2 * configparser.y -- yacc grammar for unbound configuration files
4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
6 * Copyright (c) 2007, NLnet Labs. All rights reserved.
8 * This software is open source.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
14 * Redistributions of source code must retain the above copyright notice,
15 * this list of conditions and the following disclaimer.
17 * Redistributions in binary form must reproduce the above copyright notice,
18 * this list of conditions and the following disclaimer in the documentation
19 * and/or other materials provided with the distribution.
21 * Neither the name of the NLNET LABS nor the names of its contributors may
22 * be used to endorse or promote products derived from this software without
23 * specific prior written permission.
25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
47 #include "util/configyyrename.h"
48 #include "util/config_file.h"
49 #include "util/net_help.h"
52 void ub_c_error(const char *message);
54 static void validate_respip_action(const char* action);
56 /* these need to be global, otherwise they cannot be used inside yacc */
57 extern struct config_parser_state* cfg_parser;
60 #define OUTYY(s) printf s /* used ONLY when debugging */
70 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR
71 %token <str> STRING_ARG
72 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT
73 %token VAR_OUTGOING_RANGE VAR_INTERFACE
74 %token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP
75 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS
76 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE
77 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD
78 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP
79 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS
80 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME
81 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY
82 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES
83 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR
84 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION
85 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF
86 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE
87 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE
88 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE
89 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE
90 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG
91 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST
92 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL
93 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC
94 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID
95 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT
96 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR
97 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS
98 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE
99 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE
100 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE
101 %token VAR_CONTROL_USE_CERT
102 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT
103 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII
104 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN
105 %token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL
106 %token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN
107 %token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH
108 %token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN
109 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES
110 %token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
111 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST
112 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM
113 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN
114 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE
115 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES
116 %token VAR_INFRA_CACHE_MIN_RTT
117 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL
118 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH
119 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION
120 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION
121 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES
122 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES
123 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES
124 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES
125 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES
126 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES
127 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA
128 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT
129 %token VAR_DISABLE_DNSSEC_LAME_CHECK
130 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE
131 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE
132 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN
133 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR
134 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE
135 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE
136 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6
137 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN
138 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND
139 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG
140 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION
141 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW
142 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_FAKE_DSA VAR_FAKE_SHA1
143 %token VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR VAR_TRUST_ANCHOR_SIGNALING
144 %token VAR_USE_SYSTEMD VAR_SHM_ENABLE VAR_SHM_KEY
145 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER
146 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT
147 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE
148 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS
149 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS
150 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT
151 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED
154 toplevelvars: /* empty */ | toplevelvars toplevelvar ;
155 toplevelvar: serverstart contents_server | stubstart contents_stub |
156 forwardstart contents_forward | pythonstart contents_py |
157 rcstart contents_rc | dtstart contents_dt | viewstart
159 dnscstart contents_dnsc |
160 cachedbstart contents_cachedb
163 /* server: declaration */
164 serverstart: VAR_SERVER
166 OUTYY(("\nP(server:)\n"));
169 contents_server: contents_server content_server
171 content_server: server_num_threads | server_verbosity | server_port |
172 server_outgoing_range | server_do_ip4 |
173 server_do_ip6 | server_prefer_ip6 |
174 server_do_udp | server_do_tcp |
175 server_tcp_mss | server_outgoing_tcp_mss |
176 server_interface | server_chroot | server_username |
177 server_directory | server_logfile | server_pidfile |
178 server_msg_cache_size | server_msg_cache_slabs |
179 server_num_queries_per_thread | server_rrset_cache_size |
180 server_rrset_cache_slabs | server_outgoing_num_tcp |
181 server_infra_host_ttl | server_infra_lame_ttl |
182 server_infra_cache_slabs | server_infra_cache_numhosts |
183 server_infra_cache_lame_size | server_target_fetch_policy |
184 server_harden_short_bufsize | server_harden_large_queries |
185 server_do_not_query_address | server_hide_identity |
186 server_hide_version | server_identity | server_version |
187 server_harden_glue | server_module_conf | server_trust_anchor_file |
188 server_trust_anchor | server_val_override_date | server_bogus_ttl |
189 server_val_clean_additional | server_val_permissive_mode |
190 server_incoming_num_tcp | server_msg_buffer_size |
191 server_key_cache_size | server_key_cache_slabs |
192 server_trusted_keys_file | server_val_nsec3_keysize_iterations |
193 server_use_syslog | server_outgoing_interface | server_root_hints |
194 server_do_not_query_localhost | server_cache_max_ttl |
195 server_harden_dnssec_stripped | server_access_control |
196 server_local_zone | server_local_data | server_interface_automatic |
197 server_statistics_interval | server_do_daemonize |
198 server_use_caps_for_id | server_statistics_cumulative |
199 server_outgoing_port_permit | server_outgoing_port_avoid |
200 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size |
201 server_harden_referral_path | server_private_address |
202 server_private_domain | server_extended_statistics |
203 server_local_data_ptr | server_jostle_timeout |
204 server_unwanted_reply_threshold | server_log_time_ascii |
205 server_domain_insecure | server_val_sig_skew_min |
206 server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level |
207 server_auto_trust_anchor_file | server_add_holddown |
208 server_del_holddown | server_keep_missing | server_so_rcvbuf |
209 server_edns_buffer_size | server_prefetch | server_prefetch_key |
