2 * configparser.y -- yacc grammar for unbound configuration files
4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
6 * Copyright (c) 2007, NLnet Labs. All rights reserved.
8 * This software is open source.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
14 * Redistributions of source code must retain the above copyright notice,
15 * this list of conditions and the following disclaimer.
17 * Redistributions in binary form must reproduce the above copyright notice,
18 * this list of conditions and the following disclaimer in the documentation
19 * and/or other materials provided with the distribution.
21 * Neither the name of the NLNET LABS nor the names of its contributors may
22 * be used to endorse or promote products derived from this software without
23 * specific prior written permission.
25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
47 #include "util/configyyrename.h"
48 #include "util/config_file.h"
49 #include "util/net_help.h"
52 void ub_c_error(const char *message);
54 static void validate_respip_action(const char* action);
56 /* these need to be global, otherwise they cannot be used inside yacc */
57 extern struct config_parser_state* cfg_parser;
60 #define OUTYY(s) printf s /* used ONLY when debugging */
70 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR
71 %token <str> STRING_ARG
72 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT
73 %token VAR_OUTGOING_RANGE VAR_INTERFACE
74 %token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP
75 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS
76 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE
77 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD
78 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP
79 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS
80 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME
81 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY
82 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES
83 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR
84 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION
85 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF
86 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE
87 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE
88 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE
89 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE
90 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG
91 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST
92 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL
93 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC
94 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID
95 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT
96 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR
97 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS
98 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE
99 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE
100 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE
101 %token VAR_CONTROL_USE_CERT
102 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT
103 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII
104 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN
105 %token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL
106 %token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN
107 %token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH
108 %token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN
109 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES
110 %token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
111 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST
112 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM
113 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN
114 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE
115 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES
116 %token VAR_INFRA_CACHE_MIN_RTT
117 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL
118 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH
119 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION
120 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION
121 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES
122 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES
123 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES
124 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES
125 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES
126 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES
127 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA
128 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT
129 %token VAR_DISABLE_DNSSEC_LAME_CHECK
130 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE
131 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE
132 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN
133 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR
134 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE
135 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE
136 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6
137 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN
138 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND
139 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG
140 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION
141 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW
142 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_FAKE_DSA VAR_FAKE_SHA1
143 %token VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR VAR_TRUST_ANCHOR_SIGNALING
144 %token VAR_USE_SYSTEMD VAR_SHM_ENABLE VAR_SHM_KEY
145 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER
146 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT
147 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS
148 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT
151 toplevelvars: /* empty */ | toplevelvars toplevelvar ;
152 toplevelvar: serverstart contents_server | stubstart contents_stub |
153 forwardstart contents_forward | pythonstart contents_py |
154 rcstart contents_rc | dtstart contents_dt | viewstart
156 dnscstart contents_dnsc
159 /* server: declaration */
160 serverstart: VAR_SERVER
162 OUTYY(("\nP(server:)\n"));
165 contents_server: contents_server content_server
167 content_server: server_num_threads | server_verbosity | server_port |
168 server_outgoing_range | server_do_ip4 |
169 server_do_ip6 | server_prefer_ip6 |
170 server_do_udp | server_do_tcp |
171 server_tcp_mss | server_outgoing_tcp_mss |
172 server_interface | server_chroot | server_username |
173 server_directory | server_logfile | server_pidfile |
174 server_msg_cache_size | server_msg_cache_slabs |
175 server_num_queries_per_thread | server_rrset_cache_size |
176 server_rrset_cache_slabs | server_outgoing_num_tcp |
177 server_infra_host_ttl | server_infra_lame_ttl |
178 server_infra_cache_slabs | server_infra_cache_numhosts |
179 server_infra_cache_lame_size | server_target_fetch_policy |
180 server_harden_short_bufsize | server_harden_large_queries |
181 server_do_not_query_address | server_hide_identity |
182 server_hide_version | server_identity | server_version |
183 server_harden_glue | server_module_conf | server_trust_anchor_file |
184 server_trust_anchor | server_val_override_date | server_bogus_ttl |
185 server_val_clean_additional | server_val_permissive_mode |
186 server_incoming_num_tcp | server_msg_buffer_size |
187 server_key_cache_size | server_key_cache_slabs |
188 server_trusted_keys_file | server_val_nsec3_keysize_iterations |
189 server_use_syslog | server_outgoing_interface | server_root_hints |
190 server_do_not_query_localhost | server_cache_max_ttl |
191 server_harden_dnssec_stripped | server_access_control |
192 server_local_zone | server_local_data | server_interface_automatic |
193 server_statistics_interval | server_do_daemonize |
194 server_use_caps_for_id | server_statistics_cumulative |
195 server_outgoing_port_permit | server_outgoing_port_avoid |
196 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size |
197 server_harden_referral_path | server_private_address |
198 server_private_domain | server_extended_statistics |
199 server_local_data_ptr | server_jostle_timeout |
200 server_unwanted_reply_threshold | server_log_time_ascii |
201 server_domain_insecure | server_val_sig_skew_min |
202 server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level |
203 server_auto_trust_anchor_file | server_add_holddown |
204 server_del_holddown | server_keep_missing | server_so_rcvbuf |
205 server_edns_buffer_size | server_prefetch | server_prefetch_key |
