1 /* 2 * configparser.y -- yacc grammar for unbound configuration files 3 * 4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved. 5 * 6 * Copyright (c) 2007, NLnet Labs. All rights reserved. 7 * 8 * This software is open source. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * Redistributions of source code must retain the above copyright notice, 15 * this list of conditions and the following disclaimer. 16 * 17 * Redistributions in binary form must reproduce the above copyright notice, 18 * this list of conditions and the following disclaimer in the documentation 19 * and/or other materials provided with the distribution. 20 * 21 * Neither the name of the NLNET LABS nor the names of its contributors may 22 * be used to endorse or promote products derived from this software without 23 * specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38 %{ 39 #include "config.h" 40 41 #include <stdarg.h> 42 #include <stdio.h> 43 #include <string.h> 44 #include <stdlib.h> 45 #include <assert.h> 46 47 #include "util/configyyrename.h" 48 #include "util/config_file.h" 49 #include "util/net_help.h" 50 #include "sldns/str2wire.h" 51 52 int ub_c_lex(void); 53 void ub_c_error(const char *message); 54 55 static void validate_respip_action(const char* action); 56 static void validate_acl_action(const char* action); 57 58 /* these need to be global, otherwise they cannot be used inside yacc */ 59 extern struct config_parser_state* cfg_parser; 60 61 #if 0 62 #define OUTYY(s) printf s /* used ONLY when debugging */ 63 #else 64 #define OUTYY(s) 65 #endif 66 67 %} 68 %union { 69 char* str; 70 }; 71 72 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR 73 %token <str> STRING_ARG 74 %token VAR_FORCE_TOPLEVEL 75 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT 76 %token VAR_OUTGOING_RANGE VAR_INTERFACE VAR_PREFER_IP4 77 %token VAR_DO_IP4 VAR_DO_IP6 VAR_DO_NAT64 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP 78 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT 79 %token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT 80 %token VAR_SOCK_QUEUE_TIMEOUT 81 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE 82 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD 83 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP 84 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS 85 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME 86 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY 87 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES 88 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR 89 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION 90 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF 91 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE 92 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE 93 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE 94 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE 95 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG 96 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST 97 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL 98 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC 99 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID 100 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT 101 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR 102 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS 103 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE 104 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE 105 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE 106 %token VAR_CONTROL_USE_CERT VAR_TCP_REUSE_TIMEOUT VAR_MAX_REUSE_TCP_QUERIES 107 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT 108 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII 109 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN 110 %token VAR_VAL_SIG_SKEW_MAX VAR_VAL_MAX_RESTART VAR_CACHE_MIN_TTL 111 %token VAR_VAL_LOG_LEVEL VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING 112 %token VAR_ADD_HOLDDOWN VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE 113 %token VAR_PREFETCH VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT 114 %token VAR_HARDEN_BELOW_NXDOMAIN VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES 115 %token VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS VAR_TCP_UPSTREAM 116 %token VAR_SSL_UPSTREAM VAR_TCP_AUTH_QUERY_TIMEOUT VAR_SSL_SERVICE_KEY 117 %token VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST 118 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE 119 %token VAR_STUB_TCP_UPSTREAM VAR_FORWARD_TCP_UPSTREAM 120 %token VAR_HTTPS_PORT VAR_HTTP_ENDPOINT VAR_HTTP_MAX_STREAMS 121 %token VAR_HTTP_QUERY_BUFFER_SIZE VAR_HTTP_RESPONSE_BUFFER_SIZE 122 %token VAR_HTTP_NODELAY VAR_HTTP_NOTLS_DOWNSTREAM 123 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN 124 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE VAR_UDP_CONNECT 125 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES 126 %token VAR_INFRA_CACHE_MIN_RTT VAR_INFRA_CACHE_MAX_RTT VAR_INFRA_KEEP_PROBING 127 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA 128 %token VAR_NAT64_PREFIX 129 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH VAR_DNSTAP_IP 130 %token VAR_DNSTAP_TLS VAR_DNSTAP_TLS_SERVER_NAME VAR_DNSTAP_TLS_CERT_BUNDLE 131 %token VAR_DNSTAP_TLS_CLIENT_KEY_FILE VAR_DNSTAP_TLS_CLIENT_CERT_FILE 132 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION VAR_DNSTAP_BIDIRECTIONAL 133 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION 134 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 135 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 136 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 137 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 138 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 139 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 140 %token VAR_DNSTAP_SAMPLE_RATE 141 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA 142 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT 143 %token VAR_IP_DSCP 144 %token VAR_DISABLE_DNSSEC_LAME_CHECK 145 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE 146 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE 147 %token VAR_OUTBOUND_MSG_RETRY VAR_MAX_SENT_COUNT VAR_MAX_QUERY_RESTARTS 148 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN 149 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR 150 %token VAR_IP_RATELIMIT_BACKOFF VAR_RATELIMIT_BACKOFF 151 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE 152 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE 153 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6 154 %token VAR_MIN_CLIENT_SUBNET_IPV4 VAR_MIN_CLIENT_SUBNET_IPV6 155 %token VAR_MAX_ECS_TREE_SIZE_IPV4 VAR_MAX_ECS_TREE_SIZE_IPV6 156 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN 157 %token VAR_CACHE_MIN_NEGATIVE_TTL 158 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND 159 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG 160 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION 161 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW 162 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_SERVE_EXPIRED_TTL 163 %token VAR_SERVE_EXPIRED_TTL_RESET VAR_SERVE_EXPIRED_REPLY_TTL 164 %token VAR_SERVE_EXPIRED_CLIENT_TIMEOUT VAR_EDE_SERVE_EXPIRED 165 %token VAR_SERVE_ORIGINAL_TTL VAR_FAKE_DSA 166 %token VAR_FAKE_SHA1 VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR 167 %token VAR_HIDE_HTTP_USER_AGENT VAR_HTTP_USER_AGENT 168 %token VAR_TRUST_ANCHOR_SIGNALING VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD 169 %token VAR_SHM_ENABLE VAR_SHM_KEY VAR_ROOT_KEY_SENTINEL 170 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER 171 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT 172 %token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 173 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 174 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 175 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE 176 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS 177 %token VAR_PAD_RESPONSES VAR_PAD_RESPONSES_BLOCK_SIZE 178 %token VAR_PAD_QUERIES VAR_PAD_QUERIES_BLOCK_SIZE 179 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS 180 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT 181 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED 182 %token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISREPLICAHOST 183 %token VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISREPLICAPORT 184 %token VAR_CACHEDB_REDISTIMEOUT VAR_CACHEDB_REDISREPLICATIMEOUT 185 %token VAR_CACHEDB_REDISEXPIRERECORDS 186 %token VAR_CACHEDB_REDISPATH VAR_CACHEDB_REDISREPLICAPATH 187 %token VAR_CACHEDB_REDISPASSWORD VAR_CACHEDB_REDISREPLICAPASSWORD 188 %token VAR_CACHEDB_REDISLOGICALDB VAR_CACHEDB_REDISREPLICALOGICALDB 189 %token VAR_CACHEDB_REDISCOMMANDTIMEOUT VAR_CACHEDB_REDISREPLICACOMMANDTIMEOUT 190 %token VAR_CACHEDB_REDISCONNECTTIMEOUT VAR_CACHEDB_REDISREPLICACONNECTTIMEOUT 191 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM 192 %token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM 193 %token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL 194 %token VAR_FAST_SERVER_PERMIL VAR_FAST_SERVER_NUM 195 %token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT VAR_TCP_CONNECTION_LIMIT 196 %token VAR_ANSWER_COOKIE VAR_COOKIE_SECRET VAR_IP_RATELIMIT_COOKIE 197 %token VAR_FORWARD_NO_CACHE VAR_STUB_NO_CACHE VAR_LOG_SERVFAIL VAR_DENY_ANY 198 %token VAR_UNKNOWN_SERVER_TIME_LIMIT VAR_LOG_TAG_QUERYREPLY 199 %token VAR_DISCARD_TIMEOUT VAR_WAIT_LIMIT VAR_WAIT_LIMIT_COOKIE 200 %token VAR_WAIT_LIMIT_NETBLOCK VAR_WAIT_LIMIT_COOKIE_NETBLOCK 201 %token VAR_STREAM_WAIT_SIZE VAR_TLS_CIPHERS VAR_TLS_CIPHERSUITES VAR_TLS_USE_SNI 202 %token VAR_IPSET VAR_IPSET_NAME_V4 VAR_IPSET_NAME_V6 203 %token VAR_TLS_SESSION_TICKET_KEYS VAR_RPZ VAR_TAGS VAR_RPZ_ACTION_OVERRIDE 204 %token VAR_RPZ_CNAME_OVERRIDE VAR_RPZ_LOG VAR_RPZ_LOG_NAME 205 %token VAR_DYNLIB VAR_DYNLIB_FILE VAR_EDNS_CLIENT_STRING 206 %token VAR_EDNS_CLIENT_STRING_OPCODE VAR_NSID 207 %token VAR_ZONEMD_PERMISSIVE_MODE VAR_ZONEMD_CHECK VAR_ZONEMD_REJECT_ABSENCE 208 %token VAR_RPZ_SIGNAL_NXDOMAIN_RA VAR_INTERFACE_AUTOMATIC_PORTS VAR_EDE 209 %token VAR_DNS_ERROR_REPORTING 210 %token VAR_INTERFACE_ACTION VAR_INTERFACE_VIEW VAR_INTERFACE_TAG 211 %token VAR_INTERFACE_TAG_ACTION VAR_INTERFACE_TAG_DATA 212 %token VAR_QUIC_PORT VAR_QUIC_SIZE 213 %token VAR_PROXY_PROTOCOL_PORT VAR_STATISTICS_INHIBIT_ZERO 214 %token VAR_HARDEN_UNKNOWN_ADDITIONAL VAR_DISABLE_EDNS_DO VAR_CACHEDB_NO_STORE 215 %token VAR_LOG_DESTADDR VAR_CACHEDB_CHECK_WHEN_SERVE_EXPIRED 216 %token VAR_COOKIE_SECRET_FILE VAR_ITER_SCRUB_NS VAR_ITER_SCRUB_CNAME 217 %token VAR_MAX_GLOBAL_QUOTA VAR_HARDEN_UNVERIFIED_GLUE VAR_LOG_TIME_ISO 218 %token VAR_ITER_SCRUB_PROMISCUOUS 219 220 %% 221 toplevelvars: /* empty */ | toplevelvars toplevelvar ; 222 toplevelvar: serverstart contents_server | stub_clause | 223 forward_clause | pythonstart contents_py | 224 rcstart contents_rc | dtstart contents_dt | view_clause | 225 dnscstart contents_dnsc | cachedbstart contents_cachedb | 226 ipsetstart contents_ipset | authstart contents_auth | 227 rpzstart contents_rpz | dynlibstart contents_dl | 228 force_toplevel 229 ; 230 force_toplevel: VAR_FORCE_TOPLEVEL 231 { 232 OUTYY(("\nP(force-toplevel)\n")); 233 cfg_parser->started_toplevel = 0; 234 } 235 ; 236 /* server: declaration */ 237 serverstart: VAR_SERVER 238 { 239 OUTYY(("\nP(server:)\n")); 240 cfg_parser->started_toplevel = 1; 241 } 242 ; 243 contents_server: contents_server content_server 244 | ; 245 content_server: server_num_threads | server_verbosity | server_port | 246 server_outgoing_range | server_do_ip4 | 247 server_do_ip6 | server_do_nat64 | server_prefer_ip4 | 248 server_prefer_ip6 | server_do_udp | server_do_tcp | 249 server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout | 250 server_tcp_keepalive | server_tcp_keepalive_timeout | 251 server_sock_queue_timeout | 252 server_interface | server_chroot | server_username | 253 server_directory | server_logfile | server_pidfile | 254 server_msg_cache_size | server_msg_cache_slabs | 255 server_num_queries_per_thread | server_rrset_cache_size | 256 server_rrset_cache_slabs | server_outgoing_num_tcp | 257 server_infra_host_ttl | server_infra_lame_ttl | 258 server_infra_cache_slabs | server_infra_cache_numhosts | 259 server_infra_cache_lame_size | server_target_fetch_policy | 260 server_harden_short_bufsize | server_harden_large_queries | 261 server_do_not_query_address | server_hide_identity | 262 server_hide_version | server_identity | server_version | 263 server_hide_http_user_agent | server_http_user_agent | 264 server_harden_glue | server_module_conf | server_trust_anchor_file | 265 server_trust_anchor | server_val_override_date | server_bogus_ttl | 266 server_val_clean_additional | server_val_permissive_mode | 267 server_incoming_num_tcp | server_msg_buffer_size | 268 server_key_cache_size | server_key_cache_slabs | 269 server_trusted_keys_file | server_val_nsec3_keysize_iterations | 270 server_use_syslog | server_outgoing_interface | server_root_hints | 271 server_do_not_query_localhost | server_cache_max_ttl | 272 server_harden_dnssec_stripped | server_access_control | 273 server_local_zone | server_local_data | server_interface_automatic | 274 server_statistics_interval | server_do_daemonize | 275 server_use_caps_for_id | server_statistics_cumulative | 276 server_outgoing_port_permit | server_outgoing_port_avoid | 277 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size | 278 server_harden_referral_path | server_private_address | 279 server_private_domain | server_extended_statistics | 280 server_local_data_ptr | server_jostle_timeout | 281 server_unwanted_reply_threshold | server_log_time_ascii | 282 server_domain_insecure | server_val_sig_skew_min | 283 server_val_sig_skew_max | server_val_max_restart | 284 server_cache_min_ttl | server_val_log_level | 285 server_auto_trust_anchor_file | server_add_holddown | 286 server_del_holddown | server_keep_missing | server_so_rcvbuf | 287 server_edns_buffer_size | server_prefetch | server_prefetch_key | 288 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag | 289 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream | 290 server_log_local_actions | 291 server_ssl_service_key | server_ssl_service_pem | server_ssl_port | 292 server_https_port | server_http_endpoint | server_http_max_streams | 293 server_http_query_buffer_size | server_http_response_buffer_size | 294 server_http_nodelay | server_http_notls_downstream | 295 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size | 296 server_so_reuseport | server_delay_close | server_udp_connect | 297 server_unblock_lan_zones | server_insecure_lan_zones | 298 server_dns64_prefix | server_dns64_synthall | server_dns64_ignore_aaaa | 299 server_nat64_prefix | 300 server_infra_cache_min_rtt | server_infra_cache_max_rtt | server_harden_algo_downgrade | 301 server_ip_transparent | server_ip_ratelimit | server_ratelimit | 302 server_ip_dscp | server_infra_keep_probing | 303 server_ip_ratelimit_slabs | server_ratelimit_slabs | 304 server_ip_ratelimit_size | server_ratelimit_size | 305 server_ratelimit_for_domain | 306 server_ratelimit_below_domain | server_ratelimit_factor | 307 server_ip_ratelimit_factor | server_ratelimit_backoff | 308 server_ip_ratelimit_backoff | server_outbound_msg_retry | 309 server_max_sent_count | server_max_query_restarts | 310 server_send_client_subnet | server_client_subnet_zone | 311 server_client_subnet_always_forward | server_client_subnet_opcode | 312 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 | 313 server_min_client_subnet_ipv4 | server_min_client_subnet_ipv6 | 314 server_max_ecs_tree_size_ipv4 | server_max_ecs_tree_size_ipv6 | 315 server_caps_whitelist | server_cache_max_negative_ttl | 316 server_cache_min_negative_ttl | 317 server_permit_small_holddown | server_qname_minimisation | 318 server_ip_freebind | server_define_tag | server_local_zone_tag | 319 server_disable_dnssec_lame_check | server_access_control_tag | 320 server_local_zone_override | server_access_control_tag_action | 321 server_access_control_tag_data | server_access_control_view | 322 server_interface_action | server_interface_view | server_interface_tag | 323 server_interface_tag_action | server_interface_tag_data | 324 server_qname_minimisation_strict | 325 server_pad_responses | server_pad_responses_block_size | 326 server_pad_queries | server_pad_queries_block_size | 327 server_serve_expired | 328 server_serve_expired_ttl | server_serve_expired_ttl_reset | 329 server_serve_expired_reply_ttl | server_serve_expired_client_timeout | 330 server_ede_serve_expired | server_serve_original_ttl | server_fake_dsa | 331 server_log_identity | server_use_systemd | 332 server_response_ip_tag | server_response_ip | server_response_ip_data | 333 server_shm_enable | server_shm_key | server_fake_sha1 | 334 server_hide_trustanchor | server_trust_anchor_signaling | 335 server_root_key_sentinel | 336 server_ipsecmod_enabled | server_ipsecmod_hook | 337 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl | 338 server_ipsecmod_whitelist | server_ipsecmod_strict | 339 server_udp_upstream_without_downstream | server_aggressive_nsec | 340 server_tls_cert_bundle | server_tls_additional_port | server_low_rtt | 341 server_fast_server_permil | server_fast_server_num | server_tls_win_cert | 342 server_tcp_connection_limit | server_log_servfail | server_deny_any | 343 server_unknown_server_time_limit | server_log_tag_queryreply | 344 server_discard_timeout | server_wait_limit | server_wait_limit_cookie | 345 server_wait_limit_netblock | server_wait_limit_cookie_netblock | 346 server_stream_wait_size | server_tls_ciphers | 347 server_tls_ciphersuites | server_tls_session_ticket_keys | 348 server_answer_cookie | server_cookie_secret | server_ip_ratelimit_cookie | 349 server_tls_use_sni | server_edns_client_string | 350 server_edns_client_string_opcode | server_nsid | 351 server_zonemd_permissive_mode | server_max_reuse_tcp_queries | 352 server_tcp_reuse_timeout | server_tcp_auth_query_timeout | 353 server_quic_port | server_quic_size | 354 server_interface_automatic_ports | server_ede | 355 server_dns_error_reporting | 356 server_proxy_protocol_port | server_statistics_inhibit_zero | 357 server_harden_unknown_additional | server_disable_edns_do | 358 server_log_destaddr | server_cookie_secret_file | 359 server_iter_scrub_ns | server_iter_scrub_cname | server_max_global_quota | 360 server_harden_unverified_glue | server_log_time_iso | server_iter_scrub_promiscuous 361 ; 362 stub_clause: stubstart contents_stub 363 { 364 /* stub end */ 365 if(cfg_parser->cfg->stubs && 366 !cfg_parser->cfg->stubs->name) 367 yyerror("stub-zone without name"); 368 } 369 ; 370 stubstart: VAR_STUB_ZONE 371 { 372 struct config_stub* s; 373 OUTYY(("\nP(stub_zone:)\n")); 374 cfg_parser->started_toplevel = 1; 375 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 376 if(s) { 377 s->next = cfg_parser->cfg->stubs; 378 cfg_parser->cfg->stubs = s; 379 } else { 380 yyerror("out of memory"); 381 } 382 } 383 ; 384 contents_stub: contents_stub content_stub 385 | ; 386 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first | 387 stub_no_cache | stub_ssl_upstream | stub_tcp_upstream 388 ; 389 forward_clause: forwardstart contents_forward 390 { 391 /* forward end */ 392 if(cfg_parser->cfg->forwards && 393 !cfg_parser->cfg->forwards->name) 394 yyerror("forward-zone without name"); 395 } 396 ; 397 forwardstart: VAR_FORWARD_ZONE 398 { 399 struct config_stub* s; 400 OUTYY(("\nP(forward_zone:)\n")); 401 cfg_parser->started_toplevel = 1; 402 s = (struct config_stub*)calloc(1, sizeof(struct config_stub)); 403 if(s) { 404 s->next = cfg_parser->cfg->forwards; 405 cfg_parser->cfg->forwards = s; 406 } else { 407 yyerror("out of memory"); 408 } 409 } 410 ; 411 contents_forward: contents_forward content_forward 412 | ; 413 content_forward: forward_name | forward_host | forward_addr | forward_first | 414 forward_no_cache | forward_ssl_upstream | forward_tcp_upstream 415 ; 416 view_clause: viewstart contents_view 417 { 418 /* view end */ 419 if(cfg_parser->cfg->views && 420 !cfg_parser->cfg->views->name) 421 yyerror("view without name"); 422 } 423 ; 424 viewstart: VAR_VIEW 425 { 426 struct config_view* s; 427 OUTYY(("\nP(view:)\n")); 428 cfg_parser->started_toplevel = 1; 429 s = (struct config_view*)calloc(1, sizeof(struct config_view)); 430 if(s) { 431 s->next = cfg_parser->cfg->views; 432 cfg_parser->cfg->views = s; 433 } else { 434 yyerror("out of memory"); 435 } 436 } 437 ; 438 contents_view: contents_view content_view 439 | ; 440 content_view: view_name | view_local_zone | view_local_data | view_first | 441 view_response_ip | view_response_ip_data | view_local_data_ptr 442 ; 443 authstart: VAR_AUTH_ZONE 444 { 445 struct config_auth* s; 446 OUTYY(("\nP(auth_zone:)\n")); 447 cfg_parser->started_toplevel = 1; 448 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 449 if(s) { 450 s->next = cfg_parser->cfg->auths; 451 cfg_parser->cfg->auths = s; 452 /* defaults for auth zone */ 453 s->for_downstream = 1; 454 s->for_upstream = 1; 455 s->fallback_enabled = 0; 456 s->zonemd_check = 0; 457 s->zonemd_reject_absence = 0; 458 s->isrpz = 0; 459 } else { 460 yyerror("out of memory"); 461 } 462 } 463 ; 464 contents_auth: contents_auth content_auth 465 | ; 466 content_auth: auth_name | auth_zonefile | auth_master | auth_url | 467 auth_for_downstream | auth_for_upstream | auth_fallback_enabled | 468 auth_allow_notify | auth_zonemd_check | auth_zonemd_reject_absence 469 ; 470 471 rpz_tag: VAR_TAGS STRING_ARG 472 { 473 uint8_t* bitlist; 474 size_t len = 0; 475 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 476 bitlist = config_parse_taglist(cfg_parser->cfg, $2, 477 &len); 478 free($2); 479 if(!bitlist) { 480 yyerror("could not parse tags, (define-tag them first)"); 481 } 482 if(bitlist) { 483 cfg_parser->cfg->auths->rpz_taglist = bitlist; 484 cfg_parser->cfg->auths->rpz_taglistlen = len; 485 486 } 487 } 488 ; 489 490 rpz_action_override: VAR_RPZ_ACTION_OVERRIDE STRING_ARG 491 { 492 OUTYY(("P(rpz_action_override:%s)\n", $2)); 493 if(strcmp($2, "nxdomain")!=0 && strcmp($2, "nodata")!=0 && 494 strcmp($2, "passthru")!=0 && strcmp($2, "drop")!=0 && 495 strcmp($2, "cname")!=0 && strcmp($2, "disabled")!=0) { 496 yyerror("rpz-action-override action: expected nxdomain, " 497 "nodata, passthru, drop, cname or disabled"); 498 free($2); 499 cfg_parser->cfg->auths->rpz_action_override = NULL; 500 } 501 else { 502 cfg_parser->cfg->auths->rpz_action_override = $2; 503 } 504 } 505 ; 506 507 rpz_cname_override: VAR_RPZ_CNAME_OVERRIDE STRING_ARG 508 { 509 OUTYY(("P(rpz_cname_override:%s)\n", $2)); 510 free(cfg_parser->cfg->auths->rpz_cname); 511 cfg_parser->cfg->auths->rpz_cname = $2; 512 } 513 ; 514 515 rpz_log: VAR_RPZ_LOG STRING_ARG 516 { 517 OUTYY(("P(rpz_log:%s)\n", $2)); 518 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 519 yyerror("expected yes or no."); 520 else cfg_parser->cfg->auths->rpz_log = (strcmp($2, "yes")==0); 521 free($2); 522 } 523 ; 524 525 rpz_log_name: VAR_RPZ_LOG_NAME STRING_ARG 526 { 527 OUTYY(("P(rpz_log_name:%s)\n", $2)); 528 free(cfg_parser->cfg->auths->rpz_log_name); 529 cfg_parser->cfg->auths->rpz_log_name = $2; 530 } 531 ; 532 rpz_signal_nxdomain_ra: VAR_RPZ_SIGNAL_NXDOMAIN_RA STRING_ARG 533 { 534 OUTYY(("P(rpz_signal_nxdomain_ra:%s)\n", $2)); 535 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 536 yyerror("expected yes or no."); 537 else cfg_parser->cfg->auths->rpz_signal_nxdomain_ra = (strcmp($2, "yes")==0); 538 free($2); 539 } 540 ; 541 542 rpzstart: VAR_RPZ 543 { 544 struct config_auth* s; 545 OUTYY(("\nP(rpz:)\n")); 546 cfg_parser->started_toplevel = 1; 547 s = (struct config_auth*)calloc(1, sizeof(struct config_auth)); 548 if(s) { 549 s->next = cfg_parser->cfg->auths; 550 cfg_parser->cfg->auths = s; 551 /* defaults for RPZ auth zone */ 552 s->for_downstream = 0; 553 s->for_upstream = 0; 554 s->fallback_enabled = 0; 555 s->isrpz = 1; 556 } else { 557 yyerror("out of memory"); 558 } 559 } 560 ; 561 contents_rpz: contents_rpz content_rpz 562 | ; 563 content_rpz: auth_name | auth_zonefile | rpz_tag | auth_master | auth_url | 564 auth_allow_notify | rpz_action_override | rpz_cname_override | 565 rpz_log | rpz_log_name | rpz_signal_nxdomain_ra | auth_for_downstream 566 ; 567 server_num_threads: VAR_NUM_THREADS STRING_ARG 568 { 569 OUTYY(("P(server_num_threads:%s)\n", $2)); 570 if(atoi($2) == 0 && strcmp($2, "0") != 0) 571 yyerror("number expected"); 572 else cfg_parser->cfg->num_threads = atoi($2); 573 free($2); 574 } 575 ; 576 server_verbosity: VAR_VERBOSITY STRING_ARG 577 { 578 OUTYY(("P(server_verbosity:%s)\n", $2)); 579 if(atoi($2) == 0 && strcmp($2, "0") != 0) 580 yyerror("number expected"); 581 else cfg_parser->cfg->verbosity = atoi($2); 582 free($2); 583 } 584 ; 585 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG 586 { 587 OUTYY(("P(server_statistics_interval:%s)\n", $2)); 588 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 589 cfg_parser->cfg->stat_interval = 0; 590 else if(atoi($2) == 0) 591 yyerror("number expected"); 592 else cfg_parser->cfg->stat_interval = atoi($2); 593 free($2); 594 } 595 ; 596 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG 597 { 598 OUTYY(("P(server_statistics_cumulative:%s)\n", $2)); 599 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 600 yyerror("expected yes or no."); 601 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0); 602 free($2); 603 } 604 ; 605 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG 606 { 607 OUTYY(("P(server_extended_statistics:%s)\n", $2)); 608 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 609 yyerror("expected yes or no."); 610 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0); 611 free($2); 612 } 613 ; 614 server_statistics_inhibit_zero: VAR_STATISTICS_INHIBIT_ZERO STRING_ARG 615 { 616 OUTYY(("P(server_statistics_inhibit_zero:%s)\n", $2)); 617 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 618 yyerror("expected yes or no."); 619 else cfg_parser->cfg->stat_inhibit_zero = (strcmp($2, "yes")==0); 620 free($2); 621 } 622 ; 623 server_shm_enable: VAR_SHM_ENABLE STRING_ARG 624 { 625 OUTYY(("P(server_shm_enable:%s)\n", $2)); 626 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 627 yyerror("expected yes or no."); 628 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0); 629 free($2); 630 } 631 ; 632 server_shm_key: VAR_SHM_KEY STRING_ARG 633 { 634 OUTYY(("P(server_shm_key:%s)\n", $2)); 635 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0) 636 cfg_parser->cfg->shm_key = 0; 637 else if(atoi($2) == 0) 638 yyerror("number expected"); 639 else cfg_parser->cfg->shm_key = atoi($2); 640 free($2); 641 } 642 ; 643 server_port: VAR_PORT STRING_ARG 644 { 645 OUTYY(("P(server_port:%s)\n", $2)); 646 if(atoi($2) == 0) 647 yyerror("port number expected"); 648 else cfg_parser->cfg->port = atoi($2); 649 free($2); 650 } 651 ; 652 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG 653 { 654 #ifdef CLIENT_SUBNET 655 OUTYY(("P(server_send_client_subnet:%s)\n", $2)); 656 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2)) 657 fatal_exit("out of memory adding client-subnet"); 658 #else 659 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 660 free($2); 661 #endif 662 } 663 ; 664 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG 665 { 666 #ifdef CLIENT_SUBNET 667 OUTYY(("P(server_client_subnet_zone:%s)\n", $2)); 668 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone, 669 $2)) 670 fatal_exit("out of memory adding client-subnet-zone"); 671 #else 672 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 673 free($2); 674 #endif 675 } 676 ; 677 server_client_subnet_always_forward: 678 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG 679 { 680 #ifdef CLIENT_SUBNET 681 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2)); 682 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 683 yyerror("expected yes or no."); 684 else 685 cfg_parser->cfg->client_subnet_always_forward = 686 (strcmp($2, "yes")==0); 687 #else 688 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 689 #endif 690 free($2); 691 } 692 ; 693 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG 694 { 695 #ifdef CLIENT_SUBNET 696 OUTYY(("P(client_subnet_opcode:%s)\n", $2)); 697 OUTYY(("P(Deprecated option, ignoring)\n")); 698 #else 699 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 700 #endif 701 free($2); 702 } 703 ; 704 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG 705 { 706 #ifdef CLIENT_SUBNET 707 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2)); 708 if(atoi($2) == 0 && strcmp($2, "0") != 0) 709 yyerror("IPv4 subnet length expected"); 710 else if (atoi($2) > 32) 711 cfg_parser->cfg->max_client_subnet_ipv4 = 32; 712 else if (atoi($2) < 0) 713 cfg_parser->cfg->max_client_subnet_ipv4 = 0; 714 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2); 715 #else 716 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 717 #endif 718 free($2); 719 } 720 ; 721 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG 722 { 723 #ifdef CLIENT_SUBNET 724 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2)); 725 if(atoi($2) == 0 && strcmp($2, "0") != 0) 726 yyerror("Ipv6 subnet length expected"); 727 else if (atoi($2) > 128) 728 cfg_parser->cfg->max_client_subnet_ipv6 = 128; 729 else if (atoi($2) < 0) 730 cfg_parser->cfg->max_client_subnet_ipv6 = 0; 731 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2); 732 #else 733 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 734 #endif 735 free($2); 736 } 737 ; 738 server_min_client_subnet_ipv4: VAR_MIN_CLIENT_SUBNET_IPV4 STRING_ARG 739 { 740 #ifdef CLIENT_SUBNET 741 OUTYY(("P(min_client_subnet_ipv4:%s)\n", $2)); 742 if(atoi($2) == 0 && strcmp($2, "0") != 0) 743 yyerror("IPv4 subnet length expected"); 744 else if (atoi($2) > 32) 745 cfg_parser->cfg->min_client_subnet_ipv4 = 32; 746 else if (atoi($2) < 0) 747 cfg_parser->cfg->min_client_subnet_ipv4 = 0; 748 else cfg_parser->cfg->min_client_subnet_ipv4 = (uint8_t)atoi($2); 749 #else 750 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 751 #endif 752 free($2); 753 } 754 ; 755 server_min_client_subnet_ipv6: VAR_MIN_CLIENT_SUBNET_IPV6 STRING_ARG 756 { 757 #ifdef CLIENT_SUBNET 758 OUTYY(("P(min_client_subnet_ipv6:%s)\n", $2)); 759 if(atoi($2) == 0 && strcmp($2, "0") != 0) 760 yyerror("Ipv6 subnet length expected"); 761 else if (atoi($2) > 128) 762 cfg_parser->cfg->min_client_subnet_ipv6 = 128; 763 else if (atoi($2) < 0) 764 cfg_parser->cfg->min_client_subnet_ipv6 = 0; 765 else cfg_parser->cfg->min_client_subnet_ipv6 = (uint8_t)atoi($2); 766 #else 767 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 768 #endif 769 free($2); 770 } 771 ; 772 server_max_ecs_tree_size_ipv4: VAR_MAX_ECS_TREE_SIZE_IPV4 STRING_ARG 773 { 774 #ifdef CLIENT_SUBNET 775 OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", $2)); 776 if(atoi($2) == 0 && strcmp($2, "0") != 0) 777 yyerror("IPv4 ECS tree size expected"); 778 else if (atoi($2) < 0) 779 cfg_parser->cfg->max_ecs_tree_size_ipv4 = 0; 780 else cfg_parser->cfg->max_ecs_tree_size_ipv4 = (uint32_t)atoi($2); 781 #else 782 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 783 #endif 784 free($2); 785 } 786 ; 787 server_max_ecs_tree_size_ipv6: VAR_MAX_ECS_TREE_SIZE_IPV6 STRING_ARG 788 { 789 #ifdef CLIENT_SUBNET 790 OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", $2)); 791 if(atoi($2) == 0 && strcmp($2, "0") != 0) 792 yyerror("IPv6 ECS tree size expected"); 793 else if (atoi($2) < 0) 794 cfg_parser->cfg->max_ecs_tree_size_ipv6 = 0; 795 else cfg_parser->cfg->max_ecs_tree_size_ipv6 = (uint32_t)atoi($2); 796 #else 797 OUTYY(("P(Compiled without edns subnet option, ignoring)\n")); 798 #endif 799 free($2); 800 } 801 ; 802 server_interface: VAR_INTERFACE STRING_ARG 803 { 804 OUTYY(("P(server_interface:%s)\n", $2)); 805 if(cfg_parser->cfg->num_ifs == 0) 806 cfg_parser->cfg->ifs = calloc(1, sizeof(char*)); 807 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs, 808 (cfg_parser->cfg->num_ifs+1)*sizeof(char*)); 809 if(!cfg_parser->cfg->ifs) 810 yyerror("out of memory"); 811 else 812 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2; 813 } 814 ; 815 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG 816 { 817 OUTYY(("P(server_outgoing_interface:%s)\n", $2)); 818 if(cfg_parser->cfg->num_out_ifs == 0) 819 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*)); 820 else cfg_parser->cfg->out_ifs = realloc( 821 cfg_parser->cfg->out_ifs, 822 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*)); 823 if(!cfg_parser->cfg->out_ifs) 824 yyerror("out of memory"); 825 else 826 cfg_parser->cfg->out_ifs[ 827 cfg_parser->cfg->num_out_ifs++] = $2; 828 } 829 ; 830 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG 831 { 832 OUTYY(("P(server_outgoing_range:%s)\n", $2)); 833 if(atoi($2) == 0) 834 yyerror("number expected"); 835 else cfg_parser->cfg->outgoing_num_ports = atoi($2); 836 free($2); 837 } 838 ; 839 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG 840 { 841 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2)); 842 if(!cfg_mark_ports($2, 1, 843 cfg_parser->cfg->outgoing_avail_ports, 65536)) 844 yyerror("port number or range (\"low-high\") expected"); 845 free($2); 846 } 847 ; 848 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG 849 { 850 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2)); 851 if(!cfg_mark_ports($2, 0, 852 cfg_parser->cfg->outgoing_avail_ports, 65536)) 853 yyerror("port number or range (\"low-high\") expected"); 854 free($2); 855 } 856 ; 857 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG 858 { 859 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2)); 860 if(atoi($2) == 0 && strcmp($2, "0") != 0) 861 yyerror("number expected"); 862 else cfg_parser->cfg->outgoing_num_tcp = atoi($2); 863 free($2); 864 } 865 ; 866 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG 867 { 868 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2)); 869 if(atoi($2) == 0 && strcmp($2, "0") != 0) 870 yyerror("number expected"); 871 else cfg_parser->cfg->incoming_num_tcp = atoi($2); 872 free($2); 873 } 874 ; 875 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG 876 { 877 OUTYY(("P(server_interface_automatic:%s)\n", $2)); 878 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 879 yyerror("expected yes or no."); 880 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0); 881 free($2); 882 } 883 ; 884 server_interface_automatic_ports: VAR_INTERFACE_AUTOMATIC_PORTS STRING_ARG 885 { 886 OUTYY(("P(server_interface_automatic_ports:%s)\n", $2)); 887 free(cfg_parser->cfg->if_automatic_ports); 888 cfg_parser->cfg->if_automatic_ports = $2; 889 } 890 ; 891 server_do_ip4: VAR_DO_IP4 STRING_ARG 892 { 893 OUTYY(("P(server_do_ip4:%s)\n", $2)); 894 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 895 yyerror("expected yes or no."); 896 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0); 897 free($2); 898 } 899 ; 900 server_do_ip6: VAR_DO_IP6 STRING_ARG 901 { 902 OUTYY(("P(server_do_ip6:%s)\n", $2)); 903 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 904 yyerror("expected yes or no."); 905 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0); 906 free($2); 907 } 908 ; 909 server_do_nat64: VAR_DO_NAT64 STRING_ARG 910 { 911 OUTYY(("P(server_do_nat64:%s)\n", $2)); 912 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 913 yyerror("expected yes or no."); 914 else cfg_parser->cfg->do_nat64 = (strcmp($2, "yes")==0); 915 free($2); 916 } 917 ; 918 server_do_udp: VAR_DO_UDP STRING_ARG 919 { 920 OUTYY(("P(server_do_udp:%s)\n", $2)); 921 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 922 yyerror("expected yes or no."); 923 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0); 924 free($2); 925 } 926 ; 927 server_do_tcp: VAR_DO_TCP STRING_ARG 928 { 929 OUTYY(("P(server_do_tcp:%s)\n", $2)); 930 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 931 yyerror("expected yes or no."); 932 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0); 933 free($2); 934 } 935 ; 936 server_prefer_ip4: VAR_PREFER_IP4 STRING_ARG 937 { 938 OUTYY(("P(server_prefer_ip4:%s)\n", $2)); 939 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 