From 45d6379135504814ab723b57f0eb8be23393a51d Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 27 Apr 2024 09:24:22 +0200 Subject: Adding upstream version 1:9.16.44. Signed-off-by: Daniel Baumann --- lib/isccfg/Kyuafile | 15 + lib/isccfg/Makefile.in | 79 + lib/isccfg/aclconf.c | 934 ++++++ lib/isccfg/dnsconf.c | 58 + lib/isccfg/include/.clang-format | 1 + lib/isccfg/include/Makefile.in | 19 + lib/isccfg/include/isccfg/Makefile.in | 42 + lib/isccfg/include/isccfg/aclconf.h | 94 + lib/isccfg/include/isccfg/cfg.h | 626 ++++ lib/isccfg/include/isccfg/dnsconf.h | 30 + lib/isccfg/include/isccfg/grammar.h | 620 ++++ lib/isccfg/include/isccfg/kaspconf.h | 60 + lib/isccfg/include/isccfg/log.h | 49 + lib/isccfg/include/isccfg/namedconf.h | 57 + lib/isccfg/include/isccfg/version.h | 18 + lib/isccfg/kaspconf.c | 423 +++ lib/isccfg/log.c | 41 + lib/isccfg/namedconf.c | 3891 +++++++++++++++++++++++ lib/isccfg/parser.c | 4145 +++++++++++++++++++++++++ lib/isccfg/tests/Kyuafile | 16 + lib/isccfg/tests/Makefile.in | 57 + lib/isccfg/tests/duration_test.c | 278 ++ lib/isccfg/tests/parser_test.c | 290 ++ lib/isccfg/version.c | 18 + lib/isccfg/win32/DLLMain.c | 51 + lib/isccfg/win32/libisccfg.def | 175 ++ lib/isccfg/win32/libisccfg.vcxproj.filters.in | 72 + lib/isccfg/win32/libisccfg.vcxproj.in | 143 + lib/isccfg/win32/libisccfg.vcxproj.user | 3 + lib/isccfg/win32/version.c | 18 + 30 files changed, 12323 insertions(+) create mode 100644 lib/isccfg/Kyuafile create mode 100644 lib/isccfg/Makefile.in create mode 100644 lib/isccfg/aclconf.c create mode 100644 lib/isccfg/dnsconf.c create mode 120000 lib/isccfg/include/.clang-format create mode 100644 lib/isccfg/include/Makefile.in create mode 100644 lib/isccfg/include/isccfg/Makefile.in create mode 100644 lib/isccfg/include/isccfg/aclconf.h create mode 100644 lib/isccfg/include/isccfg/cfg.h create mode 100644 lib/isccfg/include/isccfg/dnsconf.h create mode 100644 lib/isccfg/include/isccfg/grammar.h create mode 100644 lib/isccfg/include/isccfg/kaspconf.h create mode 100644 lib/isccfg/include/isccfg/log.h create mode 100644 lib/isccfg/include/isccfg/namedconf.h create mode 100644 lib/isccfg/include/isccfg/version.h create mode 100644 lib/isccfg/kaspconf.c create mode 100644 lib/isccfg/log.c create mode 100644 lib/isccfg/namedconf.c create mode 100644 lib/isccfg/parser.c create mode 100644 lib/isccfg/tests/Kyuafile create mode 100644 lib/isccfg/tests/Makefile.in create mode 100644 lib/isccfg/tests/duration_test.c create mode 100644 lib/isccfg/tests/parser_test.c create mode 100644 lib/isccfg/version.c create mode 100644 lib/isccfg/win32/DLLMain.c create mode 100644 lib/isccfg/win32/libisccfg.def create mode 100644 lib/isccfg/win32/libisccfg.vcxproj.filters.in create mode 100644 lib/isccfg/win32/libisccfg.vcxproj.in create mode 100644 lib/isccfg/win32/libisccfg.vcxproj.user create mode 100644 lib/isccfg/win32/version.c (limited to 'lib/isccfg') diff --git a/lib/isccfg/Kyuafile b/lib/isccfg/Kyuafile new file mode 100644 index 0000000..c796010 --- /dev/null +++ b/lib/isccfg/Kyuafile @@ -0,0 +1,15 @@ +-- Copyright (C) Internet Systems Consortium, Inc. ("ISC") +-- +-- SPDX-License-Identifier: MPL-2.0 +-- +-- This Source Code Form is subject to the terms of the Mozilla Public +-- License, v. 2.0. If a copy of the MPL was not distributed with this +-- file, you can obtain one at https://mozilla.org/MPL/2.0/. +-- +-- See the COPYRIGHT file distributed with this work for additional +-- information regarding copyright ownership. + +syntax(2) +test_suite('bind9') + +include('tests/Kyuafile') diff --git a/lib/isccfg/Makefile.in b/lib/isccfg/Makefile.in new file mode 100644 index 0000000..efe04b4 --- /dev/null +++ b/lib/isccfg/Makefile.in @@ -0,0 +1,79 @@ +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +VERSION=@BIND9_VERSION@ + +@BIND9_MAKE_INCLUDES@ + +CINCLUDES = -I. ${DNS_INCLUDES} ${ISC_INCLUDES} ${ISCCFG_INCLUDES} + +CDEFINES = +CWARNINGS = + +ISCLIBS = ../../lib/isc/libisc.@A@ +DNSLIBS = ../../lib/dns/libdns.@A@ @NO_LIBTOOL_DNSLIBS@ +ISCCFGLIBS = ../../lib/cfg/libisccfg.@A@ + +ISCDEPLIBS = ../../lib/isc/libisc.@A@ +ISCCFGDEPLIBS = libisccfg.@A@ + +LIBS = @LIBS@ + +SUBDIRS = include +TESTDIRS = @UNITTESTS@ + +# Alphabetically +OBJS = aclconf.@O@ dnsconf.@O@ kaspconf.@O@ log.@O@ namedconf.@O@ \ + parser.@O@ version.@O@ + +# Alphabetically +SRCS = aclconf.c dnsconf.c kaspconf.c log.c namedconf.c \ + parser.c version.c + +TARGETS = timestamp + +@BIND9_MAKE_RULES@ + +version.@O@: version.c + ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \ + -DVERSION=\"${VERSION}\" \ + -c ${srcdir}/version.c + +libisccfg.@SA@: ${OBJS} + ${AR} ${ARFLAGS} $@ ${OBJS} + ${RANLIB} $@ + +libisccfg.la: ${OBJS} + ${LIBTOOL_MODE_LINK} \ + ${CC} ${ALL_CFLAGS} ${LDFLAGS} -o libisccfg.la -rpath ${libdir} \ + -release "${VERSION}" \ + ${OBJS} ${DNSLIBS} ${ISCLIBS} ${LIBS} + +timestamp: libisccfg.@A@ + touch timestamp + +testdirs: libisccfg.@A@ + +installdirs: + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${libdir} + +install:: timestamp installdirs + ${LIBTOOL_MODE_INSTALL} ${INSTALL_LIBRARY} libisccfg.@A@ ${DESTDIR}${libdir} + +uninstall:: + ${LIBTOOL_MODE_UNINSTALL} rm -f ${DESTDIR}${libdir}/libisccfg.@A@ + +clean distclean:: + rm -f libisccfg.@A@ timestamp diff --git a/lib/isccfg/aclconf.c b/lib/isccfg/aclconf.c new file mode 100644 index 0000000..f0d3b18 --- /dev/null +++ b/lib/isccfg/aclconf.c @@ -0,0 +1,934 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#include +#include +#include + +#include +#include +#include /* Required for HP/UX (and others?) */ +#include + +#include +#include +#include +#include + +#include +#include + +#define LOOP_MAGIC ISC_MAGIC('L', 'O', 'O', 'P') + +#if defined(HAVE_GEOIP2) +static const char *geoip_dbnames[] = { + "country", "city", "asnum", "isp", "domain", NULL, +}; +#endif /* if defined(HAVE_GEOIP2) */ + +isc_result_t +cfg_aclconfctx_create(isc_mem_t *mctx, cfg_aclconfctx_t **ret) { + cfg_aclconfctx_t *actx; + + REQUIRE(mctx != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + actx = isc_mem_get(mctx, sizeof(*actx)); + + isc_refcount_init(&actx->references, 1); + + actx->mctx = NULL; + isc_mem_attach(mctx, &actx->mctx); + ISC_LIST_INIT(actx->named_acl_cache); + +#if defined(HAVE_GEOIP2) + actx->geoip = NULL; +#endif /* if defined(HAVE_GEOIP2) */ + + *ret = actx; + return (ISC_R_SUCCESS); +} + +void +cfg_aclconfctx_attach(cfg_aclconfctx_t *src, cfg_aclconfctx_t **dest) { + REQUIRE(src != NULL); + REQUIRE(dest != NULL && *dest == NULL); + + isc_refcount_increment(&src->references); + *dest = src; +} + +void +cfg_aclconfctx_detach(cfg_aclconfctx_t **actxp) { + REQUIRE(actxp != NULL && *actxp != NULL); + cfg_aclconfctx_t *actx = *actxp; + *actxp = NULL; + + if (isc_refcount_decrement(&actx->references) == 1) { + dns_acl_t *dacl, *next; + isc_refcount_destroy(&actx->references); + for (dacl = ISC_LIST_HEAD(actx->named_acl_cache); dacl != NULL; + dacl = next) + { + next = ISC_LIST_NEXT(dacl, nextincache); + ISC_LIST_UNLINK(actx->named_acl_cache, dacl, + nextincache); + dns_acl_detach(&dacl); + } + isc_mem_putanddetach(&actx->mctx, actx, sizeof(*actx)); + } +} + +/* + * Find the definition of the named acl whose name is "name". + */ +static isc_result_t +get_acl_def(const cfg_obj_t *cctx, const char *name, const cfg_obj_t **ret) { + isc_result_t result; + const cfg_obj_t *acls = NULL; + const cfg_listelt_t *elt; + + result = cfg_map_get(cctx, "acl", &acls); + if (result != ISC_R_SUCCESS) { + return (result); + } + for (elt = cfg_list_first(acls); elt != NULL; elt = cfg_list_next(elt)) + { + const cfg_obj_t *acl = cfg_listelt_value(elt); + const char *aclname = + cfg_obj_asstring(cfg_tuple_get(acl, "name")); + if (strcasecmp(aclname, name) == 0) { + if (ret != NULL) { + *ret = cfg_tuple_get(acl, "value"); + } + return (ISC_R_SUCCESS); + } + } + return (ISC_R_NOTFOUND); +} + +static isc_result_t +convert_named_acl(const cfg_obj_t *nameobj, const cfg_obj_t *cctx, + isc_log_t *lctx, cfg_aclconfctx_t *ctx, isc_mem_t *mctx, + unsigned int nest_level, dns_acl_t **target) { + isc_result_t result; + const cfg_obj_t *cacl = NULL; + dns_acl_t *dacl; + dns_acl_t loop; + const char *aclname = cfg_obj_asstring(nameobj); + + /* Look for an already-converted version. */ + for (dacl = ISC_LIST_HEAD(ctx->named_acl_cache); dacl != NULL; + dacl = ISC_LIST_NEXT(dacl, nextincache)) + { + /* cppcheck-suppress nullPointerRedundantCheck symbolName=dacl + */ + if (strcasecmp(aclname, dacl->name) == 0) { + if (ISC_MAGIC_VALID(dacl, LOOP_MAGIC)) { + cfg_obj_log(nameobj, lctx, ISC_LOG_ERROR, + "acl loop detected: %s", aclname); + return (ISC_R_FAILURE); + } + dns_acl_attach(dacl, target); + return (ISC_R_SUCCESS); + } + } + /* Not yet converted. Convert now. */ + result = get_acl_def(cctx, aclname, &cacl); + if (result != ISC_R_SUCCESS) { + cfg_obj_log(nameobj, lctx, ISC_LOG_WARNING, + "undefined ACL '%s'", aclname); + return (result); + } + /* + * Add a loop detection element. + */ + memset(&loop, 0, sizeof(loop)); + ISC_LINK_INIT(&loop, nextincache); + DE_CONST(aclname, loop.name); + loop.magic = LOOP_MAGIC; + ISC_LIST_APPEND(ctx->named_acl_cache, &loop, nextincache); + result = cfg_acl_fromconfig(cacl, cctx, lctx, ctx, mctx, nest_level, + &dacl); + ISC_LIST_UNLINK(ctx->named_acl_cache, &loop, nextincache); + loop.magic = 0; + loop.name = NULL; + if (result != ISC_R_SUCCESS) { + return (result); + } + dacl->name = isc_mem_strdup(dacl->mctx, aclname); + ISC_LIST_APPEND(ctx->named_acl_cache, dacl, nextincache); + dns_acl_attach(dacl, target); + return (ISC_R_SUCCESS); +} + +static isc_result_t +convert_keyname(const cfg_obj_t *keyobj, isc_log_t *lctx, isc_mem_t *mctx, + dns_name_t *dnsname) { + isc_result_t result; + isc_buffer_t buf; + dns_fixedname_t fixname; + unsigned int keylen; + const char *txtname = cfg_obj_asstring(keyobj); + + keylen = strlen(txtname); + isc_buffer_constinit(&buf, txtname, keylen); + isc_buffer_add(&buf, keylen); + dns_fixedname_init(&fixname); + result = dns_name_fromtext(dns_fixedname_name(&fixname), &buf, + dns_rootname, 0, NULL); + if (result != ISC_R_SUCCESS) { + cfg_obj_log(keyobj, lctx, ISC_LOG_WARNING, + "key name '%s' is not a valid domain name", + txtname); + return (result); + } + dns_name_dup(dns_fixedname_name(&fixname), mctx, dnsname); + return (ISC_R_SUCCESS); +} + +/* + * Recursively pre-parse an ACL definition to find the total number + * of non-IP-prefix elements (localhost, localnets, key) in all nested + * ACLs, so that the parent will have enough space allocated for the + * elements table after all the nested ACLs have been merged in to the + * parent. + */ +static isc_result_t +count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx, + isc_log_t *lctx, cfg_aclconfctx_t *ctx, isc_mem_t *mctx, + uint32_t *count, bool *has_negative) { + const cfg_listelt_t *elt; + isc_result_t result; + uint32_t n = 0; + + REQUIRE(count != NULL); + + if (has_negative != NULL) { + *has_negative = false; + } + + for (elt = cfg_list_first(caml); elt != NULL; elt = cfg_list_next(elt)) + { + const cfg_obj_t *ce = cfg_listelt_value(elt); + + /* might be a negated element, in which case get the value. */ + if (cfg_obj_istuple(ce)) { + const cfg_obj_t *negated = cfg_tuple_get(ce, "negated"); + if (!cfg_obj_isvoid(negated)) { + ce = negated; + if (has_negative != NULL) { + *has_negative = true; + } + } + } + + if (cfg_obj_istype(ce, &cfg_type_keyref)) { + n++; + } else if (cfg_obj_islist(ce)) { + bool negative; + uint32_t sub; + result = count_acl_elements(ce, cctx, lctx, ctx, mctx, + &sub, &negative); + if (result != ISC_R_SUCCESS) { + return (result); + } + n += sub; + if (negative) { + n++; + } +#if defined(HAVE_GEOIP2) + } else if (cfg_obj_istuple(ce) && + cfg_obj_isvoid(cfg_tuple_get(ce, "negated"))) + { + n++; +#endif /* HAVE_GEOIP2 */ + } else if (cfg_obj_isstring(ce)) { + const char *name = cfg_obj_asstring(ce); + if (strcasecmp(name, "localhost") == 0 || + strcasecmp(name, "localnets") == 0 || + strcasecmp(name, "none") == 0) + { + n++; + } else if (strcasecmp(name, "any") != 0) { + dns_acl_t *inneracl = NULL; + /* + * Convert any named acls we reference now if + * they have not already been converted. + */ + result = convert_named_acl(ce, cctx, lctx, ctx, + mctx, 0, &inneracl); + if (result == ISC_R_SUCCESS) { + if (inneracl->has_negatives) { + n++; + } else { + n += inneracl->length; + } + dns_acl_detach(&inneracl); + } else { + return (result); + } + } + } + } + + *count = n; + return (ISC_R_SUCCESS); +} + +#if defined(HAVE_GEOIP2) +static dns_geoip_subtype_t +get_subtype(const cfg_obj_t *obj, isc_log_t *lctx, dns_geoip_subtype_t subtype, + const char *dbname) { + if (dbname == NULL) { + return (subtype); + } + + switch (subtype) { + case dns_geoip_countrycode: + if (strcasecmp(dbname, "city") == 0) { + return (dns_geoip_city_countrycode); + } else if (strcasecmp(dbname, "country") == 0) { + return (dns_geoip_country_code); + } + cfg_obj_log(obj, lctx, ISC_LOG_ERROR, + "invalid database specified for " + "country search: ignored"); + return (subtype); + case dns_geoip_countryname: + if (strcasecmp(dbname, "city") == 0) { + return (dns_geoip_city_countryname); + } else if (strcasecmp(dbname, "country") == 0) { + return (dns_geoip_country_name); + } + cfg_obj_log(obj, lctx, ISC_LOG_ERROR, + "invalid database specified for " + "country search: ignored"); + return (subtype); + case dns_geoip_continentcode: + if (strcasecmp(dbname, "city") == 0) { + return (dns_geoip_city_continentcode); + } else if (strcasecmp(dbname, "country") == 0) { + return (dns_geoip_country_continentcode); + } + cfg_obj_log(obj, lctx, ISC_LOG_ERROR, + "invalid database specified for " + "continent search: ignored"); + return (subtype); + case dns_geoip_continent: + if (strcasecmp(dbname, "city") == 0) { + return (dns_geoip_city_continent); + } else if (strcasecmp(dbname, "country") == 0) { + return (dns_geoip_country_continent); + } + cfg_obj_log(obj, lctx, ISC_LOG_ERROR, + "invalid database specified for " + "continent search: ignored"); + return (subtype); + case dns_geoip_region: + if (strcasecmp(dbname, "city") == 0) { + return (dns_geoip_city_region); + } + cfg_obj_log(obj, lctx, ISC_LOG_ERROR, + "invalid database specified for " + "region/subdivision search: ignored"); + return (subtype); + case dns_geoip_regionname: + if (strcasecmp(dbname, "city") == 0) { + return (dns_geoip_city_regionname); + } + cfg_obj_log(obj, lctx, ISC_LOG_ERROR, + "invalid database specified for " + "region/subdivision search: ignored"); + return (subtype); + + /* + * Log a warning if the wrong database was specified + * on an unambiguous query + */ + case dns_geoip_city_name: + case dns_geoip_city_postalcode: + case dns_geoip_city_metrocode: + case dns_geoip_city_areacode: + case dns_geoip_city_timezonecode: + if (strcasecmp(dbname, "city") != 0) { + cfg_obj_log(obj, lctx, ISC_LOG_WARNING, + "invalid database specified for " + "a 'city'-only search type: ignoring"); + } + return (subtype); + case dns_geoip_isp_name: + if (strcasecmp(dbname, "isp") != 0) { + cfg_obj_log(obj, lctx, ISC_LOG_WARNING, + "invalid database specified for " + "an 'isp' search: ignoring"); + } + return (subtype); + case dns_geoip_org_name: + if (strcasecmp(dbname, "org") != 0) { + cfg_obj_log(obj, lctx, ISC_LOG_WARNING, + "invalid database specified for " + "an 'org' search: ignoring"); + } + return (subtype); + case dns_geoip_as_asnum: + if (strcasecmp(dbname, "asnum") != 0) { + cfg_obj_log(obj, lctx, ISC_LOG_WARNING, + "invalid database specified for " + "an 'asnum' search: ignoring"); + } + return (subtype); + case dns_geoip_domain_name: + if (strcasecmp(dbname, "domain") != 0) { + cfg_obj_log(obj, lctx, ISC_LOG_WARNING, + "invalid database specified for " + "a 'domain' search: ignoring"); + } + return (subtype); + case dns_geoip_netspeed_id: + if (strcasecmp(dbname, "netspeed") != 0) { + cfg_obj_log(obj, lctx, ISC_LOG_WARNING, + "invalid database specified for " + "a 'netspeed' search: ignoring"); + } + return (subtype); + default: + UNREACHABLE(); + } +} + +static bool +geoip_can_answer(dns_aclelement_t *elt, cfg_aclconfctx_t *ctx) { + if (ctx->geoip == NULL) { + return (true); + } + + switch (elt->geoip_elem.subtype) { + case dns_geoip_countrycode: + case dns_geoip_countryname: + case dns_geoip_continentcode: + case dns_geoip_continent: + if (ctx->geoip->country != NULL || ctx->geoip->city != NULL) { + return (true); + } + break; + case dns_geoip_country_code: + case dns_geoip_country_name: + case dns_geoip_country_continentcode: + case dns_geoip_country_continent: + if (ctx->geoip->country != NULL) { + return (true); + } + /* city db can answer these too, so: */ + FALLTHROUGH; + case dns_geoip_region: + case dns_geoip_regionname: + case dns_geoip_city_countrycode: + case dns_geoip_city_countryname: + case dns_geoip_city_region: + case dns_geoip_city_regionname: + case dns_geoip_city_name: + case dns_geoip_city_postalcode: + case dns_geoip_city_metrocode: + case dns_geoip_city_areacode: + case dns_geoip_city_continentcode: + case dns_geoip_city_continent: + case dns_geoip_city_timezonecode: + if (ctx->geoip->city != NULL) { + return (true); + } + break; + case dns_geoip_isp_name: + if (ctx->geoip->isp != NULL) { + return (true); + } + break; + case dns_geoip_as_asnum: + case dns_geoip_org_name: + if (ctx->geoip->as != NULL) { + return (true); + } + break; + case dns_geoip_domain_name: + if (ctx->geoip->domain != NULL) { + return (true); + } + break; + default: + break; + } + + return (false); +} + +static isc_result_t +parse_geoip_element(const cfg_obj_t *obj, isc_log_t *lctx, + cfg_aclconfctx_t *ctx, dns_aclelement_t *dep) { + const cfg_obj_t *ge; + const char *dbname = NULL; + const char *stype = NULL, *search = NULL; + dns_geoip_subtype_t subtype; + dns_aclelement_t de; + size_t len; + + REQUIRE(dep != NULL); + + de = *dep; + + ge = cfg_tuple_get(obj, "db"); + if (!cfg_obj_isvoid(ge)) { + int i; + + dbname = cfg_obj_asstring(ge); + + for (i = 0; geoip_dbnames[i] != NULL; i++) { + if (strcasecmp(dbname, geoip_dbnames[i]) == 0) { + break; + } + } + if (geoip_dbnames[i] == NULL) { + cfg_obj_log(obj, lctx, ISC_LOG_ERROR, + "database '%s' is not defined for GeoIP2", + dbname); + return (ISC_R_UNEXPECTED); + } + } + + stype = cfg_obj_asstring(cfg_tuple_get(obj, "subtype")); + search = cfg_obj_asstring(cfg_tuple_get(obj, "search")); + len = strlen(search); + + if (len == 0) { + cfg_obj_log(obj, lctx, ISC_LOG_ERROR, + "zero-length geoip search field"); + return (ISC_R_FAILURE); + } + + if (strcasecmp(stype, "country") == 0 && len == 2) { + /* Two-letter country code */ + subtype = dns_geoip_countrycode; + strlcpy(de.geoip_elem.as_string, search, + sizeof(de.geoip_elem.as_string)); + } else if (strcasecmp(stype, "country") == 0 && len == 3) { + /* Three-letter country code */ + cfg_obj_log(obj, lctx, ISC_LOG_ERROR, + "three-letter country codes are unavailable " + "in GeoIP2 databases"); + return (ISC_R_FAILURE); + } else if (strcasecmp(stype, "country") == 0) { + /* Country name */ + subtype = dns_geoip_countryname; + strlcpy(de.geoip_elem.as_string, search, + sizeof(de.geoip_elem.as_string)); + } else if (strcasecmp(stype, "continent") == 0 && len == 2) { + /* Two-letter continent code */ + subtype = dns_geoip_continentcode; + strlcpy(de.geoip_elem.as_string, search, + sizeof(de.geoip_elem.as_string)); + } else if (strcasecmp(stype, "continent") == 0) { + subtype = dns_geoip_continent; + strlcpy(de.geoip_elem.as_string, search, + sizeof(de.geoip_elem.as_string)); + } else if ((strcasecmp(stype, "region") == 0 || + strcasecmp(stype, "subdivision") == 0) && + len == 2) + { + /* Two-letter region code */ + subtype = dns_geoip_region; + strlcpy(de.geoip_elem.as_string, search, + sizeof(de.geoip_elem.as_string)); + } else if (strcasecmp(stype, "region") == 0 || + strcasecmp(stype, "subdivision") == 0) + { + /* Region name */ + subtype = dns_geoip_regionname; + strlcpy(de.geoip_elem.as_string, search, + sizeof(de.geoip_elem.as_string)); + } else if (strcasecmp(stype, "city") == 0) { + /* City name */ + subtype = dns_geoip_city_name; + strlcpy(de.geoip_elem.as_string, search, + sizeof(de.geoip_elem.as_string)); + } else if (strcasecmp(stype, "postal") == 0 || + strcasecmp(stype, "postalcode") == 0) + { + if (len < 7) { + subtype = dns_geoip_city_postalcode; + strlcpy(de.geoip_elem.as_string, search, + sizeof(de.geoip_elem.as_string)); + } else { + cfg_obj_log(obj, lctx, ISC_LOG_ERROR, + "geoiop postal code (%s) too long", search); + return (ISC_R_FAILURE); + } + } else if (strcasecmp(stype, "metro") == 0 || + strcasecmp(stype, "metrocode") == 0) + { + subtype = dns_geoip_city_metrocode; + de.geoip_elem.as_int = atoi(search); + } else if (strcasecmp(stype, "tz") == 0 || + strcasecmp(stype, "timezone") == 0) + { + subtype = dns_geoip_city_timezonecode; + strlcpy(de.geoip_elem.as_string, search, + sizeof(de.geoip_elem.as_string)); + } else if (strcasecmp(stype, "isp") == 0) { + subtype = dns_geoip_isp_name; + strlcpy(de.geoip_elem.as_string, search, + sizeof(de.geoip_elem.as_string)); + } else if (strcasecmp(stype, "asnum") == 0) { + subtype = dns_geoip_as_asnum; + strlcpy(de.geoip_elem.as_string, search, + sizeof(de.geoip_elem.as_string)); + } else if (strcasecmp(stype, "org") == 0) { + subtype = dns_geoip_org_name; + strlcpy(de.geoip_elem.as_string, search, + sizeof(de.geoip_elem.as_string)); + } else if (strcasecmp(stype, "domain") == 0) { + subtype = dns_geoip_domain_name; + strlcpy(de.geoip_elem.as_string, search, + sizeof(de.geoip_elem.as_string)); + } else { + cfg_obj_log(obj, lctx, ISC_LOG_ERROR, + "type '%s' is unavailable " + "in GeoIP2 databases", + stype); + return (ISC_R_FAILURE); + } + + de.geoip_elem.subtype = get_subtype(obj, lctx, subtype, dbname); + + if (!geoip_can_answer(&de, ctx)) { + cfg_obj_log(obj, lctx, ISC_LOG_ERROR, + "no GeoIP2 database installed which can answer " + "queries of type '%s'", + stype); + return (ISC_R_FAILURE); + } + + *dep = de; + + return (ISC_R_SUCCESS); +} +#endif /* HAVE_GEOIP2 */ + +isc_result_t +cfg_acl_fromconfig(const cfg_obj_t *caml, const cfg_obj_t *cctx, + isc_log_t *lctx, cfg_aclconfctx_t *ctx, isc_mem_t *mctx, + unsigned int nest_level, dns_acl_t **target) { + return (cfg_acl_fromconfig2(caml, cctx, lctx, ctx, mctx, nest_level, 0, + target)); +} + +isc_result_t +cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx, + isc_log_t *lctx, cfg_aclconfctx_t *ctx, isc_mem_t *mctx, + unsigned int nest_level, uint16_t family, + dns_acl_t **target) { + isc_result_t result; + dns_acl_t *dacl = NULL, *inneracl = NULL; + dns_aclelement_t *de; + const cfg_listelt_t *elt; + dns_iptable_t *iptab; + int new_nest_level = 0; + bool setpos; + + if (nest_level != 0) { + new_nest_level = nest_level - 1; + } + + REQUIRE(ctx != NULL); + REQUIRE(target != NULL); + REQUIRE(*target == NULL || DNS_ACL_VALID(*target)); + + if (*target != NULL) { + /* + * If