210 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag |
211 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream |
212 server_ssl_service_key | server_ssl_service_pem | server_ssl_port |
213 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size |
214 server_so_reuseport | server_delay_close |
215 server_unblock_lan_zones | server_insecure_lan_zones |
216 server_dns64_prefix | server_dns64_synthall |
217 server_infra_cache_min_rtt | server_harden_algo_downgrade |
218 server_ip_transparent | server_ip_ratelimit | server_ratelimit |
219 server_ip_ratelimit_slabs | server_ratelimit_slabs |
220 server_ip_ratelimit_size | server_ratelimit_size |
221 server_ratelimit_for_domain |
222 server_ratelimit_below_domain | server_ratelimit_factor |
223 server_ip_ratelimit_factor | server_send_client_subnet |
224 server_client_subnet_zone | server_client_subnet_always_forward |
225 server_client_subnet_opcode |
226 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 |
227 server_caps_whitelist | server_cache_max_negative_ttl |
228 server_permit_small_holddown | server_qname_minimisation |
229 server_ip_freebind | server_define_tag | server_local_zone_tag |
230 server_disable_dnssec_lame_check | server_access_control_tag |
231 server_local_zone_override | server_access_control_tag_action |
232 server_access_control_tag_data | server_access_control_view |
233 server_qname_minimisation_strict | server_serve_expired |
234 server_fake_dsa | server_log_identity | server_use_systemd |
235 server_response_ip_tag | server_response_ip | server_response_ip_data |
236 server_shm_enable | server_shm_key | server_fake_sha1 |
237 server_hide_trustanchor | server_trust_anchor_signaling |
238 server_ipsecmod_enabled | server_ipsecmod_hook |
239 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl |
240 server_ipsecmod_whitelist | server_ipsecmod_strict
242 stubstart: VAR_STUB_ZONE
244 struct config_stub* s;
245 OUTYY(("\nP(stub_zone:)\n"));
246 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
248 s->next = cfg_parser->cfg->stubs;
249 cfg_parser->cfg->stubs = s;
251 yyerror("out of memory");
254 contents_stub: contents_stub content_stub
256 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first |
259 forwardstart: VAR_FORWARD_ZONE
261 struct config_stub* s;
262 OUTYY(("\nP(forward_zone:)\n"));
263 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
265 s->next = cfg_parser->cfg->forwards;
266 cfg_parser->cfg->forwards = s;
268 yyerror("out of memory");
271 contents_forward: contents_forward content_forward
273 content_forward: forward_name | forward_host | forward_addr | forward_first |
278 struct config_view* s;
279 OUTYY(("\nP(view:)\n"));
280 s = (struct config_view*)calloc(1, sizeof(struct config_view));
282 s->next = cfg_parser->cfg->views;
283 if(s->next && !s->next->name)
284 yyerror("view without name");
285 cfg_parser->cfg->views = s;
287 yyerror("out of memory");
290 contents_view: contents_view content_view
292 content_view: view_name | view_local_zone | view_local_data | view_first |
293 view_response_ip | view_response_ip_data | view_local_data_ptr
295 server_num_threads: VAR_NUM_THREADS STRING_ARG
297 OUTYY(("P(server_num_threads:%s)\n", $2));
298 if(atoi($2) == 0 && strcmp($2, "0") != 0)
299 yyerror("number expected");
300 else cfg_parser->cfg->num_threads = atoi($2);
304 server_verbosity: VAR_VERBOSITY STRING_ARG
306 OUTYY(("P(server_verbosity:%s)\n", $2));
307 if(atoi($2) == 0 && strcmp($2, "0") != 0)
308 yyerror("number expected");
309 else cfg_parser->cfg->verbosity = atoi($2);
313 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG
315 OUTYY(("P(server_statistics_interval:%s)\n", $2));
316 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
317 cfg_parser->cfg->stat_interval = 0;
318 else if(atoi($2) == 0)
319 yyerror("number expected");
320 else cfg_parser->cfg->stat_interval = atoi($2);
324 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG
326 OUTYY(("P(server_statistics_cumulative:%s)\n", $2));
327 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
328 yyerror("expected yes or no.");
329 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0);
333 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG
335 OUTYY(("P(server_extended_statistics:%s)\n", $2));
336 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
337 yyerror("expected yes or no.");
338 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0);
342 server_shm_enable: VAR_SHM_ENABLE STRING_ARG
344 OUTYY(("P(server_shm_enable:%s)\n", $2));
345 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
346 yyerror("expected yes or no.");
347 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0);
351 server_shm_key: VAR_SHM_KEY STRING_ARG
353 OUTYY(("P(server_shm_key:%s)\n", $2));
354 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
355 cfg_parser->cfg->shm_key = 0;
356 else if(atoi($2) == 0)
357 yyerror("number expected");
358 else cfg_parser->cfg->shm_key = atoi($2);
362 server_port: VAR_PORT STRING_ARG
364 OUTYY(("P(server_port:%s)\n", $2));
366 yyerror("port number expected");
367 else cfg_parser->cfg->port = atoi($2);
371 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG
374 OUTYY(("P(server_send_client_subnet:%s)\n", $2));
375 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2))
376 fatal_exit("out of memory adding client-subnet");
378 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
382 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG
385 OUTYY(("P(server_client_subnet_zone:%s)\n", $2));
386 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone,
388 fatal_exit("out of memory adding client-subnet-zone");
390 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
394 server_client_subnet_always_forward:
395 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG
398 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2));
399 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
400 yyerror("expected yes or no.");
402 cfg_parser->cfg->client_subnet_always_forward =
403 (strcmp($2, "yes")==0);
405 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
410 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG
413 OUTYY(("P(client_subnet_opcode:%s)\n", $2));
414 OUTYY(("P(Depricated option, ignoring)\n"));
416 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
421 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG
424 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2));
425 if(atoi($2) == 0 && strcmp($2, "0") != 0)
426 yyerror("IPv4 subnet length expected");
427 else if (atoi($2) > 32)
428 cfg_parser->cfg->max_client_subnet_ipv4 = 32;
429 else if (atoi($2) < 0)
430 cfg_parser->cfg->max_client_subnet_ipv4 = 0;
431 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2);
433 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
438 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG
441 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2));
442 if(atoi($2) == 0 && strcmp($2, "0") != 0)
443 yyerror("Ipv6 subnet length expected");
444 else if (atoi($2) > 128)
445 cfg_parser->cfg->max_client_subnet_ipv6 = 128;
446 else if (atoi($2) < 0)
447 cfg_parser->cfg->max_client_subnet_ipv6 = 0;
448 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2);
450 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
455 server_interface: VAR_INTERFACE STRING_ARG
457 OUTYY(("P(server_interface:%s)\n", $2));
458 if(cfg_parser->cfg->num_ifs == 0)
459 cfg_parser->cfg->ifs = calloc(1, sizeof(char*));
460 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs,
461 (cfg_parser->cfg->num_ifs+1)*sizeof(char*));
462 if(!cfg_parser->cfg->ifs)
463 yyerror("out of memory");
465 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2;
468 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG
470 OUTYY(("P(server_outgoing_interface:%s)\n", $2));
471 if(cfg_parser->cfg->num_out_ifs == 0)
472 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*));
473 else cfg_parser->cfg->out_ifs = realloc(
474 cfg_parser->cfg->out_ifs,
475 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*));
476 if(!cfg_parser->cfg->out_ifs)
477 yyerror("out of memory");
479 cfg_parser->cfg->out_ifs[
480 cfg_parser->cfg->num_out_ifs++] = $2;
483 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG
485 OUTYY(("P(server_outgoing_range:%s)\n", $2));
487 yyerror("number expected");
488 else cfg_parser->cfg->outgoing_num_ports = atoi($2);
492 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG
494 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2));
495 if(!cfg_mark_ports($2, 1,
496 cfg_parser->cfg->outgoing_avail_ports, 65536))
497 yyerror("port number or range (\"low-high\") expected");
501 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG
503 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2));
504 if(!cfg_mark_ports($2, 0,