206 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag |
207 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream |
208 server_ssl_service_key | server_ssl_service_pem | server_ssl_port |
209 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size |
210 server_so_reuseport | server_delay_close |
211 server_unblock_lan_zones | server_insecure_lan_zones |
212 server_dns64_prefix | server_dns64_synthall |
213 server_infra_cache_min_rtt | server_harden_algo_downgrade |
214 server_ip_transparent | server_ip_ratelimit | server_ratelimit |
215 server_ip_ratelimit_slabs | server_ratelimit_slabs |
216 server_ip_ratelimit_size | server_ratelimit_size |
217 server_ratelimit_for_domain |
218 server_ratelimit_below_domain | server_ratelimit_factor |
219 server_ip_ratelimit_factor | server_send_client_subnet |
220 server_client_subnet_zone | server_client_subnet_always_forward |
221 server_client_subnet_opcode |
222 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 |
223 server_caps_whitelist | server_cache_max_negative_ttl |
224 server_permit_small_holddown | server_qname_minimisation |
225 server_ip_freebind | server_define_tag | server_local_zone_tag |
226 server_disable_dnssec_lame_check | server_access_control_tag |
227 server_local_zone_override | server_access_control_tag_action |
228 server_access_control_tag_data | server_access_control_view |
229 server_qname_minimisation_strict | server_serve_expired |
230 server_fake_dsa | server_log_identity | server_use_systemd |
231 server_response_ip_tag | server_response_ip | server_response_ip_data |
232 server_shm_enable | server_shm_key | server_fake_sha1 |
233 server_hide_trustanchor | server_trust_anchor_signaling |
234 server_ipsecmod_enabled | server_ipsecmod_hook |
235 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl |
236 server_ipsecmod_whitelist | server_ipsecmod_strict
238 stubstart: VAR_STUB_ZONE
240 struct config_stub* s;
241 OUTYY(("\nP(stub_zone:)\n"));
242 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
244 s->next = cfg_parser->cfg->stubs;
245 cfg_parser->cfg->stubs = s;
247 yyerror("out of memory");
250 contents_stub: contents_stub content_stub
252 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first |
255 forwardstart: VAR_FORWARD_ZONE
257 struct config_stub* s;
258 OUTYY(("\nP(forward_zone:)\n"));
259 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
261 s->next = cfg_parser->cfg->forwards;
262 cfg_parser->cfg->forwards = s;
264 yyerror("out of memory");
267 contents_forward: contents_forward content_forward
269 content_forward: forward_name | forward_host | forward_addr | forward_first |
274 struct config_view* s;
275 OUTYY(("\nP(view:)\n"));
276 s = (struct config_view*)calloc(1, sizeof(struct config_view));
278 s->next = cfg_parser->cfg->views;
279 if(s->next && !s->next->name)
280 yyerror("view without name");
281 cfg_parser->cfg->views = s;
283 yyerror("out of memory");
286 contents_view: contents_view content_view
288 content_view: view_name | view_local_zone | view_local_data | view_first |
289 view_response_ip | view_response_ip_data | view_local_data_ptr
291 server_num_threads: VAR_NUM_THREADS STRING_ARG
293 OUTYY(("P(server_num_threads:%s)\n", $2));
294 if(atoi($2) == 0 && strcmp($2, "0") != 0)
295 yyerror("number expected");
296 else cfg_parser->cfg->num_threads = atoi($2);
300 server_verbosity: VAR_VERBOSITY STRING_ARG
302 OUTYY(("P(server_verbosity:%s)\n", $2));
303 if(atoi($2) == 0 && strcmp($2, "0") != 0)
304 yyerror("number expected");
305 else cfg_parser->cfg->verbosity = atoi($2);
309 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG
311 OUTYY(("P(server_statistics_interval:%s)\n", $2));
312 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
313 cfg_parser->cfg->stat_interval = 0;
314 else if(atoi($2) == 0)
315 yyerror("number expected");
316 else cfg_parser->cfg->stat_interval = atoi($2);
320 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG
322 OUTYY(("P(server_statistics_cumulative:%s)\n", $2));
323 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
324 yyerror("expected yes or no.");
325 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0);
329 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG
331 OUTYY(("P(server_extended_statistics:%s)\n", $2));
332 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
333 yyerror("expected yes or no.");
334 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0);
338 server_shm_enable: VAR_SHM_ENABLE STRING_ARG
340 OUTYY(("P(server_shm_enable:%s)\n", $2));
341 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
342 yyerror("expected yes or no.");
343 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0);
347 server_shm_key: VAR_SHM_KEY STRING_ARG
349 OUTYY(("P(server_shm_key:%s)\n", $2));
350 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
351 cfg_parser->cfg->shm_key = 0;
352 else if(atoi($2) == 0)
353 yyerror("number expected");
354 else cfg_parser->cfg->shm_key = atoi($2);
358 server_port: VAR_PORT STRING_ARG
360 OUTYY(("P(server_port:%s)\n", $2));
362 yyerror("port number expected");
363 else cfg_parser->cfg->port = atoi($2);
367 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG
370 OUTYY(("P(server_send_client_subnet:%s)\n", $2));
371 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2))
372 fatal_exit("out of memory adding client-subnet");
374 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
378 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG
381 OUTYY(("P(server_client_subnet_zone:%s)\n", $2));
382 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone,
384 fatal_exit("out of memory adding client-subnet-zone");
386 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
390 server_client_subnet_always_forward:
391 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG
394 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2));
395 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
396 yyerror("expected yes or no.");
398 cfg_parser->cfg->client_subnet_always_forward =
399 (strcmp($2, "yes")==0);
401 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
406 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG
409 OUTYY(("P(client_subnet_opcode:%s)\n", $2));
410 OUTYY(("P(Depricated option, ignoring)\n"));
412 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
417 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG
420 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2));
421 if(atoi($2) == 0 && strcmp($2, "0") != 0)
422 yyerror("IPv4 subnet length expected");
423 else if (atoi($2) > 32)
424 cfg_parser->cfg->max_client_subnet_ipv4 = 32;
425 else if (atoi($2) < 0)
426 cfg_parser->cfg->max_client_subnet_ipv4 = 0;
427 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2);
429 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
434 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG
437 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2));
438 if(atoi($2) == 0 && strcmp($2, "0") != 0)
439 yyerror("Ipv6 subnet length expected");
440 else if (atoi($2) > 128)
441 cfg_parser->cfg->max_client_subnet_ipv6 = 128;
442 else if (atoi($2) < 0)
443 cfg_parser->cfg->max_client_subnet_ipv6 = 0;
444 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2);
446 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
451 server_interface: VAR_INTERFACE STRING_ARG
453 OUTYY(("P(server_interface:%s)\n", $2));
454 if(cfg_parser->cfg->num_ifs == 0)
455 cfg_parser->cfg->ifs = calloc(1, sizeof(char*));
456 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs,
457 (cfg_parser->cfg->num_ifs+1)*sizeof(char*));
458 if(!cfg_parser->cfg->ifs)
459 yyerror("out of memory");
461 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2;
464 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG
466 OUTYY(("P(server_outgoing_interface:%s)\n", $2));
467 if(cfg_parser->cfg->num_out_ifs == 0)
468 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*));
469 else cfg_parser->cfg->out_ifs = realloc(
470 cfg_parser->cfg->out_ifs,
471 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*));
472 if(!cfg_parser->cfg->out_ifs)
473 yyerror("out of memory");
475 cfg_parser->cfg->out_ifs[
476 cfg_parser->cfg->num_out_ifs++] = $2;
479 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG
481 OUTYY(("P(server_outgoing_range:%s)\n", $2));
483 yyerror("number expected");
484 else cfg_parser->cfg->outgoing_num_ports = atoi($2);
488 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG
490 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2));
491 if(!cfg_mark_ports($2, 1,
492 cfg_parser->cfg->outgoing_avail_ports, 65536))
