contrib/unbound/util/configparser.y

   1 /*
   2  * configparser.y -- yacc grammar for unbound configuration files
   3  *
   4  * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
   5  *
   6  * Copyright (c) 2007, NLnet Labs. All rights reserved.
   7  *
   8  * This software is open source.
   9  *
  10  * Redistribution and use in source and binary forms, with or without
  11  * modification, are permitted provided that the following conditions
  12  * are met:
  13  *
  14  * Redistributions of source code must retain the above copyright notice,
  15  * this list of conditions and the following disclaimer.
  16  *
  17  * Redistributions in binary form must reproduce the above copyright notice,
  18  * this list of conditions and the following disclaimer in the documentation
  19  * and/or other materials provided with the distribution.
  20  *
  21  * Neither the name of the NLNET LABS nor the names of its contributors may
  22  * be used to endorse or promote products derived from this software without
  23  * specific prior written permission.
  24  *
  25  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  26  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  27  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  28  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  29  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  30  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
  31  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  32  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  33  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  34  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  35  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  36  */
  37
  38 %{
  39 #include "config.h"
  40
  41 #include <stdarg.h>
  42 #include <stdio.h>
  43 #include <string.h>
  44 #include <stdlib.h>
  45 #include <assert.h>
  46
  47 #include "util/configyyrename.h"
  48 #include "util/config_file.h"
  49 #include "util/net_help.h"
  50
  51 int ub_c_lex(void);
  52 void ub_c_error(const char *message);
  53
  54 static void validate_respip_action(const char* action);
  55
  56 /* these need to be global, otherwise they cannot be used inside yacc */
  57 extern struct config_parser_state* cfg_parser;
  58
  59 #if 0
  60 #define OUTYY(s)  printf s /* used ONLY when debugging */
  61 #else
  62 #define OUTYY(s)
  63 #endif
  64
  65 %}
  66 %union {
  67         char*   str;
  68 };
  69
  70 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR
  71 %token <str> STRING_ARG
  72 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT
  73 %token VAR_OUTGOING_RANGE VAR_INTERFACE
  74 %token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP
  75 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS
  76 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE
  77 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD
  78 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP
  79 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS
  80 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME
  81 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY
  82 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES
  83 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR
  84 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION
  85 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF
  86 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE
  87 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE
  88 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE
  89 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE
  90 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG
  91 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST
  92 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL
  93 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC
  94 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID
  95 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT
  96 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR
  97 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS
  98 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE
  99 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE
 100 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE
 101 %token VAR_CONTROL_USE_CERT
 102 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT
 103 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII
 104 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN
 105 %token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL
 106 %token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN
 107 %token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH
 108 %token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN
 109 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES
 110 %token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
 111 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST
 112 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM
 113 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN
 114 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE
 115 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES
 116 %token VAR_INFRA_CACHE_MIN_RTT
 117 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL
 118 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH
 119 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION
 120 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION
 121 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES
 122 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES
 123 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES
 124 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES
 125 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES
 126 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES
 127 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA
 128 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT
 129 %token VAR_DISABLE_DNSSEC_LAME_CHECK
 130 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE
 131 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE
 132 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN
 133 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR
 134 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE
 135 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE
 136 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6
 137 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN
 138 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND
 139 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG
 140 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION
 141 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW
 142 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_FAKE_DSA VAR_FAKE_SHA1
 143 %token VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR VAR_TRUST_ANCHOR_SIGNALING
 144 %token VAR_USE_SYSTEMD VAR_SHM_ENABLE VAR_SHM_KEY
 145 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER
 146 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT
 147 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS
 148 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT
 149
 150 %%
 151 toplevelvars: /* empty */ | toplevelvars toplevelvar ;
 152 toplevelvar: serverstart contents_server | stubstart contents_stub |
 153         forwardstart contents_forward | pythonstart contents_py |
 154         rcstart contents_rc | dtstart contents_dt | viewstart
 155         contents_view |
 156         dnscstart contents_dnsc
 157         ;
 158
 159 /* server: declaration */
 160 serverstart: VAR_SERVER
 161         {
 162                 OUTYY(("\nP(server:)\n"));
 163         }
 164         ;
 165 contents_server: contents_server content_server
 166         | ;
 167 content_server: server_num_threads | server_verbosity | server_port |
 168         server_outgoing_range | server_do_ip4 |
 169         server_do_ip6 | server_prefer_ip6 |
 170         server_do_udp | server_do_tcp |
 171         server_tcp_mss | server_outgoing_tcp_mss |
 172         server_interface | server_chroot | server_username |
 173         server_directory | server_logfile | server_pidfile |
 174         server_msg_cache_size | server_msg_cache_slabs |
 175         server_num_queries_per_thread | server_rrset_cache_size |
 176         server_rrset_cache_slabs | server_outgoing_num_tcp |
 177         server_infra_host_ttl | server_infra_lame_ttl |
 178         server_infra_cache_slabs | server_infra_cache_numhosts |
 179         server_infra_cache_lame_size | server_target_fetch_policy |
 180         server_harden_short_bufsize | server_harden_large_queries |
 181         server_do_not_query_address | server_hide_identity |
 182         server_hide_version | server_identity | server_version |
 183         server_harden_glue | server_module_conf | server_trust_anchor_file |
 184         server_trust_anchor | server_val_override_date | server_bogus_ttl |
 185         server_val_clean_additional | server_val_permissive_mode |
 186         server_incoming_num_tcp | server_msg_buffer_size |
 187         server_key_cache_size | server_key_cache_slabs |
 188         server_trusted_keys_file | server_val_nsec3_keysize_iterations |
 189         server_use_syslog | server_outgoing_interface | server_root_hints |
 190         server_do_not_query_localhost | server_cache_max_ttl |
 191         server_harden_dnssec_stripped | server_access_control |
 192         server_local_zone | server_local_data | server_interface_automatic |
 193         server_statistics_interval | server_do_daemonize |
 194         server_use_caps_for_id | server_statistics_cumulative |
 195         server_outgoing_port_permit | server_outgoing_port_avoid |
 196         server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size |
 197         server_harden_referral_path | server_private_address |
 198         server_private_domain | server_extended_statistics |
 199         server_local_data_ptr | server_jostle_timeout |
 200         server_unwanted_reply_threshold | server_log_time_ascii |
 201         server_domain_insecure | server_val_sig_skew_min |
 202         server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level |
 203         server_auto_trust_anchor_file | server_add_holddown |
 204         server_del_holddown | server_keep_missing | server_so_rcvbuf |
 205         server_edns_buffer_size | server_prefetch | server_prefetch_key |
 206         server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag |
 207         server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream |
 208         server_ssl_service_key | server_ssl_service_pem | server_ssl_port |
 209         server_minimal_responses | server_rrset_roundrobin | server_max_udp_size |
 210         server_so_reuseport | server_delay_close |
 211         server_unblock_lan_zones | server_insecure_lan_zones |
 212         server_dns64_prefix | server_dns64_synthall |
 213         server_infra_cache_min_rtt | server_harden_algo_downgrade |
 214         server_ip_transparent | server_ip_ratelimit | server_ratelimit |
 215         server_ip_ratelimit_slabs | server_ratelimit_slabs |
 216         server_ip_ratelimit_size | server_ratelimit_size |
 217         server_ratelimit_for_domain |
 218         server_ratelimit_below_domain | server_ratelimit_factor |
 219         server_ip_ratelimit_factor | server_send_client_subnet |
 220         server_client_subnet_zone | server_client_subnet_always_forward |
 221         server_client_subnet_opcode |
 222         server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 |
 223         server_caps_whitelist | server_cache_max_negative_ttl |
 224         server_permit_small_holddown | server_qname_minimisation |
 225         server_ip_freebind | server_define_tag | server_local_zone_tag |
 226         server_disable_dnssec_lame_check | server_access_control_tag |
 227         server_local_zone_override | server_access_control_tag_action |
 228         server_access_control_tag_data | server_access_control_view |
 229         server_qname_minimisation_strict | server_serve_expired |
 230         server_fake_dsa | server_log_identity | server_use_systemd |
 231         server_response_ip_tag | server_response_ip | server_response_ip_data |
 232         server_shm_enable | server_shm_key | server_fake_sha1 |
 233         server_hide_trustanchor | server_trust_anchor_signaling |
 234         server_ipsecmod_enabled | server_ipsecmod_hook |
 235         server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl |
 236         server_ipsecmod_whitelist | server_ipsecmod_strict
 237         ;
 238 stubstart: VAR_STUB_ZONE
 239         {
 240                 struct config_stub* s;
 241                 OUTYY(("\nP(stub_zone:)\n"));
 242                 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
 243                 if(s) {
 244                         s->next = cfg_parser->cfg->stubs;
 245                         cfg_parser->cfg->stubs = s;
 246                 } else
 247                         yyerror("out of memory");
 248         }
 249         ;
 250 contents_stub: contents_stub content_stub
 251         | ;
 252 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first |
 253         stub_ssl_upstream
 254         ;
 255 forwardstart: VAR_FORWARD_ZONE
 256         {
 257                 struct config_stub* s;
 258                 OUTYY(("\nP(forward_zone:)\n"));
 259                 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
 260                 if(s) {