505 cfg_parser->cfg->outgoing_avail_ports, 65536))
506 yyerror("port number or range (\"low-high\") expected");
510 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG
512 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2));
513 if(atoi($2) == 0 && strcmp($2, "0") != 0)
514 yyerror("number expected");
515 else cfg_parser->cfg->outgoing_num_tcp = atoi($2);
519 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG
521 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2));
522 if(atoi($2) == 0 && strcmp($2, "0") != 0)
523 yyerror("number expected");
524 else cfg_parser->cfg->incoming_num_tcp = atoi($2);
528 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG
530 OUTYY(("P(server_interface_automatic:%s)\n", $2));
531 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
532 yyerror("expected yes or no.");
533 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0);
537 server_do_ip4: VAR_DO_IP4 STRING_ARG
539 OUTYY(("P(server_do_ip4:%s)\n", $2));
540 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
541 yyerror("expected yes or no.");
542 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0);
546 server_do_ip6: VAR_DO_IP6 STRING_ARG
548 OUTYY(("P(server_do_ip6:%s)\n", $2));
549 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
550 yyerror("expected yes or no.");
551 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0);
555 server_do_udp: VAR_DO_UDP STRING_ARG
557 OUTYY(("P(server_do_udp:%s)\n", $2));
558 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
559 yyerror("expected yes or no.");
560 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0);
564 server_do_tcp: VAR_DO_TCP STRING_ARG
566 OUTYY(("P(server_do_tcp:%s)\n", $2));
567 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
568 yyerror("expected yes or no.");
569 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0);
573 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG
575 OUTYY(("P(server_prefer_ip6:%s)\n", $2));
576 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
577 yyerror("expected yes or no.");
578 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0);
582 server_tcp_mss: VAR_TCP_MSS STRING_ARG
584 OUTYY(("P(server_tcp_mss:%s)\n", $2));
585 if(atoi($2) == 0 && strcmp($2, "0") != 0)
586 yyerror("number expected");
587 else cfg_parser->cfg->tcp_mss = atoi($2);
591 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG
593 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2));
594 if(atoi($2) == 0 && strcmp($2, "0") != 0)
595 yyerror("number expected");
596 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2);
600 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG
602 OUTYY(("P(server_tcp_upstream:%s)\n", $2));
603 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
604 yyerror("expected yes or no.");
605 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0);
609 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG
611 OUTYY(("P(server_ssl_upstream:%s)\n", $2));
612 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
613 yyerror("expected yes or no.");
614 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0);
618 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG
620 OUTYY(("P(server_ssl_service_key:%s)\n", $2));
621 free(cfg_parser->cfg->ssl_service_key);
622 cfg_parser->cfg->ssl_service_key = $2;
625 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG
627 OUTYY(("P(server_ssl_service_pem:%s)\n", $2));
628 free(cfg_parser->cfg->ssl_service_pem);
629 cfg_parser->cfg->ssl_service_pem = $2;
632 server_ssl_port: VAR_SSL_PORT STRING_ARG
634 OUTYY(("P(server_ssl_port:%s)\n", $2));
636 yyerror("port number expected");
637 else cfg_parser->cfg->ssl_port = atoi($2);
641 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG
643 OUTYY(("P(server_use_systemd:%s)\n", $2));
644 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
645 yyerror("expected yes or no.");
646 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0);
650 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG
652 OUTYY(("P(server_do_daemonize:%s)\n", $2));
653 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
654 yyerror("expected yes or no.");
655 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0);
659 server_use_syslog: VAR_USE_SYSLOG STRING_ARG
661 OUTYY(("P(server_use_syslog:%s)\n", $2));
662 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
663 yyerror("expected yes or no.");
664 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0);
665 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS)
666 if(strcmp($2, "yes") == 0)
667 yyerror("no syslog services are available. "
668 "(reconfigure and compile to add)");
673 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG
675 OUTYY(("P(server_log_time_ascii:%s)\n", $2));
676 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
677 yyerror("expected yes or no.");
678 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0);
682 server_log_queries: VAR_LOG_QUERIES STRING_ARG
684 OUTYY(("P(server_log_queries:%s)\n", $2));
685 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
686 yyerror("expected yes or no.");
687 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0);
691 server_log_replies: VAR_LOG_REPLIES STRING_ARG
693 OUTYY(("P(server_log_replies:%s)\n", $2));
694 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
695 yyerror("expected yes or no.");
696 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0);
700 server_chroot: VAR_CHROOT STRING_ARG
702 OUTYY(("P(server_chroot:%s)\n", $2));
703 free(cfg_parser->cfg->chrootdir);
704 cfg_parser->cfg->chrootdir = $2;
707 server_username: VAR_USERNAME STRING_ARG
709 OUTYY(("P(server_username:%s)\n", $2));
710 free(cfg_parser->cfg->username);
711 cfg_parser->cfg->username = $2;
714 server_directory: VAR_DIRECTORY STRING_ARG
716 OUTYY(("P(server_directory:%s)\n", $2));
717 free(cfg_parser->cfg->directory);
718 cfg_parser->cfg->directory = $2;
719 /* change there right away for includes relative to this */
723 w_config_adjust_directory(cfg_parser->cfg);
725 d = cfg_parser->cfg->directory;
726 /* adjust directory if we have already chroot,
727 * like, we reread after sighup */
728 if(cfg_parser->chroot && cfg_parser->chroot[0] &&
729 strncmp(d, cfg_parser->chroot, strlen(
730 cfg_parser->chroot)) == 0)
731 d += strlen(cfg_parser->chroot);
734 log_err("cannot chdir to directory: %s (%s)",
740 server_logfile: VAR_LOGFILE STRING_ARG
742 OUTYY(("P(server_logfile:%s)\n", $2));
743 free(cfg_parser->cfg->logfile);
744 cfg_parser->cfg->logfile = $2;
745 cfg_parser->cfg->use_syslog = 0;
748 server_pidfile: VAR_PIDFILE STRING_ARG
750 OUTYY(("P(server_pidfile:%s)\n", $2));
751 free(cfg_parser->cfg->pidfile);
752 cfg_parser->cfg->pidfile = $2;
755 server_root_hints: VAR_ROOT_HINTS STRING_ARG
757 OUTYY(("P(server_root_hints:%s)\n", $2));
758 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2))
759 yyerror("out of memory");
762 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG
764 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2));
765 free(cfg_parser->cfg->dlv_anchor_file);
766 cfg_parser->cfg->dlv_anchor_file = $2;
769 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG
771 OUTYY(("P(server_dlv_anchor:%s)\n", $2));
772 if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, $2))
773 yyerror("out of memory");
776 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG
778 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2));
779 if(!cfg_strlist_insert(&cfg_parser->cfg->
780 auto_trust_anchor_file_list, $2))
781 yyerror("out of memory");
784 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG
786 OUTYY(("P(server_trust_anchor_file:%s)\n", $2));
787 if(!cfg_strlist_insert(&cfg_parser->cfg->
788 trust_anchor_file_list, $2))
789 yyerror("out of memory");
792 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG
794 OUTYY(("P(server_trusted_keys_file:%s)\n", $2));
795 if(!cfg_strlist_insert(&cfg_parser->cfg->
796 trusted_keys_file_list, $2))
797 yyerror("out of memory");
800 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG
802 OUTYY(("P(server_trust_anchor:%s)\n", $2));
803 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2))
804 yyerror("out of memory");
807 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG
809 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2));
810 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
811 yyerror("expected yes or no.");
813 cfg_parser->cfg->trust_anchor_signaling =
814 (strcmp($2, "yes")==0);
818 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG
820 OUTYY(("P(server_domain_insecure:%s)\n", $2));
821 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2))
822 yyerror("out of memory");
825 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG
827 OUTYY(("P(server_hide_identity:%s)\n", $2));
828 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