493 yyerror("port number or range (\"low-high\") expected");
497 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG
499 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2));
500 if(!cfg_mark_ports($2, 0,
501 cfg_parser->cfg->outgoing_avail_ports, 65536))
502 yyerror("port number or range (\"low-high\") expected");
506 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG
508 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2));
509 if(atoi($2) == 0 && strcmp($2, "0") != 0)
510 yyerror("number expected");
511 else cfg_parser->cfg->outgoing_num_tcp = atoi($2);
515 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG
517 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2));
518 if(atoi($2) == 0 && strcmp($2, "0") != 0)
519 yyerror("number expected");
520 else cfg_parser->cfg->incoming_num_tcp = atoi($2);
524 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG
526 OUTYY(("P(server_interface_automatic:%s)\n", $2));
527 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
528 yyerror("expected yes or no.");
529 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0);
533 server_do_ip4: VAR_DO_IP4 STRING_ARG
535 OUTYY(("P(server_do_ip4:%s)\n", $2));
536 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
537 yyerror("expected yes or no.");
538 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0);
542 server_do_ip6: VAR_DO_IP6 STRING_ARG
544 OUTYY(("P(server_do_ip6:%s)\n", $2));
545 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
546 yyerror("expected yes or no.");
547 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0);
551 server_do_udp: VAR_DO_UDP STRING_ARG
553 OUTYY(("P(server_do_udp:%s)\n", $2));
554 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
555 yyerror("expected yes or no.");
556 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0);
560 server_do_tcp: VAR_DO_TCP STRING_ARG
562 OUTYY(("P(server_do_tcp:%s)\n", $2));
563 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
564 yyerror("expected yes or no.");
565 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0);
569 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG
571 OUTYY(("P(server_prefer_ip6:%s)\n", $2));
572 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
573 yyerror("expected yes or no.");
574 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0);
578 server_tcp_mss: VAR_TCP_MSS STRING_ARG
580 OUTYY(("P(server_tcp_mss:%s)\n", $2));
581 if(atoi($2) == 0 && strcmp($2, "0") != 0)
582 yyerror("number expected");
583 else cfg_parser->cfg->tcp_mss = atoi($2);
587 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG
589 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2));
590 if(atoi($2) == 0 && strcmp($2, "0") != 0)
591 yyerror("number expected");
592 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2);
596 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG
598 OUTYY(("P(server_tcp_upstream:%s)\n", $2));
599 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
600 yyerror("expected yes or no.");
601 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0);
605 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG
607 OUTYY(("P(server_ssl_upstream:%s)\n", $2));
608 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
609 yyerror("expected yes or no.");
610 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0);
614 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG
616 OUTYY(("P(server_ssl_service_key:%s)\n", $2));
617 free(cfg_parser->cfg->ssl_service_key);
618 cfg_parser->cfg->ssl_service_key = $2;
621 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG
623 OUTYY(("P(server_ssl_service_pem:%s)\n", $2));
624 free(cfg_parser->cfg->ssl_service_pem);
625 cfg_parser->cfg->ssl_service_pem = $2;
628 server_ssl_port: VAR_SSL_PORT STRING_ARG
630 OUTYY(("P(server_ssl_port:%s)\n", $2));
632 yyerror("port number expected");
633 else cfg_parser->cfg->ssl_port = atoi($2);
637 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG
639 OUTYY(("P(server_use_systemd:%s)\n", $2));
640 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
641 yyerror("expected yes or no.");
642 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0);
646 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG
648 OUTYY(("P(server_do_daemonize:%s)\n", $2));
649 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
650 yyerror("expected yes or no.");
651 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0);
655 server_use_syslog: VAR_USE_SYSLOG STRING_ARG
657 OUTYY(("P(server_use_syslog:%s)\n", $2));
658 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
659 yyerror("expected yes or no.");
660 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0);
661 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS)
662 if(strcmp($2, "yes") == 0)
663 yyerror("no syslog services are available. "
664 "(reconfigure and compile to add)");
669 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG
671 OUTYY(("P(server_log_time_ascii:%s)\n", $2));
672 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
673 yyerror("expected yes or no.");
674 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0);
678 server_log_queries: VAR_LOG_QUERIES STRING_ARG
680 OUTYY(("P(server_log_queries:%s)\n", $2));
681 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
682 yyerror("expected yes or no.");
683 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0);
687 server_log_replies: VAR_LOG_REPLIES STRING_ARG
689 OUTYY(("P(server_log_replies:%s)\n", $2));
690 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
691 yyerror("expected yes or no.");
692 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0);
696 server_chroot: VAR_CHROOT STRING_ARG
698 OUTYY(("P(server_chroot:%s)\n", $2));
699 free(cfg_parser->cfg->chrootdir);
700 cfg_parser->cfg->chrootdir = $2;
703 server_username: VAR_USERNAME STRING_ARG
705 OUTYY(("P(server_username:%s)\n", $2));
706 free(cfg_parser->cfg->username);
707 cfg_parser->cfg->username = $2;
710 server_directory: VAR_DIRECTORY STRING_ARG
712 OUTYY(("P(server_directory:%s)\n", $2));
713 free(cfg_parser->cfg->directory);
714 cfg_parser->cfg->directory = $2;
715 /* change there right away for includes relative to this */
719 w_config_adjust_directory(cfg_parser->cfg);
721 d = cfg_parser->cfg->directory;
722 /* adjust directory if we have already chroot,
723 * like, we reread after sighup */
724 if(cfg_parser->chroot && cfg_parser->chroot[0] &&
725 strncmp(d, cfg_parser->chroot, strlen(
726 cfg_parser->chroot)) == 0)
727 d += strlen(cfg_parser->chroot);
730 log_err("cannot chdir to directory: %s (%s)",
736 server_logfile: VAR_LOGFILE STRING_ARG
738 OUTYY(("P(server_logfile:%s)\n", $2));
739 free(cfg_parser->cfg->logfile);
740 cfg_parser->cfg->logfile = $2;
741 cfg_parser->cfg->use_syslog = 0;
744 server_pidfile: VAR_PIDFILE STRING_ARG
746 OUTYY(("P(server_pidfile:%s)\n", $2));
747 free(cfg_parser->cfg->pidfile);
748 cfg_parser->cfg->pidfile = $2;
751 server_root_hints: VAR_ROOT_HINTS STRING_ARG
753 OUTYY(("P(server_root_hints:%s)\n", $2));
754 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2))
755 yyerror("out of memory");
758 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG
760 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2));
761 free(cfg_parser->cfg->dlv_anchor_file);
762 cfg_parser->cfg->dlv_anchor_file = $2;
765 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG
767 OUTYY(("P(server_dlv_anchor:%s)\n", $2));
768 if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, $2))
769 yyerror("out of memory");
772 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG
774 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2));
775 if(!cfg_strlist_insert(&cfg_parser->cfg->
776 auto_trust_anchor_file_list, $2))
777 yyerror("out of memory");
780 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG
782 OUTYY(("P(server_trust_anchor_file:%s)\n", $2));
783 if(!cfg_strlist_insert(&cfg_parser->cfg->
784 trust_anchor_file_list, $2))
785 yyerror("out of memory");
788 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG
790 OUTYY(("P(server_trusted_keys_file:%s)\n", $2));
791 if(!cfg_strlist_insert(&cfg_parser->cfg->
792 trusted_keys_file_list, $2))
793 yyerror("out of memory");
796 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG
798 OUTYY(("P(server_trust_anchor:%s)\n", $2));
799 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2))
800 yyerror("out of memory");
803 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG
805 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2));
806 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
807 yyerror("expected yes or no.");
