2 * configparser.y -- yacc grammar for unbound configuration files
4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
6 * Copyright (c) 2007, NLnet Labs. All rights reserved.
8 * This software is open source.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
14 * Redistributions of source code must retain the above copyright notice,
15 * this list of conditions and the following disclaimer.
17 * Redistributions in binary form must reproduce the above copyright notice,
18 * this list of conditions and the following disclaimer in the documentation
19 * and/or other materials provided with the distribution.
21 * Neither the name of the NLNET LABS nor the names of its contributors may
22 * be used to endorse or promote products derived from this software without
23 * specific prior written permission.
25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
47 #include "util/configyyrename.h"
48 #include "util/config_file.h"
49 #include "util/net_help.h"
52 void ub_c_error(const char *message);
54 static void validate_respip_action(const char* action);
56 /* these need to be global, otherwise they cannot be used inside yacc */
57 extern struct config_parser_state* cfg_parser;
60 #define OUTYY(s) printf s /* used ONLY when debugging */
70 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR
71 %token <str> STRING_ARG
72 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT
73 %token VAR_OUTGOING_RANGE VAR_INTERFACE
74 %token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP
75 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS
76 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE
77 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD
78 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP
79 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS
80 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME
81 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY
82 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES
83 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR
84 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION
85 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF
86 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE
87 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE
88 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE
89 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE
90 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG
91 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST
92 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL
93 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC
94 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID
95 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT
96 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR
97 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS
98 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE
99 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE
100 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE
101 %token VAR_CONTROL_USE_CERT
102 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT
103 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII
104 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN
105 %token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL
106 %token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN
107 %token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH
108 %token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN
109 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES
110 %token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
111 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST
112 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM
113 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN
114 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE
115 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES
116 %token VAR_INFRA_CACHE_MIN_RTT
117 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL
118 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH
119 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION
120 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION
121 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES
122 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES
123 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES
124 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES
125 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES
126 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES
127 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA
128 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT
129 %token VAR_DISABLE_DNSSEC_LAME_CHECK
130 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE
131 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE
132 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN
133 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR
134 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE
135 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE
136 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6
137 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN
138 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND
139 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG
140 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION
141 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW
142 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_FAKE_DSA VAR_FAKE_SHA1
143 %token VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR VAR_TRUST_ANCHOR_SIGNALING
144 %token VAR_USE_SYSTEMD VAR_SHM_ENABLE VAR_SHM_KEY
145 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER
146 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT
147 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE
148 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS
149 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE
150 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS
151 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS
152 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT
153 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED
154 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM
157 toplevelvars: /* empty */ | toplevelvars toplevelvar ;
158 toplevelvar: serverstart contents_server | stubstart contents_stub |
159 forwardstart contents_forward | pythonstart contents_py |
160 rcstart contents_rc | dtstart contents_dt | viewstart
162 dnscstart contents_dnsc |
163 cachedbstart contents_cachedb
166 /* server: declaration */
167 serverstart: VAR_SERVER
169 OUTYY(("\nP(server:)\n"));
172 contents_server: contents_server content_server
174 content_server: server_num_threads | server_verbosity | server_port |
175 server_outgoing_range | server_do_ip4 |
176 server_do_ip6 | server_prefer_ip6 |
177 server_do_udp | server_do_tcp |
178 server_tcp_mss | server_outgoing_tcp_mss |
179 server_interface | server_chroot | server_username |
180 server_directory | server_logfile | server_pidfile |
181 server_msg_cache_size | server_msg_cache_slabs |
182 server_num_queries_per_thread | server_rrset_cache_size |
183 server_rrset_cache_slabs | server_outgoing_num_tcp |
184 server_infra_host_ttl | server_infra_lame_ttl |
185 server_infra_cache_slabs | server_infra_cache_numhosts |
186 server_infra_cache_lame_size | server_target_fetch_policy |
187 server_harden_short_bufsize | server_harden_large_queries |
188 server_do_not_query_address | server_hide_identity |
189 server_hide_version | server_identity | server_version |
190 server_harden_glue | server_module_conf | server_trust_anchor_file |
191 server_trust_anchor | server_val_override_date | server_bogus_ttl |
192 server_val_clean_additional | server_val_permissive_mode |
193 server_incoming_num_tcp | server_msg_buffer_size |
194 server_key_cache_size | server_key_cache_slabs |
195 server_trusted_keys_file | server_val_nsec3_keysize_iterations |
196 server_use_syslog | server_outgoing_interface | server_root_hints |
197 server_do_not_query_localhost | server_cache_max_ttl |
198 server_harden_dnssec_stripped | server_access_control |
199 server_local_zone | server_local_data | server_interface_automatic |
200 server_statistics_interval | server_do_daemonize |
201 server_use_caps_for_id | server_statistics_cumulative |
202 server_outgoing_port_permit | server_outgoing_port_avoid |
203 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size |
204 server_harden_referral_path | server_private_address |
205 server_private_domain | server_extended_statistics |
206 server_local_data_ptr | server_jostle_timeout |
207 server_unwanted_reply_threshold | server_log_time_ascii |
208 server_domain_insecure | server_val_sig_skew_min |
209 server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level |
210 server_auto_trust_anchor_file | server_add_holddown |
211 server_del_holddown | server_keep_missing | server_so_rcvbuf |
