summaryrefslogtreecommitdiff
path: root/usr.sbin/unbound/util/config_file.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin/unbound/util/config_file.c')
-rw-r--r--usr.sbin/unbound/util/config_file.c132
1 files changed, 127 insertions, 5 deletions
diff --git a/usr.sbin/unbound/util/config_file.c b/usr.sbin/unbound/util/config_file.c
index 3e72bcad06b..1eba4af860c 100644
--- a/usr.sbin/unbound/util/config_file.c
+++ b/usr.sbin/unbound/util/config_file.c
@@ -105,8 +105,10 @@ config_create(void)
cfg->ssl_port = 853;
cfg->ssl_upstream = 0;
cfg->use_syslog = 1;
+ cfg->log_identity = NULL; /* changed later with argv[0] */
cfg->log_time_ascii = 0;
cfg->log_queries = 0;
+ cfg->log_replies = 0;
#ifndef USE_WINSOCK
# ifdef USE_MINI_EVENT
/* select max 1024 sockets */
@@ -157,6 +159,7 @@ config_create(void)
cfg->donotqueryaddrs = NULL;
cfg->donotquery_localhost = 1;
cfg->root_hints = NULL;
+ cfg->use_systemd = 0;
cfg->do_daemonize = 1;
cfg->if_automatic = 0;
cfg->so_rcvbuf = 0;
@@ -170,6 +173,7 @@ config_create(void)
cfg->out_ifs = NULL;
cfg->stubs = NULL;
cfg->forwards = NULL;
+ cfg->views = NULL;
cfg->acls = NULL;
cfg->harden_short_bufsize = 0;
cfg->harden_large_queries = 0;
@@ -202,6 +206,7 @@ config_create(void)
cfg->val_log_squelch = 0;
cfg->val_permissive_mode = 0;
cfg->ignore_cd = 0;
+ cfg->serve_expired = 0;
cfg->add_holddown = 30*24*3600;
cfg->del_holddown = 30*24*3600;
cfg->keep_missing = 366*24*3600; /* one year plus a little leeway */
@@ -212,6 +217,7 @@ config_create(void)
cfg->local_zones = NULL;
cfg->local_zones_nodefault = NULL;
cfg->local_data = NULL;
+ cfg->local_zone_overrides = NULL;
cfg->unblock_lan_zones = 0;
cfg->insecure_lan_zones = 0;
cfg->python_script = NULL;
@@ -239,13 +245,18 @@ config_create(void)
goto error_exit;
#endif
cfg->disable_dnssec_lame_check = 0;
+ cfg->ip_ratelimit = 0;
cfg->ratelimit = 0;
+ cfg->ip_ratelimit_slabs = 4;
cfg->ratelimit_slabs = 4;
+ cfg->ip_ratelimit_size = 4*1024*1024;
cfg->ratelimit_size = 4*1024*1024;
cfg->ratelimit_for_domain = NULL;
cfg->ratelimit_below_domain = NULL;
+ cfg->ip_ratelimit_factor = 10;
cfg->ratelimit_factor = 10;
cfg->qname_minimisation = 0;
+ cfg->qname_minimisation_strict = 0;
return cfg;
error_exit:
config_delete(cfg);
@@ -366,6 +377,7 @@ int config_set_option(struct config_file* cfg, const char* opt,
log_set_time_asc(cfg->log_time_ascii); }
else S_SIZET_NONZERO("max-udp-size:", max_udp_size)
else S_YNO("use-syslog:", use_syslog)
+ else S_STR("log-identity:", log_identity)
else S_YNO("extended-statistics:", stat_extended)
else S_YNO("statistics-cumulative:", stat_cumulative)
else S_YNO("do-ip4:", do_ip4)
@@ -380,6 +392,7 @@ int config_set_option(struct config_file* cfg, const char* opt,
else S_STR("ssl-service-pem:", ssl_service_pem)
else S_NUMBER_NONZERO("ssl-port:", ssl_port)
else S_YNO("interface-automatic:", if_automatic)
+ else S_YNO("use-systemd:", use_systemd)
else S_YNO("do-daemonize:", do_daemonize)
else S_NUMBER_NONZERO("port:", port)
else S_NUMBER_NONZERO("outgoing-range:", outgoing_num_ports)
@@ -450,8 +463,10 @@ int config_set_option(struct config_file* cfg, const char* opt,