940 yyerror("expected yes or no."); 941 else cfg_parser->cfg->prefer_ip4 = (strcmp($2, "yes")==0); 942 free($2); 943 } 944 ; 945 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG 946 { 947 OUTYY(("P(server_prefer_ip6:%s)\n", $2)); 948 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 949 yyerror("expected yes or no."); 950 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0); 951 free($2); 952 } 953 ; 954 server_tcp_mss: VAR_TCP_MSS STRING_ARG 955 { 956 OUTYY(("P(server_tcp_mss:%s)\n", $2)); 957 if(atoi($2) == 0 && strcmp($2, "0") != 0) 958 yyerror("number expected"); 959 else cfg_parser->cfg->tcp_mss = atoi($2); 960 free($2); 961 } 962 ; 963 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG 964 { 965 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2)); 966 if(atoi($2) == 0 && strcmp($2, "0") != 0) 967 yyerror("number expected"); 968 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2); 969 free($2); 970 } 971 ; 972 server_tcp_idle_timeout: VAR_TCP_IDLE_TIMEOUT STRING_ARG 973 { 974 OUTYY(("P(server_tcp_idle_timeout:%s)\n", $2)); 975 if(atoi($2) == 0 && strcmp($2, "0") != 0) 976 yyerror("number expected"); 977 else if (atoi($2) > 120000) 978 cfg_parser->cfg->tcp_idle_timeout = 120000; 979 else if (atoi($2) < 1) 980 cfg_parser->cfg->tcp_idle_timeout = 1; 981 else cfg_parser->cfg->tcp_idle_timeout = atoi($2); 982 free($2); 983 } 984 ; 985 server_max_reuse_tcp_queries: VAR_MAX_REUSE_TCP_QUERIES STRING_ARG 986 { 987 OUTYY(("P(server_max_reuse_tcp_queries:%s)\n", $2)); 988 if(atoi($2) == 0 && strcmp($2, "0") != 0) 989 yyerror("number expected"); 990 else if (atoi($2) < 1) 991 cfg_parser->cfg->max_reuse_tcp_queries = 0; 992 else cfg_parser->cfg->max_reuse_tcp_queries = atoi($2); 993 free($2); 994 } 995 ; 996 server_tcp_reuse_timeout: VAR_TCP_REUSE_TIMEOUT STRING_ARG 997 { 998 OUTYY(("P(server_tcp_reuse_timeout:%s)\n", $2)); 999 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1000 yyerror("number expected"); 1001 else if (atoi($2) < 1) 1002 cfg_parser->cfg->tcp_reuse_timeout = 0; 1003 else cfg_parser->cfg->tcp_reuse_timeout = atoi($2); 1004 free($2); 1005 } 1006 ; 1007 server_tcp_auth_query_timeout: VAR_TCP_AUTH_QUERY_TIMEOUT STRING_ARG 1008 { 1009 OUTYY(("P(server_tcp_auth_query_timeout:%s)\n", $2)); 1010 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1011 yyerror("number expected"); 1012 else if (atoi($2) < 1) 1013 cfg_parser->cfg->tcp_auth_query_timeout = 0; 1014 else cfg_parser->cfg->tcp_auth_query_timeout = atoi($2); 1015 free($2); 1016 } 1017 ; 1018 server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG 1019 { 1020 OUTYY(("P(server_tcp_keepalive:%s)\n", $2)); 1021 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1022 yyerror("expected yes or no."); 1023 else cfg_parser->cfg->do_tcp_keepalive = (strcmp($2, "yes")==0); 1024 free($2); 1025 } 1026 ; 1027 server_tcp_keepalive_timeout: VAR_EDNS_TCP_KEEPALIVE_TIMEOUT STRING_ARG 1028 { 1029 OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", $2)); 1030 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1031 yyerror("number expected"); 1032 else if (atoi($2) > 6553500) 1033 cfg_parser->cfg->tcp_keepalive_timeout = 6553500; 1034 else if (atoi($2) < 1) 1035 cfg_parser->cfg->tcp_keepalive_timeout = 0; 1036 else cfg_parser->cfg->tcp_keepalive_timeout = atoi($2); 1037 free($2); 1038 } 1039 ; 1040 server_sock_queue_timeout: VAR_SOCK_QUEUE_TIMEOUT STRING_ARG 1041 { 1042 OUTYY(("P(server_sock_queue_timeout:%s)\n", $2)); 1043 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1044 yyerror("number expected"); 1045 else if (atoi($2) > 6553500) 1046 cfg_parser->cfg->sock_queue_timeout = 6553500; 1047 else if (atoi($2) < 1) 1048 cfg_parser->cfg->sock_queue_timeout = 0; 1049 else cfg_parser->cfg->sock_queue_timeout = atoi($2); 1050 free($2); 1051 } 1052 ; 1053 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG 1054 { 1055 OUTYY(("P(server_tcp_upstream:%s)\n", $2)); 1056 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1057 yyerror("expected yes or no."); 1058 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0); 1059 free($2); 1060 } 1061 ; 1062 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG 1063 { 1064 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2)); 1065 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1066 yyerror("expected yes or no."); 1067 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0); 1068 free($2); 1069 } 1070 ; 1071 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG 1072 { 1073 OUTYY(("P(server_ssl_upstream:%s)\n", $2)); 1074 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1075 yyerror("expected yes or no."); 1076 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0); 1077 free($2); 1078 } 1079 ; 1080 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG 1081 { 1082 OUTYY(("P(server_ssl_service_key:%s)\n", $2)); 1083 free(cfg_parser->cfg->ssl_service_key); 1084 cfg_parser->cfg->ssl_service_key = $2; 1085 } 1086 ; 1087 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG 1088 { 1089 OUTYY(("P(server_ssl_service_pem:%s)\n", $2)); 1090 free(cfg_parser->cfg->ssl_service_pem); 1091 cfg_parser->cfg->ssl_service_pem = $2; 1092 } 1093 ; 1094 server_ssl_port: VAR_SSL_PORT STRING_ARG 1095 { 1096 OUTYY(("P(server_ssl_port:%s)\n", $2)); 1097 if(atoi($2) == 0) 1098 yyerror("port number expected"); 1099 else cfg_parser->cfg->ssl_port = atoi($2); 1100 free($2); 1101 } 1102 ; 1103 server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG 1104 { 1105 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2)); 1106 free(cfg_parser->cfg->tls_cert_bundle); 1107 cfg_parser->cfg->tls_cert_bundle = $2; 1108 } 1109 ; 1110 server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG 1111 { 1112 OUTYY(("P(server_tls_win_cert:%s)\n", $2)); 1113 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1114 yyerror("expected yes or no."); 1115 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0); 1116 free($2); 1117 } 1118 ; 1119 server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG 1120 { 1121 OUTYY(("P(server_tls_additional_port:%s)\n", $2)); 1122 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port, 1123 $2)) 1124 yyerror("out of memory"); 1125 } 1126 ; 1127 server_tls_ciphers: VAR_TLS_CIPHERS STRING_ARG 1128 { 1129 OUTYY(("P(server_tls_ciphers:%s)\n", $2)); 1130 free(cfg_parser->cfg->tls_ciphers); 1131 cfg_parser->cfg->tls_ciphers = $2; 1132 } 1133 ; 1134 server_tls_ciphersuites: VAR_TLS_CIPHERSUITES STRING_ARG 1135 { 1136 OUTYY(("P(server_tls_ciphersuites:%s)\n", $2)); 1137 free(cfg_parser->cfg->tls_ciphersuites); 1138 cfg_parser->cfg->tls_ciphersuites = $2; 1139 } 1140 ; 1141 server_tls_session_ticket_keys: VAR_TLS_SESSION_TICKET_KEYS STRING_ARG 1142 { 1143 OUTYY(("P(server_tls_session_ticket_keys:%s)\n", $2)); 1144 if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys, 1145 $2)) 1146 yyerror("out of memory"); 1147 } 1148 ; 1149 server_tls_use_sni: VAR_TLS_USE_SNI STRING_ARG 1150 { 1151 OUTYY(("P(server_tls_use_sni:%s)\n", $2)); 1152 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1153 yyerror("expected yes or no."); 1154 else cfg_parser->cfg->tls_use_sni = (strcmp($2, "yes")==0); 1155 free($2); 1156 } 1157 ; 1158 server_https_port: VAR_HTTPS_PORT STRING_ARG 1159 { 1160 OUTYY(("P(server_https_port:%s)\n", $2)); 1161 if(atoi($2) == 0) 1162 yyerror("port number expected"); 1163 else cfg_parser->cfg->https_port = atoi($2); 1164 free($2); 1165 }; 1166 server_http_endpoint: VAR_HTTP_ENDPOINT STRING_ARG 1167 { 1168 OUTYY(("P(server_http_endpoint:%s)\n", $2)); 1169 free(cfg_parser->cfg->http_endpoint); 1170 if($2 && $2[0] != '/') { 1171 cfg_parser->cfg->http_endpoint = malloc(strlen($2)+2); 1172 if(cfg_parser->cfg->http_endpoint) { 1173 cfg_parser->cfg->http_endpoint[0] = '/'; 1174 memmove(cfg_parser->cfg->http_endpoint+1, $2, 1175 strlen($2)+1); 1176 } else { 1177 yyerror("out of memory"); 1178 } 1179 free($2); 1180 } else { 1181 cfg_parser->cfg->http_endpoint = $2; 1182 } 1183 }; 1184 server_http_max_streams: VAR_HTTP_MAX_STREAMS STRING_ARG 1185 { 1186 OUTYY(("P(server_http_max_streams:%s)\n", $2)); 1187 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1188 yyerror("number expected"); 1189 else cfg_parser->cfg->http_max_streams = atoi($2); 1190 free($2); 1191 }; 1192 server_http_query_buffer_size: VAR_HTTP_QUERY_BUFFER_SIZE STRING_ARG 1193 { 1194 OUTYY(("P(server_http_query_buffer_size:%s)\n", $2)); 1195 if(!cfg_parse_memsize($2, 1196 &cfg_parser->cfg->http_query_buffer_size)) 1197 yyerror("memory size expected"); 1198 free($2); 1199 }; 1200 server_http_response_buffer_size: VAR_HTTP_RESPONSE_BUFFER_SIZE STRING_ARG 1201 { 1202 OUTYY(("P(server_http_response_buffer_size:%s)\n", $2)); 1203 if(!cfg_parse_memsize($2, 1204 &cfg_parser->cfg->http_response_buffer_size)) 1205 yyerror("memory size expected"); 1206 free($2); 1207 }; 1208 server_http_nodelay: VAR_HTTP_NODELAY STRING_ARG 1209 { 1210 OUTYY(("P(server_http_nodelay:%s)\n", $2)); 1211 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1212 yyerror("expected yes or no."); 1213 else cfg_parser->cfg->http_nodelay = (strcmp($2, "yes")==0); 1214 free($2); 1215 }; 1216 server_http_notls_downstream: VAR_HTTP_NOTLS_DOWNSTREAM STRING_ARG 1217 { 1218 OUTYY(("P(server_http_notls_downstream:%s)\n", $2)); 1219 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1220 yyerror("expected yes or no."); 1221 else cfg_parser->cfg->http_notls_downstream = (strcmp($2, "yes")==0); 1222 free($2); 1223 }; 1224 server_quic_port: VAR_QUIC_PORT STRING_ARG 1225 { 1226 OUTYY(("P(server_quic_port:%s)\n", $2)); 1227 #ifndef HAVE_NGTCP2 1228 log_warn("%s:%d: Unbound is not compiled with " 1229 "ngtcp2. This is required to use DNS " 1230 "over QUIC.", cfg_parser->filename, cfg_parser->line); 1231 #endif 1232 if(atoi($2) == 0) 1233 yyerror("port number expected"); 1234 else cfg_parser->cfg->quic_port = atoi($2); 1235 free($2); 1236 }; 1237 server_quic_size: VAR_QUIC_SIZE STRING_ARG 1238 { 1239 OUTYY(("P(server_quic_size:%s)\n", $2)); 1240 if(!cfg_parse_memsize($2, &cfg_parser->cfg->quic_size)) 1241 yyerror("memory size expected"); 1242 free($2); 1243 }; 1244 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG 1245 { 1246 OUTYY(("P(server_use_systemd:%s)\n", $2)); 1247 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1248 yyerror("expected yes or no."); 1249 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0); 1250 free($2); 1251 } 1252 ; 1253 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG 1254 { 1255 OUTYY(("P(server_do_daemonize:%s)\n", $2)); 1256 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1257 yyerror("expected yes or no."); 1258 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0); 1259 free($2); 1260 } 1261 ; 1262 server_use_syslog: VAR_USE_SYSLOG STRING_ARG 1263 { 1264 OUTYY(("P(server_use_syslog:%s)\n", $2)); 1265 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1266 yyerror("expected yes or no."); 1267 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0); 1268 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS) 1269 if(strcmp($2, "yes") == 0) 1270 yyerror("no syslog services are available. " 1271 "(reconfigure and compile to add)"); 1272 #endif 1273 free($2); 1274 } 1275 ; 1276 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG 1277 { 1278 OUTYY(("P(server_log_time_ascii:%s)\n", $2)); 1279 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1280 yyerror("expected yes or no."); 1281 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0); 1282 free($2); 1283 } 1284 ; 1285 server_log_time_iso: VAR_LOG_TIME_ISO STRING_ARG 1286 { 1287 OUTYY(("P(server_log_time_iso:%s)\n", $2)); 1288 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1289 yyerror("expected yes or no."); 1290 else cfg_parser->cfg->log_time_iso = (strcmp($2, "yes")==0); 1291 free($2); 1292 } 1293 ; 1294 server_log_queries: VAR_LOG_QUERIES STRING_ARG 1295 { 1296 OUTYY(("P(server_log_queries:%s)\n", $2)); 1297 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1298 yyerror("expected yes or no."); 1299 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0); 1300 free($2); 1301 } 1302 ; 1303 server_log_replies: VAR_LOG_REPLIES STRING_ARG 1304 { 1305 OUTYY(("P(server_log_replies:%s)\n", $2)); 1306 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1307 yyerror("expected yes or no."); 1308 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0); 1309 free($2); 1310 } 1311 ; 1312 server_log_tag_queryreply: VAR_LOG_TAG_QUERYREPLY STRING_ARG 1313 { 1314 OUTYY(("P(server_log_tag_queryreply:%s)\n", $2)); 1315 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1316 yyerror("expected yes or no."); 1317 else cfg_parser->cfg->log_tag_queryreply = (strcmp($2, "yes")==0); 1318 free($2); 1319 } 1320 ; 1321 server_log_servfail: VAR_LOG_SERVFAIL STRING_ARG 1322 { 1323 OUTYY(("P(server_log_servfail:%s)\n", $2)); 1324 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1325 yyerror("expected yes or no."); 1326 else cfg_parser->cfg->log_servfail = (strcmp($2, "yes")==0); 1327 free($2); 1328 } 1329 ; 1330 server_log_destaddr: VAR_LOG_DESTADDR STRING_ARG 1331 { 1332 OUTYY(("P(server_log_destaddr:%s)\n", $2)); 1333 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1334 yyerror("expected yes or no."); 1335 else cfg_parser->cfg->log_destaddr = (strcmp($2, "yes")==0); 1336 free($2); 1337 } 1338 ; 1339 server_log_local_actions: VAR_LOG_LOCAL_ACTIONS STRING_ARG 1340 { 1341 OUTYY(("P(server_log_local_actions:%s)\n", $2)); 1342 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1343 yyerror("expected yes or no."); 1344 else cfg_parser->cfg->log_local_actions = (strcmp($2, "yes")==0); 1345 free($2); 1346 } 1347 ; 1348 server_chroot: VAR_CHROOT STRING_ARG 1349 { 1350 OUTYY(("P(server_chroot:%s)\n", $2)); 1351 free(cfg_parser->cfg->chrootdir); 1352 cfg_parser->cfg->chrootdir = $2; 1353 } 1354 ; 1355 server_username: VAR_USERNAME STRING_ARG 1356 { 1357 OUTYY(("P(server_username:%s)\n", $2)); 1358 free(cfg_parser->cfg->username); 1359 cfg_parser->cfg->username = $2; 1360 } 1361 ; 1362 server_directory: VAR_DIRECTORY STRING_ARG 1363 { 1364 OUTYY(("P(server_directory:%s)\n", $2)); 1365 free(cfg_parser->cfg->directory); 1366 cfg_parser->cfg->directory = $2; 1367 /* change there right away for includes relative to this */ 1368 if($2[0]) { 1369 char* d; 1370 #ifdef UB_ON_WINDOWS 1371 w_config_adjust_directory(cfg_parser->cfg); 1372 #endif 1373 d = cfg_parser->cfg->directory; 1374 /* adjust directory if we have already chroot, 1375 * like, we reread after sighup */ 1376 if(cfg_parser->chroot && cfg_parser->chroot[0] && 1377 strncmp(d, cfg_parser->chroot, strlen( 1378 cfg_parser->chroot)) == 0) 1379 d += strlen(cfg_parser->chroot); 1380 if(d[0]) { 1381 if(chdir(d)) 1382 log_err("cannot chdir to directory: %s (%s)", 1383 d, strerror(errno)); 1384 } 1385 } 1386 } 1387 ; 1388 server_logfile: VAR_LOGFILE STRING_ARG 1389 { 1390 OUTYY(("P(server_logfile:%s)\n", $2)); 1391 free(cfg_parser->cfg->logfile); 1392 cfg_parser->cfg->logfile = $2; 1393 cfg_parser->cfg->use_syslog = 0; 1394 } 1395 ; 1396 server_pidfile: VAR_PIDFILE STRING_ARG 1397 { 1398 OUTYY(("P(server_pidfile:%s)\n", $2)); 1399 free(cfg_parser->cfg->pidfile); 1400 cfg_parser->cfg->pidfile = $2; 1401 } 1402 ; 1403 server_root_hints: VAR_ROOT_HINTS STRING_ARG 1404 { 1405 OUTYY(("P(server_root_hints:%s)\n", $2)); 1406 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2)) 1407 yyerror("out of memory"); 1408 } 1409 ; 1410 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG 1411 { 1412 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2)); 1413 log_warn("option dlv-anchor-file ignored: DLV is decommissioned"); 1414 free($2); 1415 } 1416 ; 1417 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG 1418 { 1419 OUTYY(("P(server_dlv_anchor:%s)\n", $2)); 1420 log_warn("option dlv-anchor ignored: DLV is decommissioned"); 1421 free($2); 1422 } 1423 ; 1424 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG 1425 { 1426 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2)); 1427 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1428 auto_trust_anchor_file_list, $2)) 1429 yyerror("out of memory"); 1430 } 1431 ; 1432 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG 1433 { 1434 OUTYY(("P(server_trust_anchor_file:%s)\n", $2)); 1435 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1436 trust_anchor_file_list, $2)) 1437 yyerror("out of memory"); 1438 } 1439 ; 1440 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG 1441 { 1442 OUTYY(("P(server_trusted_keys_file:%s)\n", $2)); 1443 if(!cfg_strlist_insert(&cfg_parser->cfg-> 1444 trusted_keys_file_list, $2)) 1445 yyerror("out of memory"); 1446 } 1447 ; 1448 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG 1449 { 1450 OUTYY(("P(server_trust_anchor:%s)\n", $2)); 1451 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2)) 1452 yyerror("out of memory"); 1453 } 1454 ; 1455 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG 1456 { 1457 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2)); 1458 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1459 yyerror("expected yes or no."); 1460 else 1461 cfg_parser->cfg->trust_anchor_signaling = 1462 (strcmp($2, "yes")==0); 1463 free($2); 1464 } 1465 ; 1466 server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG 1467 { 1468 OUTYY(("P(server_root_key_sentinel:%s)\n", $2)); 1469 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1470 yyerror("expected yes or no."); 1471 else 1472 cfg_parser->cfg->root_key_sentinel = 1473 (strcmp($2, "yes")==0); 1474 free($2); 1475 } 1476 ; 1477 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG 1478 { 1479 OUTYY(("P(server_domain_insecure:%s)\n", $2)); 1480 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2)) 1481 yyerror("out of memory"); 1482 } 1483 ; 1484 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG 1485 { 1486 OUTYY(("P(server_hide_identity:%s)\n", $2)); 1487 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1488 yyerror("expected yes or no."); 1489 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0); 1490 free($2); 1491 } 1492 ; 1493 server_hide_version: VAR_HIDE_VERSION STRING_ARG 1494 { 1495 OUTYY(("P(server_hide_version:%s)\n", $2)); 1496 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1497 yyerror("expected yes or no."); 1498 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0); 1499 free($2); 1500 } 1501 ; 1502 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG 1503 { 1504 OUTYY(("P(server_hide_trustanchor:%s)\n", $2)); 1505 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1506 yyerror("expected yes or no."); 1507 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0); 1508 free($2); 1509 } 1510 ; 1511 server_hide_http_user_agent: VAR_HIDE_HTTP_USER_AGENT STRING_ARG 1512 { 1513 OUTYY(("P(server_hide_user_agent:%s)\n", $2)); 1514 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1515 yyerror("expected yes or no."); 1516 else cfg_parser->cfg->hide_http_user_agent = (strcmp($2, "yes")==0); 1517 free($2); 1518 } 1519 ; 1520 server_identity: VAR_IDENTITY STRING_ARG 1521 { 1522 OUTYY(("P(server_identity:%s)\n", $2)); 1523 free(cfg_parser->cfg->identity); 1524 cfg_parser->cfg->identity = $2; 1525 } 1526 ; 1527 server_version: VAR_VERSION STRING_ARG 1528 { 1529 OUTYY(("P(server_version:%s)\n", $2)); 1530 free(cfg_parser->cfg->version); 1531 cfg_parser->cfg->version = $2; 1532 } 1533 ; 1534 server_http_user_agent: VAR_HTTP_USER_AGENT STRING_ARG 1535 { 1536 OUTYY(("P(server_http_user_agent:%s)\n", $2)); 1537 free(cfg_parser->cfg->http_user_agent); 1538 cfg_parser->cfg->http_user_agent = $2; 1539 } 1540 ; 1541 server_nsid: VAR_NSID STRING_ARG 1542 { 1543 OUTYY(("P(server_nsid:%s)\n", $2)); 1544 free(cfg_parser->cfg->nsid_cfg_str); 1545 cfg_parser->cfg->nsid_cfg_str = $2; 1546 free(cfg_parser->cfg->nsid); 1547 cfg_parser->cfg->nsid = NULL; 1548 cfg_parser->cfg->nsid_len = 0; 1549 if (*$2 == 0) 1550 ; /* pass; empty string is not setting nsid */ 1551 else if (!