2 * configparser.y -- yacc grammar for unbound configuration files
4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
6 * Copyright (c) 2007, NLnet Labs. All rights reserved.
8 * This software is open source.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
14 * Redistributions of source code must retain the above copyright notice,
15 * this list of conditions and the following disclaimer.
17 * Redistributions in binary form must reproduce the above copyright notice,
18 * this list of conditions and the following disclaimer in the documentation
19 * and/or other materials provided with the distribution.
21 * Neither the name of the NLNET LABS nor the names of its contributors may
22 * be used to endorse or promote products derived from this software without
23 * specific prior written permission.
25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
47 #include "util/configyyrename.h"
48 #include "util/config_file.h"
49 #include "util/net_help.h"
52 void ub_c_error(const char *message);
54 static void validate_respip_action(const char* action);
56 /* these need to be global, otherwise they cannot be used inside yacc */
57 extern struct config_parser_state* cfg_parser;
60 #define OUTYY(s) printf s /* used ONLY when debugging */
70 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR
71 %token <str> STRING_ARG
72 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT
73 %token VAR_OUTGOING_RANGE VAR_INTERFACE
74 %token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP
75 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT
76 %token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT
77 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE
78 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD
79 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP
80 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS
81 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME
82 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY
83 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES
84 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR
85 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION
86 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF
87 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE
88 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE
89 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE
90 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE
91 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG
92 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST
93 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL
94 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC
95 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID
96 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT
97 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR
98 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS
99 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE
100 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE
101 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE
102 %token VAR_CONTROL_USE_CERT
103 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT
104 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII
105 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN
106 %token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL
107 %token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN
108 %token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH
109 %token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN
110 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS
111 %token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
112 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST
113 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE
114 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN
115 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE
116 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES
117 %token VAR_INFRA_CACHE_MIN_RTT
118 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA
119 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH
120 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION
121 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION
122 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES
123 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES
124 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES
125 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES
126 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES
127 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES
128 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA
129 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT
130 %token VAR_DISABLE_DNSSEC_LAME_CHECK
131 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE
132 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE
133 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN
134 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR
135 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE
136 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE
137 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6
138 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN
139 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND
140 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG
141 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION
142 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW
143 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_SERVE_EXPIRED_TTL
144 %token VAR_SERVE_EXPIRED_TTL_RESET VAR_FAKE_DSA VAR_FAKE_SHA1
145 %token VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR VAR_TRUST_ANCHOR_SIGNALING
146 %token VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD VAR_SHM_ENABLE VAR_SHM_KEY
147 %token VAR_ROOT_KEY_SENTINEL
148 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER
149 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT
150 %token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED
151 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE
152 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS
153 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE
154 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS
155 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS
156 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT
157 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED
158 %token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISTIMEOUT
159 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM
160 %token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM
161 %token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL
162 %token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT VAR_TCP_CONNECTION_LIMIT
163 %token VAR_FORWARD_NO_CACHE VAR_STUB_NO_CACHE VAR_LOG_SERVFAIL
166 toplevelvars: /* empty */ | toplevelvars toplevelvar ;
167 toplevelvar: serverstart contents_server | stubstart contents_stub |
168 forwardstart contents_forward | pythonstart contents_py |
169 rcstart contents_rc | dtstart contents_dt | viewstart contents_view |
170 dnscstart contents_dnsc | cachedbstart contents_cachedb |
171 authstart contents_auth
174 /* server: declaration */
175 serverstart: VAR_SERVER
177 OUTYY(("\nP(server:)\n"));
180 contents_server: contents_server content_server
182 content_server: server_num_threads | server_verbosity | server_port |
183 server_outgoing_range | server_do_ip4 |
184 server_do_ip6 | server_prefer_ip6 |
185 server_do_udp | server_do_tcp |
186 server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout |
187 server_tcp_keepalive | server_tcp_keepalive_timeout |
188 server_interface | server_chroot | server_username |
189 server_directory | server_logfile | server_pidfile |
190 server_msg_cache_size | server_msg_cache_slabs |
191 server_num_queries_per_thread | server_rrset_cache_size |
192 server_rrset_cache_slabs | server_outgoing_num_tcp |
193 server_infra_host_ttl | server_infra_lame_ttl |
194 server_infra_cache_slabs | server_infra_cache_numhosts |
195 server_infra_cache_lame_size | server_target_fetch_policy |
196 server_harden_short_bufsize | server_harden_large_queries |
197 server_do_not_query_address | server_hide_identity |
198 server_hide_version | server_identity | server_version |
199 server_harden_glue | server_module_conf | server_trust_anchor_file |
200 server_trust_anchor | server_val_override_date | server_bogus_ttl |
201 server_val_clean_additional | server_val_permissive_mode |
202 server_incoming_num_tcp | server_msg_buffer_size |
203 server_key_cache_size | server_key_cache_slabs |
204 server_trusted_keys_file | server_val_nsec3_keysize_iterations |
205 server_use_syslog | server_outgoing_interface | server_root_hints |
206 server_do_not_query_localhost | server_cache_max_ttl |
207 server_harden_dnssec_stripped | server_access_control |
208 server_local_zone | server_local_data | server_interface_automatic |
209 server_statistics_interval | server_do_daemonize |
210 server_use_caps_for_id | server_statistics_cumulative |
211 server_outgoing_port_permit | server_outgoing_port_avoid |
212 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size |
213 server_harden_referral_path | server_private_address |
214 server_private_domain | server_extended_statistics |
215 server_local_data_ptr | server_jostle_timeout |
216 server_unwanted_reply_threshold | server_log_time_ascii |
217 server_domain_insecure | server_val_sig_skew_min |
218 server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level |
219 server_auto_trust_anchor_file | server_add_holddown |
220 server_del_holddown | server_keep_missing | server_so_rcvbuf |
221 server_edns_buffer_size | server_prefetch | server_prefetch_key |
222 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag |
223 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream |
224 server_log_local_actions |
225 server_ssl_service_key | server_ssl_service_pem | server_ssl_port |
226 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size |
227 server_so_reuseport | server_delay_close |
228 server_unblock_lan_zones | server_insecure_lan_zones |
229 server_dns64_prefix | server_dns64_synthall | server_dns64_ignore_aaaa |
