contrib/unbound/util/configparser.y

   1 /*
   2  * configparser.y -- yacc grammar for unbound configuration files
   3  *
   4  * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
   5  *
   6  * Copyright (c) 2007, NLnet Labs. All rights reserved.
   7  *
   8  * This software is open source.
   9  *
  10  * Redistribution and use in source and binary forms, with or without
  11  * modification, are permitted provided that the following conditions
  12  * are met:
  13  *
  14  * Redistributions of source code must retain the above copyright notice,
  15  * this list of conditions and the following disclaimer.
  16  *
  17  * Redistributions in binary form must reproduce the above copyright notice,
  18  * this list of conditions and the following disclaimer in the documentation
  19  * and/or other materials provided with the distribution.
  20  *
  21  * Neither the name of the NLNET LABS nor the names of its contributors may
  22  * be used to endorse or promote products derived from this software without
  23  * specific prior written permission.
  24  *
  25  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  26  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  27  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  28  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  29  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  30  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
  31  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  32  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  33  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  34  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  35  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  36  */
  37
  38 %{
  39 #include "config.h"
  40
  41 #include <stdarg.h>
  42 #include <stdio.h>
  43 #include <string.h>
  44 #include <stdlib.h>
  45 #include <assert.h>
  46
  47 #include "util/configyyrename.h"
  48 #include "util/config_file.h"
  49 #include "util/net_help.h"
  50
  51 int ub_c_lex(void);
  52 void ub_c_error(const char *message);
  53
  54 static void validate_respip_action(const char* action);
  55
  56 /* these need to be global, otherwise they cannot be used inside yacc */
  57 extern struct config_parser_state* cfg_parser;
  58
  59 #if 0
  60 #define OUTYY(s)  printf s /* used ONLY when debugging */
  61 #else
  62 #define OUTYY(s)
  63 #endif
  64
  65 %}
  66 %union {
  67         char*   str;
  68 };
  69
  70 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR
  71 %token <str> STRING_ARG
  72 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT
  73 %token VAR_OUTGOING_RANGE VAR_INTERFACE
  74 %token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP
  75 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS
  76 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE
  77 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD
  78 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP
  79 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS
  80 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME
  81 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY
  82 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES
  83 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR
  84 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION
  85 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF
  86 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE
  87 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE
  88 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE
  89 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE
  90 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG
  91 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST
  92 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL
  93 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC
  94 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID
  95 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT
  96 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR
  97 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS
  98 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE
  99 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE
 100 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE
 101 %token VAR_CONTROL_USE_CERT
 102 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT
 103 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII
 104 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN
 105 %token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL
 106 %token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN
 107 %token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH
 108 %token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN
 109 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES
 110 %token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
 111 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST
 112 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM
 113 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN
 114 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE
 115 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES
 116 %token VAR_INFRA_CACHE_MIN_RTT
 117 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL
 118 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH
 119 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION
 120 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION
 121 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES
 122 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES
 123 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES
 124 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES
 125 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES
 126 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES
 127 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA
 128 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT
 129 %token VAR_DISABLE_DNSSEC_LAME_CHECK
 130 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE
 131 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE
 132 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN
 133 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR
 134 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE
 135 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE
 136 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6
 137 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN
 138 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND
 139 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG
 140 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION
 141 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW
 142 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_FAKE_DSA VAR_FAKE_SHA1
 143 %token VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR VAR_TRUST_ANCHOR_SIGNALING
 144 %token VAR_USE_SYSTEMD VAR_SHM_ENABLE VAR_SHM_KEY
 145 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER
 146 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT
 147 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE
 148 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS
 149 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE
 150 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS
 151 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS
 152 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT
 153 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED
 154 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM
 155
 156 %%
 157 toplevelvars: /* empty */ | toplevelvars toplevelvar ;
 158 toplevelvar: serverstart contents_server | stubstart contents_stub |
 159         forwardstart contents_forward | pythonstart contents_py |
 160         rcstart contents_rc | dtstart contents_dt | viewstart
 161         contents_view |
 162         dnscstart contents_dnsc |
 163         cachedbstart contents_cachedb
 164         ;
 165
 166 /* server: declaration */
 167 serverstart: VAR_SERVER
 168         {
 169                 OUTYY(("\nP(server:)\n"));
 170         }
 171         ;
 172 contents_server: contents_server content_server
 173         | ;
 174 content_server: server_num_threads | server_verbosity | server_port |
 175         server_outgoing_range | server_do_ip4 |
 176         server_do_ip6 | server_prefer_ip6 |
 177         server_do_udp | server_do_tcp |
 178         server_tcp_mss | server_outgoing_tcp_mss |
 179         server_interface | server_chroot | server_username |
 180         server_directory | server_logfile | server_pidfile |
 181         server_msg_cache_size | server_msg_cache_slabs |
 182         server_num_queries_per_thread | server_rrset_cache_size |
 183         server_rrset_cache_slabs | server_outgoing_num_tcp |
 184         server_infra_host_ttl | server_infra_lame_ttl |
 185         server_infra_cache_slabs | server_infra_cache_numhosts |
 186         server_infra_cache_lame_size | server_target_fetch_policy |
 187         server_harden_short_bufsize | server_harden_large_queries |
 188         server_do_not_query_address | server_hide_identity |
 189         server_hide_version | server_identity | server_version |
 190         server_harden_glue | server_module_conf | server_trust_anchor_file |
 191         server_trust_anchor | server_val_override_date | server_bogus_ttl |
 192         server_val_clean_additional | server_val_permissive_mode |
 193         server_incoming_num_tcp | server_msg_buffer_size |
 194         server_key_cache_size | server_key_cache_slabs |
 195         server_trusted_keys_file | server_val_nsec3_keysize_iterations |
 196         server_use_syslog | server_outgoing_interface | server_root_hints |
 197         server_do_not_query_localhost | server_cache_max_ttl |
 198         server_harden_dnssec_stripped | server_access_control |
 199         server_local_zone | server_local_data | server_interface_automatic |
 200         server_statistics_interval | server_do_daemonize |
 201         server_use_caps_for_id | server_statistics_cumulative |
 202         server_outgoing_port_permit | server_outgoing_port_avoid |
 203         server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size |
 204         server_harden_referral_path | server_private_address |
 205         server_private_domain | server_extended_statistics |
 206         server_local_data_ptr | server_jostle_timeout |
 207         server_unwanted_reply_threshold | server_log_time_ascii |
 208         server_domain_insecure | server_val_sig_skew_min |
 209         server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level |
 210         server_auto_trust_anchor_file | server_add_holddown |
 211         server_del_holddown | server_keep_missing | server_so_rcvbuf |
 212         server_edns_buffer_size | server_prefetch | server_prefetch_key |
 213         server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag |
 214         server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream |
 215         server_ssl_service_key | server_ssl_service_pem | server_ssl_port |
 216         server_minimal_responses | server_rrset_roundrobin | server_max_udp_size |
 217         server_so_reuseport | server_delay_close |
 218         server_unblock_lan_zones | server_insecure_lan_zones |
 219         server_dns64_prefix | server_dns64_synthall |
 220         server_infra_cache_min_rtt | server_harden_algo_downgrade |
 221         server_ip_transparent | server_ip_ratelimit | server_ratelimit |
 222         server_ip_ratelimit_slabs | server_ratelimit_slabs |
 223         server_ip_ratelimit_size | server_ratelimit_size |
 224         server_ratelimit_for_domain |
 225         server_ratelimit_below_domain | server_ratelimit_factor |
 226         server_ip_ratelimit_factor | server_send_client_subnet |
 227         server_client_subnet_zone | server_client_subnet_always_forward |
 228         server_client_subnet_opcode |
 229         server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 |
 230         server_caps_whitelist | server_cache_max_negative_ttl |
 231         server_permit_small_holddown | server_qname_minimisation |
 232         server_ip_freebind | server_define_tag | server_local_zone_tag |
 233         server_disable_dnssec_lame_check | server_access_control_tag |
 234         server_local_zone_override | server_access_control_tag_action |
 235         server_access_control_tag_data | server_access_control_view |
 236         server_qname_minimisation_strict | server_serve_expired |
 237         server_fake_dsa | server_log_identity | server_use_systemd |
 238         server_response_ip_tag | server_response_ip | server_response_ip_data |
 239         server_shm_enable | server_shm_key | server_fake_sha1 |
 240         server_hide_trustanchor | server_trust_anchor_signaling |
 241         server_ipsecmod_enabled | server_ipsecmod_hook |
 242         server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl |
 243         server_ipsecmod_whitelist | server_ipsecmod_strict |
 244         server_udp_upstream_without_downstream
 245         ;
 246 stubstart: VAR_STUB_ZONE
 247         {
 248                 struct config_stub* s;
 249                 OUTYY(("\nP(stub_zone:)\n"));
 250                 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
 251                 if(s) {
 252                         s->next = cfg_parser->cfg->stubs;
 253                         cfg_parser->cfg->stubs = s;
 254                 } else
 255                         yyerror("out of memory");
 256         }
 257         ;
 258 contents_stub: contents_stub content_stub
 259         | ;
 260 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first |
 261         stub_ssl_upstream
 262         ;
 263 forwardstart: VAR_FORWARD_ZONE
 264         {
 265                 struct config_stub* s;
 266                 OUTYY(("\nP(forward_zone:)\n"));
 267                 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
 268                 if(s) {
 269                         s->next = cfg_parser->cfg->forwards;