829 yyerror("expected yes or no.");
830 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0);
834 server_hide_version: VAR_HIDE_VERSION STRING_ARG
836 OUTYY(("P(server_hide_version:%s)\n", $2));
837 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
838 yyerror("expected yes or no.");
839 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0);
843 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG
845 OUTYY(("P(server_hide_trustanchor:%s)\n", $2));
846 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
847 yyerror("expected yes or no.");
848 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0);
852 server_identity: VAR_IDENTITY STRING_ARG
854 OUTYY(("P(server_identity:%s)\n", $2));
855 free(cfg_parser->cfg->identity);
856 cfg_parser->cfg->identity = $2;
859 server_version: VAR_VERSION STRING_ARG
861 OUTYY(("P(server_version:%s)\n", $2));
862 free(cfg_parser->cfg->version);
863 cfg_parser->cfg->version = $2;
866 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG
868 OUTYY(("P(server_so_rcvbuf:%s)\n", $2));
869 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf))
870 yyerror("buffer size expected");
874 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG
876 OUTYY(("P(server_so_sndbuf:%s)\n", $2));
877 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf))
878 yyerror("buffer size expected");
882 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG
884 OUTYY(("P(server_so_reuseport:%s)\n", $2));
885 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
886 yyerror("expected yes or no.");
887 else cfg_parser->cfg->so_reuseport =
888 (strcmp($2, "yes")==0);
892 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG
894 OUTYY(("P(server_ip_transparent:%s)\n", $2));
895 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
896 yyerror("expected yes or no.");
897 else cfg_parser->cfg->ip_transparent =
898 (strcmp($2, "yes")==0);
902 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG
904 OUTYY(("P(server_ip_freebind:%s)\n", $2));
905 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
906 yyerror("expected yes or no.");
907 else cfg_parser->cfg->ip_freebind =
908 (strcmp($2, "yes")==0);
912 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG
914 OUTYY(("P(server_edns_buffer_size:%s)\n", $2));
916 yyerror("number expected");
917 else if (atoi($2) < 12)
918 yyerror("edns buffer size too small");
919 else if (atoi($2) > 65535)
920 cfg_parser->cfg->edns_buffer_size = 65535;
921 else cfg_parser->cfg->edns_buffer_size = atoi($2);
925 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG
927 OUTYY(("P(server_msg_buffer_size:%s)\n", $2));
929 yyerror("number expected");
930 else if (atoi($2) < 4096)
931 yyerror("message buffer size too small (use 4096)");
932 else cfg_parser->cfg->msg_buffer_size = atoi($2);
936 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG
938 OUTYY(("P(server_msg_cache_size:%s)\n", $2));
939 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size))
940 yyerror("memory size expected");
944 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG
946 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2));
948 yyerror("number expected");
950 cfg_parser->cfg->msg_cache_slabs = atoi($2);
951 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs))
952 yyerror("must be a power of 2");
957 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG
959 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2));
961 yyerror("number expected");
962 else cfg_parser->cfg->num_queries_per_thread = atoi($2);
966 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG
968 OUTYY(("P(server_jostle_timeout:%s)\n", $2));
969 if(atoi($2) == 0 && strcmp($2, "0") != 0)
970 yyerror("number expected");
971 else cfg_parser->cfg->jostle_time = atoi($2);
975 server_delay_close: VAR_DELAY_CLOSE STRING_ARG
977 OUTYY(("P(server_delay_close:%s)\n", $2));
978 if(atoi($2) == 0 && strcmp($2, "0") != 0)
979 yyerror("number expected");
980 else cfg_parser->cfg->delay_close = atoi($2);
984 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG
986 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2));
987 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
988 yyerror("expected yes or no.");
989 else cfg_parser->cfg->unblock_lan_zones =
990 (strcmp($2, "yes")==0);
994 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG
996 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2));
997 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
998 yyerror("expected yes or no.");
999 else cfg_parser->cfg->insecure_lan_zones =
1000 (strcmp($2, "yes")==0);
1004 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG
1006 OUTYY(("P(server_rrset_cache_size:%s)\n", $2));
1007 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size))
1008 yyerror("memory size expected");
1012 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG
1014 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2));
1016 yyerror("number expected");
1018 cfg_parser->cfg->rrset_cache_slabs = atoi($2);
1019 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs))
1020 yyerror("must be a power of 2");
1025 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG
1027 OUTYY(("P(server_infra_host_ttl:%s)\n", $2));
1028 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1029 yyerror("number expected");
1030 else cfg_parser->cfg->host_ttl = atoi($2);
1034 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG
1036 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2));
1037 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option "
1038 "removed, use infra-host-ttl)", $2);
1042 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG
1044 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2));
1046 yyerror("number expected");
1047 else cfg_parser->cfg->infra_cache_numhosts = atoi($2);
1051 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG
1053 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2));
1054 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s "
1055 "(option removed, use infra-cache-numhosts)", $2);
1059 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG
1061 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2));
1063 yyerror("number expected");
1065 cfg_parser->cfg->infra_cache_slabs = atoi($2);
1066 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs))
1067 yyerror("must be a power of 2");
1072 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG
1074 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2));
1075 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1076 yyerror("number expected");
1077 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2);
1081 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG
1083 OUTYY(("P(server_target_fetch_policy:%s)\n", $2));
1084 free(cfg_parser->cfg->target_fetch_policy);
1085 cfg_parser->cfg->target_fetch_policy = $2;
1088 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG
1090 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2));
1091 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1092 yyerror("expected yes or no.");
1093 else cfg_parser->cfg->harden_short_bufsize =
1094 (strcmp($2, "yes")==0);
1098 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG
1100 OUTYY(("P(server_harden_large_queries:%s)\n", $2));
1101 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1102 yyerror("expected yes or no.");
1103 else cfg_parser->cfg->harden_large_queries =
1104 (strcmp($2, "yes")==0);
1108 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG
1110 OUTYY(("P(server_harden_glue:%s)\n", $2));
1111 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1112 yyerror("expected yes or no.");
1113 else cfg_parser->cfg->harden_glue =
1114 (strcmp($2, "yes")==0);
1118 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG
1120 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2));
1121 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1122 yyerror("expected yes or no.");
1123 else cfg_parser->cfg->harden_dnssec_stripped =
1124 (strcmp($2, "yes")==0);
1128 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG
1130 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2));
1131 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1132 yyerror("expected yes or no.");
1133 else cfg_parser->cfg->harden_below_nxdomain =
1134 (strcmp($2, "yes")==0);
1138 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG
1140 OUTYY(("P(server_harden_referral_path:%s)\n", $2));
1141 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1142 yyerror("expected yes or no.");
1143 else cfg_parser->cfg->harden_referral_path =
1144 (strcmp($2, "yes")==0);
1148 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG
1150 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2));
1151 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1152 yyerror("expected yes or no.");
1153 else cfg_parser->cfg->harden_algo_downgrade =