212 server_edns_buffer_size | server_prefetch | server_prefetch_key |
213 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag |
214 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream |
215 server_ssl_service_key | server_ssl_service_pem | server_ssl_port |
216 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size |
217 server_so_reuseport | server_delay_close |
218 server_unblock_lan_zones | server_insecure_lan_zones |
219 server_dns64_prefix | server_dns64_synthall |
220 server_infra_cache_min_rtt | server_harden_algo_downgrade |
221 server_ip_transparent | server_ip_ratelimit | server_ratelimit |
222 server_ip_ratelimit_slabs | server_ratelimit_slabs |
223 server_ip_ratelimit_size | server_ratelimit_size |
224 server_ratelimit_for_domain |
225 server_ratelimit_below_domain | server_ratelimit_factor |
226 server_ip_ratelimit_factor | server_send_client_subnet |
227 server_client_subnet_zone | server_client_subnet_always_forward |
228 server_client_subnet_opcode |
229 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 |
230 server_caps_whitelist | server_cache_max_negative_ttl |
231 server_permit_small_holddown | server_qname_minimisation |
232 server_ip_freebind | server_define_tag | server_local_zone_tag |
233 server_disable_dnssec_lame_check | server_access_control_tag |
234 server_local_zone_override | server_access_control_tag_action |
235 server_access_control_tag_data | server_access_control_view |
236 server_qname_minimisation_strict | server_serve_expired |
237 server_fake_dsa | server_log_identity | server_use_systemd |
238 server_response_ip_tag | server_response_ip | server_response_ip_data |
239 server_shm_enable | server_shm_key | server_fake_sha1 |
240 server_hide_trustanchor | server_trust_anchor_signaling |
241 server_ipsecmod_enabled | server_ipsecmod_hook |
242 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl |
243 server_ipsecmod_whitelist | server_ipsecmod_strict |
244 server_udp_upstream_without_downstream
246 stubstart: VAR_STUB_ZONE
248 struct config_stub* s;
249 OUTYY(("\nP(stub_zone:)\n"));
250 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
252 s->next = cfg_parser->cfg->stubs;
253 cfg_parser->cfg->stubs = s;
255 yyerror("out of memory");
258 contents_stub: contents_stub content_stub
260 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first |
263 forwardstart: VAR_FORWARD_ZONE
265 struct config_stub* s;
266 OUTYY(("\nP(forward_zone:)\n"));
267 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
269 s->next = cfg_parser->cfg->forwards;
270 cfg_parser->cfg->forwards = s;
272 yyerror("out of memory");
275 contents_forward: contents_forward content_forward
277 content_forward: forward_name | forward_host | forward_addr | forward_first |
282 struct config_view* s;
283 OUTYY(("\nP(view:)\n"));
284 s = (struct config_view*)calloc(1, sizeof(struct config_view));
286 s->next = cfg_parser->cfg->views;
287 if(s->next && !s->next->name)
288 yyerror("view without name");
289 cfg_parser->cfg->views = s;
291 yyerror("out of memory");
294 contents_view: contents_view content_view
296 content_view: view_name | view_local_zone | view_local_data | view_first |
297 view_response_ip | view_response_ip_data | view_local_data_ptr
299 server_num_threads: VAR_NUM_THREADS STRING_ARG
301 OUTYY(("P(server_num_threads:%s)\n", $2));
302 if(atoi($2) == 0 && strcmp($2, "0") != 0)
303 yyerror("number expected");
304 else cfg_parser->cfg->num_threads = atoi($2);
308 server_verbosity: VAR_VERBOSITY STRING_ARG
310 OUTYY(("P(server_verbosity:%s)\n", $2));
311 if(atoi($2) == 0 && strcmp($2, "0") != 0)
312 yyerror("number expected");
313 else cfg_parser->cfg->verbosity = atoi($2);
317 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG
319 OUTYY(("P(server_statistics_interval:%s)\n", $2));
320 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
321 cfg_parser->cfg->stat_interval = 0;
322 else if(atoi($2) == 0)
323 yyerror("number expected");
324 else cfg_parser->cfg->stat_interval = atoi($2);
328 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG
330 OUTYY(("P(server_statistics_cumulative:%s)\n", $2));
331 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
332 yyerror("expected yes or no.");
333 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0);
337 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG
339 OUTYY(("P(server_extended_statistics:%s)\n", $2));
340 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
341 yyerror("expected yes or no.");
342 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0);
346 server_shm_enable: VAR_SHM_ENABLE STRING_ARG
348 OUTYY(("P(server_shm_enable:%s)\n", $2));
349 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
350 yyerror("expected yes or no.");
351 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0);
355 server_shm_key: VAR_SHM_KEY STRING_ARG
357 OUTYY(("P(server_shm_key:%s)\n", $2));
358 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
359 cfg_parser->cfg->shm_key = 0;
360 else if(atoi($2) == 0)
361 yyerror("number expected");
362 else cfg_parser->cfg->shm_key = atoi($2);
366 server_port: VAR_PORT STRING_ARG
368 OUTYY(("P(server_port:%s)\n", $2));
370 yyerror("port number expected");
371 else cfg_parser->cfg->port = atoi($2);
375 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG
378 OUTYY(("P(server_send_client_subnet:%s)\n", $2));
379 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2))
380 fatal_exit("out of memory adding client-subnet");
382 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
386 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG
389 OUTYY(("P(server_client_subnet_zone:%s)\n", $2));
390 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone,
392 fatal_exit("out of memory adding client-subnet-zone");
394 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
398 server_client_subnet_always_forward:
399 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG
402 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2));
403 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
404 yyerror("expected yes or no.");
406 cfg_parser->cfg->client_subnet_always_forward =
407 (strcmp($2, "yes")==0);
409 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
414 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG
417 OUTYY(("P(client_subnet_opcode:%s)\n", $2));
418 OUTYY(("P(Deprecated option, ignoring)\n"));
420 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
425 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG
428 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2));
429 if(atoi($2) == 0 && strcmp($2, "0") != 0)
430 yyerror("IPv4 subnet length expected");
431 else if (atoi($2) > 32)
432 cfg_parser->cfg->max_client_subnet_ipv4 = 32;
433 else if (atoi($2) < 0)
434 cfg_parser->cfg->max_client_subnet_ipv4 = 0;
435 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2);
437 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
442 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG
445 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2));
446 if(atoi($2) == 0 && strcmp($2, "0") != 0)
447 yyerror("Ipv6 subnet length expected");
448 else if (atoi($2) > 128)
449 cfg_parser->cfg->max_client_subnet_ipv6 = 128;
450 else if (atoi($2) < 0)
451 cfg_parser->cfg->max_client_subnet_ipv6 = 0;
452 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2);
454 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
459 server_interface: VAR_INTERFACE STRING_ARG
461 OUTYY(("P(server_interface:%s)\n", $2));
462 if(cfg_parser->cfg->num_ifs == 0)
463 cfg_parser->cfg->ifs = calloc(1, sizeof(char*));
464 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs,
465 (cfg_parser->cfg->num_ifs+1)*sizeof(char*));
466 if(!cfg_parser->cfg->ifs)
467 yyerror("out of memory");
469 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2;
472 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG
474 OUTYY(("P(server_outgoing_interface:%s)\n", $2));
475 if(cfg_parser->cfg->num_out_ifs == 0)
476 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*));
477 else cfg_parser->cfg->out_ifs = realloc(
478 cfg_parser->cfg->out_ifs,
479 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*));
480 if(!cfg_parser->cfg->out_ifs)
481 yyerror("out of memory");
483 cfg_parser->cfg->out_ifs[
484 cfg_parser->cfg->num_out_ifs++] = $2;
487 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG
489 OUTYY(("P(server_outgoing_range:%s)\n", $2));
491 yyerror("number expected");
492 else cfg_parser->cfg->outgoing_num_ports = atoi($2);
496 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG
498 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2));
499 if(!cfg_mark_ports($2, 1,
500 cfg_parser->cfg->outgoing_avail_ports, 65536))
501 yyerror("port number or range (\"low-high\") expected");
505 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG
507 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2));
508 if(!cfg_mark_ports($2, 0,
509 cfg_parser->cfg->outgoing_avail_ports, 65536))