 261                         s->next = cfg_parser->cfg->forwards;
 262                         cfg_parser->cfg->forwards = s;
 263                 } else
 264                         yyerror("out of memory");
 265         }
 266         ;
 267 contents_forward: contents_forward content_forward
 268         | ;
 269 content_forward: forward_name | forward_host | forward_addr | forward_first |
 270         forward_ssl_upstream
 271         ;
 272 viewstart: VAR_VIEW
 273         {
 274                 struct config_view* s;
 275                 OUTYY(("\nP(view:)\n"));
 276                 s = (struct config_view*)calloc(1, sizeof(struct config_view));
 277                 if(s) {
 278                         s->next = cfg_parser->cfg->views;
 279                         if(s->next && !s->next->name)
 280                                 yyerror("view without name");
 281                         cfg_parser->cfg->views = s;
 282                 } else
 283                         yyerror("out of memory");
 284         }
 285         ;
 286 contents_view: contents_view content_view
 287         | ;
 288 content_view: view_name | view_local_zone | view_local_data | view_first |
 289                 view_response_ip | view_response_ip_data | view_local_data_ptr
 290         ;
 291 server_num_threads: VAR_NUM_THREADS STRING_ARG
 292         {
 293                 OUTYY(("P(server_num_threads:%s)\n", $2));
 294                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 295                         yyerror("number expected");
 296                 else cfg_parser->cfg->num_threads = atoi($2);
 297                 free($2);
 298         }
 299         ;
 300 server_verbosity: VAR_VERBOSITY STRING_ARG
 301         {
 302                 OUTYY(("P(server_verbosity:%s)\n", $2));
 303                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 304                         yyerror("number expected");
 305                 else cfg_parser->cfg->verbosity = atoi($2);
 306                 free($2);
 307         }
 308         ;
 309 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG
 310         {
 311                 OUTYY(("P(server_statistics_interval:%s)\n", $2));
 312                 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
 313                         cfg_parser->cfg->stat_interval = 0;
 314                 else if(atoi($2) == 0)
 315                         yyerror("number expected");
 316                 else cfg_parser->cfg->stat_interval = atoi($2);
 317                 free($2);
 318         }
 319         ;
 320 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG
 321         {
 322                 OUTYY(("P(server_statistics_cumulative:%s)\n", $2));
 323                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 324                         yyerror("expected yes or no.");
 325                 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0);
 326                 free($2);
 327         }
 328         ;
 329 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG
 330         {
 331                 OUTYY(("P(server_extended_statistics:%s)\n", $2));
 332                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 333                         yyerror("expected yes or no.");
 334                 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0);
 335                 free($2);
 336         }
 337         ;
 338 server_shm_enable: VAR_SHM_ENABLE STRING_ARG
 339         {
 340                 OUTYY(("P(server_shm_enable:%s)\n", $2));
 341                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 342                         yyerror("expected yes or no.");
 343                 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0);
 344                 free($2);
 345         }
 346         ;
 347 server_shm_key: VAR_SHM_KEY STRING_ARG
 348         {
 349                 OUTYY(("P(server_shm_key:%s)\n", $2));
 350                 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
 351                         cfg_parser->cfg->shm_key = 0;
 352                 else if(atoi($2) == 0)
 353                         yyerror("number expected");
 354                 else cfg_parser->cfg->shm_key = atoi($2);
 355                 free($2);
 356         }
 357         ;
 358 server_port: VAR_PORT STRING_ARG
 359         {
 360                 OUTYY(("P(server_port:%s)\n", $2));
 361                 if(atoi($2) == 0)
 362                         yyerror("port number expected");
 363                 else cfg_parser->cfg->port = atoi($2);
 364                 free($2);
 365         }
 366         ;
 367 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG
 368         {
 369         #ifdef CLIENT_SUBNET
 370                 OUTYY(("P(server_send_client_subnet:%s)\n", $2));
 371                 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2))
 372                         fatal_exit("out of memory adding client-subnet");
 373         #else
 374                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
 375         #endif
 376         }
 377         ;
 378 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG
 379         {
 380         #ifdef CLIENT_SUBNET
 381                 OUTYY(("P(server_client_subnet_zone:%s)\n", $2));
 382                 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone,
 383                         $2))
 384                         fatal_exit("out of memory adding client-subnet-zone");
 385         #else
 386                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
 387         #endif
 388         }
 389         ;
 390 server_client_subnet_always_forward:
 391         VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG
 392         {
 393         #ifdef CLIENT_SUBNET
 394                 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2));
 395                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 396                         yyerror("expected yes or no.");
 397                 else
 398                         cfg_parser->cfg->client_subnet_always_forward =
 399                                 (strcmp($2, "yes")==0);
 400         #else
 401                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
 402         #endif
 403                 free($2);
 404         }
 405         ;
 406 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG
 407         {
 408         #ifdef CLIENT_SUBNET
 409                 OUTYY(("P(client_subnet_opcode:%s)\n", $2));
 410                 OUTYY(("P(Depricated option, ignoring)\n"));
 411         #else
 412                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
 413         #endif
 414                 free($2);
 415         }
 416         ;
 417 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG
 418         {
 419         #ifdef CLIENT_SUBNET
 420                 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2));
 421                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 422                         yyerror("IPv4 subnet length expected");
 423                 else if (atoi($2) > 32)
 424                         cfg_parser->cfg->max_client_subnet_ipv4 = 32;
 425                 else if (atoi($2) < 0)
 426                         cfg_parser->cfg->max_client_subnet_ipv4 = 0;
 427                 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2);
 428         #else
 429                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
 430         #endif
 431                 free($2);
 432         }
 433         ;
 434 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG
 435         {
 436         #ifdef CLIENT_SUBNET
 437                 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2));
 438                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 439                         yyerror("Ipv6 subnet length expected");
 440                 else if (atoi($2) > 128)
 441                         cfg_parser->cfg->max_client_subnet_ipv6 = 128;
 442                 else if (atoi($2) < 0)
 443                         cfg_parser->cfg->max_client_subnet_ipv6 = 0;
 444                 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2);
 445         #else
 446                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
 447         #endif
 448                 free($2);
 449         }
 450         ;
 451 server_interface: VAR_INTERFACE STRING_ARG
 452         {
 453                 OUTYY(("P(server_interface:%s)\n", $2));
 454                 if(cfg_parser->cfg->num_ifs == 0)
 455                         cfg_parser->cfg->ifs = calloc(1, sizeof(char*));
 456                 else    cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs,
 457                                 (cfg_parser->cfg->num_ifs+1)*sizeof(char*));
 458                 if(!cfg_parser->cfg->ifs)
 459                         yyerror("out of memory");
 460                 else
 461                         cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2;
 462         }
 463         ;
 464 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG
 465         {
 466                 OUTYY(("P(server_outgoing_interface:%s)\n", $2));
 467                 if(cfg_parser->cfg->num_out_ifs == 0)
 468                         cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*));
 469                 else    cfg_parser->cfg->out_ifs = realloc(
 470                         cfg_parser->cfg->out_ifs,
 471                         (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*));
 472                 if(!cfg_parser->cfg->out_ifs)
 473                         yyerror("out of memory");
 474                 else
 475                         cfg_parser->cfg->out_ifs[
 476                                 cfg_parser->cfg->num_out_ifs++] = $2;
 477         }
 478         ;
 479 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG
 480         {
 481                 OUTYY(("P(server_outgoing_range:%s)\n", $2));
 482                 if(atoi($2) == 0)
 483                         yyerror("number expected");
 484                 else cfg_parser->cfg->outgoing_num_ports = atoi($2);
 485                 free($2);
 486         }
 487         ;
 488 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG
 489         {
 490                 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2));
 491                 if(!cfg_mark_ports($2, 1,
 492                         cfg_parser->cfg->outgoing_avail_ports, 65536))
 493                         yyerror("port number or range (\"low-high\") expected");
 494                 free($2);
 495         }
 496         ;
 497 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG
 498         {
 499                 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2));
 500                 if(!cfg_mark_ports($2, 0,
 501                         cfg_parser->cfg->outgoing_avail_ports, 65536))
 502                         yyerror("port number or range (\"low-high\") expected");
 503                 free($2);
 504         }
 505         ;
 506 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG
 507         {
 508                 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2));
 509                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 510                         yyerror("number expected");
 511                 else cfg_parser->cfg->outgoing_num_tcp = atoi($2);
 512                 free($2);
 513         }
 514         ;
 515 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG
 516         {
 517                 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2));
 518                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 519                         yyerror("number expected");
 520                 else cfg_parser->cfg->incoming_num_tcp = atoi($2);
 521                 free($2);
 522         }
 523         ;
 524 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG
 525         {
 526                 OUTYY(("P(server_interface_automatic:%s)\n", $2));
 527                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 528                         yyerror("expected yes or no.");
 529                 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0);
 530                 free($2);
 531         }
 532         ;
 533 server_do_ip4: VAR_DO_IP4 STRING_ARG
 534         {
 535                 OUTYY(("P(server_do_ip4:%s)\n", $2));
 536                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 537                         yyerror("expected yes or no.");
 538                 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0);
 539                 free($2);
 540         }
 541         ;
 542 server_do_ip6: VAR_DO_IP6 STRING_ARG
 543         {
 544                 OUTYY(("P(server_do_ip6:%s)\n", $2));
 545                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 546                         yyerror("expected yes or no.");
 547                 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0);
 548                 free($2);
 549         }
 550         ;
 551 server_do_udp: VAR_DO_UDP STRING_ARG
 552         {
 553                 OUTYY(("P(server_do_udp:%s)\n", $2));
 554                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 555                         yyerror("expected yes or no.");
 556                 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0);
 557                 free($2);
 558         }
 559         ;
 560 server_do_tcp: VAR_DO_TCP STRING_ARG
 561         {
 562                 OUTYY(("P(server_do_tcp:%s)\n", $2));