230 server_infra_cache_min_rtt | server_harden_algo_downgrade |
231 server_ip_transparent | server_ip_ratelimit | server_ratelimit |
232 server_ip_ratelimit_slabs | server_ratelimit_slabs |
233 server_ip_ratelimit_size | server_ratelimit_size |
234 server_ratelimit_for_domain |
235 server_ratelimit_below_domain | server_ratelimit_factor |
236 server_ip_ratelimit_factor | server_send_client_subnet |
237 server_client_subnet_zone | server_client_subnet_always_forward |
238 server_client_subnet_opcode |
239 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 |
240 server_caps_whitelist | server_cache_max_negative_ttl |
241 server_permit_small_holddown | server_qname_minimisation |
242 server_ip_freebind | server_define_tag | server_local_zone_tag |
243 server_disable_dnssec_lame_check | server_access_control_tag |
244 server_local_zone_override | server_access_control_tag_action |
245 server_access_control_tag_data | server_access_control_view |
246 server_qname_minimisation_strict | server_serve_expired |
247 server_serve_expired_ttl | server_serve_expired_ttl_reset |
248 server_fake_dsa | server_log_identity | server_use_systemd |
249 server_response_ip_tag | server_response_ip | server_response_ip_data |
250 server_shm_enable | server_shm_key | server_fake_sha1 |
251 server_hide_trustanchor | server_trust_anchor_signaling |
252 server_root_key_sentinel |
253 server_ipsecmod_enabled | server_ipsecmod_hook |
254 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl |
255 server_ipsecmod_whitelist | server_ipsecmod_strict |
256 server_udp_upstream_without_downstream | server_aggressive_nsec |
257 server_tls_cert_bundle | server_tls_additional_port | server_low_rtt |
258 server_low_rtt_permil | server_tls_win_cert |
259 server_tcp_connection_limit | server_log_servfail
261 stubstart: VAR_STUB_ZONE
263 struct config_stub* s;
264 OUTYY(("\nP(stub_zone:)\n"));
265 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
267 s->next = cfg_parser->cfg->stubs;
268 cfg_parser->cfg->stubs = s;
270 yyerror("out of memory");
273 contents_stub: contents_stub content_stub
275 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first |
276 stub_no_cache | stub_ssl_upstream
278 forwardstart: VAR_FORWARD_ZONE
280 struct config_stub* s;
281 OUTYY(("\nP(forward_zone:)\n"));
282 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
284 s->next = cfg_parser->cfg->forwards;
285 cfg_parser->cfg->forwards = s;
287 yyerror("out of memory");
290 contents_forward: contents_forward content_forward
292 content_forward: forward_name | forward_host | forward_addr | forward_first |
293 forward_no_cache | forward_ssl_upstream
297 struct config_view* s;
298 OUTYY(("\nP(view:)\n"));
299 s = (struct config_view*)calloc(1, sizeof(struct config_view));
301 s->next = cfg_parser->cfg->views;
302 if(s->next && !s->next->name)
303 yyerror("view without name");
304 cfg_parser->cfg->views = s;
306 yyerror("out of memory");
309 contents_view: contents_view content_view
311 content_view: view_name | view_local_zone | view_local_data | view_first |
312 view_response_ip | view_response_ip_data | view_local_data_ptr
314 authstart: VAR_AUTH_ZONE
316 struct config_auth* s;
317 OUTYY(("\nP(auth_zone:)\n"));
318 s = (struct config_auth*)calloc(1, sizeof(struct config_auth));
320 s->next = cfg_parser->cfg->auths;
321 cfg_parser->cfg->auths = s;
322 /* defaults for auth zone */
323 s->for_downstream = 1;
325 s->fallback_enabled = 0;
327 yyerror("out of memory");
330 contents_auth: contents_auth content_auth
332 content_auth: auth_name | auth_zonefile | auth_master | auth_url |
333 auth_for_downstream | auth_for_upstream | auth_fallback_enabled |
336 server_num_threads: VAR_NUM_THREADS STRING_ARG
338 OUTYY(("P(server_num_threads:%s)\n", $2));
339 if(atoi($2) == 0 && strcmp($2, "0") != 0)
340 yyerror("number expected");
341 else cfg_parser->cfg->num_threads = atoi($2);
345 server_verbosity: VAR_VERBOSITY STRING_ARG
347 OUTYY(("P(server_verbosity:%s)\n", $2));
348 if(atoi($2) == 0 && strcmp($2, "0") != 0)
349 yyerror("number expected");
350 else cfg_parser->cfg->verbosity = atoi($2);
354 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG
356 OUTYY(("P(server_statistics_interval:%s)\n", $2));
357 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
358 cfg_parser->cfg->stat_interval = 0;
359 else if(atoi($2) == 0)
360 yyerror("number expected");
361 else cfg_parser->cfg->stat_interval = atoi($2);
365 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG
367 OUTYY(("P(server_statistics_cumulative:%s)\n", $2));
368 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
369 yyerror("expected yes or no.");
370 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0);
374 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG
376 OUTYY(("P(server_extended_statistics:%s)\n", $2));
377 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
378 yyerror("expected yes or no.");
379 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0);
383 server_shm_enable: VAR_SHM_ENABLE STRING_ARG
385 OUTYY(("P(server_shm_enable:%s)\n", $2));
386 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
387 yyerror("expected yes or no.");
388 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0);
392 server_shm_key: VAR_SHM_KEY STRING_ARG
394 OUTYY(("P(server_shm_key:%s)\n", $2));
395 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
396 cfg_parser->cfg->shm_key = 0;
397 else if(atoi($2) == 0)
398 yyerror("number expected");
399 else cfg_parser->cfg->shm_key = atoi($2);
403 server_port: VAR_PORT STRING_ARG
405 OUTYY(("P(server_port:%s)\n", $2));
407 yyerror("port number expected");
408 else cfg_parser->cfg->port = atoi($2);
412 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG
415 OUTYY(("P(server_send_client_subnet:%s)\n", $2));
416 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2))
417 fatal_exit("out of memory adding client-subnet");
419 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
423 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG
426 OUTYY(("P(server_client_subnet_zone:%s)\n", $2));
427 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone,
429 fatal_exit("out of memory adding client-subnet-zone");
431 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
435 server_client_subnet_always_forward:
436 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG
439 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2));
440 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
441 yyerror("expected yes or no.");
443 cfg_parser->cfg->client_subnet_always_forward =
444 (strcmp($2, "yes")==0);
446 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
451 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG
454 OUTYY(("P(client_subnet_opcode:%s)\n", $2));
455 OUTYY(("P(Deprecated option, ignoring)\n"));
457 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
462 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG
465 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2));
466 if(atoi($2) == 0 && strcmp($2, "0") != 0)
467 yyerror("IPv4 subnet length expected");
468 else if (atoi($2) > 32)
469 cfg_parser->cfg->max_client_subnet_ipv4 = 32;
470 else if (atoi($2) < 0)
471 cfg_parser->cfg->max_client_subnet_ipv4 = 0;
472 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2);
474 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
479 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG
482 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2));
483 if(atoi($2) == 0 && strcmp($2, "0") != 0)
484 yyerror("Ipv6 subnet length expected");
485 else if (atoi($2) > 128)
486 cfg_parser->cfg->max_client_subnet_ipv6 = 128;
487 else if (atoi($2) < 0)
488 cfg_parser->cfg->max_client_subnet_ipv6 = 0;
489 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2);
491 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
496 server_interface: VAR_INTERFACE STRING_ARG
498 OUTYY(("P(server_interface:%s)\n", $2));
499 if(cfg_parser->cfg->num_ifs == 0)
500 cfg_parser->cfg->ifs = calloc(1, sizeof(char*));
501 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs,
502 (cfg_parser->cfg->num_ifs+1)*sizeof(char*));
503 if(!cfg_parser->cfg->ifs)
504 yyerror("out of memory");
506 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2;
509 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG
511 OUTYY(("P(server_outgoing_interface:%s)\n", $2));
512 if(cfg_parser->cfg->num_out_ifs == 0)
513 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*));
514 else cfg_parser->cfg->out_ifs = realloc(
515 cfg_parser->cfg->out_ifs,
516 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*));
517 if(!cfg_parser->cfg->out_ifs)
518 yyerror("out of memory");
520 cfg_parser->cfg->out_ifs[
521 cfg_parser->cfg->num_out_ifs++] = $2;
524 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG
526 OUTYY(("P(server_outgoing_range:%s)\n", $2));
528 yyerror("number expected");
529 else cfg_parser->cfg->outgoing_num_ports = atoi($2);
533 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG
535 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2));
536 if(!cfg_mark_ports($2, 1,
537 cfg_parser->cfg->outgoing_avail_ports, 65536))
538 yyerror("port number or range (\"low-high\") expected");
542 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG
544 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2));
545 if(!cfg_mark_ports($2, 0,
546 cfg_parser->cfg->outgoing_avail_ports, 65536))
547 yyerror("port number or range (\"low-high\") expected");
551 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG
553 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2));
554 if(atoi($2) == 0 && strcmp($2, "0") != 0)
555 yyerror("number expected");
556 else cfg_parser->cfg->outgoing_num_tcp = atoi($2);
560 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG
562 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2));
563 if(atoi($2) == 0 && strcmp($2, "0") != 0)
564 yyerror("number expected");
565 else cfg_parser->cfg->incoming_num_tcp = atoi($2);
569 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG
571 OUTYY(("P(server_interface_automatic:%s)\n", $2));
572 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
573 yyerror("expected yes or no.");
574 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0);
578 server_do_ip4: VAR_DO_IP4 STRING_ARG