510 yyerror("port number or range (\"low-high\") expected");
514 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG
516 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2));
517 if(atoi($2) == 0 && strcmp($2, "0") != 0)
518 yyerror("number expected");
519 else cfg_parser->cfg->outgoing_num_tcp = atoi($2);
523 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG
525 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2));
526 if(atoi($2) == 0 && strcmp($2, "0") != 0)
527 yyerror("number expected");
528 else cfg_parser->cfg->incoming_num_tcp = atoi($2);
532 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG
534 OUTYY(("P(server_interface_automatic:%s)\n", $2));
535 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
536 yyerror("expected yes or no.");
537 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0);
541 server_do_ip4: VAR_DO_IP4 STRING_ARG
543 OUTYY(("P(server_do_ip4:%s)\n", $2));
544 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
545 yyerror("expected yes or no.");
546 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0);
550 server_do_ip6: VAR_DO_IP6 STRING_ARG
552 OUTYY(("P(server_do_ip6:%s)\n", $2));
553 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
554 yyerror("expected yes or no.");
555 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0);
559 server_do_udp: VAR_DO_UDP STRING_ARG
561 OUTYY(("P(server_do_udp:%s)\n", $2));
562 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
563 yyerror("expected yes or no.");
564 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0);
568 server_do_tcp: VAR_DO_TCP STRING_ARG
570 OUTYY(("P(server_do_tcp:%s)\n", $2));
571 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
572 yyerror("expected yes or no.");
573 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0);
577 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG
579 OUTYY(("P(server_prefer_ip6:%s)\n", $2));
580 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
581 yyerror("expected yes or no.");
582 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0);
586 server_tcp_mss: VAR_TCP_MSS STRING_ARG
588 OUTYY(("P(server_tcp_mss:%s)\n", $2));
589 if(atoi($2) == 0 && strcmp($2, "0") != 0)
590 yyerror("number expected");
591 else cfg_parser->cfg->tcp_mss = atoi($2);
595 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG
597 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2));
598 if(atoi($2) == 0 && strcmp($2, "0") != 0)
599 yyerror("number expected");
600 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2);
604 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG
606 OUTYY(("P(server_tcp_upstream:%s)\n", $2));
607 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
608 yyerror("expected yes or no.");
609 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0);
613 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG
615 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2));
616 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
617 yyerror("expected yes or no.");
618 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0);
622 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG
624 OUTYY(("P(server_ssl_upstream:%s)\n", $2));
625 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
626 yyerror("expected yes or no.");
627 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0);
631 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG
633 OUTYY(("P(server_ssl_service_key:%s)\n", $2));
634 free(cfg_parser->cfg->ssl_service_key);
635 cfg_parser->cfg->ssl_service_key = $2;
638 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG
640 OUTYY(("P(server_ssl_service_pem:%s)\n", $2));
641 free(cfg_parser->cfg->ssl_service_pem);
642 cfg_parser->cfg->ssl_service_pem = $2;
645 server_ssl_port: VAR_SSL_PORT STRING_ARG
647 OUTYY(("P(server_ssl_port:%s)\n", $2));
649 yyerror("port number expected");
650 else cfg_parser->cfg->ssl_port = atoi($2);
654 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG
656 OUTYY(("P(server_use_systemd:%s)\n", $2));
657 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
658 yyerror("expected yes or no.");
659 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0);
663 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG
665 OUTYY(("P(server_do_daemonize:%s)\n", $2));
666 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
667 yyerror("expected yes or no.");
668 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0);
672 server_use_syslog: VAR_USE_SYSLOG STRING_ARG
674 OUTYY(("P(server_use_syslog:%s)\n", $2));
675 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
676 yyerror("expected yes or no.");
677 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0);
678 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS)
679 if(strcmp($2, "yes") == 0)
680 yyerror("no syslog services are available. "
681 "(reconfigure and compile to add)");
686 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG
688 OUTYY(("P(server_log_time_ascii:%s)\n", $2));
689 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
690 yyerror("expected yes or no.");
691 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0);
695 server_log_queries: VAR_LOG_QUERIES STRING_ARG
697 OUTYY(("P(server_log_queries:%s)\n", $2));
698 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
699 yyerror("expected yes or no.");
700 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0);
704 server_log_replies: VAR_LOG_REPLIES STRING_ARG
706 OUTYY(("P(server_log_replies:%s)\n", $2));
707 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
708 yyerror("expected yes or no.");
709 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0);
713 server_chroot: VAR_CHROOT STRING_ARG
715 OUTYY(("P(server_chroot:%s)\n", $2));
716 free(cfg_parser->cfg->chrootdir);
717 cfg_parser->cfg->chrootdir = $2;
720 server_username: VAR_USERNAME STRING_ARG
722 OUTYY(("P(server_username:%s)\n", $2));
723 free(cfg_parser->cfg->username);
724 cfg_parser->cfg->username = $2;
727 server_directory: VAR_DIRECTORY STRING_ARG
729 OUTYY(("P(server_directory:%s)\n", $2));
730 free(cfg_parser->cfg->directory);
731 cfg_parser->cfg->directory = $2;
732 /* change there right away for includes relative to this */
736 w_config_adjust_directory(cfg_parser->cfg);
738 d = cfg_parser->cfg->directory;
739 /* adjust directory if we have already chroot,
740 * like, we reread after sighup */
741 if(cfg_parser->chroot && cfg_parser->chroot[0] &&
742 strncmp(d, cfg_parser->chroot, strlen(
743 cfg_parser->chroot)) == 0)
744 d += strlen(cfg_parser->chroot);
747 log_err("cannot chdir to directory: %s (%s)",
753 server_logfile: VAR_LOGFILE STRING_ARG
755 OUTYY(("P(server_logfile:%s)\n", $2));
756 free(cfg_parser->cfg->logfile);
757 cfg_parser->cfg->logfile = $2;
758 cfg_parser->cfg->use_syslog = 0;
761 server_pidfile: VAR_PIDFILE STRING_ARG
763 OUTYY(("P(server_pidfile:%s)\n", $2));
764 free(cfg_parser->cfg->pidfile);
765 cfg_parser->cfg->pidfile = $2;
768 server_root_hints: VAR_ROOT_HINTS STRING_ARG
770 OUTYY(("P(server_root_hints:%s)\n", $2));
771 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2))
772 yyerror("out of memory");
775 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG
777 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2));
778 free(cfg_parser->cfg->dlv_anchor_file);
779 cfg_parser->cfg->dlv_anchor_file = $2;
782 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG
784 OUTYY(("P(server_dlv_anchor:%s)\n", $2));
785 if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, $2))
786 yyerror("out of memory");
789 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG
791 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2));
792 if(!cfg_strlist_insert(&cfg_parser->cfg->
793 auto_trust_anchor_file_list, $2))
794 yyerror("out of memory");
797 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG
799 OUTYY(("P(server_trust_anchor_file:%s)\n", $2));
800 if(!cfg_strlist_insert(&cfg_parser->cfg->
801 trust_anchor_file_list, $2))
802 yyerror("out of memory");
805 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG
807 OUTYY(("P(server_trusted_keys_file:%s)\n", $2));
808 if(!cfg_strlist_insert(&cfg_parser->cfg->
809 trusted_keys_file_list, $2))
810 yyerror("out of memory");
813 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG
815 OUTYY(("P(server_trust_anchor:%s)\n", $2));
816 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2))
817 yyerror("out of memory");
820 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG
822 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2));
823 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
824 yyerror("expected yes or no.");
826 cfg_parser->cfg->trust_anchor_signaling =
827 (strcmp($2, "yes")==0);
831 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG
833 OUTYY(("P(server_domain_insecure:%s)\n", $2));
834 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2))
835 yyerror("out of memory");
838 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG
840 OUTYY(("P(server_hide_identity:%s)\n", $2));