 563                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 564                         yyerror("expected yes or no.");
 565                 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0);
 566                 free($2);
 567         }
 568         ;
 569 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG
 570         {
 571                 OUTYY(("P(server_prefer_ip6:%s)\n", $2));
 572                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 573                         yyerror("expected yes or no.");
 574                 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0);
 575                 free($2);
 576         }
 577         ;
 578 server_tcp_mss: VAR_TCP_MSS STRING_ARG
 579         {
 580                 OUTYY(("P(server_tcp_mss:%s)\n", $2));
 581                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 582                         yyerror("number expected");
 583                 else cfg_parser->cfg->tcp_mss = atoi($2);
 584                 free($2);
 585         }
 586         ;
 587 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG
 588         {
 589                 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2));
 590                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 591                         yyerror("number expected");
 592                 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2);
 593                 free($2);
 594         }
 595         ;
 596 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG
 597         {
 598                 OUTYY(("P(server_tcp_upstream:%s)\n", $2));
 599                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 600                         yyerror("expected yes or no.");
 601                 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0);
 602                 free($2);
 603         }
 604         ;
 605 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG
 606         {
 607                 OUTYY(("P(server_ssl_upstream:%s)\n", $2));
 608                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 609                         yyerror("expected yes or no.");
 610                 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0);
 611                 free($2);
 612         }
 613         ;
 614 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG
 615         {
 616                 OUTYY(("P(server_ssl_service_key:%s)\n", $2));
 617                 free(cfg_parser->cfg->ssl_service_key);
 618                 cfg_parser->cfg->ssl_service_key = $2;
 619         }
 620         ;
 621 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG
 622         {
 623                 OUTYY(("P(server_ssl_service_pem:%s)\n", $2));
 624                 free(cfg_parser->cfg->ssl_service_pem);
 625                 cfg_parser->cfg->ssl_service_pem = $2;
 626         }
 627         ;
 628 server_ssl_port: VAR_SSL_PORT STRING_ARG
 629         {
 630                 OUTYY(("P(server_ssl_port:%s)\n", $2));
 631                 if(atoi($2) == 0)
 632                         yyerror("port number expected");
 633                 else cfg_parser->cfg->ssl_port = atoi($2);
 634                 free($2);
 635         }
 636         ;
 637 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG
 638         {
 639                 OUTYY(("P(server_use_systemd:%s)\n", $2));
 640                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 641                         yyerror("expected yes or no.");
 642                 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0);
 643                 free($2);
 644         }
 645         ;
 646 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG
 647         {
 648                 OUTYY(("P(server_do_daemonize:%s)\n", $2));
 649                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 650                         yyerror("expected yes or no.");
 651                 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0);
 652                 free($2);
 653         }
 654         ;
 655 server_use_syslog: VAR_USE_SYSLOG STRING_ARG
 656         {
 657                 OUTYY(("P(server_use_syslog:%s)\n", $2));
 658                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 659                         yyerror("expected yes or no.");
 660                 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0);
 661 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS)
 662                 if(strcmp($2, "yes") == 0)
 663                         yyerror("no syslog services are available. "
 664                                 "(reconfigure and compile to add)");
 665 #endif
 666                 free($2);
 667         }
 668         ;
 669 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG
 670         {
 671                 OUTYY(("P(server_log_time_ascii:%s)\n", $2));
 672                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 673                         yyerror("expected yes or no.");
 674                 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0);
 675                 free($2);
 676         }
 677         ;
 678 server_log_queries: VAR_LOG_QUERIES STRING_ARG
 679         {
 680                 OUTYY(("P(server_log_queries:%s)\n", $2));
 681                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 682                         yyerror("expected yes or no.");
 683                 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0);
 684                 free($2);
 685         }
 686         ;
 687 server_log_replies: VAR_LOG_REPLIES STRING_ARG
 688   {
 689         OUTYY(("P(server_log_replies:%s)\n", $2));
 690         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 691                 yyerror("expected yes or no.");
 692         else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0);
 693         free($2);
 694   }
 695   ;
 696 server_chroot: VAR_CHROOT STRING_ARG
 697         {
 698                 OUTYY(("P(server_chroot:%s)\n", $2));
 699                 free(cfg_parser->cfg->chrootdir);
 700                 cfg_parser->cfg->chrootdir = $2;
 701         }
 702         ;
 703 server_username: VAR_USERNAME STRING_ARG
 704         {
 705                 OUTYY(("P(server_username:%s)\n", $2));
 706                 free(cfg_parser->cfg->username);
 707                 cfg_parser->cfg->username = $2;
 708         }
 709         ;
 710 server_directory: VAR_DIRECTORY STRING_ARG
 711         {
 712                 OUTYY(("P(server_directory:%s)\n", $2));
 713                 free(cfg_parser->cfg->directory);
 714                 cfg_parser->cfg->directory = $2;
 715                 /* change there right away for includes relative to this */
 716                 if($2[0]) {
 717                         char* d;
 718 #ifdef UB_ON_WINDOWS
 719                         w_config_adjust_directory(cfg_parser->cfg);
 720 #endif
 721                         d = cfg_parser->cfg->directory;
 722                         /* adjust directory if we have already chroot,
 723                          * like, we reread after sighup */
 724                         if(cfg_parser->chroot && cfg_parser->chroot[0] &&
 725                                 strncmp(d, cfg_parser->chroot, strlen(
 726                                 cfg_parser->chroot)) == 0)
 727                                 d += strlen(cfg_parser->chroot);
 728                         if(d[0]) {
 729                             if(chdir(d))
 730                                 log_err("cannot chdir to directory: %s (%s)",
 731                                         d, strerror(errno));
 732                         }
 733                 }
 734         }
 735         ;
 736 server_logfile: VAR_LOGFILE STRING_ARG
 737         {
 738                 OUTYY(("P(server_logfile:%s)\n", $2));
 739                 free(cfg_parser->cfg->logfile);
 740                 cfg_parser->cfg->logfile = $2;
 741                 cfg_parser->cfg->use_syslog = 0;
 742         }
 743         ;
 744 server_pidfile: VAR_PIDFILE STRING_ARG
 745         {
 746                 OUTYY(("P(server_pidfile:%s)\n", $2));
 747                 free(cfg_parser->cfg->pidfile);
 748                 cfg_parser->cfg->pidfile = $2;
 749         }
 750         ;
 751 server_root_hints: VAR_ROOT_HINTS STRING_ARG
 752         {
 753                 OUTYY(("P(server_root_hints:%s)\n", $2));
 754                 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2))
 755                         yyerror("out of memory");
 756         }
 757         ;
 758 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG
 759         {
 760                 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2));
 761                 free(cfg_parser->cfg->dlv_anchor_file);
 762                 cfg_parser->cfg->dlv_anchor_file = $2;
 763         }
 764         ;
 765 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG
 766         {
 767                 OUTYY(("P(server_dlv_anchor:%s)\n", $2));
 768                 if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, $2))
 769                         yyerror("out of memory");
 770         }
 771         ;
 772 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG
 773         {
 774                 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2));
 775                 if(!cfg_strlist_insert(&cfg_parser->cfg->
 776                         auto_trust_anchor_file_list, $2))
 777                         yyerror("out of memory");
 778         }
 779         ;
 780 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG
 781         {
 782                 OUTYY(("P(server_trust_anchor_file:%s)\n", $2));
 783                 if(!cfg_strlist_insert(&cfg_parser->cfg->
 784                         trust_anchor_file_list, $2))
 785                         yyerror("out of memory");
 786         }
 787         ;
 788 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG
 789         {
 790                 OUTYY(("P(server_trusted_keys_file:%s)\n", $2));
 791                 if(!cfg_strlist_insert(&cfg_parser->cfg->
 792                         trusted_keys_file_list, $2))
 793                         yyerror("out of memory");
 794         }
 795         ;
 796 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG
 797         {
 798                 OUTYY(("P(server_trust_anchor:%s)\n", $2));
 799                 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2))
 800                         yyerror("out of memory");
 801         }
 802         ;
 803 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG
 804         {
 805                 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2));
 806                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 807                         yyerror("expected yes or no.");
 808                 else
 809                         cfg_parser->cfg->trust_anchor_signaling =
 810                                 (strcmp($2, "yes")==0);
 811                 free($2);
 812         }
 813         ;
 814 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG
 815         {
 816                 OUTYY(("P(server_domain_insecure:%s)\n", $2));
 817                 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2))
 818                         yyerror("out of memory");
 819         }
 820         ;
 821 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG
 822         {
 823                 OUTYY(("P(server_hide_identity:%s)\n", $2));
 824                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 825                         yyerror("expected yes or no.");
 826                 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0);
 827                 free($2);
 828         }
 829         ;
 830 server_hide_version: VAR_HIDE_VERSION STRING_ARG
 831         {
 832                 OUTYY(("P(server_hide_version:%s)\n", $2));
 833                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 834                         yyerror("expected yes or no.");
 835                 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0);
 836                 free($2);
 837         }
 838         ;
 839 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG
 840         {
 841                 OUTYY(("P(server_hide_trustanchor:%s)\n", $2));
 842                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 843                         yyerror("expected yes or no.");
 844                 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0);
 845                 free($2);
 846         }
 847         ;
 848 server_identity: VAR_IDENTITY STRING_ARG
 849         {
 850                 OUTYY(("P(server_identity:%s)\n", $2));
 851                 free(cfg_parser->cfg->identity);
 852                 cfg_parser->cfg->identity = $2;
 853         }
 854         ;
 855 server_version: VAR_VERSION STRING_ARG
 856         {
 857                 OUTYY(("P(server_version:%s)\n", $2));
 858                 free(cfg_parser->cfg->version);
 859                 cfg_parser->cfg->version = $2;
 860         }
 861         ;
 862 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG
 863         {
 864                 OUTYY(("P(server_so_rcvbuf:%s)\n", $2));
 865                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf))
 866                         yyerror("buffer size expected");
 867                 free($2);
 868         }
 869         ;
 870 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG
 871         {
 872                 OUTYY(("P(server_so_sndbuf:%s)\n", $2));
