_client_key_file); 2952 cfg_parser->cfg->dnstap_tls_client_key_file = $2; 2953 } 2954 ; 2955 dt_dnstap_tls_client_cert_file: VAR_DNSTAP_TLS_CLIENT_CERT_FILE STRING_ARG 2956 { 2957 OUTYY(("P(dt_dnstap_tls_client_cert_file:%s)\n", $2)); 2958 free(cfg_parser->cfg->dnstap_tls_client_cert_file); 2959 cfg_parser->cfg->dnstap_tls_client_cert_file = $2; 2960 } 2961 ; 2962 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG 2963 { 2964 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2)); 2965 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2966 yyerror("expected yes or no."); 2967 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0); 2968 free($2); 2969 } 2970 ; 2971 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG 2972 { 2973 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2)); 2974 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2975 yyerror("expected yes or no."); 2976 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0); 2977 free($2); 2978 } 2979 ; 2980 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG 2981 { 2982 OUTYY(("P(dt_dnstap_identity:%s)\n", $2)); 2983 free(cfg_parser->cfg->dnstap_identity); 2984 cfg_parser->cfg->dnstap_identity = $2; 2985 } 2986 ; 2987 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG 2988 { 2989 OUTYY(("P(dt_dnstap_version:%s)\n", $2)); 2990 free(cfg_parser->cfg->dnstap_version); 2991 cfg_parser->cfg->dnstap_version = $2; 2992 } 2993 ; 2994 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG 2995 { 2996 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2)); 2997 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2998 yyerror("expected yes or no."); 2999 else cfg_parser->cfg->dnstap_log_resolver_query_messages = 3000 (strcmp($2, "yes")==0); 3001 free($2); 3002 } 3003 ; 3004 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG 3005 { 3006 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2)); 3007 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3008 yyerror("expected yes or no."); 3009 else cfg_parser->cfg->dnstap_log_resolver_response_messages = 3010 (strcmp($2, "yes")==0); 3011 free($2); 3012 } 3013 ; 3014 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG 3015 { 3016 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2)); 3017 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3018 yyerror("expected yes or no."); 3019 else cfg_parser->cfg->dnstap_log_client_query_messages = 3020 (strcmp($2, "yes")==0); 3021 free($2); 3022 } 3023 ; 3024 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG 3025 { 3026 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2)); 3027 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3028 yyerror("expected yes or no."); 3029 else cfg_parser->cfg->dnstap_log_client_response_messages = 3030 (strcmp($2, "yes")==0); 3031 free($2); 3032 } 3033 ; 3034 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG 3035 { 3036 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2)); 3037 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3038 yyerror("expected yes or no."); 3039 else cfg_parser->cfg->dnstap_log_forwarder_query_messages = 3040 (strcmp($2, "yes")==0); 3041 free($2); 3042 } 3043 ; 3044 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG 3045 { 3046 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2)); 3047 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3048 yyerror("expected yes or no."); 3049 else cfg_parser->cfg->dnstap_log_forwarder_response_messages = 3050 (strcmp($2, "yes")==0); 3051 free($2); 3052 } 3053 ; 3054 pythonstart: VAR_PYTHON 3055 { 3056 OUTYY(("\nP(python:)\n")); 3057 } 3058 ; 3059 contents_py: contents_py content_py 3060 | ; 3061 content_py: py_script 3062 ; 3063 py_script: VAR_PYTHON_SCRIPT STRING_ARG 3064 { 3065 OUTYY(("P(python-script:%s)\n", $2)); 3066 if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, $2)) 3067 yyerror("out of memory"); 3068 } 3069 dynlibstart: VAR_DYNLIB 3070 { 3071 OUTYY(("\nP(dynlib:)\n")); 3072 } 3073 ; 3074 contents_dl: contents_dl content_dl 3075 | ; 3076 content_dl: dl_file 3077 ; 3078 dl_file: VAR_DYNLIB_FILE STRING_ARG 3079 { 3080 OUTYY(("P(dynlib-file:%s)\n", $2)); 3081 if(!cfg_strlist_append_ex(&cfg_parser->cfg->dynlib_file, $2)) 3082 yyerror("out of memory"); 3083 } 3084 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG 3085 { 3086 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2)); 3087 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3088 yyerror("expected yes or no."); 3089 else cfg_parser->cfg->disable_dnssec_lame_check = 3090 (strcmp($2, "yes")==0); 3091 free($2); 3092 } 3093 ; 3094 server_log_identity: