2 * configparser.y -- yacc grammar for unbound configuration files
4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
6 * Copyright (c) 2007, NLnet Labs. All rights reserved.
8 * This software is open source.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
14 * Redistributions of source code must retain the above copyright notice,
15 * this list of conditions and the following disclaimer.
17 * Redistributions in binary form must reproduce the above copyright notice,
18 * this list of conditions and the following disclaimer in the documentation
19 * and/or other materials provided with the distribution.
21 * Neither the name of the NLNET LABS nor the names of its contributors may
22 * be used to endorse or promote products derived from this software without
23 * specific prior written permission.
25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
47 #include "util/configyyrename.h"
48 #include "util/config_file.h"
49 #include "util/net_help.h"
52 void ub_c_error(const char *message);
54 static void validate_respip_action(const char* action);
56 /* these need to be global, otherwise they cannot be used inside yacc */
57 extern struct config_parser_state* cfg_parser;
60 #define OUTYY(s) printf s /* used ONLY when debugging */
70 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR
71 %token <str> STRING_ARG
72 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT
73 %token VAR_OUTGOING_RANGE VAR_INTERFACE
74 %token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP
75 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS
76 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE
77 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD
78 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP
79 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS
80 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME
81 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY
82 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES
83 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR
84 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION
85 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF
86 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE
87 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE
88 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE
89 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE
90 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG
91 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST
92 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL
93 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC
94 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID
95 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT
96 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR
97 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS
98 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE
99 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE
100 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE
101 %token VAR_CONTROL_USE_CERT
102 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT
103 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII
104 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN
105 %token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL
106 %token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN
107 %token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH
108 %token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN
109 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES
110 %token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
111 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST
112 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE
113 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN
114 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE
115 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES
116 %token VAR_INFRA_CACHE_MIN_RTT
117 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL
118 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH
119 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION
120 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION
121 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES
122 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES
123 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES
124 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES
125 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES
126 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES
127 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA
128 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT
129 %token VAR_DISABLE_DNSSEC_LAME_CHECK
130 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE
131 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE
132 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN
133 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR
134 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE
135 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE
136 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6
137 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN
138 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND
139 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG
140 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION
141 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW
142 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_FAKE_DSA VAR_FAKE_SHA1
143 %token VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR VAR_TRUST_ANCHOR_SIGNALING
144 %token VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD VAR_SHM_ENABLE VAR_SHM_KEY
145 %token VAR_ROOT_KEY_SENTINEL
146 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER
147 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT
148 %token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED
149 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE
150 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS
151 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE
152 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS
153 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS
154 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT
155 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED
156 %token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISTIMEOUT
157 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM
158 %token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM
159 %token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL
160 %token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT
163 toplevelvars: /* empty */ | toplevelvars toplevelvar ;
164 toplevelvar: serverstart contents_server | stubstart contents_stub |
165 forwardstart contents_forward | pythonstart contents_py |
166 rcstart contents_rc | dtstart contents_dt | viewstart contents_view |
167 dnscstart contents_dnsc | cachedbstart contents_cachedb |
168 authstart contents_auth
171 /* server: declaration */
172 serverstart: VAR_SERVER
174 OUTYY(("\nP(server:)\n"));
177 contents_server: contents_server content_server
179 content_server: server_num_threads | server_verbosity | server_port |
180 server_outgoing_range | server_do_ip4 |
181 server_do_ip6 | server_prefer_ip6 |
182 server_do_udp | server_do_tcp |
183 server_tcp_mss | server_outgoing_tcp_mss |
184 server_interface | server_chroot | server_username |
185 server_directory | server_logfile | server_pidfile |
186 server_msg_cache_size | server_msg_cache_slabs |
187 server_num_queries_per_thread | server_rrset_cache_size |
188 server_rrset_cache_slabs | server_outgoing_num_tcp |
189 server_infra_host_ttl | server_infra_lame_ttl |
190 server_infra_cache_slabs | server_infra_cache_numhosts |
191 server_infra_cache_lame_size | server_target_fetch_policy |
192 server_harden_short_bufsize | server_harden_large_queries |
193 server_do_not_query_address | server_hide_identity |
194 server_hide_version | server_identity | server_version |
195 server_harden_glue | server_module_conf | server_trust_anchor_file |
196 server_trust_anchor | server_val_override_date | server_bogus_ttl |
197 server_val_clean_additional | server_val_permissive_mode |
198 server_incoming_num_tcp | server_msg_buffer_size |
199 server_key_cache_size | server_key_cache_slabs |
200 server_trusted_keys_file | server_val_nsec3_keysize_iterations |
201 server_use_syslog | server_outgoing_interface | server_root_hints |
202 server_do_not_query_localhost | server_cache_max_ttl |
203 server_harden_dnssec_stripped | server_access_control |
204 server_local_zone | server_local_data | server_interface_automatic |
205 server_statistics_interval | server_do_daemonize |
206 server_use_caps_for_id | server_statistics_cumulative |
207 server_outgoing_port_permit | server_outgoing_port_avoid |
208 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size |
209 server_harden_referral_path | server_private_address |
210 server_private_domain | server_extended_statistics |
211 server_local_data_ptr | server_jostle_timeout |
212 server_unwanted_reply_threshold | server_log_time_ascii |
213 server_domain_insecure | server_val_sig_skew_min |
214 server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level |
215 server_auto_trust_anchor_file | server_add_holddown |
216 server_del_holddown | server_keep_missing | server_so_rcvbuf |
217 server_edns_buffer_size | server_prefetch | server_prefetch_key |
218 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag |
219 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream |
220 server_ssl_service_key | server_ssl_service_pem | server_ssl_port |
221 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size |
222 server_so_reuseport | server_delay_close |