580 OUTYY(("P(server_do_ip4:%s)\n", $2));
581 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
582 yyerror("expected yes or no.");
583 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0);
587 server_do_ip6: VAR_DO_IP6 STRING_ARG
589 OUTYY(("P(server_do_ip6:%s)\n", $2));
590 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
591 yyerror("expected yes or no.");
592 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0);
596 server_do_udp: VAR_DO_UDP STRING_ARG
598 OUTYY(("P(server_do_udp:%s)\n", $2));
599 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
600 yyerror("expected yes or no.");
601 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0);
605 server_do_tcp: VAR_DO_TCP STRING_ARG
607 OUTYY(("P(server_do_tcp:%s)\n", $2));
608 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
609 yyerror("expected yes or no.");
610 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0);
614 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG
616 OUTYY(("P(server_prefer_ip6:%s)\n", $2));
617 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
618 yyerror("expected yes or no.");
619 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0);
623 server_tcp_mss: VAR_TCP_MSS STRING_ARG
625 OUTYY(("P(server_tcp_mss:%s)\n", $2));
626 if(atoi($2) == 0 && strcmp($2, "0") != 0)
627 yyerror("number expected");
628 else cfg_parser->cfg->tcp_mss = atoi($2);
632 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG
634 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2));
635 if(atoi($2) == 0 && strcmp($2, "0") != 0)
636 yyerror("number expected");
637 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2);
641 server_tcp_idle_timeout: VAR_TCP_IDLE_TIMEOUT STRING_ARG
643 OUTYY(("P(server_tcp_idle_timeout:%s)\n", $2));
644 if(atoi($2) == 0 && strcmp($2, "0") != 0)
645 yyerror("number expected");
646 else if (atoi($2) > 120000)
647 cfg_parser->cfg->tcp_idle_timeout = 120000;
648 else if (atoi($2) < 1)
649 cfg_parser->cfg->tcp_idle_timeout = 1;
650 else cfg_parser->cfg->tcp_idle_timeout = atoi($2);
654 server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG
656 OUTYY(("P(server_tcp_keepalive:%s)\n", $2));
657 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
658 yyerror("expected yes or no.");
659 else cfg_parser->cfg->do_tcp_keepalive = (strcmp($2, "yes")==0);
663 server_tcp_keepalive_timeout: VAR_EDNS_TCP_KEEPALIVE_TIMEOUT STRING_ARG
665 OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", $2));
666 if(atoi($2) == 0 && strcmp($2, "0") != 0)
667 yyerror("number expected");
668 else if (atoi($2) > 6553500)
669 cfg_parser->cfg->tcp_keepalive_timeout = 6553500;
670 else if (atoi($2) < 1)
671 cfg_parser->cfg->tcp_keepalive_timeout = 0;
672 else cfg_parser->cfg->tcp_keepalive_timeout = atoi($2);
676 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG
678 OUTYY(("P(server_tcp_upstream:%s)\n", $2));
679 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
680 yyerror("expected yes or no.");
681 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0);
685 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG
687 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2));
688 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
689 yyerror("expected yes or no.");
690 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0);
694 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG
696 OUTYY(("P(server_ssl_upstream:%s)\n", $2));
697 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
698 yyerror("expected yes or no.");
699 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0);
703 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG
705 OUTYY(("P(server_ssl_service_key:%s)\n", $2));
706 free(cfg_parser->cfg->ssl_service_key);
707 cfg_parser->cfg->ssl_service_key = $2;
710 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG
712 OUTYY(("P(server_ssl_service_pem:%s)\n", $2));
713 free(cfg_parser->cfg->ssl_service_pem);
714 cfg_parser->cfg->ssl_service_pem = $2;
717 server_ssl_port: VAR_SSL_PORT STRING_ARG
719 OUTYY(("P(server_ssl_port:%s)\n", $2));
721 yyerror("port number expected");
722 else cfg_parser->cfg->ssl_port = atoi($2);
726 server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG
728 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2));
729 free(cfg_parser->cfg->tls_cert_bundle);
730 cfg_parser->cfg->tls_cert_bundle = $2;
733 server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG
735 OUTYY(("P(server_tls_win_cert:%s)\n", $2));
736 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
737 yyerror("expected yes or no.");
738 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0);
742 server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG
744 OUTYY(("P(server_tls_additional_port:%s)\n", $2));
745 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port,
747 yyerror("out of memory");
750 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG
752 OUTYY(("P(server_use_systemd:%s)\n", $2));
753 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
754 yyerror("expected yes or no.");
755 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0);
759 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG
761 OUTYY(("P(server_do_daemonize:%s)\n", $2));
762 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
763 yyerror("expected yes or no.");
764 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0);
768 server_use_syslog: VAR_USE_SYSLOG STRING_ARG
770 OUTYY(("P(server_use_syslog:%s)\n", $2));
771 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
772 yyerror("expected yes or no.");
773 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0);
774 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS)
775 if(strcmp($2, "yes") == 0)
776 yyerror("no syslog services are available. "
777 "(reconfigure and compile to add)");
782 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG
784 OUTYY(("P(server_log_time_ascii:%s)\n", $2));
785 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
786 yyerror("expected yes or no.");
787 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0);
791 server_log_queries: VAR_LOG_QUERIES STRING_ARG
793 OUTYY(("P(server_log_queries:%s)\n", $2));
794 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
795 yyerror("expected yes or no.");
796 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0);
800 server_log_replies: VAR_LOG_REPLIES STRING_ARG
802 OUTYY(("P(server_log_replies:%s)\n", $2));
803 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
804 yyerror("expected yes or no.");
805 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0);
809 server_log_servfail: VAR_LOG_SERVFAIL STRING_ARG
811 OUTYY(("P(server_log_servfail:%s)\n", $2));
812 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
813 yyerror("expected yes or no.");
814 else cfg_parser->cfg->log_servfail = (strcmp($2, "yes")==0);
818 server_log_local_actions: VAR_LOG_LOCAL_ACTIONS STRING_ARG
820 OUTYY(("P(server_log_local_actions:%s)\n", $2));
821 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
822 yyerror("expected yes or no.");
823 else cfg_parser->cfg->log_local_actions = (strcmp($2, "yes")==0);
827 server_chroot: VAR_CHROOT STRING_ARG
829 OUTYY(("P(server_chroot:%s)\n", $2));
830 free(cfg_parser->cfg->chrootdir);
831 cfg_parser->cfg->chrootdir = $2;
834 server_username: VAR_USERNAME STRING_ARG
836 OUTYY(("P(server_username:%s)\n", $2));
837 free(cfg_parser->cfg->username);
838 cfg_parser->cfg->username = $2;
841 server_directory: VAR_DIRECTORY STRING_ARG
843 OUTYY(("P(server_directory:%s)\n", $2));
844 free(cfg_parser->cfg->directory);
845 cfg_parser->cfg->directory = $2;
846 /* change there right away for includes relative to this */
850 w_config_adjust_directory(cfg_parser->cfg);
852 d = cfg_parser->cfg->directory;
853 /* adjust directory if we have already chroot,
854 * like, we reread after sighup */
855 if(cfg_parser->chroot && cfg_parser->chroot[0] &&
856 strncmp(d, cfg_parser->chroot, strlen(
857 cfg_parser->chroot)) == 0)
858 d += strlen(cfg_parser->chroot);
861 log_err("cannot chdir to directory: %s (%s)",
867 server_logfile: VAR_LOGFILE STRING_ARG
869 OUTYY(("P(server_logfile:%s)\n", $2));
870 free(cfg_parser->cfg->logfile);
871 cfg_parser->cfg->logfile = $2;
872 cfg_parser->cfg->use_syslog = 0;
875 server_pidfile: VAR_PIDFILE STRING_ARG
877 OUTYY(("P(server_pidfile:%s)\n", $2));
878 free(cfg_parser->cfg->pidfile);
879 cfg_parser->cfg->pidfile = $2;
882 server_root_hints: VAR_ROOT_HINTS STRING_ARG
884 OUTYY(("P(server_root_hints:%s)\n", $2));
885 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2))
886 yyerror("out of memory");
889 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG
891 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2));
892 free(cfg_parser->cfg->dlv_anchor_file);
893 cfg_parser->cfg->dlv_anchor_file = $2;
896 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG
898 OUTYY(("P(server_dlv_anchor:%s)\n", $2));
899 if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, $2))
900 yyerror("out of memory");
903 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG
905 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2));
906 if(!cfg_strlist_insert(&cfg_parser->cfg->
907 auto_trust_anchor_file_list, $2))
908 yyerror("out of memory");
911 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG
913 OUTYY(("P(server_trust_anchor_file:%s)\n", $2));
914 if(!cfg_strlist_insert(&cfg_parser->cfg->
915 trust_anchor_file_list, $2))
916 yyerror("out of memory");
919 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG
921 OUTYY(("P(server_trusted_keys_file:%s)\n", $2));
922 if(!cfg_strlist_insert(&cfg_parser->cfg->
923 trusted_keys_file_list, $2))
924 yyerror("out of memory");
927 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG
929 OUTYY(("P(server_trust_anchor:%s)\n", $2));
930 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2))
931 yyerror("out of memory");
934 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG
936 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2));
937 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
938 yyerror("expected yes or no.");
940 cfg_parser->cfg->trust_anchor_signaling =
941 (strcmp($2, "yes")==0);
945 server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG
947 OUTYY(("P(server_root_key_sentinel:%s)\n", $2));