VAR_LOG_IDENTITY STRING_ARG 3095 { 3096 OUTYY(("P(server_log_identity:%s)\n", $2)); 3097 free(cfg_parser->cfg->log_identity); 3098 cfg_parser->cfg->log_identity = $2; 3099 } 3100 ; 3101 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 3102 { 3103 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3)); 3104 validate_respip_action($3); 3105 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions, 3106 $2, $3)) 3107 fatal_exit("out of memory adding response-ip"); 3108 } 3109 ; 3110 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 3111 { 3112 OUTYY(("P(server_response_ip_data:%s)\n", $2)); 3113 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data, 3114 $2, $3)) 3115 fatal_exit("out of memory adding response-ip-data"); 3116 } 3117 ; 3118 dnscstart: VAR_DNSCRYPT 3119 { 3120 OUTYY(("\nP(dnscrypt:)\n")); 3121 } 3122 ; 3123 contents_dnsc: contents_dnsc content_dnsc 3124 | ; 3125 content_dnsc: 3126 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider | 3127 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert | 3128 dnsc_dnscrypt_provider_cert_rotated | 3129 dnsc_dnscrypt_shared_secret_cache_size | 3130 dnsc_dnscrypt_shared_secret_cache_slabs | 3131 dnsc_dnscrypt_nonce_cache_size | 3132 dnsc_dnscrypt_nonce_cache_slabs 3133 ; 3134 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG 3135 { 3136 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2)); 3137 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3138 yyerror("expected yes or no."); 3139 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0); 3140 free($2); 3141 } 3142 ; 3143 3144 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG 3145 { 3146 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2)); 3147 if(atoi($2) == 0) 3148 yyerror("port number expected"); 3149 else cfg_parser->cfg->dnscrypt_port = atoi($2); 3150 free($2); 3151 } 3152 ; 3153 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG 3154 { 3155 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2)); 3156 free(cfg_parser->cfg->dnscrypt_provider); 3157 cfg_parser->cfg->dnscrypt_provider = $2; 3158 } 3159 ; 3160 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG 3161 { 3162 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2)); 3163 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3164 log_warn("dnscrypt-provider-cert %s is a duplicate", $2); 3165 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3166 fatal_exit("out of memory adding dnscrypt-provider-cert"); 3167 } 3168 ; 3169 dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG 3170 { 3171 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2)); 3172 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2)) 3173 fatal_exit("out of memory adding dnscrypt-provider-cert-rotated"); 3174 } 3175 ; 3176 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG 3177 { 3178 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2)); 3179 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2)) 3180 log_warn("dnscrypt-secret-key: %s is a duplicate", $2); 3181 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2)) 3182 fatal_exit("out of memory adding dnscrypt-secret-key"); 3183 } 3184 ; 3185 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG 3186 { 3187 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2)); 3188 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size)) 3189 yyerror("memory size expected"); 3190 free($2); 3191 } 3192 ; 3193 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG 3194 { 3195 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2)); 3196 if(atoi($2) == 0) 3197 yyerror("number expected"); 3198 else { 3199 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2); 3200 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs)) 3201 yyerror("must be a power of 2"); 3202 } 3203 free($2); 3204 } 3205 ; 3206 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG 3207 { 3208 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2)); 3209 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size)) 3210 yyerror("memory size expected"); 3211 free($2); 3212 } 3213 ; 3214 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG 3215 { 3216 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2)); 3217 if(atoi($2) == 0) 3218 yyerror("number expected"); 3219 else { 3220 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2); 3221 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs)) 3222 yyerror("must be a power of 2"); 3223 } 3224 free($2); 3225 } 3226 ; 3227 cachedbstart: VAR_CACHEDB 3228 { 3229 OUTYY(("\nP(cachedb:)\n")); 3230 } 3231 ; 3232 contents_cachedb: contents_cachedb content_cachedb 