223 server_unblock_lan_zones | server_insecure_lan_zones |
224 server_dns64_prefix | server_dns64_synthall |
225 server_infra_cache_min_rtt | server_harden_algo_downgrade |
226 server_ip_transparent | server_ip_ratelimit | server_ratelimit |
227 server_ip_ratelimit_slabs | server_ratelimit_slabs |
228 server_ip_ratelimit_size | server_ratelimit_size |
229 server_ratelimit_for_domain |
230 server_ratelimit_below_domain | server_ratelimit_factor |
231 server_ip_ratelimit_factor | server_send_client_subnet |
232 server_client_subnet_zone | server_client_subnet_always_forward |
233 server_client_subnet_opcode |
234 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 |
235 server_caps_whitelist | server_cache_max_negative_ttl |
236 server_permit_small_holddown | server_qname_minimisation |
237 server_ip_freebind | server_define_tag | server_local_zone_tag |
238 server_disable_dnssec_lame_check | server_access_control_tag |
239 server_local_zone_override | server_access_control_tag_action |
240 server_access_control_tag_data | server_access_control_view |
241 server_qname_minimisation_strict | server_serve_expired |
242 server_fake_dsa | server_log_identity | server_use_systemd |
243 server_response_ip_tag | server_response_ip | server_response_ip_data |
244 server_shm_enable | server_shm_key | server_fake_sha1 |
245 server_hide_trustanchor | server_trust_anchor_signaling |
246 server_root_key_sentinel |
247 server_ipsecmod_enabled | server_ipsecmod_hook |
248 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl |
249 server_ipsecmod_whitelist | server_ipsecmod_strict |
250 server_udp_upstream_without_downstream | server_aggressive_nsec |
251 server_tls_cert_bundle | server_tls_additional_port | server_low_rtt |
252 server_low_rtt_permil | server_tls_win_cert
254 stubstart: VAR_STUB_ZONE
256 struct config_stub* s;
257 OUTYY(("\nP(stub_zone:)\n"));
258 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
260 s->next = cfg_parser->cfg->stubs;
261 cfg_parser->cfg->stubs = s;
263 yyerror("out of memory");
266 contents_stub: contents_stub content_stub
268 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first |
271 forwardstart: VAR_FORWARD_ZONE
273 struct config_stub* s;
274 OUTYY(("\nP(forward_zone:)\n"));
275 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
277 s->next = cfg_parser->cfg->forwards;
278 cfg_parser->cfg->forwards = s;
280 yyerror("out of memory");
283 contents_forward: contents_forward content_forward
285 content_forward: forward_name | forward_host | forward_addr | forward_first |
290 struct config_view* s;
291 OUTYY(("\nP(view:)\n"));
292 s = (struct config_view*)calloc(1, sizeof(struct config_view));
294 s->next = cfg_parser->cfg->views;
295 if(s->next && !s->next->name)
296 yyerror("view without name");
297 cfg_parser->cfg->views = s;
299 yyerror("out of memory");
302 contents_view: contents_view content_view
304 content_view: view_name | view_local_zone | view_local_data | view_first |
305 view_response_ip | view_response_ip_data | view_local_data_ptr
307 authstart: VAR_AUTH_ZONE
309 struct config_auth* s;
310 OUTYY(("\nP(auth_zone:)\n"));
311 s = (struct config_auth*)calloc(1, sizeof(struct config_auth));
313 s->next = cfg_parser->cfg->auths;
314 cfg_parser->cfg->auths = s;
315 /* defaults for auth zone */
316 s->for_downstream = 1;
318 s->fallback_enabled = 0;
320 yyerror("out of memory");
323 contents_auth: contents_auth content_auth
325 content_auth: auth_name | auth_zonefile | auth_master | auth_url |
326 auth_for_downstream | auth_for_upstream | auth_fallback_enabled |
329 server_num_threads: VAR_NUM_THREADS STRING_ARG
331 OUTYY(("P(server_num_threads:%s)\n", $2));
332 if(atoi($2) == 0 && strcmp($2, "0") != 0)
333 yyerror("number expected");
334 else cfg_parser->cfg->num_threads = atoi($2);
338 server_verbosity: VAR_VERBOSITY STRING_ARG
340 OUTYY(("P(server_verbosity:%s)\n", $2));
341 if(atoi($2) == 0 && strcmp($2, "0") != 0)
342 yyerror("number expected");
343 else cfg_parser->cfg->verbosity = atoi($2);
347 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG
349 OUTYY(("P(server_statistics_interval:%s)\n", $2));
350 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
351 cfg_parser->cfg->stat_interval = 0;
352 else if(atoi($2) == 0)
353 yyerror("number expected");
354 else cfg_parser->cfg->stat_interval = atoi($2);
358 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG
360 OUTYY(("P(server_statistics_cumulative:%s)\n", $2));
361 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
362 yyerror("expected yes or no.");
363 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0);
367 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG
369 OUTYY(("P(server_extended_statistics:%s)\n", $2));
370 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
371 yyerror("expected yes or no.");
372 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0);
376 server_shm_enable: VAR_SHM_ENABLE STRING_ARG
378 OUTYY(("P(server_shm_enable:%s)\n", $2));
379 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
380 yyerror("expected yes or no.");
381 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0);
385 server_shm_key: VAR_SHM_KEY STRING_ARG
387 OUTYY(("P(server_shm_key:%s)\n", $2));
388 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
389 cfg_parser->cfg->shm_key = 0;
390 else if(atoi($2) == 0)
391 yyerror("number expected");
392 else cfg_parser->cfg->shm_key = atoi($2);
396 server_port: VAR_PORT STRING_ARG
398 OUTYY(("P(server_port:%s)\n", $2));
400 yyerror("port number expected");
401 else cfg_parser->cfg->port = atoi($2);
405 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG
408 OUTYY(("P(server_send_client_subnet:%s)\n", $2));
409 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2))
410 fatal_exit("out of memory adding client-subnet");
412 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
416 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG
419 OUTYY(("P(server_client_subnet_zone:%s)\n", $2));
420 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone,
422 fatal_exit("out of memory adding client-subnet-zone");
424 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
428 server_client_subnet_always_forward:
429 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG
432 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2));
433 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
434 yyerror("expected yes or no.");
436 cfg_parser->cfg->client_subnet_always_forward =
437 (strcmp($2, "yes")==0);
439 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
444 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG
447 OUTYY(("P(client_subnet_opcode:%s)\n", $2));
448 OUTYY(("P(Deprecated option, ignoring)\n"));
450 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
455 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG
458 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2));
459 if(atoi($2) == 0 && strcmp($2, "0") != 0)
460 yyerror("IPv4 subnet length expected");
461 else if (atoi($2) > 32)
462 cfg_parser->cfg->max_client_subnet_ipv4 = 32;
463 else if (atoi($2) < 0)
464 cfg_parser->cfg->max_client_subnet_ipv4 = 0;
465 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2);
467 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
472 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG
475 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2));
476 if(atoi($2) == 0 && strcmp($2, "0") != 0)
477 yyerror("Ipv6 subnet length expected");
478 else if (atoi($2) > 128)
479 cfg_parser->cfg->max_client_subnet_ipv6 = 128;
480 else if (atoi($2) < 0)
481 cfg_parser->cfg->max_client_subnet_ipv6 = 0;
482 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2);
484 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
489 server_interface: VAR_INTERFACE STRING_ARG
491 OUTYY(("P(server_interface:%s)\n", $2));
492 if(cfg_parser->cfg->num_ifs == 0)
493 cfg_parser->cfg->ifs = calloc(1, sizeof(char*));
494 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs,
495 (cfg_parser->cfg->num_ifs+1)*sizeof(char*));
496 if(!cfg_parser->cfg->ifs)
497 yyerror("out of memory");
499 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2;
502 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG
504 OUTYY(("P(server_outgoing_interface:%s)\n", $2));
505 if(cfg_parser->cfg->num_out_ifs == 0)
506 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*));
507 else cfg_parser->cfg->out_ifs = realloc(
508 cfg_parser->cfg->out_ifs,
509 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*));
510 if(!cfg_parser->cfg->out_ifs)
511 yyerror("out of memory");
513 cfg_parser->cfg->out_ifs[
514 cfg_parser->cfg->num_out_ifs++] = $2;
517 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG
519 OUTYY(("P(server_outgoing_range:%s)\n", $2));
521 yyerror("number expected");
522 else cfg_parser->cfg->outgoing_num_ports = atoi($2);
526 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG
528 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2));
529 if(!cfg_mark_ports($2, 1,
530 cfg_parser->cfg->outgoing_avail_ports, 65536))
531 yyerror("port number or range (\"low-high\") expected");
535 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG
537 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2));
538 if(!cfg_mark_ports($2, 0,
539 cfg_parser->cfg->outgoing_avail_ports, 65536))
540 yyerror("port number or range (\"low-high\") expected");
544 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG
546 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2));
547 if(atoi($2) == 0 && strcmp($2, "0") != 0)
548 yyerror("number expected");
549 else cfg_parser->cfg->outgoing_num_tcp = atoi($2);
553 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG
555 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2));