841 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
842 yyerror("expected yes or no.");
843 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0);
847 server_hide_version: VAR_HIDE_VERSION STRING_ARG
849 OUTYY(("P(server_hide_version:%s)\n", $2));
850 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
851 yyerror("expected yes or no.");
852 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0);
856 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG
858 OUTYY(("P(server_hide_trustanchor:%s)\n", $2));
859 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
860 yyerror("expected yes or no.");
861 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0);
865 server_identity: VAR_IDENTITY STRING_ARG
867 OUTYY(("P(server_identity:%s)\n", $2));
868 free(cfg_parser->cfg->identity);
869 cfg_parser->cfg->identity = $2;
872 server_version: VAR_VERSION STRING_ARG
874 OUTYY(("P(server_version:%s)\n", $2));
875 free(cfg_parser->cfg->version);
876 cfg_parser->cfg->version = $2;
879 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG
881 OUTYY(("P(server_so_rcvbuf:%s)\n", $2));
882 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf))
883 yyerror("buffer size expected");
887 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG
889 OUTYY(("P(server_so_sndbuf:%s)\n", $2));
890 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf))
891 yyerror("buffer size expected");
895 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG
897 OUTYY(("P(server_so_reuseport:%s)\n", $2));
898 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
899 yyerror("expected yes or no.");
900 else cfg_parser->cfg->so_reuseport =
901 (strcmp($2, "yes")==0);
905 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG
907 OUTYY(("P(server_ip_transparent:%s)\n", $2));
908 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
909 yyerror("expected yes or no.");
910 else cfg_parser->cfg->ip_transparent =
911 (strcmp($2, "yes")==0);
915 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG
917 OUTYY(("P(server_ip_freebind:%s)\n", $2));
918 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
919 yyerror("expected yes or no.");
920 else cfg_parser->cfg->ip_freebind =
921 (strcmp($2, "yes")==0);
925 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG
927 OUTYY(("P(server_edns_buffer_size:%s)\n", $2));
929 yyerror("number expected");
930 else if (atoi($2) < 12)
931 yyerror("edns buffer size too small");
932 else if (atoi($2) > 65535)
933 cfg_parser->cfg->edns_buffer_size = 65535;
934 else cfg_parser->cfg->edns_buffer_size = atoi($2);
938 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG
940 OUTYY(("P(server_msg_buffer_size:%s)\n", $2));
942 yyerror("number expected");
943 else if (atoi($2) < 4096)
944 yyerror("message buffer size too small (use 4096)");
945 else cfg_parser->cfg->msg_buffer_size = atoi($2);
949 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG
951 OUTYY(("P(server_msg_cache_size:%s)\n", $2));
952 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size))
953 yyerror("memory size expected");
957 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG
959 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2));
961 yyerror("number expected");
963 cfg_parser->cfg->msg_cache_slabs = atoi($2);
964 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs))
965 yyerror("must be a power of 2");
970 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG
972 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2));
974 yyerror("number expected");
975 else cfg_parser->cfg->num_queries_per_thread = atoi($2);
979 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG
981 OUTYY(("P(server_jostle_timeout:%s)\n", $2));
982 if(atoi($2) == 0 && strcmp($2, "0") != 0)
983 yyerror("number expected");
984 else cfg_parser->cfg->jostle_time = atoi($2);
988 server_delay_close: VAR_DELAY_CLOSE STRING_ARG
990 OUTYY(("P(server_delay_close:%s)\n", $2));
991 if(atoi($2) == 0 && strcmp($2, "0") != 0)
992 yyerror("number expected");
993 else cfg_parser->cfg->delay_close = atoi($2);
997 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG
999 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2));
1000 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1001 yyerror("expected yes or no.");
1002 else cfg_parser->cfg->unblock_lan_zones =
1003 (strcmp($2, "yes")==0);
1007 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG
1009 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2));
1010 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1011 yyerror("expected yes or no.");
1012 else cfg_parser->cfg->insecure_lan_zones =
1013 (strcmp($2, "yes")==0);
1017 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG
1019 OUTYY(("P(server_rrset_cache_size:%s)\n", $2));
1020 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size))
1021 yyerror("memory size expected");
1025 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG
1027 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2));
1029 yyerror("number expected");
1031 cfg_parser->cfg->rrset_cache_slabs = atoi($2);
1032 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs))
1033 yyerror("must be a power of 2");
1038 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG
1040 OUTYY(("P(server_infra_host_ttl:%s)\n", $2));
1041 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1042 yyerror("number expected");
1043 else cfg_parser->cfg->host_ttl = atoi($2);
1047 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG
1049 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2));
1050 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option "
1051 "removed, use infra-host-ttl)", $2);
1055 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG
1057 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2));
1059 yyerror("number expected");
1060 else cfg_parser->cfg->infra_cache_numhosts = atoi($2);
1064 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG
1066 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2));
1067 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s "
1068 "(option removed, use infra-cache-numhosts)", $2);
1072 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG
1074 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2));
1076 yyerror("number expected");
1078 cfg_parser->cfg->infra_cache_slabs = atoi($2);
1079 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs))
1080 yyerror("must be a power of 2");
1085 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG
1087 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2));
1088 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1089 yyerror("number expected");
1090 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2);
1094 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG
1096 OUTYY(("P(server_target_fetch_policy:%s)\n", $2));
1097 free(cfg_parser->cfg->target_fetch_policy);
1098 cfg_parser->cfg->target_fetch_policy = $2;
1101 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG
1103 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2));
1104 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1105 yyerror("expected yes or no.");
1106 else cfg_parser->cfg->harden_short_bufsize =
1107 (strcmp($2, "yes")==0);
1111 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG
1113 OUTYY(("P(server_harden_large_queries:%s)\n", $2));
1114 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1115 yyerror("expected yes or no.");
1116 else cfg_parser->cfg->harden_large_queries =
1117 (strcmp($2, "yes")==0);
1121 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG
1123 OUTYY(("P(server_harden_glue:%s)\n", $2));
1124 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1125 yyerror("expected yes or no.");
1126 else cfg_parser->cfg->harden_glue =
1127 (strcmp($2, "yes")==0);
1131 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG
1133 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2));
1134 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1135 yyerror("expected yes or no.");
1136 else cfg_parser->cfg->harden_dnssec_stripped =
1137 (strcmp($2, "yes")==0);
1141 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG
1143 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2));
1144 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1145 yyerror("expected yes or no.");
1146 else cfg_parser->cfg->harden_below_nxdomain =
1147 (strcmp($2, "yes")==0);
1151 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG
1153 OUTYY(("P(server_harden_referral_path:%s)\n", $2));
1154 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1155 yyerror("expected yes or no.");
1156 else cfg_parser->cfg->harden_referral_path =
1157 (strcmp($2, "yes")==0);
1161 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG
1163 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2));
1164 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1165 yyerror("expected yes or no.");
1166 else cfg_parser->cfg->harden_algo_downgrade =
1167 (strcmp($2, "yes")==0);
1171 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG
1173 OUTYY(("P(server_use_caps_for_id:%s)\n", $2));
1174 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1175 yyerror("expected yes or no.");
1176 else cfg_parser->cfg->use_caps_bits_for_id =
1177 (strcmp($2, "yes")==0);
1181 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG
1183 OUTYY(("P(server_caps_whitelist:%s)\n", $2));
1184 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2))
1185 yyerror("out of memory");
1188 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG
1190 OUTYY(("P(server_private_address:%s)\n", $2));
1191 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2))
1192 yyerror("out of memory");
1195 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG
1197 OUTYY(("P(server_private_domain:%s)\n", $2));
1198 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2))
1199 yyerror("out of memory");
1202 server_prefetch: VAR_PREFETCH STRING_ARG
1204 OUTYY(("P(server_prefetch:%s)\n", $2));
1205 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1206 yyerror("expected yes or no.");
1207 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0);
1211 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG
1213 OUTYY(("P(server_prefetch_key:%s)\n", $2));
1214 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1215 yyerror("expected yes or no.");
1216 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0);
1220 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG
1222 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2));
1223 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1224 yyerror("number expected");
1225 else cfg_parser->cfg->unwanted_threshold = atoi($2);
1229 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG
1231 OUTYY(("P(server_do_not_query_address:%s)\n", $2));
1232 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2))
1233 yyerror("out of memory");
1236 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG
1238 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2));
1239 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1240 yyerror("expected yes or no.");
1241 else cfg_parser->cfg->donotquery_localhost =
1242 (strcmp($2, "yes")==0);
1246 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG
1248 OUTYY(("P(server_access_control:%s %s)\n", $2, $3));
1249 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 &&
1250 strcmp($3, "deny_non_local")!=0 &&
1251 strcmp($3, "refuse_non_local")!=0 &&
1252 strcmp($3, "allow")!=0 &&
1253 strcmp($3, "allow_snoop")!=0) {
1254 yyerror("expected deny, refuse, deny_non_local, "
1255 "refuse_non_local, allow or allow_snoop "
1256 "in access control action");
1258 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3))
1259 fatal_exit("out of memory adding acl");
1263 server_module_conf: VAR_MODULE_CONF STRING_ARG
1265 OUTYY(("P(server_module_conf:%s)\n", $2));
1266 free(cfg_parser->cfg->module_conf);
1267 cfg_parser->cfg->module_conf = $2;
1270 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG
1272 OUTYY(("P(server_val_override_date:%s)\n", $2));
1273 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1274 cfg_parser->cfg->val_date_override = 0;
1275 } else if(strlen($2) == 14) {
1276 cfg_parser->cfg->val_date_override =
1277 cfg_convert_timeval($2);
1278 if(!cfg_parser->cfg->val_date_override)
1279 yyerror("bad date/time specification");
1282 yyerror("number expected");
1283 cfg_parser->cfg->val_date_override = atoi($2);
1288 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG
1290 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2));
1291 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1292 cfg_parser->cfg->val_sig_skew_min = 0;
1294 cfg_parser->cfg->val_sig_skew_min = atoi($2);
1295 if(!cfg_parser->cfg->val_sig_skew_min)
1296 yyerror("number expected");
1301 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG
1303 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2));
1304 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1305 cfg_parser->cfg->val_sig_skew_max = 0;
1307 cfg_parser->cfg->val_sig_skew_max = atoi($2);
1308 if(!cfg_parser->cfg->val_sig_skew_max)
1309 yyerror("number expected");
1314 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG
1316 OUTYY(("P(server_cache_max_ttl:%s)\n", $2));
1317 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1318 yyerror("number expected");
1319 else cfg_parser->cfg->max_ttl = atoi($2);
1323 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG
1325 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2));
1326 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1327 yyerror("number expected");
1328 else cfg_parser->cfg->max_negative_ttl = atoi($2);
1332 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG
1334 OUTYY(("P(server_cache_min_ttl:%s)\n", $2));
1335 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1336 yyerror("number expected");
1337 else cfg_parser->cfg->min_ttl = atoi($2);
1341 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG
1343 OUTYY(("P(server_bogus_ttl:%s)\n", $2));
1344 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1345 yyerror("number expected");
1346 else cfg_parser->cfg->bogus_ttl = atoi($2);
1350 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG
1352 OUTYY(("P(server_val_clean_additional:%s)\n", $2));
1353 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1354 yyerror("expected yes or no.");
1355 else cfg_parser->cfg->val_clean_additional =
1356 (strcmp($2, "yes")==0);
1360 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG
1362 OUTYY(("P(server_val_permissive_mode:%s)\n", $2));
1363 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1364 yyerror("expected yes or no.");
1365 else cfg_parser->cfg->val_permissive_mode =
1366 (strcmp($2, "yes")==0);
1370 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG
1372 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2));
1373 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1374 yyerror("expected yes or no.");
1375 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0);
1379 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG
1381 OUTYY(("P(server_serve_expired:%s)\n", $2));
1382 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1383 yyerror("expected yes or no.");
1384 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0);
1388 server_fake_dsa: VAR_FAKE_DSA STRING_ARG
1390 OUTYY(("P(server_fake_dsa:%s)\n", $2));
1391 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1392 yyerror("expected yes or no.");
1394 else fake_dsa = (strcmp($2, "yes")==0);
1396 log_warn("test option fake_dsa is enabled");
1401 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG
1403 OUTYY(("P(server_fake_sha1:%s)\n", $2));
1404 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1405 yyerror("expected yes or no.");
1407 else fake_sha1 = (strcmp($2, "yes")==0);
1409 log_warn("test option fake_sha1 is enabled");
1414 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG
1416 OUTYY(("P(server_val_log_level:%s)\n", $2));
1417 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1418 yyerror("number expected");
1419 else cfg_parser->cfg->val_log_level = atoi($2);
1423 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG
1425 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2));
1426 free(cfg_parser->cfg->val_nsec3_key_iterations);
1427 cfg_parser->cfg->val_nsec3_key_iterations = $2;
1430 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG
1432 OUTYY(("P(server_add_holddown:%s)\n", $2));
1433 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1434 yyerror("number expected");
1435 else cfg_parser->cfg->add_holddown = atoi($2);
1439 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG
1441 OUTYY(("P(server_del_holddown:%s)\n", $2));
1442 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1443 yyerror("number expected");
1444 else cfg_parser->cfg->del_holddown = atoi($2);
1448 server_keep_missing: VAR_KEEP_MISSING STRING_ARG
1450 OUTYY(("P(server_keep_missing:%s)\n", $2));
1451 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1452 yyerror("number expected");
1453 else cfg_parser->cfg->keep_missing = atoi($2);
1457 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG
1459 OUTYY(("P(server_permit_small_holddown:%s)\n", $2));
1460 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1461 yyerror("expected yes or no.");
1462 else cfg_parser->cfg->permit_small_holddown =
1463 (strcmp($2, "yes")==0);
1466 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG
1468 OUTYY(("P(server_key_cache_size:%s)\n", $2));
1469 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size))
1470 yyerror("memory size expected");
1474 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG
1476 OUTYY(("P(server_key_cache_slabs:%s)\n", $2));
1478 yyerror("number expected");
1480 cfg_parser->cfg->key_cache_slabs = atoi($2);
1481 if(!is_pow2(cfg_parser->cfg->key_cache_slabs))
1482 yyerror("must be a power of 2");
1487 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG
1489 OUTYY(("P(server_neg_cache_size:%s)\n", $2));