1154 (strcmp($2, "yes")==0);
1158 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG
1160 OUTYY(("P(server_use_caps_for_id:%s)\n", $2));
1161 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1162 yyerror("expected yes or no.");
1163 else cfg_parser->cfg->use_caps_bits_for_id =
1164 (strcmp($2, "yes")==0);
1168 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG
1170 OUTYY(("P(server_caps_whitelist:%s)\n", $2));
1171 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2))
1172 yyerror("out of memory");
1175 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG
1177 OUTYY(("P(server_private_address:%s)\n", $2));
1178 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2))
1179 yyerror("out of memory");
1182 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG
1184 OUTYY(("P(server_private_domain:%s)\n", $2));
1185 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2))
1186 yyerror("out of memory");
1189 server_prefetch: VAR_PREFETCH STRING_ARG
1191 OUTYY(("P(server_prefetch:%s)\n", $2));
1192 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1193 yyerror("expected yes or no.");
1194 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0);
1198 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG
1200 OUTYY(("P(server_prefetch_key:%s)\n", $2));
1201 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1202 yyerror("expected yes or no.");
1203 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0);
1207 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG
1209 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2));
1210 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1211 yyerror("number expected");
1212 else cfg_parser->cfg->unwanted_threshold = atoi($2);
1216 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG
1218 OUTYY(("P(server_do_not_query_address:%s)\n", $2));
1219 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2))
1220 yyerror("out of memory");
1223 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG
1225 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2));
1226 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1227 yyerror("expected yes or no.");
1228 else cfg_parser->cfg->donotquery_localhost =
1229 (strcmp($2, "yes")==0);
1233 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG
1235 OUTYY(("P(server_access_control:%s %s)\n", $2, $3));
1236 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 &&
1237 strcmp($3, "deny_non_local")!=0 &&
1238 strcmp($3, "refuse_non_local")!=0 &&
1239 strcmp($3, "allow")!=0 &&
1240 strcmp($3, "allow_snoop")!=0) {
1241 yyerror("expected deny, refuse, deny_non_local, "
1242 "refuse_non_local, allow or allow_snoop "
1243 "in access control action");
1245 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3))
1246 fatal_exit("out of memory adding acl");
1250 server_module_conf: VAR_MODULE_CONF STRING_ARG
1252 OUTYY(("P(server_module_conf:%s)\n", $2));
1253 free(cfg_parser->cfg->module_conf);
1254 cfg_parser->cfg->module_conf = $2;
1257 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG
1259 OUTYY(("P(server_val_override_date:%s)\n", $2));
1260 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1261 cfg_parser->cfg->val_date_override = 0;
1262 } else if(strlen($2) == 14) {
1263 cfg_parser->cfg->val_date_override =
1264 cfg_convert_timeval($2);
1265 if(!cfg_parser->cfg->val_date_override)
1266 yyerror("bad date/time specification");
1269 yyerror("number expected");
1270 cfg_parser->cfg->val_date_override = atoi($2);
1275 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG
1277 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2));
1278 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1279 cfg_parser->cfg->val_sig_skew_min = 0;
1281 cfg_parser->cfg->val_sig_skew_min = atoi($2);
1282 if(!cfg_parser->cfg->val_sig_skew_min)
1283 yyerror("number expected");
1288 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG
1290 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2));
1291 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1292 cfg_parser->cfg->val_sig_skew_max = 0;
1294 cfg_parser->cfg->val_sig_skew_max = atoi($2);
1295 if(!cfg_parser->cfg->val_sig_skew_max)
1296 yyerror("number expected");
1301 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG
1303 OUTYY(("P(server_cache_max_ttl:%s)\n", $2));
1304 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1305 yyerror("number expected");
1306 else cfg_parser->cfg->max_ttl = atoi($2);
1310 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG
1312 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2));
1313 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1314 yyerror("number expected");
1315 else cfg_parser->cfg->max_negative_ttl = atoi($2);
1319 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG
1321 OUTYY(("P(server_cache_min_ttl:%s)\n", $2));
1322 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1323 yyerror("number expected");
1324 else cfg_parser->cfg->min_ttl = atoi($2);
1328 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG
1330 OUTYY(("P(server_bogus_ttl:%s)\n", $2));
1331 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1332 yyerror("number expected");
1333 else cfg_parser->cfg->bogus_ttl = atoi($2);
1337 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG
1339 OUTYY(("P(server_val_clean_additional:%s)\n", $2));
1340 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1341 yyerror("expected yes or no.");
1342 else cfg_parser->cfg->val_clean_additional =
1343 (strcmp($2, "yes")==0);
1347 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG
1349 OUTYY(("P(server_val_permissive_mode:%s)\n", $2));
1350 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1351 yyerror("expected yes or no.");
1352 else cfg_parser->cfg->val_permissive_mode =
1353 (strcmp($2, "yes")==0);
1357 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG
1359 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2));
1360 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1361 yyerror("expected yes or no.");
1362 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0);
1366 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG
1368 OUTYY(("P(server_serve_expired:%s)\n", $2));
1369 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1370 yyerror("expected yes or no.");
1371 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0);
1375 server_fake_dsa: VAR_FAKE_DSA STRING_ARG
1377 OUTYY(("P(server_fake_dsa:%s)\n", $2));
1378 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1379 yyerror("expected yes or no.");
1381 else fake_dsa = (strcmp($2, "yes")==0);
1383 log_warn("test option fake_dsa is enabled");
1388 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG
1390 OUTYY(("P(server_fake_sha1:%s)\n", $2));
1391 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1392 yyerror("expected yes or no.");
1394 else fake_sha1 = (strcmp($2, "yes")==0);
1396 log_warn("test option fake_sha1 is enabled");
1401 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG
1403 OUTYY(("P(server_val_log_level:%s)\n", $2));
1404 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1405 yyerror("number expected");
1406 else cfg_parser->cfg->val_log_level = atoi($2);
1410 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG
1412 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2));
1413 free(cfg_parser->cfg->val_nsec3_key_iterations);
1414 cfg_parser->cfg->val_nsec3_key_iterations = $2;
1417 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG
1419 OUTYY(("P(server_add_holddown:%s)\n", $2));
1420 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1421 yyerror("number expected");
1422 else cfg_parser->cfg->add_holddown = atoi($2);
1426 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG
1428 OUTYY(("P(server_del_holddown:%s)\n", $2));
1429 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1430 yyerror("number expected");
1431 else cfg_parser->cfg->del_holddown = atoi($2);
1435 server_keep_missing: VAR_KEEP_MISSING STRING_ARG
1437 OUTYY(("P(server_keep_missing:%s)\n", $2));
1438 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1439 yyerror("number expected");
1440 else cfg_parser->cfg->keep_missing = atoi($2);
1444 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG
1446 OUTYY(("P(server_permit_small_holddown:%s)\n", $2));
1447 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1448 yyerror("expected yes or no.");
1449 else cfg_parser->cfg->permit_small_holddown =
1450 (strcmp($2, "yes")==0);
1453 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG
1455 OUTYY(("P(server_key_cache_size:%s)\n", $2));
1456 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size))
1457 yyerror("memory size expected");
1461 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG
1463 OUTYY(("P(server_key_cache_slabs:%s)\n", $2));
1465 yyerror("number expected");
1467 cfg_parser->cfg->key_cache_slabs = atoi($2);