else S_NUMBER_OR_ZERO("val-log-level:", val_log_level)
else S_YNO("val-log-squelch:", val_log_squelch)
else S_YNO("log-queries:", log_queries)
+ else S_YNO("log-replies:", log_replies)
else S_YNO("val-permissive-mode:", val_permissive_mode)
else S_YNO("ignore-cd-flag:", ignore_cd)
+ else S_YNO("serve-expired:", serve_expired)
else S_STR("val-nsec3-keysize-iterations:", val_nsec3_key_iterations)
else S_UNSIGNED_OR_ZERO("add-holddown:", add_holddown)
else S_UNSIGNED_OR_ZERO("del-holddown:", del_holddown)
@@ -477,14 +492,22 @@ int config_set_option(struct config_file* cfg, const char* opt,
else S_STR("module-config:", module_conf)
else S_STR("python-script:", python_script)
else S_YNO("disable-dnssec-lame-check:", disable_dnssec_lame_check)
+ else if(strcmp(opt, "ip-ratelimit:") == 0) {
+ IS_NUMBER_OR_ZERO; cfg->ip_ratelimit = atoi(val);
+ infra_ip_ratelimit=cfg->ip_ratelimit;
+ }
else if(strcmp(opt, "ratelimit:") == 0) {
IS_NUMBER_OR_ZERO; cfg->ratelimit = atoi(val);
infra_dp_ratelimit=cfg->ratelimit;
}
+ else S_MEMSIZE("ip-ratelimit-size:", ip_ratelimit_size)
else S_MEMSIZE("ratelimit-size:", ratelimit_size)
+ else S_POW2("ip-ratelimit-slabs:", ip_ratelimit_slabs)
else S_POW2("ratelimit-slabs:", ratelimit_slabs)
+ else S_NUMBER_OR_ZERO("ip-ratelimit-factor:", ip_ratelimit_factor)
else S_NUMBER_OR_ZERO("ratelimit-factor:", ratelimit_factor)
else S_YNO("qname-minimisation:", qname_minimisation)
+ else S_YNO("qname-minimisation-strict:", qname_minimisation_strict)
else if(strcmp(opt, "define-tag:") ==0) {
return config_add_tag(cfg, val);
/* val_sig_skew_min and max are copied into val_env during init,
@@ -508,10 +531,11 @@ int config_set_option(struct config_file* cfg, const char* opt,
/* unknown or unsupported (from the set_option interface):
* interface, outgoing-interface, access-control,
* stub-zone, name, stub-addr, stub-host, stub-prime
- * forward-first, stub-first,
- * forward-zone, name, forward-addr, forward-host,
+ * forward-first, stub-first, forward-ssl-upstream,
+ * stub-ssl-upstream, forward-zone,
+ * name, forward-addr, forward-host,
* ratelimit-for-domain, ratelimit-below-domain,
- * local-zone-tag */
+ * local-zone-tag, access-control-view */
return 0;
}
return 1;
@@ -640,6 +664,14 @@ config_collate_cat(struct config_strlist* list)
func(buf, arg); \
} \
}
+/** compare and print list option */
+#define O_LS3(opt, name, lst) if(strcmp(opt, name)==0) { \
+ struct config_str3list* p = cfg->lst; \
+ for(p = cfg->lst; p; p = p->next) { \
+ snprintf(buf, len, "%s %s %s", p->str, p->str2, p->str3); \
+ func(buf, arg); \
+ } \
+ }
/** compare and print taglist option */
#define O_LTG(opt, name, lst) if(strcmp(opt, name)==0) { \
char* tmpstr = NULL; \
@@ -666,6 +698,7 @@ config_get_option(struct config_file* cfg, const char* opt,
else O_YNO(opt, "statistics-cumulative", stat_cumulative)
else O_YNO(opt, "extended-statistics", stat_extended)
else O_YNO(opt, "use-syslog", use_syslog)
+ else O_STR(opt, "log-identity", log_identity)
else O_YNO(opt, "log-time-ascii", log_time_ascii)