 873                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf))
 874                         yyerror("buffer size expected");
 875                 free($2);
 876         }
 877         ;
 878 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG
 879     {
 880         OUTYY(("P(server_so_reuseport:%s)\n", $2));
 881         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 882             yyerror("expected yes or no.");
 883         else cfg_parser->cfg->so_reuseport =
 884             (strcmp($2, "yes")==0);
 885         free($2);
 886     }
 887     ;
 888 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG
 889     {
 890         OUTYY(("P(server_ip_transparent:%s)\n", $2));
 891         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 892             yyerror("expected yes or no.");
 893         else cfg_parser->cfg->ip_transparent =
 894             (strcmp($2, "yes")==0);
 895         free($2);
 896     }
 897     ;
 898 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG
 899     {
 900         OUTYY(("P(server_ip_freebind:%s)\n", $2));
 901         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 902             yyerror("expected yes or no.");
 903         else cfg_parser->cfg->ip_freebind =
 904             (strcmp($2, "yes")==0);
 905         free($2);
 906     }
 907     ;
 908 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG
 909         {
 910                 OUTYY(("P(server_edns_buffer_size:%s)\n", $2));
 911                 if(atoi($2) == 0)
 912                         yyerror("number expected");
 913                 else if (atoi($2) < 12)
 914                         yyerror("edns buffer size too small");
 915                 else if (atoi($2) > 65535)
 916                         cfg_parser->cfg->edns_buffer_size = 65535;
 917                 else cfg_parser->cfg->edns_buffer_size = atoi($2);
 918                 free($2);
 919         }
 920         ;
 921 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG
 922         {
 923                 OUTYY(("P(server_msg_buffer_size:%s)\n", $2));
 924                 if(atoi($2) == 0)
 925                         yyerror("number expected");
 926                 else if (atoi($2) < 4096)
 927                         yyerror("message buffer size too small (use 4096)");
 928                 else cfg_parser->cfg->msg_buffer_size = atoi($2);
 929                 free($2);
 930         }
 931         ;
 932 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG
 933         {
 934                 OUTYY(("P(server_msg_cache_size:%s)\n", $2));
 935                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size))
 936                         yyerror("memory size expected");
 937                 free($2);
 938         }
 939         ;
 940 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG
 941         {
 942                 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2));
 943                 if(atoi($2) == 0)
 944                         yyerror("number expected");
 945                 else {
 946                         cfg_parser->cfg->msg_cache_slabs = atoi($2);
 947                         if(!is_pow2(cfg_parser->cfg->msg_cache_slabs))
 948                                 yyerror("must be a power of 2");
 949                 }
 950                 free($2);
 951         }
 952         ;
 953 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG
 954         {
 955                 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2));
 956                 if(atoi($2) == 0)
 957                         yyerror("number expected");
 958                 else cfg_parser->cfg->num_queries_per_thread = atoi($2);
 959                 free($2);
 960         }
 961         ;
 962 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG
 963         {
 964                 OUTYY(("P(server_jostle_timeout:%s)\n", $2));
 965                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 966                         yyerror("number expected");
 967                 else cfg_parser->cfg->jostle_time = atoi($2);
 968                 free($2);
 969         }
 970         ;
 971 server_delay_close: VAR_DELAY_CLOSE STRING_ARG
 972         {
 973                 OUTYY(("P(server_delay_close:%s)\n", $2));
 974                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 975                         yyerror("number expected");
 976                 else cfg_parser->cfg->delay_close = atoi($2);
 977                 free($2);
 978         }
 979         ;
 980 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG
 981         {
 982                 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2));
 983                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 984                         yyerror("expected yes or no.");
 985                 else cfg_parser->cfg->unblock_lan_zones =
 986                         (strcmp($2, "yes")==0);
 987                 free($2);
 988         }
 989         ;
 990 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG
 991         {
 992                 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2));
 993                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 994                         yyerror("expected yes or no.");
 995                 else cfg_parser->cfg->insecure_lan_zones =
 996                         (strcmp($2, "yes")==0);
 997                 free($2);
 998         }
 999         ;
1000 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG
1001         {
1002                 OUTYY(("P(server_rrset_cache_size:%s)\n", $2));
1003                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size))
1004                         yyerror("memory size expected");
1005                 free($2);
1006         }
1007         ;
1008 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG
1009         {
1010                 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2));
1011                 if(atoi($2) == 0)
1012                         yyerror("number expected");
1013                 else {
1014                         cfg_parser->cfg->rrset_cache_slabs = atoi($2);
1015                         if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs))
1016                                 yyerror("must be a power of 2");
1017                 }
1018                 free($2);
1019         }
1020         ;
1021 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG
1022         {
1023                 OUTYY(("P(server_infra_host_ttl:%s)\n", $2));
1024                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1025                         yyerror("number expected");
1026                 else cfg_parser->cfg->host_ttl = atoi($2);
1027                 free($2);
1028         }
1029         ;
1030 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG
1031         {
1032                 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2));
1033                 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option "
1034                         "removed, use infra-host-ttl)", $2);
1035                 free($2);
1036         }
1037         ;
1038 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG
1039         {
1040                 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2));
1041                 if(atoi($2) == 0)
1042                         yyerror("number expected");
1043                 else cfg_parser->cfg->infra_cache_numhosts = atoi($2);
1044                 free($2);
1045         }
1046         ;
1047 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG
1048         {
1049                 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2));
1050                 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s "
1051                         "(option removed, use infra-cache-numhosts)", $2);
1052                 free($2);
1053         }
1054         ;
1055 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG
1056         {
1057                 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2));
1058                 if(atoi($2) == 0)
1059                         yyerror("number expected");
1060                 else {
1061                         cfg_parser->cfg->infra_cache_slabs = atoi($2);
1062                         if(!is_pow2(cfg_parser->cfg->infra_cache_slabs))
1063                                 yyerror("must be a power of 2");
1064                 }
1065                 free($2);
1066         }
1067         ;
1068 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG
1069         {
1070                 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2));
1071                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1072                         yyerror("number expected");
1073                 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2);
1074                 free($2);
1075         }
1076         ;
1077 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG
1078         {
1079                 OUTYY(("P(server_target_fetch_policy:%s)\n", $2));
1080                 free(cfg_parser->cfg->target_fetch_policy);
1081                 cfg_parser->cfg->target_fetch_policy = $2;
1082         }
1083         ;
1084 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG
1085         {
1086                 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2));
1087                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1088                         yyerror("expected yes or no.");
1089                 else cfg_parser->cfg->harden_short_bufsize =
1090                         (strcmp($2, "yes")==0);
1091                 free($2);
1092         }
1093         ;
1094 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG
1095         {
1096                 OUTYY(("P(server_harden_large_queries:%s)\n", $2));
1097                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1098                         yyerror("expected yes or no.");
1099                 else cfg_parser->cfg->harden_large_queries =
1100                         (strcmp($2, "yes")==0);
1101                 free($2);
1102         }
1103         ;
1104 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG
1105         {
1106                 OUTYY(("P(server_harden_glue:%s)\n", $2));
1107                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1108                         yyerror("expected yes or no.");
1109                 else cfg_parser->cfg->harden_glue =
1110                         (strcmp($2, "yes")==0);
1111                 free($2);
1112         }
1113         ;
1114 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG
1115         {
1116                 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2));
1117                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1118                         yyerror("expected yes or no.");
1119                 else cfg_parser->cfg->harden_dnssec_stripped =
1120                         (strcmp($2, "yes")==0);
1121                 free($2);
1122         }
1123         ;
1124 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG
1125         {
1126                 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2));
1127                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1128                         yyerror("expected yes or no.");
1129                 else cfg_parser->cfg->harden_below_nxdomain =
1130                         (strcmp($2, "yes")==0);
1131                 free($2);
1132         }
1133         ;
1134 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG
1135         {
1136                 OUTYY(("P(server_harden_referral_path:%s)\n", $2));
1137                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1138                         yyerror("expected yes or no.");
1139                 else cfg_parser->cfg->harden_referral_path =
1140                         (strcmp($2, "yes")==0);
1141                 free($2);
1142         }
1143         ;
1144 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG
1145         {
1146                 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2));
1147                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1148                         yyerror("expected yes or no.");
1149                 else cfg_parser->cfg->harden_algo_downgrade =
1150                         (strcmp($2, "yes")==0);
1151                 free($2);
1152         }
1153         ;
1154 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG
1155         {
1156                 OUTYY(("P(server_use_caps_for_id:%s)\n", $2));
1157                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1158                         yyerror("expected yes or no.");
1159                 else cfg_parser->cfg->use_caps_bits_for_id =
1160                         (strcmp($2, "yes")==0);
1161                 free($2);
1162         }
1163         ;
1164 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG
1165         {
1166                 OUTYY(("P(server_caps_whitelist:%s)\n", $2));
1167                 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2))
1168                         yyerror("out of memory");
1169         }
1170         ;
1171 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG
1172         {
1173                 OUTYY(("P(server_private_address:%s)\n", $2));
1174                 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2))
1175                         yyerror("out of memory");
1176         }
1177         ;