 270                         cfg_parser->cfg->forwards = s;
 271                 } else
 272                         yyerror("out of memory");
 273         }
 274         ;
 275 contents_forward: contents_forward content_forward
 276         | ;
 277 content_forward: forward_name | forward_host | forward_addr | forward_first |
 278         forward_ssl_upstream
 279         ;
 280 viewstart: VAR_VIEW
 281         {
 282                 struct config_view* s;
 283                 OUTYY(("\nP(view:)\n"));
 284                 s = (struct config_view*)calloc(1, sizeof(struct config_view));
 285                 if(s) {
 286                         s->next = cfg_parser->cfg->views;
 287                         if(s->next && !s->next->name)
 288                                 yyerror("view without name");
 289                         cfg_parser->cfg->views = s;
 290                 } else
 291                         yyerror("out of memory");
 292         }
 293         ;
 294 contents_view: contents_view content_view
 295         | ;
 296 content_view: view_name | view_local_zone | view_local_data | view_first |
 297                 view_response_ip | view_response_ip_data | view_local_data_ptr
 298         ;
 299 server_num_threads: VAR_NUM_THREADS STRING_ARG
 300         {
 301                 OUTYY(("P(server_num_threads:%s)\n", $2));
 302                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 303                         yyerror("number expected");
 304                 else cfg_parser->cfg->num_threads = atoi($2);
 305                 free($2);
 306         }
 307         ;
 308 server_verbosity: VAR_VERBOSITY STRING_ARG
 309         {
 310                 OUTYY(("P(server_verbosity:%s)\n", $2));
 311                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 312                         yyerror("number expected");
 313                 else cfg_parser->cfg->verbosity = atoi($2);
 314                 free($2);
 315         }
 316         ;
 317 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG
 318         {
 319                 OUTYY(("P(server_statistics_interval:%s)\n", $2));
 320                 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
 321                         cfg_parser->cfg->stat_interval = 0;
 322                 else if(atoi($2) == 0)
 323                         yyerror("number expected");
 324                 else cfg_parser->cfg->stat_interval = atoi($2);
 325                 free($2);
 326         }
 327         ;
 328 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG
 329         {
 330                 OUTYY(("P(server_statistics_cumulative:%s)\n", $2));
 331                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 332                         yyerror("expected yes or no.");
 333                 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0);
 334                 free($2);
 335         }
 336         ;
 337 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG
 338         {
 339                 OUTYY(("P(server_extended_statistics:%s)\n", $2));
 340                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 341                         yyerror("expected yes or no.");
 342                 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0);
 343                 free($2);
 344         }
 345         ;
 346 server_shm_enable: VAR_SHM_ENABLE STRING_ARG
 347         {
 348                 OUTYY(("P(server_shm_enable:%s)\n", $2));
 349                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 350                         yyerror("expected yes or no.");
 351                 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0);
 352                 free($2);
 353         }
 354         ;
 355 server_shm_key: VAR_SHM_KEY STRING_ARG
 356         {
 357                 OUTYY(("P(server_shm_key:%s)\n", $2));
 358                 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
 359                         cfg_parser->cfg->shm_key = 0;
 360                 else if(atoi($2) == 0)
 361                         yyerror("number expected");
 362                 else cfg_parser->cfg->shm_key = atoi($2);
 363                 free($2);
 364         }
 365         ;
 366 server_port: VAR_PORT STRING_ARG
 367         {
 368                 OUTYY(("P(server_port:%s)\n", $2));
 369                 if(atoi($2) == 0)
 370                         yyerror("port number expected");
 371                 else cfg_parser->cfg->port = atoi($2);
 372                 free($2);
 373         }
 374         ;
 375 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG
 376         {
 377         #ifdef CLIENT_SUBNET
 378                 OUTYY(("P(server_send_client_subnet:%s)\n", $2));
 379                 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2))
 380                         fatal_exit("out of memory adding client-subnet");
 381         #else
 382                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
 383         #endif
 384         }
 385         ;
 386 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG
 387         {
 388         #ifdef CLIENT_SUBNET
 389                 OUTYY(("P(server_client_subnet_zone:%s)\n", $2));
 390                 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone,
 391                         $2))
 392                         fatal_exit("out of memory adding client-subnet-zone");
 393         #else
 394                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
 395         #endif
 396         }
 397         ;
 398 server_client_subnet_always_forward:
 399         VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG
 400         {
 401         #ifdef CLIENT_SUBNET
 402                 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2));
 403                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 404                         yyerror("expected yes or no.");
 405                 else
 406                         cfg_parser->cfg->client_subnet_always_forward =
 407                                 (strcmp($2, "yes")==0);
 408         #else
 409                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
 410         #endif
 411                 free($2);
 412         }
 413         ;
 414 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG
 415         {
 416         #ifdef CLIENT_SUBNET
 417                 OUTYY(("P(client_subnet_opcode:%s)\n", $2));
 418                 OUTYY(("P(Deprecated option, ignoring)\n"));
 419         #else
 420                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
 421         #endif
 422                 free($2);
 423         }
 424         ;
 425 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG
 426         {
 427         #ifdef CLIENT_SUBNET
 428                 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2));
 429                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 430                         yyerror("IPv4 subnet length expected");
 431                 else if (atoi($2) > 32)
 432                         cfg_parser->cfg->max_client_subnet_ipv4 = 32;
 433                 else if (atoi($2) < 0)
 434                         cfg_parser->cfg->max_client_subnet_ipv4 = 0;
 435                 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2);
 436         #else
 437                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
 438         #endif
 439                 free($2);
 440         }
 441         ;
 442 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG
 443         {
 444         #ifdef CLIENT_SUBNET
 445                 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2));
 446                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 447                         yyerror("Ipv6 subnet length expected");
 448                 else if (atoi($2) > 128)
 449                         cfg_parser->cfg->max_client_subnet_ipv6 = 128;
 450                 else if (atoi($2) < 0)
 451                         cfg_parser->cfg->max_client_subnet_ipv6 = 0;
 452                 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2);
 453         #else
 454                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
 455         #endif
 456                 free($2);
 457         }
 458         ;
 459 server_interface: VAR_INTERFACE STRING_ARG
 460         {
 461                 OUTYY(("P(server_interface:%s)\n", $2));
 462                 if(cfg_parser->cfg->num_ifs == 0)
 463                         cfg_parser->cfg->ifs = calloc(1, sizeof(char*));
 464                 else    cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs,
 465                                 (cfg_parser->cfg->num_ifs+1)*sizeof(char*));
 466                 if(!cfg_parser->cfg->ifs)
 467                         yyerror("out of memory");
 468                 else
 469                         cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2;
 470         }
 471         ;
 472 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG
 473         {
 474                 OUTYY(("P(server_outgoing_interface:%s)\n", $2));
 475                 if(cfg_parser->cfg->num_out_ifs == 0)
 476                         cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*));
 477                 else    cfg_parser->cfg->out_ifs = realloc(
 478                         cfg_parser->cfg->out_ifs,
 479                         (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*));
 480                 if(!cfg_parser->cfg->out_ifs)
 481                         yyerror("out of memory");
 482                 else
 483                         cfg_parser->cfg->out_ifs[
 484                                 cfg_parser->cfg->num_out_ifs++] = $2;
 485         }
 486         ;
 487 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG
 488         {
 489                 OUTYY(("P(server_outgoing_range:%s)\n", $2));
 490                 if(atoi($2) == 0)
 491                         yyerror("number expected");
 492                 else cfg_parser->cfg->outgoing_num_ports = atoi($2);
 493                 free($2);
 494         }
 495         ;
 496 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG
 497         {
 498                 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2));
 499                 if(!cfg_mark_ports($2, 1,
 500                         cfg_parser->cfg->outgoing_avail_ports, 65536))
 501                         yyerror("port number or range (\"low-high\") expected");
 502                 free($2);
 503         }
 504         ;
 505 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG
 506         {
 507                 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2));
 508                 if(!cfg_mark_ports($2, 0,
 509                         cfg_parser->cfg->outgoing_avail_ports, 65536))
 510                         yyerror("port number or range (\"low-high\") expected");
 511                 free($2);
 512         }
 513         ;
 514 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG
 515         {
 516                 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2));
 517                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 518                         yyerror("number expected");
 519                 else cfg_parser->cfg->outgoing_num_tcp = atoi($2);
 520                 free($2);
 521         }
 522         ;
 523 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG
 524         {
 525                 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2));
 526                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 527                         yyerror("number expected");
 528                 else cfg_parser->cfg->incoming_num_tcp = atoi($2);
 529                 free($2);
 530         }
 531         ;
 532 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG
 533         {
 534                 OUTYY(("P(server_interface_automatic:%s)\n", $2));
 535                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 536                         yyerror("expected yes or no.");
 537                 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0);
 538                 free($2);
 539         }
 540         ;
 541 server_do_ip4: VAR_DO_IP4 STRING_ARG
 542         {
 543                 OUTYY(("P(server_do_ip4:%s)\n", $2));
 544                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 545                         yyerror("expected yes or no.");
 546                 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0);
 547                 free($2);
 548         }
 549         ;
 550 server_do_ip6: VAR_DO_IP6 STRING_ARG
 551         {
 552                 OUTYY(("P(server_do_ip6:%s)\n", $2));
 553                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 554                         yyerror("expected yes or no.");
 555                 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0);
 556                 free($2);
 557         }
 558         ;
 559 server_do_udp: VAR_DO_UDP STRING_ARG
 560         {
 561                 OUTYY(("P(server_do_udp:%s)\n", $2));
 562                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 563                         yyerror("expected yes or no.");
 564                 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0);
 565                 free($2);
 566         }
 567         ;
 568 server_do_tcp: VAR_DO_TCP STRING_ARG
 569         {
 570                 OUTYY(("P(server_do_tcp:%s)\n", $2));
 571                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 572                         yyerror("expected yes or no.");
 573                 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0);
 574                 free($2);
 575         }
 576         ;
 577 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG
 578         {
 579                 OUTYY(("P(server_prefer_ip6:%s)\n", $2));
 580                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 581                         yyerror("expected yes or no.");
 582                 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0);