948 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
949 yyerror("expected yes or no.");
951 cfg_parser->cfg->root_key_sentinel =
952 (strcmp($2, "yes")==0);
956 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG
958 OUTYY(("P(server_domain_insecure:%s)\n", $2));
959 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2))
960 yyerror("out of memory");
963 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG
965 OUTYY(("P(server_hide_identity:%s)\n", $2));
966 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
967 yyerror("expected yes or no.");
968 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0);
972 server_hide_version: VAR_HIDE_VERSION STRING_ARG
974 OUTYY(("P(server_hide_version:%s)\n", $2));
975 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
976 yyerror("expected yes or no.");
977 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0);
981 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG
983 OUTYY(("P(server_hide_trustanchor:%s)\n", $2));
984 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
985 yyerror("expected yes or no.");
986 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0);
990 server_identity: VAR_IDENTITY STRING_ARG
992 OUTYY(("P(server_identity:%s)\n", $2));
993 free(cfg_parser->cfg->identity);
994 cfg_parser->cfg->identity = $2;
997 server_version: VAR_VERSION STRING_ARG
999 OUTYY(("P(server_version:%s)\n", $2));
1000 free(cfg_parser->cfg->version);
1001 cfg_parser->cfg->version = $2;
1004 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG
1006 OUTYY(("P(server_so_rcvbuf:%s)\n", $2));
1007 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf))
1008 yyerror("buffer size expected");
1012 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG
1014 OUTYY(("P(server_so_sndbuf:%s)\n", $2));
1015 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf))
1016 yyerror("buffer size expected");
1020 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG
1022 OUTYY(("P(server_so_reuseport:%s)\n", $2));
1023 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1024 yyerror("expected yes or no.");
1025 else cfg_parser->cfg->so_reuseport =
1026 (strcmp($2, "yes")==0);
1030 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG
1032 OUTYY(("P(server_ip_transparent:%s)\n", $2));
1033 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1034 yyerror("expected yes or no.");
1035 else cfg_parser->cfg->ip_transparent =
1036 (strcmp($2, "yes")==0);
1040 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG
1042 OUTYY(("P(server_ip_freebind:%s)\n", $2));
1043 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1044 yyerror("expected yes or no.");
1045 else cfg_parser->cfg->ip_freebind =
1046 (strcmp($2, "yes")==0);
1050 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG
1052 OUTYY(("P(server_edns_buffer_size:%s)\n", $2));
1054 yyerror("number expected");
1055 else if (atoi($2) < 12)
1056 yyerror("edns buffer size too small");
1057 else if (atoi($2) > 65535)
1058 cfg_parser->cfg->edns_buffer_size = 65535;
1059 else cfg_parser->cfg->edns_buffer_size = atoi($2);
1063 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG
1065 OUTYY(("P(server_msg_buffer_size:%s)\n", $2));
1067 yyerror("number expected");
1068 else if (atoi($2) < 4096)
1069 yyerror("message buffer size too small (use 4096)");
1070 else cfg_parser->cfg->msg_buffer_size = atoi($2);
1074 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG
1076 OUTYY(("P(server_msg_cache_size:%s)\n", $2));
1077 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size))
1078 yyerror("memory size expected");
1082 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG
1084 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2));
1086 yyerror("number expected");
1088 cfg_parser->cfg->msg_cache_slabs = atoi($2);
1089 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs))
1090 yyerror("must be a power of 2");
1095 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG
1097 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2));
1099 yyerror("number expected");
1100 else cfg_parser->cfg->num_queries_per_thread = atoi($2);
1104 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG
1106 OUTYY(("P(server_jostle_timeout:%s)\n", $2));
1107 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1108 yyerror("number expected");
1109 else cfg_parser->cfg->jostle_time = atoi($2);
1113 server_delay_close: VAR_DELAY_CLOSE STRING_ARG
1115 OUTYY(("P(server_delay_close:%s)\n", $2));
1116 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1117 yyerror("number expected");
1118 else cfg_parser->cfg->delay_close = atoi($2);
1122 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG
1124 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2));
1125 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1126 yyerror("expected yes or no.");
1127 else cfg_parser->cfg->unblock_lan_zones =
1128 (strcmp($2, "yes")==0);
1132 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG
1134 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2));
1135 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1136 yyerror("expected yes or no.");
1137 else cfg_parser->cfg->insecure_lan_zones =
1138 (strcmp($2, "yes")==0);
1142 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG
1144 OUTYY(("P(server_rrset_cache_size:%s)\n", $2));
1145 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size))
1146 yyerror("memory size expected");
1150 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG
1152 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2));
1154 yyerror("number expected");
1156 cfg_parser->cfg->rrset_cache_slabs = atoi($2);
1157 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs))
1158 yyerror("must be a power of 2");
1163 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG
1165 OUTYY(("P(server_infra_host_ttl:%s)\n", $2));
1166 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1167 yyerror("number expected");
1168 else cfg_parser->cfg->host_ttl = atoi($2);
1172 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG
1174 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2));
1175 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option "
1176 "removed, use infra-host-ttl)", $2);
1180 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG
1182 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2));
1184 yyerror("number expected");
1185 else cfg_parser->cfg->infra_cache_numhosts = atoi($2);
1189 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG
1191 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2));
1192 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s "
1193 "(option removed, use infra-cache-numhosts)", $2);
1197 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG
1199 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2));
1201 yyerror("number expected");
1203 cfg_parser->cfg->infra_cache_slabs = atoi($2);
1204 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs))
1205 yyerror("must be a power of 2");
1210 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG
1212 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2));
1213 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1214 yyerror("number expected");
1215 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2);
1219 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG
1221 OUTYY(("P(server_target_fetch_policy:%s)\n", $2));
1222 free(cfg_parser->cfg->target_fetch_policy);
1223 cfg_parser->cfg->target_fetch_policy = $2;
1226 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG
1228 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2));
1229 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1230 yyerror("expected yes or no.");
1231 else cfg_parser->cfg->harden_short_bufsize =
1232 (strcmp($2, "yes")==0);
1236 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG
1238 OUTYY(("P(server_harden_large_queries:%s)\n", $2));
1239 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1240 yyerror("expected yes or no.");
1241 else cfg_parser->cfg->harden_large_queries =
1242 (strcmp($2, "yes")==0);
1246 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG
1248 OUTYY(("P(server_harden_glue:%s)\n", $2));
1249 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1250 yyerror("expected yes or no.");
1251 else cfg_parser->cfg->harden_glue =
1252 (strcmp($2, "yes")==0);
1256 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG
1258 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2));
1259 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1260 yyerror("expected yes or no.");
1261 else cfg_parser->cfg->harden_dnssec_stripped =
1262 (strcmp($2, "yes")==0);
1266 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG
1268 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2));
1269 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1270 yyerror("expected yes or no.");
1271 else cfg_parser->cfg->harden_below_nxdomain =
1272 (strcmp($2, "yes")==0);
1276 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG
1278 OUTYY(("P(server_harden_referral_path:%s)\n", $2));
1279 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1280 yyerror("expected yes or no.");
1281 else cfg_parser->cfg->harden_referral_path =
1282 (strcmp($2, "yes")==0);
1286 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG
1288 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2));
1289 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1290 yyerror("expected yes or no.");
1291 else cfg_parser->cfg->harden_algo_downgrade =
1292 (strcmp($2, "yes")==0);
1296 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG
1298 OUTYY(("P(server_use_caps_for_id:%s)\n", $2));
1299 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1300 yyerror("expected yes or no.");
1301 else cfg_parser->cfg->use_caps_bits_for_id =
1302 (strcmp($2, "yes")==0);
1306 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG
1308 OUTYY(("P(server_caps_whitelist:%s)\n", $2));
1309 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2))
1310 yyerror("out of memory");
1313 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG
1315 OUTYY(("P(server_private_address:%s)\n", $2));
1316 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2))
1317 yyerror("out of memory");
1320 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG
1322 OUTYY(("P(server_private_domain:%s)\n", $2));
1323 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2))
1324 yyerror("out of memory");
1327 server_prefetch: VAR_PREFETCH STRING_ARG
1329 OUTYY(("P(server_prefetch:%s)\n", $2));
1330 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1331 yyerror("expected yes or no.");
1332 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0);
1336 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG
1338 OUTYY(("P(server_prefetch_key:%s)\n", $2));
1339 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1340 yyerror("expected yes or no.");
1341 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0);
1345 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG
1347 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2));
1348 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1349 yyerror("number expected");
1350 else cfg_parser->cfg->unwanted_threshold = atoi($2);
1354 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG
1356 OUTYY(("P(server_do_not_query_address:%s)\n", $2));
1357 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2))
1358 yyerror("out of memory");
1361 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG
1363 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2));
1364 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1365 yyerror("expected yes or no.");
1366 else cfg_parser->cfg->donotquery_localhost =
1367 (strcmp($2, "yes")==0);
1371 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG
1373 OUTYY(("P(server_access_control:%s %s)\n", $2, $3));
1374 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 &&
1375 strcmp($3, "deny_non_local")!=0 &&
1376 strcmp($3, "refuse_non_local")!=0 &&
1377 strcmp($3, "allow_setrd")!=0 &&
1378 strcmp($3, "allow")!=0 &&
1379 strcmp($3, "allow_snoop")!=0) {
1380 yyerror("expected deny, refuse, deny_non_local, "
1381 "refuse_non_local, allow, allow_setrd or "
1382 "allow_snoop in access control action");
1384 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3))
1385 fatal_exit("out of memory adding acl");
1389 server_module_conf: VAR_MODULE_CONF STRING_ARG
1391 OUTYY(("P(server_module_conf:%s)\n", $2));
1392 free(cfg_parser->cfg->module_conf);
1393 cfg_parser->cfg->module_conf = $2;
1396 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG
1398 OUTYY(("P(server_val_override_date:%s)\n", $2));
1399 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1400 cfg_parser->cfg->val_date_override = 0;
1401 } else if(strlen($2) == 14) {
1402 cfg_parser->cfg->val_date_override =
1403 cfg_convert_timeval($2);
1404 if(!cfg_parser->cfg->val_date_override)
1405 yyerror("bad date/time specification");
1408 yyerror("number expected");
1409 cfg_parser->cfg->val_date_override = atoi($2);
1414 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG
1416 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2));
1417 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1418 cfg_parser->cfg->val_sig_skew_min = 0;
1420 cfg_parser->cfg->val_sig_skew_min = atoi($2);
1421 if(!cfg_parser->cfg->val_sig_skew_min)
1422 yyerror("number expected");
1427 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG
1429 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2));
1430 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1431 cfg_parser->cfg->val_sig_skew_max = 0;
1433 cfg_parser->cfg->val_sig_skew_max = atoi($2);
1434 if(!cfg_parser->cfg->val_sig_skew_max)
1435 yyerror("number expected");
1440 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG
1442 OUTYY(("P(server_cache_max_ttl:%s)\n", $2));
1443 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1444 yyerror("number expected");
1445 else cfg_parser->cfg->max_ttl = atoi($2);
1449 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG
1451 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2));
1452 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1453 yyerror("number expected");
1454 else cfg_parser->cfg->max_negative_ttl = atoi($2);
1458 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG
1460 OUTYY(("P(server_cache_min_ttl:%s)\n", $2));
1461 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1462 yyerror("number expected");
1463 else cfg_parser->cfg->min_ttl = atoi($2);
1467 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG
1469 OUTYY(("P(server_bogus_ttl:%s)\n", $2));
1470 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1471 yyerror("number expected");
1472 else cfg_parser->cfg->bogus_ttl = atoi($2);
1476 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG
1478 OUTYY(("P(server_val_clean_additional:%s)\n", $2));
1479 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1480 yyerror("expected yes or no.");
1481 else cfg_parser->cfg->val_clean_additional =
1482 (strcmp($2, "yes")==0);
1486 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG
1488 OUTYY(("P(server_val_permissive_mode:%s)\n", $2));
1489 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1490 yyerror("expected yes or no.");
1491 else cfg_parser->cfg->val_permissive_mode =
1492 (strcmp($2, "yes")==0);
1496 server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG
1498 OUTYY(("P(server_aggressive_nsec:%s)\n", $2));
1499 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1500 yyerror("expected yes or no.");
1502 cfg_parser->cfg->aggressive_nsec =
1503 (strcmp($2, "yes")==0);
1507 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG
1509 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2));
1510 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1511 yyerror("expected yes or no.");
1512 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0);
1516 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG
1518 OUTYY(("P(server_serve_expired:%s)\n", $2));
1519 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1520 yyerror("expected yes or no.");
1521 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0);
1525 server_serve_expired_ttl: VAR_SERVE_EXPIRED_TTL STRING_ARG
1527 OUTYY(("P(server_serve_expired_ttl:%s)\n", $2));
1528 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1529 yyerror("number expected");
1530 else cfg_parser->cfg->serve_expired_ttl = atoi($2);
1534 server_serve_expired_ttl_reset: VAR_SERVE_EXPIRED_TTL_RESET STRING_ARG
1536 OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", $2));
1537 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1538 yyerror("expected yes or no.");
1539 else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp($2, "yes")==0);
1543 server_fake_dsa: VAR_FAKE_DSA STRING_ARG
1545 OUTYY(("P(server_fake_dsa:%s)\n", $2));
1546 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1547 yyerror("expected yes or no.");
1549 else fake_dsa = (strcmp($2, "yes")==0);
1551 log_warn("test option fake_dsa is enabled");
1556 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG
1558 OUTYY(("P(server_fake_sha1:%s)\n", $2));
1559 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1560 yyerror("expected yes or no.");
1562 else fake_sha1 = (strcmp($2, "yes")==0);
1564 log_warn("test option fake_sha1 is enabled");
1569 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG
1571 OUTYY(("P(server_val_log_level:%s)\n", $2));
1572 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1573 yyerror("number expected");
1574 else cfg_parser->cfg->val_log_level = atoi($2);
1578 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG
1580 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2));
1581 free(cfg_parser->cfg->val_nsec3_key_iterations);
1582 cfg_parser->cfg->val_nsec3_key_iterations = $2;
1585 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG
1587 OUTYY(("P(server_add_holddown:%s)\n", $2));
1588 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1589 yyerror("number expected");
1590 else cfg_parser->cfg->add_holddown = atoi($2);
1594 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG
1596 OUTYY(("P(server_del_holddown:%s)\n", $2));
1597 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1598 yyerror("number expected");
1599 else cfg_parser->cfg->del_holddown = atoi($2);
1603 server_keep_missing: VAR_KEEP_MISSING STRING_ARG
1605 OUTYY(("P(server_keep_missing:%s)\n", $2));
1606 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1607 yyerror("number expected");
1608 else cfg_parser->cfg->keep_missing = atoi($2);
1612 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG
1614 OUTYY(("P(server_permit_small_holddown:%s)\n", $2));
1615 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1616 yyerror("expected yes or no.");
1617 else cfg_parser->cfg->permit_small_holddown =
1618 (strcmp($2, "yes")==0);
1621 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG
1623 OUTYY(("P(server_key_cache_size:%s)\n", $2));
1624 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size))
1625 yyerror("memory size expected");
1629 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG
1631 OUTYY(("P(server_key_cache_slabs:%s)\n", $2));
1633 yyerror("number expected");
1635 cfg_parser->cfg->key_cache_slabs = atoi($2);
1636 if(!is_pow2(cfg_parser->cfg->key_cache_slabs))
1637 yyerror("must be a power of 2");
1642 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG
1644 OUTYY(("P(server_neg_cache_size:%s)\n", $2));
1645 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size))
1646 yyerror("memory size expected");
1650 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
1652 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3));
1653 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
1654 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
1655 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
1656 && strcmp($3, "typetransparent")!=0
1657 && strcmp($3, "always_transparent")!=0
1658 && strcmp($3, "always_refuse")!=0
1659 && strcmp($3, "always_nxdomain")!=0
1660 && strcmp($3, "noview")!=0
1661 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
1662 yyerror("local-zone type: expected static, deny, "
1663 "refuse, redirect, transparent, "
1664 "typetransparent, inform, inform_deny, "
1665 "always_transparent, always_refuse, "
1666 "always_nxdomain, noview or nodefault");
1667 else if(strcmp($3, "nodefault")==0) {
1668 if(!cfg_strlist_insert(&cfg_parser->cfg->
1669 local_zones_nodefault, $2))
1670 fatal_exit("out of memory adding local-zone");