1468 if(!is_pow2(cfg_parser->cfg->key_cache_slabs))
1469 yyerror("must be a power of 2");
1474 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG
1476 OUTYY(("P(server_neg_cache_size:%s)\n", $2));
1477 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size))
1478 yyerror("memory size expected");
1482 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
1484 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3));
1485 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
1486 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
1487 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
1488 && strcmp($3, "typetransparent")!=0
1489 && strcmp($3, "always_transparent")!=0
1490 && strcmp($3, "always_refuse")!=0
1491 && strcmp($3, "always_nxdomain")!=0
1492 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
1493 yyerror("local-zone type: expected static, deny, "
1494 "refuse, redirect, transparent, "
1495 "typetransparent, inform, inform_deny, "
1496 "always_transparent, always_refuse, "
1497 "always_nxdomain or nodefault");
1498 else if(strcmp($3, "nodefault")==0) {
1499 if(!cfg_strlist_insert(&cfg_parser->cfg->
1500 local_zones_nodefault, $2))
1501 fatal_exit("out of memory adding local-zone");
1504 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones,
1506 fatal_exit("out of memory adding local-zone");
1510 server_local_data: VAR_LOCAL_DATA STRING_ARG
1512 OUTYY(("P(server_local_data:%s)\n", $2));
1513 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2))
1514 fatal_exit("out of memory adding local-data");
1517 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
1520 OUTYY(("P(server_local_data_ptr:%s)\n", $2));
1521 ptr = cfg_ptr_reverse($2);
1524 if(!cfg_strlist_insert(&cfg_parser->cfg->
1526 fatal_exit("out of memory adding local-data");
1528 yyerror("local-data-ptr could not be reversed");
1532 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG
1534 OUTYY(("P(server_minimal_responses:%s)\n", $2));
1535 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1536 yyerror("expected yes or no.");
1537 else cfg_parser->cfg->minimal_responses =
1538 (strcmp($2, "yes")==0);
1542 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG
1544 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2));
1545 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1546 yyerror("expected yes or no.");
1547 else cfg_parser->cfg->rrset_roundrobin =
1548 (strcmp($2, "yes")==0);
1552 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG
1554 OUTYY(("P(server_max_udp_size:%s)\n", $2));
1555 cfg_parser->cfg->max_udp_size = atoi($2);
1559 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG
1561 OUTYY(("P(dns64_prefix:%s)\n", $2));
1562 free(cfg_parser->cfg->dns64_prefix);
1563 cfg_parser->cfg->dns64_prefix = $2;
1566 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG
1568 OUTYY(("P(server_dns64_synthall:%s)\n", $2));
1569 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1570 yyerror("expected yes or no.");
1571 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0);
1575 server_define_tag: VAR_DEFINE_TAG STRING_ARG
1578 OUTYY(("P(server_define_tag:%s)\n", $2));
1579 while((p=strsep(&s, " \t\n")) != NULL) {
1581 if(!config_add_tag(cfg_parser->cfg, p))
1582 yyerror("could not define-tag, "
1589 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG
1592 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1595 OUTYY(("P(server_local_zone_tag:%s)\n", $2));
1597 yyerror("could not parse tags, (define-tag them first)");
1599 if(!cfg_strbytelist_insert(
1600 &cfg_parser->cfg->local_zone_tags,
1601 $2, bitlist, len)) {
1602 yyerror("out of memory");
1608 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG
1611 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1614 OUTYY(("P(server_access_control_tag:%s)\n", $2));
1616 yyerror("could not parse tags, (define-tag them first)");
1618 if(!cfg_strbytelist_insert(
1619 &cfg_parser->cfg->acl_tags,
1620 $2, bitlist, len)) {
1621 yyerror("out of memory");
1627 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG
1629 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4));
1630 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions,
1632 yyerror("out of memory");
1639 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG
1641 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4));
1642 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas,
1644 yyerror("out of memory");
1651 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG
1653 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4));
1654 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides,
1656 yyerror("out of memory");
1663 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG
1665 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3));
1666 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view,
1668 yyerror("out of memory");
1674 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG
1677 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1680 OUTYY(("P(response_ip_tag:%s)\n", $2));
1682 yyerror("could not parse tags, (define-tag them first)");
1684 if(!cfg_strbytelist_insert(
1685 &cfg_parser->cfg->respip_tags,
1686 $2, bitlist, len)) {
1687 yyerror("out of memory");
1693 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG
1695 OUTYY(("P(server_ip_ratelimit:%s)\n", $2));
1696 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1697 yyerror("number expected");
1698 else cfg_parser->cfg->ip_ratelimit = atoi($2);
1703 server_ratelimit: VAR_RATELIMIT STRING_ARG
1705 OUTYY(("P(server_ratelimit:%s)\n", $2));
1706 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1707 yyerror("number expected");
1708 else cfg_parser->cfg->ratelimit = atoi($2);
1712 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG
1714 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2));
1715 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size))
1716 yyerror("memory size expected");
1720 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG
1722 OUTYY(("P(server_ratelimit_size:%s)\n", $2));
1723 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size))
1724 yyerror("memory size expected");
1728 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG
1730 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2));
1732 yyerror("number expected");
1734 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2);
1735 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs))
1736 yyerror("must be a power of 2");
1741 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG
1743 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2));
1745 yyerror("number expected");
1747 cfg_parser->cfg->ratelimit_slabs = atoi($2);
1748 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs))
1749 yyerror("must be a power of 2");
1754 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG
1756 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3));
1757 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1758 yyerror("number expected");
1760 if(!cfg_str2list_insert(&cfg_parser->cfg->
1761 ratelimit_for_domain, $2, $3))
1762 fatal_exit("out of memory adding "
1763 "ratelimit-for-domain");
1767 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG
1769 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3));
1770 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
1771 yyerror("number expected");
1773 if(!cfg_str2list_insert(&cfg_parser->cfg->
1774 ratelimit_below_domain, $2, $3))
1775 fatal_exit("out of memory adding "
1776 "ratelimit-below-domain");
1780 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG
1782 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2));
1783 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1784 yyerror("number expected");
1785 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2);
1789 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG
1791 OUTYY(("P(server_ratelimit_factor:%s)\n", $2));
1792 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1793 yyerror("number expected");
1794 else cfg_parser->cfg->ratelimit_factor = atoi($2);
1798 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG
1800 OUTYY(("P(server_qname_minimisation:%s)\n", $2));
1801 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1802 yyerror("expected yes or no.");
1803 else cfg_parser->cfg->qname_minimisation =
1804 (strcmp($2, "yes")==0);
1808 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG
1810 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2));
1811 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1812 yyerror("expected yes or no.");
1813 else cfg_parser->cfg->qname_minimisation_strict =
1814 (strcmp($2, "yes")==0);
1818 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG
1821 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2));
1822 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1823 yyerror("expected yes or no.");