target already points to an ACL, then we're being + * called recursively to configure a nested ACL. The + * nested ACL's contents should just be absorbed into its + * parent ACL. + */ + dns_acl_attach(*target, &dacl); + dns_acl_detach(target); + } else { + /* + * Need to allocate a new ACL structure. Count the items + * in the ACL definition that will require space in the + * elements table. (Note that if nest_level is nonzero, + * *everything* goes in the elements table.) + */ + uint32_t nelem; + + if (nest_level == 0) { + result = count_acl_elements(caml, cctx, lctx, ctx, mctx, + &nelem, NULL); + if (result != ISC_R_SUCCESS) { + return (result); + } + } else { + nelem = cfg_list_length(caml, false); + } + + result = dns_acl_create(mctx, nelem, &dacl); + if (result != ISC_R_SUCCESS) { + return (result); + } + } + + de = dacl->elements; + for (elt = cfg_list_first(caml); elt != NULL; elt = cfg_list_next(elt)) + { + const cfg_obj_t *ce = cfg_listelt_value(elt); + bool neg = false; + + INSIST(dacl->length <= dacl->alloc); + + if (cfg_obj_istuple(ce)) { + /* Might be a negated element */ + const cfg_obj_t *negated = cfg_tuple_get(ce, "negated"); + if (!cfg_obj_isvoid(negated)) { + neg = true; + dacl->has_negatives = true; + ce = negated; + } + } + + /* + * If nest_level is nonzero, then every element is + * to be stored as a separate, nested ACL rather than + * merged into the main iptable. + */ + iptab = dacl->iptable; + + if (nest_level != 0) { + result = dns_acl_create(mctx, + cfg_list_length(ce, false), + &de->nestedacl); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + iptab = de->nestedacl->iptable; + } + + if (cfg_obj_isnetprefix(ce)) { + /* Network prefix */ + isc_netaddr_t addr; + unsigned int bitlen; + + cfg_obj_asnetprefix(ce, &addr, &bitlen); + if (family != 0 && family != addr.family) { + char buf[ISC_NETADDR_FORMATSIZE + 1]; + isc_netaddr_format(&addr, buf, sizeof(buf)); + cfg_obj_log(ce, lctx, ISC_LOG_WARNING, + "'%s': incorrect address family; " + "ignoring", + buf); + if (nest_level != 0) { + dns_acl_detach(&de->nestedacl); + } + continue; + } + result = isc_netaddr_prefixok(&addr, bitlen); + if (result != ISC_R_SUCCESS) { + char buf[ISC_NETADDR_FORMATSIZE + 1]; + isc_netaddr_format(&addr, buf, sizeof(buf)); + cfg_obj_log(ce, lctx, ISC_LOG_ERROR, + "'%s/%u': address/prefix length " + "mismatch", + buf, bitlen); + goto cleanup; + } + + /* + * If nesting ACLs (nest_level != 0), we negate + * the nestedacl element, not the iptable entry. + */ + setpos = (nest_level != 0 || !neg); + result = dns_iptable_addprefix(iptab, &addr, bitlen, + setpos); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + + if (nest_level > 0) { + INSIST(dacl->length < dacl->alloc); + de->type = dns_aclelementtype_nestedacl; + de->negative = neg; + } else { + continue; + } + } else if (cfg_obj_islist(ce)) { + /* + * If we're nesting ACLs, put the nested + * ACL onto the elements list; otherwise + * merge it into *this* ACL. We nest ACLs + * in two cases: 1) sortlist, 2) if the + * nested ACL contains negated members. + */ + if (inneracl != NULL) { + dns_acl_detach(&inneracl); + } + result = cfg_acl_fromconfig(ce, cctx, lctx, ctx, mctx, + new_nest_level, &inneracl); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + nested_acl: + if (nest_level > 0 || inneracl->has_negatives) { + INSIST(dacl->length < dacl->alloc); + de->type = dns_aclelementtype_nestedacl; + de->negative = neg; + if (de->nestedacl != NULL) { + dns_acl_detach(&de->nestedacl); + } + dns_acl_attach(inneracl, &de->nestedacl); + dns_acl_detach(&inneracl); + /* Fall through. */ + } else { + INSIST(dacl->length + inneracl->length <= + dacl->alloc); + dns_acl_merge(dacl, inneracl, !neg); + de += inneracl->length; /* elements added */ + dns_acl_detach(&inneracl); + INSIST(dacl->length <= dacl->alloc); + continue; + } + } else if (cfg_obj_istype(ce, &cfg_type_keyref)) { + /* Key name. */ + INSIST(dacl->length < dacl->alloc); + de->type = dns_aclelementtype_keyname; + de->negative = neg; + dns_name_init(&de->keyname, NULL); + result = convert_keyname(ce, lctx, mctx, &de->keyname); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } +#if defined(HAVE_GEOIP2) + } else if (cfg_obj_istuple(ce) && + cfg_obj_isvoid(cfg_tuple_get(ce, "negated"))) + { + INSIST(dacl->length < dacl->alloc); + result = parse_geoip_element(ce, lctx, ctx, de); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + de->type = dns_aclelementtype_geoip; + de->negative = neg; +#endif /* HAVE_GEOIP2 */ + } else if (cfg_obj_isstring(ce)) { + /* ACL name. */ + const char *name = cfg_obj_asstring(ce); + if (strcasecmp(name, "any") == 0) { + /* Iptable entry with zero bit length. */ + setpos = (nest_level != 0 || !neg); + result = dns_iptable_addprefix(iptab, NULL, 0, + setpos); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + + if (nest_level != 0) { + INSIST(dacl->length < dacl->alloc); + de->type = dns_aclelementtype_nestedacl; + de->negative = neg; + } else { + continue; + } + } else if (strcasecmp(name, "none") == 0) { + /* none == !any */ + /* + * We don't unconditional set + * dacl->has_negatives and + * de->negative to true so we can handle + * "!none;". + */ + setpos = (nest_level != 0 || neg); + result = dns_iptable_addprefix(iptab, NULL, 0, + setpos); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + + if (!neg) { + dacl->has_negatives = !neg; + } + + if (nest_level != 0) { + INSIST(dacl->length < dacl->alloc); + de->type = dns_aclelementtype_nestedacl; + de->negative = !neg; + } else { + continue; + } + } else if (strcasecmp(name, "localhost") == 0) { + INSIST(dacl->length < dacl->alloc); + de->type = dns_aclelementtype_localhost; + de->negative = neg; + } else if (strcasecmp(name, "localnets") == 0) { + INSIST(dacl->length < dacl->alloc); + de->type = dns_aclelementtype_localnets; + de->negative = neg; + } else { + if (inneracl != NULL) { + dns_acl_detach(&inneracl); + } + /* + * This call should just find the cached + * of the named acl. + */ + result = convert_named_acl(ce, cctx, lctx, ctx, + mctx, new_nest_level, + &inneracl); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + + goto nested_acl; + } + } else { + cfg_obj_log(ce, lctx, ISC_LOG_WARNING, + "address match list contains " + "unsupported element type"); + result = ISC_R_FAILURE; + goto cleanup; + } + + /* + * This should only be reached for localhost, localnets + * and keyname elements, and nested ACLs if nest_level is + * nonzero (i.e., in sortlists). + */ + if (de->nestedacl != NULL && + de->type != dns_aclelementtype_nestedacl) + { + dns_acl_detach(&de->nestedacl); + } + + dns_acl_node_count(dacl)++; + de->node_num = dns_acl_node_count(dacl); + + dacl->length++; + de++; + INSIST(dacl->length <= dacl->alloc); + } + + dns_acl_attach(dacl, target); + result = ISC_R_SUCCESS; + +cleanup: + if (inneracl != NULL) { + dns_acl_detach(&inneracl); + } + dns_acl_detach(&dacl); + return (result); +} diff --git a/lib/isccfg/dnsconf.c b/lib/isccfg/dnsconf.c new file mode 100644 index 0000000..3c69256 --- /dev/null +++ b/lib/isccfg/dnsconf.c @@ -0,0 +1,58 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +/*! \file */ + +#include +#include + +/*% + * A trusted key, as used in the "trusted-keys" statement. + */ +static cfg_tuplefielddef_t trustedkey_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "flags", &cfg_type_uint32, 0 }, + { "protocol", &cfg_type_uint32, 0 }, + { "algorithm", &cfg_type_uint32, 0 }, + { "key", &cfg_type_qstring, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_trustedkey = { "trustedkey", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, trustedkey_fields }; + +static cfg_type_t cfg_type_trustedkeys = { "trusted-keys", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_trustedkey }; + +/*% + * Clauses that can be found within the top level of the dns.conf + * file only. + */ +static cfg_clausedef_t dnsconf_clauses[] = { + { "trusted-keys", &cfg_type_trustedkeys, CFG_CLAUSEFLAG_MULTI }, + { NULL, NULL, 0 } +}; + +/*% The top-level dns.conf syntax. */ + +static cfg_clausedef_t *dnsconf_clausesets[] = { dnsconf_clauses, NULL }; + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_dnsconf = { + "dnsconf", cfg_parse_mapbody, cfg_print_mapbody, + cfg_doc_mapbody, &cfg_rep_map, dnsconf_clausesets +}; diff --git a/lib/isccfg/include/.clang-format b/lib/isccfg/include/.clang-format new file mode 120000 index 0000000..0e62f72 --- /dev/null +++ b/lib/isccfg/include/.clang-format @@ -0,0 +1 @@ +../../../.clang-format.headers \ No newline at end of file diff --git a/lib/isccfg/include/Makefile.in b/lib/isccfg/include/Makefile.in new file mode 100644 index 0000000..20b0c35 --- /dev/null +++ b/lib/isccfg/include/Makefile.in @@ -0,0 +1,19 @@ +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = isccfg +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/lib/isccfg/include/isccfg/Makefile.in b/lib/isccfg/include/isccfg/Makefile.in new file mode 100644 index 0000000..208db25 --- /dev/null +++ b/lib/isccfg/include/isccfg/Makefile.in @@ -0,0 +1,42 @@ +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +VERSION=@BIND9_VERSION@ + +# +# Only list headers that are to be installed and are not +# machine generated. The latter are handled specially in the +# install target below. +# +HEADERS = aclconf.h cfg.h dnsconf.h grammar.h kaspconf.h log.h \ + namedconf.h version.h + +SUBDIRS = +TARGETS = + +@BIND9_MAKE_RULES@ + +installdirs: + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${includedir}/isccfg + +install:: installdirs + for i in ${HEADERS}; do \ + ${INSTALL_DATA} ${srcdir}/$$i ${DESTDIR}${includedir}/isccfg || exit 1; \ + done + +uninstall:: + for i in ${HEADERS}; do \ + rm -f ${DESTDIR}${includedir}/isccfg/$$i || exit 1; \ + done diff --git a/lib/isccfg/include/isccfg/aclconf.h b/lib/isccfg/include/isccfg/aclconf.h new file mode 100644 index 0000000..b0bceca --- /dev/null +++ b/lib/isccfg/include/isccfg/aclconf.h @@ -0,0 +1,94 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#ifndef ISCCFG_ACLCONF_H +#define ISCCFG_ACLCONF_H 1 + +#include + +#include + +#include +#include + +#include + +typedef struct cfg_aclconfctx { + ISC_LIST(dns_acl_t) named_acl_cache; + isc_mem_t *mctx; +#if defined(HAVE_GEOIP2) + dns_geoip_databases_t *geoip; +#endif /* if defined(HAVE_GEOIP2) */ + isc_refcount_t references; +} cfg_aclconfctx_t; + +/*** + *** Functions + ***/ + +ISC_LANG_BEGINDECLS + +isc_result_t +cfg_aclconfctx_create(isc_mem_t *mctx, cfg_aclconfctx_t **ret); +/* + * Creates and initializes an ACL configuration context. + */ + +void +cfg_aclconfctx_detach(cfg_aclconfctx_t **actxp); +/* + * Removes a reference to an ACL configuration context; when references + * reaches zero, clears the contents and deallocate the structure. + */ + +void +cfg_aclconfctx_attach(cfg_aclconfctx_t *src, cfg_aclconfctx_t **dest); +/* + * Attaches a pointer to an existing ACL configuration context. + */ + +isc_result_t +cfg_acl_fromconfig(const cfg_obj_t *caml, const cfg_obj_t *cctx, + isc_log_t *lctx, cfg_aclconfctx_t *ctx, isc_mem_t *mctx, + unsigned int nest_level, dns_acl_t **target); + +isc_result_t +cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx, + isc_log_t *lctx, cfg_aclconfctx_t *ctx, isc_mem_t *mctx, + unsigned int nest_level, uint16_t family, + dns_acl_t **target); +/* + * Construct a new dns_acl_t from configuration data in 'caml' and + * 'cctx'. Memory is allocated through 'mctx'. + * + * Any named ACLs referred to within 'caml' will be be converted + * into nested dns_acl_t objects. Multiple references to the same + * named ACLs will be converted into shared references to a single + * nested dns_acl_t object when the referring objects were created + * passing the same ACL configuration context 'ctx'. + * + * cfg_acl_fromconfig() is a backward-compatible version of + * cfg_acl_fromconfig2(), which allows an address family to be + * specified. If 'family' is not zero, then only addresses/prefixes + * of a matching family (AF_INET or AF_INET6) may be configured. + * + * On success, attach '*target' to the new dns_acl_t object. + * + * Require: + * 'ctx' to be non NULL. + * '*target' to be NULL or a valid dns_acl_t. + */ + +ISC_LANG_ENDDECLS + +#endif /* ISCCFG_ACLCONF_H */ diff --git a/lib/isccfg/include/isccfg/cfg.h b/lib/isccfg/include/isccfg/cfg.h new file mode 100644 index 0000000..7c460d2 --- /dev/null +++ b/lib/isccfg/include/isccfg/cfg.h @@ -0,0 +1,626 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#ifndef ISCCFG_CFG_H +#define ISCCFG_CFG_H 1 + +/***** +***** Module Info +*****/ + +/*! \file isccfg/cfg.h + * \brief + * This is the new, table-driven, YACC-free configuration file parser. + */ + +/*** + *** Imports + ***/ + +#include +#include +#include + +#include +#include +#include +#include +#include + +/*** + *** Types + ***/ + +/*% + * A configuration parser. + */ +typedef struct cfg_parser cfg_parser_t; + +/*% + * A configuration type definition object. There is a single + * static cfg_type_t object for each data type supported by + * the configuration parser. + */ +typedef struct cfg_type cfg_type_t; + +/*% + * A configuration object. This is the basic building block of the + * configuration parse tree. It contains a value (which may be + * of one of several types) and information identifying the file + * and line number the value came from, for printing error + * messages. + */ +typedef struct cfg_obj cfg_obj_t; + +/*% + * A configuration object list element. + */ +typedef struct cfg_listelt cfg_listelt_t; + +/*% + * A callback function to be called when parsing an option + * that needs to be interpreted at parsing time, like + * "directory". + */ +typedef isc_result_t (*cfg_parsecallback_t)(const char *clausename, + const cfg_obj_t *obj, void *arg); + +/*** + *** Functions + ***/ + +ISC_LANG_BEGINDECLS + +void +cfg_parser_attach(cfg_parser_t *src, cfg_parser_t **dest); +/*%< + * Reference a parser object. + */ + +isc_result_t +cfg_parser_create(isc_mem_t *mctx, isc_log_t *lctx, cfg_parser_t **ret); +/*%< + * Create a configuration file parser. Any warning and error + * messages will be logged to 'lctx'. + * + * The parser object returned can be used for a single call + * to cfg_parse_file() or cfg_parse_buffer(). It must not + * be reused for parsing multiple files or buffers. + */ + +void +cfg_parser_setflags(cfg_parser_t *pctx, unsigned int flags, bool turn_on); +/*%< + * Set parser context flags. The flags are not checked for sensibility. + * If 'turn_on' is 'true' the flags will be set, otherwise the flags will + * be cleared. + * + * Requires: + *\li "pctx" is not NULL. + */ + +void +cfg_parser_setcallback(cfg_parser_t *pctx, cfg_parsecallback_t callback, + void *arg); +/*%< + * Make the parser call 'callback' whenever it encounters + * a configuration clause with the callback attribute, + * passing it the clause name, the clause value, + * and 'arg' as arguments. + * + * To restore the default of not invoking callbacks, pass + * callback==NULL and arg==NULL. + */ + +isc_result_t +cfg_parse_file(cfg_parser_t *pctx, const char *file, const cfg_type_t *type, + cfg_obj_t **ret); + +isc_result_t +cfg_parse_buffer(cfg_parser_t *pctx, isc_buffer_t *buffer, const char *file, + unsigned int line, const cfg_type_t *type, unsigned int flags, + cfg_obj_t **ret); +/*%< + * Read a configuration containing data of type 'type' + * and make '*ret' point to its parse tree. + * + * The configuration is read from the file 'filename' + * (isc_parse_file()) or the buffer 'buffer' + * (isc_parse_buffer()). + * + * If 'file' is not NULL, it is the name of the file, or a name to use + * for the buffer in place of the filename, when logging errors. + * + * If 'line' is not 0, then it is the beginning line number to report + * when logging errors. This is useful when passing text that has been + * read from the middle of a file. + * + * Returns an error if the file or buffer does not parse correctly. + * + * Requires: + *\li "filename" is valid. + *\li "mem" is valid. + *\li "type" is valid. + *\li "cfg" is non-NULL and "*cfg" is NULL. + *\li "flags" be one or more of CFG_PCTX_NODEPRECATED or zero. + * + * Returns: + * \li #ISC_R_SUCCESS - success + *\li #ISC_R_NOMEMORY - no memory available + *\li #ISC_R_INVALIDFILE - file doesn't exist or is unreadable + *\li others - file contains errors + */ + +isc_result_t +cfg_parser_mapadd(cfg_parser_t *pctx, cfg_obj_t *mapobj, cfg_obj_t *obj, + const char *clause); +/*%< + * Add the object 'obj' to the specified clause in mapbody 'mapobj'. + * Used for adding new zones. + * + * Require: + * \li 'obj' is a valid cfg_obj_t. + * \li 'mapobj' is a valid cfg_obj_t of type map. + * \li 'pctx' is a valid cfg_parser_t. + */ + +void +cfg_parser_reset(cfg_parser_t *pctx); +/*%< + * Reset an existing parser so it can be re-used for a new file or + * buffer. + */ + +void +cfg_parser_destroy(cfg_parser_t **pctxp); +/*%< + * Remove a reference to a configuration parser; destroy it if there are no + * more references. + */ + +bool +cfg_obj_isvoid(const cfg_obj_t *obj); +/*%< + * Return true iff 'obj' is of void type (e.g., an optional + * value not specified). + */ + +bool +cfg_obj_ismap(const cfg_obj_t *obj); +/*%< + * Return true iff 'obj' is of a map type. + */ + +bool +cfg_obj_isfixedpoint(const cfg_obj_t *obj); +/*%< + * Return true iff 'obj' is of a fixedpoint type. + */ + +bool +cfg_obj_ispercentage(const cfg_obj_t *obj); +/*%< + * Return true iff 'obj' is of a percentage type. + */ + +isc_result_t +cfg_map_get(const cfg_obj_t *mapobj, const char *name, const cfg_obj_t **obj); +/*%< + * Extract an element from a configuration object, which + * must be of a map type. + * + * Requires: + * \li 'mapobj' points to a valid configuration object of a map type. + * \li 'name' points to a null-terminated string. + * \li 'obj' is non-NULL and '*obj' is NULL. + * + * Returns: + * \li #ISC_R_SUCCESS - success + * \li #ISC_R_NOTFOUND - name not found in map + */ + +const cfg_obj_t * +cfg_map_getname(const cfg_obj_t *mapobj); +/*%< + * Get the name of a named map object, like a server "key" clause. + * + * Requires: + * \li 'mapobj' points to a valid configuration object of a map type. + * + * Returns: + * \li A pointer to a configuration object naming the map object, + * or NULL if the map object does not have a name. + */ + +unsigned int +cfg_map_count(const cfg_obj_t *mapobj); +/*%< + * Get the number of elements defined in the symbol table of a map object. + * + * Requires: + * \li 'mapobj' points to a valid configuration object of a map type. + * + * Returns: + * \li The number of elements in the map object. + */ + +bool +cfg_obj_istuple(const cfg_obj_t *obj); +/*%< + * Return true iff 'obj' is of a map type. + */ + +const cfg_obj_t * +cfg_tuple_get(const cfg_obj_t *tupleobj, const char *name); +/*%< + * Extract an element from a configuration object, which + * must be of a tuple type. + * + * Requires: + * \li 'tupleobj' points to a valid configuration object of a tuple type. + * \li 'name' points to a null-terminated string naming one of the + *\li fields of said tuple type. + */ + +bool +cfg_obj_isuint32(const cfg_obj_t *obj); +/*%< + * Return true iff 'obj' is of integer type. + */ + +uint32_t +cfg_obj_asuint32(const cfg_obj_t *obj); +/*%< + * Returns the value of a configuration object of 32-bit integer type. + * + * Requires: + * \li 'obj' points to a valid configuration object of 32-bit integer type. + * + * Returns: + * \li A 32-bit unsigned integer. + */ + +bool +cfg_obj_isuint64(const cfg_obj_t *obj); +/*%< + * Return true iff 'obj' is of integer type. + */ + +uint64_t +cfg_obj_asuint64(const cfg_obj_t *obj); +/*%< + * Returns the value of a configuration object of 64-bit integer type. + * + * Requires: + * \li 'obj' points to a valid configuration object of 64-bit integer type. + * + * Returns: + * \li A 64-bit unsigned integer. + */ + +uint32_t +cfg_obj_asfixedpoint(const cfg_obj_t *obj); +/*%< + * Returns the value of a configuration object of fixed point number. + * + * Requires: + * \li 'obj' points to a valid configuration object of fixed point type. + * + * Returns: + * \li A 32-bit unsigned integer. + */ + +uint32_t +cfg_obj_aspercentage(const cfg_obj_t *obj); +/*%< + * Returns the value of a configuration object of percentage + * + * Requires: + * \li 'obj' points to a valid configuration object of percentage type. + * + * Returns: + * \li A 32-bit unsigned integer. + */ + +bool +cfg_obj_isduration(const cfg_obj_t *obj); +/*%< + * Return true iff 'obj' is of duration type. + */ + +uint32_t +cfg_obj_asduration(const cfg_obj_t *obj); +/*%< + * Returns the value of a configuration object of duration + * + * Requires: + * \li 'obj' points to a valid configuration object of duration type. + * + * Returns: + * \li A duration in seconds. + */ + +bool +cfg_obj_isstring(const cfg_obj_t *obj); +/*%< + * Return true iff 'obj' is of string type. + */ + +const char * +cfg_obj_asstring(const cfg_obj_t *obj); +/*%< + * Returns the value of a configuration object of a string type + * as a null-terminated string. + * + * Requires: + * \li 'obj' points to a valid configuration object of a string type. + * + * Returns: + * \li A pointer to a null terminated string. + */ + +bool +cfg_obj_isboolean(const cfg_obj_t *obj); +/*%< + * Return true iff 'obj' is of a boolean type. + */ + +bool +cfg_obj_asboolean(const cfg_obj_t *obj); +/*%< + * Returns the value of a configuration object of a boolean type. + * + * Requires: + * \li 'obj' points to a valid configuration object of a boolean type. + * + * Returns: + * \li A boolean value. + */ + +bool +cfg_obj_issockaddr(const cfg_obj_t *obj); +/*%< + * Return true iff 'obj' is a socket address. + */ + +const isc_sockaddr_t * +cfg_obj_assockaddr(const cfg_obj_t *obj); +/*%< + * Returns the value of a configuration object representing a socket address. + * + * Requires: + * \li 'obj' points to a valid configuration object of a socket address + * type. + * + * Returns: + * \li A pointer to a sockaddr. The sockaddr must be copied by the caller + * if necessary. + */ + +isc_dscp_t +cfg_obj_getdscp(const cfg_obj_t *obj); +/*%< + * Returns the DSCP value of a configuration object representing a + * socket address. + * + * Requires: + * \li 'obj' points to a valid configuration object of a + * socket address type. + * + * Returns: + * \li DSCP value associated with a sockaddr, or -1. + */ + +bool +cfg_obj_isnetprefix(const cfg_obj_t *obj); +/*%< + * Return true iff 'obj' is a network prefix. + */ + +void +cfg_obj_asnetprefix(const cfg_obj_t *obj, isc_netaddr_t *netaddr, + unsigned int *prefixlen); +/*%< + * Gets the value of a configuration object representing a network + * prefix. The network address is returned through 'netaddr' and the + * prefix length in bits through 'prefixlen'. + * + * Requires: + * \li 'obj' points to a valid configuration object of network prefix