809 cfg_parser->cfg->trust_anchor_signaling =
810 (strcmp($2, "yes")==0);
814 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG
816 OUTYY(("P(server_domain_insecure:%s)\n", $2));
817 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2))
818 yyerror("out of memory");
821 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG
823 OUTYY(("P(server_hide_identity:%s)\n", $2));
824 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
825 yyerror("expected yes or no.");
826 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0);
830 server_hide_version: VAR_HIDE_VERSION STRING_ARG
832 OUTYY(("P(server_hide_version:%s)\n", $2));
833 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
834 yyerror("expected yes or no.");
835 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0);
839 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG
841 OUTYY(("P(server_hide_trustanchor:%s)\n", $2));
842 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
843 yyerror("expected yes or no.");
844 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0);
848 server_identity: VAR_IDENTITY STRING_ARG
850 OUTYY(("P(server_identity:%s)\n", $2));
851 free(cfg_parser->cfg->identity);
852 cfg_parser->cfg->identity = $2;
855 server_version: VAR_VERSION STRING_ARG
857 OUTYY(("P(server_version:%s)\n", $2));
858 free(cfg_parser->cfg->version);
859 cfg_parser->cfg->version = $2;
862 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG
864 OUTYY(("P(server_so_rcvbuf:%s)\n", $2));
865 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf))
866 yyerror("buffer size expected");
870 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG
872 OUTYY(("P(server_so_sndbuf:%s)\n", $2));
873 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf))
874 yyerror("buffer size expected");
878 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG
880 OUTYY(("P(server_so_reuseport:%s)\n", $2));
881 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
882 yyerror("expected yes or no.");
883 else cfg_parser->cfg->so_reuseport =
884 (strcmp($2, "yes")==0);
888 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG
890 OUTYY(("P(server_ip_transparent:%s)\n", $2));
891 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
892 yyerror("expected yes or no.");
893 else cfg_parser->cfg->ip_transparent =
894 (strcmp($2, "yes")==0);
898 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG
900 OUTYY(("P(server_ip_freebind:%s)\n", $2));
901 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
902 yyerror("expected yes or no.");
903 else cfg_parser->cfg->ip_freebind =
904 (strcmp($2, "yes")==0);
908 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG
910 OUTYY(("P(server_edns_buffer_size:%s)\n", $2));
912 yyerror("number expected");
913 else if (atoi($2) < 12)
914 yyerror("edns buffer size too small");
915 else if (atoi($2) > 65535)
916 cfg_parser->cfg->edns_buffer_size = 65535;
917 else cfg_parser->cfg->edns_buffer_size = atoi($2);
921 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG
923 OUTYY(("P(server_msg_buffer_size:%s)\n", $2));
925 yyerror("number expected");
926 else if (atoi($2) < 4096)
927 yyerror("message buffer size too small (use 4096)");
928 else cfg_parser->cfg->msg_buffer_size = atoi($2);
932 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG
934 OUTYY(("P(server_msg_cache_size:%s)\n", $2));
935 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size))
936 yyerror("memory size expected");
940 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG
942 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2));
944 yyerror("number expected");
946 cfg_parser->cfg->msg_cache_slabs = atoi($2);
947 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs))
948 yyerror("must be a power of 2");
953 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG
955 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2));
957 yyerror("number expected");
958 else cfg_parser->cfg->num_queries_per_thread = atoi($2);
962 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG
964 OUTYY(("P(server_jostle_timeout:%s)\n", $2));
965 if(atoi($2) == 0 && strcmp($2, "0") != 0)
966 yyerror("number expected");
967 else cfg_parser->cfg->jostle_time = atoi($2);
971 server_delay_close: VAR_DELAY_CLOSE STRING_ARG
973 OUTYY(("P(server_delay_close:%s)\n", $2));
974 if(atoi($2) == 0 && strcmp($2, "0") != 0)
975 yyerror("number expected");
976 else cfg_parser->cfg->delay_close = atoi($2);
980 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG
982 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2));
983 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
984 yyerror("expected yes or no.");
985 else cfg_parser->cfg->unblock_lan_zones =
986 (strcmp($2, "yes")==0);
990 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG
992 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2));
993 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
994 yyerror("expected yes or no.");
995 else cfg_parser->cfg->insecure_lan_zones =
996 (strcmp($2, "yes")==0);
1000 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG
1002 OUTYY(("P(server_rrset_cache_size:%s)\n", $2));
1003 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size))
1004 yyerror("memory size expected");
1008 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG
1010 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2));
1012 yyerror("number expected");
1014 cfg_parser->cfg->rrset_cache_slabs = atoi($2);
1015 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs))
1016 yyerror("must be a power of 2");
1021 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG
1023 OUTYY(("P(server_infra_host_ttl:%s)\n", $2));
1024 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1025 yyerror("number expected");
1026 else cfg_parser->cfg->host_ttl = atoi($2);
1030 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG
1032 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2));
1033 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option "
1034 "removed, use infra-host-ttl)", $2);
1038 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG
1040 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2));
1042 yyerror("number expected");
1043 else cfg_parser->cfg->infra_cache_numhosts = atoi($2);
1047 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG
1049 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2));
1050 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s "
1051 "(option removed, use infra-cache-numhosts)", $2);
1055 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG
1057 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2));
1059 yyerror("number expected");
1061 cfg_parser->cfg->infra_cache_slabs = atoi($2);
1062 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs))
1063 yyerror("must be a power of 2");
1068 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG
1070 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2));
1071 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1072 yyerror("number expected");
1073 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2);
1077 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG
1079 OUTYY(("P(server_target_fetch_policy:%s)\n", $2));
1080 free(cfg_parser->cfg->target_fetch_policy);
1081 cfg_parser->cfg->target_fetch_policy = $2;
1084 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG
1086 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2));
1087 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1088 yyerror("expected yes or no.");
1089 else cfg_parser->cfg->harden_short_bufsize =
1090 (strcmp($2, "yes")==0);
1094 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG
1096 OUTYY(("P(server_harden_large_queries:%s)\n", $2));
1097 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1098 yyerror("expected yes or no.");
1099 else cfg_parser->cfg->harden_large_queries =
1100 (strcmp($2, "yes")==0);
1104 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG
1106 OUTYY(("P(server_harden_glue:%s)\n", $2));
1107 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1108 yyerror("expected yes or no.");
1109 else cfg_parser->cfg->harden_glue =
1110 (strcmp($2, "yes")==0);
1114 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG
1116 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2));
1117 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1118 yyerror("expected yes or no.");
1119 else cfg_parser->cfg->harden_dnssec_stripped =
1120 (strcmp($2, "yes")==0);
1124 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG
1126 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2));
1127 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1128 yyerror("expected yes or no.");