 583                 free($2);
 584         }
 585         ;
 586 server_tcp_mss: VAR_TCP_MSS STRING_ARG
 587         {
 588                 OUTYY(("P(server_tcp_mss:%s)\n", $2));
 589                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 590                         yyerror("number expected");
 591                 else cfg_parser->cfg->tcp_mss = atoi($2);
 592                 free($2);
 593         }
 594         ;
 595 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG
 596         {
 597                 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2));
 598                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 599                         yyerror("number expected");
 600                 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2);
 601                 free($2);
 602         }
 603         ;
 604 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG
 605         {
 606                 OUTYY(("P(server_tcp_upstream:%s)\n", $2));
 607                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 608                         yyerror("expected yes or no.");
 609                 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0);
 610                 free($2);
 611         }
 612         ;
 613 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG
 614         {
 615                 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2));
 616                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 617                         yyerror("expected yes or no.");
 618                 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0);
 619                 free($2);
 620         }
 621         ;
 622 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG
 623         {
 624                 OUTYY(("P(server_ssl_upstream:%s)\n", $2));
 625                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 626                         yyerror("expected yes or no.");
 627                 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0);
 628                 free($2);
 629         }
 630         ;
 631 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG
 632         {
 633                 OUTYY(("P(server_ssl_service_key:%s)\n", $2));
 634                 free(cfg_parser->cfg->ssl_service_key);
 635                 cfg_parser->cfg->ssl_service_key = $2;
 636         }
 637         ;
 638 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG
 639         {
 640                 OUTYY(("P(server_ssl_service_pem:%s)\n", $2));
 641                 free(cfg_parser->cfg->ssl_service_pem);
 642                 cfg_parser->cfg->ssl_service_pem = $2;
 643         }
 644         ;
 645 server_ssl_port: VAR_SSL_PORT STRING_ARG
 646         {
 647                 OUTYY(("P(server_ssl_port:%s)\n", $2));
 648                 if(atoi($2) == 0)
 649                         yyerror("port number expected");
 650                 else cfg_parser->cfg->ssl_port = atoi($2);
 651                 free($2);
 652         }
 653         ;
 654 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG
 655         {
 656                 OUTYY(("P(server_use_systemd:%s)\n", $2));
 657                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 658                         yyerror("expected yes or no.");
 659                 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0);
 660                 free($2);
 661         }
 662         ;
 663 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG
 664         {
 665                 OUTYY(("P(server_do_daemonize:%s)\n", $2));
 666                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 667                         yyerror("expected yes or no.");
 668                 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0);
 669                 free($2);
 670         }
 671         ;
 672 server_use_syslog: VAR_USE_SYSLOG STRING_ARG
 673         {
 674                 OUTYY(("P(server_use_syslog:%s)\n", $2));
 675                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 676                         yyerror("expected yes or no.");
 677                 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0);
 678 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS)
 679                 if(strcmp($2, "yes") == 0)
 680                         yyerror("no syslog services are available. "
 681                                 "(reconfigure and compile to add)");
 682 #endif
 683                 free($2);
 684         }
 685         ;
 686 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG
 687         {
 688                 OUTYY(("P(server_log_time_ascii:%s)\n", $2));
 689                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 690                         yyerror("expected yes or no.");
 691                 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0);
 692                 free($2);
 693         }
 694         ;
 695 server_log_queries: VAR_LOG_QUERIES STRING_ARG
 696         {
 697                 OUTYY(("P(server_log_queries:%s)\n", $2));
 698                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 699                         yyerror("expected yes or no.");
 700                 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0);
 701                 free($2);
 702         }
 703         ;
 704 server_log_replies: VAR_LOG_REPLIES STRING_ARG
 705   {
 706         OUTYY(("P(server_log_replies:%s)\n", $2));
 707         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 708                 yyerror("expected yes or no.");
 709         else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0);
 710         free($2);
 711   }
 712   ;
 713 server_chroot: VAR_CHROOT STRING_ARG
 714         {
 715                 OUTYY(("P(server_chroot:%s)\n", $2));
 716                 free(cfg_parser->cfg->chrootdir);
 717                 cfg_parser->cfg->chrootdir = $2;
 718         }
 719         ;
 720 server_username: VAR_USERNAME STRING_ARG
 721         {
 722                 OUTYY(("P(server_username:%s)\n", $2));
 723                 free(cfg_parser->cfg->username);
 724                 cfg_parser->cfg->username = $2;
 725         }
 726         ;
 727 server_directory: VAR_DIRECTORY STRING_ARG
 728         {
 729                 OUTYY(("P(server_directory:%s)\n", $2));
 730                 free(cfg_parser->cfg->directory);
 731                 cfg_parser->cfg->directory = $2;
 732                 /* change there right away for includes relative to this */
 733                 if($2[0]) {
 734                         char* d;
 735 #ifdef UB_ON_WINDOWS
 736                         w_config_adjust_directory(cfg_parser->cfg);
 737 #endif
 738                         d = cfg_parser->cfg->directory;
 739                         /* adjust directory if we have already chroot,
 740                          * like, we reread after sighup */
 741                         if(cfg_parser->chroot && cfg_parser->chroot[0] &&
 742                                 strncmp(d, cfg_parser->chroot, strlen(
 743                                 cfg_parser->chroot)) == 0)
 744                                 d += strlen(cfg_parser->chroot);
 745                         if(d[0]) {
 746                             if(chdir(d))
 747                                 log_err("cannot chdir to directory: %s (%s)",
 748                                         d, strerror(errno));
 749                         }
 750                 }
 751         }
 752         ;
 753 server_logfile: VAR_LOGFILE STRING_ARG
 754         {
 755                 OUTYY(("P(server_logfile:%s)\n", $2));
 756                 free(cfg_parser->cfg->logfile);
 757                 cfg_parser->cfg->logfile = $2;
 758                 cfg_parser->cfg->use_syslog = 0;
 759         }
 760         ;
 761 server_pidfile: VAR_PIDFILE STRING_ARG
 762         {
 763                 OUTYY(("P(server_pidfile:%s)\n", $2));
 764                 free(cfg_parser->cfg->pidfile);
 765                 cfg_parser->cfg->pidfile = $2;
 766         }
 767         ;
 768 server_root_hints: VAR_ROOT_HINTS STRING_ARG
 769         {
 770                 OUTYY(("P(server_root_hints:%s)\n", $2));
 771                 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2))
 772                         yyerror("out of memory");
 773         }
 774         ;
 775 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG
 776         {
 777                 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2));
 778                 free(cfg_parser->cfg->dlv_anchor_file);
 779                 cfg_parser->cfg->dlv_anchor_file = $2;
 780         }
 781         ;
 782 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG
 783         {
 784                 OUTYY(("P(server_dlv_anchor:%s)\n", $2));
 785                 if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, $2))
 786                         yyerror("out of memory");
 787         }
 788         ;
 789 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG
 790         {
 791                 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2));
 792                 if(!cfg_strlist_insert(&cfg_parser->cfg->
 793                         auto_trust_anchor_file_list, $2))
 794                         yyerror("out of memory");
 795         }
 796         ;
 797 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG
 798         {
 799                 OUTYY(("P(server_trust_anchor_file:%s)\n", $2));
 800                 if(!cfg_strlist_insert(&cfg_parser->cfg->
 801                         trust_anchor_file_list, $2))
 802                         yyerror("out of memory");
 803         }
 804         ;
 805 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG
 806         {
 807                 OUTYY(("P(server_trusted_keys_file:%s)\n", $2));
 808                 if(!cfg_strlist_insert(&cfg_parser->cfg->
 809                         trusted_keys_file_list, $2))
 810                         yyerror("out of memory");
 811         }
 812         ;
 813 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG
 814         {
 815                 OUTYY(("P(server_trust_anchor:%s)\n", $2));
 816                 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2))
 817                         yyerror("out of memory");
 818         }
 819         ;
 820 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG
 821         {
 822                 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2));
 823                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 824                         yyerror("expected yes or no.");
 825                 else
 826                         cfg_parser->cfg->trust_anchor_signaling =
 827                                 (strcmp($2, "yes")==0);
 828                 free($2);
 829         }
 830         ;
 831 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG
 832         {
 833                 OUTYY(("P(server_domain_insecure:%s)\n", $2));
 834                 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2))
 835                         yyerror("out of memory");
 836         }
 837         ;
 838 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG
 839         {
 840                 OUTYY(("P(server_hide_identity:%s)\n", $2));
 841                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 842                         yyerror("expected yes or no.");
 843                 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0);
 844                 free($2);
 845         }
 846         ;
 847 server_hide_version: VAR_HIDE_VERSION STRING_ARG
 848         {
 849                 OUTYY(("P(server_hide_version:%s)\n", $2));
 850                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 851                         yyerror("expected yes or no.");
 852                 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0);
 853                 free($2);
 854         }
 855         ;
 856 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG
 857         {
 858                 OUTYY(("P(server_hide_trustanchor:%s)\n", $2));
 859                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 860                         yyerror("expected yes or no.");
 861                 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0);
 862                 free($2);
 863         }
 864         ;
 865 server_identity: VAR_IDENTITY STRING_ARG
 866         {
 867                 OUTYY(("P(server_identity:%s)\n", $2));
 868                 free(cfg_parser->cfg->identity);
 869                 cfg_parser->cfg->identity = $2;
 870         }
 871         ;
 872 server_version: VAR_VERSION STRING_ARG
 873         {
 874                 OUTYY(("P(server_version:%s)\n", $2));
 875                 free(cfg_parser->cfg->version);
 876                 cfg_parser->cfg->version = $2;
 877         }
 878         ;
 879 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG
 880         {
 881                 OUTYY(("P(server_so_rcvbuf:%s)\n", $2));
 882                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf))
 883                         yyerror("buffer size expected");
 884                 free($2);
 885         }
 886         ;
 887 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG
 888         {
 889                 OUTYY(("P(server_so_sndbuf:%s)\n", $2));
 890                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf))
 891                         yyerror("buffer size expected");
 892                 free($2);
 893         }
 894         ;
 895 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG
 896     {
 897         OUTYY(("P(server_so_reuseport:%s)\n", $2));
 898         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 899             yyerror("expected yes or no.");
 900         else cfg_parser->cfg->so_reuseport =
 901             (strcmp($2, "yes")==0);
 902         free($2);
 903     }
 904     ;
 905 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG
 906     {
 907         OUTYY(("P(server_ip_transparent:%s)\n", $2));