556 if(atoi($2) == 0 && strcmp($2, "0") != 0)
557 yyerror("number expected");
558 else cfg_parser->cfg->incoming_num_tcp = atoi($2);
562 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG
564 OUTYY(("P(server_interface_automatic:%s)\n", $2));
565 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
566 yyerror("expected yes or no.");
567 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0);
571 server_do_ip4: VAR_DO_IP4 STRING_ARG
573 OUTYY(("P(server_do_ip4:%s)\n", $2));
574 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
575 yyerror("expected yes or no.");
576 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0);
580 server_do_ip6: VAR_DO_IP6 STRING_ARG
582 OUTYY(("P(server_do_ip6:%s)\n", $2));
583 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
584 yyerror("expected yes or no.");
585 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0);
589 server_do_udp: VAR_DO_UDP STRING_ARG
591 OUTYY(("P(server_do_udp:%s)\n", $2));
592 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
593 yyerror("expected yes or no.");
594 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0);
598 server_do_tcp: VAR_DO_TCP STRING_ARG
600 OUTYY(("P(server_do_tcp:%s)\n", $2));
601 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
602 yyerror("expected yes or no.");
603 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0);
607 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG
609 OUTYY(("P(server_prefer_ip6:%s)\n", $2));
610 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
611 yyerror("expected yes or no.");
612 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0);
616 server_tcp_mss: VAR_TCP_MSS STRING_ARG
618 OUTYY(("P(server_tcp_mss:%s)\n", $2));
619 if(atoi($2) == 0 && strcmp($2, "0") != 0)
620 yyerror("number expected");
621 else cfg_parser->cfg->tcp_mss = atoi($2);
625 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG
627 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2));
628 if(atoi($2) == 0 && strcmp($2, "0") != 0)
629 yyerror("number expected");
630 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2);
634 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG
636 OUTYY(("P(server_tcp_upstream:%s)\n", $2));
637 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
638 yyerror("expected yes or no.");
639 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0);
643 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG
645 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2));
646 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
647 yyerror("expected yes or no.");
648 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0);
652 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG
654 OUTYY(("P(server_ssl_upstream:%s)\n", $2));
655 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
656 yyerror("expected yes or no.");
657 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0);
661 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG
663 OUTYY(("P(server_ssl_service_key:%s)\n", $2));
664 free(cfg_parser->cfg->ssl_service_key);
665 cfg_parser->cfg->ssl_service_key = $2;
668 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG
670 OUTYY(("P(server_ssl_service_pem:%s)\n", $2));
671 free(cfg_parser->cfg->ssl_service_pem);
672 cfg_parser->cfg->ssl_service_pem = $2;
675 server_ssl_port: VAR_SSL_PORT STRING_ARG
677 OUTYY(("P(server_ssl_port:%s)\n", $2));
679 yyerror("port number expected");
680 else cfg_parser->cfg->ssl_port = atoi($2);
684 server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG
686 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2));
687 free(cfg_parser->cfg->tls_cert_bundle);
688 cfg_parser->cfg->tls_cert_bundle = $2;
691 server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG
693 OUTYY(("P(server_tls_win_cert:%s)\n", $2));
694 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
695 yyerror("expected yes or no.");
696 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0);
700 server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG
702 OUTYY(("P(server_tls_additional_port:%s)\n", $2));
703 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port,
705 yyerror("out of memory");
708 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG
710 OUTYY(("P(server_use_systemd:%s)\n", $2));
711 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
712 yyerror("expected yes or no.");
713 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0);
717 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG
719 OUTYY(("P(server_do_daemonize:%s)\n", $2));
720 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
721 yyerror("expected yes or no.");
722 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0);
726 server_use_syslog: VAR_USE_SYSLOG STRING_ARG
728 OUTYY(("P(server_use_syslog:%s)\n", $2));
729 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
730 yyerror("expected yes or no.");
731 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0);
732 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS)
733 if(strcmp($2, "yes") == 0)
734 yyerror("no syslog services are available. "
735 "(reconfigure and compile to add)");
740 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG
742 OUTYY(("P(server_log_time_ascii:%s)\n", $2));
743 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
744 yyerror("expected yes or no.");
745 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0);
749 server_log_queries: VAR_LOG_QUERIES STRING_ARG
751 OUTYY(("P(server_log_queries:%s)\n", $2));
752 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
753 yyerror("expected yes or no.");
754 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0);
758 server_log_replies: VAR_LOG_REPLIES STRING_ARG
760 OUTYY(("P(server_log_replies:%s)\n", $2));
761 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
762 yyerror("expected yes or no.");
763 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0);
767 server_chroot: VAR_CHROOT STRING_ARG
769 OUTYY(("P(server_chroot:%s)\n", $2));
770 free(cfg_parser->cfg->chrootdir);
771 cfg_parser->cfg->chrootdir = $2;
774 server_username: VAR_USERNAME STRING_ARG
776 OUTYY(("P(server_username:%s)\n", $2));
777 free(cfg_parser->cfg->username);
778 cfg_parser->cfg->username = $2;
781 server_directory: VAR_DIRECTORY STRING_ARG
783 OUTYY(("P(server_directory:%s)\n", $2));
784 free(cfg_parser->cfg->directory);
785 cfg_parser->cfg->directory = $2;
786 /* change there right away for includes relative to this */
790 w_config_adjust_directory(cfg_parser->cfg);
792 d = cfg_parser->cfg->directory;
793 /* adjust directory if we have already chroot,
794 * like, we reread after sighup */
795 if(cfg_parser->chroot && cfg_parser->chroot[0] &&
796 strncmp(d, cfg_parser->chroot, strlen(
797 cfg_parser->chroot)) == 0)
798 d += strlen(cfg_parser->chroot);
801 log_err("cannot chdir to directory: %s (%s)",
807 server_logfile: VAR_LOGFILE STRING_ARG
809 OUTYY(("P(server_logfile:%s)\n", $2));
810 free(cfg_parser->cfg->logfile);
811 cfg_parser->cfg->logfile = $2;
812 cfg_parser->cfg->use_syslog = 0;
815 server_pidfile: VAR_PIDFILE STRING_ARG
817 OUTYY(("P(server_pidfile:%s)\n", $2));
818 free(cfg_parser->cfg->pidfile);
819 cfg_parser->cfg->pidfile = $2;
822 server_root_hints: VAR_ROOT_HINTS STRING_ARG
824 OUTYY(("P(server_root_hints:%s)\n", $2));
825 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2))
826 yyerror("out of memory");
829 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG
831 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2));
832 free(cfg_parser->cfg->dlv_anchor_file);
833 cfg_parser->cfg->dlv_anchor_file = $2;
836 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG
838 OUTYY(("P(server_dlv_anchor:%s)\n", $2));
839 if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, $2))
840 yyerror("out of memory");
843 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG
845 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2));
846 if(!cfg_strlist_insert(&cfg_parser->cfg->
847 auto_trust_anchor_file_list, $2))
848 yyerror("out of memory");
851 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG
853 OUTYY(("P(server_trust_anchor_file:%s)\n", $2));
854 if(!cfg_strlist_insert(&cfg_parser->cfg->
855 trust_anchor_file_list, $2))
856 yyerror("out of memory");
859 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG
861 OUTYY(("P(server_trusted_keys_file:%s)\n", $2));
862 if(!cfg_strlist_insert(&cfg_parser->cfg->
863 trusted_keys_file_list, $2))
864 yyerror("out of memory");
867 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG
869 OUTYY(("P(server_trust_anchor:%s)\n", $2));
870 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2))
871 yyerror("out of memory");
874 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG
876 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2));
877 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
878 yyerror("expected yes or no.");
880 cfg_parser->cfg->trust_anchor_signaling =
881 (strcmp($2, "yes")==0);
885 server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG
887 OUTYY(("P(server_root_key_sentinel:%s)\n", $2));
888 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
889 yyerror("expected yes or no.");
891 cfg_parser->cfg->root_key_sentinel =
892 (strcmp($2, "yes")==0);
896 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG
898 OUTYY(("P(server_domain_insecure:%s)\n", $2));
899 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2))
900 yyerror("out of memory");
903 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG
905 OUTYY(("P(server_hide_identity:%s)\n", $2));
906 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
907 yyerror("expected yes or no.");
908 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0);
912 server_hide_version: VAR_HIDE_VERSION STRING_ARG
914 OUTYY(("P(server_hide_version:%s)\n", $2));