1673 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones,
1675 fatal_exit("out of memory adding local-zone");
1679 server_local_data: VAR_LOCAL_DATA STRING_ARG
1681 OUTYY(("P(server_local_data:%s)\n", $2));
1682 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2))
1683 fatal_exit("out of memory adding local-data");
1686 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
1689 OUTYY(("P(server_local_data_ptr:%s)\n", $2));
1690 ptr = cfg_ptr_reverse($2);
1693 if(!cfg_strlist_insert(&cfg_parser->cfg->
1695 fatal_exit("out of memory adding local-data");
1697 yyerror("local-data-ptr could not be reversed");
1701 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG
1703 OUTYY(("P(server_minimal_responses:%s)\n", $2));
1704 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1705 yyerror("expected yes or no.");
1706 else cfg_parser->cfg->minimal_responses =
1707 (strcmp($2, "yes")==0);
1711 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG
1713 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2));
1714 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1715 yyerror("expected yes or no.");
1716 else cfg_parser->cfg->rrset_roundrobin =
1717 (strcmp($2, "yes")==0);
1721 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG
1723 OUTYY(("P(server_max_udp_size:%s)\n", $2));
1724 cfg_parser->cfg->max_udp_size = atoi($2);
1728 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG
1730 OUTYY(("P(dns64_prefix:%s)\n", $2));
1731 free(cfg_parser->cfg->dns64_prefix);
1732 cfg_parser->cfg->dns64_prefix = $2;
1735 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG
1737 OUTYY(("P(server_dns64_synthall:%s)\n", $2));
1738 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1739 yyerror("expected yes or no.");
1740 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0);
1744 server_dns64_ignore_aaaa: VAR_DNS64_IGNORE_AAAA STRING_ARG
1746 OUTYY(("P(dns64_ignore_aaaa:%s)\n", $2));
1747 if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa,
1749 fatal_exit("out of memory adding dns64-ignore-aaaa");
1752 server_define_tag: VAR_DEFINE_TAG STRING_ARG
1755 OUTYY(("P(server_define_tag:%s)\n", $2));
1756 while((p=strsep(&s, " \t\n")) != NULL) {
1758 if(!config_add_tag(cfg_parser->cfg, p))
1759 yyerror("could not define-tag, "
1766 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG
1769 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1772 OUTYY(("P(server_local_zone_tag:%s)\n", $2));
1774 yyerror("could not parse tags, (define-tag them first)");
1776 if(!cfg_strbytelist_insert(
1777 &cfg_parser->cfg->local_zone_tags,
1778 $2, bitlist, len)) {
1779 yyerror("out of memory");
1785 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG
1788 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1791 OUTYY(("P(server_access_control_tag:%s)\n", $2));
1793 yyerror("could not parse tags, (define-tag them first)");
1795 if(!cfg_strbytelist_insert(
1796 &cfg_parser->cfg->acl_tags,
1797 $2, bitlist, len)) {
1798 yyerror("out of memory");
1804 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG
1806 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4));
1807 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions,
1809 yyerror("out of memory");
1816 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG
1818 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4));
1819 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas,
1821 yyerror("out of memory");
1828 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG
1830 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4));
1831 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides,
1833 yyerror("out of memory");
1840 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG
1842 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3));
1843 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view,
1845 yyerror("out of memory");
1851 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG
1854 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1857 OUTYY(("P(response_ip_tag:%s)\n", $2));
1859 yyerror("could not parse tags, (define-tag them first)");
1861 if(!cfg_strbytelist_insert(
1862 &cfg_parser->cfg->respip_tags,
1863 $2, bitlist, len)) {
1864 yyerror("out of memory");
1870 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG
1872 OUTYY(("P(server_ip_ratelimit:%s)\n", $2));
1873 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1874 yyerror("number expected");
1875 else cfg_parser->cfg->ip_ratelimit = atoi($2);
1880 server_ratelimit: VAR_RATELIMIT STRING_ARG
1882 OUTYY(("P(server_ratelimit:%s)\n", $2));
1883 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1884 yyerror("number expected");
1885 else cfg_parser->cfg->ratelimit = atoi($2);
1889 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG
1891 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2));
1892 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size))
1893 yyerror("memory size expected");
1897 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG
1899 OUTYY(("P(server_ratelimit_size:%s)\n", $2));
1900 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size))
1901 yyerror("memory size expected");
1905 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG
1907 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2));
1909 yyerror("number expected");
1911 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2);
1912 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs))
1913 yyerror("must be a power of 2");
1918 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG
1920 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2));
1922 yyerror("number expected");
1924 cfg_parser->cfg->ratelimit_slabs = atoi($2);
1925 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs))
1926 yyerror("must be a power of 2");
1931 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG
1933 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3));
1934 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1935 yyerror("number expected");
1937 if(!cfg_str2list_insert(&cfg_parser->cfg->
1938 ratelimit_for_domain, $2, $3))
1939 fatal_exit("out of memory adding "
1940 "ratelimit-for-domain");
1944 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG
1946 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3));
1947 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1948 yyerror("number expected");
1950 if(!cfg_str2list_insert(&cfg_parser->cfg->
1951 ratelimit_below_domain, $2, $3))
1952 fatal_exit("out of memory adding "
1953 "ratelimit-below-domain");
1957 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG
1959 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2));
1960 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1961 yyerror("number expected");
1962 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2);
1966 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG
1968 OUTYY(("P(server_ratelimit_factor:%s)\n", $2));
1969 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1970 yyerror("number expected");
1971 else cfg_parser->cfg->ratelimit_factor = atoi($2);
1975 server_low_rtt: VAR_LOW_RTT STRING_ARG
1977 OUTYY(("P(server_low_rtt:%s)\n", $2));
1978 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1979 yyerror("number expected");
1980 else cfg_parser->cfg->low_rtt = atoi($2);
1984 server_low_rtt_permil: VAR_LOW_RTT_PERMIL STRING_ARG
1986 OUTYY(("P(server_low_rtt_permil:%s)\n", $2));
1987 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1988 yyerror("number expected");
1989 else cfg_parser->cfg->low_rtt_permil = atoi($2);
1993 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG
1995 OUTYY(("P(server_qname_minimisation:%s)\n", $2));
1996 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1997 yyerror("expected yes or no.");
1998 else cfg_parser->cfg->qname_minimisation =
1999 (strcmp($2, "yes")==0);
2003 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG
2005 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2));
2006 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2007 yyerror("expected yes or no.");
2008 else cfg_parser->cfg->qname_minimisation_strict =
2009 (strcmp($2, "yes")==0);
2013 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG
2016 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2));
2017 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2018 yyerror("expected yes or no.");
2019 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0);
2022 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2026 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG
2029 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2));
2030 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2031 yyerror("expected yes or no.");
2032 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0);
2035 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2039 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG
2042 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2));
2043 free(cfg_parser->cfg->ipsecmod_hook);
2044 cfg_parser->cfg->ipsecmod_hook = $2;
2046 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2050 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG
2053 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2));
2054 if(atoi($2) == 0 && strcmp($2, "0") != 0)
2055 yyerror("number expected");
2056 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2);
2059 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2063 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG
2066 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2));
2067 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2))
2068 yyerror("out of memory");
2070 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2074 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG
2077 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2));
2078 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2079 yyerror("expected yes or no.");
2080 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0);
2083 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2087 stub_name: VAR_NAME STRING_ARG
2089 OUTYY(("P(name:%s)\n", $2));
2090 if(cfg_parser->cfg->stubs->name)
2091 yyerror("stub name override, there must be one name "
2092 "for one stub-zone");
2093 free(cfg_parser->cfg->stubs->name);
2094 cfg_parser->cfg->stubs->name = $2;