1178 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG
1179         {
1180                 OUTYY(("P(server_private_domain:%s)\n", $2));
1181                 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2))
1182                         yyerror("out of memory");
1183         }
1184         ;
1185 server_prefetch: VAR_PREFETCH STRING_ARG
1186         {
1187                 OUTYY(("P(server_prefetch:%s)\n", $2));
1188                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1189                         yyerror("expected yes or no.");
1190                 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0);
1191                 free($2);
1192         }
1193         ;
1194 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG
1195         {
1196                 OUTYY(("P(server_prefetch_key:%s)\n", $2));
1197                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1198                         yyerror("expected yes or no.");
1199                 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0);
1200                 free($2);
1201         }
1202         ;
1203 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG
1204         {
1205                 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2));
1206                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1207                         yyerror("number expected");
1208                 else cfg_parser->cfg->unwanted_threshold = atoi($2);
1209                 free($2);
1210         }
1211         ;
1212 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG
1213         {
1214                 OUTYY(("P(server_do_not_query_address:%s)\n", $2));
1215                 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2))
1216                         yyerror("out of memory");
1217         }
1218         ;
1219 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG
1220         {
1221                 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2));
1222                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1223                         yyerror("expected yes or no.");
1224                 else cfg_parser->cfg->donotquery_localhost =
1225                         (strcmp($2, "yes")==0);
1226                 free($2);
1227         }
1228         ;
1229 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG
1230         {
1231                 OUTYY(("P(server_access_control:%s %s)\n", $2, $3));
1232                 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 &&
1233                         strcmp($3, "deny_non_local")!=0 &&
1234                         strcmp($3, "refuse_non_local")!=0 &&
1235                         strcmp($3, "allow")!=0 &&
1236                         strcmp($3, "allow_snoop")!=0) {
1237                         yyerror("expected deny, refuse, deny_non_local, "
1238                                 "refuse_non_local, allow or allow_snoop "
1239                                 "in access control action");
1240                 } else {
1241                         if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3))
1242                                 fatal_exit("out of memory adding acl");
1243                 }
1244         }
1245         ;
1246 server_module_conf: VAR_MODULE_CONF STRING_ARG
1247         {
1248                 OUTYY(("P(server_module_conf:%s)\n", $2));
1249                 free(cfg_parser->cfg->module_conf);
1250                 cfg_parser->cfg->module_conf = $2;
1251         }
1252         ;
1253 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG
1254         {
1255                 OUTYY(("P(server_val_override_date:%s)\n", $2));
1256                 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1257                         cfg_parser->cfg->val_date_override = 0;
1258                 } else if(strlen($2) == 14) {
1259                         cfg_parser->cfg->val_date_override =
1260                                 cfg_convert_timeval($2);
1261                         if(!cfg_parser->cfg->val_date_override)
1262                                 yyerror("bad date/time specification");
1263                 } else {
1264                         if(atoi($2) == 0)
1265                                 yyerror("number expected");
1266                         cfg_parser->cfg->val_date_override = atoi($2);
1267                 }
1268                 free($2);
1269         }
1270         ;
1271 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG
1272         {
1273                 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2));
1274                 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1275                         cfg_parser->cfg->val_sig_skew_min = 0;
1276                 } else {
1277                         cfg_parser->cfg->val_sig_skew_min = atoi($2);
1278                         if(!cfg_parser->cfg->val_sig_skew_min)
1279                                 yyerror("number expected");
1280                 }
1281                 free($2);
1282         }
1283         ;
1284 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG
1285         {
1286                 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2));
1287                 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1288                         cfg_parser->cfg->val_sig_skew_max = 0;
1289                 } else {
1290                         cfg_parser->cfg->val_sig_skew_max = atoi($2);
1291                         if(!cfg_parser->cfg->val_sig_skew_max)
1292                                 yyerror("number expected");
1293                 }
1294                 free($2);
1295         }
1296         ;
1297 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG
1298         {
1299                 OUTYY(("P(server_cache_max_ttl:%s)\n", $2));
1300                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1301                         yyerror("number expected");
1302                 else cfg_parser->cfg->max_ttl = atoi($2);
1303                 free($2);
1304         }
1305         ;
1306 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG
1307         {
1308                 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2));
1309                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1310                         yyerror("number expected");
1311                 else cfg_parser->cfg->max_negative_ttl = atoi($2);
1312                 free($2);
1313         }
1314         ;
1315 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG
1316         {
1317                 OUTYY(("P(server_cache_min_ttl:%s)\n", $2));
1318                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1319                         yyerror("number expected");
1320                 else cfg_parser->cfg->min_ttl = atoi($2);
1321                 free($2);
1322         }
1323         ;
1324 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG
1325         {
1326                 OUTYY(("P(server_bogus_ttl:%s)\n", $2));
1327                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1328                         yyerror("number expected");
1329                 else cfg_parser->cfg->bogus_ttl = atoi($2);
1330                 free($2);
1331         }
1332         ;
1333 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG
1334         {
1335                 OUTYY(("P(server_val_clean_additional:%s)\n", $2));
1336                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1337                         yyerror("expected yes or no.");
1338                 else cfg_parser->cfg->val_clean_additional =
1339                         (strcmp($2, "yes")==0);
1340                 free($2);
1341         }
1342         ;
1343 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG
1344         {
1345                 OUTYY(("P(server_val_permissive_mode:%s)\n", $2));
1346                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1347                         yyerror("expected yes or no.");
1348                 else cfg_parser->cfg->val_permissive_mode =
1349                         (strcmp($2, "yes")==0);
1350                 free($2);
1351         }
1352         ;
1353 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG
1354         {
1355                 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2));
1356                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1357                         yyerror("expected yes or no.");
1358                 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0);
1359                 free($2);
1360         }
1361         ;
1362 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG
1363         {
1364                 OUTYY(("P(server_serve_expired:%s)\n", $2));
1365                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1366                         yyerror("expected yes or no.");
1367                 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0);
1368                 free($2);
1369         }
1370         ;
1371 server_fake_dsa: VAR_FAKE_DSA STRING_ARG
1372         {
1373                 OUTYY(("P(server_fake_dsa:%s)\n", $2));
1374                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1375                         yyerror("expected yes or no.");
1376 #ifdef HAVE_SSL
1377                 else fake_dsa = (strcmp($2, "yes")==0);
1378                 if(fake_dsa)
1379                         log_warn("test option fake_dsa is enabled");
1380 #endif
1381                 free($2);
1382         }
1383         ;
1384 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG
1385         {
1386                 OUTYY(("P(server_fake_sha1:%s)\n", $2));
1387                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1388                         yyerror("expected yes or no.");
1389 #ifdef HAVE_SSL
1390                 else fake_sha1 = (strcmp($2, "yes")==0);
1391                 if(fake_sha1)
1392                         log_warn("test option fake_sha1 is enabled");
1393 #endif
1394                 free($2);
1395         }
1396         ;
1397 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG
1398         {
1399                 OUTYY(("P(server_val_log_level:%s)\n", $2));
1400                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1401                         yyerror("number expected");
1402                 else cfg_parser->cfg->val_log_level = atoi($2);
1403                 free($2);
1404         }
1405         ;
1406 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG
1407         {
1408                 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2));
1409                 free(cfg_parser->cfg->val_nsec3_key_iterations);
1410                 cfg_parser->cfg->val_nsec3_key_iterations = $2;
1411         }
1412         ;
1413 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG
1414         {
1415                 OUTYY(("P(server_add_holddown:%s)\n", $2));
1416                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1417                         yyerror("number expected");
1418                 else cfg_parser->cfg->add_holddown = atoi($2);
1419                 free($2);
1420         }
1421         ;
1422 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG
1423         {
1424                 OUTYY(("P(server_del_holddown:%s)\n", $2));
1425                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1426                         yyerror("number expected");
1427                 else cfg_parser->cfg->del_holddown = atoi($2);
1428                 free($2);
1429         }
1430         ;
1431 server_keep_missing: VAR_KEEP_MISSING STRING_ARG
1432         {
1433                 OUTYY(("P(server_keep_missing:%s)\n", $2));
1434                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1435                         yyerror("number expected");
1436                 else cfg_parser->cfg->keep_missing = atoi($2);
1437                 free($2);
1438         }
1439         ;
1440 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG
1441         {
1442                 OUTYY(("P(server_permit_small_holddown:%s)\n", $2));
1443                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1444                         yyerror("expected yes or no.");
1445                 else cfg_parser->cfg->permit_small_holddown =
1446                         (strcmp($2, "yes")==0);
1447                 free($2);
1448         }
1449 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG
1450         {
1451                 OUTYY(("P(server_key_cache_size:%s)\n", $2));
1452                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size))
1453                         yyerror("memory size expected");
1454                 free($2);
1455         }
1456         ;
1457 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG
1458         {
1459                 OUTYY(("P(server_key_cache_slabs:%s)\n", $2));
1460                 if(atoi($2) == 0)
1461                         yyerror("number expected");
1462                 else {
1463                         cfg_parser->cfg->key_cache_slabs = atoi($2);
1464                         if(!is_pow2(cfg_parser->cfg->key_cache_slabs))
1465                                 yyerror("must be a power of 2");
1466                 }
1467                 free($2);
1468         }
1469         ;
1470 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG
1471         {
1472                 OUTYY(("P(server_neg_cache_size:%s)\n", $2));
1473                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size))