(cfg_parser->cfg->nsid = cfg_parse_nsid( 1552 $2, &cfg_parser->cfg->nsid_len))) 1553 yyerror("the NSID must be either a hex string or an " 1554 "ascii character string prepended with ascii_."); 1555 } 1556 ; 1557 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG 1558 { 1559 OUTYY(("P(server_so_rcvbuf:%s)\n", $2)); 1560 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf)) 1561 yyerror("buffer size expected"); 1562 free($2); 1563 } 1564 ; 1565 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG 1566 { 1567 OUTYY(("P(server_so_sndbuf:%s)\n", $2)); 1568 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf)) 1569 yyerror("buffer size expected"); 1570 free($2); 1571 } 1572 ; 1573 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG 1574 { 1575 OUTYY(("P(server_so_reuseport:%s)\n", $2)); 1576 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1577 yyerror("expected yes or no."); 1578 else cfg_parser->cfg->so_reuseport = 1579 (strcmp($2, "yes")==0); 1580 free($2); 1581 } 1582 ; 1583 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG 1584 { 1585 OUTYY(("P(server_ip_transparent:%s)\n", $2)); 1586 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1587 yyerror("expected yes or no."); 1588 else cfg_parser->cfg->ip_transparent = 1589 (strcmp($2, "yes")==0); 1590 free($2); 1591 } 1592 ; 1593 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG 1594 { 1595 OUTYY(("P(server_ip_freebind:%s)\n", $2)); 1596 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1597 yyerror("expected yes or no."); 1598 else cfg_parser->cfg->ip_freebind = 1599 (strcmp($2, "yes")==0); 1600 free($2); 1601 } 1602 ; 1603 server_ip_dscp: VAR_IP_DSCP STRING_ARG 1604 { 1605 OUTYY(("P(server_ip_dscp:%s)\n", $2)); 1606 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1607 yyerror("number expected"); 1608 else if (atoi($2) > 63) 1609 yyerror("value too large (max 63)"); 1610 else if (atoi($2) < 0) 1611 yyerror("value too small (min 0)"); 1612 else 1613 cfg_parser->cfg->ip_dscp = atoi($2); 1614 free($2); 1615 } 1616 ; 1617 server_stream_wait_size: VAR_STREAM_WAIT_SIZE STRING_ARG 1618 { 1619 OUTYY(("P(server_stream_wait_size:%s)\n", $2)); 1620 if(!cfg_parse_memsize($2, &cfg_parser->cfg->stream_wait_size)) 1621 yyerror("memory size expected"); 1622 free($2); 1623 } 1624 ; 1625 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG 1626 { 1627 OUTYY(("P(server_edns_buffer_size:%s)\n", $2)); 1628 if(atoi($2) == 0) 1629 yyerror("number expected"); 1630 else if (atoi($2) < 12) 1631 yyerror("edns buffer size too small"); 1632 else if (atoi($2) > 65535) 1633 cfg_parser->cfg->edns_buffer_size = 65535; 1634 else cfg_parser->cfg->edns_buffer_size = atoi($2); 1635 free($2); 1636 } 1637 ; 1638 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG 1639 { 1640 OUTYY(("P(server_msg_buffer_size:%s)\n", $2)); 1641 if(atoi($2) == 0) 1642 yyerror("number expected"); 1643 else if (atoi($2) < 4096) 1644 yyerror("message buffer size too small (use 4096)"); 1645 else cfg_parser->cfg->msg_buffer_size = atoi($2); 1646 free($2); 1647 } 1648 ; 1649 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG 1650 { 1651 OUTYY(("P(server_msg_cache_size:%s)\n", $2)); 1652 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size)) 1653 yyerror("memory size expected"); 1654 free($2); 1655 } 1656 ; 1657 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG 1658 { 1659 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2)); 1660 if(atoi($2) == 0) { 1661 yyerror("number expected"); 1662 } else { 1663 cfg_parser->cfg->msg_cache_slabs = atoi($2); 1664 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs)) 1665 yyerror("must be a power of 2"); 1666 } 1667 free($2); 1668 } 1669 ; 1670 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG 1671 { 1672 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2)); 1673 if(atoi($2) == 0) 1674 yyerror("number expected"); 1675 else cfg_parser->cfg->num_queries_per_thread = atoi($2); 1676 free($2); 1677 } 1678 ; 1679 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG 1680 { 1681 OUTYY(("P(server_jostle_timeout:%s)\n", $2)); 1682 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1683 yyerror("number expected"); 1684 else cfg_parser->cfg->jostle_time = atoi($2); 1685 free($2); 1686 } 1687 ; 1688 server_delay_close: VAR_DELAY_CLOSE STRING_ARG 1689 { 1690 OUTYY(("P(server_delay_close:%s)\n", $2)); 1691 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1692 yyerror("number expected"); 1693 else cfg_parser->cfg->delay_close = atoi($2); 1694 free($2); 1695 } 1696 ; 1697 server_udp_connect: VAR_UDP_CONNECT STRING_ARG 1698 { 1699 OUTYY(("P(server_udp_connect:%s)\n", $2)); 1700 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1701 yyerror("expected yes or no."); 1702 else cfg_parser->cfg->udp_connect = (strcmp($2, "yes")==0); 1703 free($2); 1704 } 1705 ; 1706 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG 1707 { 1708 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2)); 1709 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1710 yyerror("expected yes or no."); 1711 else cfg_parser->cfg->unblock_lan_zones = 1712 (strcmp($2, "yes")==0); 1713 free($2); 1714 } 1715 ; 1716 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG 1717 { 1718 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2)); 1719 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1720 yyerror("expected yes or no."); 1721 else cfg_parser->cfg->insecure_lan_zones = 1722 (strcmp($2, "yes")==0); 1723 free($2); 1724 } 1725 ; 1726 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG 1727 { 1728 OUTYY(("P(server_rrset_cache_size:%s)\n", $2)); 1729 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size)) 1730 yyerror("memory size expected"); 1731 free($2); 1732 } 1733 ; 1734 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG 1735 { 1736 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2)); 1737 if(atoi($2) == 0) { 1738 yyerror("number expected"); 1739 } else { 1740 cfg_parser->cfg->rrset_cache_slabs = atoi($2); 1741 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs)) 1742 yyerror("must be a power of 2"); 1743 } 1744 free($2); 1745 } 1746 ; 1747 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG 1748 { 1749 OUTYY(("P(server_infra_host_ttl:%s)\n", $2)); 1750 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1751 yyerror("number expected"); 1752 else cfg_parser->cfg->host_ttl = atoi($2); 1753 free($2); 1754 } 1755 ; 1756 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG 1757 { 1758 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2)); 1759 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option " 1760 "removed, use infra-host-ttl)", $2); 1761 free($2); 1762 } 1763 ; 1764 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG 1765 { 1766 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2)); 1767 if(atoi($2) == 0) 1768 yyerror("number expected"); 1769 else cfg_parser->cfg->infra_cache_numhosts = atoi($2); 1770 free($2); 1771 } 1772 ; 1773 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG 1774 { 1775 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2)); 1776 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s " 1777 "(option removed, use infra-cache-numhosts)", $2); 1778 free($2); 1779 } 1780 ; 1781 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG 1782 { 1783 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2)); 1784 if(atoi($2) == 0) { 1785 yyerror("number expected"); 1786 } else { 1787 cfg_parser->cfg->infra_cache_slabs = atoi($2); 1788 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs)) 1789 yyerror("must be a power of 2"); 1790 } 1791 free($2); 1792 } 1793 ; 1794 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG 1795 { 1796 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2)); 1797 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1798 yyerror("number expected"); 1799 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2); 1800 free($2); 1801 } 1802 ; 1803 server_infra_cache_max_rtt: VAR_INFRA_CACHE_MAX_RTT STRING_ARG 1804 { 1805 OUTYY(("P(server_infra_cache_max_rtt:%s)\n", $2)); 1806 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1807 yyerror("number expected"); 1808 else cfg_parser->cfg->infra_cache_max_rtt = atoi($2); 1809 free($2); 1810 } 1811 ; 1812 server_infra_keep_probing: VAR_INFRA_KEEP_PROBING STRING_ARG 1813 { 1814 OUTYY(("P(server_infra_keep_probing:%s)\n", $2)); 1815 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1816 yyerror("expected yes or no."); 1817 else cfg_parser->cfg->infra_keep_probing = 1818 (strcmp($2, "yes")==0); 1819 free($2); 1820 } 1821 ; 1822 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG 1823 { 1824 OUTYY(("P(server_target_fetch_policy:%s)\n", $2)); 1825 free(cfg_parser->cfg->target_fetch_policy); 1826 cfg_parser->cfg->target_fetch_policy = $2; 1827 } 1828 ; 1829 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG 1830 { 1831 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2)); 1832 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1833 yyerror("expected yes or no."); 1834 else cfg_parser->cfg->harden_short_bufsize = 1835 (strcmp($2, "yes")==0); 1836 free($2); 1837 } 1838 ; 1839 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG 1840 { 1841 OUTYY(("P(server_harden_large_queries:%s)\n", $2)); 1842 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1843 yyerror("expected yes or no."); 1844 else cfg_parser->cfg->harden_large_queries = 1845 (strcmp($2, "yes")==0); 1846 free($2); 1847 } 1848 ; 1849 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG 1850 { 1851 OUTYY(("P(server_harden_glue:%s)\n", $2)); 1852 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1853 yyerror("expected yes or no."); 1854 else cfg_parser->cfg->harden_glue = 1855 (strcmp($2, "yes")==0); 1856 free($2); 1857 } 1858 ; 1859 server_harden_unverified_glue: VAR_HARDEN_UNVERIFIED_GLUE STRING_ARG 1860 { 1861 OUTYY(("P(server_harden_unverified_glue:%s)\n", $2)); 1862 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1863 yyerror("expected yes or no."); 1864 else cfg_parser->cfg->harden_unverified_glue = 1865 (strcmp($2, "yes")==0); 1866 free($2); 1867 } 1868 ; 1869 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG 1870 { 1871 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2)); 1872 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1873 yyerror("expected yes or no."); 1874 else cfg_parser->cfg->harden_dnssec_stripped = 1875 (strcmp($2, "yes")==0); 1876 free($2); 1877 } 1878 ; 1879 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG 1880 { 1881 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2)); 1882 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1883 yyerror("expected yes or no."); 1884 else cfg_parser->cfg->harden_below_nxdomain = 1885 (strcmp($2, "yes")==0); 1886 free($2); 1887 } 1888 ; 1889 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG 1890 { 1891 OUTYY(("P(server_harden_referral_path:%s)\n", $2)); 1892 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1893 yyerror("expected yes or no."); 1894 else cfg_parser->cfg->harden_referral_path = 1895 (strcmp($2, "yes")==0); 1896 free($2); 1897 } 1898 ; 1899 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG 1900 { 1901 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2)); 1902 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1903 yyerror("expected yes or no."); 1904 else cfg_parser->cfg->harden_algo_downgrade = 1905 (strcmp($2, "yes")==0); 1906 free($2); 1907 } 1908 ; 1909 server_harden_unknown_additional: VAR_HARDEN_UNKNOWN_ADDITIONAL STRING_ARG 1910 { 1911 OUTYY(("P(server_harden_unknown_additional:%s)\n", $2)); 1912 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1913 yyerror("expected yes or no."); 1914 else cfg_parser->cfg->harden_unknown_additional = 1915 (strcmp($2, "yes")==0); 1916 free($2); 1917 } 1918 ; 1919 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG 1920 { 1921 OUTYY(("P(server_use_caps_for_id:%s)\n", $2)); 1922 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1923 yyerror("expected yes or no."); 1924 else cfg_parser->cfg->use_caps_bits_for_id = 1925 (strcmp($2, "yes")==0); 1926 free($2); 1927 } 1928 ; 1929 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG 1930 { 1931 OUTYY(("P(server_caps_whitelist:%s)\n", $2)); 1932 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2)) 1933 yyerror("out of memory"); 1934 } 1935 ; 1936 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG 1937 { 1938 OUTYY(("P(server_private_address:%s)\n", $2)); 1939 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2)) 1940 yyerror("out of memory"); 1941 } 1942 ; 1943 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG 1944 { 1945 OUTYY(("P(server_private_domain:%s)\n", $2)); 1946 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2)) 1947 yyerror("out of memory"); 1948 } 1949 ; 1950 server_prefetch: VAR_PREFETCH STRING_ARG 1951 { 1952 OUTYY(("P(server_prefetch:%s)\n", $2)); 1953 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1954 yyerror("expected yes or no."); 1955 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0); 1956 free($2); 1957 } 1958 ; 1959 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG 1960 { 1961 OUTYY(("P(server_prefetch_key:%s)\n", $2)); 1962 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1963 yyerror("expected yes or no."); 1964 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0); 1965 free($2); 1966 } 1967 ; 1968 server_deny_any: VAR_DENY_ANY STRING_ARG 1969 { 1970 OUTYY(("P(server_deny_any:%s)\n", $2)); 1971 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1972 yyerror("expected yes or no."); 1973 else cfg_parser->cfg->deny_any = (strcmp($2, "yes")==0); 1974 free($2); 1975 } 1976 ; 1977 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG 1978 { 1979 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2)); 1980 if(atoi($2) == 0 && strcmp($2, "0") != 0) 1981 yyerror("number expected"); 1982 else cfg_parser->cfg->unwanted_threshold = atoi($2); 1983 free($2); 1984 } 1985 ; 1986 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG 1987 { 1988 OUTYY(("P(server_do_not_query_address:%s)\n", $2)); 1989 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2)) 1990 yyerror("out of memory"); 1991 } 1992 ; 1993 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG 1994 { 1995 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2)); 1996 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 1997 yyerror("expected yes or no."); 1998 else cfg_parser->cfg->donotquery_localhost = 1999 (strcmp($2, "yes")==0); 2000 free($2); 2001 } 2002 ; 2003 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG 2004 { 2005 OUTYY(("P(server_access_control:%s %s)\n", $2, $3)); 2006 validate_acl_action($3); 2007 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3)) 2008 fatal_exit("out of memory adding acl"); 2009 } 2010 ; 2011 server_interface_action: VAR_INTERFACE_ACTION STRING_ARG STRING_ARG 2012 { 2013 OUTYY(("P(server_interface_action:%s %s)\n", $2, $3)); 2014 validate_acl_action($3); 2015 if(!cfg_str2list_insert( 2016 &cfg_parser->cfg->interface_actions, $2, $3)) 2017 fatal_exit("out of memory adding acl"); 2018 } 2019 ; 2020 server_module_conf: VAR_MODULE_CONF STRING_ARG 2021 { 2022 OUTYY(("P(server_module_conf:%s)\n", $2)); 2023 free(cfg_parser->cfg->module_conf); 2024 cfg_parser->cfg->module_conf = $2; 2025 } 2026 ; 2027 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG 2028 { 2029 OUTYY(("P(server_val_override_date:%s)\n", $2)); 2030 if(*$2 == '\0' || strcmp($2, "0") == 0) { 2031 cfg_parser->cfg->val_date_override = 0; 2032 } else if(strlen($2) == 14) { 2033 cfg_parser->cfg->val_date_override = 2034 cfg_convert_timeval($2); 2035 if(!cfg_parser->cfg->val_date_override) 2036 yyerror("bad date/time specification"); 2037 } else { 2038 if(atoi($2) == 0) 2039 yyerror("number expected"); 2040 cfg_parser->cfg->val_date_override = atoi($2); 2041 } 2042 free($2); 2043 } 2044 ; 2045 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG 2046 { 2047 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2)); 2048 if(*$2 == '\0' || strcmp($2, "0") == 0) { 2049 cfg_parser->cfg->val_sig_skew_min = 0; 2050 } else { 2051 cfg_parser->cfg->val_sig_skew_min = atoi($2); 2052 if(!cfg_parser->cfg->val_sig_skew_min) 2053 yyerror("number expected"); 2054 } 2055 free($2); 2056 } 2057 ; 2058 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG 2059 { 2060 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2)); 2061 if(*$2 == '\0' || strcmp($2, "0") == 0) { 2062 cfg_parser->cfg->val_sig_skew_max = 0; 2063 } else { 2064 cfg_parser->cfg->val_sig_skew_max = atoi($2); 2065 if(!cfg_parser->cfg->val_sig_skew_max) 2066 yyerror("number expected"); 2067 } 2068 free($2); 2069 } 2070 ; 2071 server_val_max_restart: VAR_VAL_MAX_RESTART STRING_ARG 2072 { 2073 OUTYY(("P(server_val_max_restart:%s)\n", $2)); 2074 if(*$2 == '\0' || strcmp($2, "0") == 0) { 2075 cfg_parser->cfg->val_max_restart = 0; 2076 } else { 2077 cfg_parser->cfg->val_max_restart = atoi($2); 2078 if(!cfg_parser->cfg->val_max_restart) 2079 yyerror("number expected"); 2080 } 2081 free($2); 2082 } 2083 ; 2084 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG 2085 { 2086 OUTYY(("P(server_cache_max_ttl:%s)\n", $2)); 2087 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2088 yyerror("number expected"); 2089 else cfg_parser->cfg->max_ttl = atoi($2); 2090 free($2); 2091 } 2092 ; 2093 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG 2094 { 2095 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2)); 2096 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2097 yyerror("number expected"); 2098 else cfg_parser->cfg->max_negative_ttl = atoi($2); 2099 free($2); 2100 } 2101 ; 2102 server_cache_min_negative_ttl: VAR_CACHE_MIN_NEGATIVE_TTL STRING_ARG 2103 { 2104 OUTYY(("P(server_cache_min_negative_ttl:%s)\n", $2)); 2105 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2106 yyerror("number expected"); 2107 else cfg_parser->cfg->min_negative_ttl = atoi($2); 2108 free($2); 2109 } 2110 ; 2111 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG 2112 { 2113 OUTYY(("P(server_cache_min_ttl:%s)\n", $2)); 2114 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2115 yyerror("number expected"); 2116 else cfg_parser->cfg->min_ttl = atoi($2); 2117 free($2); 2118 } 2119 ; 2120 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG 2121 { 2122 OUTYY(("P(server_bogus_ttl:%s)\n", $2)); 2123 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2124 yyerror("number expected"); 2125 else cfg_parser->cfg->bogus_ttl = atoi($2); 2126 free($2); 2127 } 2128 ; 2129 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG 2130 { 2131 OUTYY(("P(server_val_clean_additional:%s)\n", $2)); 2132 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2133 yyerror("expected yes or no."); 2134 else cfg_parser->cfg->val_clean_additional = 2135 (strcmp($2, "yes")==0); 2136 free($2); 2137 } 2138 ; 2139 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG 2140 { 2141 OUTYY(("P(server_val_permissive_mode:%s)\n", $2)); 2142 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2143 yyerror("expected yes or no."); 2144 else cfg_parser->cfg->val_permissive_mode = 2145 (strcmp($2, "yes")==0); 2146 free($2); 2147 } 2148 ; 2149 server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG 2150 { 2151 OUTYY(("P(server_aggressive_nsec:%s)\n", $2)); 2152 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2153 yyerror("expected yes or no."); 2154 else 2155 cfg_parser->cfg->aggressive_nsec = 2156 (strcmp($2, "yes")==0); 2157 free($2); 2158 } 2159 ; 2160 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG 2161 { 2162 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2)); 2163 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2164 yyerror("expected yes or no."); 2165 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0); 2166 free($2); 2167 } 2168 ; 2169 server_disable_edns_do: VAR_DISABLE_EDNS_DO STRING_ARG 2170 { 2171 OUTYY(("P(server_disable_edns_do:%s)\n", $2)); 2172 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2173 yyerror("expected yes or no."); 2174 else cfg_parser->cfg->disable_edns_do = (strcmp($2, "yes")==0); 2175 free($2); 2176 } 2177 ; 2178 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG 2179 { 2180 OUTYY(("P(server_serve_expired:%s)\n", $2)); 2181 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2182 yyerror("expected yes or no."); 2183 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0); 2184 free($2); 2185 } 2186 ; 2187 server_serve_expired_ttl: VAR_SERVE_EXPIRED_TTL STRING_ARG 2188 { 2189 OUTYY(("P(server_serve_expired_ttl:%s)\n", $2)); 2190 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2191 yyerror("number expected"); 2192 else cfg_parser->cfg->serve_expired_ttl = atoi($2); 2193 free($2); 2194 } 2195 ; 2196 server_serve_expired_ttl_reset: VAR_SERVE_EXPIRED_TTL_RESET STRING_ARG 2197 { 2198 OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", $2)); 2199 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2200 yyerror("expected yes or no."); 2201 else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp($2, "yes")==0); 2202 free($2); 2203 } 2204 ; 2205 server_serve_expired_reply_ttl: VAR_SERVE_EXPIRED_REPLY_TTL STRING_ARG 2206 { 2207 OUTYY(("P(server_serve_expired_reply_ttl:%s)\n", $2)); 2208 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2209 yyerror("number expected"); 2210 else cfg_parser->cfg->serve_expired_reply_ttl = atoi($2); 2211 free($2); 2212 } 2213 ; 2214 server_serve_expired_client_timeout: VAR_SERVE_EXPIRED_CLIENT_TIMEOUT STRING_ARG 2215 { 2216 OUTYY(("P(server_serve_expired_client_timeout:%s)\n", $2)); 2217 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2218 yyerror("number expected"); 2219 else cfg_parser->cfg->serve_expired_client_timeout = atoi($2); 2220 free($2); 2221 } 2222 ; 2223 server_ede_serve_expired: VAR_EDE_SERVE_EXPIRED STRING_ARG 2224 { 2225 OUTYY(("P(server_ede_serve_expired:%s)\n", $2)); 2226 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2227 yyerror("expected yes or no."); 2228 else cfg_parser->cfg->ede_serve_expired = (strcmp($2, "yes")==0); 2229 free($2); 2230 } 2231 ; 2232 server_serve_original_ttl: VAR_SERVE_ORIGINAL_TTL STRING_ARG 2233 { 2234 OUTYY(("P(server_serve_original_ttl:%s)\n", $2)); 2235 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2236 yyerror("expected yes or no."); 2237 else cfg_parser->cfg->serve_original_ttl = (strcmp($2, "yes")==0); 2238 free($2); 2239 } 2240 ; 2241 server_fake_dsa: VAR_FAKE_DSA STRING_ARG 2242 { 2243 OUTYY(("P(server_fake_dsa:%s)\n", $2)); 2244 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2245 yyerror("expected yes or no."); 2246 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 2247 else fake_dsa = (strcmp($2, "yes")==0); 2248 if(fake_dsa) 2249 log_warn("test option fake_dsa is enabled"); 2250 #endif 2251 free($2); 2252 } 2253 ; 2254 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG 2255 { 2256 OUTYY(("P(server_fake_sha1:%s)\n", $2)); 2257 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2258 yyerror("expected yes or no."); 2259 #if defined(HAVE_SSL) || defined(HAVE_NETTLE) 2260 else fake_sha1 = (strcmp($2, "yes")==0); 2261 if(fake_sha1) 2262 log_warn("test option fake_sha1 is enabled"); 2263 #endif 2264 free($2); 2265 } 2266 ; 2267 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG 2268 { 2269 OUTYY(("P(server_val_log_level:%s)\n", $2)); 2270 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2271 yyerror("number expected"); 2272 else cfg_parser->cfg->val_log_level = atoi($2); 2273 free($2); 2274 } 2275 ; 2276 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG 2277 { 2278 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2)); 2279 free(cfg_parser->cfg->val_nsec3_key_iterations); 2280 cfg_parser->cfg->val_nsec3_key_iterations = $2; 2281 } 2282 ; 2283 server_zonemd_permissive_mode: VAR_ZONEMD_PERMISSIVE_MODE STRING_ARG 2284 { 2285 OUTYY(("P(server_zonemd_permissive_mode:%s)\n", $2)); 2286 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2287 yyerror("expected yes or no."); 2288 else cfg_parser->cfg->zonemd_permissive_mode = (strcmp($2, "yes")==0); 2289 free($2); 2290 } 2291 ; 2292 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG 2293 { 2294 OUTYY(("P(server_add_holddown:%s)\n", $2)); 2295 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2296 yyerror("number expected"); 2297 else cfg_parser->cfg->add_holddown = atoi($2); 2298 free($2); 2299 } 2300 ; 2301 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG 2302 { 2303 OUTYY(("P(server_del_holddown:%s)\n", $2)); 2304 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2305 yyerror("number expected"); 2306 else cfg_parser->cfg->del_holddown = atoi($2); 2307 free($2); 2308 } 2309 ; 2310 server_keep_missing: VAR_KEEP_MISSING STRING_ARG 2311 { 2312 OUTYY(("P(server_keep_missing:%s)\n", $2)); 2313 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2314 yyerror("number expected"); 2315 else cfg_parser->cfg->keep_missing = atoi($2); 2316 free($2); 2317 } 2318 ; 2319 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG 2320 { 2321 OUTYY(("P(server_permit_small_holddown:%s)\n", $2)); 2322 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2323 yyerror("expected yes or no."); 2324 else cfg_parser->cfg->permit_small_holddown = 2325 (strcmp($2, "yes")==0); 2326 free($2); 2327 } 2328 ; 2329 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG 2330 { 2331 OUTYY(("P(server_key_cache_size:%s)\n", $2)); 2332 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size)) 2333 yyerror("memory size expected"); 2334 free($2); 2335 } 2336 ; 2337 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG 2338 { 2339 OUTYY(("P(server_key_cache_slabs:%s)\n", $2)); 2340 if(atoi($2) == 0) { 2341 yyerror("number expected"); 2342 } else { 2343 cfg_parser->cfg->key_cache_slabs = atoi($2); 2344 if(!is_pow2(cfg_parser->cfg->key_cache_slabs)) 2345 yyerror("must be a power of 2"); 2346 } 2347 free($2); 2348 } 2349 ; 2350 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG 2351 { 2352 OUTYY(("P(server_neg_cache_size:%s)\n", $2)); 2353 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size)) 2354 yyerror("memory size expected"); 2355 free($2); 2356 } 2357 ; 2358 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 2359 { 2360 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3)); 2361 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 2362 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 2363 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 2364 && strcmp($3, "typetransparent")!=0 2365 && strcmp($3, "always_transparent")!=0 2366 && strcmp($3, "block_a")!=0 2367 && strcmp($3, "always_refuse")!=0 2368 && strcmp($3, "always_nxdomain")!=0 2369 && strcmp($3, "always_nodata")!=0 2370 && strcmp($3, "always_deny")!=0 2371 && strcmp($3, "always_null")!=0 2372 && strcmp($3, "noview")!=0 2373 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 2374 && strcmp($3, "inform_redirect") != 0 2375 && strcmp($3, "ipset") != 0) { 2376 yyerror("local-zone type: expected static, deny, " 2377 "refuse, redirect, transparent, " 2378 "typetransparent, inform, inform_deny, " 2379 "inform_redirect, always_transparent, block_a," 2380 "always_refuse, always_nxdomain, " 2381 "always_nodata, always_deny, always_null, " 2382 "noview, nodefault or ipset"); 2383 free($2); 2384 free($3); 2385 } else if(strcmp($3, "nodefault")==0) { 2386 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2387 local_zones_nodefault, $2)) 2388 fatal_exit("out of memory adding local-zone"); 2389 free($3); 2390 #ifdef USE_IPSET 2391 } else if(strcmp($3, "ipset")==0) { 2392 size_t len = strlen($2); 2393 /* Make sure to add the trailing dot. 2394 * These are str compared to domain names. */ 2395 if($2[len-1] != '.') { 2396 if(!($2 = realloc($2, len+2))) { 2397 fatal_exit("out of memory adding local-zone"); 2398 } 2399 $2[len] = '.'; 2400 $2[len+1] = 0; 2401 } 2402 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2403 local_zones_ipset, $2)) 2404 fatal_exit("out of memory adding local-zone"); 2405 free($3); 2406 #endif 2407 } else { 2408 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones, 2409 $2, $3)) 2410 fatal_exit("out of memory adding local-zone"); 2411 } 2412 } 2413 ; 2414 server_local_data: VAR_LOCAL_DATA STRING_ARG 2415 { 2416 OUTYY(("P(server_local_data:%s)\n", $2)); 2417 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2)) 2418 fatal_exit("out of memory adding local-data"); 2419 } 2420 ; 2421 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 2422 { 2423 char* ptr; 2424 OUTYY(("P(server_local_data_ptr:%s)\n", $2)); 2425 ptr = cfg_ptr_reverse($2); 2426 free($2); 2427 if(ptr) { 2428 if(!cfg_strlist_insert(&cfg_parser->cfg-> 2429 local_data, ptr)) 2430 fatal_exit("out of memory adding local-data"); 2431 } else { 2432 yyerror("local-data-ptr could not be reversed"); 2433 } 2434 } 2435 ; 2436 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG 2437 { 2438 OUTYY(("P(server_minimal_responses:%s)\n", $2)); 2439 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2440 yyerror("expected yes or no."); 2441 else cfg_parser->cfg->minimal_responses = 2442 (strcmp($2, "yes")==0); 2443 free($2); 2444 } 2445 ; 2446 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG 2447 { 2448 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2)); 2449 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2450 yyerror("expected yes or no."); 2451 else cfg_parser->cfg->rrset_roundrobin = 2452 (strcmp($2, "yes")==0); 2453 free($2); 2454 } 2455 ; 2456 server_unknown_server_time_limit: VAR_UNKNOWN_SERVER_TIME_LIMIT STRING_ARG 2457 { 2458 OUTYY(("P(server_unknown_server_time_limit:%s)\n", $2)); 2459 cfg_parser->cfg->unknown_server_time_limit = atoi($2); 2460 free($2); 2461 } 2462 ; 2463 server_discard_timeout: VAR_DISCARD_TIMEOUT STRING_ARG 2464 { 2465 OUTYY(("P(server_discard_timeout:%s)\n", $2)); 2466 cfg_parser->cfg->discard_timeout = atoi($2); 2467 free($2); 2468 } 2469 ; 2470 server_wait_limit: VAR_WAIT_LIMIT STRING_ARG 2471 { 2472 OUTYY(("P(server_wait_limit:%s)\n", $2)); 2473 cfg_parser->cfg->wait_limit = atoi($2); 2474 free($2); 2475 } 2476 ; 2477 server_wait_limit_cookie: VAR_WAIT_LIMIT_COOKIE STRING_ARG 2478 { 2479 OUTYY(("P(server_wait_limit_cookie:%s)\n", $2)); 2480 cfg_parser->cfg->wait_limit_cookie = atoi($2); 2481 free($2); 2482 } 2483 ; 2484 server_wait_limit_netblock: VAR_WAIT_LIMIT_NETBLOCK STRING_ARG STRING_ARG 2485 { 2486 OUTYY(("P(server_wait_limit_netblock:%s %s)\n", $2, $3)); 2487 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2488 yyerror("number expected"); 2489 free($2); 2490 free($3); 2491 } else { 2492 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2493 wait_limit_netblock, $2, $3)) 2494 fatal_exit("out of memory adding " 2495 "wait-limit-netblock"); 2496 } 2497 } 2498 ; 2499 server_wait_limit_cookie_netblock: VAR_WAIT_LIMIT_COOKIE_NETBLOCK STRING_ARG STRING_ARG 2500 { 2501 OUTYY(("P(server_wait_limit_cookie_netblock:%s %s)\n", $2, $3)); 2502 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2503 yyerror("number expected"); 2504 free($2); 2505 free($3); 2506 } else { 2507 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2508 wait_limit_cookie_netblock, $2, $3)) 2509 fatal_exit("out of memory adding " 2510 "wait-limit-cookie-netblock"); 2511 } 2512 } 2513 ; 2514 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG 2515 { 2516 OUTYY(("P(server_max_udp_size:%s)\n", $2)); 2517 cfg_parser->cfg->max_udp_size = atoi($2); 2518 free($2); 2519 } 2520 ; 2521 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG 2522 { 2523 OUTYY(("P(dns64_prefix:%s)\n", $2)); 2524 free(cfg_parser->cfg->dns64_prefix); 2525 cfg_parser->cfg->dns64_prefix = $2; 2526 } 2527 ; 2528 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG 2529 { 2530 OUTYY(("P(server_dns64_synthall:%s)\n", $2)); 2531 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2532 yyerror("expected yes or no."); 2533 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0); 2534 free($2); 2535 } 2536 ; 2537 server_dns64_ignore_aaaa: VAR_DNS64_IGNORE_AAAA STRING_ARG 2538 { 2539 OUTYY(("P(dns64_ignore_aaaa:%s)\n", $2)); 2540 if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa, 2541 $2)) 2542 fatal_exit("out of memory adding dns64-ignore-aaaa"); 2543 } 2544 ; 2545 server_nat64_prefix: VAR_NAT64_PREFIX STRING_ARG 2546 { 2547 OUTYY(("P(nat64_prefix:%s)\n", $2)); 2548 free(cfg_parser->cfg->nat64_prefix); 2549 cfg_parser->cfg->nat64_prefix = $2; 2550 } 2551 ; 2552 server_define_tag: VAR_DEFINE_TAG STRING_ARG 2553 { 2554 char* p, *s = $2; 2555 OUTYY(("P(server_define_tag:%s)\n", $2)); 2556 while((p=strsep(&s, " \t\n")) != NULL) { 2557 if(*p) { 2558 if(!config_add_tag(cfg_parser->cfg, p)) 2559 yyerror("could not define-tag, " 2560 "out of memory"); 2561 } 2562 } 2563 free($2); 2564 } 2565 ; 2566 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG 2567 { 2568 size_t len = 0; 2569 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2570 &len); 2571 free($3); 2572 OUTYY(("P(server_local_zone_tag:%s)\n", $2)); 2573 if(!bitlist) { 2574 yyerror("could not parse tags, (define-tag them first)"); 2575 free($2); 2576 } 2577 if(bitlist) { 2578 if(!cfg_strbytelist_insert( 2579 &cfg_parser->cfg->local_zone_tags, 2580 $2, bitlist, len)) { 2581 yyerror("out of memory"); 2582 free($2); 2583 } 2584 } 2585 } 2586 ; 2587 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG 2588 { 2589 size_t len = 0; 2590 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2591 &len); 2592 free($3); 2593 OUTYY(("P(server_access_control_tag:%s)\n", $2)); 2594 if(!bitlist) { 2595 yyerror("could not parse tags, (define-tag them first)"); 2596 free($2); 2597 } 2598 if(bitlist) { 2599 if(!cfg_strbytelist_insert( 2600 &cfg_parser->cfg->acl_tags, 2601 $2, bitlist, len)) { 2602 yyerror("out of memory"); 2603 free($2); 2604 } 2605 } 2606 } 2607 ; 2608 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2609 { 2610 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4)); 2611 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions, 2612 $2, $3, $4)) { 2613 yyerror("out of memory"); 2614 free($2); 2615 free($3); 2616 free($4); 2617 } 2618 } 2619 ; 2620 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2621 { 2622 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4)); 2623 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas, 2624 $2, $3, $4)) { 2625 yyerror("out of memory"); 2626 free($2); 2627 free($3); 2628 free($4); 2629 } 2630 } 2631 ; 2632 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG 2633 { 2634 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4)); 2635 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides, 2636 $2, $3, $4)) { 2637 yyerror("out of memory"); 2638 free($2); 2639 free($3); 2640 free($4); 2641 } 2642 } 2643 ; 2644 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG 2645 { 2646 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3)); 2647 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view, 2648 $2, $3)) { 2649 yyerror("out of memory"); 2650 } 2651 } 2652 ; 2653 server_interface_tag: VAR_INTERFACE_TAG STRING_ARG STRING_ARG 2654 { 2655 size_t len = 0; 2656 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2657 &len); 2658 free($3); 2659 OUTYY(("P(server_interface_tag:%s)\n", $2)); 2660 if(!bitlist) { 2661 yyerror("could not parse tags, (define-tag them first)"); 2662 free($2); 2663 } 2664 if(bitlist) { 2665 if(!cfg_strbytelist_insert( 2666 &cfg_parser->cfg->interface_tags, 2667 $2, bitlist, len)) { 2668 yyerror("out of memory"); 2669 free($2); 2670 } 2671 } 2672 } 2673 ; 2674 server_interface_tag_action: VAR_INTERFACE_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG 2675 { 2676 OUTYY(("P(server_interface_tag_action:%s %s %s)\n", $2, $3, $4)); 2677 if(!cfg_str3list_insert(&cfg_parser->cfg->interface_tag_actions, 2678 $2, $3, $4)) { 2679 yyerror("out of memory"); 2680 free($2); 2681 free($3); 2682 free($4); 2683 } 2684 } 2685 ; 2686 server_interface_tag_data: VAR_INTERFACE_TAG_DATA STRING_ARG STRING_ARG STRING_ARG 2687 { 2688 OUTYY(("P(server_interface_tag_data:%s %s %s)\n", $2, $3, $4)); 2689 if(!cfg_str3list_insert(&cfg_parser->cfg->interface_tag_datas, 2690 $2, $3, $4)) { 2691 yyerror("out of memory"); 2692 free($2); 2693 free($3); 2694 free($4); 2695 } 2696 } 2697 ; 2698 server_interface_view: VAR_INTERFACE_VIEW STRING_ARG STRING_ARG 2699 { 2700 OUTYY(("P(server_interface_view:%s %s)\n", $2, $3)); 2701 if(!cfg_str2list_insert(&cfg_parser->cfg->interface_view, 2702 $2, $3)) { 2703 yyerror("out of memory"); 2704 } 2705 } 2706 ; 2707 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG 2708 { 2709 size_t len = 0; 2710 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3, 2711 &len); 2712 free($3); 2713 OUTYY(("P(response_ip_tag:%s)\n", $2)); 2714 if(!bitlist) { 2715 yyerror("could not parse tags, (define-tag them first)"); 2716 free($2); 2717 } 2718 if(bitlist) { 2719 if(!cfg_strbytelist_insert( 2720 &cfg_parser->cfg->respip_tags, 2721 $2, bitlist, len)) { 2722 yyerror("out of memory"); 2723 free($2); 2724 } 2725 } 2726 } 2727 ; 2728 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG 2729 { 2730 OUTYY(("P(server_ip_ratelimit:%s)\n", $2)); 2731 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2732 yyerror("number expected"); 2733 else cfg_parser->cfg->ip_ratelimit = atoi($2); 2734 free($2); 2735 } 2736 ; 2737 server_ip_ratelimit_cookie: VAR_IP_RATELIMIT_COOKIE STRING_ARG 2738 { 2739 OUTYY(("P(server_ip_ratelimit_cookie:%s)\n", $2)); 2740 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2741 yyerror("number expected"); 2742 else cfg_parser->cfg->ip_ratelimit_cookie = atoi($2); 2743 free($2); 2744 } 2745 ; 2746 server_ratelimit: VAR_RATELIMIT STRING_ARG 2747 { 2748 OUTYY(("P(server_ratelimit:%s)\n", $2)); 2749 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2750 yyerror("number expected"); 2751 else cfg_parser->cfg->ratelimit = atoi($2); 2752 free($2); 2753 } 2754 ; 2755 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG 2756 { 2757 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2)); 2758 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size)) 2759 yyerror("memory size expected"); 2760 free($2); 2761 } 2762 ; 2763 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG 2764 { 2765 OUTYY(("P(server_ratelimit_size:%s)\n", $2)); 2766 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size)) 2767 yyerror("memory size expected"); 2768 free($2); 2769 } 2770 ; 2771 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG 2772 { 2773 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2)); 2774 if(atoi($2) == 0) { 2775 yyerror("number expected"); 2776 } else { 2777 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2); 2778 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs)) 2779 yyerror("must be a power of 2"); 2780 } 2781 free($2); 2782 } 2783 ; 2784 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG 2785 { 2786 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2)); 2787 if(atoi($2) == 0) { 2788 yyerror("number expected"); 2789 } else { 2790 cfg_parser->cfg->ratelimit_slabs = atoi($2); 2791 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs)) 2792 yyerror("must be a power of 2"); 2793 } 2794 free($2); 2795 } 2796 ; 2797 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG 2798 { 2799 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3)); 2800 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2801 yyerror("number expected"); 2802 free($2); 2803 free($3); 2804 } else { 2805 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2806 ratelimit_for_domain, $2, $3)) 2807 fatal_exit("out of memory adding " 2808 "ratelimit-for-domain"); 2809 } 2810 } 2811 ; 2812 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG 2813 { 2814 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3)); 2815 if(atoi($3) == 0 && strcmp($3, "0") != 0) { 2816 yyerror("number expected"); 2817 free($2); 2818 free($3); 2819 } else { 2820 if(!cfg_str2list_insert(&cfg_parser->cfg-> 2821 ratelimit_below_domain, $2, $3)) 2822 fatal_exit("out of memory adding " 2823 "ratelimit-below-domain"); 2824 } 2825 } 2826 ; 2827 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG 2828 { 2829 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2)); 2830 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2831 yyerror("number expected"); 2832 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2); 2833 free($2); 2834 } 2835 ; 2836 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG 2837 { 2838 OUTYY(("P(server_ratelimit_factor:%s)\n", $2)); 2839 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2840 yyerror("number expected"); 2841 else cfg_parser->cfg->ratelimit_factor = atoi($2); 2842 free($2); 2843 } 2844 ; 2845 server_ip_ratelimit_backoff: VAR_IP_RATELIMIT_BACKOFF STRING_ARG 2846 { 2847 OUTYY(("P(server_ip_ratelimit_backoff:%s)\n", $2)); 2848 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2849 yyerror("expected yes or no."); 2850 else cfg_parser->cfg->ip_ratelimit_backoff = 2851 (strcmp($2, "yes")==0); 2852 free($2); 2853 } 2854 ; 2855 server_ratelimit_backoff: VAR_RATELIMIT_BACKOFF STRING_ARG 2856 { 2857 OUTYY(("P(server_ratelimit_backoff:%s)\n", $2)); 2858 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2859 yyerror("expected yes or no."); 2860 else cfg_parser->cfg->ratelimit_backoff = 2861 (strcmp($2, "yes")==0); 2862 free($2); 2863 } 2864 ; 2865 server_outbound_msg_retry: VAR_OUTBOUND_MSG_RETRY STRING_ARG 2866 { 2867 OUTYY(("P(server_outbound_msg_retry:%s)\n", $2)); 2868 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2869 yyerror("number expected"); 2870 else cfg_parser->cfg->outbound_msg_retry = atoi($2); 2871 free($2); 2872 } 2873 ; 2874 server_max_sent_count: VAR_MAX_SENT_COUNT STRING_ARG 2875 { 2876 OUTYY(("P(server_max_sent_count:%s)\n", $2)); 2877 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2878 yyerror("number expected"); 2879 else cfg_parser->cfg->max_sent_count = atoi($2); 2880 free($2); 2881 } 2882 ; 2883 server_max_query_restarts: VAR_MAX_QUERY_RESTARTS STRING_ARG 2884 { 2885 OUTYY(("P(server_max_query_restarts:%s)\n", $2)); 2886 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2887 yyerror("number expected"); 2888 else cfg_parser->cfg->max_query_restarts = atoi($2); 2889 free($2); 2890 } 2891 ; 2892 server_low_rtt: VAR_LOW_RTT STRING_ARG 2893 { 2894 OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n")); 2895 free($2); 2896 } 2897 ; 2898 server_fast_server_num: VAR_FAST_SERVER_NUM STRING_ARG 2899 { 2900 OUTYY(("P(server_fast_server_num:%s)\n", $2)); 2901 if(atoi($2) <= 0) 2902 yyerror("number expected"); 2903 else cfg_parser->cfg->fast_server_num = atoi($2); 2904 free($2); 2905 } 2906 ; 2907 server_fast_server_permil: VAR_FAST_SERVER_PERMIL STRING_ARG 2908 { 2909 OUTYY(("P(server_fast_server_permil:%s)\n", $2)); 2910 if(atoi($2) == 0 && strcmp($2, "0") != 0) 2911 yyerror("number expected"); 2912 else cfg_parser->cfg->fast_server_permil = atoi($2); 2913 free($2); 2914 } 2915 ; 2916 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG 2917 { 2918 OUTYY(("P(server_qname_minimisation:%s)\n", $2)); 2919 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2920 yyerror("expected yes or no."); 2921 else cfg_parser->cfg->qname_minimisation = 2922 (strcmp($2, "yes")==0); 2923 free($2); 2924 } 2925 ; 2926 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG 2927 { 2928 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2)); 2929 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2930 yyerror("expected yes or no."); 2931 else cfg_parser->cfg->qname_minimisation_strict = 2932 (strcmp($2, "yes")==0); 2933 free($2); 2934 } 2935 ; 2936 server_pad_responses: VAR_PAD_RESPONSES STRING_ARG 2937 { 2938 OUTYY(("P(server_pad_responses:%s)\n", $2)); 2939 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2940 yyerror("expected yes or no."); 2941 else cfg_parser->cfg->pad_responses = 2942 (strcmp($2, "yes")==0); 2943 free($2); 2944 } 2945 ; 2946 server_pad_responses_block_size: VAR_PAD_RESPONSES_BLOCK_SIZE STRING_ARG 2947 { 2948 OUTYY(("P(server_pad_responses_block_size:%s)\n", $2)); 2949 if(atoi($2) == 0) 2950 yyerror("number expected"); 2951 else cfg_parser->cfg->pad_responses_block_size = atoi($2); 2952 free($2); 2953 } 2954 ; 2955 server_pad_queries: VAR_PAD_QUERIES STRING_ARG 2956 { 2957 OUTYY(("P(server_pad_queries:%s)\n", $2)); 2958 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2959 yyerror("expected yes or no."); 2960 else cfg_parser->cfg->pad_queries = 2961 (strcmp($2, "yes")==0); 2962 free($2); 2963 } 2964 ; 2965 server_pad_queries_block_size: VAR_PAD_QUERIES_BLOCK_SIZE STRING_ARG 2966 { 2967 OUTYY(("P(server_pad_queries_block_size:%s)\n", $2)); 2968 if(atoi($2) == 0) 2969 yyerror("number expected"); 2970 else cfg_parser->cfg->pad_queries_block_size = atoi($2); 2971 free($2); 2972 } 2973 ; 2974 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG 2975 { 2976 #ifdef USE_IPSECMOD 2977 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2)); 2978 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2979 yyerror("expected yes or no."); 2980 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0); 2981 #else 2982 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2983 #endif 2984 free($2); 2985 } 2986 ; 2987 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG 2988 { 2989 #ifdef USE_IPSECMOD 2990 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2)); 2991 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 2992 yyerror("expected yes or no."); 2993 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0); 2994 #else 2995 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 2996 #endif 2997 free($2); 2998 } 2999 ; 3000 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG 3001 { 3002 #ifdef USE_IPSECMOD 3003 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2)); 3004 free(cfg_parser->cfg->ipsecmod_hook); 3005 cfg_parser->cfg->ipsecmod_hook = $2; 3006 #else 3007 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 3008 free($2); 3009 #endif 3010 } 3011 ; 3012 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG 3013 { 3014 #ifdef USE_IPSECMOD 3015 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2)); 3016 if(atoi($2) == 0 && strcmp($2, "0") != 0) 3017 yyerror("number expected"); 3018 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2); 3019 free($2); 3020 #else 3021 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 3022 free($2); 3023 #endif 3024 } 3025 ; 3026 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG 3027 { 3028 #ifdef USE_IPSECMOD 3029 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2)); 3030 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2)) 3031 yyerror("out of memory"); 3032 #else 3033 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 3034 free($2); 3035 #endif 3036 } 3037 ; 3038 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG 3039 { 3040 #ifdef USE_IPSECMOD 3041 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2)); 3042 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3043 yyerror("expected yes or no."); 3044 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0); 3045 free($2); 3046 #else 3047 OUTYY(("P(Compiled without IPsec module, ignoring)\n")); 3048 free($2); 3049 #endif 3050 } 3051 ; 3052 server_edns_client_string: VAR_EDNS_CLIENT_STRING STRING_ARG STRING_ARG 3053 { 3054 OUTYY(("P(server_edns_client_string:%s %s)\n", $2, $3)); 3055 if(!cfg_str2list_insert( 3056 &cfg_parser->cfg->edns_client_strings, $2, $3)) 3057 fatal_exit("out of memory adding " 3058 "edns-client-string"); 3059 } 3060 ; 3061 server_edns_client_string_opcode: VAR_EDNS_CLIENT_STRING_OPCODE STRING_ARG 3062 { 3063 OUTYY(("P(edns_client_string_opcode:%s)\n", $2)); 3064 if(atoi($2) == 0 && strcmp($2, "0") != 0) 3065 yyerror("option code expected"); 3066 else if(atoi($2) > 65535 || atoi($2) < 0) 3067 yyerror("option code must be in interval [0, 65535]"); 3068 else cfg_parser->cfg->edns_client_string_opcode = atoi($2); 3069 free($2); 3070 } 3071 ; 3072 server_ede: VAR_EDE STRING_ARG 3073 { 3074 OUTYY(("P(server_ede:%s)\n", $2)); 3075 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3076 yyerror("expected yes or no."); 3077 else cfg_parser->cfg->ede = (strcmp($2, "yes")==0); 3078 free($2); 3079 } 3080 ; 3081 server_dns_error_reporting: VAR_DNS_ERROR_REPORTING STRING_ARG 3082 { 3083 OUTYY(("P(server_dns_error_reporting:%s)\n", $2)); 3084 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3085 yyerror("expected yes or no."); 3086 else cfg_parser->cfg->dns_error_reporting = (strcmp($2, "yes")==0); 3087 free($2); 3088 } 3089 ; 3090 server_proxy_protocol_port: VAR_PROXY_PROTOCOL_PORT STRING_ARG 3091 { 3092 OUTYY(("P(server_proxy_protocol_port:%s)\n", $2)); 3093 if(!cfg_strlist_insert(&cfg_parser->cfg->proxy_protocol_port, $2)) 3094 yyerror("out of memory"); 3095 } 3096 ; 3097 stub_name: VAR_NAME STRING_ARG 3098 { 3099 OUTYY(("P(name:%s)\n", $2)); 3100 if(cfg_parser->cfg->stubs->name) 3101 yyerror("stub name override, there must be one name " 3102 "for one stub-zone"); 3103 free(cfg_parser->cfg->stubs->name); 3104 cfg_parser->cfg->stubs->name = $2; 3105 } 3106 ; 3107 stub_host: VAR_STUB_HOST STRING_ARG 3108 { 3109 OUTYY(("P(stub-host:%s)\n", $2)); 3110 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2)) 3111 yyerror("out of memory"); 3112 } 3113 ; 3114 stub_addr: VAR_STUB_ADDR STRING_ARG 3115 { 3116 OUTYY(("P(stub-addr:%s)\n", $2)); 3117 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2)) 3118 yyerror("out of memory"); 3119 } 3120 ; 3121 stub_first: VAR_STUB_FIRST STRING_ARG 3122 { 3123 OUTYY(("P(stub-first:%s)\n", $2)); 3124 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3125 yyerror("expected yes or no."); 3126 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0); 3127 free($2); 3128 } 3129 ; 3130 stub_no_cache: VAR_STUB_NO_CACHE STRING_ARG 3131 { 3132 OUTYY(("P(stub-no-cache:%s)\n", $2)); 3133 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3134 yyerror("expected yes or no."); 3135 else cfg_parser->cfg->stubs->no_cache=(strcmp($2, "yes")==0); 3136 free($2); 3137 } 3138 ; 3139 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG 3140 { 3141 OUTYY(("P(stub-ssl-upstream:%s)\n", $2)); 3142 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3143 yyerror("expected yes or no."); 3144 else cfg_parser->cfg->stubs->ssl_upstream = 3145 (strcmp($2, "yes")==0); 3146 free($2); 3147 } 3148 ; 3149 stub_tcp_upstream: VAR_STUB_TCP_UPSTREAM STRING_ARG 3150 { 3151 OUTYY(("P(stub-tcp-upstream:%s)\n", $2)); 3152 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3153 yyerror("expected yes or no."); 3154 else cfg_parser->cfg->stubs->tcp_upstream = 3155 (strcmp($2, "yes")==0); 3156 free($2); 3157 } 3158 ; 3159 stub_prime: VAR_STUB_PRIME STRING_ARG 3160 { 3161 OUTYY(("P(stub-prime:%s)\n", $2)); 3162 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3163 yyerror("expected yes or no."); 3164 else cfg_parser->cfg->stubs->isprime = 3165 (strcmp($2, "yes")==0); 3166 free($2); 3167 } 3168 ; 3169 forward_name: VAR_NAME STRING_ARG 3170 { 3171 OUTYY(("P(name:%s)\n", $2)); 3172 if(cfg_parser->cfg->forwards->name) 3173 yyerror("forward name override, there must be one " 3174 "name for one forward-zone"); 3175 free(cfg_parser->cfg->forwards->name); 3176 cfg_parser->cfg->forwards->name = $2; 3177 } 3178 ; 3179 forward_host: VAR_FORWARD_HOST STRING_ARG 3180 { 3181 OUTYY(("P(forward-host:%s)\n", $2)); 3182 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2)) 3183 yyerror("out of memory"); 3184 } 3185 ; 3186 forward_addr: VAR_FORWARD_ADDR STRING_ARG 3187 { 3188 OUTYY(("P(forward-addr:%s)\n", $2)); 3189 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2)) 3190 yyerror("out of memory"); 3191 } 3192 ; 3193 forward_first: VAR_FORWARD_FIRST STRING_ARG 3194 { 3195 OUTYY(("P(forward-first:%s)\n", $2)); 3196 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3197 yyerror("expected yes or no."); 3198 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0); 3199 free($2); 3200 } 3201 ; 3202 forward_no_cache: VAR_FORWARD_NO_CACHE STRING_ARG 3203 { 3204 OUTYY(("P(forward-no-cache:%s)\n", $2)); 3205 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3206 yyerror("expected yes or no."); 3207 else cfg_parser->cfg->forwards->no_cache=(strcmp($2, "yes")==0); 3208 free($2); 3209 } 3210 ; 3211 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG 3212 { 3213 OUTYY(("P(forward-ssl-upstream:%s)\n", $2)); 3214 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3215 yyerror("expected yes or no."); 3216 else cfg_parser->cfg->forwards->ssl_upstream = 3217 (strcmp($2, "yes")==0); 3218 free($2); 3219 } 3220 ; 3221 forward_tcp_upstream: VAR_FORWARD_TCP_UPSTREAM STRING_ARG 3222 { 3223 OUTYY(("P(forward-tcp-upstream:%s)\n", $2)); 3224 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3225 yyerror("expected yes or no."); 3226 else cfg_parser->cfg->forwards->tcp_upstream = 3227 (strcmp($2, "yes")==0); 3228 free($2); 3229 } 3230 ; 3231 auth_name: VAR_NAME STRING_ARG 3232 { 3233 OUTYY(("P(name:%s)\n", $2)); 3234 if(cfg_parser->cfg->auths->name) 3235 yyerror("auth name override, there must be one name " 3236 "for one auth-zone"); 3237 free(cfg_parser->cfg->auths->name); 3238 cfg_parser->cfg->auths->name = $2; 3239 } 3240 ; 3241 auth_zonefile: VAR_ZONEFILE STRING_ARG 3242 { 3243 OUTYY(("P(zonefile:%s)\n", $2)); 3244 free(cfg_parser->cfg->auths->zonefile); 3245 cfg_parser->cfg->auths->zonefile = $2; 3246 } 3247 ; 3248 auth_master: VAR_MASTER STRING_ARG 3249 { 3250 OUTYY(("P(master:%s)\n", $2)); 3251 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2)) 3252 yyerror("out of memory"); 3253 } 3254 ; 3255 auth_url: VAR_URL STRING_ARG 3256 { 3257 OUTYY(("P(url:%s)\n", $2)); 3258 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2)) 3259 yyerror("out of memory"); 3260 } 3261 ; 3262 auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG 3263 { 3264 OUTYY(("P(allow-notify:%s)\n", $2)); 3265 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify, 3266 $2)) 3267 yyerror("out of memory"); 3268 } 3269 ; 3270 auth_zonemd_check: VAR_ZONEMD_CHECK STRING_ARG 3271 { 3272 OUTYY(("P(zonemd-check:%s)\n", $2)); 3273 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3274 yyerror("expected yes or no."); 3275 else cfg_parser->cfg->auths->zonemd_check = 3276 (strcmp($2, "yes")==0); 3277 free($2); 3278 } 3279 ; 3280 auth_zonemd_reject_absence: VAR_ZONEMD_REJECT_ABSENCE STRING_ARG 3281 { 3282 OUTYY(("P(zonemd-reject-absence:%s)\n", $2)); 3283 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3284 yyerror("expected yes or no."); 3285 else cfg_parser->cfg->auths->zonemd_reject_absence = 3286 (strcmp($2, "yes")==0); 3287 free($2); 3288 } 3289 ; 3290 auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG 3291 { 3292 OUTYY(("P(for-downstream:%s)\n", $2)); 3293 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3294 yyerror("expected yes or no."); 3295 else cfg_parser->cfg->auths->for_downstream = 3296 (strcmp($2, "yes")==0); 3297 free($2); 3298 } 3299 ; 3300 auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG 3301 { 3302 OUTYY(("P(for-upstream:%s)\n", $2)); 3303 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3304 yyerror("expected yes or no."); 3305 else cfg_parser->cfg->auths->for_upstream = 3306 (strcmp($2, "yes")==0); 3307 free($2); 3308 } 3309 ; 3310 auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG 3311 { 3312 OUTYY(("P(fallback-enabled:%s)\n", $2)); 3313 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3314 yyerror("expected yes or no."); 3315 else cfg_parser->cfg->auths->fallback_enabled = 3316 (strcmp($2, "yes")==0); 3317 free($2); 3318 } 3319 ; 3320 view_name: VAR_NAME STRING_ARG 3321 { 3322 OUTYY(("P(name:%s)\n", $2)); 3323 if(cfg_parser->cfg->views->name) 3324 yyerror("view name override, there must be one " 3325 "name for one view"); 3326 free(cfg_parser->cfg->views->name); 3327 cfg_parser->cfg->views->name = $2; 3328 } 3329 ; 3330 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG 3331 { 3332 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3)); 3333 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 && 3334 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 && 3335 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0 3336 && strcmp($3, "typetransparent")!=0 3337 && strcmp($3, "always_transparent")!=0 3338 && strcmp($3, "always_refuse")!=0 3339 && strcmp($3, "always_nxdomain")!=0 3340 && strcmp($3, "always_nodata")!=0 3341 && strcmp($3, "always_deny")!=0 3342 && strcmp($3, "always_null")!=0 3343 && strcmp($3, "noview")!=0 3344 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 3345 && strcmp($3, "inform_redirect") != 0 3346 && strcmp($3, "ipset") != 0) { 3347 yyerror("local-zone type: expected static, deny, " 3348 "refuse, redirect, transparent, " 3349 "typetransparent, inform, inform_deny, " 3350 "inform_redirect, always_transparent, " 3351 "always_refuse, always_nxdomain, " 3352 "always_nodata, always_deny, always_null, " 3353 "noview, nodefault or ipset"); 3354 free($2); 3355 free($3); 3356 } else if(strcmp($3, "nodefault")==0) { 3357 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3358 local_zones_nodefault, $2)) 3359 fatal_exit("out of memory adding local-zone"); 3360 free($3); 3361 #ifdef USE_IPSET 3362 } else if(strcmp($3, "ipset")==0) { 3363 size_t len = strlen($2); 3364 /* Make sure to add the trailing dot. 3365 * These are str compared to domain names. */ 3366 if($2[len-1] != '.') { 3367 if(!($2 = realloc($2, len+2))) { 3368 fatal_exit("out of memory adding local-zone"); 3369 } 3370 $2[len] = '.'; 3371 $2[len+1] = 0; 3372 } 3373 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3374 local_zones_ipset, $2)) 3375 fatal_exit("out of memory adding local-zone"); 3376 free($3); 3377 #endif 3378 } else { 3379 if(!cfg_str2list_insert( 3380 &cfg_parser->cfg->views->local_zones, 3381 $2, $3)) 3382 fatal_exit("out of memory adding local-zone"); 3383 } 3384 } 3385 ; 3386 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 3387 { 3388 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3)); 3389 validate_respip_action($3); 3390 if(!cfg_str2list_insert( 3391 &cfg_parser->cfg->views->respip_actions, $2, $3)) 3392 fatal_exit("out of memory adding per-view " 3393 "response-ip action"); 3394 } 3395 ; 3396 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 3397 { 3398 OUTYY(("P(view_response_ip_data:%s)\n", $2)); 3399 if(!cfg_str2list_insert( 3400 &cfg_parser->cfg->views->respip_data, $2, $3)) 3401 fatal_exit("out of memory adding response-ip-data"); 3402 } 3403 ; 3404 view_local_data: VAR_LOCAL_DATA STRING_ARG 3405 { 3406 OUTYY(("P(view_local_data:%s)\n", $2)); 3407 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) { 3408 fatal_exit("out of memory adding local-data"); 3409 } 3410 } 3411 ; 3412 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG 3413 { 3414 char* ptr; 3415 OUTYY(("P(view_local_data_ptr:%s)\n", $2)); 3416 ptr = cfg_ptr_reverse($2); 3417 free($2); 3418 if(ptr) { 3419 if(!cfg_strlist_insert(&cfg_parser->cfg->views-> 3420 local_data, ptr)) 3421 fatal_exit("out of memory adding local-data"); 3422 } else { 3423 yyerror("local-data-ptr could not be reversed"); 3424 } 3425 } 3426 ; 3427 view_first: VAR_VIEW_FIRST STRING_ARG 3428 { 3429 OUTYY(("P(view-first:%s)\n", $2)); 3430 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3431 yyerror("expected yes or no."); 3432 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0); 3433 free($2); 3434 } 3435 ; 3436 rcstart: VAR_REMOTE_CONTROL 3437 { 3438 OUTYY(("\nP(remote-control:)\n")); 3439 cfg_parser->started_toplevel = 1; 3440 } 3441 ; 3442 contents_rc: contents_rc content_rc 3443 | ; 3444 content_rc: rc_control_enable | rc_control_interface | rc_control_port | 3445 rc_server_key_file | rc_server_cert_file | rc_control_key_file | 3446 rc_control_cert_file | rc_control_use_cert 3447 ; 3448 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG 3449 { 3450 OUTYY(("P(control_enable:%s)\n", $2)); 3451 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3452 yyerror("expected yes or no."); 3453 else cfg_parser->cfg->remote_control_enable = 3454 (strcmp($2, "yes")==0); 3455 free($2); 3456 } 3457 ; 3458 rc_control_port: VAR_CONTROL_PORT STRING_ARG 3459 { 3460 OUTYY(("P(control_port:%s)\n", $2)); 3461 if(atoi($2) == 0) 3462 yyerror("control port number expected"); 3463 else cfg_parser->cfg->control_port = atoi($2); 3464 free($2); 3465 } 3466 ; 3467 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG 3468 { 3469 OUTYY(("P(control_interface:%s)\n", $2)); 3470 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2)) 3471 yyerror("out of memory"); 3472 } 3473 ; 3474 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG 3475 { 3476 OUTYY(("P(control_use_cert:%s)\n", $2)); 3477 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0); 3478 free($2); 3479 } 3480 ; 3481 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG 3482 { 3483 OUTYY(("P(rc_server_key_file:%s)\n", $2)); 3484 free(cfg_parser->cfg->server_key_file); 3485 cfg_parser->cfg->server_key_file = $2; 3486 } 3487 ; 3488 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG 3489 { 3490 OUTYY(("P(rc_server_cert_file:%s)\n", $2)); 3491 free(cfg_parser->cfg->server_cert_file); 3492 cfg_parser->cfg->server_cert_file = $2; 3493 } 3494 ; 3495 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG 3496 { 3497 OUTYY(("P(rc_control_key_file:%s)\n", $2)); 3498 free(cfg_parser->cfg->control_key_file); 3499 cfg_parser->cfg->control_key_file = $2; 3500 } 3501 ; 3502 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG 3503 { 3504 OUTYY(("P(rc_control_cert_file:%s)\n", $2)); 3505 free(cfg_parser->cfg->control_cert_file); 3506 cfg_parser->cfg->control_cert_file = $2; 3507 } 3508 ; 3509 dtstart: VAR_DNSTAP 3510 { 3511 OUTYY(("\nP(dnstap:)\n")); 3512 cfg_parser->started_toplevel = 1; 3513 } 3514 ; 3515 contents_dt: contents_dt content_dt 3516 | ; 3517 content_dt: dt_dnstap_enable | dt_dnstap_socket_path | dt_dnstap_bidirectional | 3518 dt_dnstap_ip | dt_dnstap_tls | dt_dnstap_tls_server_name | 3519 dt_dnstap_tls_cert_bundle | 3520 dt_dnstap_tls_client_key_file | dt_dnstap_tls_client_cert_file | 3521 dt_dnstap_send_identity | dt_dnstap_send_version | 3522 dt_dnstap_identity | dt_dnstap_version | 3523 dt_dnstap_log_resolver_query_messages | 3524 dt_dnstap_log_resolver_response_messages | 3525 dt_dnstap_log_client_query_messages | 3526 dt_dnstap_log_client_response_messages | 3527 dt_dnstap_log_forwarder_query_messages | 3528 dt_dnstap_log_forwarder_response_messages | 3529 dt_dnstap_sample_rate 3530 ; 3531 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG 3532 { 3533 OUTYY(("P(dt_dnstap_enable:%s)\n", $2)); 3534 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3535 yyerror("expected yes or no."); 3536 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0); 3537 free($2); 3538 } 3539 ; 3540 dt_dnstap_bidirectional: VAR_DNSTAP_BIDIRECTIONAL STRING_ARG 3541 { 3542 OUTYY(("P(dt_dnstap_bidirectional:%s)\n", $2)); 3543 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3544 yyerror("expected yes or no."); 3545 else cfg_parser->cfg->dnstap_bidirectional = 3546 (strcmp($2, "yes")==0); 3547 free($2); 3548 } 3549 ; 3550 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG 3551 { 3552 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2)); 3553 free(cfg_parser->cfg->dnstap_socket_path); 3554 cfg_parser->cfg->dnstap_socket_path = $2; 3555 } 3556 ; 3557 dt_dnstap_ip: VAR_DNSTAP_IP STRING_ARG 3558 { 3559 OUTYY(("P(dt_dnstap_ip:%s)\n", $2)); 3560 free(cfg_parser->cfg->dnstap_ip); 3561 cfg_parser->cfg->dnstap_ip = $2; 3562 } 3563 ; 3564 dt_dnstap_tls: VAR_DNSTAP_TLS STRING_ARG 3565 { 3566 OUTYY(("P(dt_dnstap_tls:%s)\n", $2)); 3567 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3568 yyerror("expected yes or no."); 3569 else cfg_parser->cfg->dnstap_tls = (strcmp($2, "yes")==0); 3570 free($2); 3571 } 3572 ; 3573 dt_dnstap_tls_server_name: VAR_DNSTAP_TLS_SERVER_NAME STRING_ARG 3574 { 3575 OUTYY(("P(dt_dnstap_tls_server_name:%s)\n", $2)); 3576 free(cfg_parser->cfg->dnstap_tls_server_name); 3577 cfg_parser->cfg->dnstap_tls_server_name = $2; 3578 } 3579 ; 3580 dt_dnstap_tls_cert_bundle: VAR_DNSTAP_TLS_CERT_BUNDLE STRING_ARG 3581 { 3582 OUTYY(("P(dt_dnstap_tls_cert_bundle:%s)\n", $2)); 3583 free(cfg_parser->cfg->dnstap_tls_cert_bundle); 3584 cfg_parser->cfg->dnstap_tls_cert_bundle = $2; 3585 } 3586 ; 3587 dt_dnstap_tls_client_key_file: VAR_DNSTAP_TLS_CLIENT_KEY_FILE STRING_ARG 3588 { 3589 OUTYY(("P(dt_dnstap_tls_client_key_file:%s)\n", $2)); 3590 free(cfg_parser->cfg->dnstap_tls_client_key_file); 3591 cfg_parser->cfg->dnstap_tls_client_key_file = $2; 3592 } 3593 ; 3594 dt_dnstap_tls_client_cert_file: VAR_DNSTAP_TLS_CLIENT_CERT_FILE STRING_ARG 3595 { 3596 OUTYY(("P(dt_dnstap_tls_client_cert_file:%s)\n", $2)); 3597 free(cfg_parser->cfg->dnstap_tls_client_cert_file); 3598 cfg_parser->cfg->dnstap_tls_client_cert_file = $2; 3599 } 3600 ; 3601 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG 3602 { 3603 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2)); 3604 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3605 yyerror("expected yes or no."); 3606 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0); 3607 free($2); 3608 } 3609 ; 3610 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG 3611 { 3612 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2)); 3613 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3614 yyerror("expected yes or no."); 3615 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0); 3616 free($2); 3617 } 3618 ; 3619 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG 3620 { 3621 OUTYY(("P(dt_dnstap_identity:%s)\n", $2)); 3622 free(cfg_parser->cfg->dnstap_identity); 3623 cfg_parser->cfg->dnstap_identity = $2; 3624 } 3625 ; 3626 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG 3627 { 3628 OUTYY(("P(dt_dnstap_version:%s)\n", $2)); 3629 free(cfg_parser->cfg->dnstap_version); 3630 cfg_parser->cfg->dnstap_version = $2; 3631 } 3632 ; 3633 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG 3634 { 3635 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2)); 3636 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3637 yyerror("expected yes or no."); 3638 else cfg_parser->cfg->dnstap_log_resolver_query_messages = 3639 (strcmp($2, "yes")==0); 3640 free($2); 3641 } 3642 ; 3643 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG 3644 { 3645 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2)); 3646 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3647 yyerror("expected yes or no."); 3648 else cfg_parser->cfg->dnstap_log_resolver_response_messages = 3649 (strcmp($2, "yes")==0); 3650 free($2); 3651 } 3652 ; 3653 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG 3654 { 3655 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2)); 3656 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3657 yyerror("expected yes or no."); 3658 else cfg_parser->cfg->dnstap_log_client_query_messages = 3659 (strcmp($2, "yes")==0); 3660 free($2); 3661 } 3662 ; 3663 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG 3664 { 3665 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2)); 3666 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3667 yyerror("expected yes or no."); 3668 else cfg_parser->cfg->dnstap_log_client_response_messages = 3669 (strcmp($2, "yes")==0); 3670 free($2); 3671 } 3672 ; 3673 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG 3674 { 3675 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2)); 3676 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3677 yyerror("expected yes or no."); 3678 else cfg_parser->cfg->dnstap_log_forwarder_query_messages = 3679 (strcmp($2, "yes")==0); 3680 free($2); 3681 } 3682 ; 3683 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG 3684 { 3685 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2)); 3686 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3687 yyerror("expected yes or no."); 3688 else cfg_parser->cfg->dnstap_log_forwarder_response_messages = 3689 (strcmp($2, "yes")==0); 3690 free($2); 3691 } 3692 ; 3693 dt_dnstap_sample_rate: VAR_DNSTAP_SAMPLE_RATE STRING_ARG 3694 { 3695 OUTYY(("P(dt_dnstap_sample_rate:%s)\n", $2)); 3696 if(atoi($2) == 0 && strcmp($2, "0") != 0) 3697 yyerror("number expected"); 3698 else if(atoi($2) < 0) 3699 yyerror("dnstap sample rate too small"); 3700 else cfg_parser->cfg->dnstap_sample_rate = atoi($2); 3701 free($2); 3702 } 3703 ; 3704 pythonstart: VAR_PYTHON 3705 { 3706 OUTYY(("\nP(python:)\n")); 3707 cfg_parser->started_toplevel = 1; 3708 } 3709 ; 3710 contents_py: contents_py content_py 3711 | ; 3712 content_py: py_script 3713 ; 3714 py_script: VAR_PYTHON_SCRIPT STRING_ARG 3715 { 3716 OUTYY(("P(python-script:%s)\n", $2)); 3717 if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, $2)) 3718 yyerror("out of memory"); 3719 } 3720 ; 3721 dynlibstart: VAR_DYNLIB 3722 { 3723 OUTYY(("\nP(dynlib:)\n")); 3724 cfg_parser->started_toplevel = 1; 3725 } 3726 ; 3727 contents_dl: contents_dl content_dl 3728 | ; 3729 content_dl: dl_file 3730 ; 3731 dl_file: VAR_DYNLIB_FILE STRING_ARG 3732 { 3733 OUTYY(("P(dynlib-file:%s)\n", $2)); 3734 if(!cfg_strlist_append_ex(&cfg_parser->cfg->dynlib_file, $2)) 3735 yyerror("out of memory"); 3736 } 3737 ; 3738 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG 3739 { 3740 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2)); 3741 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3742 yyerror("expected yes or no."); 3743 else cfg_parser->cfg->disable_dnssec_lame_check = 3744 (strcmp($2, "yes")==0); 3745 free($2); 3746 } 3747 ; 3748 server_log_identity: VAR_LOG_IDENTITY STRING_ARG 3749 { 3750 OUTYY(("P(server_log_identity:%s)\n", $2)); 3751 free(cfg_parser->cfg->log_identity); 3752 cfg_parser->cfg->log_identity = $2; 3753 } 3754 ; 3755 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG 3756 { 3757 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3)); 3758 validate_respip_action($3); 3759 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions, 3760 $2, $3)) 3761 fatal_exit("out of memory adding response-ip"); 3762 } 3763 ; 3764 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG 3765 { 3766 OUTYY(("P(server_response_ip_data:%s)\n", $2)); 3767 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data, 3768 $2, $3)) 3769 fatal_exit("out of memory adding response-ip-data"); 3770 } 3771 ; 3772 dnscstart: VAR_DNSCRYPT 3773 { 3774 OUTYY(("\nP(dnscrypt:)\n")); 3775 cfg_parser->started_toplevel = 1; 3776 } 3777 ; 3778 contents_dnsc: contents_dnsc content_dnsc 3779 | ; 3780 content_dnsc: 3781 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider | 3782 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert | 3783 dnsc_dnscrypt_provider_cert_rotated | 3784 dnsc_dnscrypt_shared_secret_cache_size | 3785 