2097 stub_host: VAR_STUB_HOST STRING_ARG
2099 OUTYY(("P(stub-host:%s)\n", $2));
2100 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2))
2101 yyerror("out of memory");
2104 stub_addr: VAR_STUB_ADDR STRING_ARG
2106 OUTYY(("P(stub-addr:%s)\n", $2));
2107 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2))
2108 yyerror("out of memory");
2111 stub_first: VAR_STUB_FIRST STRING_ARG
2113 OUTYY(("P(stub-first:%s)\n", $2));
2114 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2115 yyerror("expected yes or no.");
2116 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0);
2120 stub_no_cache: VAR_STUB_NO_CACHE STRING_ARG
2122 OUTYY(("P(stub-no-cache:%s)\n", $2));
2123 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2124 yyerror("expected yes or no.");
2125 else cfg_parser->cfg->stubs->no_cache=(strcmp($2, "yes")==0);
2129 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG
2131 OUTYY(("P(stub-ssl-upstream:%s)\n", $2));
2132 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2133 yyerror("expected yes or no.");
2134 else cfg_parser->cfg->stubs->ssl_upstream =
2135 (strcmp($2, "yes")==0);
2139 stub_prime: VAR_STUB_PRIME STRING_ARG
2141 OUTYY(("P(stub-prime:%s)\n", $2));
2142 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2143 yyerror("expected yes or no.");
2144 else cfg_parser->cfg->stubs->isprime =
2145 (strcmp($2, "yes")==0);
2149 forward_name: VAR_NAME STRING_ARG
2151 OUTYY(("P(name:%s)\n", $2));
2152 if(cfg_parser->cfg->forwards->name)
2153 yyerror("forward name override, there must be one "
2154 "name for one forward-zone");
2155 free(cfg_parser->cfg->forwards->name);
2156 cfg_parser->cfg->forwards->name = $2;
2159 forward_host: VAR_FORWARD_HOST STRING_ARG
2161 OUTYY(("P(forward-host:%s)\n", $2));
2162 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2))
2163 yyerror("out of memory");
2166 forward_addr: VAR_FORWARD_ADDR STRING_ARG
2168 OUTYY(("P(forward-addr:%s)\n", $2));
2169 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2))
2170 yyerror("out of memory");
2173 forward_first: VAR_FORWARD_FIRST STRING_ARG
2175 OUTYY(("P(forward-first:%s)\n", $2));
2176 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2177 yyerror("expected yes or no.");
2178 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0);
2182 forward_no_cache: VAR_FORWARD_NO_CACHE STRING_ARG
2184 OUTYY(("P(forward-no-cache:%s)\n", $2));
2185 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2186 yyerror("expected yes or no.");
2187 else cfg_parser->cfg->forwards->no_cache=(strcmp($2, "yes")==0);
2191 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG
2193 OUTYY(("P(forward-ssl-upstream:%s)\n", $2));
2194 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2195 yyerror("expected yes or no.");
2196 else cfg_parser->cfg->forwards->ssl_upstream =
2197 (strcmp($2, "yes")==0);
2201 auth_name: VAR_NAME STRING_ARG
2203 OUTYY(("P(name:%s)\n", $2));
2204 if(cfg_parser->cfg->auths->name)
2205 yyerror("auth name override, there must be one name "
2206 "for one auth-zone");
2207 free(cfg_parser->cfg->auths->name);
2208 cfg_parser->cfg->auths->name = $2;
2211 auth_zonefile: VAR_ZONEFILE STRING_ARG
2213 OUTYY(("P(zonefile:%s)\n", $2));
2214 free(cfg_parser->cfg->auths->zonefile);
2215 cfg_parser->cfg->auths->zonefile = $2;
2218 auth_master: VAR_MASTER STRING_ARG
2220 OUTYY(("P(master:%s)\n", $2));
2221 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2))
2222 yyerror("out of memory");
2225 auth_url: VAR_URL STRING_ARG
2227 OUTYY(("P(url:%s)\n", $2));
2228 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2))
2229 yyerror("out of memory");
2232 auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG
2234 OUTYY(("P(allow-notify:%s)\n", $2));
2235 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify,
2237 yyerror("out of memory");
2240 auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG
2242 OUTYY(("P(for-downstream:%s)\n", $2));
2243 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2244 yyerror("expected yes or no.");
2245 else cfg_parser->cfg->auths->for_downstream =
2246 (strcmp($2, "yes")==0);
2250 auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG
2252 OUTYY(("P(for-upstream:%s)\n", $2));
2253 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2254 yyerror("expected yes or no.");
2255 else cfg_parser->cfg->auths->for_upstream =
2256 (strcmp($2, "yes")==0);
2260 auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG
2262 OUTYY(("P(fallback-enabled:%s)\n", $2));
2263 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2264 yyerror("expected yes or no.");
2265 else cfg_parser->cfg->auths->fallback_enabled =
2266 (strcmp($2, "yes")==0);
2270 view_name: VAR_NAME STRING_ARG
2272 OUTYY(("P(name:%s)\n", $2));
2273 if(cfg_parser->cfg->views->name)
2274 yyerror("view name override, there must be one "
2275 "name for one view");
2276 free(cfg_parser->cfg->views->name);
2277 cfg_parser->cfg->views->name = $2;
2280 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
2282 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3));
2283 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
2284 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
2285 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
2286 && strcmp($3, "typetransparent")!=0
2287 && strcmp($3, "always_transparent")!=0
2288 && strcmp($3, "always_refuse")!=0
2289 && strcmp($3, "always_nxdomain")!=0
2290 && strcmp($3, "noview")!=0
2291 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
2292 yyerror("local-zone type: expected static, deny, "
2293 "refuse, redirect, transparent, "
2294 "typetransparent, inform, inform_deny, "
2295 "always_transparent, always_refuse, "
2296 "always_nxdomain, noview or nodefault");
2297 else if(strcmp($3, "nodefault")==0) {
2298 if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2299 local_zones_nodefault, $2))
2300 fatal_exit("out of memory adding local-zone");
2303 if(!cfg_str2list_insert(
2304 &cfg_parser->cfg->views->local_zones,
2306 fatal_exit("out of memory adding local-zone");
2310 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2312 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3));
2313 validate_respip_action($3);
2314 if(!cfg_str2list_insert(
2315 &cfg_parser->cfg->views->respip_actions, $2, $3))
2316 fatal_exit("out of memory adding per-view "
2317 "response-ip action");
2320 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2322 OUTYY(("P(view_response_ip_data:%s)\n", $2));
2323 if(!cfg_str2list_insert(
2324 &cfg_parser->cfg->views->respip_data, $2, $3))
2325 fatal_exit("out of memory adding response-ip-data");
2328 view_local_data: VAR_LOCAL_DATA STRING_ARG
2330 OUTYY(("P(view_local_data:%s)\n", $2));
2331 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) {
2332 fatal_exit("out of memory adding local-data");
2337 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
2340 OUTYY(("P(view_local_data_ptr:%s)\n", $2));
2341 ptr = cfg_ptr_reverse($2);
2344 if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2346 fatal_exit("out of memory adding local-data");
2348 yyerror("local-data-ptr could not be reversed");
2352 view_first: VAR_VIEW_FIRST STRING_ARG
2354 OUTYY(("P(view-first:%s)\n", $2));
2355 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2356 yyerror("expected yes or no.");
2357 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0);
2361 rcstart: VAR_REMOTE_CONTROL
2363 OUTYY(("\nP(remote-control:)\n"));
2366 contents_rc: contents_rc content_rc
2368 content_rc: rc_control_enable | rc_control_interface | rc_control_port |
2369 rc_server_key_file | rc_server_cert_file | rc_control_key_file |
2370 rc_control_cert_file | rc_control_use_cert
2372 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG
2374 OUTYY(("P(control_enable:%s)\n", $2));
2375 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2376 yyerror("expected yes or no.");
2377 else cfg_parser->cfg->remote_control_enable =
2378 (strcmp($2, "yes")==0);
2382 rc_control_port: VAR_CONTROL_PORT STRING_ARG
2384 OUTYY(("P(control_port:%s)\n", $2));
2386 yyerror("control port number expected");
2387 else cfg_parser->cfg->control_port = atoi($2);
2391 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG
2393 OUTYY(("P(control_interface:%s)\n", $2));
2394 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2))
2395 yyerror("out of memory");
2398 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG
2400 OUTYY(("P(control_use_cert:%s)\n", $2));
2401 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0);
2405 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG
2407 OUTYY(("P(rc_server_key_file:%s)\n", $2));
2408 free(cfg_parser->cfg->server_key_file);
2409 cfg_parser->cfg->server_key_file = $2;
2412 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG
2414 OUTYY(("P(rc_server_cert_file:%s)\n", $2));
2415 free(cfg_parser->cfg->server_cert_file);
2416 cfg_parser->cfg->server_cert_file = $2;
2419 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG
2421 OUTYY(("P(rc_control_key_file:%s)\n", $2));
2422 free(cfg_parser->cfg->control_key_file);
2423 cfg_parser->cfg->control_key_file = $2;
2426 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG
2428 OUTYY(("P(rc_control_cert_file:%s)\n", $2));
2429 free(cfg_parser->cfg->control_cert_file);
2430 cfg_parser->cfg->control_cert_file = $2;
2435 OUTYY(("\nP(dnstap:)\n"));
2438 contents_dt: contents_dt content_dt
2440 content_dt: dt_dnstap_enable | dt_dnstap_socket_path |
2441 dt_dnstap_send_identity | dt_dnstap_send_version |
2442 dt_dnstap_identity | dt_dnstap_version |
2443 dt_dnstap_log_resolver_query_messages |
2444 dt_dnstap_log_resolver_response_messages |
2445 dt_dnstap_log_client_query_messages |
2446 dt_dnstap_log_client_response_messages |
2447 dt_dnstap_log_forwarder_query_messages |
2448 dt_dnstap_log_forwarder_response_messages
2450 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG
2452 OUTYY(("P(dt_dnstap_enable:%s)\n", $2));
2453 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2454 yyerror("expected yes or no.");
2455 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0);
2458 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG
2460 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2));
2461 free(cfg_parser->cfg->dnstap_socket_path);
2462 cfg_parser->cfg->dnstap_socket_path = $2;