1474                         yyerror("memory size expected");
1475                 free($2);
1476         }
1477         ;
1478 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
1479         {
1480                 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3));
1481                 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
1482                    strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
1483                    strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
1484                    && strcmp($3, "typetransparent")!=0
1485                    && strcmp($3, "always_transparent")!=0
1486                    && strcmp($3, "always_refuse")!=0
1487                    && strcmp($3, "always_nxdomain")!=0
1488                    && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
1489                         yyerror("local-zone type: expected static, deny, "
1490                                 "refuse, redirect, transparent, "
1491                                 "typetransparent, inform, inform_deny, "
1492                                 "always_transparent, always_refuse, "
1493                                 "always_nxdomain or nodefault");
1494                 else if(strcmp($3, "nodefault")==0) {
1495                         if(!cfg_strlist_insert(&cfg_parser->cfg->
1496                                 local_zones_nodefault, $2))
1497                                 fatal_exit("out of memory adding local-zone");
1498                         free($3);
1499                 } else {
1500                         if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones,
1501                                 $2, $3))
1502                                 fatal_exit("out of memory adding local-zone");
1503                 }
1504         }
1505         ;
1506 server_local_data: VAR_LOCAL_DATA STRING_ARG
1507         {
1508                 OUTYY(("P(server_local_data:%s)\n", $2));
1509                 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2))
1510                         fatal_exit("out of memory adding local-data");
1511         }
1512         ;
1513 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
1514         {
1515                 char* ptr;
1516                 OUTYY(("P(server_local_data_ptr:%s)\n", $2));
1517                 ptr = cfg_ptr_reverse($2);
1518                 free($2);
1519                 if(ptr) {
1520                         if(!cfg_strlist_insert(&cfg_parser->cfg->
1521                                 local_data, ptr))
1522                                 fatal_exit("out of memory adding local-data");
1523                 } else {
1524                         yyerror("local-data-ptr could not be reversed");
1525                 }
1526         }
1527         ;
1528 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG
1529         {
1530                 OUTYY(("P(server_minimal_responses:%s)\n", $2));
1531                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1532                         yyerror("expected yes or no.");
1533                 else cfg_parser->cfg->minimal_responses =
1534                         (strcmp($2, "yes")==0);
1535                 free($2);
1536         }
1537         ;
1538 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG
1539         {
1540                 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2));
1541                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1542                         yyerror("expected yes or no.");
1543                 else cfg_parser->cfg->rrset_roundrobin =
1544                         (strcmp($2, "yes")==0);
1545                 free($2);
1546         }
1547         ;
1548 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG
1549         {
1550                 OUTYY(("P(server_max_udp_size:%s)\n", $2));
1551                 cfg_parser->cfg->max_udp_size = atoi($2);
1552                 free($2);
1553         }
1554         ;
1555 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG
1556         {
1557                 OUTYY(("P(dns64_prefix:%s)\n", $2));
1558                 free(cfg_parser->cfg->dns64_prefix);
1559                 cfg_parser->cfg->dns64_prefix = $2;
1560         }
1561         ;
1562 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG
1563         {
1564                 OUTYY(("P(server_dns64_synthall:%s)\n", $2));
1565                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1566                         yyerror("expected yes or no.");
1567                 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0);
1568                 free($2);
1569         }
1570         ;
1571 server_define_tag: VAR_DEFINE_TAG STRING_ARG
1572         {
1573                 char* p, *s = $2;
1574                 OUTYY(("P(server_define_tag:%s)\n", $2));
1575                 while((p=strsep(&s, " \t\n")) != NULL) {
1576                         if(*p) {
1577                                 if(!config_add_tag(cfg_parser->cfg, p))
1578                                         yyerror("could not define-tag, "
1579                                                 "out of memory");
1580                         }
1581                 }
1582                 free($2);
1583         }
1584         ;
1585 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG
1586         {
1587                 size_t len = 0;
1588                 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1589                         &len);
1590                 free($3);
1591                 OUTYY(("P(server_local_zone_tag:%s)\n", $2));
1592                 if(!bitlist)
1593                         yyerror("could not parse tags, (define-tag them first)");
1594                 if(bitlist) {
1595                         if(!cfg_strbytelist_insert(
1596                                 &cfg_parser->cfg->local_zone_tags,
1597                                 $2, bitlist, len)) {
1598                                 yyerror("out of memory");
1599                                 free($2);
1600                         }
1601                 }
1602         }
1603         ;
1604 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG
1605         {
1606                 size_t len = 0;
1607                 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1608                         &len);
1609                 free($3);
1610                 OUTYY(("P(server_access_control_tag:%s)\n", $2));
1611                 if(!bitlist)
1612                         yyerror("could not parse tags, (define-tag them first)");
1613                 if(bitlist) {
1614                         if(!cfg_strbytelist_insert(
1615                                 &cfg_parser->cfg->acl_tags,
1616                                 $2, bitlist, len)) {
1617                                 yyerror("out of memory");
1618                                 free($2);
1619                         }
1620                 }
1621         }
1622         ;
1623 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG
1624         {
1625                 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4));
1626                 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions,
1627                         $2, $3, $4)) {
1628                         yyerror("out of memory");
1629                         free($2);
1630                         free($3);
1631                         free($4);
1632                 }
1633         }
1634         ;
1635 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG
1636         {
1637                 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4));
1638                 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas,
1639                         $2, $3, $4)) {
1640                         yyerror("out of memory");
1641                         free($2);
1642                         free($3);
1643                         free($4);
1644                 }
1645         }
1646         ;
1647 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG
1648         {
1649                 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4));
1650                 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides,
1651                         $2, $3, $4)) {
1652                         yyerror("out of memory");
1653                         free($2);
1654                         free($3);
1655                         free($4);
1656                 }
1657         }
1658         ;
1659 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG
1660         {
1661                 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3));
1662                 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view,
1663                         $2, $3)) {
1664                         yyerror("out of memory");
1665                         free($2);
1666                         free($3);
1667                 }
1668         }
1669         ;
1670 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG
1671         {
1672                 size_t len = 0;
1673                 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1674                         &len);
1675                 free($3);
1676                 OUTYY(("P(response_ip_tag:%s)\n", $2));
1677                 if(!bitlist)
1678                         yyerror("could not parse tags, (define-tag them first)");
1679                 if(bitlist) {
1680                         if(!cfg_strbytelist_insert(
1681                                 &cfg_parser->cfg->respip_tags,
1682                                 $2, bitlist, len)) {
1683                                 yyerror("out of memory");
1684                                 free($2);
1685                         }
1686                 }
1687         }
1688         ;
1689 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG
1690         {
1691                 OUTYY(("P(server_ip_ratelimit:%s)\n", $2));
1692                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1693                         yyerror("number expected");
1694                 else cfg_parser->cfg->ip_ratelimit = atoi($2);
1695                 free($2);
1696         }
1697         ;
1698
1699 server_ratelimit: VAR_RATELIMIT STRING_ARG
1700         {
1701                 OUTYY(("P(server_ratelimit:%s)\n", $2));
1702                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1703                         yyerror("number expected");
1704                 else cfg_parser->cfg->ratelimit = atoi($2);
1705                 free($2);
1706         }
1707         ;
1708 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG
1709   {
1710         OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2));
1711         if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size))
1712                 yyerror("memory size expected");
1713         free($2);
1714   }
1715   ;
1716 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG
1717         {
1718                 OUTYY(("P(server_ratelimit_size:%s)\n", $2));
1719                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size))
1720                         yyerror("memory size expected");
1721                 free($2);
1722         }
1723         ;
1724 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG
1725   {
1726         OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2));
1727         if(atoi($2) == 0)
1728                 yyerror("number expected");
1729         else {
1730                 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2);
1731                 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs))
1732                         yyerror("must be a power of 2");
1733         }
1734         free($2);
1735   }
1736   ;
1737 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG
1738         {
1739                 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2));
1740                 if(atoi($2) == 0)
1741                         yyerror("number expected");
1742                 else {
1743                         cfg_parser->cfg->ratelimit_slabs = atoi($2);
1744                         if(!is_pow2(cfg_parser->cfg->ratelimit_slabs))
1745                                 yyerror("must be a power of 2");
1746                 }
1747                 free($2);
1748         }
1749         ;
1750 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG
1751         {
1752                 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3));
1753                 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1754                         yyerror("number expected");
1755                 } else {
1756                         if(!cfg_str2list_insert(&cfg_parser->cfg->
1757                                 ratelimit_for_domain, $2, $3))
1758                                 fatal_exit("out of memory adding "
1759                                         "ratelimit-for-domain");
1760                 }
1761         }
1762         ;
1763 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG
1764         {
1765                 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3));
1766                 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1767                         yyerror("number expected");
1768                 } else {
1769                         if(!cfg_str2list_insert(&cfg_parser->cfg->
1770                                 ratelimit_below_domain, $2, $3))
1771                                 fatal_exit("out of memory adding "
1772                                         "ratelimit-below-domain");
1773                 }
1774         }