3233 | ; 3234 content_cachedb: cachedb_backend_name | cachedb_secret_seed | 3235 redis_server_host | redis_server_port | redis_timeout | 3236 redis_expire_records 3237 ; 3238 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG 3239 { 3240 #ifdef USE_CACHEDB 3241 OUTYY(("P(backend:%s)\n", $2)); 3242 free(cfg_parser->cfg->cachedb_backend); 3243 cfg_parser->cfg->cachedb_backend = $2; 3244 #else 3245 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3246 free($2); 3247 #endif 3248 } 3249 ; 3250 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG 3251 { 3252 #ifdef USE_CACHEDB 3253 OUTYY(("P(secret-seed:%s)\n", $2)); 3254 free(cfg_parser->cfg->cachedb_secret); 3255 cfg_parser->cfg->cachedb_secret = $2; 3256 #else 3257 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3258 free($2); 3259 #endif 3260 } 3261 ; 3262 redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG 3263 { 3264 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3265 OUTYY(("P(redis_server_host:%s)\n", $2)); 3266 free(cfg_parser->cfg->redis_server_host); 3267 cfg_parser->cfg->redis_server_host = $2; 3268 #else 3269 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3270 free($2); 3271 #endif 3272 } 3273 ; 3274 redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG 3275 { 3276 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3277 int port; 3278 OUTYY(("P(redis_server_port:%s)\n", $2)); 3279 port = atoi($2); 3280 if(port == 0 || port < 0 || port > 65535) 3281 yyerror("valid redis server port number expected"); 3282 else cfg_parser->cfg->redis_server_port = port; 3283 #else 3284 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3285 #endif 3286 free($2); 3287 } 3288 ; 3289 redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG 3290 { 3291 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3292 OUTYY(("P(redis_timeout:%s)\n", $2)); 3293 if(atoi($2) == 0) 3294 yyerror("redis timeout value expected"); 3295 else cfg_parser->cfg->redis_timeout = atoi($2); 3296 #else 3297 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3298 #endif 3299 free($2); 3300 } 3301 ; 3302 redis_expire_records: VAR_CACHEDB_REDISEXPIRERECORDS STRING_ARG 3303 { 3304 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3305 OUTYY(("P(redis_expire_records:%s)\n", $2)); 3306 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3307 yyerror("expected yes or no."); 3308 else cfg_parser->cfg->redis_expire_records = (strcmp($2, "yes")==0); 3309 #else 3310 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3311 #endif 3312 free($2); 3313 } 3314 ; 3315 server_tcp_connection_limit: VAR_TCP_CONNECTION_LIMIT STRING_ARG STRING_ARG 3316 { 3317 OUTYY(("P(server_tcp_connection_limit:%s %s)\n", $2, $3)); 3318 if (atoi($3) < 0) 3319 yyerror("positive number expected"); 3320 else { 3321 if(!cfg_str2list_insert(&cfg_parser->cfg->tcp_connection_limits, $2, $3)) 3322 fatal_exit("out of memory adding tcp connection limit"); 3323 } 3324 } 3325 ; 3326 ipsetstart: VAR_IPSET 3327 { 3328 OUTYY(("\nP(ipset:)\n")); 3329 } 3330 ; 3331 contents_ipset: contents_ipset content_ipset 3332 | ; 3333 content_ipset: ipset_name_v4 | ipset_name_v6 3334 ; 3335 ipset_name_v4: VAR_IPSET_NAME_V4 STRING_ARG 3336 { 3337 #ifdef USE_IPSET 3338 OUTYY(("P(name-v4:%s)\n", $2)); 3339 if(cfg_parser->cfg->ipset_name_v4) 3340 yyerror("ipset name v4 override, there must be one " 3341 "name for ip v4"); 3342 free(cfg_parser->cfg->ipset_name_v4); 3343 cfg_parser->cfg->ipset_name_v4 = $2; 3344 #else 3345 OUTYY(("P(Compiled without ipset, ignoring)\n")); 3346 free($2); 3347 #endif 3348 } 3349 ; 3350 ipset_name_v6: VAR_IPSET_NAME_V6 STRING_ARG 3351 { 3352 #ifdef USE_IPSET 3353 OUTYY(("P(name-v6:%s)\n", $2)); 3354 if(cfg_parser->cfg->ipset_name_v6) 3355 yyerror("ipset name v6 override, there must be one " 3356 "name for ip v6"); 3357 free(cfg_parser->cfg->ipset_name_v6); 3358 cfg_parser->cfg->ipset_name_v6 = $2; 3359 #else 3360 OUTYY(("P(Compiled without ipset, ignoring)\n")); 3361 free($2); 3362 #endif 3363 } 3364 ; 3365 %% 3366 3367 /* parse helper routines could be here */ 3368 static void 3369 validate_respip_action(const char* action) 3370 { 3371 if(strcmp(action, "deny")!=0 && 3372 strcmp(action, "redirect")!=0 && 3373 strcmp(action, "inform")!=0 && 3374 strcmp(action, "inform_deny")!=0 && 3375 strcmp(action, "always_transparent")!=0 && 3376 strcmp(action, "always_refuse")!=0 && 3377 strcmp(action, "always_nxdomain")!=0) 3378 { 3379 yyerror("response-ip action: expected deny, redirect, " 3380 "inform, inform_deny, always_transparent, " 3381 "always_refuse or always_nxdomain"); 3382 } 3383 } 3384 3385 3386