dnsc_dnscrypt_shared_secret_cache_slabs | 3786 dnsc_dnscrypt_nonce_cache_size | 3787 dnsc_dnscrypt_nonce_cache_slabs 3788 ; 3789 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG 3790 { 3791 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2)); 3792 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3793 yyerror("expected yes or no."); 3794 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0); 3795 free($2); 3796 } 3797 ; 3798 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG 3799 { 3800 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2)); 3801 if(atoi($2) == 0) 3802 yyerror("port number expected"); 3803 else cfg_parser->cfg->dnscrypt_port = atoi($2); 3804 free($2); 3805 } 3806 ; 3807 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG 3808 { 3809 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2)); 3810 free(cfg_parser->cfg->dnscrypt_provider); 3811 cfg_parser->cfg->dnscrypt_provider = $2; 3812 } 3813 ; 3814 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG 3815 { 3816 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2)); 3817 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3818 log_warn("dnscrypt-provider-cert %s is a duplicate", $2); 3819 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2)) 3820 fatal_exit("out of memory adding dnscrypt-provider-cert"); 3821 } 3822 ; 3823 dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG 3824 { 3825 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2)); 3826 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2)) 3827 fatal_exit("out of memory adding dnscrypt-provider-cert-rotated"); 3828 } 3829 ; 3830 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG 3831 { 3832 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2)); 3833 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2)) 3834 log_warn("dnscrypt-secret-key: %s is a duplicate", $2); 3835 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2)) 3836 fatal_exit("out of memory adding dnscrypt-secret-key"); 3837 } 3838 ; 3839 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG 3840 { 3841 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2)); 3842 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size)) 3843 yyerror("memory size expected"); 3844 free($2); 3845 } 3846 ; 3847 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG 3848 { 3849 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2)); 3850 if(atoi($2) == 0) { 3851 yyerror("number expected"); 3852 } else { 3853 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2); 3854 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs)) 3855 yyerror("must be a power of 2"); 3856 } 3857 free($2); 3858 } 3859 ; 3860 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG 3861 { 3862 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2)); 3863 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size)) 3864 yyerror("memory size expected"); 3865 free($2); 3866 } 3867 ; 3868 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG 3869 { 3870 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2)); 3871 if(atoi($2) == 0) { 3872 yyerror("number expected"); 3873 } else { 3874 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2); 3875 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs)) 3876 yyerror("must be a power of 2"); 3877 } 3878 free($2); 3879 } 3880 ; 3881 cachedbstart: VAR_CACHEDB 3882 { 3883 OUTYY(("\nP(cachedb:)\n")); 3884 cfg_parser->started_toplevel = 1; 3885 } 3886 ; 3887 contents_cachedb: contents_cachedb content_cachedb 3888 | ; 3889 content_cachedb: cachedb_backend_name | cachedb_secret_seed | 3890 redis_server_host | redis_replica_server_host | 3891 redis_server_port | redis_replica_server_port | 3892 redis_timeout | redis_replica_timeout | 3893 redis_command_timeout | redis_replica_command_timeout | 3894 redis_connect_timeout | redis_replica_connect_timeout | 3895 redis_server_path | redis_replica_server_path | 3896 redis_server_password | redis_replica_server_password | 3897 redis_logical_db | redis_replica_logical_db | 3898 cachedb_no_store | redis_expire_records | 3899 cachedb_check_when_serve_expired 3900 ; 3901 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG 3902 { 3903 #ifdef USE_CACHEDB 3904 OUTYY(("P(backend:%s)\n", $2)); 3905 free(cfg_parser->cfg->cachedb_backend); 3906 cfg_parser->cfg->cachedb_backend = $2; 3907 #else 3908 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3909 free($2); 3910 #endif 3911 } 3912 ; 3913 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG 3914 { 3915 #ifdef USE_CACHEDB 3916 OUTYY(("P(secret-seed:%s)\n", $2)); 3917 free(cfg_parser->cfg->cachedb_secret); 3918 cfg_parser->cfg->cachedb_secret = $2; 3919 #else 3920 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3921 free($2); 3922 #endif 3923 } 3924 ; 3925 cachedb_no_store: VAR_CACHEDB_NO_STORE STRING_ARG 3926 { 3927 #ifdef USE_CACHEDB 3928 OUTYY(("P(cachedb_no_store:%s)\n", $2)); 3929 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3930 yyerror("expected yes or no."); 3931 else cfg_parser->cfg->cachedb_no_store = (strcmp($2, "yes")==0); 3932 #else 3933 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3934 #endif 3935 free($2); 3936 } 3937 ; 3938 cachedb_check_when_serve_expired: VAR_CACHEDB_CHECK_WHEN_SERVE_EXPIRED STRING_ARG 3939 { 3940 #ifdef USE_CACHEDB 3941 OUTYY(("P(cachedb_check_when_serve_expired:%s)\n", $2)); 3942 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 3943 yyerror("expected yes or no."); 3944 else cfg_parser->cfg->cachedb_check_when_serve_expired = (strcmp($2, "yes")==0); 3945 #else 3946 OUTYY(("P(Compiled without cachedb, ignoring)\n")); 3947 #endif 3948 free($2); 3949 } 3950 ; 3951 redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG 3952 { 3953 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3954 OUTYY(("P(redis_server_host:%s)\n", $2)); 3955 free(cfg_parser->cfg->redis_server_host); 3956 cfg_parser->cfg->redis_server_host = $2; 3957 #else 3958 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3959 free($2); 3960 #endif 3961 } 3962 ; 3963 redis_replica_server_host: VAR_CACHEDB_REDISREPLICAHOST STRING_ARG 3964 { 3965 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3966 OUTYY(("P(redis_replica_server_host:%s)\n", $2)); 3967 free(cfg_parser->cfg->redis_replica_server_host); 3968 cfg_parser->cfg->redis_replica_server_host = $2; 3969 #else 3970 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3971 free($2); 3972 #endif 3973 } 3974 ; 3975 redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG 3976 { 3977 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3978 int port; 3979 OUTYY(("P(redis_server_port:%s)\n", $2)); 3980 port = atoi($2); 3981 if(port == 0 || port < 0 || port > 65535) 3982 yyerror("valid redis server port number expected"); 3983 else cfg_parser->cfg->redis_server_port = port; 3984 #else 3985 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 3986 #endif 3987 free($2); 3988 } 3989 ; 3990 redis_replica_server_port: VAR_CACHEDB_REDISREPLICAPORT STRING_ARG 3991 { 3992 #if defined(USE_CACHEDB) && defined(USE_REDIS) 3993 int port; 3994 OUTYY(("P(redis_replica_server_port:%s)\n", $2)); 3995 port = atoi($2); 3996 if(port == 0 || port < 0 || port > 65535) 3997 yyerror("valid redis server port number expected"); 3998 else cfg_parser->cfg->redis_replica_server_port = port; 3999 #else 4000 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4001 #endif 4002 free($2); 4003 } 4004 ; 4005 redis_server_path: VAR_CACHEDB_REDISPATH STRING_ARG 4006 { 4007 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4008 OUTYY(("P(redis_server_path:%s)\n", $2)); 4009 free(cfg_parser->cfg->redis_server_path); 4010 cfg_parser->cfg->redis_server_path = $2; 4011 #else 4012 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4013 free($2); 4014 #endif 4015 } 4016 ; 4017 redis_replica_server_path: VAR_CACHEDB_REDISREPLICAPATH STRING_ARG 4018 { 4019 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4020 OUTYY(("P(redis_replica_server_path:%s)\n", $2)); 4021 free(cfg_parser->cfg->redis_replica_server_path); 4022 cfg_parser->cfg->redis_replica_server_path = $2; 4023 #else 4024 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4025 free($2); 4026 #endif 4027 } 4028 ; 4029 redis_server_password: VAR_CACHEDB_REDISPASSWORD STRING_ARG 4030 { 4031 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4032 OUTYY(("P(redis_server_password:%s)\n", $2)); 4033 free(cfg_parser->cfg->redis_server_password); 4034 cfg_parser->cfg->redis_server_password = $2; 4035 #else 4036 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4037 free($2); 4038 #endif 4039 } 4040 ; 4041 redis_replica_server_password: VAR_CACHEDB_REDISREPLICAPASSWORD STRING_ARG 4042 { 4043 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4044 OUTYY(("P(redis_replica_server_password:%s)\n", $2)); 4045 free(cfg_parser->cfg->redis_replica_server_password); 4046 cfg_parser->cfg->redis_replica_server_password = $2; 4047 #else 4048 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4049 free($2); 4050 #endif 4051 } 4052 ; 4053 redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG 4054 { 4055 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4056 OUTYY(("P(redis_timeout:%s)\n", $2)); 4057 if(atoi($2) == 0) 4058 yyerror("redis timeout value expected"); 4059 else cfg_parser->cfg->redis_timeout = atoi($2); 4060 #else 4061 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4062 #endif 4063 free($2); 4064 } 4065 ; 4066 redis_replica_timeout: VAR_CACHEDB_REDISREPLICATIMEOUT STRING_ARG 4067 { 4068 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4069 OUTYY(("P(redis_replica_timeout:%s)\n", $2)); 4070 if(atoi($2) == 0) 4071 yyerror("redis timeout value expected"); 4072 else cfg_parser->cfg->redis_replica_timeout = atoi($2); 4073 #else 4074 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4075 #endif 4076 free($2); 4077 } 4078 ; 4079 redis_command_timeout: VAR_CACHEDB_REDISCOMMANDTIMEOUT STRING_ARG 4080 { 4081 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4082 OUTYY(("P(redis_command_timeout:%s)\n", $2)); 4083 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4084 yyerror("redis command timeout value expected"); 4085 else cfg_parser->cfg->redis_command_timeout = atoi($2); 4086 #else 4087 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4088 #endif 4089 free($2); 4090 } 4091 ; 4092 redis_replica_command_timeout: VAR_CACHEDB_REDISREPLICACOMMANDTIMEOUT STRING_ARG 4093 { 4094 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4095 OUTYY(("P(redis_replica_command_timeout:%s)\n", $2)); 4096 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4097 yyerror("redis command timeout value expected"); 4098 else cfg_parser->cfg->redis_replica_command_timeout = atoi($2); 4099 #else 4100 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4101 #endif 4102 free($2); 4103 } 4104 ; 4105 redis_connect_timeout: VAR_CACHEDB_REDISCONNECTTIMEOUT STRING_ARG 4106 { 4107 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4108 OUTYY(("P(redis_connect_timeout:%s)\n", $2)); 4109 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4110 yyerror("redis connect timeout value expected"); 4111 else cfg_parser->cfg->redis_connect_timeout = atoi($2); 4112 #else 4113 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4114 #endif 4115 free($2); 4116 } 4117 ; 4118 redis_replica_connect_timeout: VAR_CACHEDB_REDISREPLICACONNECTTIMEOUT STRING_ARG 4119 { 4120 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4121 OUTYY(("P(redis_replica_connect_timeout:%s)\n", $2)); 4122 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4123 yyerror("redis connect timeout value expected"); 4124 else cfg_parser->cfg->redis_replica_connect_timeout = atoi($2); 4125 #else 4126 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4127 #endif 4128 free($2); 4129 } 4130 ; 4131 redis_expire_records: VAR_CACHEDB_REDISEXPIRERECORDS STRING_ARG 4132 { 4133 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4134 OUTYY(("P(redis_expire_records:%s)\n", $2)); 4135 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 4136 yyerror("expected yes or no."); 4137 else cfg_parser->cfg->redis_expire_records = (strcmp($2, "yes")==0); 4138 #else 4139 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4140 #endif 4141 free($2); 4142 } 4143 ; 4144 redis_logical_db: VAR_CACHEDB_REDISLOGICALDB STRING_ARG 4145 { 4146 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4147 int db; 4148 OUTYY(("P(redis_logical_db:%s)\n", $2)); 4149 db = atoi($2); 4150 if((db == 0 && strcmp($2, "0") != 0) || db < 0) 4151 yyerror("valid redis logical database index expected"); 4152 else cfg_parser->cfg->redis_logical_db = db; 4153 #else 4154 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4155 #endif 4156 free($2); 4157 } 4158 ; 4159 redis_replica_logical_db: VAR_CACHEDB_REDISREPLICALOGICALDB STRING_ARG 4160 { 4161 #if defined(USE_CACHEDB) && defined(USE_REDIS) 4162 int db; 4163 OUTYY(("P(redis_replica_logical_db:%s)\n", $2)); 4164 db = atoi($2); 4165 if((db == 0 && strcmp($2, "0") != 0) || db < 0) 4166 yyerror("valid redis logical database index expected"); 4167 else cfg_parser->cfg->redis_replica_logical_db = db; 4168 #else 4169 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n")); 4170 #endif 4171 free($2); 4172 } 4173 ; 4174 server_tcp_connection_limit: VAR_TCP_CONNECTION_LIMIT STRING_ARG STRING_ARG 4175 { 4176 OUTYY(("P(server_tcp_connection_limit:%s %s)\n", $2, $3)); 4177 if (atoi($3) < 0) 4178 yyerror("positive number expected"); 4179 else { 4180 if(!cfg_str2list_insert(&cfg_parser->cfg->tcp_connection_limits, $2, $3)) 4181 fatal_exit("out of memory adding tcp connection limit"); 4182 } 4183 } 4184 ; 4185 server_answer_cookie: VAR_ANSWER_COOKIE STRING_ARG 4186 { 4187 OUTYY(("P(server_answer_cookie:%s)\n", $2)); 4188 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 4189 yyerror("expected yes or no."); 4190 else cfg_parser->cfg->do_answer_cookie = (strcmp($2, "yes")==0); 4191 free($2); 4192 } 4193 ; 4194 server_cookie_secret: VAR_COOKIE_SECRET STRING_ARG 4195 { 4196 uint8_t secret[32]; 4197 size_t secret_len = sizeof(secret); 4198 4199 OUTYY(("P(server_cookie_secret:%s)\n", $2)); 4200 if(sldns_str2wire_hex_buf($2, secret, &secret_len) 4201 || (secret_len != 16)) 4202 yyerror("expected 128 bit hex string"); 4203 else { 4204 cfg_parser->cfg->cookie_secret_len = secret_len; 4205 memcpy(cfg_parser->cfg->cookie_secret, secret, sizeof(secret)); 4206 } 4207 free($2); 4208 } 4209 ; 4210 server_cookie_secret_file: VAR_COOKIE_SECRET_FILE STRING_ARG 4211 { 4212 OUTYY(("P(cookie_secret_file:%s)\n", $2)); 4213 free(cfg_parser->cfg->cookie_secret_file); 4214 cfg_parser->cfg->cookie_secret_file = $2; 4215 } 4216 ; 4217 server_iter_scrub_ns: VAR_ITER_SCRUB_NS STRING_ARG 4218 { 4219 OUTYY(("P(server_iter_scrub_ns:%s)\n", $2)); 4220 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4221 yyerror("number expected"); 4222 else cfg_parser->cfg->iter_scrub_ns = atoi($2); 4223 free($2); 4224 } 4225 ; 4226 server_iter_scrub_cname: VAR_ITER_SCRUB_CNAME STRING_ARG 4227 { 4228 OUTYY(("P(server_iter_scrub_cname:%s)\n", $2)); 4229 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4230 yyerror("number expected"); 4231 else cfg_parser->cfg->iter_scrub_cname = atoi($2); 4232 free($2); 4233 } 4234 ; 4235 server_max_global_quota: VAR_MAX_GLOBAL_QUOTA STRING_ARG 4236 { 4237 OUTYY(("P(server_max_global_quota:%s)\n", $2)); 4238 if(atoi($2) == 0 && strcmp($2, "0") != 0) 4239 yyerror("number expected"); 4240 else cfg_parser->cfg->max_global_quota = atoi($2); 4241 free($2); 4242 } 4243 ; 4244 server_iter_scrub_promiscuous: VAR_ITER_SCRUB_PROMISCUOUS STRING_ARG 4245 { 4246 OUTYY(("P(server_iter_scrub_promiscuous:%s)\n", $2)); 4247 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) 4248 yyerror("expected yes or no."); 4249 else cfg_parser->cfg->iter_scrub_promiscuous = 4250 (strcmp($2, "yes")==0); 4251 free($2); 4252 } 4253 ; 4254 ipsetstart: VAR_IPSET 4255 { 4256 OUTYY(("\nP(ipset:)\n")); 4257 cfg_parser->started_toplevel = 1; 4258 } 4259 ; 4260 contents_ipset: contents_ipset content_ipset 4261 | ; 4262 content_ipset: ipset_name_v4 | ipset_name_v6 4263 ; 4264 ipset_name_v4: VAR_IPSET_NAME_V4 STRING_ARG 4265 { 4266 #ifdef USE_IPSET 4267 OUTYY(("P(name-v4:%s)\n", $2)); 4268 if(cfg_parser->cfg->ipset_name_v4) 4269 yyerror("ipset name v4 override, there must be one " 4270 "name for ip v4"); 4271 free(cfg_parser->cfg->ipset_name_v4); 4272 cfg_parser->cfg->ipset_name_v4 = $2; 4273 #else 4274 OUTYY(("P(Compiled without ipset, ignoring)\n")); 4275 free($2); 4276 #endif 4277 } 4278 ; 4279 ipset_name_v6: VAR_IPSET_NAME_V6 STRING_ARG 4280 { 4281 #ifdef USE_IPSET 4282 OUTYY(("P(name-v6:%s)\n", $2)); 4283 if(cfg_parser->cfg->ipset_name_v6) 4284 yyerror("ipset name v6 override, there must be one " 4285 "name for ip v6"); 4286 free(cfg_parser->cfg->ipset_name_v6); 4287 cfg_parser->cfg->ipset_name_v6 = $2; 4288 #else 4289 OUTYY(("P(Compiled without ipset, ignoring)\n")); 4290 free($2); 4291 #endif 4292 } 4293 ; 4294 %% 4295 4296 /* parse helper routines could be here */ 4297 static void 4298 validate_respip_action(const char* action) 4299 { 4300 if(strcmp(action, "deny")!=0 && 4301 strcmp(action, "redirect")!=0 && 4302 strcmp(action, "inform")!=0 && 4303 strcmp(action, "inform_deny")!=0 && 4304 strcmp(action, "always_transparent")!=0 && 4305 strcmp(action, "always_refuse")!=0 && 4306 strcmp(action, "always_nxdomain")!=0) 4307 { 4308 yyerror("response-ip action: expected deny, redirect, " 4309 "inform, inform_deny, always_transparent, " 4310 "always_refuse or always_nxdomain"); 4311 } 4312 } 4313 4314 static void 4315 validate_acl_action(const char* action) 4316 { 4317 if(strcmp(action, "deny")!=0 && 4318 strcmp(action, "refuse")!=0 && 4319 strcmp(action, "deny_non_local")!=0 && 4320 strcmp(action, "refuse_non_local")!=0 && 4321 strcmp(action, "allow_setrd")!=0 && 4322 strcmp(action, "allow")!=0 && 4323 strcmp(action, "allow_snoop")!=0 && 4324 strcmp(action, "allow_cookie")!=0) 4325 { 4326 yyerror("expected deny, refuse, deny_non_local, " 4327 "refuse_non_local, allow, allow_setrd, " 4328 "allow_snoop or allow_cookie as access control action"); 4329 } 4330 } 4331