915 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
916 yyerror("expected yes or no.");
917 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0);
921 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG
923 OUTYY(("P(server_hide_trustanchor:%s)\n", $2));
924 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
925 yyerror("expected yes or no.");
926 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0);
930 server_identity: VAR_IDENTITY STRING_ARG
932 OUTYY(("P(server_identity:%s)\n", $2));
933 free(cfg_parser->cfg->identity);
934 cfg_parser->cfg->identity = $2;
937 server_version: VAR_VERSION STRING_ARG
939 OUTYY(("P(server_version:%s)\n", $2));
940 free(cfg_parser->cfg->version);
941 cfg_parser->cfg->version = $2;
944 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG
946 OUTYY(("P(server_so_rcvbuf:%s)\n", $2));
947 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf))
948 yyerror("buffer size expected");
952 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG
954 OUTYY(("P(server_so_sndbuf:%s)\n", $2));
955 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf))
956 yyerror("buffer size expected");
960 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG
962 OUTYY(("P(server_so_reuseport:%s)\n", $2));
963 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
964 yyerror("expected yes or no.");
965 else cfg_parser->cfg->so_reuseport =
966 (strcmp($2, "yes")==0);
970 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG
972 OUTYY(("P(server_ip_transparent:%s)\n", $2));
973 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
974 yyerror("expected yes or no.");
975 else cfg_parser->cfg->ip_transparent =
976 (strcmp($2, "yes")==0);
980 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG
982 OUTYY(("P(server_ip_freebind:%s)\n", $2));
983 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
984 yyerror("expected yes or no.");
985 else cfg_parser->cfg->ip_freebind =
986 (strcmp($2, "yes")==0);
990 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG
992 OUTYY(("P(server_edns_buffer_size:%s)\n", $2));
994 yyerror("number expected");
995 else if (atoi($2) < 12)
996 yyerror("edns buffer size too small");
997 else if (atoi($2) > 65535)
998 cfg_parser->cfg->edns_buffer_size = 65535;
999 else cfg_parser->cfg->edns_buffer_size = atoi($2);
1003 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG
1005 OUTYY(("P(server_msg_buffer_size:%s)\n", $2));
1007 yyerror("number expected");
1008 else if (atoi($2) < 4096)
1009 yyerror("message buffer size too small (use 4096)");
1010 else cfg_parser->cfg->msg_buffer_size = atoi($2);
1014 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG
1016 OUTYY(("P(server_msg_cache_size:%s)\n", $2));
1017 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size))
1018 yyerror("memory size expected");
1022 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG
1024 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2));
1026 yyerror("number expected");
1028 cfg_parser->cfg->msg_cache_slabs = atoi($2);
1029 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs))
1030 yyerror("must be a power of 2");
1035 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG
1037 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2));
1039 yyerror("number expected");
1040 else cfg_parser->cfg->num_queries_per_thread = atoi($2);
1044 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG
1046 OUTYY(("P(server_jostle_timeout:%s)\n", $2));
1047 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1048 yyerror("number expected");
1049 else cfg_parser->cfg->jostle_time = atoi($2);
1053 server_delay_close: VAR_DELAY_CLOSE STRING_ARG
1055 OUTYY(("P(server_delay_close:%s)\n", $2));
1056 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1057 yyerror("number expected");
1058 else cfg_parser->cfg->delay_close = atoi($2);
1062 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG
1064 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2));
1065 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1066 yyerror("expected yes or no.");
1067 else cfg_parser->cfg->unblock_lan_zones =
1068 (strcmp($2, "yes")==0);
1072 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG
1074 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2));
1075 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1076 yyerror("expected yes or no.");
1077 else cfg_parser->cfg->insecure_lan_zones =
1078 (strcmp($2, "yes")==0);
1082 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG
1084 OUTYY(("P(server_rrset_cache_size:%s)\n", $2));
1085 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size))
1086 yyerror("memory size expected");
1090 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG
1092 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2));
1094 yyerror("number expected");
1096 cfg_parser->cfg->rrset_cache_slabs = atoi($2);
1097 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs))
1098 yyerror("must be a power of 2");
1103 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG
1105 OUTYY(("P(server_infra_host_ttl:%s)\n", $2));
1106 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1107 yyerror("number expected");
1108 else cfg_parser->cfg->host_ttl = atoi($2);
1112 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG
1114 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2));
1115 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option "
1116 "removed, use infra-host-ttl)", $2);
1120 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG
1122 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2));
1124 yyerror("number expected");
1125 else cfg_parser->cfg->infra_cache_numhosts = atoi($2);
1129 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG
1131 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2));
1132 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s "
1133 "(option removed, use infra-cache-numhosts)", $2);
1137 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG
1139 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2));
1141 yyerror("number expected");
1143 cfg_parser->cfg->infra_cache_slabs = atoi($2);
1144 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs))
1145 yyerror("must be a power of 2");
1150 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG
1152 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2));
1153 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1154 yyerror("number expected");
1155 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2);
1159 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG
1161 OUTYY(("P(server_target_fetch_policy:%s)\n", $2));
1162 free(cfg_parser->cfg->target_fetch_policy);
1163 cfg_parser->cfg->target_fetch_policy = $2;
1166 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG
1168 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2));
1169 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1170 yyerror("expected yes or no.");
1171 else cfg_parser->cfg->harden_short_bufsize =
1172 (strcmp($2, "yes")==0);
1176 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG
1178 OUTYY(("P(server_harden_large_queries:%s)\n", $2));
1179 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1180 yyerror("expected yes or no.");
1181 else cfg_parser->cfg->harden_large_queries =
1182 (strcmp($2, "yes")==0);
1186 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG
1188 OUTYY(("P(server_harden_glue:%s)\n", $2));
1189 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1190 yyerror("expected yes or no.");
1191 else cfg_parser->cfg->harden_glue =
1192 (strcmp($2, "yes")==0);
1196 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG
1198 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2));
1199 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1200 yyerror("expected yes or no.");
1201 else cfg_parser->cfg->harden_dnssec_stripped =
1202 (strcmp($2, "yes")==0);
1206 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG
1208 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2));
1209 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1210 yyerror("expected yes or no.");
1211 else cfg_parser->cfg->harden_below_nxdomain =
1212 (strcmp($2, "yes")==0);
1216 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG
1218 OUTYY(("P(server_harden_referral_path:%s)\n", $2));
1219 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1220 yyerror("expected yes or no.");
1221 else cfg_parser->cfg->harden_referral_path =
1222 (strcmp($2, "yes")==0);
1226 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG
1228 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2));
1229 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1230 yyerror("expected yes or no.");
1231 else cfg_parser->cfg->harden_algo_downgrade =
1232 (strcmp($2, "yes")==0);
1236 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG
1238 OUTYY(("P(server_use_caps_for_id:%s)\n", $2));
1239 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1240 yyerror("expected yes or no.");
1241 else cfg_parser->cfg->use_caps_bits_for_id =
1242 (strcmp($2, "yes")==0);
1246 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG
1248 OUTYY(("P(server_caps_whitelist:%s)\n", $2));
1249 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2))
1250 yyerror("out of memory");
1253 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG
1255 OUTYY(("P(server_private_address:%s)\n", $2));
1256 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2))
1257 yyerror("out of memory");
1260 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG
1262 OUTYY(("P(server_private_domain:%s)\n", $2));
1263 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2))
1264 yyerror("out of memory");
1267 server_prefetch: VAR_PREFETCH STRING_ARG
1269 OUTYY(("P(server_prefetch:%s)\n", $2));
1270 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1271 yyerror("expected yes or no.");