1129 else cfg_parser->cfg->harden_below_nxdomain =
1130 (strcmp($2, "yes")==0);
1134 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG
1136 OUTYY(("P(server_harden_referral_path:%s)\n", $2));
1137 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1138 yyerror("expected yes or no.");
1139 else cfg_parser->cfg->harden_referral_path =
1140 (strcmp($2, "yes")==0);
1144 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG
1146 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2));
1147 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1148 yyerror("expected yes or no.");
1149 else cfg_parser->cfg->harden_algo_downgrade =
1150 (strcmp($2, "yes")==0);
1154 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG
1156 OUTYY(("P(server_use_caps_for_id:%s)\n", $2));
1157 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1158 yyerror("expected yes or no.");
1159 else cfg_parser->cfg->use_caps_bits_for_id =
1160 (strcmp($2, "yes")==0);
1164 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG
1166 OUTYY(("P(server_caps_whitelist:%s)\n", $2));
1167 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2))
1168 yyerror("out of memory");
1171 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG
1173 OUTYY(("P(server_private_address:%s)\n", $2));
1174 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2))
1175 yyerror("out of memory");
1178 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG
1180 OUTYY(("P(server_private_domain:%s)\n", $2));
1181 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2))
1182 yyerror("out of memory");
1185 server_prefetch: VAR_PREFETCH STRING_ARG
1187 OUTYY(("P(server_prefetch:%s)\n", $2));
1188 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1189 yyerror("expected yes or no.");
1190 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0);
1194 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG
1196 OUTYY(("P(server_prefetch_key:%s)\n", $2));
1197 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1198 yyerror("expected yes or no.");
1199 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0);
1203 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG
1205 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2));
1206 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1207 yyerror("number expected");
1208 else cfg_parser->cfg->unwanted_threshold = atoi($2);
1212 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG
1214 OUTYY(("P(server_do_not_query_address:%s)\n", $2));
1215 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2))
1216 yyerror("out of memory");
1219 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG
1221 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2));
1222 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1223 yyerror("expected yes or no.");
1224 else cfg_parser->cfg->donotquery_localhost =
1225 (strcmp($2, "yes")==0);
1229 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG
1231 OUTYY(("P(server_access_control:%s %s)\n", $2, $3));
1232 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 &&
1233 strcmp($3, "deny_non_local")!=0 &&
1234 strcmp($3, "refuse_non_local")!=0 &&
1235 strcmp($3, "allow")!=0 &&
1236 strcmp($3, "allow_snoop")!=0) {
1237 yyerror("expected deny, refuse, deny_non_local, "
1238 "refuse_non_local, allow or allow_snoop "
1239 "in access control action");
1241 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3))
1242 fatal_exit("out of memory adding acl");
1246 server_module_conf: VAR_MODULE_CONF STRING_ARG
1248 OUTYY(("P(server_module_conf:%s)\n", $2));
1249 free(cfg_parser->cfg->module_conf);
1250 cfg_parser->cfg->module_conf = $2;
1253 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG
1255 OUTYY(("P(server_val_override_date:%s)\n", $2));
1256 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1257 cfg_parser->cfg->val_date_override = 0;
1258 } else if(strlen($2) == 14) {
1259 cfg_parser->cfg->val_date_override =
1260 cfg_convert_timeval($2);
1261 if(!cfg_parser->cfg->val_date_override)
1262 yyerror("bad date/time specification");
1265 yyerror("number expected");
1266 cfg_parser->cfg->val_date_override = atoi($2);
1271 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG
1273 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2));
1274 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1275 cfg_parser->cfg->val_sig_skew_min = 0;
1277 cfg_parser->cfg->val_sig_skew_min = atoi($2);
1278 if(!cfg_parser->cfg->val_sig_skew_min)
1279 yyerror("number expected");
1284 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG
1286 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2));
1287 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1288 cfg_parser->cfg->val_sig_skew_max = 0;
1290 cfg_parser->cfg->val_sig_skew_max = atoi($2);
1291 if(!cfg_parser->cfg->val_sig_skew_max)
1292 yyerror("number expected");
1297 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG
1299 OUTYY(("P(server_cache_max_ttl:%s)\n", $2));
1300 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1301 yyerror("number expected");
1302 else cfg_parser->cfg->max_ttl = atoi($2);
1306 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG
1308 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2));
1309 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1310 yyerror("number expected");
1311 else cfg_parser->cfg->max_negative_ttl = atoi($2);
1315 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG
1317 OUTYY(("P(server_cache_min_ttl:%s)\n", $2));
1318 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1319 yyerror("number expected");
1320 else cfg_parser->cfg->min_ttl = atoi($2);
1324 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG
1326 OUTYY(("P(server_bogus_ttl:%s)\n", $2));
1327 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1328 yyerror("number expected");
1329 else cfg_parser->cfg->bogus_ttl = atoi($2);
1333 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG
1335 OUTYY(("P(server_val_clean_additional:%s)\n", $2));
1336 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1337 yyerror("expected yes or no.");
1338 else cfg_parser->cfg->val_clean_additional =
1339 (strcmp($2, "yes")==0);
1343 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG
1345 OUTYY(("P(server_val_permissive_mode:%s)\n", $2));
1346 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1347 yyerror("expected yes or no.");
1348 else cfg_parser->cfg->val_permissive_mode =
1349 (strcmp($2, "yes")==0);
1353 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG
1355 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2));
1356 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1357 yyerror("expected yes or no.");
1358 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0);
1362 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG
1364 OUTYY(("P(server_serve_expired:%s)\n", $2));
1365 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1366 yyerror("expected yes or no.");
1367 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0);
1371 server_fake_dsa: VAR_FAKE_DSA STRING_ARG
1373 OUTYY(("P(server_fake_dsa:%s)\n", $2));
1374 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1375 yyerror("expected yes or no.");
1377 else fake_dsa = (strcmp($2, "yes")==0);
1379 log_warn("test option fake_dsa is enabled");
1384 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG
1386 OUTYY(("P(server_fake_sha1:%s)\n", $2));
1387 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1388 yyerror("expected yes or no.");
1390 else fake_sha1 = (strcmp($2, "yes")==0);
1392 log_warn("test option fake_sha1 is enabled");
1397 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG
1399 OUTYY(("P(server_val_log_level:%s)\n", $2));
1400 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1401 yyerror("number expected");
1402 else cfg_parser->cfg->val_log_level = atoi($2);
1406 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG
1408 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2));
1409 free(cfg_parser->cfg->val_nsec3_key_iterations);
1410 cfg_parser->cfg->val_nsec3_key_iterations = $2;
1413 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG
1415 OUTYY(("P(server_add_holddown:%s)\n", $2));
1416 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1417 yyerror("number expected");
1418 else cfg_parser->cfg->add_holddown = atoi($2);
1422 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG
1424 OUTYY(("P(server_del_holddown:%s)\n", $2));
1425 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1426 yyerror("number expected");
1427 else cfg_parser->cfg->del_holddown = atoi($2);
1431 server_keep_missing: VAR_KEEP_MISSING STRING_ARG