1824 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0);
1827 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1831 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG
1834 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2));
1835 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1836 yyerror("expected yes or no.");
1837 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0);
1840 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1844 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG
1847 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2));
1848 free(cfg_parser->cfg->ipsecmod_hook);
1849 cfg_parser->cfg->ipsecmod_hook = $2;
1851 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1855 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG
1858 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2));
1859 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1860 yyerror("number expected");
1861 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2);
1864 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1868 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG
1871 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2));
1872 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2))
1873 yyerror("out of memory");
1875 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1879 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG
1882 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2));
1883 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1884 yyerror("expected yes or no.");
1885 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0);
1888 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
1892 stub_name: VAR_NAME STRING_ARG
1894 OUTYY(("P(name:%s)\n", $2));
1895 if(cfg_parser->cfg->stubs->name)
1896 yyerror("stub name override, there must be one name "
1897 "for one stub-zone");
1898 free(cfg_parser->cfg->stubs->name);
1899 cfg_parser->cfg->stubs->name = $2;
1902 stub_host: VAR_STUB_HOST STRING_ARG
1904 OUTYY(("P(stub-host:%s)\n", $2));
1905 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2))
1906 yyerror("out of memory");
1909 stub_addr: VAR_STUB_ADDR STRING_ARG
1911 OUTYY(("P(stub-addr:%s)\n", $2));
1912 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2))
1913 yyerror("out of memory");
1916 stub_first: VAR_STUB_FIRST STRING_ARG
1918 OUTYY(("P(stub-first:%s)\n", $2));
1919 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1920 yyerror("expected yes or no.");
1921 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0);
1925 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG
1927 OUTYY(("P(stub-ssl-upstream:%s)\n", $2));
1928 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1929 yyerror("expected yes or no.");
1930 else cfg_parser->cfg->stubs->ssl_upstream =
1931 (strcmp($2, "yes")==0);
1935 stub_prime: VAR_STUB_PRIME STRING_ARG
1937 OUTYY(("P(stub-prime:%s)\n", $2));
1938 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1939 yyerror("expected yes or no.");
1940 else cfg_parser->cfg->stubs->isprime =
1941 (strcmp($2, "yes")==0);
1945 forward_name: VAR_NAME STRING_ARG
1947 OUTYY(("P(name:%s)\n", $2));
1948 if(cfg_parser->cfg->forwards->name)
1949 yyerror("forward name override, there must be one "
1950 "name for one forward-zone");
1951 free(cfg_parser->cfg->forwards->name);
1952 cfg_parser->cfg->forwards->name = $2;
1955 forward_host: VAR_FORWARD_HOST STRING_ARG
1957 OUTYY(("P(forward-host:%s)\n", $2));
1958 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2))
1959 yyerror("out of memory");
1962 forward_addr: VAR_FORWARD_ADDR STRING_ARG
1964 OUTYY(("P(forward-addr:%s)\n", $2));
1965 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2))
1966 yyerror("out of memory");
1969 forward_first: VAR_FORWARD_FIRST STRING_ARG
1971 OUTYY(("P(forward-first:%s)\n", $2));
1972 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1973 yyerror("expected yes or no.");
1974 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0);
1978 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG
1980 OUTYY(("P(forward-ssl-upstream:%s)\n", $2));
1981 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1982 yyerror("expected yes or no.");
1983 else cfg_parser->cfg->forwards->ssl_upstream =
1984 (strcmp($2, "yes")==0);
1988 view_name: VAR_NAME STRING_ARG
1990 OUTYY(("P(name:%s)\n", $2));
1991 if(cfg_parser->cfg->views->name)
1992 yyerror("view name override, there must be one "
1993 "name for one view");
1994 free(cfg_parser->cfg->views->name);
1995 cfg_parser->cfg->views->name = $2;
1998 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
2000 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3));
2001 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
2002 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
2003 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
2004 && strcmp($3, "typetransparent")!=0
2005 && strcmp($3, "always_transparent")!=0
2006 && strcmp($3, "always_refuse")!=0
2007 && strcmp($3, "always_nxdomain")!=0
2008 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0)
2009 yyerror("local-zone type: expected static, deny, "
2010 "refuse, redirect, transparent, "
2011 "typetransparent, inform, inform_deny, "
2012 "always_transparent, always_refuse, "
2013 "always_nxdomain or nodefault");
2014 else if(strcmp($3, "nodefault")==0) {
2015 if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2016 local_zones_nodefault, $2))
2017 fatal_exit("out of memory adding local-zone");
2020 if(!cfg_str2list_insert(
2021 &cfg_parser->cfg->views->local_zones,
2023 fatal_exit("out of memory adding local-zone");
2027 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2029 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3));
2030 validate_respip_action($3);
2031 if(!cfg_str2list_insert(
2032 &cfg_parser->cfg->views->respip_actions, $2, $3))
2033 fatal_exit("out of memory adding per-view "
2034 "response-ip action");
2037 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2039 OUTYY(("P(view_response_ip_data:%s)\n", $2));
2040 if(!cfg_str2list_insert(
2041 &cfg_parser->cfg->views->respip_data, $2, $3))
2042 fatal_exit("out of memory adding response-ip-data");
2045 view_local_data: VAR_LOCAL_DATA STRING_ARG
2047 OUTYY(("P(view_local_data:%s)\n", $2));
2048 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) {
2049 fatal_exit("out of memory adding local-data");
2054 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
2057 OUTYY(("P(view_local_data_ptr:%s)\n", $2));
2058 ptr = cfg_ptr_reverse($2);
2061 if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2063 fatal_exit("out of memory adding local-data");
2065 yyerror("local-data-ptr could not be reversed");
2069 view_first: VAR_VIEW_FIRST STRING_ARG
2071 OUTYY(("P(view-first:%s)\n", $2));
2072 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2073 yyerror("expected yes or no.");
2074 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0);
2078 rcstart: VAR_REMOTE_CONTROL
2080 OUTYY(("\nP(remote-control:)\n"));
2083 contents_rc: contents_rc content_rc
2085 content_rc: rc_control_enable | rc_control_interface | rc_control_port |
2086 rc_server_key_file | rc_server_cert_file | rc_control_key_file |
2087 rc_control_cert_file | rc_control_use_cert
2089 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG
2091 OUTYY(("P(control_enable:%s)\n", $2));
2092 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2093 yyerror("expected yes or no.");
2094 else cfg_parser->cfg->remote_control_enable =
2095 (strcmp($2, "yes")==0);
2099 rc_control_port: VAR_CONTROL_PORT STRING_ARG
2101 OUTYY(("P(control_port:%s)\n", $2));
2103 yyerror("control port number expected");
2104 else cfg_parser->cfg->control_port = atoi($2);
2108 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG
2110 OUTYY(("P(control_interface:%s)\n", $2));
2111 if(!cfg_strlist_insert(&cfg_parser->cfg->control_ifs, $2))
2112 yyerror("out of memory");
2115 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG
2117 OUTYY(("P(control_use_cert:%s)\n", $2));
2118 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2119 yyerror("expected yes or no.");
2120 else cfg_parser->cfg->remote_control_use_cert =
2121 (strcmp($2, "yes")==0);
2125 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG
2127 OUTYY(("P(rc_server_key_file:%s)\n", $2));
2128 free(cfg_parser->cfg->server_key_file);
2129 cfg_parser->cfg->server_key_file = $2;
2132 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG
2134 OUTYY(("P(rc_server_cert_file:%s)\n", $2));
2135 free(cfg_parser->cfg->server_cert_file);
2136 cfg_parser->cfg->server_cert_file = $2;
2139 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG
2141 OUTYY(("P(rc_control_key_file:%s)\n", $2));
2142 free(cfg_parser->cfg->control_key_file);
2143 cfg_parser->cfg->control_key_file = $2;