1272 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0);
1276 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG
1278 OUTYY(("P(server_prefetch_key:%s)\n", $2));
1279 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1280 yyerror("expected yes or no.");
1281 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0);
1285 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG
1287 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2));
1288 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1289 yyerror("number expected");
1290 else cfg_parser->cfg->unwanted_threshold = atoi($2);
1294 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG
1296 OUTYY(("P(server_do_not_query_address:%s)\n", $2));
1297 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2))
1298 yyerror("out of memory");
1301 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG
1303 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2));
1304 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1305 yyerror("expected yes or no.");
1306 else cfg_parser->cfg->donotquery_localhost =
1307 (strcmp($2, "yes")==0);
1311 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG
1313 OUTYY(("P(server_access_control:%s %s)\n", $2, $3));
1314 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 &&
1315 strcmp($3, "deny_non_local")!=0 &&
1316 strcmp($3, "refuse_non_local")!=0 &&
1317 strcmp($3, "allow_setrd")!=0 &&
1318 strcmp($3, "allow")!=0 &&
1319 strcmp($3, "allow_snoop")!=0) {
1320 yyerror("expected deny, refuse, deny_non_local, "
1321 "refuse_non_local, allow, allow_setrd or "
1322 "allow_snoop in access control action");
1324 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3))
1325 fatal_exit("out of memory adding acl");
1329 server_module_conf: VAR_MODULE_CONF STRING_ARG
1331 OUTYY(("P(server_module_conf:%s)\n", $2));
1332 free(cfg_parser->cfg->module_conf);
1333 cfg_parser->cfg->module_conf = $2;
1336 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG
1338 OUTYY(("P(server_val_override_date:%s)\n", $2));
1339 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1340 cfg_parser->cfg->val_date_override = 0;
1341 } else if(strlen($2) == 14) {
1342 cfg_parser->cfg->val_date_override =
1343 cfg_convert_timeval($2);
1344 if(!cfg_parser->cfg->val_date_override)
1345 yyerror("bad date/time specification");
1348 yyerror("number expected");
1349 cfg_parser->cfg->val_date_override = atoi($2);
1354 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG
1356 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2));
1357 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1358 cfg_parser->cfg->val_sig_skew_min = 0;
1360 cfg_parser->cfg->val_sig_skew_min = atoi($2);
1361 if(!cfg_parser->cfg->val_sig_skew_min)
1362 yyerror("number expected");
1367 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG
1369 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2));
1370 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1371 cfg_parser->cfg->val_sig_skew_max = 0;
1373 cfg_parser->cfg->val_sig_skew_max = atoi($2);
1374 if(!cfg_parser->cfg->val_sig_skew_max)
1375 yyerror("number expected");
1380 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG
1382 OUTYY(("P(server_cache_max_ttl:%s)\n", $2));
1383 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1384 yyerror("number expected");
1385 else cfg_parser->cfg->max_ttl = atoi($2);
1389 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG
1391 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2));
1392 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1393 yyerror("number expected");
1394 else cfg_parser->cfg->max_negative_ttl = atoi($2);
1398 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG
1400 OUTYY(("P(server_cache_min_ttl:%s)\n", $2));
1401 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1402 yyerror("number expected");
1403 else cfg_parser->cfg->min_ttl = atoi($2);
1407 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG
1409 OUTYY(("P(server_bogus_ttl:%s)\n", $2));
1410 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1411 yyerror("number expected");
1412 else cfg_parser->cfg->bogus_ttl = atoi($2);
1416 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG
1418 OUTYY(("P(server_val_clean_additional:%s)\n", $2));
1419 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1420 yyerror("expected yes or no.");
1421 else cfg_parser->cfg->val_clean_additional =
1422 (strcmp($2, "yes")==0);
1426 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG
1428 OUTYY(("P(server_val_permissive_mode:%s)\n", $2));
1429 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1430 yyerror("expected yes or no.");
1431 else cfg_parser->cfg->val_permissive_mode =
1432 (strcmp($2, "yes")==0);
1436 server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG
1438 OUTYY(("P(server_aggressive_nsec:%s)\n", $2));
1439 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1440 yyerror("expected yes or no.");
1442 cfg_parser->cfg->aggressive_nsec =
1443 (strcmp($2, "yes")==0);
1447 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG
1449 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2));
1450 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1451 yyerror("expected yes or no.");
1452 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0);
1456 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG
1458 OUTYY(("P(server_serve_expired:%s)\n", $2));
1459 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1460 yyerror("expected yes or no.");
1461 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0);
1465 server_fake_dsa: VAR_FAKE_DSA STRING_ARG
1467 OUTYY(("P(server_fake_dsa:%s)\n", $2));
1468 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1469 yyerror("expected yes or no.");
1471 else fake_dsa = (strcmp($2, "yes")==0);
1473 log_warn("test option fake_dsa is enabled");
1478 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG
1480 OUTYY(("P(server_fake_sha1:%s)\n", $2));
1481 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1482 yyerror("expected yes or no.");
1484 else fake_sha1 = (strcmp($2, "yes")==0);
1486 log_warn("test option fake_sha1 is enabled");
1491 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG
1493 OUTYY(("P(server_val_log_level:%s)\n", $2));
1494 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1495 yyerror("number expected");
1496 else cfg_parser->cfg->val_log_level = atoi($2);
1500 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG
1502 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2));
1503 free(cfg_parser->cfg->val_nsec3_key_iterations);
1504 cfg_parser->cfg->val_nsec3_key_iterations = $2;
1507 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG
1509 OUTYY(("P(server_add_holddown:%s)\n", $2));
1510 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1511 yyerror("number expected");
1512 else cfg_parser->cfg->add_holddown = atoi($2);
1516 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG
1518 OUTYY(("P(server_del_holddown:%s)\n", $2));
1519 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1520 yyerror("number expected");
1521 else cfg_parser->cfg->del_holddown = atoi($2);
1525 server_keep_missing: VAR_KEEP_MISSING STRING_ARG
1527 OUTYY(("P(server_keep_missing:%s)\n", $2));
1528 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1529 yyerror("number expected");
1530 else cfg_parser->cfg->keep_missing = atoi($2);
1534 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG
1536 OUTYY(("P(server_permit_small_holddown:%s)\n", $2));
1537 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1538 yyerror("expected yes or no.");
1539 else cfg_parser->cfg->permit_small_holddown =
1540 (strcmp($2, "yes")==0);
1543 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG
1545 OUTYY(("P(server_key_cache_size:%s)\n", $2));
1546 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size))
1547 yyerror("memory size expected");
1551 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG
1553 OUTYY(("P(server_key_cache_slabs:%s)\n", $2));
1555 yyerror("number expected");
1557 cfg_parser->cfg->key_cache_slabs = atoi($2);
1558 if(!is_pow2(cfg_parser->cfg->key_cache_slabs))
1559 yyerror("must be a power of 2");
1564 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG
1566 OUTYY(("P(server_neg_cache_size:%s)\n", $2));
1567 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size))
1568 yyerror("memory size expected");
1572 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
1574 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3));
1575 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
1576 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
1577 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
1578 && strcmp($3, "typetransparent")!=0
1579 && strcmp($3, "always_transparent")!=0
1580 && strcmp($3, "always_refuse")!=0
1581 && strcmp($3, "always_nxdomain")!=0
1582 && strcmp($3, "noview")!=0
1583 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
1584 yyerror("local-zone type: expected static, deny, "
1585 "refuse, redirect, transparent, "
1586 "typetransparent, inform, inform_deny, "
1587 "always_transparent, always_refuse, "
1588 "always_nxdomain, noview or nodefault");
1589 else if(strcmp($3, "nodefault")==0) {
1590 if(!cfg_strlist_insert(&cfg_parser->cfg->
1591 local_zones_nodefault, $2))
1592 fatal_exit("out of memory adding local-zone");
1595 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones,
1597 fatal_exit("out of memory adding local-zone");
1601 server_local_data: VAR_LOCAL_DATA STRING_ARG
1603 OUTYY(("P(server_local_data:%s)\n", $2));
1604 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2))
1605 fatal_exit("out of memory adding local-data");
1608 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