1433 OUTYY(("P(server_keep_missing:%s)\n", $2));
1434 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1435 yyerror("number expected");
1436 else cfg_parser->cfg->keep_missing = atoi($2);
1440 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG
1442 OUTYY(("P(server_permit_small_holddown:%s)\n", $2));
1443 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1444 yyerror("expected yes or no.");
1445 else cfg_parser->cfg->permit_small_holddown =
1446 (strcmp($2, "yes")==0);
1449 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG
1451 OUTYY(("P(server_key_cache_size:%s)\n", $2));
1452 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size))
1453 yyerror("memory size expected");
1457 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG
1459 OUTYY(("P(server_key_cache_slabs:%s)\n", $2));
1461 yyerror("number expected");
1463 cfg_parser->cfg->key_cache_slabs = atoi($2);
1464 if(!is_pow2(cfg_parser->cfg->key_cache_slabs))
1465 yyerror("must be a power of 2");
1470 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG
1472 OUTYY(("P(server_neg_cache_size:%s)\n", $2));
1473 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size))
1474 yyerror("memory size expected");
1478 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
1480 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3));
1481 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
1482 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
1483 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
1484 && strcmp($3, "typetransparent")!=0
1485 && strcmp($3, "always_transparent")!=0
1486 && strcmp($3, "always_refuse")!=0
1487 && strcmp($3, "always_nxdomain")!=0
1488 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
1489 yyerror("local-zone type: expected static, deny, "
1490 "refuse, redirect, transparent, "
1491 "typetransparent, inform, inform_deny, "
1492 "always_transparent, always_refuse, "
1493 "always_nxdomain or nodefault");
1494 else if(strcmp($3, "nodefault")==0) {
1495 if(!cfg_strlist_insert(&cfg_parser->cfg->
1496 local_zones_nodefault, $2))
1497 fatal_exit("out of memory adding local-zone");
1500 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones,
1502 fatal_exit("out of memory adding local-zone");
1506 server_local_data: VAR_LOCAL_DATA STRING_ARG
1508 OUTYY(("P(server_local_data:%s)\n", $2));
1509 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2))
1510 fatal_exit("out of memory adding local-data");
1513 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
1516 OUTYY(("P(server_local_data_ptr:%s)\n", $2));
1517 ptr = cfg_ptr_reverse($2);
1520 if(!cfg_strlist_insert(&cfg_parser->cfg->
1522 fatal_exit("out of memory adding local-data");
1524 yyerror("local-data-ptr could not be reversed");
1528 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG
1530 OUTYY(("P(server_minimal_responses:%s)\n", $2));
1531 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1532 yyerror("expected yes or no.");
1533 else cfg_parser->cfg->minimal_responses =
1534 (strcmp($2, "yes")==0);
1538 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG
1540 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2));
1541 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1542 yyerror("expected yes or no.");
1543 else cfg_parser->cfg->rrset_roundrobin =
1544 (strcmp($2, "yes")==0);
1548 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG
1550 OUTYY(("P(server_max_udp_size:%s)\n", $2));
1551 cfg_parser->cfg->max_udp_size = atoi($2);
1555 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG
1557 OUTYY(("P(dns64_prefix:%s)\n", $2));
1558 free(cfg_parser->cfg->dns64_prefix);
1559 cfg_parser->cfg->dns64_prefix = $2;
1562 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG
1564 OUTYY(("P(server_dns64_synthall:%s)\n", $2));
1565 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1566 yyerror("expected yes or no.");
1567 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0);
1571 server_define_tag: VAR_DEFINE_TAG STRING_ARG
1574 OUTYY(("P(server_define_tag:%s)\n", $2));
1575 while((p=strsep(&s, " \t\n")) != NULL) {
1577 if(!config_add_tag(cfg_parser->cfg, p))
1578 yyerror("could not define-tag, "
1585 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG
1588 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1591 OUTYY(("P(server_local_zone_tag:%s)\n", $2));
1593 yyerror("could not parse tags, (define-tag them first)");
1595 if(!cfg_strbytelist_insert(
1596 &cfg_parser->cfg->local_zone_tags,
1597 $2, bitlist, len)) {
1598 yyerror("out of memory");
1604 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG
1607 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1610 OUTYY(("P(server_access_control_tag:%s)\n", $2));
1612 yyerror("could not parse tags, (define-tag them first)");
1614 if(!cfg_strbytelist_insert(
1615 &cfg_parser->cfg->acl_tags,
1616 $2, bitlist, len)) {
1617 yyerror("out of memory");
1623 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG
1625 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4));
1626 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions,
1628 yyerror("out of memory");
1635 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG
1637 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4));
1638 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas,
1640 yyerror("out of memory");
1647 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG
1649 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4));
1650 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides,
1652 yyerror("out of memory");
1659 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG
1661 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3));
1662 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view,
1664 yyerror("out of memory");
1670 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG
1673 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1676 OUTYY(("P(response_ip_tag:%s)\n", $2));
1678 yyerror("could not parse tags, (define-tag them first)");
1680 if(!cfg_strbytelist_insert(
1681 &cfg_parser->cfg->respip_tags,
1682 $2, bitlist, len)) {
1683 yyerror("out of memory");
1689 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG
1691 OUTYY(("P(server_ip_ratelimit:%s)\n", $2));
1692 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1693 yyerror("number expected");
1694 else cfg_parser->cfg->ip_ratelimit = atoi($2);
1699 server_ratelimit: VAR_RATELIMIT STRING_ARG
1701 OUTYY(("P(server_ratelimit:%s)\n", $2));
1702 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1703 yyerror("number expected");
1704 else cfg_parser->cfg->ratelimit = atoi($2);
1708 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG
1710 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2));
1711 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size))
1712 yyerror("memory size expected");
1716 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG
1718 OUTYY(("P(server_ratelimit_size:%s)\n", $2));
1719 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size))
1720 yyerror("memory size expected");
1724 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG
1726 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2));
1728 yyerror("number expected");
1730 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2);
1731 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs))
1732 yyerror("must be a power of 2");
1737 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG
1739 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2));
1741 yyerror("number expected");
1743 cfg_parser->cfg->ratelimit_slabs = atoi($2);
1744 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs))
1745 yyerror("must be a power of 2");
1750 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG
1752 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3));
1753 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1754 yyerror("number expected");
1756 if(!cfg_str2list_insert(&cfg_parser->cfg->
1757 ratelimit_for_domain, $2, $3))
1758 fatal_exit("out of memory adding "
1759 "ratelimit-for-domain");
1763 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG
1765 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3));
1766 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1767 yyerror("number expected");
1769 if(!cfg_str2list_insert(&cfg_parser->cfg->
1770 ratelimit_below_domain, $2, $3))
1771 fatal_exit("out of memory adding "
1772 "ratelimit-below-domain");
1776 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG
1778 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2));
1779 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1780 yyerror("number expected");