 908         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 909             yyerror("expected yes or no.");
 910         else cfg_parser->cfg->ip_transparent =
 911             (strcmp($2, "yes")==0);
 912         free($2);
 913     }
 914     ;
 915 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG
 916     {
 917         OUTYY(("P(server_ip_freebind:%s)\n", $2));
 918         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
 919             yyerror("expected yes or no.");
 920         else cfg_parser->cfg->ip_freebind =
 921             (strcmp($2, "yes")==0);
 922         free($2);
 923     }
 924     ;
 925 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG
 926         {
 927                 OUTYY(("P(server_edns_buffer_size:%s)\n", $2));
 928                 if(atoi($2) == 0)
 929                         yyerror("number expected");
 930                 else if (atoi($2) < 12)
 931                         yyerror("edns buffer size too small");
 932                 else if (atoi($2) > 65535)
 933                         cfg_parser->cfg->edns_buffer_size = 65535;
 934                 else cfg_parser->cfg->edns_buffer_size = atoi($2);
 935                 free($2);
 936         }
 937         ;
 938 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG
 939         {
 940                 OUTYY(("P(server_msg_buffer_size:%s)\n", $2));
 941                 if(atoi($2) == 0)
 942                         yyerror("number expected");
 943                 else if (atoi($2) < 4096)
 944                         yyerror("message buffer size too small (use 4096)");
 945                 else cfg_parser->cfg->msg_buffer_size = atoi($2);
 946                 free($2);
 947         }
 948         ;
 949 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG
 950         {
 951                 OUTYY(("P(server_msg_cache_size:%s)\n", $2));
 952                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size))
 953                         yyerror("memory size expected");
 954                 free($2);
 955         }
 956         ;
 957 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG
 958         {
 959                 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2));
 960                 if(atoi($2) == 0)
 961                         yyerror("number expected");
 962                 else {
 963                         cfg_parser->cfg->msg_cache_slabs = atoi($2);
 964                         if(!is_pow2(cfg_parser->cfg->msg_cache_slabs))
 965                                 yyerror("must be a power of 2");
 966                 }
 967                 free($2);
 968         }
 969         ;
 970 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG
 971         {
 972                 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2));
 973                 if(atoi($2) == 0)
 974                         yyerror("number expected");
 975                 else cfg_parser->cfg->num_queries_per_thread = atoi($2);
 976                 free($2);
 977         }
 978         ;
 979 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG
 980         {
 981                 OUTYY(("P(server_jostle_timeout:%s)\n", $2));
 982                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 983                         yyerror("number expected");
 984                 else cfg_parser->cfg->jostle_time = atoi($2);
 985                 free($2);
 986         }
 987         ;
 988 server_delay_close: VAR_DELAY_CLOSE STRING_ARG
 989         {
 990                 OUTYY(("P(server_delay_close:%s)\n", $2));
 991                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
 992                         yyerror("number expected");
 993                 else cfg_parser->cfg->delay_close = atoi($2);
 994                 free($2);
 995         }
 996         ;
 997 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG
 998         {
 999                 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2));
1000                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1001                         yyerror("expected yes or no.");
1002                 else cfg_parser->cfg->unblock_lan_zones =
1003                         (strcmp($2, "yes")==0);
1004                 free($2);
1005         }
1006         ;
1007 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG
1008         {
1009                 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2));
1010                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1011                         yyerror("expected yes or no.");
1012                 else cfg_parser->cfg->insecure_lan_zones =
1013                         (strcmp($2, "yes")==0);
1014                 free($2);
1015         }
1016         ;
1017 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG
1018         {
1019                 OUTYY(("P(server_rrset_cache_size:%s)\n", $2));
1020                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size))
1021                         yyerror("memory size expected");
1022                 free($2);
1023         }
1024         ;
1025 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG
1026         {
1027                 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2));
1028                 if(atoi($2) == 0)
1029                         yyerror("number expected");
1030                 else {
1031                         cfg_parser->cfg->rrset_cache_slabs = atoi($2);
1032                         if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs))
1033                                 yyerror("must be a power of 2");
1034                 }
1035                 free($2);
1036         }
1037         ;
1038 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG
1039         {
1040                 OUTYY(("P(server_infra_host_ttl:%s)\n", $2));
1041                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1042                         yyerror("number expected");
1043                 else cfg_parser->cfg->host_ttl = atoi($2);
1044                 free($2);
1045         }
1046         ;
1047 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG
1048         {
1049                 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2));
1050                 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option "
1051                         "removed, use infra-host-ttl)", $2);
1052                 free($2);
1053         }
1054         ;
1055 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG
1056         {
1057                 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2));
1058                 if(atoi($2) == 0)
1059                         yyerror("number expected");
1060                 else cfg_parser->cfg->infra_cache_numhosts = atoi($2);
1061                 free($2);
1062         }
1063         ;
1064 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG
1065         {
1066                 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2));
1067                 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s "
1068                         "(option removed, use infra-cache-numhosts)", $2);
1069                 free($2);
1070         }
1071         ;
1072 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG
1073         {
1074                 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2));
1075                 if(atoi($2) == 0)
1076                         yyerror("number expected");
1077                 else {
1078                         cfg_parser->cfg->infra_cache_slabs = atoi($2);
1079                         if(!is_pow2(cfg_parser->cfg->infra_cache_slabs))
1080                                 yyerror("must be a power of 2");
1081                 }
1082                 free($2);
1083         }
1084         ;
1085 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG
1086         {
1087                 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2));
1088                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1089                         yyerror("number expected");
1090                 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2);
1091                 free($2);
1092         }
1093         ;
1094 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG
1095         {
1096                 OUTYY(("P(server_target_fetch_policy:%s)\n", $2));
1097                 free(cfg_parser->cfg->target_fetch_policy);
1098                 cfg_parser->cfg->target_fetch_policy = $2;
1099         }
1100         ;
1101 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG
1102         {
1103                 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2));
1104                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1105                         yyerror("expected yes or no.");
1106                 else cfg_parser->cfg->harden_short_bufsize =
1107                         (strcmp($2, "yes")==0);
1108                 free($2);
1109         }
1110         ;
1111 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG
1112         {
1113                 OUTYY(("P(server_harden_large_queries:%s)\n", $2));
1114                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1115                         yyerror("expected yes or no.");
1116                 else cfg_parser->cfg->harden_large_queries =
1117                         (strcmp($2, "yes")==0);
1118                 free($2);
1119         }
1120         ;
1121 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG
1122         {
1123                 OUTYY(("P(server_harden_glue:%s)\n", $2));
1124                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1125                         yyerror("expected yes or no.");
1126                 else cfg_parser->cfg->harden_glue =
1127                         (strcmp($2, "yes")==0);
1128                 free($2);
1129         }
1130         ;
1131 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG
1132         {
1133                 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2));
1134                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1135                         yyerror("expected yes or no.");
1136                 else cfg_parser->cfg->harden_dnssec_stripped =
1137                         (strcmp($2, "yes")==0);
1138                 free($2);
1139         }
1140         ;
1141 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG
1142         {
1143                 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2));
1144                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1145                         yyerror("expected yes or no.");
1146                 else cfg_parser->cfg->harden_below_nxdomain =
1147                         (strcmp($2, "yes")==0);
1148                 free($2);
1149         }
1150         ;
1151 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG
1152         {
1153                 OUTYY(("P(server_harden_referral_path:%s)\n", $2));
1154                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1155                         yyerror("expected yes or no.");
1156                 else cfg_parser->cfg->harden_referral_path =
1157                         (strcmp($2, "yes")==0);
1158                 free($2);
1159         }
1160         ;
1161 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG
1162         {
1163                 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2));
1164                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1165                         yyerror("expected yes or no.");
1166                 else cfg_parser->cfg->harden_algo_downgrade =
1167                         (strcmp($2, "yes")==0);
1168                 free($2);
1169         }
1170         ;
1171 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG
1172         {
1173                 OUTYY(("P(server_use_caps_for_id:%s)\n", $2));
1174                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1175                         yyerror("expected yes or no.");
1176                 else cfg_parser->cfg->use_caps_bits_for_id =
1177                         (strcmp($2, "yes")==0);
1178                 free($2);
1179         }
1180         ;
1181 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG
1182         {
1183                 OUTYY(("P(server_caps_whitelist:%s)\n", $2));
1184                 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2))
1185                         yyerror("out of memory");
1186         }
1187         ;
1188 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG
1189         {
1190                 OUTYY(("P(server_private_address:%s)\n", $2));
1191                 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2))
1192                         yyerror("out of memory");
1193         }
1194         ;
1195 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG
1196         {
1197                 OUTYY(("P(server_private_domain:%s)\n", $2));
1198                 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2))
1199                         yyerror("out of memory");
1200         }
1201         ;
1202 server_prefetch: VAR_PREFETCH STRING_ARG
1203         {
1204                 OUTYY(("P(server_prefetch:%s)\n", $2));
1205                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1206                         yyerror("expected yes or no.");
1207                 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0);
1208                 free($2);
1209         }
1210         ;
1211 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG
1212         {
1213                 OUTYY(("P(server_prefetch_key:%s)\n", $2));
1214                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1215                         yyerror("expected yes or no.");
1216                 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0);
1217                 free($2);
1218         }
1219         ;
1220 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG
1221         {
1222                 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2));