2146 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG
2148 OUTYY(("P(rc_control_cert_file:%s)\n", $2));
2149 free(cfg_parser->cfg->control_cert_file);
2150 cfg_parser->cfg->control_cert_file = $2;
2155 OUTYY(("\nP(dnstap:)\n"));
2158 contents_dt: contents_dt content_dt
2160 content_dt: dt_dnstap_enable | dt_dnstap_socket_path |
2161 dt_dnstap_send_identity | dt_dnstap_send_version |
2162 dt_dnstap_identity | dt_dnstap_version |
2163 dt_dnstap_log_resolver_query_messages |
2164 dt_dnstap_log_resolver_response_messages |
2165 dt_dnstap_log_client_query_messages |
2166 dt_dnstap_log_client_response_messages |
2167 dt_dnstap_log_forwarder_query_messages |
2168 dt_dnstap_log_forwarder_response_messages
2170 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG
2172 OUTYY(("P(dt_dnstap_enable:%s)\n", $2));
2173 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2174 yyerror("expected yes or no.");
2175 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0);
2178 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG
2180 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2));
2181 free(cfg_parser->cfg->dnstap_socket_path);
2182 cfg_parser->cfg->dnstap_socket_path = $2;
2185 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG
2187 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2));
2188 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2189 yyerror("expected yes or no.");
2190 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0);
2193 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG
2195 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2));
2196 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2197 yyerror("expected yes or no.");
2198 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0);
2201 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG
2203 OUTYY(("P(dt_dnstap_identity:%s)\n", $2));
2204 free(cfg_parser->cfg->dnstap_identity);
2205 cfg_parser->cfg->dnstap_identity = $2;
2208 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG
2210 OUTYY(("P(dt_dnstap_version:%s)\n", $2));
2211 free(cfg_parser->cfg->dnstap_version);
2212 cfg_parser->cfg->dnstap_version = $2;
2215 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG
2217 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2));
2218 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2219 yyerror("expected yes or no.");
2220 else cfg_parser->cfg->dnstap_log_resolver_query_messages =
2221 (strcmp($2, "yes")==0);
2224 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG
2226 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2));
2227 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2228 yyerror("expected yes or no.");
2229 else cfg_parser->cfg->dnstap_log_resolver_response_messages =
2230 (strcmp($2, "yes")==0);
2233 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG
2235 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2));
2236 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2237 yyerror("expected yes or no.");
2238 else cfg_parser->cfg->dnstap_log_client_query_messages =
2239 (strcmp($2, "yes")==0);
2242 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG
2244 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2));
2245 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2246 yyerror("expected yes or no.");
2247 else cfg_parser->cfg->dnstap_log_client_response_messages =
2248 (strcmp($2, "yes")==0);
2251 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG
2253 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2));
2254 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2255 yyerror("expected yes or no.");
2256 else cfg_parser->cfg->dnstap_log_forwarder_query_messages =
2257 (strcmp($2, "yes")==0);
2260 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG
2262 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2));
2263 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2264 yyerror("expected yes or no.");
2265 else cfg_parser->cfg->dnstap_log_forwarder_response_messages =
2266 (strcmp($2, "yes")==0);
2269 pythonstart: VAR_PYTHON
2271 OUTYY(("\nP(python:)\n"));
2274 contents_py: contents_py content_py
2276 content_py: py_script
2278 py_script: VAR_PYTHON_SCRIPT STRING_ARG
2280 OUTYY(("P(python-script:%s)\n", $2));
2281 free(cfg_parser->cfg->python_script);
2282 cfg_parser->cfg->python_script = $2;
2284 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG
2286 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2));
2287 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2288 yyerror("expected yes or no.");
2289 else cfg_parser->cfg->disable_dnssec_lame_check =
2290 (strcmp($2, "yes")==0);
2294 server_log_identity: VAR_LOG_IDENTITY STRING_ARG
2296 OUTYY(("P(server_log_identity:%s)\n", $2));
2297 free(cfg_parser->cfg->log_identity);
2298 cfg_parser->cfg->log_identity = $2;
2301 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2303 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3));
2304 validate_respip_action($3);
2305 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions,
2307 fatal_exit("out of memory adding response-ip");
2310 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2312 OUTYY(("P(server_response_ip_data:%s)\n", $2));
2313 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data,
2315 fatal_exit("out of memory adding response-ip-data");
2318 dnscstart: VAR_DNSCRYPT
2320 OUTYY(("\nP(dnscrypt:)\n"));
2321 OUTYY(("\nP(dnscrypt:)\n"));
2324 contents_dnsc: contents_dnsc content_dnsc
2327 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider |
2328 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert |
2329 dnsc_dnscrypt_shared_secret_cache_size |
2330 dnsc_dnscrypt_shared_secret_cache_slabs
2332 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG
2334 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2));
2335 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2336 yyerror("expected yes or no.");
2337 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0);
2342 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG
2344 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2));
2347 yyerror("port number expected");
2348 else cfg_parser->cfg->dnscrypt_port = atoi($2);
2352 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG
2354 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2));
2355 free(cfg_parser->cfg->dnscrypt_provider);
2356 cfg_parser->cfg->dnscrypt_provider = $2;
2359 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG
2361 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2));
2362 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2))
2363 fatal_exit("out of memory adding dnscrypt-provider-cert");
2366 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG
2368 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2));
2369 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2))
2370 fatal_exit("out of memory adding dnscrypt-secret-key");
2373 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG
2375 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2));
2376 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size))
2377 yyerror("memory size expected");
2381 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG
2383 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2));
2385 yyerror("number expected");
2387 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2);
2388 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs))
2389 yyerror("must be a power of 2");
2394 cachedbstart: VAR_CACHEDB
2396 OUTYY(("\nP(cachedb:)\n"));
2399 contents_cachedb: contents_cachedb content_cachedb
2401 content_cachedb: cachedb_backend_name | cachedb_secret_seed
2403 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG
2406 OUTYY(("P(backend:%s)\n", $2));
2407 if(cfg_parser->cfg->cachedb_backend)
2408 yyerror("cachedb backend override, there must be one "
2410 free(cfg_parser->cfg->cachedb_backend);
2411 cfg_parser->cfg->cachedb_backend = $2;
2413 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2417 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG
2420 OUTYY(("P(secret-seed:%s)\n", $2));
2421 if(cfg_parser->cfg->cachedb_secret)
2422 yyerror("cachedb secret-seed override, there must be "
2424 free(cfg_parser->cfg->cachedb_secret);
2425 cfg_parser->cfg->cachedb_secret = $2;
2427 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2434 /* parse helper routines could be here */
2436 validate_respip_action(const char* action)
2438 if(strcmp(action, "deny")!=0 &&
2439 strcmp(action, "redirect")!=0 &&
2440 strcmp(action, "inform")!=0 &&
2441 strcmp(action, "inform_deny")!=0 &&
2442 strcmp(action, "always_transparent")!=0 &&
2443 strcmp(action, "always_refuse")!=0 &&
2444 strcmp(action, "always_nxdomain")!=0)
2446 yyerror("response-ip action: expected deny, redirect, "
2447 "inform, inform_deny, always_transparent, "
2448 "always_refuse or always_nxdomain");