2465 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG
2467 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2));
2468 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2469 yyerror("expected yes or no.");
2470 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0);
2473 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG
2475 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2));
2476 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2477 yyerror("expected yes or no.");
2478 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0);
2481 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG
2483 OUTYY(("P(dt_dnstap_identity:%s)\n", $2));
2484 free(cfg_parser->cfg->dnstap_identity);
2485 cfg_parser->cfg->dnstap_identity = $2;
2488 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG
2490 OUTYY(("P(dt_dnstap_version:%s)\n", $2));
2491 free(cfg_parser->cfg->dnstap_version);
2492 cfg_parser->cfg->dnstap_version = $2;
2495 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG
2497 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2));
2498 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2499 yyerror("expected yes or no.");
2500 else cfg_parser->cfg->dnstap_log_resolver_query_messages =
2501 (strcmp($2, "yes")==0);
2504 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG
2506 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2));
2507 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2508 yyerror("expected yes or no.");
2509 else cfg_parser->cfg->dnstap_log_resolver_response_messages =
2510 (strcmp($2, "yes")==0);
2513 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG
2515 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2));
2516 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2517 yyerror("expected yes or no.");
2518 else cfg_parser->cfg->dnstap_log_client_query_messages =
2519 (strcmp($2, "yes")==0);
2522 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG
2524 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2));
2525 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2526 yyerror("expected yes or no.");
2527 else cfg_parser->cfg->dnstap_log_client_response_messages =
2528 (strcmp($2, "yes")==0);
2531 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG
2533 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2));
2534 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2535 yyerror("expected yes or no.");
2536 else cfg_parser->cfg->dnstap_log_forwarder_query_messages =
2537 (strcmp($2, "yes")==0);
2540 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG
2542 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2));
2543 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2544 yyerror("expected yes or no.");
2545 else cfg_parser->cfg->dnstap_log_forwarder_response_messages =
2546 (strcmp($2, "yes")==0);
2549 pythonstart: VAR_PYTHON
2551 OUTYY(("\nP(python:)\n"));
2554 contents_py: contents_py content_py
2556 content_py: py_script
2558 py_script: VAR_PYTHON_SCRIPT STRING_ARG
2560 OUTYY(("P(python-script:%s)\n", $2));
2561 free(cfg_parser->cfg->python_script);
2562 cfg_parser->cfg->python_script = $2;
2564 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG
2566 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2));
2567 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2568 yyerror("expected yes or no.");
2569 else cfg_parser->cfg->disable_dnssec_lame_check =
2570 (strcmp($2, "yes")==0);
2574 server_log_identity: VAR_LOG_IDENTITY STRING_ARG
2576 OUTYY(("P(server_log_identity:%s)\n", $2));
2577 free(cfg_parser->cfg->log_identity);
2578 cfg_parser->cfg->log_identity = $2;
2581 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2583 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3));
2584 validate_respip_action($3);
2585 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions,
2587 fatal_exit("out of memory adding response-ip");
2590 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2592 OUTYY(("P(server_response_ip_data:%s)\n", $2));
2593 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data,
2595 fatal_exit("out of memory adding response-ip-data");
2598 dnscstart: VAR_DNSCRYPT
2600 OUTYY(("\nP(dnscrypt:)\n"));
2601 OUTYY(("\nP(dnscrypt:)\n"));
2604 contents_dnsc: contents_dnsc content_dnsc
2607 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider |
2608 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert |
2609 dnsc_dnscrypt_provider_cert_rotated |
2610 dnsc_dnscrypt_shared_secret_cache_size |
2611 dnsc_dnscrypt_shared_secret_cache_slabs |
2612 dnsc_dnscrypt_nonce_cache_size |
2613 dnsc_dnscrypt_nonce_cache_slabs
2615 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG
2617 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2));
2618 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2619 yyerror("expected yes or no.");
2620 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0);
2625 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG
2627 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2));
2630 yyerror("port number expected");
2631 else cfg_parser->cfg->dnscrypt_port = atoi($2);
2635 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG
2637 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2));
2638 free(cfg_parser->cfg->dnscrypt_provider);
2639 cfg_parser->cfg->dnscrypt_provider = $2;
2642 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG
2644 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2));
2645 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2))
2646 log_warn("dnscrypt-provider-cert %s is a duplicate", $2);
2647 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2))
2648 fatal_exit("out of memory adding dnscrypt-provider-cert");
2651 dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG
2653 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2));
2654 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2))
2655 fatal_exit("out of memory adding dnscrypt-provider-cert-rotated");
2658 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG
2660 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2));
2661 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2))
2662 log_warn("dnscrypt-secret-key: %s is a duplicate", $2);
2663 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2))
2664 fatal_exit("out of memory adding dnscrypt-secret-key");
2667 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG
2669 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2));
2670 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size))
2671 yyerror("memory size expected");
2675 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG
2677 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2));
2679 yyerror("number expected");
2681 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2);
2682 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs))
2683 yyerror("must be a power of 2");
2688 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG
2690 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2));
2691 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size))
2692 yyerror("memory size expected");
2696 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG
2698 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2));
2700 yyerror("number expected");
2702 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2);
2703 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs))
2704 yyerror("must be a power of 2");
2709 cachedbstart: VAR_CACHEDB
2711 OUTYY(("\nP(cachedb:)\n"));
2714 contents_cachedb: contents_cachedb content_cachedb
2716 content_cachedb: cachedb_backend_name | cachedb_secret_seed |
2717 redis_server_host | redis_server_port | redis_timeout
2719 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG
2722 OUTYY(("P(backend:%s)\n", $2));
2723 if(cfg_parser->cfg->cachedb_backend)
2724 yyerror("cachedb backend override, there must be one "
2726 free(cfg_parser->cfg->cachedb_backend);
2727 cfg_parser->cfg->cachedb_backend = $2;
2729 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2733 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG
2736 OUTYY(("P(secret-seed:%s)\n", $2));
2737 if(cfg_parser->cfg->cachedb_secret)
2738 yyerror("cachedb secret-seed override, there must be "
2740 free(cfg_parser->cfg->cachedb_secret);
2741 cfg_parser->cfg->cachedb_secret = $2;
2743 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2748 redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG
2750 #if defined(USE_CACHEDB) && defined(USE_REDIS)
2751 OUTYY(("P(redis_server_host:%s)\n", $2));
2752 free(cfg_parser->cfg->redis_server_host);
2753 cfg_parser->cfg->redis_server_host = $2;
2755 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n"));
2760 redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG
2762 #if defined(USE_CACHEDB) && defined(USE_REDIS)
2764 OUTYY(("P(redis_server_port:%s)\n", $2));
2766 if(port == 0 || port < 0 || port > 65535)
2767 yyerror("valid redis server port number expected");
2768 else cfg_parser->cfg->redis_server_port = port;
2770 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n"));
2775 redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG
2777 #if defined(USE_CACHEDB) && defined(USE_REDIS)
2778 OUTYY(("P(redis_timeout:%s)\n", $2));
2780 yyerror("redis timeout value expected");
2781 else cfg_parser->cfg->redis_timeout = atoi($2);
2783 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n"));
2788 server_tcp_connection_limit: VAR_TCP_CONNECTION_LIMIT STRING_ARG STRING_ARG
2790 OUTYY(("P(server_tcp_connection_limit:%s %s)\n", $2, $3));
2792 yyerror("positive number expected");
2794 if(!cfg_str2list_insert(&cfg_parser->cfg->tcp_connection_limits, $2, $3))
2795 fatal_exit("out of memory adding tcp connection limit");
2801 /* parse helper routines could be here */
2803 validate_respip_action(const char* action)
2805 if(strcmp(action, "deny")!=0 &&
2806 strcmp(action, "redirect")!=0 &&
2807 strcmp(action, "inform")!=0 &&
2808 strcmp(action, "inform_deny")!=0 &&
2809 strcmp(action, "always_transparent")!=0 &&
2810 strcmp(action, "always_refuse")!=0 &&
2811 strcmp(action, "always_nxdomain")!=0)
2813 yyerror("response-ip action: expected deny, redirect, "
2814 "inform, inform_deny, always_transparent, "
2815 "always_refuse or always_nxdomain");