1223                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1224                         yyerror("number expected");
1225                 else cfg_parser->cfg->unwanted_threshold = atoi($2);
1226                 free($2);
1227         }
1228         ;
1229 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG
1230         {
1231                 OUTYY(("P(server_do_not_query_address:%s)\n", $2));
1232                 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2))
1233                         yyerror("out of memory");
1234         }
1235         ;
1236 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG
1237         {
1238                 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2));
1239                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1240                         yyerror("expected yes or no.");
1241                 else cfg_parser->cfg->donotquery_localhost =
1242                         (strcmp($2, "yes")==0);
1243                 free($2);
1244         }
1245         ;
1246 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG
1247         {
1248                 OUTYY(("P(server_access_control:%s %s)\n", $2, $3));
1249                 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 &&
1250                         strcmp($3, "deny_non_local")!=0 &&
1251                         strcmp($3, "refuse_non_local")!=0 &&
1252                         strcmp($3, "allow")!=0 &&
1253                         strcmp($3, "allow_snoop")!=0) {
1254                         yyerror("expected deny, refuse, deny_non_local, "
1255                                 "refuse_non_local, allow or allow_snoop "
1256                                 "in access control action");
1257                 } else {
1258                         if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3))
1259                                 fatal_exit("out of memory adding acl");
1260                 }
1261         }
1262         ;
1263 server_module_conf: VAR_MODULE_CONF STRING_ARG
1264         {
1265                 OUTYY(("P(server_module_conf:%s)\n", $2));
1266                 free(cfg_parser->cfg->module_conf);
1267                 cfg_parser->cfg->module_conf = $2;
1268         }
1269         ;
1270 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG
1271         {
1272                 OUTYY(("P(server_val_override_date:%s)\n", $2));
1273                 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1274                         cfg_parser->cfg->val_date_override = 0;
1275                 } else if(strlen($2) == 14) {
1276                         cfg_parser->cfg->val_date_override =
1277                                 cfg_convert_timeval($2);
1278                         if(!cfg_parser->cfg->val_date_override)
1279                                 yyerror("bad date/time specification");
1280                 } else {
1281                         if(atoi($2) == 0)
1282                                 yyerror("number expected");
1283                         cfg_parser->cfg->val_date_override = atoi($2);
1284                 }
1285                 free($2);
1286         }
1287         ;
1288 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG
1289         {
1290                 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2));
1291                 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1292                         cfg_parser->cfg->val_sig_skew_min = 0;
1293                 } else {
1294                         cfg_parser->cfg->val_sig_skew_min = atoi($2);
1295                         if(!cfg_parser->cfg->val_sig_skew_min)
1296                                 yyerror("number expected");
1297                 }
1298                 free($2);
1299         }
1300         ;
1301 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG
1302         {
1303                 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2));
1304                 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1305                         cfg_parser->cfg->val_sig_skew_max = 0;
1306                 } else {
1307                         cfg_parser->cfg->val_sig_skew_max = atoi($2);
1308                         if(!cfg_parser->cfg->val_sig_skew_max)
1309                                 yyerror("number expected");
1310                 }
1311                 free($2);
1312         }
1313         ;
1314 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG
1315         {
1316                 OUTYY(("P(server_cache_max_ttl:%s)\n", $2));
1317                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1318                         yyerror("number expected");
1319                 else cfg_parser->cfg->max_ttl = atoi($2);
1320                 free($2);
1321         }
1322         ;
1323 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG
1324         {
1325                 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2));
1326                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1327                         yyerror("number expected");
1328                 else cfg_parser->cfg->max_negative_ttl = atoi($2);
1329                 free($2);
1330         }
1331         ;
1332 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG
1333         {
1334                 OUTYY(("P(server_cache_min_ttl:%s)\n", $2));
1335                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1336                         yyerror("number expected");
1337                 else cfg_parser->cfg->min_ttl = atoi($2);
1338                 free($2);
1339         }
1340         ;
1341 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG
1342         {
1343                 OUTYY(("P(server_bogus_ttl:%s)\n", $2));
1344                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1345                         yyerror("number expected");
1346                 else cfg_parser->cfg->bogus_ttl = atoi($2);
1347                 free($2);
1348         }
1349         ;
1350 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG
1351         {
1352                 OUTYY(("P(server_val_clean_additional:%s)\n", $2));
1353                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1354                         yyerror("expected yes or no.");
1355                 else cfg_parser->cfg->val_clean_additional =
1356                         (strcmp($2, "yes")==0);
1357                 free($2);
1358         }
1359         ;
1360 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG
1361         {
1362                 OUTYY(("P(server_val_permissive_mode:%s)\n", $2));
1363                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1364                         yyerror("expected yes or no.");
1365                 else cfg_parser->cfg->val_permissive_mode =
1366                         (strcmp($2, "yes")==0);
1367                 free($2);
1368         }
1369         ;
1370 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG
1371         {
1372                 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2));
1373                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1374                         yyerror("expected yes or no.");
1375                 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0);
1376                 free($2);
1377         }
1378         ;
1379 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG
1380         {
1381                 OUTYY(("P(server_serve_expired:%s)\n", $2));
1382                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1383                         yyerror("expected yes or no.");
1384                 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0);
1385                 free($2);
1386         }
1387         ;
1388 server_fake_dsa: VAR_FAKE_DSA STRING_ARG
1389         {
1390                 OUTYY(("P(server_fake_dsa:%s)\n", $2));
1391                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1392                         yyerror("expected yes or no.");
1393 #ifdef HAVE_SSL
1394                 else fake_dsa = (strcmp($2, "yes")==0);
1395                 if(fake_dsa)
1396                         log_warn("test option fake_dsa is enabled");
1397 #endif
1398                 free($2);
1399         }
1400         ;
1401 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG
1402         {
1403                 OUTYY(("P(server_fake_sha1:%s)\n", $2));
1404                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1405                         yyerror("expected yes or no.");
1406 #ifdef HAVE_SSL
1407                 else fake_sha1 = (strcmp($2, "yes")==0);
1408                 if(fake_sha1)
1409                         log_warn("test option fake_sha1 is enabled");
1410 #endif
1411                 free($2);
1412         }
1413         ;
1414 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG
1415         {
1416                 OUTYY(("P(server_val_log_level:%s)\n", $2));
1417                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1418                         yyerror("number expected");
1419                 else cfg_parser->cfg->val_log_level = atoi($2);
1420                 free($2);
1421         }
1422         ;
1423 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG
1424         {
1425                 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2));
1426                 free(cfg_parser->cfg->val_nsec3_key_iterations);
1427                 cfg_parser->cfg->val_nsec3_key_iterations = $2;
1428         }
1429         ;
1430 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG
1431         {
1432                 OUTYY(("P(server_add_holddown:%s)\n", $2));
1433                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1434                         yyerror("number expected");
1435                 else cfg_parser->cfg->add_holddown = atoi($2);
1436                 free($2);
1437         }
1438         ;
1439 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG
1440         {
1441                 OUTYY(("P(server_del_holddown:%s)\n", $2));
1442                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1443                         yyerror("number expected");
1444                 else cfg_parser->cfg->del_holddown = atoi($2);
1445                 free($2);
1446         }
1447         ;
1448 server_keep_missing: VAR_KEEP_MISSING STRING_ARG
1449         {
1450                 OUTYY(("P(server_keep_missing:%s)\n", $2));
1451                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1452                         yyerror("number expected");
1453                 else cfg_parser->cfg->keep_missing = atoi($2);
1454                 free($2);
1455         }
1456         ;
1457 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG
1458         {
1459                 OUTYY(("P(server_permit_small_holddown:%s)\n", $2));
1460                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1461                         yyerror("expected yes or no.");
1462                 else cfg_parser->cfg->permit_small_holddown =
1463                         (strcmp($2, "yes")==0);
1464                 free($2);
1465         }
1466 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG
1467         {
1468                 OUTYY(("P(server_key_cache_size:%s)\n", $2));
1469                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size))
1470                         yyerror("memory size expected");
1471                 free($2);
1472         }
1473         ;
1474 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG
1475         {
1476                 OUTYY(("P(server_key_cache_slabs:%s)\n", $2));
1477                 if(atoi($2) == 0)
1478                         yyerror("number expected");
1479                 else {
1480                         cfg_parser->cfg->key_cache_slabs = atoi($2);
1481                         if(!is_pow2(cfg_parser->cfg->key_cache_slabs))
1482                                 yyerror("must be a power of 2");
1483                 }
1484                 free($2);
1485         }
1486         ;
1487 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG
1488         {
1489                 OUTYY(("P(server_neg_cache_size:%s)\n", $2));
1490                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size))
1491                         yyerror("memory size expected");
1492                 free($2);
1493         }
1494         ;
1495 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
1496         {
1497                 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3));
1498                 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
1499                    strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
1500                    strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
1501                    && strcmp($3, "typetransparent")!=0
1502                    && strcmp($3, "always_transparent")!=0
1503                    && strcmp($3, "always_refuse")!=0
1504                    && strcmp($3, "always_nxdomain")!=0
1505                    && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
1506                         yyerror("local-zone type: expected static, deny, "
1507                                 "refuse, redirect, transparent, "
1508                                 "typetransparent, inform, inform_deny, "
1509                                 "always_transparent, always_refuse, "
1510                                 "always_nxdomain or nodefault");
1511                 else if(strcmp($3, "nodefault")==0) {
1512                         if(!cfg_strlist_insert(&cfg_parser->cfg->
1513                                 local_zones_nodefault, $2))
1514                                 fatal_exit("out of memory adding local-zone");
1515                         free($3);
1516                 } else {
1517                         if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones,
1518                                 $2, $3))
1519                                 fatal_exit("out of memory adding local-zone");
1520                 }
1521         }