1775         ;
1776 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG
1777   {
1778         OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2));
1779         if(atoi($2) == 0 && strcmp($2, "0") != 0)
1780                 yyerror("number expected");
1781         else cfg_parser->cfg->ip_ratelimit_factor = atoi($2);
1782         free($2);
1783         }
1784         ;
1785 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG
1786         {
1787                 OUTYY(("P(server_ratelimit_factor:%s)\n", $2));
1788                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1789                         yyerror("number expected");
1790                 else cfg_parser->cfg->ratelimit_factor = atoi($2);
1791                 free($2);
1792         }
1793         ;
1794 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG
1795         {
1796                 OUTYY(("P(server_qname_minimisation:%s)\n", $2));
1797                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1798                         yyerror("expected yes or no.");
1799                 else cfg_parser->cfg->qname_minimisation =
1800                         (strcmp($2, "yes")==0);
1801                 free($2);
1802         }
1803         ;
1804 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG
1805         {
1806                 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2));
1807                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1808                         yyerror("expected yes or no.");
1809                 else cfg_parser->cfg->qname_minimisation_strict =
1810                         (strcmp($2, "yes")==0);
1811                 free($2);
1812         }
1813         ;
1814 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG
1815         {
1816         #ifdef USE_IPSECMOD
1817                 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2));
1818                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1819                         yyerror("expected yes or no.");
1820                 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0);
1821                 free($2);
1822         #else
1823                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1824         #endif
1825         }
1826         ;
1827 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG
1828         {
1829         #ifdef USE_IPSECMOD
1830                 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2));
1831                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1832                         yyerror("expected yes or no.");
1833                 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0);
1834                 free($2);
1835         #else
1836                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1837         #endif
1838         }
1839         ;
1840 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG
1841         {
1842         #ifdef USE_IPSECMOD
1843                 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2));
1844                 free(cfg_parser->cfg->ipsecmod_hook);
1845                 cfg_parser->cfg->ipsecmod_hook = $2;
1846         #else
1847                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1848         #endif
1849         }
1850         ;
1851 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG
1852         {
1853         #ifdef USE_IPSECMOD
1854                 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2));
1855                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1856                         yyerror("number expected");
1857                 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2);
1858                 free($2);
1859         #else
1860                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1861         #endif
1862         }
1863         ;
1864 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG
1865         {
1866         #ifdef USE_IPSECMOD
1867                 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2));
1868                 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2))
1869                         yyerror("out of memory");
1870         #else
1871                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1872         #endif
1873         }
1874         ;
1875 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG
1876         {
1877         #ifdef USE_IPSECMOD
1878                 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2));
1879                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1880                         yyerror("expected yes or no.");
1881                 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0);
1882                 free($2);
1883         #else
1884                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1885         #endif
1886         }
1887         ;
1888 stub_name: VAR_NAME STRING_ARG
1889         {
1890                 OUTYY(("P(name:%s)\n", $2));
1891                 if(cfg_parser->cfg->stubs->name)
1892                         yyerror("stub name override, there must be one name "
1893                                 "for one stub-zone");
1894                 free(cfg_parser->cfg->stubs->name);
1895                 cfg_parser->cfg->stubs->name = $2;
1896         }
1897         ;
1898 stub_host: VAR_STUB_HOST STRING_ARG
1899         {
1900                 OUTYY(("P(stub-host:%s)\n", $2));
1901                 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2))
1902                         yyerror("out of memory");
1903         }
1904         ;
1905 stub_addr: VAR_STUB_ADDR STRING_ARG
1906         {
1907                 OUTYY(("P(stub-addr:%s)\n", $2));
1908                 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2))
1909                         yyerror("out of memory");
1910         }
1911         ;
1912 stub_first: VAR_STUB_FIRST STRING_ARG
1913         {
1914                 OUTYY(("P(stub-first:%s)\n", $2));
1915                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1916                         yyerror("expected yes or no.");
1917                 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0);
1918                 free($2);
1919         }
1920         ;
1921 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG
1922         {
1923                 OUTYY(("P(stub-ssl-upstream:%s)\n", $2));
1924                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1925                         yyerror("expected yes or no.");
1926                 else cfg_parser->cfg->stubs->ssl_upstream =
1927                         (strcmp($2, "yes")==0);
1928                 free($2);
1929         }
1930         ;
1931 stub_prime: VAR_STUB_PRIME STRING_ARG
1932         {
1933                 OUTYY(("P(stub-prime:%s)\n", $2));
1934                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1935                         yyerror("expected yes or no.");
1936                 else cfg_parser->cfg->stubs->isprime =
1937                         (strcmp($2, "yes")==0);
1938                 free($2);
1939         }
1940         ;
1941 forward_name: VAR_NAME STRING_ARG
1942         {
1943                 OUTYY(("P(name:%s)\n", $2));
1944                 if(cfg_parser->cfg->forwards->name)
1945                         yyerror("forward name override, there must be one "
1946                                 "name for one forward-zone");
1947                 free(cfg_parser->cfg->forwards->name);
1948                 cfg_parser->cfg->forwards->name = $2;
1949         }
1950         ;
1951 forward_host: VAR_FORWARD_HOST STRING_ARG
1952         {
1953                 OUTYY(("P(forward-host:%s)\n", $2));
1954                 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2))
1955                         yyerror("out of memory");
1956         }
1957         ;
1958 forward_addr: VAR_FORWARD_ADDR STRING_ARG
1959         {
1960                 OUTYY(("P(forward-addr:%s)\n", $2));
1961                 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2))
1962                         yyerror("out of memory");
1963         }
1964         ;
1965 forward_first: VAR_FORWARD_FIRST STRING_ARG
1966         {
1967                 OUTYY(("P(forward-first:%s)\n", $2));
1968                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1969                         yyerror("expected yes or no.");
1970                 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0);
1971                 free($2);
1972         }
1973         ;
1974 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG
1975         {
1976                 OUTYY(("P(forward-ssl-upstream:%s)\n", $2));
1977                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1978                         yyerror("expected yes or no.");
1979                 else cfg_parser->cfg->forwards->ssl_upstream =
1980                         (strcmp($2, "yes")==0);
1981                 free($2);
1982         }
1983         ;
1984 view_name: VAR_NAME STRING_ARG
1985         {
1986                 OUTYY(("P(name:%s)\n", $2));
1987                 if(cfg_parser->cfg->views->name)
1988                         yyerror("view name override, there must be one "
1989                                 "name for one view");
1990                 free(cfg_parser->cfg->views->name);
1991                 cfg_parser->cfg->views->name = $2;
1992         }
1993         ;
1994 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
1995         {
1996                 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3));
1997                 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
1998                    strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
1999                    strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
2000                    && strcmp($3, "typetransparent")!=0
2001                    && strcmp($3, "always_transparent")!=0
2002                    && strcmp($3, "always_refuse")!=0
2003                    && strcmp($3, "always_nxdomain")!=0
2004                    && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
2005                         yyerror("local-zone type: expected static, deny, "
2006                                 "refuse, redirect, transparent, "
2007                                 "typetransparent, inform, inform_deny, "
2008                                 "always_transparent, always_refuse, "
2009                                 "always_nxdomain or nodefault");
2010                 else if(strcmp($3, "nodefault")==0) {
2011                         if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2012                                 local_zones_nodefault, $2))
2013                                 fatal_exit("out of memory adding local-zone");
2014                         free($3);
2015                 } else {
2016                         if(!cfg_str2list_insert(
2017                                 &cfg_parser->cfg->views->local_zones,
2018                                 $2, $3))
2019                                 fatal_exit("out of memory adding local-zone");
2020                 }
2021         }
2022         ;
2023 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2024         {
2025                 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3));
2026                 validate_respip_action($3);
2027                 if(!cfg_str2list_insert(
2028                         &cfg_parser->cfg->views->respip_actions, $2, $3))
2029                         fatal_exit("out of memory adding per-view "
2030                                 "response-ip action");
2031         }
2032         ;
2033 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2034         {
2035                 OUTYY(("P(view_response_ip_data:%s)\n", $2));
2036                 if(!cfg_str2list_insert(
2037                         &cfg_parser->cfg->views->respip_data, $2, $3))
2038                         fatal_exit("out of memory adding response-ip-data");
2039         }
2040         ;
2041 view_local_data: VAR_LOCAL_DATA STRING_ARG
2042         {
2043                 OUTYY(("P(view_local_data:%s)\n", $2));
2044                 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) {
2045                         fatal_exit("out of memory adding local-data");
2046                         free($2);
2047                 }
2048         }
2049         ;
2050 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
2051         {
2052                 char* ptr;
2053                 OUTYY(("P(view_local_data_ptr:%s)\n", $2));
2054                 ptr = cfg_ptr_reverse($2);
2055                 free($2);
2056                 if(ptr) {
2057                         if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2058                                 local_data, ptr))
2059                                 fatal_exit("out of memory adding local-data");
2060                 } else {
2061                         yyerror("local-data-ptr could not be reversed");
2062                 }
2063         }
2064         ;
2065 view_first: VAR_VIEW_FIRST STRING_ARG
2066         {
2067                 OUTYY(("P(view-first:%s)\n", $2));
2068                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2069                         yyerror("expected yes or no.");
2070                 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0);
2071                 free($2);
2072         }
2073         ;
2074 rcstart: VAR_REMOTE_CONTROL
2075         {
2076                 OUTYY(("\nP(remote-control:)\n"));