1611 OUTYY(("P(server_local_data_ptr:%s)\n", $2));
1612 ptr = cfg_ptr_reverse($2);
1615 if(!cfg_strlist_insert(&cfg_parser->cfg->
1617 fatal_exit("out of memory adding local-data");
1619 yyerror("local-data-ptr could not be reversed");
1623 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG
1625 OUTYY(("P(server_minimal_responses:%s)\n", $2));
1626 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1627 yyerror("expected yes or no.");
1628 else cfg_parser->cfg->minimal_responses =
1629 (strcmp($2, "yes")==0);
1633 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG
1635 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2));
1636 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1637 yyerror("expected yes or no.");
1638 else cfg_parser->cfg->rrset_roundrobin =
1639 (strcmp($2, "yes")==0);
1643 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG
1645 OUTYY(("P(server_max_udp_size:%s)\n", $2));
1646 cfg_parser->cfg->max_udp_size = atoi($2);
1650 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG
1652 OUTYY(("P(dns64_prefix:%s)\n", $2));
1653 free(cfg_parser->cfg->dns64_prefix);
1654 cfg_parser->cfg->dns64_prefix = $2;
1657 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG
1659 OUTYY(("P(server_dns64_synthall:%s)\n", $2));
1660 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1661 yyerror("expected yes or no.");
1662 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0);
1666 server_define_tag: VAR_DEFINE_TAG STRING_ARG
1669 OUTYY(("P(server_define_tag:%s)\n", $2));
1670 while((p=strsep(&s, " \t\n")) != NULL) {
1672 if(!config_add_tag(cfg_parser->cfg, p))
1673 yyerror("could not define-tag, "
1680 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG
1683 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1686 OUTYY(("P(server_local_zone_tag:%s)\n", $2));
1688 yyerror("could not parse tags, (define-tag them first)");
1690 if(!cfg_strbytelist_insert(
1691 &cfg_parser->cfg->local_zone_tags,
1692 $2, bitlist, len)) {
1693 yyerror("out of memory");
1699 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG
1702 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1705 OUTYY(("P(server_access_control_tag:%s)\n", $2));
1707 yyerror("could not parse tags, (define-tag them first)");
1709 if(!cfg_strbytelist_insert(
1710 &cfg_parser->cfg->acl_tags,
1711 $2, bitlist, len)) {
1712 yyerror("out of memory");
1718 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG
1720 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4));
1721 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions,
1723 yyerror("out of memory");
1730 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG
1732 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4));
1733 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas,
1735 yyerror("out of memory");
1742 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG
1744 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4));
1745 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides,
1747 yyerror("out of memory");
1754 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG
1756 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3));
1757 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view,
1759 yyerror("out of memory");
1765 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG
1768 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1771 OUTYY(("P(response_ip_tag:%s)\n", $2));
1773 yyerror("could not parse tags, (define-tag them first)");
1775 if(!cfg_strbytelist_insert(
1776 &cfg_parser->cfg->respip_tags,
1777 $2, bitlist, len)) {
1778 yyerror("out of memory");
1784 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG
1786 OUTYY(("P(server_ip_ratelimit:%s)\n", $2));
1787 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1788 yyerror("number expected");
1789 else cfg_parser->cfg->ip_ratelimit = atoi($2);
1794 server_ratelimit: VAR_RATELIMIT STRING_ARG
1796 OUTYY(("P(server_ratelimit:%s)\n", $2));
1797 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1798 yyerror("number expected");
1799 else cfg_parser->cfg->ratelimit = atoi($2);
1803 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG
1805 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2));
1806 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size))
1807 yyerror("memory size expected");
1811 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG
1813 OUTYY(("P(server_ratelimit_size:%s)\n", $2));
1814 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size))
1815 yyerror("memory size expected");
1819 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG
1821 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2));
1823 yyerror("number expected");
1825 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2);
1826 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs))
1827 yyerror("must be a power of 2");
1832 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG
1834 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2));
1836 yyerror("number expected");
1838 cfg_parser->cfg->ratelimit_slabs = atoi($2);
1839 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs))
1840 yyerror("must be a power of 2");
1845 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG
1847 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3));
1848 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1849 yyerror("number expected");
1851 if(!cfg_str2list_insert(&cfg_parser->cfg->
1852 ratelimit_for_domain, $2, $3))
1853 fatal_exit("out of memory adding "
1854 "ratelimit-for-domain");
1858 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG
1860 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3));
1861 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1862 yyerror("number expected");
1864 if(!cfg_str2list_insert(&cfg_parser->cfg->
1865 ratelimit_below_domain, $2, $3))
1866 fatal_exit("out of memory adding "
1867 "ratelimit-below-domain");
1871 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG
1873 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2));
1874 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1875 yyerror("number expected");
1876 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2);
1880 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG
1882 OUTYY(("P(server_ratelimit_factor:%s)\n", $2));
1883 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1884 yyerror("number expected");
1885 else cfg_parser->cfg->ratelimit_factor = atoi($2);
1889 server_low_rtt: VAR_LOW_RTT STRING_ARG
1891 OUTYY(("P(server_low_rtt:%s)\n", $2));
1892 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1893 yyerror("number expected");
1894 else cfg_parser->cfg->low_rtt = atoi($2);
1898 server_low_rtt_permil: VAR_LOW_RTT_PERMIL STRING_ARG
1900 OUTYY(("P(server_low_rtt_permil:%s)\n", $2));
1901 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1902 yyerror("number expected");
1903 else cfg_parser->cfg->low_rtt_permil = atoi($2);
1907 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG
1909 OUTYY(("P(server_qname_minimisation:%s)\n", $2));
1910 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1911 yyerror("expected yes or no.");
1912 else cfg_parser->cfg->qname_minimisation =
1913 (strcmp($2, "yes")==0);
1917 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG
1919 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2));
1920 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1921 yyerror("expected yes or no.");
1922 else cfg_parser->cfg->qname_minimisation_strict =
1923 (strcmp($2, "yes")==0);
1927 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG
1930 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2));
1931 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1932 yyerror("expected yes or no.");
1933 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0);
1936 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1940 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG
1943 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2));
1944 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1945 yyerror("expected yes or no.");
1946 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0);
1949 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1953 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG
1956 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2));
1957 free(cfg_parser->cfg->ipsecmod_hook);
1958 cfg_parser->cfg->ipsecmod_hook = $2;
1960 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1964 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG
1967 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2));
1968 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1969 yyerror("number expected");
1970 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2);
1973 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1977 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG
1980 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2));
1981 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2))
1982 yyerror("out of memory");
1984 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1988 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG
1991 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2));
1992 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1993 yyerror("expected yes or no.");
1994 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0);
1997 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2001 stub_name: VAR_NAME STRING_ARG
2003 OUTYY(("P(name:%s)\n", $2));
2004 if(cfg_parser->cfg->stubs->name)
2005 yyerror("stub name override, there must be one name "
2006 "for one stub-zone");
2007 free(cfg_parser->cfg->stubs->name);
2008 cfg_parser->cfg->stubs->name = $2;
2011 stub_host: VAR_STUB_HOST STRING_ARG
2013 OUTYY(("P(stub-host:%s)\n", $2));
2014 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2))