1490 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size))
1491 yyerror("memory size expected");
1495 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
1497 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3));
1498 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
1499 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
1500 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
1501 && strcmp($3, "typetransparent")!=0
1502 && strcmp($3, "always_transparent")!=0
1503 && strcmp($3, "always_refuse")!=0
1504 && strcmp($3, "always_nxdomain")!=0
1505 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
1506 yyerror("local-zone type: expected static, deny, "
1507 "refuse, redirect, transparent, "
1508 "typetransparent, inform, inform_deny, "
1509 "always_transparent, always_refuse, "
1510 "always_nxdomain or nodefault");
1511 else if(strcmp($3, "nodefault")==0) {
1512 if(!cfg_strlist_insert(&cfg_parser->cfg->
1513 local_zones_nodefault, $2))
1514 fatal_exit("out of memory adding local-zone");
1517 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones,
1519 fatal_exit("out of memory adding local-zone");
1523 server_local_data: VAR_LOCAL_DATA STRING_ARG
1525 OUTYY(("P(server_local_data:%s)\n", $2));
1526 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2))
1527 fatal_exit("out of memory adding local-data");
1530 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
1533 OUTYY(("P(server_local_data_ptr:%s)\n", $2));
1534 ptr = cfg_ptr_reverse($2);
1537 if(!cfg_strlist_insert(&cfg_parser->cfg->
1539 fatal_exit("out of memory adding local-data");
1541 yyerror("local-data-ptr could not be reversed");
1545 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG
1547 OUTYY(("P(server_minimal_responses:%s)\n", $2));
1548 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1549 yyerror("expected yes or no.");
1550 else cfg_parser->cfg->minimal_responses =
1551 (strcmp($2, "yes")==0);
1555 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG
1557 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2));
1558 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1559 yyerror("expected yes or no.");
1560 else cfg_parser->cfg->rrset_roundrobin =
1561 (strcmp($2, "yes")==0);
1565 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG
1567 OUTYY(("P(server_max_udp_size:%s)\n", $2));
1568 cfg_parser->cfg->max_udp_size = atoi($2);
1572 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG
1574 OUTYY(("P(dns64_prefix:%s)\n", $2));
1575 free(cfg_parser->cfg->dns64_prefix);
1576 cfg_parser->cfg->dns64_prefix = $2;
1579 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG
1581 OUTYY(("P(server_dns64_synthall:%s)\n", $2));
1582 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1583 yyerror("expected yes or no.");
1584 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0);
1588 server_define_tag: VAR_DEFINE_TAG STRING_ARG
1591 OUTYY(("P(server_define_tag:%s)\n", $2));
1592 while((p=strsep(&s, " \t\n")) != NULL) {
1594 if(!config_add_tag(cfg_parser->cfg, p))
1595 yyerror("could not define-tag, "
1602 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG
1605 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1608 OUTYY(("P(server_local_zone_tag:%s)\n", $2));
1610 yyerror("could not parse tags, (define-tag them first)");
1612 if(!cfg_strbytelist_insert(
1613 &cfg_parser->cfg->local_zone_tags,
1614 $2, bitlist, len)) {
1615 yyerror("out of memory");
1621 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG
1624 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1627 OUTYY(("P(server_access_control_tag:%s)\n", $2));
1629 yyerror("could not parse tags, (define-tag them first)");
1631 if(!cfg_strbytelist_insert(
1632 &cfg_parser->cfg->acl_tags,
1633 $2, bitlist, len)) {
1634 yyerror("out of memory");
1640 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG
1642 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4));
1643 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions,
1645 yyerror("out of memory");
1652 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG
1654 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4));
1655 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas,
1657 yyerror("out of memory");
1664 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG
1666 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4));
1667 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides,
1669 yyerror("out of memory");
1676 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG
1678 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3));
1679 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view,
1681 yyerror("out of memory");
1687 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG
1690 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1693 OUTYY(("P(response_ip_tag:%s)\n", $2));
1695 yyerror("could not parse tags, (define-tag them first)");
1697 if(!cfg_strbytelist_insert(
1698 &cfg_parser->cfg->respip_tags,
1699 $2, bitlist, len)) {
1700 yyerror("out of memory");
1706 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG
1708 OUTYY(("P(server_ip_ratelimit:%s)\n", $2));
1709 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1710 yyerror("number expected");
1711 else cfg_parser->cfg->ip_ratelimit = atoi($2);
1716 server_ratelimit: VAR_RATELIMIT STRING_ARG
1718 OUTYY(("P(server_ratelimit:%s)\n", $2));
1719 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1720 yyerror("number expected");
1721 else cfg_parser->cfg->ratelimit = atoi($2);
1725 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG
1727 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2));
1728 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size))
1729 yyerror("memory size expected");
1733 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG
1735 OUTYY(("P(server_ratelimit_size:%s)\n", $2));
1736 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size))
1737 yyerror("memory size expected");
1741 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG
1743 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2));
1745 yyerror("number expected");
1747 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2);
1748 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs))
1749 yyerror("must be a power of 2");
1754 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG
1756 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2));
1758 yyerror("number expected");
1760 cfg_parser->cfg->ratelimit_slabs = atoi($2);
1761 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs))
1762 yyerror("must be a power of 2");
1767 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG
1769 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3));
1770 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1771 yyerror("number expected");
1773 if(!cfg_str2list_insert(&cfg_parser->cfg->
1774 ratelimit_for_domain, $2, $3))
1775 fatal_exit("out of memory adding "
1776 "ratelimit-for-domain");
1780 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG
1782 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3));
1783 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1784 yyerror("number expected");
1786 if(!cfg_str2list_insert(&cfg_parser->cfg->
1787 ratelimit_below_domain, $2, $3))
1788 fatal_exit("out of memory adding "
1789 "ratelimit-below-domain");
1793 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG
1795 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2));
1796 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1797 yyerror("number expected");
1798 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2);
1802 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG
1804 OUTYY(("P(server_ratelimit_factor:%s)\n", $2));
1805 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1806 yyerror("number expected");
1807 else cfg_parser->cfg->ratelimit_factor = atoi($2);
1811 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG
1813 OUTYY(("P(server_qname_minimisation:%s)\n", $2));
1814 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1815 yyerror("expected yes or no.");
1816 else cfg_parser->cfg->qname_minimisation =
1817 (strcmp($2, "yes")==0);
1821 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG
1823 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2));
1824 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1825 yyerror("expected yes or no.");
1826 else cfg_parser->cfg->qname_minimisation_strict =
1827 (strcmp($2, "yes")==0);
1831 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG
1834 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2));
1835 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1836 yyerror("expected yes or no.");
1837 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0);
1840 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1844 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG
1847 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2));
1848 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1849 yyerror("expected yes or no.");