2077         }
2078         ;
2079 contents_rc: contents_rc content_rc
2080         | ;
2081 content_rc: rc_control_enable | rc_control_interface | rc_control_port |
2082         rc_server_key_file | rc_server_cert_file | rc_control_key_file |
2083         rc_control_cert_file | rc_control_use_cert
2084         ;
2085 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG
2086         {
2087                 OUTYY(("P(control_enable:%s)\n", $2));
2088                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2089                         yyerror("expected yes or no.");
2090                 else cfg_parser->cfg->remote_control_enable =
2091                         (strcmp($2, "yes")==0);
2092                 free($2);
2093         }
2094         ;
2095 rc_control_port: VAR_CONTROL_PORT STRING_ARG
2096         {
2097                 OUTYY(("P(control_port:%s)\n", $2));
2098                 if(atoi($2) == 0)
2099                         yyerror("control port number expected");
2100                 else cfg_parser->cfg->control_port = atoi($2);
2101                 free($2);
2102         }
2103         ;
2104 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG
2105         {
2106                 OUTYY(("P(control_interface:%s)\n", $2));
2107                 if(!cfg_strlist_insert(&cfg_parser->cfg->control_ifs, $2))
2108                         yyerror("out of memory");
2109         }
2110         ;
2111 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG
2112         {
2113                 OUTYY(("P(control_use_cert:%s)\n", $2));
2114                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2115                         yyerror("expected yes or no.");
2116                 else cfg_parser->cfg->remote_control_use_cert =
2117                         (strcmp($2, "yes")==0);
2118                 free($2);
2119         }
2120         ;
2121 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG
2122         {
2123                 OUTYY(("P(rc_server_key_file:%s)\n", $2));
2124                 free(cfg_parser->cfg->server_key_file);
2125                 cfg_parser->cfg->server_key_file = $2;
2126         }
2127         ;
2128 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG
2129         {
2130                 OUTYY(("P(rc_server_cert_file:%s)\n", $2));
2131                 free(cfg_parser->cfg->server_cert_file);
2132                 cfg_parser->cfg->server_cert_file = $2;
2133         }
2134         ;
2135 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG
2136         {
2137                 OUTYY(("P(rc_control_key_file:%s)\n", $2));
2138                 free(cfg_parser->cfg->control_key_file);
2139                 cfg_parser->cfg->control_key_file = $2;
2140         }
2141         ;
2142 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG
2143         {
2144                 OUTYY(("P(rc_control_cert_file:%s)\n", $2));
2145                 free(cfg_parser->cfg->control_cert_file);
2146                 cfg_parser->cfg->control_cert_file = $2;
2147         }
2148         ;
2149 dtstart: VAR_DNSTAP
2150         {
2151                 OUTYY(("\nP(dnstap:)\n"));
2152         }
2153         ;
2154 contents_dt: contents_dt content_dt
2155         | ;
2156 content_dt: dt_dnstap_enable | dt_dnstap_socket_path |
2157         dt_dnstap_send_identity | dt_dnstap_send_version |
2158         dt_dnstap_identity | dt_dnstap_version |
2159         dt_dnstap_log_resolver_query_messages |
2160         dt_dnstap_log_resolver_response_messages |
2161         dt_dnstap_log_client_query_messages |
2162         dt_dnstap_log_client_response_messages |
2163         dt_dnstap_log_forwarder_query_messages |
2164         dt_dnstap_log_forwarder_response_messages
2165         ;
2166 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG
2167         {
2168                 OUTYY(("P(dt_dnstap_enable:%s)\n", $2));
2169                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2170                         yyerror("expected yes or no.");
2171                 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0);
2172         }
2173         ;
2174 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG
2175         {
2176                 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2));
2177                 free(cfg_parser->cfg->dnstap_socket_path);
2178                 cfg_parser->cfg->dnstap_socket_path = $2;
2179         }
2180         ;
2181 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG
2182         {
2183                 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2));
2184                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2185                         yyerror("expected yes or no.");
2186                 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0);
2187         }
2188         ;
2189 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG
2190         {
2191                 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2));
2192                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2193                         yyerror("expected yes or no.");
2194                 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0);
2195         }
2196         ;
2197 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG
2198         {
2199                 OUTYY(("P(dt_dnstap_identity:%s)\n", $2));
2200                 free(cfg_parser->cfg->dnstap_identity);
2201                 cfg_parser->cfg->dnstap_identity = $2;
2202         }
2203         ;
2204 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG
2205         {
2206                 OUTYY(("P(dt_dnstap_version:%s)\n", $2));
2207                 free(cfg_parser->cfg->dnstap_version);
2208                 cfg_parser->cfg->dnstap_version = $2;
2209         }
2210         ;
2211 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG
2212         {
2213                 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2));
2214                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2215                         yyerror("expected yes or no.");
2216                 else cfg_parser->cfg->dnstap_log_resolver_query_messages =
2217                         (strcmp($2, "yes")==0);
2218         }
2219         ;
2220 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG
2221         {
2222                 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2));
2223                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2224                         yyerror("expected yes or no.");
2225                 else cfg_parser->cfg->dnstap_log_resolver_response_messages =
2226                         (strcmp($2, "yes")==0);
2227         }
2228         ;
2229 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG
2230         {
2231                 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2));
2232                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2233                         yyerror("expected yes or no.");
2234                 else cfg_parser->cfg->dnstap_log_client_query_messages =
2235                         (strcmp($2, "yes")==0);
2236         }
2237         ;
2238 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG
2239         {
2240                 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2));
2241                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2242                         yyerror("expected yes or no.");
2243                 else cfg_parser->cfg->dnstap_log_client_response_messages =
2244                         (strcmp($2, "yes")==0);
2245         }
2246         ;
2247 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG
2248         {
2249                 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2));
2250                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2251                         yyerror("expected yes or no.");
2252                 else cfg_parser->cfg->dnstap_log_forwarder_query_messages =
2253                         (strcmp($2, "yes")==0);
2254         }
2255         ;
2256 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG
2257         {
2258                 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2));
2259                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2260                         yyerror("expected yes or no.");
2261                 else cfg_parser->cfg->dnstap_log_forwarder_response_messages =
2262                         (strcmp($2, "yes")==0);
2263         }
2264         ;
2265 pythonstart: VAR_PYTHON
2266         {
2267                 OUTYY(("\nP(python:)\n"));
2268         }
2269         ;
2270 contents_py: contents_py content_py
2271         | ;
2272 content_py: py_script
2273         ;
2274 py_script: VAR_PYTHON_SCRIPT STRING_ARG
2275         {
2276                 OUTYY(("P(python-script:%s)\n", $2));
2277                 free(cfg_parser->cfg->python_script);
2278                 cfg_parser->cfg->python_script = $2;
2279         }
2280 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG
2281         {
2282                 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2));
2283                 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2284                         yyerror("expected yes or no.");
2285                 else cfg_parser->cfg->disable_dnssec_lame_check =
2286                         (strcmp($2, "yes")==0);
2287                 free($2);
2288         }
2289         ;
2290 server_log_identity: VAR_LOG_IDENTITY STRING_ARG
2291         {
2292                 OUTYY(("P(server_log_identity:%s)\n", $2));
2293                 free(cfg_parser->cfg->log_identity);
2294                 cfg_parser->cfg->log_identity = $2;
2295         }
2296         ;
2297 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2298         {
2299                 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3));
2300                 validate_respip_action($3);
2301                 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions,
2302                         $2, $3))
2303                         fatal_exit("out of memory adding response-ip");
2304         }
2305         ;
2306 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2307         {
2308                 OUTYY(("P(server_response_ip_data:%s)\n", $2));
2309                         if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data,
2310                                 $2, $3))
2311                                 fatal_exit("out of memory adding response-ip-data");
2312         }
2313         ;
2314 dnscstart: VAR_DNSCRYPT
2315         {
2316                 OUTYY(("\nP(dnscrypt:)\n"));
2317                 OUTYY(("\nP(dnscrypt:)\n"));
2318         }
2319         ;
2320 contents_dnsc: contents_dnsc content_dnsc
2321         | ;
2322 content_dnsc:
2323         dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider |
2324         dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert
2325         ;
2326 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG
2327         {
2328                 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2));
2329                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2330                         yyerror("expected yes or no.");
2331                 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0);
2332                 free($2);
2333         }
2334         ;
2335
2336 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG
2337         {
2338                 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2));
2339
2340                 if(atoi($2) == 0)
2341                         yyerror("port number expected");
2342                 else cfg_parser->cfg->dnscrypt_port = atoi($2);
2343                 free($2);
2344         }
2345         ;
2346 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG
2347         {
2348                 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2));
2349                 free(cfg_parser->cfg->dnscrypt_provider);
2350                 cfg_parser->cfg->dnscrypt_provider = $2;
2351         }
2352         ;
2353 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG
2354         {
2355                 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2));
2356                 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2))
2357                         fatal_exit("out of memory adding dnscrypt-provider-cert");
2358         }
2359         ;
2360 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG
2361         {
2362                 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2));
2363                 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2))
2364                         fatal_exit("out of memory adding dnscrypt-secret-key");
2365         }
2366         ;
2367 %%
2368
2369 /* parse helper routines could be here */
2370 static void
2371 validate_respip_action(const char* action)
2372 {
2373         if(strcmp(action, "deny")!=0 &&
2374                 strcmp(action, "redirect")!=0 &&
2375                 strcmp(action, "inform")!=0 &&
2376                 strcmp(action, "inform_deny")!=0 &&
2377                 strcmp(action, "always_transparent")!=0 &&
2378                 strcmp(action, "always_refuse")!=0 &&
2379                 strcmp(action, "always_nxdomain")!=0)
2380         {
2381                 yyerror("response-ip action: expected deny, redirect, "
2382                         "inform, inform_deny, always_transparent, "
2383                         "always_refuse or always_nxdomain");
2384         }
2385 }