2015 yyerror("out of memory");
2018 stub_addr: VAR_STUB_ADDR STRING_ARG
2020 OUTYY(("P(stub-addr:%s)\n", $2));
2021 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2))
2022 yyerror("out of memory");
2025 stub_first: VAR_STUB_FIRST STRING_ARG
2027 OUTYY(("P(stub-first:%s)\n", $2));
2028 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2029 yyerror("expected yes or no.");
2030 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0);
2034 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG
2036 OUTYY(("P(stub-ssl-upstream:%s)\n", $2));
2037 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2038 yyerror("expected yes or no.");
2039 else cfg_parser->cfg->stubs->ssl_upstream =
2040 (strcmp($2, "yes")==0);
2044 stub_prime: VAR_STUB_PRIME STRING_ARG
2046 OUTYY(("P(stub-prime:%s)\n", $2));
2047 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2048 yyerror("expected yes or no.");
2049 else cfg_parser->cfg->stubs->isprime =
2050 (strcmp($2, "yes")==0);
2054 forward_name: VAR_NAME STRING_ARG
2056 OUTYY(("P(name:%s)\n", $2));
2057 if(cfg_parser->cfg->forwards->name)
2058 yyerror("forward name override, there must be one "
2059 "name for one forward-zone");
2060 free(cfg_parser->cfg->forwards->name);
2061 cfg_parser->cfg->forwards->name = $2;
2064 forward_host: VAR_FORWARD_HOST STRING_ARG
2066 OUTYY(("P(forward-host:%s)\n", $2));
2067 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2))
2068 yyerror("out of memory");
2071 forward_addr: VAR_FORWARD_ADDR STRING_ARG
2073 OUTYY(("P(forward-addr:%s)\n", $2));
2074 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2))
2075 yyerror("out of memory");
2078 forward_first: VAR_FORWARD_FIRST STRING_ARG
2080 OUTYY(("P(forward-first:%s)\n", $2));
2081 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2082 yyerror("expected yes or no.");
2083 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0);
2087 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG
2089 OUTYY(("P(forward-ssl-upstream:%s)\n", $2));
2090 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2091 yyerror("expected yes or no.");
2092 else cfg_parser->cfg->forwards->ssl_upstream =
2093 (strcmp($2, "yes")==0);
2097 auth_name: VAR_NAME STRING_ARG
2099 OUTYY(("P(name:%s)\n", $2));
2100 if(cfg_parser->cfg->auths->name)
2101 yyerror("auth name override, there must be one name "
2102 "for one auth-zone");
2103 free(cfg_parser->cfg->auths->name);
2104 cfg_parser->cfg->auths->name = $2;
2107 auth_zonefile: VAR_ZONEFILE STRING_ARG
2109 OUTYY(("P(zonefile:%s)\n", $2));
2110 free(cfg_parser->cfg->auths->zonefile);
2111 cfg_parser->cfg->auths->zonefile = $2;
2114 auth_master: VAR_MASTER STRING_ARG
2116 OUTYY(("P(master:%s)\n", $2));
2117 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2))
2118 yyerror("out of memory");
2121 auth_url: VAR_URL STRING_ARG
2123 OUTYY(("P(url:%s)\n", $2));
2124 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2))
2125 yyerror("out of memory");
2128 auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG
2130 OUTYY(("P(allow-notify:%s)\n", $2));
2131 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify,
2133 yyerror("out of memory");
2136 auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG
2138 OUTYY(("P(for-downstream:%s)\n", $2));
2139 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2140 yyerror("expected yes or no.");
2141 else cfg_parser->cfg->auths->for_downstream =
2142 (strcmp($2, "yes")==0);
2146 auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG
2148 OUTYY(("P(for-upstream:%s)\n", $2));
2149 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2150 yyerror("expected yes or no.");
2151 else cfg_parser->cfg->auths->for_upstream =
2152 (strcmp($2, "yes")==0);
2156 auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG
2158 OUTYY(("P(fallback-enabled:%s)\n", $2));
2159 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2160 yyerror("expected yes or no.");
2161 else cfg_parser->cfg->auths->fallback_enabled =
2162 (strcmp($2, "yes")==0);
2166 view_name: VAR_NAME STRING_ARG
2168 OUTYY(("P(name:%s)\n", $2));
2169 if(cfg_parser->cfg->views->name)
2170 yyerror("view name override, there must be one "
2171 "name for one view");
2172 free(cfg_parser->cfg->views->name);
2173 cfg_parser->cfg->views->name = $2;
2176 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
2178 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3));
2179 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
2180 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
2181 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
2182 && strcmp($3, "typetransparent")!=0
2183 && strcmp($3, "always_transparent")!=0
2184 && strcmp($3, "always_refuse")!=0
2185 && strcmp($3, "always_nxdomain")!=0
2186 && strcmp($3, "noview")!=0
2187 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
2188 yyerror("local-zone type: expected static, deny, "
2189 "refuse, redirect, transparent, "
2190 "typetransparent, inform, inform_deny, "
2191 "always_transparent, always_refuse, "
2192 "always_nxdomain, noview or nodefault");
2193 else if(strcmp($3, "nodefault")==0) {
2194 if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2195 local_zones_nodefault, $2))
2196 fatal_exit("out of memory adding local-zone");
2199 if(!cfg_str2list_insert(
2200 &cfg_parser->cfg->views->local_zones,
2202 fatal_exit("out of memory adding local-zone");
2206 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2208 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3));
2209 validate_respip_action($3);
2210 if(!cfg_str2list_insert(
2211 &cfg_parser->cfg->views->respip_actions, $2, $3))
2212 fatal_exit("out of memory adding per-view "
2213 "response-ip action");
2216 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2218 OUTYY(("P(view_response_ip_data:%s)\n", $2));
2219 if(!cfg_str2list_insert(
2220 &cfg_parser->cfg->views->respip_data, $2, $3))
2221 fatal_exit("out of memory adding response-ip-data");
2224 view_local_data: VAR_LOCAL_DATA STRING_ARG
2226 OUTYY(("P(view_local_data:%s)\n", $2));
2227 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) {
2228 fatal_exit("out of memory adding local-data");
2233 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
2236 OUTYY(("P(view_local_data_ptr:%s)\n", $2));
2237 ptr = cfg_ptr_reverse($2);
2240 if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2242 fatal_exit("out of memory adding local-data");
2244 yyerror("local-data-ptr could not be reversed");
2248 view_first: VAR_VIEW_FIRST STRING_ARG
2250 OUTYY(("P(view-first:%s)\n", $2));
2251 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2252 yyerror("expected yes or no.");
2253 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0);
2257 rcstart: VAR_REMOTE_CONTROL
2259 OUTYY(("\nP(remote-control:)\n"));
2262 contents_rc: contents_rc content_rc
2264 content_rc: rc_control_enable | rc_control_interface | rc_control_port |
2265 rc_server_key_file | rc_server_cert_file | rc_control_key_file |
2266 rc_control_cert_file | rc_control_use_cert
2268 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG
2270 OUTYY(("P(control_enable:%s)\n", $2));
2271 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2272 yyerror("expected yes or no.");
2273 else cfg_parser->cfg->remote_control_enable =
2274 (strcmp($2, "yes")==0);
2278 rc_control_port: VAR_CONTROL_PORT STRING_ARG
2280 OUTYY(("P(control_port:%s)\n", $2));
2282 yyerror("control port number expected");
2283 else cfg_parser->cfg->control_port = atoi($2);
2287 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG
2289 OUTYY(("P(control_interface:%s)\n", $2));
2290 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2))
2291 yyerror("out of memory");
2294 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG
2296 OUTYY(("P(control_use_cert:%s)\n", $2));
2297 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0);
2301 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG
2303 OUTYY(("P(rc_server_key_file:%s)\n", $2));
2304 free(cfg_parser->cfg->server_key_file);
2305 cfg_parser->cfg->server_key_file = $2;
2308 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG
2310 OUTYY(("P(rc_server_cert_file:%s)\n", $2));
2311 free(cfg_parser->cfg->server_cert_file);
2312 cfg_parser->cfg->server_cert_file = $2;
2315 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG
2317 OUTYY(("P(rc_control_key_file:%s)\n", $2));
2318 free(cfg_parser->cfg->control_key_file);
2319 cfg_parser->cfg->control_key_file = $2;
2322 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG
2324 OUTYY(("P(rc_control_cert_file:%s)\n", $2));
2325 free(cfg_parser->cfg->control_cert_file);
2326 cfg_parser->cfg->control_cert_file = $2;
2331 OUTYY(("\nP(dnstap:)\n"));
2334 contents_dt: contents_dt content_dt
2336 content_dt: dt_dnstap_enable | dt_dnstap_socket_path |
2337 dt_dnstap_send_identity | dt_dnstap_send_version |
2338 dt_dnstap_identity | dt_dnstap_version |
2339 dt_dnstap_log_resolver_query_messages |
2340 dt_dnstap_log_resolver_response_messages |
2341 dt_dnstap_log_client_query_messages |
2342 dt_dnstap_log_client_response_messages |
2343 dt_dnstap_log_forwarder_query_messages |
2344 dt_dnstap_log_forwarder_response_messages
2346 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG
2348 OUTYY(("P(dt_dnstap_enable:%s)\n", $2));
2349 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2350 yyerror("expected yes or no.");
2351 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0);
2354 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG
2356 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2));
2357 free(cfg_parser->cfg->dnstap_socket_path);
2358 cfg_parser->cfg->dnstap_socket_path = $2;
2361 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG
2363 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2));