1781 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2);
1785 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG
1787 OUTYY(("P(server_ratelimit_factor:%s)\n", $2));
1788 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1789 yyerror("number expected");
1790 else cfg_parser->cfg->ratelimit_factor = atoi($2);
1794 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG
1796 OUTYY(("P(server_qname_minimisation:%s)\n", $2));
1797 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1798 yyerror("expected yes or no.");
1799 else cfg_parser->cfg->qname_minimisation =
1800 (strcmp($2, "yes")==0);
1804 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG
1806 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2));
1807 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1808 yyerror("expected yes or no.");
1809 else cfg_parser->cfg->qname_minimisation_strict =
1810 (strcmp($2, "yes")==0);
1814 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG
1817 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2));
1818 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1819 yyerror("expected yes or no.");
1820 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0);
1823 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1827 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG
1830 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2));
1831 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1832 yyerror("expected yes or no.");
1833 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0);
1836 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1840 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG
1843 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2));
1844 free(cfg_parser->cfg->ipsecmod_hook);
1845 cfg_parser->cfg->ipsecmod_hook = $2;
1847 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1851 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG
1854 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2));
1855 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1856 yyerror("number expected");
1857 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2);
1860 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1864 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG
1867 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2));
1868 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2))
1869 yyerror("out of memory");
1871 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1875 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG
1878 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2));
1879 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1880 yyerror("expected yes or no.");
1881 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0);
1884 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1888 stub_name: VAR_NAME STRING_ARG
1890 OUTYY(("P(name:%s)\n", $2));
1891 if(cfg_parser->cfg->stubs->name)
1892 yyerror("stub name override, there must be one name "
1893 "for one stub-zone");
1894 free(cfg_parser->cfg->stubs->name);
1895 cfg_parser->cfg->stubs->name = $2;
1898 stub_host: VAR_STUB_HOST STRING_ARG
1900 OUTYY(("P(stub-host:%s)\n", $2));
1901 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2))
1902 yyerror("out of memory");
1905 stub_addr: VAR_STUB_ADDR STRING_ARG
1907 OUTYY(("P(stub-addr:%s)\n", $2));
1908 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2))
1909 yyerror("out of memory");
1912 stub_first: VAR_STUB_FIRST STRING_ARG
1914 OUTYY(("P(stub-first:%s)\n", $2));
1915 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1916 yyerror("expected yes or no.");
1917 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0);
1921 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG
1923 OUTYY(("P(stub-ssl-upstream:%s)\n", $2));
1924 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1925 yyerror("expected yes or no.");
1926 else cfg_parser->cfg->stubs->ssl_upstream =
1927 (strcmp($2, "yes")==0);
1931 stub_prime: VAR_STUB_PRIME STRING_ARG
1933 OUTYY(("P(stub-prime:%s)\n", $2));
1934 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1935 yyerror("expected yes or no.");
1936 else cfg_parser->cfg->stubs->isprime =
1937 (strcmp($2, "yes")==0);
1941 forward_name: VAR_NAME STRING_ARG
1943 OUTYY(("P(name:%s)\n", $2));
1944 if(cfg_parser->cfg->forwards->name)
1945 yyerror("forward name override, there must be one "
1946 "name for one forward-zone");
1947 free(cfg_parser->cfg->forwards->name);
1948 cfg_parser->cfg->forwards->name = $2;
1951 forward_host: VAR_FORWARD_HOST STRING_ARG
1953 OUTYY(("P(forward-host:%s)\n", $2));
1954 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2))
1955 yyerror("out of memory");
1958 forward_addr: VAR_FORWARD_ADDR STRING_ARG
1960 OUTYY(("P(forward-addr:%s)\n", $2));
1961 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2))
1962 yyerror("out of memory");
1965 forward_first: VAR_FORWARD_FIRST STRING_ARG
1967 OUTYY(("P(forward-first:%s)\n", $2));
1968 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1969 yyerror("expected yes or no.");
1970 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0);
1974 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG
1976 OUTYY(("P(forward-ssl-upstream:%s)\n", $2));
1977 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1978 yyerror("expected yes or no.");
1979 else cfg_parser->cfg->forwards->ssl_upstream =
1980 (strcmp($2, "yes")==0);
1984 view_name: VAR_NAME STRING_ARG
1986 OUTYY(("P(name:%s)\n", $2));
1987 if(cfg_parser->cfg->views->name)
1988 yyerror("view name override, there must be one "
1989 "name for one view");
1990 free(cfg_parser->cfg->views->name);
1991 cfg_parser->cfg->views->name = $2;
1994 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
1996 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3));
1997 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
1998 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
1999 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
2000 && strcmp($3, "typetransparent")!=0
2001 && strcmp($3, "always_transparent")!=0
2002 && strcmp($3, "always_refuse")!=0
2003 && strcmp($3, "always_nxdomain")!=0
2004 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
2005 yyerror("local-zone type: expected static, deny, "
2006 "refuse, redirect, transparent, "
2007 "typetransparent, inform, inform_deny, "
2008 "always_transparent, always_refuse, "
2009 "always_nxdomain or nodefault");
2010 else if(strcmp($3, "nodefault")==0) {
2011 if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2012 local_zones_nodefault, $2))
2013 fatal_exit("out of memory adding local-zone");
2016 if(!cfg_str2list_insert(
2017 &cfg_parser->cfg->views->local_zones,
2019 fatal_exit("out of memory adding local-zone");
2023 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2025 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3));
2026 validate_respip_action($3);
2027 if(!cfg_str2list_insert(
2028 &cfg_parser->cfg->views->respip_actions, $2, $3))
2029 fatal_exit("out of memory adding per-view "
2030 "response-ip action");
2033 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2035 OUTYY(("P(view_response_ip_data:%s)\n", $2));
2036 if(!cfg_str2list_insert(
2037 &cfg_parser->cfg->views->respip_data, $2, $3))
2038 fatal_exit("out of memory adding response-ip-data");
2041 view_local_data: VAR_LOCAL_DATA STRING_ARG
2043 OUTYY(("P(view_local_data:%s)\n", $2));
2044 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) {
2045 fatal_exit("out of memory adding local-data");
2050 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
2053 OUTYY(("P(view_local_data_ptr:%s)\n", $2));
2054 ptr = cfg_ptr_reverse($2);
2057 if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2059 fatal_exit("out of memory adding local-data");
2061 yyerror("local-data-ptr could not be reversed");
2065 view_first: VAR_VIEW_FIRST STRING_ARG
2067 OUTYY(("P(view-first:%s)\n", $2));
2068 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2069 yyerror("expected yes or no.");
2070 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0);
2074 rcstart: VAR_REMOTE_CONTROL
2076 OUTYY(("\nP(remote-control:)\n"));
2079 contents_rc: contents_rc content_rc
2081 content_rc: rc_control_enable | rc_control_interface | rc_control_port |
2082 rc_server_key_file | rc_server_cert_file | rc_control_key_file |
2083 rc_control_cert_file | rc_control_use_cert
2085 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG
2087 OUTYY(("P(control_enable:%s)\n", $2));
2088 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2089 yyerror("expected yes or no.");
2090 else cfg_parser->cfg->remote_control_enable =
2091 (strcmp($2, "yes")==0);