else O_DEC(opt, "num-threads", num_threads)
else O_IFC(opt, "interface", num_ifs, ifs)
@@ -709,12 +742,14 @@ config_get_option(struct config_file* cfg, const char* opt,
else O_STR(opt, "ssl-service-key", ssl_service_key)
else O_STR(opt, "ssl-service-pem", ssl_service_pem)
else O_DEC(opt, "ssl-port", ssl_port)
+ else O_YNO(opt, "use-systemd", use_systemd)
else O_YNO(opt, "do-daemonize", do_daemonize)
else O_STR(opt, "chroot", chrootdir)
else O_STR(opt, "username", username)
else O_STR(opt, "directory", directory)
else O_STR(opt, "logfile", logfile)
else O_YNO(opt, "log-queries", log_queries)
+ else O_YNO(opt, "log-replies", log_replies)
else O_STR(opt, "pidfile", pidfile)
else O_YNO(opt, "hide-identity", hide_identity)
else O_YNO(opt, "hide-version", hide_version)
@@ -739,6 +774,7 @@ config_get_option(struct config_file* cfg, const char* opt,
else O_DEC(opt, "val-log-level", val_log_level)
else O_YNO(opt, "val-permissive-mode", val_permissive_mode)
else O_YNO(opt, "ignore-cd-flag", ignore_cd)
+ else O_YNO(opt, "serve-expired", serve_expired)
else O_STR(opt, "val-nsec3-keysize-iterations",val_nsec3_key_iterations)
else O_UNS(opt, "add-holddown", add_holddown)
else O_UNS(opt, "del-holddown", del_holddown)
@@ -773,17 +809,27 @@ config_get_option(struct config_file* cfg, const char* opt,
else O_DEC(opt, "max-udp-size", max_udp_size)
else O_STR(opt, "python-script", python_script)
else O_YNO(opt, "disable-dnssec-lame-check", disable_dnssec_lame_check)
+ else O_DEC(opt, "ip-ratelimit", ip_ratelimit)
else O_DEC(opt, "ratelimit", ratelimit)
+ else O_MEM(opt, "ip-ratelimit-size", ip_ratelimit_size)
else O_MEM(opt, "ratelimit-size", ratelimit_size)
+ else O_DEC(opt, "ip-ratelimit-slabs", ip_ratelimit_slabs)
else O_DEC(opt, "ratelimit-slabs", ratelimit_slabs)
else O_LS2(opt, "ratelimit-for-domain", ratelimit_for_domain)
else O_LS2(opt, "ratelimit-below-domain", ratelimit_below_domain)
+ else O_DEC(opt, "ip-ratelimit-factor", ip_ratelimit_factor)
else O_DEC(opt, "ratelimit-factor", ratelimit_factor)
else O_DEC(opt, "val-sig-skew-min", val_sig_skew_min)
else O_DEC(opt, "val-sig-skew-max", val_sig_skew_max)
else O_YNO(opt, "qname-minimisation", qname_minimisation)
+ else O_YNO(opt, "qname-minimisation-strict", qname_minimisation_strict)
else O_IFC(opt, "define-tag", num_tags, tagname)
else O_LTG(opt, "local-zone-tag", local_zone_tags)
+ else O_LTG(opt, "access-control-tag", acl_tags)
+ else O_LS3(opt, "local-zone-override", local_zone_overrides)
+ else O_LS3(opt, "access-control-tag-action", acl_tag_actions)
+ else O_LS3(opt, "access-control-tag-data", acl_tag_datas)
+ else O_LS2(opt, "access-control-view", acl_view)
/* not here:
* outgoing-permit, outgoing-avoid - have list of ports
* local-zone - zones and nodefault variables
@@ -936,6 +982,20 @@ config_deldblstrlist(struct config_str2list* p)
}
void
+config_deltrplstrlist(struct config_str3list* p)
+{
+ struct config_str3list *np;
+ while(p) {
+ np = p->next;
+ free(p->str);
+ free(p->str2);
+ free(p->str3);
+ free(p);
+ p = np;
+ }
+}
+
+void
config_delstub(struct config_stub* p)
{
if(!p) return;