type. + *\li 'netaddr' and 'prefixlen' are non-NULL. + */ + +bool +cfg_obj_islist(const cfg_obj_t *obj); +/*%< + * Return true iff 'obj' is of list type. + */ + +const cfg_listelt_t * +cfg_list_first(const cfg_obj_t *obj); +/*%< + * Returns the first list element in a configuration object of a list type. + * + * Requires: + * \li 'obj' points to a valid configuration object of a list type or NULL. + * + * Returns: + * \li A pointer to a cfg_listelt_t representing the first list element, + * or NULL if the list is empty or nonexistent. + */ + +const cfg_listelt_t * +cfg_list_next(const cfg_listelt_t *elt); +/*%< + * Returns the next element of a list of configuration objects. + * + * Requires: + * \li 'elt' points to cfg_listelt_t obtained from cfg_list_first() or + * a previous call to cfg_list_next(). + * + * Returns: + * \li A pointer to a cfg_listelt_t representing the next element, + * or NULL if there are no more elements. + */ + +unsigned int +cfg_list_length(const cfg_obj_t *obj, bool recurse); +/*%< + * Returns the length of a list of configure objects. If obj is + * not a list, returns 0. If recurse is true, add in the length of + * all contained lists. + */ + +cfg_obj_t * +cfg_listelt_value(const cfg_listelt_t *elt); +/*%< + * Returns the configuration object associated with cfg_listelt_t. + * + * Requires: + * \li 'elt' points to cfg_listelt_t obtained from cfg_list_first() or + * cfg_list_next(). + * + * Returns: + * \li A non-NULL pointer to a configuration object. + */ + +void +cfg_print(const cfg_obj_t *obj, + void (*f)(void *closure, const char *text, int textlen), + void *closure); +void +cfg_printx(const cfg_obj_t *obj, unsigned int flags, + void (*f)(void *closure, const char *text, int textlen), + void *closure); + +#define CFG_PRINTER_XKEY 0x1 /* '?' out shared keys. */ +#define CFG_PRINTER_ONELINE 0x2 /* print config as a single line */ +#define CFG_PRINTER_ACTIVEONLY \ + 0x4 /* print only active configuration \ + * options, omitting ancient, \ + * obsolete, nonimplemented, \ + * and test-only options. */ + +/*%< + * Print the configuration object 'obj' by repeatedly calling the + * function 'f', passing 'closure' and a region of text starting + * at 'text' and comprising 'textlen' characters. + * + * If CFG_PRINTER_XKEY the contents of shared keys will be obscured + * by replacing them with question marks ('?') + */ + +void +cfg_print_grammar(const cfg_type_t *type, unsigned int flags, + void (*f)(void *closure, const char *text, int textlen), + void *closure); +/*%< + * Print a summary of the grammar of the configuration type 'type'. + */ + +bool +cfg_obj_istype(const cfg_obj_t *obj, const cfg_type_t *type); +/*%< + * Return true iff 'obj' is of type 'type'. + */ + +void +cfg_obj_attach(cfg_obj_t *src, cfg_obj_t **dest); +/*%< + * Reference a configuration object. + */ + +void +cfg_obj_destroy(cfg_parser_t *pctx, cfg_obj_t **obj); +/*%< + * Delete a reference to a configuration object; destroy the object if + * there are no more references. + * + * Require: + * \li '*obj' is a valid cfg_obj_t. + * \li 'pctx' is a valid cfg_parser_t. + */ + +void +cfg_obj_log(const cfg_obj_t *obj, isc_log_t *lctx, int level, const char *fmt, + ...) ISC_FORMAT_PRINTF(4, 5); +/*%< + * Log a message concerning configuration object 'obj' to the logging + * channel of 'pctx', at log level 'level'. The message will be prefixed + * with the file name(s) and line number where 'obj' was defined. + */ + +const char * +cfg_obj_file(const cfg_obj_t *obj); +/*%< + * Return the file that defined this object. + */ + +unsigned int +cfg_obj_line(const cfg_obj_t *obj); +/*%< + * Return the line in file where this object was defined. + */ + +const char * +cfg_map_firstclause(const cfg_type_t *map, const void **clauses, + unsigned int *idx); +const char * +cfg_map_nextclause(const cfg_type_t *map, const void **clauses, + unsigned int *idx); + +typedef isc_result_t(pluginlist_cb_t)(const cfg_obj_t *config, + const cfg_obj_t *obj, + const char *plugin_path, + const char *parameters, + void *callback_data); +/*%< + * Function prototype for the callback used with cfg_pluginlist_foreach(). + * Called once for each element of the list passed to cfg_pluginlist_foreach(). + * If this callback returns anything else than #ISC_R_SUCCESS, no further list + * elements will be processed. + * + * \li 'config' - the 'config' object passed to cfg_pluginlist_foreach() + * \li 'obj' - object representing the specific "plugin" stanza to be processed + * \li 'plugin_path' - path to the shared object with plugin code + * \li 'parameters' - configuration text for the plugin + * \li 'callback_data' - the pointer passed to cfg_pluginlist_foreach() + */ + +isc_result_t +cfg_pluginlist_foreach(const cfg_obj_t *config, const cfg_obj_t *list, + isc_log_t *lctx, pluginlist_cb_t *callback, + void *callback_data); +/*%< + * For every "plugin" stanza present in 'list' (which in turn is a part of + * 'config'), invoke the given 'callback', passing 'callback_data' to it along + * with a fixed set of arguments (see the definition of the #pluginlist_cb_t + * type). Use logging context 'lctx' for logging error messages. Interrupt + * processing if 'callback' returns something else than #ISC_R_SUCCESS for any + * element of 'list'. + * + * Requires: + * + * \li 'config' is not NULL + * \li 'callback' is not NULL + * + * Returns: + * + * \li #ISC_R_SUCCESS if 'callback' returned #ISC_R_SUCCESS for all elements of + * 'list' + * \li first 'callback' return value which was not #ISC_R_SUCCESS otherwise + */ + +ISC_LANG_ENDDECLS + +#endif /* ISCCFG_CFG_H */ diff --git a/lib/isccfg/include/isccfg/dnsconf.h b/lib/isccfg/include/isccfg/dnsconf.h new file mode 100644 index 0000000..5050b70 --- /dev/null +++ b/lib/isccfg/include/isccfg/dnsconf.h @@ -0,0 +1,30 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#ifndef ISCCFG_DNSCONF_H +#define ISCCFG_DNSCONF_H 1 + +/*! \file + * \brief + * This module defines the named.conf, rndc.conf, and rndc.key grammars. + */ + +#include + +/* + * Configuration object types. + */ +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_dnsconf; +/*%< A complete dns.conf file. */ + +#endif /* ISCCFG_DNSCONF_H */ diff --git a/lib/isccfg/include/isccfg/grammar.h b/lib/isccfg/include/isccfg/grammar.h new file mode 100644 index 0000000..0bc40e0 --- /dev/null +++ b/lib/isccfg/include/isccfg/grammar.h @@ -0,0 +1,620 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#ifndef ISCCFG_GRAMMAR_H +#define ISCCFG_GRAMMAR_H 1 + +/*! \file isccfg/grammar.h */ + +#include +#include + +#include +#include +#include +#include +#include + +#include + +/* + * Definitions shared between the configuration parser + * and the grammars; not visible to users of the parser. + */ + +/*% Clause may occur multiple times (e.g., "zone") */ +#define CFG_CLAUSEFLAG_MULTI 0x00000001 +/*% Clause is obsolete (logs a warning, but is not a fatal error) */ +#define CFG_CLAUSEFLAG_OBSOLETE 0x00000002 +/*% Clause is not implemented, and may never be */ +#define CFG_CLAUSEFLAG_NOTIMP 0x00000004 +/*% Clause is not implemented yet */ +#define CFG_CLAUSEFLAG_NYI 0x00000008 +/*% Default value has changed since earlier release */ +#define CFG_CLAUSEFLAG_NEWDEFAULT 0x00000010 +/*% + * Clause needs to be interpreted during parsing + * by calling a callback function, like the + * "directory" option. + */ +#define CFG_CLAUSEFLAG_CALLBACK 0x00000020 +/*% A option that is only used in testing. */ +#define CFG_CLAUSEFLAG_TESTONLY 0x00000040 +/*% A configuration option that was not configured at compile time. */ +#define CFG_CLAUSEFLAG_NOTCONFIGURED 0x00000080 +/*% A option for a experimental feature. */ +#define CFG_CLAUSEFLAG_EXPERIMENTAL 0x00000100 +/*% A configuration option that is ineffective due to + * compile time options, but is harmless. */ +#define CFG_CLAUSEFLAG_NOOP 0x00000200 +/*% Clause will be obsolete in a future release (logs a warning) */ +#define CFG_CLAUSEFLAG_DEPRECATED 0x00000400 +/*% Clause has been obsolete so long that it's now a fatal error */ +#define CFG_CLAUSEFLAG_ANCIENT 0x00000800 + +/*% + * Zone types for which a clause is valid: + * These share space with CFG_CLAUSEFLAG values, but count + * down from the top. + */ +#define CFG_ZONE_PRIMARY 0x80000000 +#define CFG_ZONE_SECONDARY 0x40000000 +#define CFG_ZONE_STUB 0x20000000 +#define CFG_ZONE_HINT 0x10000000 +#define CFG_ZONE_FORWARD 0x08000000 +#define CFG_ZONE_STATICSTUB 0x04000000 +#define CFG_ZONE_REDIRECT 0x02000000 +#define CFG_ZONE_DELEGATION 0x01000000 +#define CFG_ZONE_INVIEW 0x00800000 +#define CFG_ZONE_MIRROR 0x00400000 + +typedef struct cfg_clausedef cfg_clausedef_t; +typedef struct cfg_tuplefielddef cfg_tuplefielddef_t; +typedef struct cfg_printer cfg_printer_t; +typedef ISC_LIST(cfg_listelt_t) cfg_list_t; +typedef struct cfg_map cfg_map_t; +typedef struct cfg_rep cfg_rep_t; +typedef struct cfg_duration cfg_duration_t; + +#define CFG_DURATION_MAXLEN 80 + +/* + * Function types for configuration object methods + */ + +typedef isc_result_t (*cfg_parsefunc_t)(cfg_parser_t *, const cfg_type_t *type, + cfg_obj_t **); +typedef void (*cfg_printfunc_t)(cfg_printer_t *, const cfg_obj_t *); +typedef void (*cfg_docfunc_t)(cfg_printer_t *, const cfg_type_t *); +typedef void (*cfg_freefunc_t)(cfg_parser_t *, cfg_obj_t *); + +/* + * Structure definitions + */ + +/*% + * A configuration printer object. This is an abstract + * interface to a destination to which text can be printed + * by calling the function 'f'. + */ +struct cfg_printer { + void (*f)(void *closure, const char *text, int textlen); + void *closure; + int indent; + int flags; +}; + +/*% A clause definition. */ +struct cfg_clausedef { + const char *name; + cfg_type_t *type; + unsigned int flags; +}; + +/*% A tuple field definition. */ +struct cfg_tuplefielddef { + const char *name; + cfg_type_t *type; + unsigned int flags; +}; + +/*% A configuration object type definition. */ +struct cfg_type { + const char *name; /*%< For debugging purposes only */ + cfg_parsefunc_t parse; + cfg_printfunc_t print; + cfg_docfunc_t doc; /*%< Print grammar description */ + cfg_rep_t *rep; /*%< Data representation */ + const void *of; /*%< Additional data for meta-types */ +}; + +/*% A keyword-type definition, for things like "port ". */ +typedef struct { + const char *name; + const cfg_type_t *type; +} keyword_type_t; + +struct cfg_map { + cfg_obj_t *id; /*%< Used for 'named maps' like + * keys, zones, &c */ + const cfg_clausedef_t *const *clausesets; /*%< The clauses that + * can occur in this map; + * used for printing */ + isc_symtab_t *symtab; +}; + +typedef struct cfg_netprefix cfg_netprefix_t; + +struct cfg_netprefix { + isc_netaddr_t address; /* IP4/IP6 */ + unsigned int prefixlen; +}; + +/*% + * A configuration object to store ISO 8601 durations. + */ +struct cfg_duration { + /* + * The duration is stored in multiple parts: + * [0] Years + * [1] Months + * [2] Weeks + * [3] Days + * [4] Hours + * [5] Minutes + * [6] Seconds + */ + uint32_t parts[7]; + bool iso8601; + bool unlimited; +}; + +/*% + * A configuration data representation. + */ +struct cfg_rep { + const char *name; /*%< For debugging only */ + cfg_freefunc_t free; /*%< How to free this kind of data. */ +}; + +/*% + * A configuration object. This is the main building block + * of the configuration parse tree. + */ + +struct cfg_obj { + const cfg_type_t *type; + union { + uint32_t uint32; + uint64_t uint64; + isc_textregion_t string; /*%< null terminated, too */ + bool boolean; + cfg_map_t map; + cfg_list_t list; + cfg_obj_t **tuple; + isc_sockaddr_t sockaddr; + struct { + isc_sockaddr_t sockaddr; + isc_dscp_t dscp; + } sockaddrdscp; + cfg_netprefix_t netprefix; + cfg_duration_t duration; + } value; + isc_refcount_t references; /*%< reference counter */ + const char *file; + unsigned int line; + cfg_parser_t *pctx; +}; + +/*% A list element. */ +struct cfg_listelt { + cfg_obj_t *obj; + ISC_LINK(cfg_listelt_t) link; +}; + +/*% The parser object. */ +struct cfg_parser { + isc_mem_t *mctx; + isc_log_t *lctx; + isc_lex_t *lexer; + unsigned int errors; + unsigned int warnings; + isc_token_t token; + + /*% We are at the end of all input. */ + bool seen_eof; + + /*% The current token has been pushed back. */ + bool ungotten; + + /*% + * The stack of currently active files, represented + * as a configuration list of configuration strings. + * The head is the top-level file, subsequent elements + * (if any) are the nested include files, and the + * last element is the file currently being parsed. + */ + cfg_obj_t *open_files; + + /*% + * Names of files that we have parsed and closed + * and were previously on the open_file list. + * We keep these objects around after closing + * the files because the file names may still be + * referenced from other configuration objects + * for use in reporting semantic errors after + * parsing is complete. + */ + cfg_obj_t *closed_files; + + /*% + * Name of a buffer being parsed; used only for + * logging. + */ + char const *buf_name; + + /*% + * Current line number. We maintain our own + * copy of this so that it is available even + * when a file has just been closed. + */ + unsigned int line; + + /*% + * Parser context flags, used for maintaining state + * from one token to the next. + */ + unsigned int flags; + + /*%< Reference counter */ + isc_refcount_t references; + + cfg_parsecallback_t callback; + void *callbackarg; +}; + +/* Parser context flags */ +#define CFG_PCTX_SKIP 0x1 +#define CFG_PCTX_NODEPRECATED 0x2 + +/*@{*/ +/*% + * Flags defining whether to accept certain types of network addresses. + */ +#define CFG_ADDR_V4OK 0x00000001 +#define CFG_ADDR_V4PREFIXOK 0x00000002 +#define CFG_ADDR_V6OK 0x00000004 +#define CFG_ADDR_WILDOK 0x00000008 +#define CFG_ADDR_DSCPOK 0x00000010 +#define CFG_ADDR_MASK (CFG_ADDR_V6OK | CFG_ADDR_V4OK) +/*@}*/ + +/*@{*/ +/*% + * Predefined data representation types. + */ +LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_uint32; +LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_uint64; +LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_string; +LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_boolean; +LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_map; +LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_list; +LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_tuple; +LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_sockaddr; +LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_netprefix; +LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_void; +LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_fixedpoint; +LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_percentage; +LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_duration; +/*@}*/ + +/*@{*/ +/*% + * Predefined configuration object types. + */ +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_boolean; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_uint32; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_uint64; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_qstring; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_astring; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_ustring; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_sstring; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_bracketed_aml; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_bracketed_text; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_optional_bracketed_text; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_keyref; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_sockaddr; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_sockaddrdscp; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr4; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr4wild; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr6; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr6wild; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netprefix; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_void; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_token; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_unsupported; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_fixedpoint; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_percentage; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_duration; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_duration_or_unlimited; +/*@}*/ + +isc_result_t +cfg_gettoken(cfg_parser_t *pctx, int options); + +isc_result_t +cfg_peektoken(cfg_parser_t *pctx, int options); + +void +cfg_ungettoken(cfg_parser_t *pctx); + +#define CFG_LEXOPT_QSTRING (ISC_LEXOPT_QSTRING | ISC_LEXOPT_QSTRINGMULTILINE) + +isc_result_t +cfg_create_obj(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **objp); + +void +cfg_print_rawuint(cfg_printer_t *pctx, unsigned int u); + +isc_result_t +cfg_parse_uint32(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +void +cfg_print_uint32(cfg_printer_t *pctx, const cfg_obj_t *obj); + +void +cfg_print_uint64(cfg_printer_t *pctx, const cfg_obj_t *obj); + +isc_result_t +cfg_parse_qstring(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +void +cfg_print_ustring(cfg_printer_t *pctx, const cfg_obj_t *obj); + +isc_result_t +cfg_parse_astring(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +isc_result_t +cfg_parse_sstring(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +isc_result_t +cfg_parse_rawaddr(cfg_parser_t *pctx, unsigned int flags, isc_netaddr_t *na); + +void +cfg_print_rawaddr(cfg_printer_t *pctx, const isc_netaddr_t *na); + +bool +cfg_lookingat_netaddr(cfg_parser_t *pctx, unsigned int flags); + +isc_result_t +cfg_parse_rawport(cfg_parser_t *pctx, unsigned int flags, in_port_t *port); + +isc_result_t +cfg_parse_dscp(cfg_parser_t *pctx, isc_dscp_t *dscp); + +isc_result_t +cfg_parse_sockaddr(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +isc_result_t +cfg_parse_boolean(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +void +cfg_print_sockaddr(cfg_printer_t *pctx, const cfg_obj_t *obj); + +void +cfg_print_boolean(cfg_printer_t *pctx, const cfg_obj_t *obj); + +void +cfg_doc_sockaddr(cfg_printer_t *pctx, const cfg_type_t *type); + +isc_result_t +cfg_parse_netprefix(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret); + +isc_result_t +cfg_parse_special(cfg_parser_t *pctx, int special); +/*%< Parse a required special character 'special'. */ + +isc_result_t +cfg_create_tuple(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **objp); + +isc_result_t +cfg_parse_tuple(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +void +cfg_print_tuple(cfg_printer_t *pctx, const cfg_obj_t *obj); + +void +cfg_doc_tuple(cfg_printer_t *pctx, const cfg_type_t *type); + +isc_result_t +cfg_create_list(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **objp); + +isc_result_t +cfg_parse_listelt(cfg_parser_t *pctx, const cfg_type_t *elttype, + cfg_listelt_t **ret); + +isc_result_t +cfg_parse_bracketed_list(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret); + +void +cfg_print_bracketed_list(cfg_printer_t *pctx, const cfg_obj_t *obj); + +void +cfg_doc_bracketed_list(cfg_printer_t *pctx, const cfg_type_t *type); + +isc_result_t +cfg_parse_spacelist(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret); + +void +cfg_print_spacelist(cfg_printer_t *pctx, const cfg_obj_t *obj); + +isc_result_t +cfg_parse_enum(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +void +cfg_doc_enum(cfg_printer_t *pctx, const cfg_type_t *type); + +isc_result_t +cfg_parse_enum_or_other(cfg_parser_t *pctx, const cfg_type_t *enumtype, + const cfg_type_t *othertype, cfg_obj_t **ret); + +void +cfg_doc_enum_or_other(cfg_printer_t *pctx, const cfg_type_t *enumtype, + const cfg_type_t *othertype); + +void +cfg_print_chars(cfg_printer_t *pctx, const char *text, int len); +/*%< Print 'len' characters at 'text' */ + +void +cfg_print_cstr(cfg_printer_t *pctx, const char *s); +/*%< Print the null-terminated string 's' */ + +isc_result_t +cfg_parse_map(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +isc_result_t +cfg_parse_named_map(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret); + +isc_result_t +cfg_parse_addressed_map(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret); + +isc_result_t +cfg_parse_netprefix_map(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret); + +void +cfg_print_map(cfg_printer_t *pctx, const cfg_obj_t *obj); + +void +cfg_doc_map(cfg_printer_t *pctx, const cfg_type_t *type); + +isc_result_t +cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +void +cfg_print_mapbody(cfg_printer_t *pctx, const cfg_obj_t *obj); + +void +cfg_doc_mapbody(cfg_printer_t *pctx, const cfg_type_t *type); + +isc_result_t +cfg_parse_void(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +void +cfg_print_void(cfg_printer_t *pctx, const cfg_obj_t *obj); + +void +cfg_doc_void(cfg_printer_t *pctx, const cfg_type_t *type); + +isc_result_t +cfg_parse_fixedpoint(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret); + +void +cfg_print_fixedpoint(cfg_printer_t *pctx, const cfg_obj_t *obj); + +isc_result_t +cfg_parse_percentage(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret); + +void +cfg_print_percentage(cfg_printer_t *pctx, const cfg_obj_t *obj); + +isc_result_t +cfg_parse_duration(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +void +cfg_print_duration(cfg_printer_t *pctx, const cfg_obj_t *obj); + +isc_result_t +cfg_parse_duration_or_unlimited(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret); + +void +cfg_print_duration_or_unlimited(cfg_printer_t *pctx, const cfg_obj_t *obj); + +isc_result_t +cfg_parse_obj(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +void +cfg_print_obj(cfg_printer_t *pctx, const cfg_obj_t *obj); + +void +cfg_doc_obj(cfg_printer_t *pctx, const cfg_type_t *type); +/*%< + * Print a description of the grammar of an arbitrary configuration + * type 'type' + */ + +void +cfg_doc_terminal(cfg_printer_t *pctx, const cfg_type_t *type); +/*%< + * Document the type 'type' as a terminal by printing its + * name in angle brackets, e.g., <uint32>. + */ + +void +cfg_parser_error(cfg_parser_t *pctx, unsigned int flags, const char *fmt, ...) + ISC_FORMAT_PRINTF(3, 4); +/*! + * Pass one of these flags to cfg_parser_error() to include the + * token text in log message. + */ +#define CFG_LOG_NEAR 0x00000001 /*%< Say "near " */ +#define CFG_LOG_BEFORE 0x00000002 /*%< Say "before " */ +#define CFG_LOG_NOPREP 0x00000004 /*%< Say just "" */ + +void +cfg_parser_warning(cfg_parser_t *pctx, unsigned int flags, const char *fmt, ...) + ISC_FORMAT_PRINTF(3, 4); + +bool +cfg_is_enum(const char *s, const char *const *enums); +/*%< Return true iff the string 's' is one of the strings in 'enums' */ + +bool +cfg_clause_validforzone(const char *name, unsigned int ztype); +/*%< + * Check whether an option is legal for the specified zone type. + */ + +void +cfg_print_zonegrammar(const unsigned int zonetype, unsigned int flags, + void (*f)(void *closure, const char *text, int textlen), + void *closure); +/*%< + * Print a summary of the grammar of the zone type represented by + * 'zonetype'. + */ + +void +cfg_print_clauseflags(cfg_printer_t *pctx, unsigned int flags); +/*%< + * Print clause flags (e.g. "obsolete", "not implemented", etc) in + * human readable form + */ + +void +cfg_print_indent(cfg_printer_t *pctx); +/*%< + * Print the necessary indent required by the current settings of 'pctx'. + */ + +#endif /* ISCCFG_GRAMMAR_H */ diff --git a/lib/isccfg/include/isccfg/kaspconf.h b/lib/isccfg/include/isccfg/kaspconf.h new file mode 100644 index 0000000..66b316f --- /dev/null +++ b/lib/isccfg/include/isccfg/kaspconf.h @@ -0,0 +1,60 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#ifndef ISCCFG_KASPCONF_H +#define ISCCFG_KASPCONF_H 1 + +#include + +#include + +#include + +/*** + *** Functions + ***/ + +ISC_LANG_BEGINDECLS + +isc_result_t +cfg_kasp_fromconfig(const cfg_obj_t *config, const char *name, isc_mem_t *mctx, + isc_log_t *logctx, dns_kasplist_t *kasplist, + dns_kasp_t **kaspp); +/*%< + * Create and configure a KASP. If 'config' is NULL, a built-in configuration + * is used, referred to by 'name'. If a 'kasplist' is provided, a lookup + * happens and if a KASP already exists with the same name, no new KASP is + * created, and no attach to 'kaspp' happens. + * + * Requires: + * + *\li 'name' is either NULL, or a valid C string. + * + *\li 'mctx' is a valid memory context. + * + *\li 'logctx' is a valid logging context. + * + *\li kaspp != NULL && *kaspp == NULL + * + * Returns: + * + *\li #ISC_R_SUCCESS If creating and configuring the KASP succeeds. + *\li #ISC_R_EXISTS If 'kasplist' already has a kasp structure with 'name'. + *\li #ISC_R_NOMEMORY + * + *\li Other errors are possible. + */ + +ISC_LANG_ENDDECLS + +#endif /* ISCCFG_KASPCONF_H */ diff --git a/lib/isccfg/include/isccfg/log.h b/lib/isccfg/include/isccfg/log.h new file mode 100644 index 0000000..62fa68f --- /dev/null +++ b/lib/isccfg/include/isccfg/log.h @@ -0,0 +1,49 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#ifndef ISCCFG_LOG_H +#define ISCCFG_LOG_H 1 + +/*! \file isccfg/log.h */ + +#include +#include + +LIBISCCFG_EXTERNAL_DATA extern isc_logcategory_t cfg_categories[]; +LIBISCCFG_EXTERNAL_DATA extern isc_logmodule_t cfg_modules[]; + +#define CFG_LOGCATEGORY_CONFIG (&cfg_categories[0]) + +#define CFG_LOGMODULE_PARSER (&cfg_modules[0]) + +ISC_LANG_BEGINDECLS + +void +cfg_log_init(isc_log_t *lctx); +/*%< + * Make the libisccfg categories and modules available for use with the + * ISC logging library. + * + * Requires: + *\li lctx is a valid logging context. + * + *\li cfg_log_init() is called only once. + * + * Ensures: + * \li The categories and modules defined above are available for + * use by isc_log_usechannnel() and isc_log_write(). + */ + +ISC_LANG_ENDDECLS + +#endif /* ISCCFG_LOG_H */ diff --git a/lib/isccfg/include/isccfg/namedconf.h b/lib/isccfg/include/isccfg/namedconf.h new file mode 100644 index 0000000..98878c0 --- /dev/null +++ b/lib/isccfg/include/isccfg/namedconf.h @@ -0,0 +1,57 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#ifndef ISCCFG_NAMEDCONF_H +#define ISCCFG_NAMEDCONF_H 1 + +/*! \file isccfg/namedconf.h + * \brief + * This module defines the named.conf, rndc.conf, and rndc.key grammars. + */ + +#include + +/* + * Configuration object types. + */ +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_namedconf; +/*%< A complete named.conf file. */ + +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_bindkeys; +/*%< A bind.keys file. */ + +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_newzones; +/*%< A new-zones file (for zones added by 'rndc addzone'). */ + +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_addzoneconf; +/*%< A single zone passed via the addzone rndc command. */ + +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_rndcconf; +/*%< A complete rndc.conf file. */ + +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_rndckey; +/*%< A complete rndc.key file. */ + +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_sessionkey; +/*%< A complete session.key file. */ + +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_keyref; +/*%< A key reference, used as an ACL element */ + +/*%< Zone options */ +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_zoneopts; + +/*%< DNSSEC Key and Signing Policy options */ +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_dnssecpolicyopts; + +#endif /* ISCCFG_NAMEDCONF_H */ diff --git a/lib/isccfg/include/isccfg/version.h b/lib/isccfg/include/isccfg/version.h new file mode 100644 index 0000000..846adbf --- /dev/null +++ b/lib/isccfg/include/isccfg/version.h @@ -0,0 +1,18 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +/*! \file isccfg/version.h */ + +#include + +LIBISCCFG_EXTERNAL_DATA extern const char cfg_version[]; diff --git a/lib/isccfg/kaspconf.c b/lib/isccfg/kaspconf.c new file mode 100644 index 0000000..32f7684 --- /dev/null +++ b/lib/isccfg/kaspconf.c @@ -0,0 +1,423 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include +#include +#include + +#define DEFAULT_NSEC3PARAM_ITER 5 +#define DEFAULT_NSEC3PARAM_SALTLEN 8 + +/* + * Utility function for getting a configuration option. + */ +static isc_result_t +confget(cfg_obj_t const *const *maps, const char *name, const cfg_obj_t **obj) { + for (size_t i = 0;; i++) { + if (maps[i] == NULL) { + return (ISC_R_NOTFOUND); + } + if (cfg_map_get(maps[i], name, obj) == ISC_R_SUCCESS) { + return (ISC_R_SUCCESS); + } + } +} + +/* + * Utility function for configuring durations. + */ +static uint32_t +get_duration(const cfg_obj_t **maps, const char *option, uint32_t dfl) { + const cfg_obj_t *obj; + isc_result_t result; + obj = NULL; + + result = confget(maps, option, &obj); + if (result == ISC_R_NOTFOUND) { + return (dfl); + } + INSIST(result == ISC_R_SUCCESS); + return (cfg_obj_asduration(obj)); +} + +/* + * Create a new kasp key derived from configuration. + */ +static isc_result_t +cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, + isc_log_t *logctx) { + isc_result_t result; + dns_kasp_key_t *key = NULL; + + /* Create a new key reference. */ + result = dns_kasp_key_create(kasp, &key); + if (result != ISC_R_SUCCESS) { + return (result); + } + + if (config == NULL) { + /* We are creating a key reference for the default kasp. */ + key->role |= DNS_KASP_KEY_ROLE_KSK | DNS_KASP_KEY_ROLE_ZSK; + key->lifetime = 0; /* unlimited */ + key->algorithm = DNS_KEYALG_ECDSA256; + key->length = -1; + } else { + const char *rolestr = NULL; + const cfg_obj_t *obj = NULL; + isc_consttextregion_t alg; + + rolestr = cfg_obj_asstring(cfg_tuple_get(config, "role")); + if (strcmp(rolestr, "ksk") == 0) { + key->role |= DNS_KASP_KEY_ROLE_KSK; + } else if (strcmp(rolestr, "zsk") == 0) { + key->role |= DNS_KASP_KEY_ROLE_ZSK; + } else if (strcmp(rolestr, "csk") == 0) { + key->role |= DNS_KASP_KEY_ROLE_KSK; + key->role |= DNS_KASP_KEY_ROLE_ZSK; + } + + key->lifetime = 0; /* unlimited */ + obj = cfg_tuple_get(config, "lifetime"); + if (cfg_obj_isduration(obj)) { + key->lifetime = cfg_obj_asduration(obj); + } + + obj = cfg_tuple_get(config, "algorithm"); + alg.base = cfg_obj_asstring(obj); + alg.length = strlen(alg.base); + result = dns_secalg_fromtext(&key->algorithm, + (isc_textregion_t *)&alg); + if (result != ISC_R_SUCCESS) { + cfg_obj_log(obj, logctx, ISC_LOG_ERROR, + "dnssec-policy: bad algorithm %s", + alg.base); + result = DNS_R_BADALG; + goto cleanup; + } + + obj = cfg_tuple_get(config, "length"); + if (cfg_obj_isuint32(obj)) { + uint32_t min, size; + size = cfg_obj_asuint32(obj); + + switch (key->algorithm) { + case DNS_KEYALG_RSASHA1: + case DNS_KEYALG_NSEC3RSASHA1: + case DNS_KEYALG_RSASHA256: + case DNS_KEYALG_RSASHA512: + min = DNS_KEYALG_RSASHA512 ? 1024 : 512; + if (size < min || size > 4096) { + cfg_obj_log(obj, logctx, ISC_LOG_ERROR, + "dnssec-policy: key with " + "algorithm %s has invalid " + "key length %u", + alg.base, size); + result = ISC_R_RANGE; + goto cleanup; + } + break; + case DNS_KEYALG_ECDSA256: + case DNS_KEYALG_ECDSA384: + case DNS_KEYALG_ED25519: + case DNS_KEYALG_ED448: + cfg_obj_log(obj, logctx, ISC_LOG_WARNING, + "dnssec-policy: key algorithm %s " + "has predefined length; ignoring " + "length value %u", + alg.base, size); + default: + break; + } + + key->length = size; + } + } + + dns_kasp_addkey(kasp, key); + return (ISC_R_SUCCESS); + +cleanup: + + dns_kasp_key_destroy(key); + return (result); +} + +static isc_result_t +cfg_nsec3param_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, + isc_log_t *logctx) { + dns_kasp_key_t *kkey; + unsigned int min_keysize = 4096; + const cfg_obj_t *obj = NULL; + uint32_t iter = DEFAULT_NSEC3PARAM_ITER; + uint32_t saltlen = DEFAULT_NSEC3PARAM_SALTLEN; + uint32_t badalg = 0; + bool optout = false; + isc_result_t ret = ISC_R_SUCCESS; + + /* How many iterations. */ + obj = cfg_tuple_get(config, "iterations"); + if (cfg_obj_isuint32(obj)) { + iter = cfg_obj_asuint32(obj); + } + dns_kasp_freeze(kasp); + for (kkey = ISC_LIST_HEAD(dns_kasp_keys(kasp)); kkey != NULL; + kkey = ISC_LIST_NEXT(kkey, link)) + { + unsigned int keysize = dns_kasp_key_size(kkey); + uint32_t keyalg = dns_kasp_key_algorithm(kkey); + + if (keysize < min_keysize) { + min_keysize = keysize; + } + + /* NSEC3 cannot be used with certain key algorithms. */ + if (keyalg == DNS_KEYALG_RSAMD5 || keyalg == DNS_KEYALG_DH || + keyalg == DNS_KEYALG_DSA || keyalg == DNS_KEYALG_RSASHA1) + { + badalg = keyalg; + } + } + dns_kasp_thaw(kasp); + + if (badalg > 0) { + char algstr[DNS_SECALG_FORMATSIZE]; + dns_secalg_format((dns_secalg_t)badalg, algstr, sizeof(algstr)); + cfg_obj_log( + obj, logctx, ISC_LOG_ERROR, + "dnssec-policy: cannot use nsec3 with algorithm '%s'", + algstr); + return (DNS_R_NSEC3BADALG); + } + + if (iter > dns_nsec3_maxiterations()) { + ret = DNS_R_NSEC3ITERRANGE; + } + + if (ret == DNS_R_NSEC3ITERRANGE) { + cfg_obj_log(obj, logctx, ISC_LOG_ERROR, + "dnssec-policy: nsec3 iterations value %u " + "out of range", + iter); + return (ret); + } + + /* Opt-out? */ + obj = cfg_tuple_get(config, "optout"); + if (cfg_obj_isboolean(obj)) { + optout = cfg_obj_asboolean(obj); + } + + /* Salt */ + obj = cfg_tuple_get(config, "salt-length"); + if (cfg_obj_isuint32(obj)) { + saltlen = cfg_obj_asuint32(obj); + } + if (saltlen > 0xff) { + cfg_obj_log(obj, logctx, ISC_LOG_ERROR, + "dnssec-policy: nsec3 salt length %u too high", + saltlen); + return (DNS_R_NSEC3SALTRANGE); + } + + dns_kasp_setnsec3param(kasp, iter, optout, saltlen); + return (ISC_R_SUCCESS); +} + +isc_result_t +cfg_kasp_fromconfig(const cfg_obj_t *config, const char *name, isc_mem_t *mctx, + isc_log_t *logctx, dns_kasplist_t *kasplist, + dns_kasp_t **kaspp) { + isc_result_t result; + const cfg_obj_t *maps[2]; + const cfg_obj_t *koptions = NULL; + const cfg_obj_t *keys = NULL; + const cfg_obj_t *nsec3 = NULL; + const cfg_listelt_t *element = NULL; + const char *kaspname = NULL; + dns_kasp_t *kasp = NULL; + size_t i = 0; + + REQUIRE(kaspp != NULL && *kaspp == NULL); + + kaspname = (name == NULL) + ? cfg_obj_asstring(cfg_tuple_get(config, "name")) + : name; + INSIST(kaspname != NULL); + + result = dns_kasplist_find(kasplist, kaspname, &kasp); + + if (result == ISC_R_SUCCESS) { + cfg_obj_log( + config, logctx, ISC_LOG_ERROR, + "dnssec-policy: duplicately named policy found '%s'", + kaspname); + dns_kasp_detach(&kasp); + return (ISC_R_EXISTS); + } + if (result != ISC_R_NOTFOUND) { + return (result); + } + + /* No kasp with configured name was found in list, create new one. */ + INSIST(kasp == NULL); + result = dns_kasp_create(mctx, kaspname, &kasp); + if (result != ISC_R_SUCCESS) { + return (result); + } + INSIST(kasp != NULL); + + /* Now configure. */ + INSIST(DNS_KASP_VALID(kasp)); + + if (config != NULL) { + koptions = cfg_tuple_get(config, "options"); + maps[i++] = koptions; + } + maps[i] = NULL; + + /* Configuration: Signatures */ + dns_kasp_setsigrefresh(kasp, get_duration(maps, "signatures-refresh", + DNS_KASP_SIG_REFRESH)); + dns_kasp_setsigvalidity(kasp, get_duration(maps, "signatures-validity", + DNS_KASP_SIG_VALIDITY)); + dns_kasp_setsigvalidity_dnskey( + kasp, get_duration(maps, "signatures-validity-dnskey", + DNS_KASP_SIG_VALIDITY_DNSKEY)); + + /* Configuration: Keys */ + dns_kasp_setdnskeyttl( + kasp, get_duration(maps, "dnskey-ttl", DNS_KASP_KEY_TTL)); + dns_kasp_setpublishsafety(kasp, get_duration(maps, "publish-safety", + DNS_KASP_PUBLISH_SAFETY)); + dns_kasp_setretiresafety(kasp, get_duration(maps, "retire-safety", + DNS_KASP_RETIRE_SAFETY)); + dns_kasp_setpurgekeys( + kasp, get_duration(maps, "purge-keys", DNS_KASP_PURGE_KEYS)); + + (void)confget(maps, "keys", &keys); + if (keys != NULL) { + char role[256] = { 0 }; + dns_kasp_key_t *kkey = NULL; + + for (element = cfg_list_first(keys); element != NULL; + element = cfg_list_next(element)) + { + cfg_obj_t *kobj = cfg_listelt_value(element); + result = cfg_kaspkey_fromconfig(kobj, kasp, logctx); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + } + INSIST(!(dns_kasp_keylist_empty(kasp))); + dns_kasp_freeze(kasp); + for (kkey = ISC_LIST_HEAD(dns_kasp_keys(kasp)); kkey != NULL; + kkey = ISC_LIST_NEXT(kkey, link)) + { + uint32_t keyalg = dns_kasp_key_algorithm(kkey); + INSIST(keyalg < ARRAY_SIZE(role)); + + if (dns_kasp_key_zsk(kkey)) { + role[keyalg] |= DNS_KASP_KEY_ROLE_ZSK; + } + + if (dns_kasp_key_ksk(kkey)) { + role[keyalg] |= DNS_KASP_KEY_ROLE_KSK; + } + } + dns_kasp_thaw(kasp); + for (i = 0; i < ARRAY_SIZE(role); i++) { + if (role[i] != 0 && role[i] != (DNS_KASP_KEY_ROLE_ZSK | + DNS_KASP_KEY_ROLE_KSK)) + { + cfg_obj_log(keys, logctx, ISC_LOG_ERROR, + "dnssec-policy: algorithm %zu " + "requires both KSK and ZSK roles", + i); + result = ISC_R_FAILURE; + } + } + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + } else if (strcmp(kaspname, "insecure") == 0) { + /* "dnssec-policy insecure": key list must be empty */ + INSIST(strcmp(kaspname, "insecure") == 0); + INSIST(dns_kasp_keylist_empty(kasp)); + } else { + /* No keys clause configured, use the "default". */ + result = cfg_kaspkey_fromconfig(NULL, kasp, logctx); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + INSIST(!(dns_kasp_keylist_empty(kasp))); + } + + /* Configuration: NSEC3 */ + (void)confget(maps, "nsec3param", &nsec3); + if (nsec3 == NULL) { + dns_kasp_setnsec3(kasp, false); + } else { + dns_kasp_setnsec3(kasp, true); + result = cfg_nsec3param_fromconfig(nsec3, kasp, logctx); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + } + + /* Configuration: Zone settings */ + dns_kasp_setzonemaxttl( + kasp, get_duration(maps, "max-zone-ttl", DNS_KASP_ZONE_MAXTTL)); + dns_kasp_setzonepropagationdelay( + kasp, get_duration(maps, "zone-propagation-delay", + DNS_KASP_ZONE_PROPDELAY)); + + /* Configuration: Parent settings */ + dns_kasp_setdsttl(kasp, + get_duration(maps, "parent-ds-ttl", DNS_KASP_DS_TTL)); + dns_kasp_setparentpropagationdelay( + kasp, get_duration(maps, "parent-propagation-delay", + DNS_KASP_PARENT_PROPDELAY)); + + /* Append it to the list for future lookups. */ + ISC_LIST_APPEND(*kasplist, kasp, link); + INSIST(!(ISC_LIST_EMPTY(*kasplist))); + + /* Success: Attach the kasp to the pointer and return. */ + dns_kasp_attach(kasp, kaspp); + + /* Don't detach as kasp is on '*kasplist' */ + return (ISC_R_SUCCESS); + +cleanup: + + /* Something bad happened, detach (destroys kasp) and return error. */ + dns_kasp_detach(&kasp); + return (result); +} diff --git a/lib/isccfg/log.c b/lib/isccfg/log.c new file mode 100644 index 0000000..7a6b7fd --- /dev/null +++ b/lib/isccfg/log.c @@ -0,0 +1,41 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +/*! \file */ + +#include + +#include + +/*% + * When adding a new category, be sure to add the appropriate + * \#define to . + */ +LIBISCCFG_EXTERNAL_DATA isc_logcategory_t cfg_categories[] = { { "config", 0 }, + { NULL, 0 } }; + +/*% + * When adding a new module, be sure to add the appropriate + * \#define to . + */ +LIBISCCFG_EXTERNAL_DATA isc_logmodule_t cfg_modules[] = { + { "isccfg/parser", 0 }, { NULL, 0 } +}; + +void +cfg_log_init(isc_log_t *lctx) { + REQUIRE(lctx != NULL); + + isc_log_registercategories(lctx, cfg_categories); + isc_log_registermodules(lctx, cfg_modules); +} diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c new file mode 100644 index 0000000..6e63d86 --- /dev/null +++ b/lib/isccfg/namedconf.c @@ -0,0 +1,3891 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +/*! \file */ + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include +#include + +#include +#include +#include +#include + +#define TOKEN_STRING(pctx) (pctx->token.value.as_textregion.base) + +/*% Check a return value. */ +#define CHECK(op) \ + do { \ + result = (op); \ + if (result != ISC_R_SUCCESS) \ + goto cleanup; \ + } while (0) + +/*% Clean up a configuration object if non-NULL. */ +#define CLEANUP_OBJ(obj) \ + do { \ + if ((obj) != NULL) \ + cfg_obj_destroy(pctx, &(obj)); \ + } while (0) + +/*% + * Forward declarations of static functions. + */ + +static isc_result_t +parse_keyvalue(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +static isc_result_t +parse_optional_keyvalue(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret); + +static isc_result_t +parse_updatepolicy(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); +static void +print_updatepolicy(cfg_printer_t *pctx, const cfg_obj_t *obj); + +static void +doc_updatepolicy(cfg_printer_t *pctx, const cfg_type_t *type); + +static void +print_keyvalue(cfg_printer_t *pctx, const cfg_obj_t *obj); + +static void +doc_keyvalue(cfg_printer_t *pctx, const cfg_type_t *type); + +static void +doc_optional_keyvalue(cfg_printer_t *pctx, const cfg_type_t *type); + +static cfg_type_t cfg_type_acl; +static cfg_type_t cfg_type_bracketed_dscpsockaddrlist; +static cfg_type_t cfg_type_bracketed_namesockaddrkeylist; +static cfg_type_t cfg_type_bracketed_netaddrlist; +static cfg_type_t cfg_type_bracketed_sockaddrnameportlist; +static cfg_type_t cfg_type_controls; +static cfg_type_t cfg_type_controls_sockaddr; +static cfg_type_t cfg_type_destinationlist; +static cfg_type_t cfg_type_dialuptype; +static cfg_type_t cfg_type_dlz; +static cfg_type_t cfg_type_dnssecpolicy; +static cfg_type_t cfg_type_dnstap; +static cfg_type_t cfg_type_dnstapoutput; +static cfg_type_t cfg_type_dyndb; +static cfg_type_t cfg_type_plugin; +static cfg_type_t cfg_type_ixfrdifftype; +static cfg_type_t cfg_type_ixfrratio; +static cfg_type_t cfg_type_key; +static cfg_type_t cfg_type_logfile; +static cfg_type_t cfg_type_logging; +static cfg_type_t cfg_type_logseverity; +static cfg_type_t cfg_type_logsuffix; +static cfg_type_t cfg_type_logversions; +static cfg_type_t cfg_type_remoteselement; +static cfg_type_t cfg_type_maxduration; +static cfg_type_t cfg_type_minimal; +static cfg_type_t cfg_type_nameportiplist; +static cfg_type_t cfg_type_notifytype; +static cfg_type_t cfg_type_optional_allow; +static cfg_type_t cfg_type_optional_class; +static cfg_type_t cfg_type_optional_dscp; +static cfg_type_t cfg_type_optional_facility; +static cfg_type_t cfg_type_optional_keyref; +static cfg_type_t cfg_type_optional_port; +static cfg_type_t cfg_type_optional_uint32; +static cfg_type_t cfg_type_options; +static cfg_type_t cfg_type_portiplist; +static cfg_type_t cfg_type_printtime; +static cfg_type_t cfg_type_qminmethod; +static cfg_type_t cfg_type_querysource4; +static cfg_type_t cfg_type_querysource6; +static cfg_type_t cfg_type_querysource; +static cfg_type_t cfg_type_server; +static cfg_type_t cfg_type_server_key_kludge; +static cfg_type_t cfg_type_size; +static cfg_type_t cfg_type_sizenodefault; +static cfg_type_t cfg_type_sizeorpercent; +static cfg_type_t cfg_type_sizeval; +static cfg_type_t cfg_type_sockaddr4wild; +static cfg_type_t cfg_type_sockaddr6wild; +static cfg_type_t cfg_type_statschannels; +static cfg_type_t cfg_type_view; +static cfg_type_t cfg_type_viewopts; +static cfg_type_t cfg_type_zone; + +/*% tkey-dhkey */ + +static cfg_tuplefielddef_t tkey_dhkey_fields[] = { + { "name", &cfg_type_qstring, 0 }, + { "keyid", &cfg_type_uint32, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_tkey_dhkey = { "tkey-dhkey", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, tkey_dhkey_fields }; + +/*% listen-on */ + +static cfg_tuplefielddef_t listenon_fields[] = { + { "port", &cfg_type_optional_port, 0 }, + { "dscp", &cfg_type_optional_dscp, CFG_CLAUSEFLAG_DEPRECATED }, + { "acl", &cfg_type_bracketed_aml, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_listenon = { "listenon", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, listenon_fields }; + +/*% acl */ + +static cfg_tuplefielddef_t acl_fields[] = { { "name", &cfg_type_astring, 0 }, + { "value", &cfg_type_bracketed_aml, + 0 }, + { NULL, NULL, 0 } }; + +static cfg_type_t cfg_type_acl = { "acl", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, acl_fields }; + +/*% remote servers, used for primaries and parental agents */ +static cfg_tuplefielddef_t remotes_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "port", &cfg_type_optional_port, 0 }, + { "dscp", &cfg_type_optional_dscp, CFG_CLAUSEFLAG_DEPRECATED }, + { "addresses", &cfg_type_bracketed_namesockaddrkeylist, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_remoteservers = { "remote-servers", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, remotes_fields }; + +/*% + * "sockaddrkeylist", a list of socket addresses with optional keys + * and an optional default port, as used in the remote-servers option. + * E.g., + * "port 1234 { myservers; 10.0.0.1 key foo; 1::2 port 69; }" + */ + +static cfg_tuplefielddef_t namesockaddrkey_fields[] = { + { "remoteselement", &cfg_type_remoteselement, 0 }, + { "key", &cfg_type_optional_keyref, 0 }, + { NULL, NULL, 0 }, +}; + +static cfg_type_t cfg_type_namesockaddrkey = { + "namesockaddrkey", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, namesockaddrkey_fields +}; + +static cfg_type_t cfg_type_bracketed_namesockaddrkeylist = { + "bracketed_namesockaddrkeylist", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_namesockaddrkey +}; + +static cfg_tuplefielddef_t namesockaddrkeylist_fields[] = { + { "port", &cfg_type_optional_port, 0 }, + { "dscp", &cfg_type_optional_dscp, CFG_CLAUSEFLAG_DEPRECATED }, + { "addresses", &cfg_type_bracketed_namesockaddrkeylist, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_namesockaddrkeylist = { + "sockaddrkeylist", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, namesockaddrkeylist_fields +}; + +/*% + * A list of socket addresses with an optional default port, as used + * in the 'listen-on' option. E.g., "{ 10.0.0.1; 1::2 port 69; }" + */ +static cfg_tuplefielddef_t portiplist_fields[] = { + { "port", &cfg_type_optional_port, 0 }, + { "dscp", &cfg_type_optional_dscp, CFG_CLAUSEFLAG_DEPRECATED }, + { "addresses", &cfg_type_bracketed_dscpsockaddrlist, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_portiplist = { "portiplist", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, portiplist_fields }; + +/* + * Obsolete format for the "pubkey" statement. + */ +static cfg_tuplefielddef_t pubkey_fields[] = { + { "flags", &cfg_type_uint32, 0 }, + { "protocol", &cfg_type_uint32, 0 }, + { "algorithm", &cfg_type_uint32, 0 }, + { "key", &cfg_type_qstring, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_pubkey = { "pubkey", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, pubkey_fields }; + +/*% + * A list of RR types, used in grant statements. + * Note that the old parser allows quotes around the RR type names. + */ +static cfg_type_t cfg_type_rrtypelist = { + "rrtypelist", cfg_parse_spacelist, cfg_print_spacelist, + cfg_doc_terminal, &cfg_rep_list, &cfg_type_astring +}; + +static const char *mode_enums[] = { "deny", "grant", NULL }; +static cfg_type_t cfg_type_mode = { + "mode", cfg_parse_enum, cfg_print_ustring, + cfg_doc_enum, &cfg_rep_string, &mode_enums +}; + +static isc_result_t +parse_matchtype(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_string && + strcasecmp(TOKEN_STRING(pctx), "zonesub") == 0) + { + pctx->flags |= CFG_PCTX_SKIP; + } + return (cfg_parse_enum(pctx, type, ret)); + +cleanup: + return (result); +} + +static isc_result_t +parse_matchname(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + + if ((pctx->flags & CFG_PCTX_SKIP) != 0) { + pctx->flags &= ~CFG_PCTX_SKIP; + CHECK(cfg_parse_void(pctx, NULL, &obj)); + } else { + result = cfg_parse_astring(pctx, type, &obj); + } + + *ret = obj; +cleanup: + return (result); +} + +static void +doc_matchname(cfg_printer_t *pctx, const cfg_type_t *type) { + cfg_print_cstr(pctx, "[ "); + cfg_doc_obj(pctx, type->of); + cfg_print_cstr(pctx, " ]"); +} + +static const char *matchtype_enums[] = { "6to4-self", + "external", + "krb5-self", + "krb5-selfsub", + "krb5-subdomain", + "ms-self", + "ms-selfsub", + "ms-subdomain", + "name", + "self", + "selfsub", + "selfwild", + "subdomain", + "tcp-self", + "wildcard", + "zonesub", + NULL }; + +static cfg_type_t cfg_type_matchtype = { "matchtype", parse_matchtype, + cfg_print_ustring, cfg_doc_enum, + &cfg_rep_string, &matchtype_enums }; + +static cfg_type_t cfg_type_matchname = { + "optional_matchname", parse_matchname, cfg_print_ustring, + doc_matchname, &cfg_rep_tuple, &cfg_type_ustring +}; + +/*% + * A grant statement, used in the update policy. + */ +static cfg_tuplefielddef_t grant_fields[] = { + { "mode", &cfg_type_mode, 0 }, + { "identity", &cfg_type_astring, 0 }, /* domain name */ + { "matchtype", &cfg_type_matchtype, 0 }, + { "name", &cfg_type_matchname, 0 }, /* domain name */ + { "types", &cfg_type_rrtypelist, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_grant = { "grant", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, grant_fields }; + +static cfg_type_t cfg_type_updatepolicy = { + "update_policy", parse_updatepolicy, print_updatepolicy, + doc_updatepolicy, &cfg_rep_list, &cfg_type_grant +}; + +static isc_result_t +parse_updatepolicy(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + CHECK(cfg_gettoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_special && + pctx->token.value.as_char == '{') + { + cfg_ungettoken(pctx); + return (cfg_parse_bracketed_list(pctx, type, ret)); + } + + if (pctx->token.type == isc_tokentype_string && + strcasecmp(TOKEN_STRING(pctx), "local") == 0) + { + cfg_obj_t *obj = NULL; + CHECK(cfg_create_obj(pctx, &cfg_type_ustring, &obj)); + obj->value.string.length = strlen("local"); + obj->value.string.base = + isc_mem_get(pctx->mctx, obj->value.string.length + 1); + memmove(obj->value.string.base, "local", 5); + obj->value.string.base[5] = '\0'; + *ret = obj; + return (ISC_R_SUCCESS); + } + + cfg_ungettoken(pctx); + return (ISC_R_UNEXPECTEDTOKEN); + +cleanup: + return (result); +} + +static void +print_updatepolicy(cfg_printer_t *pctx, const cfg_obj_t *obj) { + if (cfg_obj_isstring(obj)) { + cfg_print_ustring(pctx, obj); + } else { + cfg_print_bracketed_list(pctx, obj); + } +} + +static void +doc_updatepolicy(cfg_printer_t *pctx, const cfg_type_t *type) { + cfg_print_cstr(pctx, "( local | { "); + cfg_doc_obj(pctx, type->of); + cfg_print_cstr(pctx, "; ... } )"); +} + +/*% + * A view statement. + */ +static cfg_tuplefielddef_t view_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "class", &cfg_type_optional_class, 0 }, + { "options", &cfg_type_viewopts, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_view = { "view", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, view_fields }; + +/*% + * A zone statement. + */ +static cfg_tuplefielddef_t zone_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "class", &cfg_type_optional_class, 0 }, + { "options", &cfg_type_zoneopts, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_zone = { "zone", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, zone_fields }; + +/*% + * A dnssec-policy statement. + */ +static cfg_tuplefielddef_t dnssecpolicy_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "options", &cfg_type_dnssecpolicyopts, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_dnssecpolicy = { + "dnssec-policy", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, dnssecpolicy_fields +}; + +/*% + * A "category" clause in the "logging" statement. + */ +static cfg_tuplefielddef_t category_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "destinations", &cfg_type_destinationlist, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_category = { "category", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, category_fields }; + +static isc_result_t +parse_maxduration(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_duration, ret)); +} + +static void +doc_maxduration(cfg_printer_t *pctx, const cfg_type_t *type) { + cfg_doc_enum_or_other(pctx, type, &cfg_type_duration); +} + +/*% + * A duration or "unlimited", but not "default". + */ +static const char *maxduration_enums[] = { "unlimited", NULL }; +static cfg_type_t cfg_type_maxduration = { + "maxduration_no_default", parse_maxduration, cfg_print_ustring, + doc_maxduration, &cfg_rep_duration, maxduration_enums +}; + +/*% + * A dnssec key, as used in the "trusted-keys" statement. + */ +static cfg_tuplefielddef_t dnsseckey_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "anchortype", &cfg_type_void, 0 }, + { "rdata1", &cfg_type_uint32, 0 }, + { "rdata2", &cfg_type_uint32, 0 }, + { "rdata3", &cfg_type_uint32, 0 }, + { "data", &cfg_type_qstring, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_dnsseckey = { "dnsseckey", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, dnsseckey_fields }; + +/*% + * Optional enums. + * + */ +static isc_result_t +parse_optional_enum(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_void, ret)); +} + +static void +doc_optional_enum(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "[ "); + cfg_doc_enum(pctx, type); + cfg_print_cstr(pctx, " ]"); +} + +/*% + * A key initialization specifier, as used in the + * "trust-anchors" (or synonymous "managed-keys") statement. + */ +static const char *anchortype_enums[] = { "static-key", "initial-key", + "static-ds", "initial-ds", NULL }; +static cfg_type_t cfg_type_anchortype = { "anchortype", cfg_parse_enum, + cfg_print_ustring, cfg_doc_enum, + &cfg_rep_string, anchortype_enums }; +static cfg_tuplefielddef_t managedkey_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "anchortype", &cfg_type_anchortype, 0 }, + { "rdata1", &cfg_type_uint32, 0 }, + { "rdata2", &cfg_type_uint32, 0 }, + { "rdata3", &cfg_type_uint32, 0 }, + { "data", &cfg_type_qstring, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_managedkey = { "managedkey", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, managedkey_fields }; + +/*% + * DNSSEC key roles. + */ +static const char *dnsseckeyrole_enums[] = { "csk", "ksk", "zsk", NULL }; +static cfg_type_t cfg_type_dnsseckeyrole = { + "dnssec-key-role", cfg_parse_enum, cfg_print_ustring, + cfg_doc_enum, &cfg_rep_string, &dnsseckeyrole_enums +}; + +/*% + * DNSSEC key storage types. + */ +static const char *dnsseckeystore_enums[] = { "key-directory", NULL }; +static cfg_type_t cfg_type_dnsseckeystore = { + "dnssec-key-storage", parse_optional_enum, cfg_print_ustring, + doc_optional_enum, &cfg_rep_string, dnsseckeystore_enums +}; + +/*% + * A dnssec key, as used in the "keys" statement in a "dnssec-policy". + */ +static keyword_type_t algorithm_kw = { "algorithm", &cfg_type_ustring }; +static cfg_type_t cfg_type_algorithm = { "algorithm", parse_keyvalue, + print_keyvalue, doc_keyvalue, + &cfg_rep_string, &algorithm_kw }; + +static keyword_type_t lifetime_kw = { "lifetime", + &cfg_type_duration_or_unlimited }; +static cfg_type_t cfg_type_lifetime = { "lifetime", parse_keyvalue, + print_keyvalue, doc_keyvalue, + &cfg_rep_duration, &lifetime_kw }; + +static cfg_tuplefielddef_t kaspkey_fields[] = { + { "role", &cfg_type_dnsseckeyrole, 0 }, + { "keystore-type", &cfg_type_dnsseckeystore, 0 }, + { "lifetime", &cfg_type_lifetime, 0 }, + { "algorithm", &cfg_type_algorithm, 0 }, + { "length", &cfg_type_optional_uint32, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_kaspkey = { "kaspkey", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, kaspkey_fields }; + +/*% + * NSEC3 parameters. + */ +static keyword_type_t nsec3iter_kw = { "iterations", &cfg_type_uint32 }; +static cfg_type_t cfg_type_nsec3iter = { + "iterations", parse_optional_keyvalue, print_keyvalue, + doc_optional_keyvalue, &cfg_rep_uint32, &nsec3iter_kw +}; + +static keyword_type_t nsec3optout_kw = { "optout", &cfg_type_boolean }; +static cfg_type_t cfg_type_nsec3optout = { + "optout", parse_optional_keyvalue, + print_keyvalue, doc_optional_keyvalue, + &cfg_rep_boolean, &nsec3optout_kw +}; + +static keyword_type_t nsec3salt_kw = { "salt-length", &cfg_type_uint32 }; +static cfg_type_t cfg_type_nsec3salt = { + "salt-length", parse_optional_keyvalue, print_keyvalue, + doc_optional_keyvalue, &cfg_rep_uint32, &nsec3salt_kw +}; + +static cfg_tuplefielddef_t nsec3param_fields[] = { + { "iterations", &cfg_type_nsec3iter, 0 }, + { "optout", &cfg_type_nsec3optout, 0 }, + { "salt-length", &cfg_type_nsec3salt, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_nsec3 = { "nsec3param", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, nsec3param_fields }; + +/*% + * Wild class, type, name. + */ +static keyword_type_t wild_class_kw = { "class", &cfg_type_ustring }; + +static cfg_type_t cfg_type_optional_wild_class = { + "optional_wild_class", parse_optional_keyvalue, print_keyvalue, + doc_optional_keyvalue, &cfg_rep_string, &wild_class_kw +}; + +static keyword_type_t wild_type_kw = { "type", &cfg_type_ustring }; + +static cfg_type_t cfg_type_optional_wild_type = { + "optional_wild_type", parse_optional_keyvalue, print_keyvalue, + doc_optional_keyvalue, &cfg_rep_string, &wild_type_kw +}; + +static keyword_type_t wild_name_kw = { "name", &cfg_type_qstring }; + +static cfg_type_t cfg_type_optional_wild_name = { + "optional_wild_name", parse_optional_keyvalue, print_keyvalue, + doc_optional_keyvalue, &cfg_rep_string, &wild_name_kw +}; + +/*% + * An rrset ordering element. + */ +static cfg_tuplefielddef_t rrsetorderingelement_fields[] = { + { "class", &cfg_type_optional_wild_class, 0 }, + { "type", &cfg_type_optional_wild_type, 0 }, + { "name", &cfg_type_optional_wild_name, 0 }, + { "order", &cfg_type_ustring, 0 }, /* must be literal "order" */ + { "ordering", &cfg_type_ustring, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_rrsetorderingelement = { + "rrsetorderingelement", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, rrsetorderingelement_fields +}; + +/*% + * A global or view "check-names" option. Note that the zone + * "check-names" option has a different syntax. + */ + +static const char *checktype_enums[] = { "primary", "master", "secondary", + "slave", "response", NULL }; +static cfg_type_t cfg_type_checktype = { "checktype", cfg_parse_enum, + cfg_print_ustring, cfg_doc_enum, + &cfg_rep_string, &checktype_enums }; + +static const char *checkmode_enums[] = { "fail", "warn", "ignore", NULL }; +static cfg_type_t cfg_type_checkmode = { "checkmode", cfg_parse_enum, + cfg_print_ustring, cfg_doc_enum, + &cfg_rep_string, &checkmode_enums }; + +static const char *warn_enums[] = { "warn", "ignore", NULL }; +static cfg_type_t cfg_type_warn = { + "warn", cfg_parse_enum, cfg_print_ustring, + cfg_doc_enum, &cfg_rep_string, &warn_enums +}; + +static cfg_tuplefielddef_t checknames_fields[] = { + { "type", &cfg_type_checktype, 0 }, + { "mode", &cfg_type_checkmode, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_checknames = { "checknames", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, checknames_fields }; + +static cfg_type_t cfg_type_bracketed_dscpsockaddrlist = { + "bracketed_sockaddrlist", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_sockaddrdscp +}; + +static cfg_type_t cfg_type_bracketed_netaddrlist = { "bracketed_netaddrlist", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_netaddr }; + +static const char *autodnssec_enums[] = { "allow", "maintain", "off", NULL }; +static cfg_type_t cfg_type_autodnssec = { + "autodnssec", cfg_parse_enum, cfg_print_ustring, + cfg_doc_enum, &cfg_rep_string, &autodnssec_enums +}; + +static const char *dnssecupdatemode_enums[] = { "maintain", "no-resign", NULL }; +static cfg_type_t cfg_type_dnssecupdatemode = { + "dnssecupdatemode", cfg_parse_enum, cfg_print_ustring, + cfg_doc_enum, &cfg_rep_string, &dnssecupdatemode_enums +}; + +static const char *updatemethods_enums[] = { "date", "increment", "unixtime", + NULL }; +static cfg_type_t cfg_type_updatemethod = { + "updatemethod", cfg_parse_enum, cfg_print_ustring, + cfg_doc_enum, &cfg_rep_string, &updatemethods_enums +}; + +/* + * zone-statistics: full, terse, or none. + * + * for backward compatibility, we also support boolean values. + * yes represents "full", no represents "terse". in the future we + * may change no to mean "none". + */ +static const char *zonestat_enums[] = { "full", "terse", "none", NULL }; +static isc_result_t +parse_zonestat(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_boolean, ret)); +} +static void +doc_zonestat(cfg_printer_t *pctx, const cfg_type_t *type) { + cfg_doc_enum_or_other(pctx, type, &cfg_type_boolean); +} +static cfg_type_t cfg_type_zonestat = { "zonestat", parse_zonestat, + cfg_print_ustring, doc_zonestat, + &cfg_rep_string, zonestat_enums }; + +static cfg_type_t cfg_type_rrsetorder = { "rrsetorder", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_rrsetorderingelement }; + +static keyword_type_t dscp_kw = { "dscp", &cfg_type_uint32 }; + +static cfg_type_t cfg_type_optional_dscp = { + "optional_dscp", parse_optional_keyvalue, print_keyvalue, + doc_optional_keyvalue, &cfg_rep_uint32, &dscp_kw +}; + +static keyword_type_t port_kw = { "port", &cfg_type_uint32 }; + +static cfg_type_t cfg_type_optional_port = { + "optional_port", parse_optional_keyvalue, print_keyvalue, + doc_optional_keyvalue, &cfg_rep_uint32, &port_kw +}; + +/*% A list of keys, as in the "key" clause of the controls statement. */ +static cfg_type_t cfg_type_keylist = { "keylist", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_astring }; + +/*% A list of dnssec keys, as in "trusted-keys". Deprecated. */ +static cfg_type_t cfg_type_trustedkeys = { "trustedkeys", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_dnsseckey }; + +/*% + * A list of managed trust anchors. Each entry contains a name, a keyword + * ("static-key", initial-key", "static-ds" or "initial-ds"), and the + * fields associated with either a DNSKEY or a DS record. + */ +static cfg_type_t cfg_type_dnsseckeys = { "dnsseckeys", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_managedkey }; + +/*% + * A list of key entries, used in a DNSSEC Key and Signing Policy. + */ +static cfg_type_t cfg_type_kaspkeys = { "kaspkeys", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_kaspkey }; + +static const char *forwardtype_enums[] = { "first", "only", NULL }; +static cfg_type_t cfg_type_forwardtype = { + "forwardtype", cfg_parse_enum, cfg_print_ustring, + cfg_doc_enum, &cfg_rep_string, &forwardtype_enums +}; + +static const char *zonetype_enums[] = { + "primary", "master", "secondary", "slave", + "mirror", "delegation-only", "forward", "hint", + "redirect", "static-stub", "stub", NULL +}; +static cfg_type_t cfg_type_zonetype = { "zonetype", cfg_parse_enum, + cfg_print_ustring, cfg_doc_enum, + &cfg_rep_string, &zonetype_enums }; + +static const char *loglevel_enums[] = { "critical", "error", "warning", + "notice", "info", "dynamic", + NULL }; +static cfg_type_t cfg_type_loglevel = { "loglevel", cfg_parse_enum, + cfg_print_ustring, cfg_doc_enum, + &cfg_rep_string, &loglevel_enums }; + +static const char *transferformat_enums[] = { "many-answers", "one-answer", + NULL }; +static cfg_type_t cfg_type_transferformat = { + "transferformat", cfg_parse_enum, cfg_print_ustring, + cfg_doc_enum, &cfg_rep_string, &transferformat_enums +}; + +/*% + * The special keyword "none", as used in the pid-file option. + */ + +static void +print_none(cfg_printer_t *pctx, const cfg_obj_t *obj) { + UNUSED(obj); + cfg_print_cstr(pctx, "none"); +} + +static cfg_type_t cfg_type_none = { "none", NULL, print_none, + NULL, &cfg_rep_void, NULL }; + +/*% + * A quoted string or the special keyword "none". Used in the pid-file option. + */ +static isc_result_t +parse_qstringornone(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + + CHECK(cfg_gettoken(pctx, CFG_LEXOPT_QSTRING)); + if (pctx->token.type == isc_tokentype_string && + strcasecmp(TOKEN_STRING(pctx), "none") == 0) + { + return (cfg_create_obj(pctx, &cfg_type_none, ret)); + } + cfg_ungettoken(pctx); + return (cfg_parse_qstring(pctx, type, ret)); +cleanup: + return (result); +} + +static void +doc_qstringornone(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "( | none )"); +} + +static cfg_type_t cfg_type_qstringornone = { "qstringornone", + parse_qstringornone, + NULL, + doc_qstringornone, + NULL, + NULL }; + +/*% + * A boolean ("yes" or "no"), or the special keyword "auto". + * Used in the dnssec-validation option. + */ +static void +print_auto(cfg_printer_t *pctx, const cfg_obj_t *obj) { + UNUSED(obj); + cfg_print_cstr(pctx, "auto"); +} + +static cfg_type_t cfg_type_auto = { "auto", NULL, print_auto, + NULL, &cfg_rep_void, NULL }; + +static isc_result_t +parse_boolorauto(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + + CHECK(cfg_gettoken(pctx, CFG_LEXOPT_QSTRING)); + if (pctx->token.type == isc_tokentype_string && + strcasecmp(TOKEN_STRING(pctx), "auto") == 0) + { + return (cfg_create_obj(pctx, &cfg_type_auto, ret)); + } + cfg_ungettoken(pctx); + return (cfg_parse_boolean(pctx, type, ret)); +cleanup: + return (result); +} + +static void +print_boolorauto(cfg_printer_t *pctx, const cfg_obj_t *obj) { + if (obj->type->rep == &cfg_rep_void) { + cfg_print_cstr(pctx, "auto"); + } else if (obj->value.boolean) { + cfg_print_cstr(pctx, "yes"); + } else { + cfg_print_cstr(pctx, "no"); + } +} + +static void +doc_boolorauto(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "( yes | no | auto )"); +} + +static cfg_type_t cfg_type_boolorauto = { + "boolorauto", parse_boolorauto, print_boolorauto, doc_boolorauto, NULL, + NULL +}; + +/*% + * keyword hostname + */ +static void +print_hostname(cfg_printer_t *pctx, const cfg_obj_t *obj) { + UNUSED(obj); + cfg_print_cstr(pctx, "hostname"); +} + +static cfg_type_t cfg_type_hostname = { "hostname", NULL, + print_hostname, NULL, + &cfg_rep_boolean, NULL }; + +/*% + * "server-id" argument. + */ + +static isc_result_t +parse_serverid(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + CHECK(cfg_gettoken(pctx, CFG_LEXOPT_QSTRING)); + if (pctx->token.type == isc_tokentype_string && + strcasecmp(TOKEN_STRING(pctx), "none") == 0) + { + return (cfg_create_obj(pctx, &cfg_type_none, ret)); + } + if (pctx->token.type == isc_tokentype_string && + strcasecmp(TOKEN_STRING(pctx), "hostname") == 0) + { + result = cfg_create_obj(pctx, &cfg_type_hostname, ret); + if (result == ISC_R_SUCCESS) { + (*ret)->value.boolean = true; + } + return (result); + } + cfg_ungettoken(pctx); + return (cfg_parse_qstring(pctx, type, ret)); +cleanup: + return (result); +} + +static void +doc_serverid(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "( | none | hostname )"); +} + +static cfg_type_t cfg_type_serverid = { "serverid", parse_serverid, NULL, + doc_serverid, NULL, NULL }; + +/*% + * Port list. + */ +static void +print_porttuple(cfg_printer_t *pctx, const cfg_obj_t *obj) { + cfg_print_cstr(pctx, "range "); + cfg_print_tuple(pctx, obj); +} +static cfg_tuplefielddef_t porttuple_fields[] = { + { "loport", &cfg_type_uint32, 0 }, + { "hiport", &cfg_type_uint32, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_porttuple = { "porttuple", cfg_parse_tuple, + print_porttuple, cfg_doc_tuple, + &cfg_rep_tuple, porttuple_fields }; + +static isc_result_t +parse_port(cfg_parser_t *pctx, cfg_obj_t **ret) { + isc_result_t result; + + CHECK(cfg_parse_uint32(pctx, NULL, ret)); + if ((*ret)->value.uint32 > 0xffff) { + cfg_parser_error(pctx, CFG_LOG_NEAR, "invalid port"); + cfg_obj_destroy(pctx, ret); + result = ISC_R_RANGE; + } + +cleanup: + return (result); +} + +static isc_result_t +parse_portrange(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + + UNUSED(type); + + CHECK(cfg_peektoken(pctx, ISC_LEXOPT_NUMBER | ISC_LEXOPT_CNUMBER)); + if (pctx->token.type == isc_tokentype_number) { + CHECK(parse_port(pctx, ret)); + } else { + CHECK(cfg_gettoken(pctx, 0)); + if (pctx->token.type != isc_tokentype_string || + strcasecmp(TOKEN_STRING(pctx), "range") != 0) + { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected integer or 'range'"); + return (ISC_R_UNEXPECTEDTOKEN); + } + CHECK(cfg_create_tuple(pctx, &cfg_type_porttuple, &obj)); + CHECK(parse_port(pctx, &obj->value.tuple[0])); + CHECK(parse_port(pctx, &obj->value.tuple[1])); + if (obj->value.tuple[0]->value.uint32 > + obj->value.tuple[1]->value.uint32) + { + cfg_parser_error(pctx, CFG_LOG_NOPREP, + "low port '%u' must not be larger " + "than high port", + obj->value.tuple[0]->value.uint32); + result = ISC_R_RANGE; + goto cleanup; + } + *ret = obj; + obj = NULL; + } + +cleanup: + if (obj != NULL) { + cfg_obj_destroy(pctx, &obj); + } + return (result); +} + +static cfg_type_t cfg_type_portrange = { "portrange", parse_portrange, + NULL, cfg_doc_terminal, + NULL, NULL }; + +static cfg_type_t cfg_type_bracketed_portlist = { "bracketed_sockaddrlist", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_portrange }; + +static const char *cookiealg_enums[] = { "aes", "siphash24", NULL }; +static cfg_type_t cfg_type_cookiealg = { "cookiealg", cfg_parse_enum, + cfg_print_ustring, cfg_doc_enum, + &cfg_rep_string, &cookiealg_enums }; + +/*% + * fetch-quota-params + */ + +static cfg_tuplefielddef_t fetchquota_fields[] = { + { "frequency", &cfg_type_uint32, 0 }, + { "low", &cfg_type_fixedpoint, 0 }, + { "high", &cfg_type_fixedpoint, 0 }, + { "discount", &cfg_type_fixedpoint, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_fetchquota = { "fetchquota", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, fetchquota_fields }; + +/*% + * fetches-per-server or fetches-per-zone + */ + +static const char *response_enums[] = { "drop", "fail", NULL }; + +static cfg_type_t cfg_type_responsetype = { + "responsetype", parse_optional_enum, cfg_print_ustring, + doc_optional_enum, &cfg_rep_string, response_enums +}; + +static cfg_tuplefielddef_t fetchesper_fields[] = { + { "fetches", &cfg_type_uint32, 0 }, + { "response", &cfg_type_responsetype, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_fetchesper = { "fetchesper", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, fetchesper_fields }; + +/*% + * Clauses that can be found within the top level of the named.conf + * file only. + */ +static cfg_clausedef_t namedconf_clauses[] = { + { "acl", &cfg_type_acl, CFG_CLAUSEFLAG_MULTI }, + { "controls", &cfg_type_controls, CFG_CLAUSEFLAG_MULTI }, + { "dnssec-policy", &cfg_type_dnssecpolicy, CFG_CLAUSEFLAG_MULTI }, + { "logging", &cfg_type_logging, 0 }, + { "lwres", &cfg_type_bracketed_text, + CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_OBSOLETE }, + { "masters", &cfg_type_remoteservers, CFG_CLAUSEFLAG_MULTI }, + { "options", &cfg_type_options, 0 }, + { "parental-agents", &cfg_type_remoteservers, CFG_CLAUSEFLAG_MULTI }, + { "primaries", &cfg_type_remoteservers, CFG_CLAUSEFLAG_MULTI }, + { "statistics-channels", &cfg_type_statschannels, + CFG_CLAUSEFLAG_MULTI }, + { "view", &cfg_type_view, CFG_CLAUSEFLAG_MULTI }, + { NULL, NULL, 0 } +}; + +/*% + * Clauses that can occur at the top level or in the view + * statement, but not in the options block. + */ +static cfg_clausedef_t namedconf_or_view_clauses[] = { + { "dlz", &cfg_type_dlz, CFG_CLAUSEFLAG_MULTI }, + { "dyndb", &cfg_type_dyndb, CFG_CLAUSEFLAG_MULTI }, + { "key", &cfg_type_key, CFG_CLAUSEFLAG_MULTI }, + { "managed-keys", &cfg_type_dnsseckeys, + CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_DEPRECATED }, + { "plugin", &cfg_type_plugin, CFG_CLAUSEFLAG_MULTI }, + { "server", &cfg_type_server, CFG_CLAUSEFLAG_MULTI }, + { "trust-anchors", &cfg_type_dnsseckeys, CFG_CLAUSEFLAG_MULTI }, + { "trusted-keys", &cfg_type_trustedkeys, + CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_DEPRECATED }, + { "zone", &cfg_type_zone, CFG_CLAUSEFLAG_MULTI }, + { NULL, NULL, 0 } +}; + +/*% + * Clauses that can occur in the bind.keys file. + */ +static cfg_clausedef_t bindkeys_clauses[] = { + { "managed-keys", &cfg_type_dnsseckeys, + CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_DEPRECATED }, + { "trust-anchors", &cfg_type_dnsseckeys, CFG_CLAUSEFLAG_MULTI }, + { "trusted-keys", &cfg_type_trustedkeys, + CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_DEPRECATED }, + { NULL, NULL, 0 } +}; + +static const char *fstrm_model_enums[] = { "mpsc", "spsc", NULL }; +static cfg_type_t cfg_type_fstrm_model = { + "model", cfg_parse_enum, cfg_print_ustring, + cfg_doc_enum, &cfg_rep_string, &fstrm_model_enums +}; + +/*% + * Clauses that can be found within the 'options' statement. + */ +static cfg_clausedef_t options_clauses[] = { + { "answer-cookie", &cfg_type_boolean, 0 }, + { "automatic-interface-scan", &cfg_type_boolean, 0 }, + { "avoid-v4-udp-ports", &cfg_type_bracketed_portlist, 0 }, + { "avoid-v6-udp-ports", &cfg_type_bracketed_portlist, 0 }, + { "bindkeys-file", &cfg_type_qstring, 0 }, + { "blackhole", &cfg_type_bracketed_aml, 0 }, + { "cookie-algorithm", &cfg_type_cookiealg, 0 }, + { "cookie-secret", &cfg_type_sstring, CFG_CLAUSEFLAG_MULTI }, + { "coresize", &cfg_type_size, 0 }, + { "datasize", &cfg_type_size, 0 }, + { "deallocate-on-exit", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "directory", &cfg_type_qstring, CFG_CLAUSEFLAG_CALLBACK }, +#ifdef HAVE_DNSTAP + { "dnstap-output", &cfg_type_dnstapoutput, 0 }, + { "dnstap-identity", &cfg_type_serverid, 0 }, + { "dnstap-version", &cfg_type_qstringornone, 0 }, +#else /* ifdef HAVE_DNSTAP */ + { "dnstap-output", &cfg_type_dnstapoutput, + CFG_CLAUSEFLAG_NOTCONFIGURED }, + { "dnstap-identity", &cfg_type_serverid, CFG_CLAUSEFLAG_NOTCONFIGURED }, + { "dnstap-version", &cfg_type_qstringornone, + CFG_CLAUSEFLAG_NOTCONFIGURED }, +#endif /* ifdef HAVE_DNSTAP */ + { "dscp", &cfg_type_uint32, CFG_CLAUSEFLAG_DEPRECATED }, + { "dump-file", &cfg_type_qstring, 0 }, + { "fake-iquery", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "files", &cfg_type_size, 0 }, + { "flush-zones-on-shutdown", &cfg_type_boolean, 0 }, +#ifdef HAVE_DNSTAP + { "fstrm-set-buffer-hint", &cfg_type_uint32, 0 }, + { "fstrm-set-flush-timeout", &cfg_type_uint32, 0 }, + { "fstrm-set-input-queue-size", &cfg_type_uint32, 0 }, + { "fstrm-set-output-notify-threshold", &cfg_type_uint32, 0 }, + { "fstrm-set-output-queue-model", &cfg_type_fstrm_model, 0 }, + { "fstrm-set-output-queue-size", &cfg_type_uint32, 0 }, + { "fstrm-set-reopen-interval", &cfg_type_duration, 0 }, +#else /* ifdef HAVE_DNSTAP */ + { "fstrm-set-buffer-hint", &cfg_type_uint32, + CFG_CLAUSEFLAG_NOTCONFIGURED }, + { "fstrm-set-flush-timeout", &cfg_type_uint32, + CFG_CLAUSEFLAG_NOTCONFIGURED }, + { "fstrm-set-input-queue-size", &cfg_type_uint32, + CFG_CLAUSEFLAG_NOTCONFIGURED }, + { "fstrm-set-output-notify-threshold", &cfg_type_uint32, + CFG_CLAUSEFLAG_NOTCONFIGURED }, + { "fstrm-set-output-queue-model", &cfg_type_fstrm_model, + CFG_CLAUSEFLAG_NOTCONFIGURED }, + { "fstrm-set-output-queue-size", &cfg_type_uint32, + CFG_CLAUSEFLAG_NOTCONFIGURED }, + { "fstrm-set-reopen-interval", &cfg_type_duration, + CFG_CLAUSEFLAG_NOTCONFIGURED }, +#endif /* HAVE_DNSTAP */ +#if defined(HAVE_GEOIP2) + { "geoip-directory", &cfg_type_qstringornone, 0 }, +#else /* if defined(HAVE_GEOIP2) */ + { "geoip-directory", &cfg_type_qstringornone, + CFG_CLAUSEFLAG_NOTCONFIGURED }, +#endif /* HAVE_GEOIP2 */ + { "geoip-use-ecs", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "has-old-clients", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "heartbeat-interval", &cfg_type_uint32, 0 }, + { "host-statistics", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "host-statistics-max", &cfg_type_uint32, CFG_CLAUSEFLAG_ANCIENT }, + { "hostname", &cfg_type_qstringornone, 0 }, + { "interface-interval", &cfg_type_duration, 0 }, + { "keep-response-order", &cfg_type_bracketed_aml, 0 }, + { "listen-on", &cfg_type_listenon, CFG_CLAUSEFLAG_MULTI }, + { "listen-on-v6", &cfg_type_listenon, CFG_CLAUSEFLAG_MULTI }, + { "lock-file", &cfg_type_qstringornone, 0 }, + { "managed-keys-directory", &cfg_type_qstring, 0 }, + { "match-mapped-addresses", &cfg_type_boolean, 0 }, + { "max-rsa-exponent-size", &cfg_type_uint32, 0 }, + { "memstatistics", &cfg_type_boolean, 0 }, + { "memstatistics-file", &cfg_type_qstring, 0 }, + { "multiple-cnames", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "named-xfer", &cfg_type_qstring, CFG_CLAUSEFLAG_ANCIENT }, + { "notify-rate", &cfg_type_uint32, 0 }, + { "pid-file", &cfg_type_qstringornone, 0 }, + { "port", &cfg_type_uint32, 0 }, + { "querylog", &cfg_type_boolean, 0 }, + { "random-device", &cfg_type_qstringornone, 0 }, + { "recursing-file", &cfg_type_qstring, 0 }, + { "recursive-clients", &cfg_type_uint32, 0 }, + { "reuseport", &cfg_type_boolean, 0 }, + { "reserved-sockets", &cfg_type_uint32, 0 }, + { "secroots-file", &cfg_type_qstring, 0 }, + { "serial-queries", &cfg_type_uint32, CFG_CLAUSEFLAG_ANCIENT }, + { "serial-query-rate", &cfg_type_uint32, 0 }, + { "server-id", &cfg_type_serverid, 0 }, + { "session-keyalg", &cfg_type_astring, 0 }, + { "session-keyfile", &cfg_type_qstringornone, 0 }, + { "session-keyname", &cfg_type_astring, 0 }, + { "sit-secret", &cfg_type_sstring, CFG_CLAUSEFLAG_OBSOLETE }, + { "stacksize", &cfg_type_size, 0 }, + { "startup-notify-rate", &cfg_type_uint32, 0 }, + { "statistics-file", &cfg_type_qstring, 0 }, + { "statistics-interval", &cfg_type_uint32, CFG_CLAUSEFLAG_ANCIENT }, + { "tcp-advertised-timeout", &cfg_type_uint32, 0 }, + { "tcp-clients", &cfg_type_uint32, 0 }, + { "tcp-idle-timeout", &cfg_type_uint32, 0 }, + { "tcp-initial-timeout", &cfg_type_uint32, 0 }, + { "tcp-keepalive-timeout", &cfg_type_uint32, 0 }, + { "tcp-listen-queue", &cfg_type_uint32, 0 }, + { "tkey-dhkey", &cfg_type_tkey_dhkey, 0 }, + { "tkey-domain", &cfg_type_qstring, 0 }, + { "tkey-gssapi-credential", &cfg_type_qstring, 0 }, + { "tkey-gssapi-keytab", &cfg_type_qstring, 0 }, + { "transfer-message-size", &cfg_type_uint32, 0 }, + { "transfers-in", &cfg_type_uint32, 0 }, + { "transfers-out", &cfg_type_uint32, 0 }, + { "transfers-per-ns", &cfg_type_uint32, 0 }, + { "treat-cr-as-space", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "update-quota", &cfg_type_uint32, 0 }, + { "use-id-pool", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "use-ixfr", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "use-v4-udp-ports", &cfg_type_bracketed_portlist, 0 }, + { "use-v6-udp-ports", &cfg_type_bracketed_portlist, 0 }, + { "version", &cfg_type_qstringornone, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_namelist = { "namelist", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_astring }; + +static keyword_type_t exclude_kw = { "exclude", &cfg_type_namelist }; + +static cfg_type_t cfg_type_optional_exclude = { + "optional_exclude", parse_optional_keyvalue, print_keyvalue, + doc_optional_keyvalue, &cfg_rep_list, &exclude_kw +}; + +static keyword_type_t exceptionnames_kw = { "except-from", &cfg_type_namelist }; + +static cfg_type_t cfg_type_optional_exceptionnames = { + "optional_allow", parse_optional_keyvalue, print_keyvalue, + doc_optional_keyvalue, &cfg_rep_list, &exceptionnames_kw +}; + +static cfg_tuplefielddef_t denyaddresses_fields[] = { + { "acl", &cfg_type_bracketed_aml, 0 }, + { "except-from", &cfg_type_optional_exceptionnames, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_denyaddresses = { + "denyaddresses", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, denyaddresses_fields +}; + +static cfg_tuplefielddef_t denyaliases_fields[] = { + { "name", &cfg_type_namelist, 0 }, + { "except-from", &cfg_type_optional_exceptionnames, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_denyaliases = { + "denyaliases", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, denyaliases_fields +}; + +static cfg_type_t cfg_type_algorithmlist = { "algorithmlist", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_astring }; + +static cfg_tuplefielddef_t disablealgorithm_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "algorithms", &cfg_type_algorithmlist, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_disablealgorithm = { + "disablealgorithm", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, disablealgorithm_fields +}; + +static cfg_type_t cfg_type_dsdigestlist = { "dsdigestlist", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_astring }; + +static cfg_tuplefielddef_t disabledsdigest_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "digests", &cfg_type_dsdigestlist, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_disabledsdigest = { + "disabledsdigest", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, disabledsdigest_fields +}; + +static cfg_tuplefielddef_t mustbesecure_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "value", &cfg_type_boolean, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_mustbesecure = { + "mustbesecure", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, mustbesecure_fields +}; + +static const char *masterformat_enums[] = { "map", "raw", "text", NULL }; +static cfg_type_t cfg_type_masterformat = { + "masterformat", cfg_parse_enum, cfg_print_ustring, + cfg_doc_enum, &cfg_rep_string, &masterformat_enums +}; + +static const char *masterstyle_enums[] = { "full", "relative", NULL }; +static cfg_type_t cfg_type_masterstyle = { + "masterstyle", cfg_parse_enum, cfg_print_ustring, + cfg_doc_enum, &cfg_rep_string, &masterstyle_enums +}; + +static keyword_type_t blocksize_kw = { "block-size", &cfg_type_uint32 }; + +static cfg_type_t cfg_type_blocksize = { "blocksize", parse_keyvalue, + print_keyvalue, doc_keyvalue, + &cfg_rep_uint32, &blocksize_kw }; + +static cfg_tuplefielddef_t resppadding_fields[] = { + { "acl", &cfg_type_bracketed_aml, 0 }, + { "block-size", &cfg_type_blocksize, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_resppadding = { + "resppadding", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, resppadding_fields +}; + +/*% + * dnstap { + * <message type> [query | response] ; + * ... + * } + * + * ... where message type is one of: client, resolver, auth, forwarder, + * update, all + */ +static const char *dnstap_types[] = { "all", "auth", "client", + "forwarder", "resolver", "update", + NULL }; + +static const char *dnstap_modes[] = { "query", "response", NULL }; + +static cfg_type_t cfg_type_dnstap_type = { "dnstap_type", cfg_parse_enum, + cfg_print_ustring, cfg_doc_enum, + &cfg_rep_string, dnstap_types }; + +static cfg_type_t cfg_type_dnstap_mode = { + "dnstap_mode", parse_optional_enum, cfg_print_ustring, + doc_optional_enum, &cfg_rep_string, dnstap_modes +}; + +static cfg_tuplefielddef_t dnstap_fields[] = { + { "type", &cfg_type_dnstap_type, 0 }, + { "mode", &cfg_type_dnstap_mode, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_dnstap_entry = { "dnstap_value", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, dnstap_fields }; + +static cfg_type_t cfg_type_dnstap = { "dnstap", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_dnstap_entry }; + +/*% + * dnstap-output + */ +static isc_result_t +parse_dtout(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + const cfg_tuplefielddef_t *fields = type->of; + + CHECK(cfg_create_tuple(pctx, type, &obj)); + + /* Parse the mandatory "mode" and "path" fields */ + CHECK(cfg_parse_obj(pctx, fields[0].type, &obj->value.tuple[0])); + CHECK(cfg_parse_obj(pctx, fields[1].type, &obj->value.tuple[1])); + + /* Parse "versions" and "size" fields in any order. */ + for (;;) { + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_string) { + CHECK(cfg_gettoken(pctx, 0)); + if (strcasecmp(TOKEN_STRING(pctx), "size") == 0 && + obj->value.tuple[2] == NULL) + { + CHECK(cfg_parse_obj(pctx, fields[2].type, + &obj->value.tuple[2])); + } else if (strcasecmp(TOKEN_STRING(pctx), "versions") == + 0 && + obj->value.tuple[3] == NULL) + { + CHECK(cfg_parse_obj(pctx, fields[3].type, + &obj->value.tuple[3])); + } else if (strcasecmp(TOKEN_STRING(pctx), "suffix") == + 0 && + obj->value.tuple[4] == NULL) + { + CHECK(cfg_parse_obj(pctx, fields[4].type, + &obj->value.tuple[4])); + } else { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "unexpected token"); + result = ISC_R_UNEXPECTEDTOKEN; + goto cleanup; + } + } else { + break; + } + } + + /* Create void objects for missing optional values. */ + if (obj->value.tuple[2] == NULL) { + CHECK(cfg_parse_void(pctx, NULL, &obj->value.tuple[2])); + } + if (obj->value.tuple[3] == NULL) { + CHECK(cfg_parse_void(pctx, NULL, &obj->value.tuple[3])); + } + if (obj->value.tuple[4] == NULL) { + CHECK(cfg_parse_void(pctx, NULL, &obj->value.tuple[4])); + } + + *ret = obj; + return (ISC_R_SUCCESS); + +cleanup: + CLEANUP_OBJ(obj); + return (result); +} + +static void +print_dtout(cfg_printer_t *pctx, const cfg_obj_t *obj) { + cfg_print_obj(pctx, obj->value.tuple[0]); /* mode */ + cfg_print_obj(pctx, obj->value.tuple[1]); /* file */ + if (obj->value.tuple[2]->type->print != cfg_print_void) { + cfg_print_cstr(pctx, " size "); + cfg_print_obj(pctx, obj->value.tuple[2]); + } + if (obj->value.tuple[3]->type->print != cfg_print_void) { + cfg_print_cstr(pctx, " versions "); + cfg_print_obj(pctx, obj->value.tuple[3]); + } + if (obj->value.tuple[4]->type->print != cfg_print_void) { + cfg_print_cstr(pctx, " suffix "); + cfg_print_obj(pctx, obj->value.tuple[4]); + } +} + +static void +doc_dtout(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "( file | unix ) "); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ size ( unlimited | ) ]"); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ versions ( unlimited | ) ]"); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ suffix ( increment | timestamp ) ]"); +} + +static const char *dtoutmode_enums[] = { "file", "unix", NULL }; +static cfg_type_t cfg_type_dtmode = { "dtmode", cfg_parse_enum, + cfg_print_ustring, cfg_doc_enum, + &cfg_rep_string, &dtoutmode_enums }; + +static cfg_tuplefielddef_t dtout_fields[] = { + { "mode", &cfg_type_dtmode, 0 }, + { "path", &cfg_type_qstring, 0 }, + { "size", &cfg_type_sizenodefault, 0 }, + { "versions", &cfg_type_logversions, 0 }, + { "suffix", &cfg_type_logsuffix, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_dnstapoutput = { "dnstapoutput", parse_dtout, + print_dtout, doc_dtout, + &cfg_rep_tuple, dtout_fields }; + +/*% + * response-policy { + * zone <string> [ policy (given|disabled|passthru|drop|tcp-only| + * nxdomain|nodata|cname <domain> ) ] + * [ recursive-only yes|no ] [ log yes|no ] + * [ max-policy-ttl number ] + * [ nsip-enable yes|no ] [ nsdname-enable yes|no ]; + * } [ recursive-only yes|no ] [ max-policy-ttl number ] + * [ min-update-interval number ] + * [ break-dnssec yes|no ] [ min-ns-dots number ] + * [ qname-wait-recurse yes|no ] + * [ nsip-enable yes|no ] [ nsdname-enable yes|no ] + * [ dnsrps-enable yes|no ] + * [ dnsrps-options { DNSRPS configuration string } ]; + */ + +static void +doc_rpz_policy(cfg_printer_t *pctx, const cfg_type_t *type) { + const char *const *p; + /* + * This is cfg_doc_enum() without the trailing " )". + */ + cfg_print_cstr(pctx, "( "); + for (p = type->of; *p != NULL; p++) { + cfg_print_cstr(pctx, *p); + if (p[1] != NULL) { + cfg_print_cstr(pctx, " | "); + } + } +} + +static void +doc_rpz_cname(cfg_printer_t *pctx, const cfg_type_t *type) { + cfg_doc_terminal(pctx, type); + cfg_print_cstr(pctx, " )"); +} + +/* + * Parse + * given|disabled|passthru|drop|tcp-only|nxdomain|nodata|cname + */ +static isc_result_t +cfg_parse_rpz_policy(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + const cfg_tuplefielddef_t *fields; + + CHECK(cfg_create_tuple(pctx, type, &obj)); + + fields = type->of; + CHECK(cfg_parse_obj(pctx, fields[0].type, &obj->value.tuple[0])); + /* + * parse cname domain only after "policy cname" + */ + if (strcasecmp("cname", cfg_obj_asstring(obj->value.tuple[0])) != 0) { + CHECK(cfg_parse_void(pctx, NULL, &obj->value.tuple[1])); + } else { + CHECK(cfg_parse_obj(pctx, fields[1].type, + &obj->value.tuple[1])); + } + + *ret = obj; + return (ISC_R_SUCCESS); + +cleanup: + CLEANUP_OBJ(obj); + return (result); +} + +/* + * Parse a tuple consisting of any kind of required field followed + * by 2 or more optional keyvalues that can be in any order. + */ +static isc_result_t +cfg_parse_kv_tuple(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + const cfg_tuplefielddef_t *fields, *f; + cfg_obj_t *obj = NULL; + int fn; + isc_result_t result; + + CHECK(cfg_create_tuple(pctx, type, &obj)); + + /* + * The zone first field is required and always first. + */ + fields = type->of; + CHECK(cfg_parse_obj(pctx, fields[0].type, &obj->value.tuple[0])); + + for (;;) { + CHECK(cfg_peektoken(pctx, CFG_LEXOPT_QSTRING)); + if (pctx->token.type != isc_tokentype_string) { + break; + } + + for (fn = 1, f = &fields[1];; ++fn, ++f) { + if (f->name == NULL) { + cfg_parser_error(pctx, 0, "unexpected '%s'", + TOKEN_STRING(pctx)); + result = ISC_R_UNEXPECTEDTOKEN; + goto cleanup; + } + if (obj->value.tuple[fn] == NULL && + strcasecmp(f->name, TOKEN_STRING(pctx)) == 0) + { + break; + } + } + + CHECK(cfg_gettoken(pctx, 0)); + CHECK(cfg_parse_obj(pctx, f->type, &obj->value.tuple[fn])); + } + + for (fn = 1, f = &fields[1]; f->name != NULL; ++fn, ++f) { + if (obj->value.tuple[fn] == NULL) { + CHECK(cfg_parse_void(pctx, NULL, + &obj->value.tuple[fn])); + } + } + + *ret = obj; + return (ISC_R_SUCCESS); + +cleanup: + CLEANUP_OBJ(obj); + return (result); +} + +static void +cfg_print_kv_tuple(cfg_printer_t *pctx, const cfg_obj_t *obj) { + unsigned int i; + const cfg_tuplefielddef_t *fields, *f; + const cfg_obj_t *fieldobj; + + fields = obj->type->of; + for (f = fields, i = 0; f->name != NULL; f++, i++) { + fieldobj = obj->value.tuple[i]; + if (fieldobj->type->print == cfg_print_void) { + continue; + } + if (i != 0) { + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, f->name); + cfg_print_cstr(pctx, " "); + } + cfg_print_obj(pctx, fieldobj); + } +} + +static void +cfg_doc_kv_tuple(cfg_printer_t *pctx, const cfg_type_t *type) { + const cfg_tuplefielddef_t *fields, *f; + + fields = type->of; + for (f = fields; f->name != NULL; f++) { + if (f != fields) { + cfg_print_cstr(pctx, " [ "); + cfg_print_cstr(pctx, f->name); + if (f->type->doc != cfg_doc_void) { + cfg_print_cstr(pctx, " "); + } + } + cfg_doc_obj(pctx, f->type); + if (f != fields) { + cfg_print_cstr(pctx, " ]"); + } + } +} + +static keyword_type_t zone_kw = { "zone", &cfg_type_astring }; +static cfg_type_t cfg_type_rpz_zone = { "zone", parse_keyvalue, + print_keyvalue, doc_keyvalue, + &cfg_rep_string, &zone_kw }; +/* + * "no-op" is an obsolete equivalent of "passthru". + */ +static const char *rpz_policies[] = { "cname", "disabled", "drop", + "given", "no-op", "nodata", + "nxdomain", "passthru", "tcp-only", + NULL }; +static cfg_type_t cfg_type_rpz_policy_name = { + "policy name", cfg_parse_enum, cfg_print_ustring, + doc_rpz_policy, &cfg_rep_string, &rpz_policies +}; +static cfg_type_t cfg_type_rpz_cname = { + "quoted_string", cfg_parse_astring, NULL, + doc_rpz_cname, &cfg_rep_string, NULL +}; +static cfg_tuplefielddef_t rpz_policy_fields[] = { + { "policy name", &cfg_type_rpz_policy_name, 0 }, + { "cname", &cfg_type_rpz_cname, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_rpz_policy = { "policy tuple", cfg_parse_rpz_policy, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, rpz_policy_fields }; +static cfg_tuplefielddef_t rpz_zone_fields[] = { + { "zone name", &cfg_type_rpz_zone, 0 }, + { "add-soa", &cfg_type_boolean, 0 }, + { "log", &cfg_type_boolean, 0 }, + { "max-policy-ttl", &cfg_type_duration, 0 }, + { "min-update-interval", &cfg_type_duration, 0 }, + { "policy", &cfg_type_rpz_policy, 0 }, + { "recursive-only", &cfg_type_boolean, 0 }, + { "nsip-enable", &cfg_type_boolean, 0 }, + { "nsdname-enable", &cfg_type_boolean, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_rpz_tuple = { "rpz tuple", cfg_parse_kv_tuple, + cfg_print_kv_tuple, cfg_doc_kv_tuple, + &cfg_rep_tuple, rpz_zone_fields }; +static cfg_type_t cfg_type_rpz_list = { "zone list", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_rpz_tuple }; +static cfg_tuplefielddef_t rpz_fields[] = { + { "zone list", &cfg_type_rpz_list, 