1850 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0);
1853 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1857 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG
1860 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2));
1861 free(cfg_parser->cfg->ipsecmod_hook);
1862 cfg_parser->cfg->ipsecmod_hook = $2;
1864 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1868 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG
1871 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2));
1872 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1873 yyerror("number expected");
1874 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2);
1877 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1881 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG
1884 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2));
1885 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2))
1886 yyerror("out of memory");
1888 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1892 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG
1895 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2));
1896 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1897 yyerror("expected yes or no.");
1898 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0);
1901 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1905 stub_name: VAR_NAME STRING_ARG
1907 OUTYY(("P(name:%s)\n", $2));
1908 if(cfg_parser->cfg->stubs->name)
1909 yyerror("stub name override, there must be one name "
1910 "for one stub-zone");
1911 free(cfg_parser->cfg->stubs->name);
1912 cfg_parser->cfg->stubs->name = $2;
1915 stub_host: VAR_STUB_HOST STRING_ARG
1917 OUTYY(("P(stub-host:%s)\n", $2));
1918 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2))
1919 yyerror("out of memory");
1922 stub_addr: VAR_STUB_ADDR STRING_ARG
1924 OUTYY(("P(stub-addr:%s)\n", $2));
1925 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2))
1926 yyerror("out of memory");
1929 stub_first: VAR_STUB_FIRST STRING_ARG
1931 OUTYY(("P(stub-first:%s)\n", $2));
1932 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1933 yyerror("expected yes or no.");
1934 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0);
1938 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG
1940 OUTYY(("P(stub-ssl-upstream:%s)\n", $2));
1941 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1942 yyerror("expected yes or no.");
1943 else cfg_parser->cfg->stubs->ssl_upstream =
1944 (strcmp($2, "yes")==0);
1948 stub_prime: VAR_STUB_PRIME STRING_ARG
1950 OUTYY(("P(stub-prime:%s)\n", $2));
1951 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1952 yyerror("expected yes or no.");
1953 else cfg_parser->cfg->stubs->isprime =
1954 (strcmp($2, "yes")==0);
1958 forward_name: VAR_NAME STRING_ARG
1960 OUTYY(("P(name:%s)\n", $2));
1961 if(cfg_parser->cfg->forwards->name)
1962 yyerror("forward name override, there must be one "
1963 "name for one forward-zone");
1964 free(cfg_parser->cfg->forwards->name);
1965 cfg_parser->cfg->forwards->name = $2;
1968 forward_host: VAR_FORWARD_HOST STRING_ARG
1970 OUTYY(("P(forward-host:%s)\n", $2));
1971 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2))
1972 yyerror("out of memory");
1975 forward_addr: VAR_FORWARD_ADDR STRING_ARG
1977 OUTYY(("P(forward-addr:%s)\n", $2));
1978 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2))
1979 yyerror("out of memory");
1982 forward_first: VAR_FORWARD_FIRST STRING_ARG
1984 OUTYY(("P(forward-first:%s)\n", $2));
1985 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1986 yyerror("expected yes or no.");
1987 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0);
1991 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG
1993 OUTYY(("P(forward-ssl-upstream:%s)\n", $2));
1994 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1995 yyerror("expected yes or no.");
1996 else cfg_parser->cfg->forwards->ssl_upstream =
1997 (strcmp($2, "yes")==0);
2001 view_name: VAR_NAME STRING_ARG
2003 OUTYY(("P(name:%s)\n", $2));
2004 if(cfg_parser->cfg->views->name)
2005 yyerror("view name override, there must be one "
2006 "name for one view");
2007 free(cfg_parser->cfg->views->name);
2008 cfg_parser->cfg->views->name = $2;
2011 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
2013 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3));
2014 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
2015 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
2016 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
2017 && strcmp($3, "typetransparent")!=0
2018 && strcmp($3, "always_transparent")!=0
2019 && strcmp($3, "always_refuse")!=0
2020 && strcmp($3, "always_nxdomain")!=0
2021 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
2022 yyerror("local-zone type: expected static, deny, "
2023 "refuse, redirect, transparent, "
2024 "typetransparent, inform, inform_deny, "
2025 "always_transparent, always_refuse, "
2026 "always_nxdomain or nodefault");
2027 else if(strcmp($3, "nodefault")==0) {
2028 if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2029 local_zones_nodefault, $2))
2030 fatal_exit("out of memory adding local-zone");
2033 if(!cfg_str2list_insert(
2034 &cfg_parser->cfg->views->local_zones,
2036 fatal_exit("out of memory adding local-zone");
2040 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2042 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3));
2043 validate_respip_action($3);
2044 if(!cfg_str2list_insert(
2045 &cfg_parser->cfg->views->respip_actions, $2, $3))
2046 fatal_exit("out of memory adding per-view "
2047 "response-ip action");
2050 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2052 OUTYY(("P(view_response_ip_data:%s)\n", $2));
2053 if(!cfg_str2list_insert(
2054 &cfg_parser->cfg->views->respip_data, $2, $3))
2055 fatal_exit("out of memory adding response-ip-data");
2058 view_local_data: VAR_LOCAL_DATA STRING_ARG
2060 OUTYY(("P(view_local_data:%s)\n", $2));
2061 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) {
2062 fatal_exit("out of memory adding local-data");
2067 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
2070 OUTYY(("P(view_local_data_ptr:%s)\n", $2));
2071 ptr = cfg_ptr_reverse($2);
2074 if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2076 fatal_exit("out of memory adding local-data");
2078 yyerror("local-data-ptr could not be reversed");
2082 view_first: VAR_VIEW_FIRST STRING_ARG
2084 OUTYY(("P(view-first:%s)\n", $2));
2085 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2086 yyerror("expected yes or no.");
2087 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0);
2091 rcstart: VAR_REMOTE_CONTROL
2093 OUTYY(("\nP(remote-control:)\n"));
2096 contents_rc: contents_rc content_rc
2098 content_rc: rc_control_enable | rc_control_interface | rc_control_port |
2099 rc_server_key_file | rc_server_cert_file | rc_control_key_file |
2100 rc_control_cert_file | rc_control_use_cert
2102 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG
2104 OUTYY(("P(control_enable:%s)\n", $2));
2105 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2106 yyerror("expected yes or no.");
2107 else cfg_parser->cfg->remote_control_enable =
2108 (strcmp($2, "yes")==0);
2112 rc_control_port: VAR_CONTROL_PORT STRING_ARG
2114 OUTYY(("P(control_port:%s)\n", $2));
2116 yyerror("control port number expected");
2117 else cfg_parser->cfg->control_port = atoi($2);
2121 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG
2123 OUTYY(("P(control_interface:%s)\n", $2));
2124 if(!cfg_strlist_insert(&cfg_parser->cfg->control_ifs, $2))
2125 yyerror("out of memory");
2128 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG
2130 OUTYY(("P(control_use_cert:%s)\n", $2));
2131 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2132 yyerror("expected yes or no.");
2133 else cfg_parser->cfg->remote_control_use_cert =
2134 (strcmp($2, "yes")==0);
2138 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG
2140 OUTYY(("P(rc_server_key_file:%s)\n", $2));
2141 free(cfg_parser->cfg->server_key_file);
2142 cfg_parser->cfg->server_key_file = $2;
2145 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG
2147 OUTYY(("P(rc_server_cert_file:%s)\n", $2));
2148 free(cfg_parser->cfg->server_cert_file);
2149 cfg_parser->cfg->server_cert_file = $2;
2152 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG
2154 OUTYY(("P(rc_control_key_file:%s)\n", $2));
2155 free(cfg_parser->cfg->control_key_file);
2156 cfg_parser->cfg->control_key_file = $2;
2159 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG
2161 OUTYY(("P(rc_control_cert_file:%s)\n", $2));
2162 free(cfg_parser->cfg->control_cert_file);
2163 cfg_parser->cfg->control_cert_file = $2;
2168 OUTYY(("\nP(dnstap:)\n"));
2171 contents_dt: contents_dt content_dt
2173 content_dt: dt_dnstap_enable | dt_dnstap_socket_path |
2174 dt_dnstap_send_identity | dt_dnstap_send_version |
2175 dt_dnstap_identity | dt_dnstap_version |
2176 dt_dnstap_log_resolver_query_messages |