2364 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2365 yyerror("expected yes or no.");
2366 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0);
2369 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG
2371 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2));
2372 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2373 yyerror("expected yes or no.");
2374 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0);
2377 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG
2379 OUTYY(("P(dt_dnstap_identity:%s)\n", $2));
2380 free(cfg_parser->cfg->dnstap_identity);
2381 cfg_parser->cfg->dnstap_identity = $2;
2384 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG
2386 OUTYY(("P(dt_dnstap_version:%s)\n", $2));
2387 free(cfg_parser->cfg->dnstap_version);
2388 cfg_parser->cfg->dnstap_version = $2;
2391 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG
2393 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2));
2394 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2395 yyerror("expected yes or no.");
2396 else cfg_parser->cfg->dnstap_log_resolver_query_messages =
2397 (strcmp($2, "yes")==0);
2400 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG
2402 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2));
2403 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2404 yyerror("expected yes or no.");
2405 else cfg_parser->cfg->dnstap_log_resolver_response_messages =
2406 (strcmp($2, "yes")==0);
2409 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG
2411 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2));
2412 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2413 yyerror("expected yes or no.");
2414 else cfg_parser->cfg->dnstap_log_client_query_messages =
2415 (strcmp($2, "yes")==0);
2418 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG
2420 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2));
2421 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2422 yyerror("expected yes or no.");
2423 else cfg_parser->cfg->dnstap_log_client_response_messages =
2424 (strcmp($2, "yes")==0);
2427 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG
2429 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2));
2430 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2431 yyerror("expected yes or no.");
2432 else cfg_parser->cfg->dnstap_log_forwarder_query_messages =
2433 (strcmp($2, "yes")==0);
2436 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG
2438 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2));
2439 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2440 yyerror("expected yes or no.");
2441 else cfg_parser->cfg->dnstap_log_forwarder_response_messages =
2442 (strcmp($2, "yes")==0);
2445 pythonstart: VAR_PYTHON
2447 OUTYY(("\nP(python:)\n"));
2450 contents_py: contents_py content_py
2452 content_py: py_script
2454 py_script: VAR_PYTHON_SCRIPT STRING_ARG
2456 OUTYY(("P(python-script:%s)\n", $2));
2457 free(cfg_parser->cfg->python_script);
2458 cfg_parser->cfg->python_script = $2;
2460 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG
2462 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2));
2463 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2464 yyerror("expected yes or no.");
2465 else cfg_parser->cfg->disable_dnssec_lame_check =
2466 (strcmp($2, "yes")==0);
2470 server_log_identity: VAR_LOG_IDENTITY STRING_ARG
2472 OUTYY(("P(server_log_identity:%s)\n", $2));
2473 free(cfg_parser->cfg->log_identity);
2474 cfg_parser->cfg->log_identity = $2;
2477 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2479 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3));
2480 validate_respip_action($3);
2481 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions,
2483 fatal_exit("out of memory adding response-ip");
2486 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2488 OUTYY(("P(server_response_ip_data:%s)\n", $2));
2489 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data,
2491 fatal_exit("out of memory adding response-ip-data");
2494 dnscstart: VAR_DNSCRYPT
2496 OUTYY(("\nP(dnscrypt:)\n"));
2497 OUTYY(("\nP(dnscrypt:)\n"));
2500 contents_dnsc: contents_dnsc content_dnsc
2503 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider |
2504 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert |
2505 dnsc_dnscrypt_provider_cert_rotated |
2506 dnsc_dnscrypt_shared_secret_cache_size |
2507 dnsc_dnscrypt_shared_secret_cache_slabs |
2508 dnsc_dnscrypt_nonce_cache_size |
2509 dnsc_dnscrypt_nonce_cache_slabs
2511 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG
2513 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2));
2514 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2515 yyerror("expected yes or no.");
2516 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0);
2521 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG
2523 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2));
2526 yyerror("port number expected");
2527 else cfg_parser->cfg->dnscrypt_port = atoi($2);
2531 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG
2533 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2));
2534 free(cfg_parser->cfg->dnscrypt_provider);
2535 cfg_parser->cfg->dnscrypt_provider = $2;
2538 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG
2540 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2));
2541 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2))
2542 log_warn("dnscrypt-provider-cert %s is a duplicate", $2);
2543 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2))
2544 fatal_exit("out of memory adding dnscrypt-provider-cert");
2547 dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG
2549 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2));
2550 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2))
2551 fatal_exit("out of memory adding dnscrypt-provider-cert-rotated");
2554 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG
2556 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2));
2557 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2))
2558 log_warn("dnscrypt-secret-key: %s is a duplicate", $2);
2559 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2))
2560 fatal_exit("out of memory adding dnscrypt-secret-key");
2563 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG
2565 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2));
2566 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size))
2567 yyerror("memory size expected");
2571 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG
2573 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2));
2575 yyerror("number expected");
2577 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2);
2578 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs))
2579 yyerror("must be a power of 2");
2584 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG
2586 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2));
2587 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size))
2588 yyerror("memory size expected");
2592 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG
2594 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2));
2596 yyerror("number expected");
2598 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2);
2599 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs))
2600 yyerror("must be a power of 2");
2605 cachedbstart: VAR_CACHEDB
2607 OUTYY(("\nP(cachedb:)\n"));
2610 contents_cachedb: contents_cachedb content_cachedb
2612 content_cachedb: cachedb_backend_name | cachedb_secret_seed |
2613 redis_server_host | redis_server_port | redis_timeout
2615 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG
2618 OUTYY(("P(backend:%s)\n", $2));
2619 if(cfg_parser->cfg->cachedb_backend)
2620 yyerror("cachedb backend override, there must be one "
2622 free(cfg_parser->cfg->cachedb_backend);
2623 cfg_parser->cfg->cachedb_backend = $2;
2625 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2629 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG
2632 OUTYY(("P(secret-seed:%s)\n", $2));
2633 if(cfg_parser->cfg->cachedb_secret)
2634 yyerror("cachedb secret-seed override, there must be "
2636 free(cfg_parser->cfg->cachedb_secret);
2637 cfg_parser->cfg->cachedb_secret = $2;
2639 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2644 redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG
2646 #if defined(USE_CACHEDB) && defined(USE_REDIS)
2647 OUTYY(("P(redis_server_host:%s)\n", $2));
2648 free(cfg_parser->cfg->redis_server_host);
2649 cfg_parser->cfg->redis_server_host = $2;
2651 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n"));
2656 redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG
2658 #if defined(USE_CACHEDB) && defined(USE_REDIS)
2660 OUTYY(("P(redis_server_port:%s)\n", $2));
2662 if(port == 0 || port < 0 || port > 65535)
2663 yyerror("valid redis server port number expected");
2664 else cfg_parser->cfg->redis_server_port = port;
2666 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n"));
2671 redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG
2673 #if defined(USE_CACHEDB) && defined(USE_REDIS)
2674 OUTYY(("P(redis_timeout:%s)\n", $2));
2676 yyerror("redis timeout value expected");
2677 else cfg_parser->cfg->redis_timeout = atoi($2);
2679 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n"));
2686 /* parse helper routines could be here */
2688 validate_respip_action(const char* action)
2690 if(strcmp(action, "deny")!=0 &&
2691 strcmp(action, "redirect")!=0 &&
2692 strcmp(action, "inform")!=0 &&
2693 strcmp(action, "inform_deny")!=0 &&
2694 strcmp(action, "always_transparent")!=0 &&
2695 strcmp(action, "always_refuse")!=0 &&
2696 strcmp(action, "always_nxdomain")!=0)
2698 yyerror("response-ip action: expected deny, redirect, "
2699 "inform, inform_deny, always_transparent, "
2700 "always_refuse or always_nxdomain");