@@ -956,6 +1016,27 @@ config_delstubs(struct config_stub* p)
}
}
+void
+config_delview(struct config_view* p)
+{
+ if(!p) return;
+ free(p->name);
+ config_deldblstrlist(p->local_zones);
+ config_delstrlist(p->local_zones_nodefault);
+ config_delstrlist(p->local_data);
+ free(p);
+}
+
+void
+config_delviews(struct config_view* p)
+{
+ struct config_view* np;
+ while(p) {
+ np = p->next;
+ config_delview(p);
+ p = np;
+ }
+}
/** delete string array */
static void
config_del_strarray(char** array, int num)
@@ -969,8 +1050,7 @@ config_del_strarray(char** array, int num)
free(array);
}
-/** delete stringbytelist */
-static void
+void
config_del_strbytelist(struct config_strbytelist* p)
{
struct config_strbytelist* np;
@@ -995,10 +1075,12 @@ config_delete(struct config_file* cfg)
free(cfg->target_fetch_policy);
free(cfg->ssl_service_key);
free(cfg->ssl_service_pem);
+ free(cfg->log_identity);
config_del_strarray(cfg->ifs, cfg->num_ifs);
config_del_strarray(cfg->out_ifs, cfg->num_out_ifs);
config_delstubs(cfg->stubs);
config_delstubs(cfg->forwards);
+ config_delviews(cfg->views);
config_delstrlist(cfg->donotqueryaddrs);
config_delstrlist(cfg->root_hints);
free(cfg->identity);
@@ -1020,8 +1102,12 @@ config_delete(struct config_file* cfg)
config_deldblstrlist(cfg->local_zones);
config_delstrlist(cfg->local_zones_nodefault);
config_delstrlist(cfg->local_data);
+ config_deltrplstrlist(cfg->local_zone_overrides);
config_del_strarray(cfg->tagname, cfg->num_tags);
config_del_strbytelist(cfg->local_zone_tags);
+ config_del_strbytelist(cfg->acl_tags);
+ config_deltrplstrlist(cfg->acl_tag_actions);
+ config_deltrplstrlist(cfg->acl_tag_datas);
config_delstrlist(cfg->control_ifs);
free(cfg->server_key_file);
free(cfg->server_cert_file);
@@ -1180,6 +1266,23 @@ int cfg_strlist_append(struct config_strlist_head* list, char* item)
}
int
+cfg_region_strlist_insert(struct regional* region,
+ struct config_strlist** head, char* item)
+{
+ struct config_strlist *s;
+ if(!item || !head)
+ return 0;
+ s = (struct config_strlist*)regional_alloc_zero(region,
+ sizeof(struct config_strlist));
+ if(!s)
+ return 0;
+ s->str = item;
+ s->next = *head;
+ *head = s;
+ return 1;
+}
+
+int
cfg_strlist_insert(struct config_strlist** head, char* item)
{
struct config_strlist *s;
@@ -1210,6 +1313,24 @@ cfg_str2list_insert(struct config_str2list** head, char* item, char* i2)
return 1;
}
+int
+cfg_str3list_insert(struct config_str3list** head, char* item, char* i2,
+ char* i3)
+{
+ struct config_str3list *s;
+ if(!item || !i2 || !i3 || !head)
+ return 0;
+ s = (struct config_str3list*)calloc(1, sizeof(struct config_str3list));
+ if(!s)
+ return 0;
+ s->str = item;
+ s->str2 = i2;
+ s->str3 = i3;
+ s->next = *head;
+ *head = s;
+ return 1;
+}
+
int
cfg_strbytelist_insert(struct config_strbytelist** head, char* item,
uint8_t* i2, size_t i2len)
@@ -1373,6 +1494,7 @@ cfg_set_bit(uint8_t* bitlist, size_t len, int id)
{
int pos = id/8;
log_assert((size_t)pos < len);
+ (void)len;
bitlist[pos] |= 1<<(id%8);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-29 04:56:40 +0000