1522         ;
1523 server_local_data: VAR_LOCAL_DATA STRING_ARG
1524         {
1525                 OUTYY(("P(server_local_data:%s)\n", $2));
1526                 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2))
1527                         fatal_exit("out of memory adding local-data");
1528         }
1529         ;
1530 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
1531         {
1532                 char* ptr;
1533                 OUTYY(("P(server_local_data_ptr:%s)\n", $2));
1534                 ptr = cfg_ptr_reverse($2);
1535                 free($2);
1536                 if(ptr) {
1537                         if(!cfg_strlist_insert(&cfg_parser->cfg->
1538                                 local_data, ptr))
1539                                 fatal_exit("out of memory adding local-data");
1540                 } else {
1541                         yyerror("local-data-ptr could not be reversed");
1542                 }
1543         }
1544         ;
1545 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG
1546         {
1547                 OUTYY(("P(server_minimal_responses:%s)\n", $2));
1548                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1549                         yyerror("expected yes or no.");
1550                 else cfg_parser->cfg->minimal_responses =
1551                         (strcmp($2, "yes")==0);
1552                 free($2);
1553         }
1554         ;
1555 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG
1556         {
1557                 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2));
1558                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1559                         yyerror("expected yes or no.");
1560                 else cfg_parser->cfg->rrset_roundrobin =
1561                         (strcmp($2, "yes")==0);
1562                 free($2);
1563         }
1564         ;
1565 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG
1566         {
1567                 OUTYY(("P(server_max_udp_size:%s)\n", $2));
1568                 cfg_parser->cfg->max_udp_size = atoi($2);
1569                 free($2);
1570         }
1571         ;
1572 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG
1573         {
1574                 OUTYY(("P(dns64_prefix:%s)\n", $2));
1575                 free(cfg_parser->cfg->dns64_prefix);
1576                 cfg_parser->cfg->dns64_prefix = $2;
1577         }
1578         ;
1579 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG
1580         {
1581                 OUTYY(("P(server_dns64_synthall:%s)\n", $2));
1582                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1583                         yyerror("expected yes or no.");
1584                 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0);
1585                 free($2);
1586         }
1587         ;
1588 server_define_tag: VAR_DEFINE_TAG STRING_ARG
1589         {
1590                 char* p, *s = $2;
1591                 OUTYY(("P(server_define_tag:%s)\n", $2));
1592                 while((p=strsep(&s, " \t\n")) != NULL) {
1593                         if(*p) {
1594                                 if(!config_add_tag(cfg_parser->cfg, p))
1595                                         yyerror("could not define-tag, "
1596                                                 "out of memory");
1597                         }
1598                 }
1599                 free($2);
1600         }
1601         ;
1602 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG
1603         {
1604                 size_t len = 0;
1605                 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1606                         &len);
1607                 free($3);
1608                 OUTYY(("P(server_local_zone_tag:%s)\n", $2));
1609                 if(!bitlist)
1610                         yyerror("could not parse tags, (define-tag them first)");
1611                 if(bitlist) {
1612                         if(!cfg_strbytelist_insert(
1613                                 &cfg_parser->cfg->local_zone_tags,
1614                                 $2, bitlist, len)) {
1615                                 yyerror("out of memory");
1616                                 free($2);
1617                         }
1618                 }
1619         }
1620         ;
1621 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG
1622         {
1623                 size_t len = 0;
1624                 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1625                         &len);
1626                 free($3);
1627                 OUTYY(("P(server_access_control_tag:%s)\n", $2));
1628                 if(!bitlist)
1629                         yyerror("could not parse tags, (define-tag them first)");
1630                 if(bitlist) {
1631                         if(!cfg_strbytelist_insert(
1632                                 &cfg_parser->cfg->acl_tags,
1633                                 $2, bitlist, len)) {
1634                                 yyerror("out of memory");
1635                                 free($2);
1636                         }
1637                 }
1638         }
1639         ;
1640 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG
1641         {
1642                 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4));
1643                 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions,
1644                         $2, $3, $4)) {
1645                         yyerror("out of memory");
1646                         free($2);
1647                         free($3);
1648                         free($4);
1649                 }
1650         }
1651         ;
1652 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG
1653         {
1654                 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4));
1655                 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas,
1656                         $2, $3, $4)) {
1657                         yyerror("out of memory");
1658                         free($2);
1659                         free($3);
1660                         free($4);
1661                 }
1662         }
1663         ;
1664 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG
1665         {
1666                 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4));
1667                 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides,
1668                         $2, $3, $4)) {
1669                         yyerror("out of memory");
1670                         free($2);
1671                         free($3);
1672                         free($4);
1673                 }
1674         }
1675         ;
1676 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG
1677         {
1678                 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3));
1679                 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view,
1680                         $2, $3)) {
1681                         yyerror("out of memory");
1682                         free($2);
1683                         free($3);
1684                 }
1685         }
1686         ;
1687 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG
1688         {
1689                 size_t len = 0;
1690                 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1691                         &len);
1692                 free($3);
1693                 OUTYY(("P(response_ip_tag:%s)\n", $2));
1694                 if(!bitlist)
1695                         yyerror("could not parse tags, (define-tag them first)");
1696                 if(bitlist) {
1697                         if(!cfg_strbytelist_insert(
1698                                 &cfg_parser->cfg->respip_tags,
1699                                 $2, bitlist, len)) {
1700                                 yyerror("out of memory");
1701                                 free($2);
1702                         }
1703                 }
1704         }
1705         ;
1706 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG
1707         {
1708                 OUTYY(("P(server_ip_ratelimit:%s)\n", $2));
1709                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1710                         yyerror("number expected");
1711                 else cfg_parser->cfg->ip_ratelimit = atoi($2);
1712                 free($2);
1713         }
1714         ;
1715
1716 server_ratelimit: VAR_RATELIMIT STRING_ARG
1717         {
1718                 OUTYY(("P(server_ratelimit:%s)\n", $2));
1719                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1720                         yyerror("number expected");
1721                 else cfg_parser->cfg->ratelimit = atoi($2);
1722                 free($2);
1723         }
1724         ;
1725 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG
1726   {
1727         OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2));
1728         if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size))
1729                 yyerror("memory size expected");
1730         free($2);
1731   }
1732   ;
1733 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG
1734         {
1735                 OUTYY(("P(server_ratelimit_size:%s)\n", $2));
1736                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size))
1737                         yyerror("memory size expected");
1738                 free($2);
1739         }
1740         ;
1741 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG
1742   {
1743         OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2));
1744         if(atoi($2) == 0)
1745                 yyerror("number expected");
1746         else {
1747                 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2);
1748                 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs))
1749                         yyerror("must be a power of 2");
1750         }
1751         free($2);
1752   }
1753   ;
1754 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG
1755         {
1756                 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2));
1757                 if(atoi($2) == 0)
1758                         yyerror("number expected");
1759                 else {
1760                         cfg_parser->cfg->ratelimit_slabs = atoi($2);
1761                         if(!is_pow2(cfg_parser->cfg->ratelimit_slabs))
1762                                 yyerror("must be a power of 2");
1763                 }
1764                 free($2);
1765         }
1766         ;
1767 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG
1768         {
1769                 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3));
1770                 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1771                         yyerror("number expected");
1772                 } else {
1773                         if(!cfg_str2list_insert(&cfg_parser->cfg->
1774                                 ratelimit_for_domain, $2, $3))
1775                                 fatal_exit("out of memory adding "
1776                                         "ratelimit-for-domain");
1777                 }
1778         }
1779         ;
1780 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG
1781         {
1782                 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3));
1783                 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1784                         yyerror("number expected");
1785                 } else {
1786                         if(!cfg_str2list_insert(&cfg_parser->cfg->
1787                                 ratelimit_below_domain, $2, $3))
1788                                 fatal_exit("out of memory adding "
1789                                         "ratelimit-below-domain");
1790                 }
1791         }
1792         ;
1793 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG
1794   {
1795         OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2));
1796         if(atoi($2) == 0 && strcmp($2, "0") != 0)
1797                 yyerror("number expected");
1798         else cfg_parser->cfg->ip_ratelimit_factor = atoi($2);
1799         free($2);
1800         }
1801         ;
1802 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG
1803         {
1804                 OUTYY(("P(server_ratelimit_factor:%s)\n", $2));
1805                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1806                         yyerror("number expected");
1807                 else cfg_parser->cfg->ratelimit_factor = atoi($2);
1808                 free($2);
1809         }
1810         ;
1811 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG
1812         {
1813                 OUTYY(("P(server_qname_minimisation:%s)\n", $2));
1814                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1815                         yyerror("expected yes or no.");
1816                 else cfg_parser->cfg->qname_minimisation =
1817                         (strcmp($2, "yes")==0);
1818                 free($2);
1819         }
1820         ;
1821 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG
1822         {
1823                 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2));
1824                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1825                         yyerror("expected yes or no.");
1826                 else cfg_parser->cfg->qname_minimisation_strict =
1827                         (strcmp($2, "yes")==0);
1828                 free($2);
1829         }
1830         ;
1831 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG
1832         {
1833         #ifdef USE_IPSECMOD
1834                 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2));
1835                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1836                         yyerror("expected yes or no.");
1837                 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0);
1838                 free($2);
1839         #else
1840                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1841         #endif
1842         }
1843         ;
1844 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG
1845         {
1846         #ifdef USE_IPSECMOD
1847                 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2));
1848                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1849                         yyerror("expected yes or no.");
1850                 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0);
1851                 free($2);
1852         #else
1853                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1854         #endif
1855         }
1856         ;
1857 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG
1858         {
1859         #ifdef USE_IPSECMOD
1860                 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2));
1861                 free(cfg_parser->cfg->ipsecmod_hook);
1862                 cfg_parser->cfg->ipsecmod_hook = $2;
1863         #else
1864                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1865         #endif
1866         }
1867         ;
1868 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG
1869         {
1870         #ifdef USE_IPSECMOD
1871                 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2));
1872                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1873                         yyerror("number expected");
1874                 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2);
1875                 free($2);
1876         #else
1877                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1878         #endif
1879         }
1880         ;
1881 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG
1882         {
1883         #ifdef USE_IPSECMOD
1884                 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2));
1885                 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2))
1886                         yyerror("out of memory");
1887         #else
1888                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1889         #endif
1890         }
1891         ;
1892 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG
1893         {
1894         #ifdef USE_IPSECMOD
1895                 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2));
1896                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1897                         yyerror("expected yes or no.");
1898                 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0);
1899                 free($2);
1900         #else
1901                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1902         #endif
1903         }
1904         ;
1905 stub_name: VAR_NAME STRING_ARG
1906         {
1907                 OUTYY(("P(name:%s)\n", $2));
1908                 if(cfg_parser->cfg->stubs->name)
1909                         yyerror("stub name override, there must be one name "
1910                                 "for one stub-zone");
1911                 free(cfg_parser->cfg->stubs->name);
1912                 cfg_parser->cfg->stubs->name = $2;
1913         }
1914         ;
1915 stub_host: VAR_STUB_HOST STRING_ARG
1916         {
1917                 OUTYY(("P(stub-host:%s)\n", $2));
1918                 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2))
1919                         yyerror("out of memory");
1920         }
1921         ;
1922 stub_addr: VAR_STUB_ADDR STRING_ARG
1923         {
1924                 OUTYY(("P(stub-addr:%s)\n", $2));
1925                 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2))
1926                         yyerror("out of memory");
1927         }
1928         ;
1929 stub_first: VAR_STUB_FIRST STRING_ARG
1930         {
1931                 OUTYY(("P(stub-first:%s)\n", $2));
1932                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1933                         yyerror("expected yes or no.");
1934                 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0);
1935                 free($2);
1936         }
1937         ;
1938 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG
1939         {
1940                 OUTYY(("P(stub-ssl-upstream:%s)\n", $2));
1941                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1942                         yyerror("expected yes or no.");
1943                 else cfg_parser->cfg->stubs->ssl_upstream =
1944                         (strcmp($2, "yes")==0);
1945                 free($2);
1946         }
1947         ;
1948 stub_prime: VAR_STUB_PRIME STRING_ARG
1949         {
1950                 OUTYY(("P(stub-prime:%s)\n", $2));
1951                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1952                         yyerror("expected yes or no.");
1953                 else cfg_parser->cfg->stubs->isprime =
1954                         (strcmp($2, "yes")==0);
1955                 free($2);
1956         }
1957         ;
1958 forward_name: VAR_NAME STRING_ARG
1959         {
1960                 OUTYY(("P(name:%s)\n", $2));
1961                 if(cfg_parser->cfg->forwards->name)
1962                         yyerror("forward name override, there must be one "
1963                                 "name for one forward-zone");
1964                 free(cfg_parser->cfg->forwards->name);
1965                 cfg_parser->cfg->forwards->name = $2;
1966         }
1967         ;
1968 forward_host: VAR_FORWARD_HOST STRING_ARG
1969         {
1970                 OUTYY(("P(forward-host:%s)\n", $2));
1971                 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2))
1972                         yyerror("out of memory");
1973         }
1974         ;
1975 forward_addr: VAR_FORWARD_ADDR STRING_ARG
1976         {
1977                 OUTYY(("P(forward-addr:%s)\n", $2));
1978                 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2))
1979                         yyerror("out of memory");
1980         }
1981         ;
1982 forward_first: VAR_FORWARD_FIRST STRING_ARG
1983         {
1984                 OUTYY(("P(forward-first:%s)\n", $2));
1985                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1986                         yyerror("expected yes or no.");
1987                 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0);
1988                 free($2);
1989         }
1990         ;
1991 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG
1992         {
1993                 OUTYY(("P(forward-ssl-upstream:%s)\n", $2));
1994                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1995                         yyerror("expected yes or no.");
1996                 else cfg_parser->cfg->forwards->ssl_upstream =
1997                         (strcmp($2, "yes")==0);
1998                 free($2);
1999         }
2000         ;
2001 view_name: VAR_NAME STRING_ARG
2002         {
2003                 OUTYY(("P(name:%s)\n", $2));
2004                 if(cfg_parser->cfg->views->name)
2005                         yyerror("view name override, there must be one "
2006                                 "name for one view");
2007                 free(cfg_parser->cfg->views->name);
2008                 cfg_parser->cfg->views->name = $2;
2009         }
2010         ;
2011 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
2012         {
2013                 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3));
2014                 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
2015                    strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
2016                    strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
2017                    && strcmp($3, "typetransparent")!=0
2018                    && strcmp($3, "always_transparent")!=0
2019                    && strcmp($3, "always_refuse")!=0
2020                    && strcmp($3, "always_nxdomain")!=0
2021                    && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
2022                         yyerror("local-zone type: expected static, deny, "
2023                                 "refuse, redirect, transparent, "
2024                                 "typetransparent, inform, inform_deny, "
2025                                 "always_transparent, always_refuse, "
2026                                 "always_nxdomain or nodefault");
2027                 else if(strcmp($3, "nodefault")==0) {
2028                         if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2029                                 local_zones_nodefault, $2))
2030                                 fatal_exit("out of memory adding local-zone");
2031                         free($3);
2032                 } else {
2033                         if(!cfg_str2list_insert(
2034                                 &cfg_parser->cfg->views->local_zones,
2035                                 $2, $3))
2036                                 fatal_exit("out of memory adding local-zone");
2037                 }
2038         }
2039         ;
2040 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2041         {
2042                 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3));
2043                 validate_respip_action($3);
2044                 if(!cfg_str2list_insert(
2045                         &cfg_parser->cfg->views->respip_actions, $2, $3))
2046                         fatal_exit("out of memory adding per-view "
2047                                 "response-ip action");
2048         }
2049         ;
2050 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2051         {
2052                 OUTYY(("P(view_response_ip_data:%s)\n", $2));
2053                 if(!cfg_str2list_insert(
2054                         &cfg_parser->cfg->views->respip_data, $2, $3))
2055                         fatal_exit("out of memory adding response-ip-data");
2056         }
2057         ;
2058 view_local_data: VAR_LOCAL_DATA STRING_ARG
2059         {
2060                 OUTYY(("P(view_local_data:%s)\n", $2));
2061                 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) {
2062                         fatal_exit("out of memory adding local-data");
2063                         free($2);
2064                 }
2065         }
2066         ;
2067 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
2068         {
2069                 char* ptr;
2070                 OUTYY(("P(view_local_data_ptr:%s)\n", $2));
2071                 ptr = cfg_ptr_reverse($2);
2072                 free($2);
2073                 if(ptr) {
2074                         if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2075                                 local_data, ptr))
2076                                 fatal_exit("out of memory adding local-data");
2077                 } else {
2078                         yyerror("local-data-ptr could not be reversed");
2079                 }
2080         }
2081         ;
2082 view_first: VAR_VIEW_FIRST STRING_ARG
2083         {
2084                 OUTYY(("P(view-first:%s)\n", $2));
2085                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2086                         yyerror("expected yes or no.");
2087                 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0);
2088                 free($2);
2089         }
2090         ;
2091 rcstart: VAR_REMOTE_CONTROL
2092         {
2093                 OUTYY(("\nP(remote-control:)\n"));
2094         }
2095         ;
2096 contents_rc: contents_rc content_rc
2097         | ;
2098 content_rc: rc_control_enable | rc_control_interface | rc_control_port |
2099         rc_server_key_file | rc_server_cert_file | rc_control_key_file |
2100         rc_control_cert_file | rc_control_use_cert
2101         ;
2102 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG
2103         {
2104                 OUTYY(("P(control_enable:%s)\n", $2));
2105                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2106                         yyerror("expected yes or no.");
2107                 else cfg_parser->cfg->remote_control_enable =
2108                         (strcmp($2, "yes")==0);
2109                 free($2);
2110         }
2111         ;
2112 rc_control_port: VAR_CONTROL_PORT STRING_ARG
2113         {
2114                 OUTYY(("P(control_port:%s)\n", $2));
2115                 if(atoi($2) == 0)
2116                         yyerror("control port number expected");
2117                 else cfg_parser->cfg->control_port = atoi($2);
2118                 free($2);
2119         }
2120         ;
2121 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG
2122         {
2123                 OUTYY(("P(control_interface:%s)\n", $2));
2124                 if(!cfg_strlist_insert(&cfg_parser->cfg->control_ifs, $2))
2125                         yyerror("out of memory");
2126         }
2127         ;
2128 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG
2129         {
2130                 OUTYY(("P(control_use_cert:%s)\n", $2));
2131                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2132                         yyerror("expected yes or no.");
2133                 else cfg_parser->cfg->remote_control_use_cert =
2134                         (strcmp($2, "yes")==0);
2135                 free($2);
2136         }
2137         ;
2138 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG
2139         {
2140                 OUTYY(("P(rc_server_key_file:%s)\n", $2));
2141                 free(cfg_parser->cfg->server_key_file);
2142                 cfg_parser->cfg->server_key_file = $2;
2143         }
2144         ;
2145 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG
2146         {
2147                 OUTYY(("P(rc_server_cert_file:%s)\n", $2));
2148                 free(cfg_parser->cfg->server_cert_file);
2149                 cfg_parser->cfg->server_cert_file = $2;
2150         }
2151         ;
2152 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG
2153         {
2154                 OUTYY(("P(rc_control_key_file:%s)\n", $2));
2155                 free(cfg_parser->cfg->control_key_file);
2156                 cfg_parser->cfg->control_key_file = $2;
2157         }
2158         ;
2159 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG
2160         {