2095 rc_control_port: VAR_CONTROL_PORT STRING_ARG
2097 OUTYY(("P(control_port:%s)\n", $2));
2099 yyerror("control port number expected");
2100 else cfg_parser->cfg->control_port = atoi($2);
2104 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG
2106 OUTYY(("P(control_interface:%s)\n", $2));
2107 if(!cfg_strlist_insert(&cfg_parser->cfg->control_ifs, $2))
2108 yyerror("out of memory");
2111 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG
2113 OUTYY(("P(control_use_cert:%s)\n", $2));
2114 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2115 yyerror("expected yes or no.");
2116 else cfg_parser->cfg->remote_control_use_cert =
2117 (strcmp($2, "yes")==0);
2121 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG
2123 OUTYY(("P(rc_server_key_file:%s)\n", $2));
2124 free(cfg_parser->cfg->server_key_file);
2125 cfg_parser->cfg->server_key_file = $2;
2128 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG
2130 OUTYY(("P(rc_server_cert_file:%s)\n", $2));
2131 free(cfg_parser->cfg->server_cert_file);
2132 cfg_parser->cfg->server_cert_file = $2;
2135 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG
2137 OUTYY(("P(rc_control_key_file:%s)\n", $2));
2138 free(cfg_parser->cfg->control_key_file);
2139 cfg_parser->cfg->control_key_file = $2;
2142 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG
2144 OUTYY(("P(rc_control_cert_file:%s)\n", $2));
2145 free(cfg_parser->cfg->control_cert_file);
2146 cfg_parser->cfg->control_cert_file = $2;
2151 OUTYY(("\nP(dnstap:)\n"));
2154 contents_dt: contents_dt content_dt
2156 content_dt: dt_dnstap_enable | dt_dnstap_socket_path |
2157 dt_dnstap_send_identity | dt_dnstap_send_version |
2158 dt_dnstap_identity | dt_dnstap_version |
2159 dt_dnstap_log_resolver_query_messages |
2160 dt_dnstap_log_resolver_response_messages |
2161 dt_dnstap_log_client_query_messages |
2162 dt_dnstap_log_client_response_messages |
2163 dt_dnstap_log_forwarder_query_messages |
2164 dt_dnstap_log_forwarder_response_messages
2166 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG
2168 OUTYY(("P(dt_dnstap_enable:%s)\n", $2));
2169 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2170 yyerror("expected yes or no.");
2171 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0);
2174 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG
2176 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2));
2177 free(cfg_parser->cfg->dnstap_socket_path);
2178 cfg_parser->cfg->dnstap_socket_path = $2;
2181 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG
2183 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2));
2184 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2185 yyerror("expected yes or no.");
2186 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0);
2189 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG
2191 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2));
2192 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2193 yyerror("expected yes or no.");
2194 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0);
2197 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG
2199 OUTYY(("P(dt_dnstap_identity:%s)\n", $2));
2200 free(cfg_parser->cfg->dnstap_identity);
2201 cfg_parser->cfg->dnstap_identity = $2;
2204 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG
2206 OUTYY(("P(dt_dnstap_version:%s)\n", $2));
2207 free(cfg_parser->cfg->dnstap_version);
2208 cfg_parser->cfg->dnstap_version = $2;
2211 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG
2213 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2));
2214 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2215 yyerror("expected yes or no.");
2216 else cfg_parser->cfg->dnstap_log_resolver_query_messages =
2217 (strcmp($2, "yes")==0);
2220 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG
2222 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2));
2223 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2224 yyerror("expected yes or no.");
2225 else cfg_parser->cfg->dnstap_log_resolver_response_messages =
2226 (strcmp($2, "yes")==0);
2229 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG
2231 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2));
2232 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2233 yyerror("expected yes or no.");
2234 else cfg_parser->cfg->dnstap_log_client_query_messages =
2235 (strcmp($2, "yes")==0);
2238 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG
2240 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2));
2241 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2242 yyerror("expected yes or no.");
2243 else cfg_parser->cfg->dnstap_log_client_response_messages =
2244 (strcmp($2, "yes")==0);
2247 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG
2249 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2));
2250 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2251 yyerror("expected yes or no.");
2252 else cfg_parser->cfg->dnstap_log_forwarder_query_messages =
2253 (strcmp($2, "yes")==0);
2256 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG
2258 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2));
2259 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2260 yyerror("expected yes or no.");
2261 else cfg_parser->cfg->dnstap_log_forwarder_response_messages =
2262 (strcmp($2, "yes")==0);
2265 pythonstart: VAR_PYTHON
2267 OUTYY(("\nP(python:)\n"));
2270 contents_py: contents_py content_py
2272 content_py: py_script
2274 py_script: VAR_PYTHON_SCRIPT STRING_ARG
2276 OUTYY(("P(python-script:%s)\n", $2));
2277 free(cfg_parser->cfg->python_script);
2278 cfg_parser->cfg->python_script = $2;
2280 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG
2282 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2));
2283 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2284 yyerror("expected yes or no.");
2285 else cfg_parser->cfg->disable_dnssec_lame_check =
2286 (strcmp($2, "yes")==0);
2290 server_log_identity: VAR_LOG_IDENTITY STRING_ARG
2292 OUTYY(("P(server_log_identity:%s)\n", $2));
2293 free(cfg_parser->cfg->log_identity);
2294 cfg_parser->cfg->log_identity = $2;
2297 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2299 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3));
2300 validate_respip_action($3);
2301 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions,
2303 fatal_exit("out of memory adding response-ip");
2306 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2308 OUTYY(("P(server_response_ip_data:%s)\n", $2));
2309 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data,
2311 fatal_exit("out of memory adding response-ip-data");
2314 dnscstart: VAR_DNSCRYPT
2316 OUTYY(("\nP(dnscrypt:)\n"));
2317 OUTYY(("\nP(dnscrypt:)\n"));
2320 contents_dnsc: contents_dnsc content_dnsc
2323 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider |
2324 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert
2326 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG
2328 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2));
2329 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2330 yyerror("expected yes or no.");
2331 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0);
2336 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG
2338 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2));
2341 yyerror("port number expected");
2342 else cfg_parser->cfg->dnscrypt_port = atoi($2);
2346 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG
2348 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2));
2349 free(cfg_parser->cfg->dnscrypt_provider);
2350 cfg_parser->cfg->dnscrypt_provider = $2;
2353 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG
2355 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2));
2356 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2))
2357 fatal_exit("out of memory adding dnscrypt-provider-cert");
2360 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG
2362 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2));
2363 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2))
2364 fatal_exit("out of memory adding dnscrypt-secret-key");
2369 /* parse helper routines could be here */
2371 validate_respip_action(const char* action)
2373 if(strcmp(action, "deny")!=0 &&
2374 strcmp(action, "redirect")!=0 &&
2375 strcmp(action, "inform")!=0 &&
2376 strcmp(action, "inform_deny")!=0 &&
2377 strcmp(action, "always_transparent")!=0 &&
2378 strcmp(action, "always_refuse")!=0 &&
2379 strcmp(action, "always_nxdomain")!=0)
2381 yyerror("response-ip action: expected deny, redirect, "
2382 "inform, inform_deny, always_transparent, "
2383 "always_refuse or always_nxdomain");