2177 dt_dnstap_log_resolver_response_messages |
2178 dt_dnstap_log_client_query_messages |
2179 dt_dnstap_log_client_response_messages |
2180 dt_dnstap_log_forwarder_query_messages |
2181 dt_dnstap_log_forwarder_response_messages
2183 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG
2185 OUTYY(("P(dt_dnstap_enable:%s)\n", $2));
2186 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2187 yyerror("expected yes or no.");
2188 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0);
2191 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG
2193 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2));
2194 free(cfg_parser->cfg->dnstap_socket_path);
2195 cfg_parser->cfg->dnstap_socket_path = $2;
2198 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG
2200 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2));
2201 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2202 yyerror("expected yes or no.");
2203 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0);
2206 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG
2208 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2));
2209 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2210 yyerror("expected yes or no.");
2211 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0);
2214 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG
2216 OUTYY(("P(dt_dnstap_identity:%s)\n", $2));
2217 free(cfg_parser->cfg->dnstap_identity);
2218 cfg_parser->cfg->dnstap_identity = $2;
2221 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG
2223 OUTYY(("P(dt_dnstap_version:%s)\n", $2));
2224 free(cfg_parser->cfg->dnstap_version);
2225 cfg_parser->cfg->dnstap_version = $2;
2228 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG
2230 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2));
2231 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2232 yyerror("expected yes or no.");
2233 else cfg_parser->cfg->dnstap_log_resolver_query_messages =
2234 (strcmp($2, "yes")==0);
2237 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG
2239 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2));
2240 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2241 yyerror("expected yes or no.");
2242 else cfg_parser->cfg->dnstap_log_resolver_response_messages =
2243 (strcmp($2, "yes")==0);
2246 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG
2248 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2));
2249 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2250 yyerror("expected yes or no.");
2251 else cfg_parser->cfg->dnstap_log_client_query_messages =
2252 (strcmp($2, "yes")==0);
2255 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG
2257 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2));
2258 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2259 yyerror("expected yes or no.");
2260 else cfg_parser->cfg->dnstap_log_client_response_messages =
2261 (strcmp($2, "yes")==0);
2264 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG
2266 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2));
2267 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2268 yyerror("expected yes or no.");
2269 else cfg_parser->cfg->dnstap_log_forwarder_query_messages =
2270 (strcmp($2, "yes")==0);
2273 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG
2275 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2));
2276 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2277 yyerror("expected yes or no.");
2278 else cfg_parser->cfg->dnstap_log_forwarder_response_messages =
2279 (strcmp($2, "yes")==0);
2282 pythonstart: VAR_PYTHON
2284 OUTYY(("\nP(python:)\n"));
2287 contents_py: contents_py content_py
2289 content_py: py_script
2291 py_script: VAR_PYTHON_SCRIPT STRING_ARG
2293 OUTYY(("P(python-script:%s)\n", $2));
2294 free(cfg_parser->cfg->python_script);
2295 cfg_parser->cfg->python_script = $2;
2297 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG
2299 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2));
2300 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2301 yyerror("expected yes or no.");
2302 else cfg_parser->cfg->disable_dnssec_lame_check =
2303 (strcmp($2, "yes")==0);
2307 server_log_identity: VAR_LOG_IDENTITY STRING_ARG
2309 OUTYY(("P(server_log_identity:%s)\n", $2));
2310 free(cfg_parser->cfg->log_identity);
2311 cfg_parser->cfg->log_identity = $2;
2314 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2316 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3));
2317 validate_respip_action($3);
2318 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions,
2320 fatal_exit("out of memory adding response-ip");
2323 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2325 OUTYY(("P(server_response_ip_data:%s)\n", $2));
2326 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data,
2328 fatal_exit("out of memory adding response-ip-data");
2331 dnscstart: VAR_DNSCRYPT
2333 OUTYY(("\nP(dnscrypt:)\n"));
2334 OUTYY(("\nP(dnscrypt:)\n"));
2337 contents_dnsc: contents_dnsc content_dnsc
2340 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider |
2341 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert |
2342 dnsc_dnscrypt_shared_secret_cache_size |
2343 dnsc_dnscrypt_shared_secret_cache_slabs |
2344 dnsc_dnscrypt_nonce_cache_size |
2345 dnsc_dnscrypt_nonce_cache_slabs
2347 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG
2349 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2));
2350 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2351 yyerror("expected yes or no.");
2352 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0);
2357 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG
2359 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2));
2362 yyerror("port number expected");
2363 else cfg_parser->cfg->dnscrypt_port = atoi($2);
2367 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG
2369 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2));
2370 free(cfg_parser->cfg->dnscrypt_provider);
2371 cfg_parser->cfg->dnscrypt_provider = $2;
2374 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG
2376 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2));
2377 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2))
2378 fatal_exit("out of memory adding dnscrypt-provider-cert");
2381 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG
2383 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2));
2384 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2))
2385 fatal_exit("out of memory adding dnscrypt-secret-key");
2388 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG
2390 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2));
2391 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size))
2392 yyerror("memory size expected");
2396 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG
2398 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2));
2400 yyerror("number expected");
2402 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2);
2403 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs))
2404 yyerror("must be a power of 2");
2409 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG
2411 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2));
2412 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size))
2413 yyerror("memory size expected");
2417 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG
2419 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2));
2421 yyerror("number expected");
2423 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2);
2424 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs))
2425 yyerror("must be a power of 2");
2430 cachedbstart: VAR_CACHEDB
2432 OUTYY(("\nP(cachedb:)\n"));
2435 contents_cachedb: contents_cachedb content_cachedb
2437 content_cachedb: cachedb_backend_name | cachedb_secret_seed
2439 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG
2442 OUTYY(("P(backend:%s)\n", $2));
2443 if(cfg_parser->cfg->cachedb_backend)
2444 yyerror("cachedb backend override, there must be one "
2446 free(cfg_parser->cfg->cachedb_backend);
2447 cfg_parser->cfg->cachedb_backend = $2;
2449 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2453 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG
2456 OUTYY(("P(secret-seed:%s)\n", $2));
2457 if(cfg_parser->cfg->cachedb_secret)
2458 yyerror("cachedb secret-seed override, there must be "
2460 free(cfg_parser->cfg->cachedb_secret);
2461 cfg_parser->cfg->cachedb_secret = $2;
2463 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2470 /* parse helper routines could be here */
2472 validate_respip_action(const char* action)
2474 if(strcmp(action, "deny")!=0 &&
2475 strcmp(action, "redirect")!=0 &&
2476 strcmp(action, "inform")!=0 &&
2477 strcmp(action, "inform_deny")!=0 &&
2478 strcmp(action, "always_transparent")!=0 &&
2479 strcmp(action, "always_refuse")!=0 &&
2480 strcmp(action, "always_nxdomain")!=0)
2482 yyerror("response-ip action: expected deny, redirect, "
2483 "inform, inform_deny, always_transparent, "
2484 "always_refuse or always_nxdomain");