2161                 OUTYY(("P(rc_control_cert_file:%s)\n", $2));
2162                 free(cfg_parser->cfg->control_cert_file);
2163                 cfg_parser->cfg->control_cert_file = $2;
2164         }
2165         ;
2166 dtstart: VAR_DNSTAP
2167         {
2168                 OUTYY(("\nP(dnstap:)\n"));
2169         }
2170         ;
2171 contents_dt: contents_dt content_dt
2172         | ;
2173 content_dt: dt_dnstap_enable | dt_dnstap_socket_path |
2174         dt_dnstap_send_identity | dt_dnstap_send_version |
2175         dt_dnstap_identity | dt_dnstap_version |
2176         dt_dnstap_log_resolver_query_messages |
2177         dt_dnstap_log_resolver_response_messages |
2178         dt_dnstap_log_client_query_messages |
2179         dt_dnstap_log_client_response_messages |
2180         dt_dnstap_log_forwarder_query_messages |
2181         dt_dnstap_log_forwarder_response_messages
2182         ;
2183 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG
2184         {
2185                 OUTYY(("P(dt_dnstap_enable:%s)\n", $2));
2186                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2187                         yyerror("expected yes or no.");
2188                 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0);
2189         }
2190         ;
2191 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG
2192         {
2193                 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2));
2194                 free(cfg_parser->cfg->dnstap_socket_path);
2195                 cfg_parser->cfg->dnstap_socket_path = $2;
2196         }
2197         ;
2198 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG
2199         {
2200                 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2));
2201                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2202                         yyerror("expected yes or no.");
2203                 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0);
2204         }
2205         ;
2206 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG
2207         {
2208                 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2));
2209                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2210                         yyerror("expected yes or no.");
2211                 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0);
2212         }
2213         ;
2214 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG
2215         {
2216                 OUTYY(("P(dt_dnstap_identity:%s)\n", $2));
2217                 free(cfg_parser->cfg->dnstap_identity);
2218                 cfg_parser->cfg->dnstap_identity = $2;
2219         }
2220         ;
2221 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG
2222         {
2223                 OUTYY(("P(dt_dnstap_version:%s)\n", $2));
2224                 free(cfg_parser->cfg->dnstap_version);
2225                 cfg_parser->cfg->dnstap_version = $2;
2226         }
2227         ;
2228 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG
2229         {
2230                 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2));
2231                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2232                         yyerror("expected yes or no.");
2233                 else cfg_parser->cfg->dnstap_log_resolver_query_messages =
2234                         (strcmp($2, "yes")==0);
2235         }
2236         ;
2237 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG
2238         {
2239                 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2));
2240                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2241                         yyerror("expected yes or no.");
2242                 else cfg_parser->cfg->dnstap_log_resolver_response_messages =
2243                         (strcmp($2, "yes")==0);
2244         }
2245         ;
2246 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG
2247         {
2248                 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2));
2249                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2250                         yyerror("expected yes or no.");
2251                 else cfg_parser->cfg->dnstap_log_client_query_messages =
2252                         (strcmp($2, "yes")==0);
2253         }
2254         ;
2255 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG
2256         {
2257                 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2));
2258                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2259                         yyerror("expected yes or no.");
2260                 else cfg_parser->cfg->dnstap_log_client_response_messages =
2261                         (strcmp($2, "yes")==0);
2262         }
2263         ;
2264 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG
2265         {
2266                 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2));
2267                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2268                         yyerror("expected yes or no.");
2269                 else cfg_parser->cfg->dnstap_log_forwarder_query_messages =
2270                         (strcmp($2, "yes")==0);
2271         }
2272         ;
2273 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG
2274         {
2275                 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2));
2276                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2277                         yyerror("expected yes or no.");
2278                 else cfg_parser->cfg->dnstap_log_forwarder_response_messages =
2279                         (strcmp($2, "yes")==0);
2280         }
2281         ;
2282 pythonstart: VAR_PYTHON
2283         {
2284                 OUTYY(("\nP(python:)\n"));
2285         }
2286         ;
2287 contents_py: contents_py content_py
2288         | ;
2289 content_py: py_script
2290         ;
2291 py_script: VAR_PYTHON_SCRIPT STRING_ARG
2292         {
2293                 OUTYY(("P(python-script:%s)\n", $2));
2294                 free(cfg_parser->cfg->python_script);
2295                 cfg_parser->cfg->python_script = $2;
2296         }
2297 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG
2298         {
2299                 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2));
2300                 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2301                         yyerror("expected yes or no.");
2302                 else cfg_parser->cfg->disable_dnssec_lame_check =
2303                         (strcmp($2, "yes")==0);
2304                 free($2);
2305         }
2306         ;
2307 server_log_identity: VAR_LOG_IDENTITY STRING_ARG
2308         {
2309                 OUTYY(("P(server_log_identity:%s)\n", $2));
2310                 free(cfg_parser->cfg->log_identity);
2311                 cfg_parser->cfg->log_identity = $2;
2312         }
2313         ;
2314 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2315         {
2316                 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3));
2317                 validate_respip_action($3);
2318                 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions,
2319                         $2, $3))
2320                         fatal_exit("out of memory adding response-ip");
2321         }
2322         ;
2323 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2324         {
2325                 OUTYY(("P(server_response_ip_data:%s)\n", $2));
2326                         if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data,
2327                                 $2, $3))
2328                                 fatal_exit("out of memory adding response-ip-data");
2329         }
2330         ;
2331 dnscstart: VAR_DNSCRYPT
2332         {
2333                 OUTYY(("\nP(dnscrypt:)\n"));
2334                 OUTYY(("\nP(dnscrypt:)\n"));
2335         }
2336         ;
2337 contents_dnsc: contents_dnsc content_dnsc
2338         | ;
2339 content_dnsc:
2340         dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider |
2341         dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert |
2342         dnsc_dnscrypt_shared_secret_cache_size |
2343         dnsc_dnscrypt_shared_secret_cache_slabs |
2344         dnsc_dnscrypt_nonce_cache_size |
2345         dnsc_dnscrypt_nonce_cache_slabs
2346         ;
2347 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG
2348         {
2349                 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2));
2350                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2351                         yyerror("expected yes or no.");
2352                 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0);
2353                 free($2);
2354         }
2355         ;
2356
2357 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG
2358         {
2359                 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2));
2360
2361                 if(atoi($2) == 0)
2362                         yyerror("port number expected");
2363                 else cfg_parser->cfg->dnscrypt_port = atoi($2);
2364                 free($2);
2365         }
2366         ;
2367 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG
2368         {
2369                 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2));
2370                 free(cfg_parser->cfg->dnscrypt_provider);
2371                 cfg_parser->cfg->dnscrypt_provider = $2;
2372         }
2373         ;
2374 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG
2375         {
2376                 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2));
2377                 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2))
2378                         fatal_exit("out of memory adding dnscrypt-provider-cert");
2379         }
2380         ;
2381 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG
2382         {
2383                 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2));
2384                 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2))
2385                         fatal_exit("out of memory adding dnscrypt-secret-key");
2386         }
2387         ;
2388 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG
2389   {
2390         OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2));
2391         if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size))
2392                 yyerror("memory size expected");
2393         free($2);
2394   }
2395   ;
2396 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG
2397   {
2398         OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2));
2399         if(atoi($2) == 0)
2400                 yyerror("number expected");
2401         else {
2402                 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2);
2403                 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs))
2404                         yyerror("must be a power of 2");
2405         }
2406         free($2);
2407   }
2408   ;
2409 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG
2410   {
2411         OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2));
2412         if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size))
2413                 yyerror("memory size expected");
2414         free($2);
2415   }
2416   ;
2417 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG
2418   {
2419         OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2));
2420         if(atoi($2) == 0)
2421                 yyerror("number expected");
2422         else {
2423                 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2);
2424                 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs))
2425                         yyerror("must be a power of 2");
2426         }
2427         free($2);
2428   }
2429   ;
2430 cachedbstart: VAR_CACHEDB
2431         {
2432                 OUTYY(("\nP(cachedb:)\n"));
2433         }
2434         ;
2435 contents_cachedb: contents_cachedb content_cachedb
2436         | ;
2437 content_cachedb: cachedb_backend_name | cachedb_secret_seed
2438         ;
2439 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG
2440         {
2441         #ifdef USE_CACHEDB
2442                 OUTYY(("P(backend:%s)\n", $2));
2443                 if(cfg_parser->cfg->cachedb_backend)
2444                         yyerror("cachedb backend override, there must be one "
2445                                 "backend");
2446                 free(cfg_parser->cfg->cachedb_backend);
2447                 cfg_parser->cfg->cachedb_backend = $2;
2448         #else
2449                 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2450         #endif
2451         }
2452         ;
2453 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG
2454         {
2455         #ifdef USE_CACHEDB
2456                 OUTYY(("P(secret-seed:%s)\n", $2));
2457                 if(cfg_parser->cfg->cachedb_secret)
2458                         yyerror("cachedb secret-seed override, there must be "
2459                                 "only one secret");
2460                 free(cfg_parser->cfg->cachedb_secret);
2461                 cfg_parser->cfg->cachedb_secret = $2;
2462         #else
2463                 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2464                 free($2);
2465         #endif
2466         }
2467         ;
2468 %%
2469
2470 /* parse helper routines could be here */
2471 static void
2472 validate_respip_action(const char* action)
2473 {
2474         if(strcmp(action, "deny")!=0 &&
2475                 strcmp(action, "redirect")!=0 &&
2476                 strcmp(action, "inform")!=0 &&
2477                 strcmp(action, "inform_deny")!=0 &&
2478                 strcmp(action, "always_transparent")!=0 &&
2479                 strcmp(action, "always_refuse")!=0 &&
2480                 strcmp(action, "always_nxdomain")!=0)
2481         {
2482                 yyerror("response-ip action: expected deny, redirect, "
2483                         "inform, inform_deny, always_transparent, "
2484                         "always_refuse or always_nxdomain");
2485         }
2486 }