0 }, + { "add-soa", &cfg_type_boolean, 0 }, + { "break-dnssec", &cfg_type_boolean, 0 }, + { "max-policy-ttl", &cfg_type_duration, 0 }, + { "min-update-interval", &cfg_type_duration, 0 }, + { "min-ns-dots", &cfg_type_uint32, 0 }, + { "nsip-wait-recurse", &cfg_type_boolean, 0 }, + { "qname-wait-recurse", &cfg_type_boolean, 0 }, + { "recursive-only", &cfg_type_boolean, 0 }, + { "nsip-enable", &cfg_type_boolean, 0 }, + { "nsdname-enable", &cfg_type_boolean, 0 }, +#ifdef USE_DNSRPS + { "dnsrps-enable", &cfg_type_boolean, 0 }, + { "dnsrps-options", &cfg_type_bracketed_text, 0 }, +#else /* ifdef USE_DNSRPS */ + { "dnsrps-enable", &cfg_type_boolean, CFG_CLAUSEFLAG_NOTCONFIGURED }, + { "dnsrps-options", &cfg_type_bracketed_text, + CFG_CLAUSEFLAG_NOTCONFIGURED }, +#endif /* ifdef USE_DNSRPS */ + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_rpz = { "rpz", + cfg_parse_kv_tuple, + cfg_print_kv_tuple, + cfg_doc_kv_tuple, + &cfg_rep_tuple, + rpz_fields }; + +/* + * Catalog zones + */ +static cfg_type_t cfg_type_catz_zone = { "zone", parse_keyvalue, + print_keyvalue, doc_keyvalue, + &cfg_rep_string, &zone_kw }; + +static cfg_tuplefielddef_t catz_zone_fields[] = { + { "zone name", &cfg_type_catz_zone, 0 }, + { "default-masters", &cfg_type_namesockaddrkeylist, 0 }, + { "zone-directory", &cfg_type_qstring, 0 }, + { "in-memory", &cfg_type_boolean, 0 }, + { "min-update-interval", &cfg_type_duration, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_catz_tuple = { + "catz tuple", cfg_parse_kv_tuple, cfg_print_kv_tuple, + cfg_doc_kv_tuple, &cfg_rep_tuple, catz_zone_fields +}; +static cfg_type_t cfg_type_catz_list = { "zone list", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_catz_tuple }; +static cfg_tuplefielddef_t catz_fields[] = { + { "zone list", &cfg_type_catz_list, 0 }, { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_catz = { + "catz", cfg_parse_kv_tuple, cfg_print_kv_tuple, + cfg_doc_kv_tuple, &cfg_rep_tuple, catz_fields +}; + +/* + * rate-limit + */ +static cfg_clausedef_t rrl_clauses[] = { + { "all-per-second", &cfg_type_uint32, 0 }, + { "errors-per-second", &cfg_type_uint32, 0 }, + { "exempt-clients", &cfg_type_bracketed_aml, 0 }, + { "ipv4-prefix-length", &cfg_type_uint32, 0 }, + { "ipv6-prefix-length", &cfg_type_uint32, 0 }, + { "log-only", &cfg_type_boolean, 0 }, + { "max-table-size", &cfg_type_uint32, 0 }, + { "min-table-size", &cfg_type_uint32, 0 }, + { "nodata-per-second", &cfg_type_uint32, 0 }, + { "nxdomains-per-second", &cfg_type_uint32, 0 }, + { "qps-scale", &cfg_type_uint32, 0 }, + { "referrals-per-second", &cfg_type_uint32, 0 }, + { "responses-per-second", &cfg_type_uint32, 0 }, + { "slip", &cfg_type_uint32, 0 }, + { "window", &cfg_type_uint32, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_clausedef_t *rrl_clausesets[] = { rrl_clauses, NULL }; + +static cfg_type_t cfg_type_rrl = { "rate-limit", cfg_parse_map, cfg_print_map, + cfg_doc_map, &cfg_rep_map, rrl_clausesets }; + +/*% + * dnssec-lookaside + */ + +static void +print_lookaside(cfg_printer_t *pctx, const cfg_obj_t *obj) { + const cfg_obj_t *domain = obj->value.tuple[0]; + + if (domain->value.string.length == 4 && + strncmp(domain->value.string.base, "auto", 4) == 0) + { + cfg_print_cstr(pctx, "auto"); + } else { + cfg_print_tuple(pctx, obj); + } +} + +static void +doc_lookaside(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "( trust-anchor | auto | no )"); +} + +static keyword_type_t trustanchor_kw = { "trust-anchor", &cfg_type_astring }; + +static cfg_type_t cfg_type_optional_trustanchor = { + "optional_trustanchor", parse_optional_keyvalue, print_keyvalue, + doc_keyvalue, &cfg_rep_string, &trustanchor_kw +}; + +static cfg_tuplefielddef_t lookaside_fields[] = { + { "domain", &cfg_type_astring, 0 }, + { "trust-anchor", &cfg_type_optional_trustanchor, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_lookaside = { "lookaside", cfg_parse_tuple, + print_lookaside, doc_lookaside, + &cfg_rep_tuple, lookaside_fields }; + +static isc_result_t +parse_optional_uint32(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + UNUSED(type); + + CHECK(cfg_peektoken(pctx, ISC_LEXOPT_NUMBER | ISC_LEXOPT_CNUMBER)); + if (pctx->token.type == isc_tokentype_number) { + CHECK(cfg_parse_obj(pctx, &cfg_type_uint32, ret)); + } else { + CHECK(cfg_parse_obj(pctx, &cfg_type_void, ret)); + } +cleanup: + return (result); +} + +static void +doc_optional_uint32(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "[ ]"); +} + +static cfg_type_t cfg_type_optional_uint32 = { "optional_uint32", + parse_optional_uint32, + NULL, + doc_optional_uint32, + NULL, + NULL }; + +static cfg_tuplefielddef_t prefetch_fields[] = { + { "trigger", &cfg_type_uint32, 0 }, + { "eligible", &cfg_type_optional_uint32, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_prefetch = { "prefetch", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, prefetch_fields }; +/* + * DNS64. + */ +static cfg_clausedef_t dns64_clauses[] = { + { "break-dnssec", &cfg_type_boolean, 0 }, + { "clients", &cfg_type_bracketed_aml, 0 }, + { "exclude", &cfg_type_bracketed_aml, 0 }, + { "mapped", &cfg_type_bracketed_aml, 0 }, + { "recursive-only", &cfg_type_boolean, 0 }, + { "suffix", &cfg_type_netaddr6, 0 }, + { NULL, NULL, 0 }, +}; + +static cfg_clausedef_t *dns64_clausesets[] = { dns64_clauses, NULL }; + +static cfg_type_t cfg_type_dns64 = { "dns64", cfg_parse_netprefix_map, + cfg_print_map, cfg_doc_map, + &cfg_rep_map, dns64_clausesets }; + +static const char *staleanswerclienttimeout_enums[] = { "disabled", "off", + NULL }; +static isc_result_t +parse_staleanswerclienttimeout(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_uint32, ret)); +} + +static void +doc_staleanswerclienttimeout(cfg_printer_t *pctx, const cfg_type_t *type) { + cfg_doc_enum_or_other(pctx, type, &cfg_type_uint32); +} + +static cfg_type_t cfg_type_staleanswerclienttimeout = { + "staleanswerclienttimeout", + parse_staleanswerclienttimeout, + cfg_print_ustring, + doc_staleanswerclienttimeout, + &cfg_rep_string, + staleanswerclienttimeout_enums +}; + +/*% + * Clauses that can be found within the 'view' statement, + * with defaults in the 'options' statement. + */ + +static cfg_clausedef_t view_clauses[] = { + { "acache-cleaning-interval", &cfg_type_uint32, + CFG_CLAUSEFLAG_OBSOLETE }, + { "acache-enable", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "additional-from-auth", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "additional-from-cache", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "allow-new-zones", &cfg_type_boolean, 0 }, + { "allow-query-cache", &cfg_type_bracketed_aml, 0 }, + { "allow-query-cache-on", &cfg_type_bracketed_aml, 0 }, + { "allow-recursion", &cfg_type_bracketed_aml, 0 }, + { "allow-recursion-on", &cfg_type_bracketed_aml, 0 }, + { "allow-v6-synthesis", &cfg_type_bracketed_aml, + CFG_CLAUSEFLAG_OBSOLETE }, + { "attach-cache", &cfg_type_astring, 0 }, + { "auth-nxdomain", &cfg_type_boolean, CFG_CLAUSEFLAG_NEWDEFAULT }, + { "cache-file", &cfg_type_qstring, CFG_CLAUSEFLAG_DEPRECATED }, + { "catalog-zones", &cfg_type_catz, 0 }, + { "check-names", &cfg_type_checknames, CFG_CLAUSEFLAG_MULTI }, + { "cleaning-interval", &cfg_type_uint32, CFG_CLAUSEFLAG_OBSOLETE }, + { "clients-per-query", &cfg_type_uint32, 0 }, + { "deny-answer-addresses", &cfg_type_denyaddresses, 0 }, + { "deny-answer-aliases", &cfg_type_denyaliases, 0 }, + { "disable-algorithms", &cfg_type_disablealgorithm, + CFG_CLAUSEFLAG_MULTI }, + { "disable-ds-digests", &cfg_type_disabledsdigest, + CFG_CLAUSEFLAG_MULTI }, + { "disable-empty-zone", &cfg_type_astring, CFG_CLAUSEFLAG_MULTI }, + { "dns64", &cfg_type_dns64, CFG_CLAUSEFLAG_MULTI }, + { "dns64-contact", &cfg_type_astring, 0 }, + { "dns64-server", &cfg_type_astring, 0 }, +#ifdef USE_DNSRPS + { "dnsrps-enable", &cfg_type_boolean, 0 }, + { "dnsrps-options", &cfg_type_bracketed_text, 0 }, +#else /* ifdef USE_DNSRPS */ + { "dnsrps-enable", &cfg_type_boolean, CFG_CLAUSEFLAG_NOTCONFIGURED }, + { "dnsrps-options", &cfg_type_bracketed_text, + CFG_CLAUSEFLAG_NOTCONFIGURED }, +#endif /* ifdef USE_DNSRPS */ + { "dnssec-accept-expired", &cfg_type_boolean, 0 }, + { "dnssec-enable", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "dnssec-lookaside", &cfg_type_lookaside, + CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_OBSOLETE }, + { "dnssec-must-be-secure", &cfg_type_mustbesecure, + CFG_CLAUSEFLAG_MULTI }, + { "dnssec-validation", &cfg_type_boolorauto, 0 }, +#ifdef HAVE_DNSTAP + { "dnstap", &cfg_type_dnstap, 0 }, +#else /* ifdef HAVE_DNSTAP */ + { "dnstap", &cfg_type_dnstap, CFG_CLAUSEFLAG_NOTCONFIGURED }, +#endif /* HAVE_DNSTAP */ + { "dual-stack-servers", &cfg_type_nameportiplist, 0 }, + { "edns-udp-size", &cfg_type_uint32, 0 }, + { "empty-contact", &cfg_type_astring, 0 }, + { "empty-server", &cfg_type_astring, 0 }, + { "empty-zones-enable", &cfg_type_boolean, 0 }, + { "fetch-glue", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "fetch-quota-params", &cfg_type_fetchquota, 0 }, + { "fetches-per-server", &cfg_type_fetchesper, 0 }, + { "fetches-per-zone", &cfg_type_fetchesper, 0 }, + { "filter-aaaa", &cfg_type_bracketed_aml, CFG_CLAUSEFLAG_OBSOLETE }, + { "filter-aaaa-on-v4", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "filter-aaaa-on-v6", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "glue-cache", &cfg_type_boolean, 0 }, + { "ixfr-from-differences", &cfg_type_ixfrdifftype, 0 }, + { "lame-ttl", &cfg_type_duration, 0 }, +#ifdef HAVE_LMDB + { "lmdb-mapsize", &cfg_type_sizeval, 0 }, +#else /* ifdef HAVE_LMDB */ + { "lmdb-mapsize", &cfg_type_sizeval, CFG_CLAUSEFLAG_NOOP }, +#endif /* ifdef HAVE_LMDB */ + { "max-acache-size", &cfg_type_sizenodefault, CFG_CLAUSEFLAG_OBSOLETE }, + { "max-cache-size", &cfg_type_sizeorpercent, 0 }, + { "max-cache-ttl", &cfg_type_duration, 0 }, + { "max-clients-per-query", &cfg_type_uint32, 0 }, + { "max-ncache-ttl", &cfg_type_duration, 0 }, + { "max-recursion-depth", &cfg_type_uint32, 0 }, + { "max-recursion-queries", &cfg_type_uint32, 0 }, + { "max-stale-ttl", &cfg_type_duration, 0 }, + { "max-udp-size", &cfg_type_uint32, 0 }, + { "message-compression", &cfg_type_boolean, 0 }, + { "min-cache-ttl", &cfg_type_duration, 0 }, + { "min-ncache-ttl", &cfg_type_duration, 0 }, + { "min-roots", &cfg_type_uint32, CFG_CLAUSEFLAG_ANCIENT }, + { "minimal-any", &cfg_type_boolean, 0 }, + { "minimal-responses", &cfg_type_minimal, 0 }, + { "new-zones-directory", &cfg_type_qstring, 0 }, + { "no-case-compress", &cfg_type_bracketed_aml, 0 }, + { "nocookie-udp-size", &cfg_type_uint32, 0 }, + { "nosit-udp-size", &cfg_type_uint32, CFG_CLAUSEFLAG_OBSOLETE }, + { "nta-lifetime", &cfg_type_duration, 0 }, + { "nta-recheck", &cfg_type_duration, 0 }, + { "nxdomain-redirect", &cfg_type_astring, 0 }, + { "preferred-glue", &cfg_type_astring, 0 }, + { "prefetch", &cfg_type_prefetch, 0 }, + { "provide-ixfr", &cfg_type_boolean, 0 }, + { "qname-minimization", &cfg_type_qminmethod, 0 }, + /* + * Note that the query-source option syntax is different + * from the other -source options. + */ + { "query-source", &cfg_type_querysource4, 0 }, + { "query-source-v6", &cfg_type_querysource6, 0 }, + { "queryport-pool-ports", &cfg_type_uint32, CFG_CLAUSEFLAG_OBSOLETE }, + { "queryport-pool-updateinterval", &cfg_type_uint32, + CFG_CLAUSEFLAG_OBSOLETE }, + { "rate-limit", &cfg_type_rrl, 0 }, + { "recursion", &cfg_type_boolean, 0 }, + { "request-nsid", &cfg_type_boolean, 0 }, + { "request-sit", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "require-server-cookie", &cfg_type_boolean, 0 }, + { "resolver-nonbackoff-tries", &cfg_type_uint32, 0 }, + { "resolver-query-timeout", &cfg_type_uint32, 0 }, + { "resolver-retry-interval", &cfg_type_uint32, 0 }, + { "response-padding", &cfg_type_resppadding, 0 }, + { "response-policy", &cfg_type_rpz, 0 }, + { "rfc2308-type1", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "root-delegation-only", &cfg_type_optional_exclude, 0 }, + { "root-key-sentinel", &cfg_type_boolean, 0 }, + { "rrset-order", &cfg_type_rrsetorder, 0 }, + { "send-cookie", &cfg_type_boolean, 0 }, + { "servfail-ttl", &cfg_type_duration, 0 }, + { "sortlist", &cfg_type_bracketed_aml, 0 }, + { "stale-answer-enable", &cfg_type_boolean, 0 }, + { "stale-answer-client-timeout", &cfg_type_staleanswerclienttimeout, + 0 }, + { "stale-answer-ttl", &cfg_type_duration, 0 }, + { "stale-cache-enable", &cfg_type_boolean, 0 }, + { "stale-refresh-time", &cfg_type_duration, 0 }, + { "suppress-initial-notify", &cfg_type_boolean, CFG_CLAUSEFLAG_NYI }, + { "synth-from-dnssec", &cfg_type_boolean, 0 }, + { "topology", &cfg_type_bracketed_aml, CFG_CLAUSEFLAG_ANCIENT }, + { "transfer-format", &cfg_type_transferformat, 0 }, + { "trust-anchor-telemetry", &cfg_type_boolean, + CFG_CLAUSEFLAG_EXPERIMENTAL }, + { "use-queryport-pool", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "validate-except", &cfg_type_namelist, 0 }, + { "v6-bias", &cfg_type_uint32, 0 }, + { "zero-no-soa-ttl-cache", &cfg_type_boolean, 0 }, + { NULL, NULL, 0 } +}; + +/*% + * Clauses that can be found within the 'view' statement only. + */ +static cfg_clausedef_t view_only_clauses[] = { + { "match-clients", &cfg_type_bracketed_aml, 0 }, + { "match-destinations", &cfg_type_bracketed_aml, 0 }, + { "match-recursive-only", &cfg_type_boolean, 0 }, + { NULL, NULL, 0 } +}; + +/*% + * Sig-validity-interval. + */ + +static cfg_tuplefielddef_t validityinterval_fields[] = { + { "validity", &cfg_type_uint32, 0 }, + { "re-sign", &cfg_type_optional_uint32, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_validityinterval = { + "validityinterval", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, validityinterval_fields +}; + +/*% + * Clauses that can be found in a 'dnssec-policy' statement. + */ +static cfg_clausedef_t dnssecpolicy_clauses[] = { + { "dnskey-ttl", &cfg_type_duration, 0 }, + { "keys", &cfg_type_kaspkeys, 0 }, + { "max-zone-ttl", &cfg_type_duration, 0 }, + { "nsec3param", &cfg_type_nsec3, 0 }, + { "parent-ds-ttl", &cfg_type_duration, 0 }, + { "parent-propagation-delay", &cfg_type_duration, 0 }, + { "parent-registration-delay", &cfg_type_duration, + CFG_CLAUSEFLAG_OBSOLETE }, + { "publish-safety", &cfg_type_duration, 0 }, + { "purge-keys", &cfg_type_duration, 0 }, + { "retire-safety", &cfg_type_duration, 0 }, + { "signatures-refresh", &cfg_type_duration, 0 }, + { "signatures-validity", &cfg_type_duration, 0 }, + { "signatures-validity-dnskey", &cfg_type_duration, 0 }, + { "zone-propagation-delay", &cfg_type_duration, 0 }, + { NULL, NULL, 0 } +}; + +/*% + * Clauses that can be found in a 'zone' statement, + * with defaults in the 'view' or 'options' statement. + * + * Note: CFG_ZONE_* options indicate in which zone types this clause is + * legal. + */ +static cfg_clausedef_t zone_clauses[] = { + { "allow-notify", &cfg_type_bracketed_aml, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "allow-query", &cfg_type_bracketed_aml, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | + CFG_ZONE_STUB | CFG_ZONE_REDIRECT | CFG_ZONE_STATICSTUB }, + { "allow-query-on", &cfg_type_bracketed_aml, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | + CFG_ZONE_STUB | CFG_ZONE_REDIRECT | CFG_ZONE_STATICSTUB }, + { "allow-transfer", &cfg_type_bracketed_aml, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "allow-update", &cfg_type_bracketed_aml, CFG_ZONE_PRIMARY }, + { "allow-update-forwarding", &cfg_type_bracketed_aml, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "also-notify", &cfg_type_namesockaddrkeylist, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "alt-transfer-source", &cfg_type_sockaddr4wild, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "alt-transfer-source-v6", &cfg_type_sockaddr6wild, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "auto-dnssec", &cfg_type_autodnssec, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_CLAUSEFLAG_DEPRECATED }, + { "check-dup-records", &cfg_type_checkmode, CFG_ZONE_PRIMARY }, + { "check-integrity", &cfg_type_boolean, CFG_ZONE_PRIMARY }, + { "check-mx", &cfg_type_checkmode, CFG_ZONE_PRIMARY }, + { "check-mx-cname", &cfg_type_checkmode, CFG_ZONE_PRIMARY }, + { "check-sibling", &cfg_type_boolean, CFG_ZONE_PRIMARY }, + { "check-spf", &cfg_type_warn, CFG_ZONE_PRIMARY }, + { "check-srv-cname", &cfg_type_checkmode, CFG_ZONE_PRIMARY }, + { "check-wildcard", &cfg_type_boolean, CFG_ZONE_PRIMARY }, + { "dialup", &cfg_type_dialuptype, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_STUB }, + { "dnssec-dnskey-kskonly", &cfg_type_boolean, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "dnssec-loadkeys-interval", &cfg_type_uint32, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "dnssec-policy", &cfg_type_astring, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "dnssec-secure-to-insecure", &cfg_type_boolean, CFG_ZONE_PRIMARY }, + { "dnssec-update-mode", &cfg_type_dnssecupdatemode, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "forward", &cfg_type_forwardtype, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_STUB | + CFG_ZONE_STATICSTUB | CFG_ZONE_FORWARD }, + { "forwarders", &cfg_type_portiplist, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_STUB | + CFG_ZONE_STATICSTUB | CFG_ZONE_FORWARD }, + { "key-directory", &cfg_type_qstring, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "maintain-ixfr-base", &cfg_type_boolean, CFG_CLAUSEFLAG_ANCIENT }, + { "masterfile-format", &cfg_type_masterformat, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | + CFG_ZONE_STUB | CFG_ZONE_REDIRECT }, + { "masterfile-style", &cfg_type_masterstyle, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | + CFG_ZONE_STUB | CFG_ZONE_REDIRECT }, + { "max-ixfr-log-size", &cfg_type_size, CFG_CLAUSEFLAG_ANCIENT }, + { "max-ixfr-ratio", &cfg_type_ixfrratio, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "max-journal-size", &cfg_type_size, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "max-records", &cfg_type_uint32, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | + CFG_ZONE_STUB | CFG_ZONE_STATICSTUB | CFG_ZONE_REDIRECT }, + { "max-refresh-time", &cfg_type_uint32, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | CFG_ZONE_STUB }, + { "max-retry-time", &cfg_type_uint32, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | CFG_ZONE_STUB }, + { "max-transfer-idle-in", &cfg_type_uint32, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | CFG_ZONE_STUB }, + { "max-transfer-idle-out", &cfg_type_uint32, + CFG_ZONE_PRIMARY | CFG_ZONE_MIRROR | CFG_ZONE_SECONDARY }, + { "max-transfer-time-in", &cfg_type_uint32, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | CFG_ZONE_STUB }, + { "max-transfer-time-out", &cfg_type_uint32, + CFG_ZONE_PRIMARY | CFG_ZONE_MIRROR | CFG_ZONE_SECONDARY }, + { "max-zone-ttl", &cfg_type_maxduration, + CFG_ZONE_PRIMARY | CFG_ZONE_REDIRECT }, + { "min-refresh-time", &cfg_type_uint32, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | CFG_ZONE_STUB }, + { "min-retry-time", &cfg_type_uint32, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | CFG_ZONE_STUB }, + { "multi-master", &cfg_type_boolean, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | CFG_ZONE_STUB }, + { "notify", &cfg_type_notifytype, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "notify-delay", &cfg_type_uint32, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "notify-source", &cfg_type_sockaddr4wild, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "notify-source-v6", &cfg_type_sockaddr6wild, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "notify-to-soa", &cfg_type_boolean, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "nsec3-test-zone", &cfg_type_boolean, + CFG_CLAUSEFLAG_TESTONLY | CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "parental-source", &cfg_type_sockaddr4wild, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "parental-source-v6", &cfg_type_sockaddr6wild, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "request-expire", &cfg_type_boolean, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "request-ixfr", &cfg_type_boolean, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "serial-update-method", &cfg_type_updatemethod, CFG_ZONE_PRIMARY }, + { "sig-signing-nodes", &cfg_type_uint32, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "sig-signing-signatures", &cfg_type_uint32, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "sig-signing-type", &cfg_type_uint32, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "sig-validity-interval", &cfg_type_validityinterval, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "dnskey-sig-validity", &cfg_type_uint32, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "transfer-source", &cfg_type_sockaddr4wild, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | CFG_ZONE_STUB }, + { "transfer-source-v6", &cfg_type_sockaddr6wild, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | CFG_ZONE_STUB }, + { "try-tcp-refresh", &cfg_type_boolean, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "update-check-ksk", &cfg_type_boolean, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "use-alt-transfer-source", &cfg_type_boolean, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | CFG_ZONE_STUB }, + { "zero-no-soa-ttl", &cfg_type_boolean, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "zone-statistics", &cfg_type_zonestat, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | + CFG_ZONE_STUB | CFG_ZONE_STATICSTUB | CFG_ZONE_REDIRECT }, + { NULL, NULL, 0 } +}; + +/*% + * Clauses that can be found in a 'zone' statement only. + * + * Note: CFG_ZONE_* options indicate in which zone types this clause is + * legal. + */ +static cfg_clausedef_t zone_only_clauses[] = { + /* + * Note that the format of the check-names option is different between + * the zone options and the global/view options. Ugh. + */ + { "type", &cfg_type_zonetype, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | + CFG_ZONE_STUB | CFG_ZONE_STATICSTUB | CFG_ZONE_DELEGATION | + CFG_ZONE_HINT | CFG_ZONE_REDIRECT | CFG_ZONE_FORWARD }, + { "check-names", &cfg_type_checkmode, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | + CFG_ZONE_HINT | CFG_ZONE_STUB }, + { "database", &cfg_type_astring, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | + CFG_ZONE_STUB }, + { "delegation-only", &cfg_type_boolean, + CFG_ZONE_HINT | CFG_ZONE_STUB | CFG_ZONE_FORWARD }, + { "dlz", &cfg_type_astring, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_REDIRECT }, + { "file", &cfg_type_qstring, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | + CFG_ZONE_STUB | CFG_ZONE_HINT | CFG_ZONE_REDIRECT }, + { "in-view", &cfg_type_astring, CFG_ZONE_INVIEW }, + { "inline-signing", &cfg_type_boolean, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "ixfr-base", &cfg_type_qstring, CFG_CLAUSEFLAG_ANCIENT }, + { "ixfr-from-differences", &cfg_type_boolean, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "ixfr-tmp-file", &cfg_type_qstring, CFG_CLAUSEFLAG_ANCIENT }, + { "journal", &cfg_type_qstring, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR }, + { "masters", &cfg_type_namesockaddrkeylist, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | CFG_ZONE_STUB | + CFG_ZONE_REDIRECT }, + { "parental-agents", &cfg_type_namesockaddrkeylist, + CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY }, + { "primaries", &cfg_type_namesockaddrkeylist, + CFG_ZONE_SECONDARY | CFG_ZONE_MIRROR | CFG_ZONE_STUB | + CFG_ZONE_REDIRECT }, + { "pubkey", &cfg_type_pubkey, CFG_CLAUSEFLAG_ANCIENT }, + { "server-addresses", &cfg_type_bracketed_netaddrlist, + CFG_ZONE_STATICSTUB }, + { "server-names", &cfg_type_namelist, CFG_ZONE_STATICSTUB }, + { "update-policy", &cfg_type_updatepolicy, CFG_ZONE_PRIMARY }, + { NULL, NULL, 0 } +}; + +/*% The top-level named.conf syntax. */ + +static cfg_clausedef_t *namedconf_clausesets[] = { namedconf_clauses, + namedconf_or_view_clauses, + NULL }; +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_namedconf = { + "namedconf", cfg_parse_mapbody, cfg_print_mapbody, + cfg_doc_mapbody, &cfg_rep_map, namedconf_clausesets +}; + +/*% The bind.keys syntax (trust-anchors/managed-keys/trusted-keys only). */ +static cfg_clausedef_t *bindkeys_clausesets[] = { bindkeys_clauses, NULL }; +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_bindkeys = { + "bindkeys", cfg_parse_mapbody, cfg_print_mapbody, + cfg_doc_mapbody, &cfg_rep_map, bindkeys_clausesets +}; + +/*% The "options" statement syntax. */ + +static cfg_clausedef_t *options_clausesets[] = { options_clauses, view_clauses, + zone_clauses, NULL }; +static cfg_type_t cfg_type_options = { "options", cfg_parse_map, + cfg_print_map, cfg_doc_map, + &cfg_rep_map, options_clausesets }; + +/*% The "view" statement syntax. */ + +static cfg_clausedef_t *view_clausesets[] = { view_only_clauses, + namedconf_or_view_clauses, + view_clauses, zone_clauses, + NULL }; + +static cfg_type_t cfg_type_viewopts = { "view", cfg_parse_map, + cfg_print_map, cfg_doc_map, + &cfg_rep_map, view_clausesets }; + +/*% The "zone" statement syntax. */ + +static cfg_clausedef_t *zone_clausesets[] = { zone_only_clauses, zone_clauses, + NULL }; +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_zoneopts = { + "zoneopts", cfg_parse_map, cfg_print_map, + cfg_doc_map, &cfg_rep_map, zone_clausesets +}; + +/*% The "dnssec-policy" statement syntax. */ +static cfg_clausedef_t *dnssecpolicy_clausesets[] = { dnssecpolicy_clauses, + NULL }; +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_dnssecpolicyopts = { + "dnssecpolicyopts", cfg_parse_map, cfg_print_map, + cfg_doc_map, &cfg_rep_map, dnssecpolicy_clausesets +}; + +/*% The "dynamically loadable zones" statement syntax. */ + +static cfg_clausedef_t dlz_clauses[] = { { "database", &cfg_type_astring, 0 }, + { "search", &cfg_type_boolean, 0 }, + { NULL, NULL, 0 } }; +static cfg_clausedef_t *dlz_clausesets[] = { dlz_clauses, NULL }; +static cfg_type_t cfg_type_dlz = { "dlz", cfg_parse_named_map, + cfg_print_map, cfg_doc_map, + &cfg_rep_map, dlz_clausesets }; + +/*% + * The "dyndb" statement syntax. + */ + +static cfg_tuplefielddef_t dyndb_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "library", &cfg_type_qstring, 0 }, + { "parameters", &cfg_type_bracketed_text, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_dyndb = { "dyndb", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, dyndb_fields }; + +/*% + * The "plugin" statement syntax. + * Currently only one plugin type is supported: query. + */ + +static const char *plugin_enums[] = { "query", NULL }; +static cfg_type_t cfg_type_plugintype = { "plugintype", cfg_parse_enum, + cfg_print_ustring, cfg_doc_enum, + &cfg_rep_string, plugin_enums }; +static cfg_tuplefielddef_t plugin_fields[] = { + { "type", &cfg_type_plugintype, 0 }, + { "library", &cfg_type_astring, 0 }, + { "parameters", &cfg_type_optional_bracketed_text, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_plugin = { "plugin", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, plugin_fields }; + +/*% + * Clauses that can be found within the 'key' statement. + */ +static cfg_clausedef_t key_clauses[] = { { "algorithm", &cfg_type_astring, 0 }, + { "secret", &cfg_type_sstring, 0 }, + { NULL, NULL, 0 } }; + +static cfg_clausedef_t *key_clausesets[] = { key_clauses, NULL }; +static cfg_type_t cfg_type_key = { "key", cfg_parse_named_map, + cfg_print_map, cfg_doc_map, + &cfg_rep_map, key_clausesets }; + +/*% + * Clauses that can be found in a 'server' statement. + */ +static cfg_clausedef_t server_clauses[] = { + { "bogus", &cfg_type_boolean, 0 }, + { "edns", &cfg_type_boolean, 0 }, + { "edns-udp-size", &cfg_type_uint32, 0 }, + { "edns-version", &cfg_type_uint32, 0 }, + { "keys", &cfg_type_server_key_kludge, 0 }, + { "max-udp-size", &cfg_type_uint32, 0 }, + { "notify-source", &cfg_type_sockaddr4wild, 0 }, + { "notify-source-v6", &cfg_type_sockaddr6wild, 0 }, + { "padding", &cfg_type_uint32, 0 }, + { "provide-ixfr", &cfg_type_boolean, 0 }, + { "query-source", &cfg_type_querysource4, 0 }, + { "query-source-v6", &cfg_type_querysource6, 0 }, + { "request-expire", &cfg_type_boolean, 0 }, + { "request-ixfr", &cfg_type_boolean, 0 }, + { "request-nsid", &cfg_type_boolean, 0 }, + { "request-sit", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "send-cookie", &cfg_type_boolean, 0 }, + { "support-ixfr", &cfg_type_boolean, CFG_CLAUSEFLAG_OBSOLETE }, + { "tcp-keepalive", &cfg_type_boolean, 0 }, + { "tcp-only", &cfg_type_boolean, 0 }, + { "transfer-format", &cfg_type_transferformat, 0 }, + { "transfer-source", &cfg_type_sockaddr4wild, 0 }, + { "transfer-source-v6", &cfg_type_sockaddr6wild, 0 }, + { "transfers", &cfg_type_uint32, 0 }, + { NULL, NULL, 0 } +}; +static cfg_clausedef_t *server_clausesets[] = { server_clauses, NULL }; +static cfg_type_t cfg_type_server = { "server", cfg_parse_netprefix_map, + cfg_print_map, cfg_doc_map, + &cfg_rep_map, server_clausesets }; + +/*% + * Clauses that can be found in a 'channel' clause in the + * 'logging' statement. + * + * These have some additional constraints that need to be + * checked after parsing: + * - There must exactly one of file/syslog/null/stderr + */ + +static const char *printtime_enums[] = { "iso8601", "iso8601-utc", "local", + NULL }; +static isc_result_t +parse_printtime(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_boolean, ret)); +} +static void +doc_printtime(cfg_printer_t *pctx, const cfg_type_t *type) { + cfg_doc_enum_or_other(pctx, type, &cfg_type_boolean); +} +static cfg_type_t cfg_type_printtime = { "printtime", parse_printtime, + cfg_print_ustring, doc_printtime, + &cfg_rep_string, printtime_enums }; + +static cfg_clausedef_t channel_clauses[] = { + /* Destinations. We no longer require these to be first. */ + { "file", &cfg_type_logfile, 0 }, + { "syslog", &cfg_type_optional_facility, 0 }, + { "null", &cfg_type_void, 0 }, + { "stderr", &cfg_type_void, 0 }, + /* Options. We now accept these for the null channel, too. */ + { "severity", &cfg_type_logseverity, 0 }, + { "print-time", &cfg_type_printtime, 0 }, + { "print-severity", &cfg_type_boolean, 0 }, + { "print-category", &cfg_type_boolean, 0 }, + { "buffered", &cfg_type_boolean, 0 }, + { NULL, NULL, 0 } +}; +static cfg_clausedef_t *channel_clausesets[] = { channel_clauses, NULL }; +static cfg_type_t cfg_type_channel = { "channel", cfg_parse_named_map, + cfg_print_map, cfg_doc_map, + &cfg_rep_map, channel_clausesets }; + +/*% A list of log destination, used in the "category" clause. */ +static cfg_type_t cfg_type_destinationlist = { "destinationlist", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_astring }; + +/*% + * Clauses that can be found in a 'logging' statement. + */ +static cfg_clausedef_t logging_clauses[] = { + { "channel", &cfg_type_channel, CFG_CLAUSEFLAG_MULTI }, + { "category", &cfg_type_category, CFG_CLAUSEFLAG_MULTI }, + { NULL, NULL, 0 } +}; +static cfg_clausedef_t *logging_clausesets[] = { logging_clauses, NULL }; +static cfg_type_t cfg_type_logging = { "logging", cfg_parse_map, + cfg_print_map, cfg_doc_map, + &cfg_rep_map, logging_clausesets }; + +/*% + * For parsing an 'addzone' statement + */ +static cfg_tuplefielddef_t addzone_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "class", &cfg_type_optional_class, 0 }, + { "view", &cfg_type_optional_class, 0 }, + { "options", &cfg_type_zoneopts, 0 }, + { NULL, NULL, 0 } +}; +static cfg_type_t cfg_type_addzone = { "zone", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, addzone_fields }; + +static cfg_clausedef_t addzoneconf_clauses[] = { + { "zone", &cfg_type_addzone, CFG_CLAUSEFLAG_MULTI }, { NULL, NULL, 0 } +}; + +static cfg_clausedef_t *addzoneconf_clausesets[] = { addzoneconf_clauses, + NULL }; + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_addzoneconf = { + "addzoneconf", cfg_parse_mapbody, cfg_print_mapbody, + cfg_doc_mapbody, &cfg_rep_map, addzoneconf_clausesets +}; + +static isc_result_t +parse_unitstring(char *str, isc_resourcevalue_t *valuep) { + char *endp; + unsigned int len; + uint64_t value; + uint64_t unit; + + value = strtoull(str, &endp, 10); + if (*endp == 0) { + *valuep = value; + return (ISC_R_SUCCESS); + } + + len = strlen(str); + if (len < 2 || endp[1] != '\0') { + return (ISC_R_FAILURE); + } + + switch (str[len - 1]) { + case 'k': + case 'K': + unit = 1024; + break; + case 'm': + case 'M': + unit = 1024 * 1024; + break; + case 'g': + case 'G': + unit = 1024 * 1024 * 1024; + break; + default: + return (ISC_R_FAILURE); + } + if (value > ((uint64_t)UINT64_MAX / unit)) { + return (ISC_R_FAILURE); + } + *valuep = value * unit; + return (ISC_R_SUCCESS); +} + +static isc_result_t +parse_sizeval(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + uint64_t val; + + UNUSED(type); + + CHECK(cfg_gettoken(pctx, 0)); + if (pctx->token.type != isc_tokentype_string) { + result = ISC_R_UNEXPECTEDTOKEN; + goto cleanup; + } + CHECK(parse_unitstring(TOKEN_STRING(pctx), &val)); + + CHECK(cfg_create_obj(pctx, &cfg_type_uint64, &obj)); + obj->value.uint64 = val; + *ret = obj; + return (ISC_R_SUCCESS); + +cleanup: + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected integer and optional unit"); + return (result); +} + +static isc_result_t +parse_sizeval_percent(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + char *endp; + isc_result_t result; + cfg_obj_t *obj = NULL; + uint64_t val; + uint64_t percent; + + UNUSED(type); + + CHECK(cfg_gettoken(pctx, 0)); + if (pctx->token.type != isc_tokentype_string) { + result = ISC_R_UNEXPECTEDTOKEN; + goto cleanup; + } + + percent = strtoull(TOKEN_STRING(pctx), &endp, 10); + + if (*endp == '%' && *(endp + 1) == 0) { + CHECK(cfg_create_obj(pctx, &cfg_type_percentage, &obj)); + obj->value.uint32 = (uint32_t)percent; + *ret = obj; + return (ISC_R_SUCCESS); + } else { + CHECK(parse_unitstring(TOKEN_STRING(pctx), &val)); + CHECK(cfg_create_obj(pctx, &cfg_type_uint64, &obj)); + obj->value.uint64 = val; + *ret = obj; + return (ISC_R_SUCCESS); + } + +cleanup: + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected integer and optional unit or percent"); + return (result); +} + +static void +doc_sizeval_percent(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + + cfg_print_cstr(pctx, "( "); + cfg_doc_terminal(pctx, &cfg_type_size); + cfg_print_cstr(pctx, " | "); + cfg_doc_terminal(pctx, &cfg_type_percentage); + cfg_print_cstr(pctx, " )"); +} + +/*% + * A size value (number + optional unit). + */ +static cfg_type_t cfg_type_sizeval = { "sizeval", parse_sizeval, + cfg_print_uint64, cfg_doc_terminal, + &cfg_rep_uint64, NULL }; + +/*% + * A size, "unlimited", or "default". + */ + +static isc_result_t +parse_size(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_sizeval, ret)); +} + +static void +doc_size(cfg_printer_t *pctx, const cfg_type_t *type) { + cfg_doc_enum_or_other(pctx, type, &cfg_type_sizeval); +} + +static const char *size_enums[] = { "default", "unlimited", NULL }; +static cfg_type_t cfg_type_size = { + "size", parse_size, cfg_print_ustring, + doc_size, &cfg_rep_string, size_enums +}; + +/*% + * A size or "unlimited", but not "default". + */ +static const char *sizenodefault_enums[] = { "unlimited", NULL }; +static cfg_type_t cfg_type_sizenodefault = { + "size_no_default", parse_size, cfg_print_ustring, + doc_size, &cfg_rep_string, sizenodefault_enums +}; + +/*% + * A size in absolute values or percents. + */ +static cfg_type_t cfg_type_sizeval_percent = { + "sizeval_percent", parse_sizeval_percent, cfg_print_ustring, + doc_sizeval_percent, &cfg_rep_string, NULL +}; + +/*% + * A size in absolute values or percents, or "unlimited", or "default" + */ + +static isc_result_t +parse_size_or_percent(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_sizeval_percent, + ret)); +} + +static void +doc_parse_size_or_percent(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "( default | unlimited | "); + cfg_doc_terminal(pctx, &cfg_type_sizeval); + cfg_print_cstr(pctx, " | "); + cfg_doc_terminal(pctx, &cfg_type_percentage); + cfg_print_cstr(pctx, " )"); +} + +static const char *sizeorpercent_enums[] = { "default", "unlimited", NULL }; +static cfg_type_t cfg_type_sizeorpercent = { + "size_or_percent", parse_size_or_percent, cfg_print_ustring, + doc_parse_size_or_percent, &cfg_rep_string, sizeorpercent_enums +}; + +/*% + * An IXFR size ratio: percentage, or "unlimited". + */ + +static isc_result_t +parse_ixfrratio(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_percentage, ret)); +} + +static void +doc_ixfrratio(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "( unlimited | "); + cfg_doc_terminal(pctx, &cfg_type_percentage); + cfg_print_cstr(pctx, " )"); +} + +static const char *ixfrratio_enums[] = { "unlimited", NULL }; +static cfg_type_t cfg_type_ixfrratio = { "ixfr_ratio", parse_ixfrratio, + NULL, doc_ixfrratio, + NULL, ixfrratio_enums }; + +/*% + * optional_keyvalue + */ +static isc_result_t +parse_maybe_optional_keyvalue(cfg_parser_t *pctx, const cfg_type_t *type, + bool optional, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + const keyword_type_t *kw = type->of; + + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_string && + strcasecmp(TOKEN_STRING(pctx), kw->name) == 0) + { + CHECK(cfg_gettoken(pctx, 0)); + CHECK(kw->type->parse(pctx, kw->type, &obj)); + obj->type = type; /* XXX kludge */ + } else { + if (optional) { + CHECK(cfg_parse_void(pctx, NULL, &obj)); + } else { + cfg_parser_error(pctx, CFG_LOG_NEAR, "expected '%s'", + kw->name); + result = ISC_R_UNEXPECTEDTOKEN; + goto cleanup; + } + } + *ret = obj; +cleanup: + return (result); +} + +static isc_result_t +parse_keyvalue(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + return (parse_maybe_optional_keyvalue(pctx, type, false, ret)); +} + +static isc_result_t +parse_optional_keyvalue(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + return (parse_maybe_optional_keyvalue(pctx, type, true, ret)); +} + +static void +print_keyvalue(cfg_printer_t *pctx, const cfg_obj_t *obj) { + const keyword_type_t *kw = obj->type->of; + cfg_print_cstr(pctx, kw->name); + cfg_print_cstr(pctx, " "); + kw->type->print(pctx, obj); +} + +static void +doc_keyvalue(cfg_printer_t *pctx, const cfg_type_t *type) { + const keyword_type_t *kw = type->of; + cfg_print_cstr(pctx, kw->name); + cfg_print_cstr(pctx, " "); + cfg_doc_obj(pctx, kw->type); +} + +static void +doc_optional_keyvalue(cfg_printer_t *pctx, const cfg_type_t *type) { + const keyword_type_t *kw = type->of; + cfg_print_cstr(pctx, "[ "); + cfg_print_cstr(pctx, kw->name); + cfg_print_cstr(pctx, " "); + cfg_doc_obj(pctx, kw->type); + cfg_print_cstr(pctx, " ]"); +} + +static const char *dialup_enums[] = { "notify", "notify-passive", "passive", + "refresh", NULL }; +static isc_result_t +parse_dialup_type(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_boolean, ret)); +} +static void +doc_dialup_type(cfg_printer_t *pctx, const cfg_type_t *type) { + cfg_doc_enum_or_other(pctx, type, &cfg_type_boolean); +} +static cfg_type_t cfg_type_dialuptype = { "dialuptype", parse_dialup_type, + cfg_print_ustring, doc_dialup_type, + &cfg_rep_string, dialup_enums }; + +static const char *notify_enums[] = { "explicit", "master-only", "primary-only", + NULL }; +static isc_result_t +parse_notify_type(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_boolean, ret)); +} +static void +doc_notify_type(cfg_printer_t *pctx, const cfg_type_t *type) { + cfg_doc_enum_or_other(pctx, type, &cfg_type_boolean); +} +static cfg_type_t cfg_type_notifytype = { + "notifytype", parse_notify_type, cfg_print_ustring, + doc_notify_type, &cfg_rep_string, notify_enums, +}; + +static const char *minimal_enums[] = { "no-auth", "no-auth-recursive", NULL }; +static isc_result_t +parse_minimal(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_boolean, ret)); +} +static void +doc_minimal(cfg_printer_t *pctx, const cfg_type_t *type) { + cfg_doc_enum_or_other(pctx, type, &cfg_type_boolean); +} +static cfg_type_t cfg_type_minimal = { + "minimal", parse_minimal, cfg_print_ustring, + doc_minimal, &cfg_rep_string, minimal_enums, +}; + +static const char *ixfrdiff_enums[] = { "primary", "master", "secondary", + "slave", NULL }; +static isc_result_t +parse_ixfrdiff_type(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_boolean, ret)); +} +static void +doc_ixfrdiff_type(cfg_printer_t *pctx, const cfg_type_t *type) { + cfg_doc_enum_or_other(pctx, type, &cfg_type_boolean); +} +static cfg_type_t cfg_type_ixfrdifftype = { + "ixfrdiff", parse_ixfrdiff_type, cfg_print_ustring, + doc_ixfrdiff_type, &cfg_rep_string, ixfrdiff_enums, +}; + +static keyword_type_t key_kw = { "key", &cfg_type_astring }; + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_keyref = { + "keyref", parse_keyvalue, print_keyvalue, + doc_keyvalue, &cfg_rep_string, &key_kw +}; + +static cfg_type_t cfg_type_optional_keyref = { + "optional_keyref", parse_optional_keyvalue, print_keyvalue, + doc_optional_keyvalue, &cfg_rep_string, &key_kw +}; + +static const char *qminmethod_enums[] = { "strict", "relaxed", "disabled", + "off", NULL }; + +static cfg_type_t cfg_type_qminmethod = { "qminmethod", cfg_parse_enum, + cfg_print_ustring, cfg_doc_enum, + &cfg_rep_string, qminmethod_enums }; + +/*% + * A "controls" statement is represented as a map with the multivalued + * "inet" and "unix" clauses. + */ + +static keyword_type_t controls_allow_kw = { "allow", &cfg_type_bracketed_aml }; + +static cfg_type_t cfg_type_controls_allow = { + "controls_allow", parse_keyvalue, print_keyvalue, + doc_keyvalue, &cfg_rep_list, &controls_allow_kw +}; + +static keyword_type_t controls_keys_kw = { "keys", &cfg_type_keylist }; + +static cfg_type_t cfg_type_controls_keys = { + "controls_keys", parse_optional_keyvalue, print_keyvalue, + doc_optional_keyvalue, &cfg_rep_list, &controls_keys_kw +}; + +static keyword_type_t controls_readonly_kw = { "read-only", &cfg_type_boolean }; + +static cfg_type_t cfg_type_controls_readonly = { + "controls_readonly", parse_optional_keyvalue, print_keyvalue, + doc_optional_keyvalue, &cfg_rep_boolean, &controls_readonly_kw +}; + +static cfg_tuplefielddef_t inetcontrol_fields[] = { + { "address", &cfg_type_controls_sockaddr, 0 }, + { "allow", &cfg_type_controls_allow, 0 }, + { "keys", &cfg_type_controls_keys, 0 }, + { "read-only", &cfg_type_controls_readonly, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_inetcontrol = { + "inetcontrol", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, inetcontrol_fields +}; + +static keyword_type_t controls_perm_kw = { "perm", &cfg_type_uint32 }; + +static cfg_type_t cfg_type_controls_perm = { + "controls_perm", parse_keyvalue, print_keyvalue, + doc_keyvalue, &cfg_rep_uint32, &controls_perm_kw +}; + +static keyword_type_t controls_owner_kw = { "owner", &cfg_type_uint32 }; + +static cfg_type_t cfg_type_controls_owner = { + "controls_owner", parse_keyvalue, print_keyvalue, + doc_keyvalue, &cfg_rep_uint32, &controls_owner_kw +}; + +static keyword_type_t controls_group_kw = { "group", &cfg_type_uint32 }; + +static cfg_type_t cfg_type_controls_group = { + "controls_allow", parse_keyvalue, print_keyvalue, + doc_keyvalue, &cfg_rep_uint32, &controls_group_kw +}; + +static cfg_tuplefielddef_t unixcontrol_fields[] = { + { "path", &cfg_type_qstring, 0 }, + { "perm", &cfg_type_controls_perm, 0 }, + { "owner", &cfg_type_controls_owner, 0 }, + { "group", &cfg_type_controls_group, 0 }, + { "keys", &cfg_type_controls_keys, 0 }, + { "read-only", &cfg_type_controls_readonly, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_unixcontrol = { + "unixcontrol", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, unixcontrol_fields +}; + +static cfg_clausedef_t controls_clauses[] = { + { "inet", &cfg_type_inetcontrol, CFG_CLAUSEFLAG_MULTI }, + { "unix", &cfg_type_unixcontrol, CFG_CLAUSEFLAG_MULTI }, + { NULL, NULL, 0 } +}; + +static cfg_clausedef_t *controls_clausesets[] = { controls_clauses, NULL }; +static cfg_type_t cfg_type_controls = { "controls", cfg_parse_map, + cfg_print_map, cfg_doc_map, + &cfg_rep_map, &controls_clausesets }; + +/*% + * A "statistics-channels" statement is represented as a map with the + * multivalued "inet" clauses. + */ +static void +doc_optional_bracketed_list(cfg_printer_t *pctx, const cfg_type_t *type) { + const keyword_type_t *kw = type->of; + cfg_print_cstr(pctx, "[ "); + cfg_print_cstr(pctx, kw->name); + cfg_print_cstr(pctx, " "); + cfg_doc_obj(pctx, kw->type); + cfg_print_cstr(pctx, " ]"); +} + +static cfg_type_t cfg_type_optional_allow = { + "optional_allow", parse_optional_keyvalue, + print_keyvalue, doc_optional_bracketed_list, + &cfg_rep_list, &controls_allow_kw +}; + +static cfg_tuplefielddef_t statserver_fields[] = { + { "address", &cfg_type_controls_sockaddr, 0 }, /* reuse controls def */ + { "allow", &cfg_type_optional_allow, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_statschannel = { + "statschannel", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, statserver_fields +}; + +static cfg_clausedef_t statservers_clauses[] = { + { "inet", &cfg_type_statschannel, CFG_CLAUSEFLAG_MULTI }, + { NULL, NULL, 0 } +}; + +static cfg_clausedef_t *statservers_clausesets[] = { statservers_clauses, + NULL }; + +static cfg_type_t cfg_type_statschannels = { + "statistics-channels", cfg_parse_map, cfg_print_map, + cfg_doc_map, &cfg_rep_map, &statservers_clausesets +}; + +/*% + * An optional class, as used in view and zone statements. + */ +static isc_result_t +parse_optional_class(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + UNUSED(type); + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_string) { + CHECK(cfg_parse_obj(pctx, &cfg_type_ustring, ret)); + } else { + CHECK(cfg_parse_obj(pctx, &cfg_type_void, ret)); + } +cleanup: + return (result); +} + +static void +doc_optional_class(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "[ ]"); +} + +static cfg_type_t cfg_type_optional_class = { "optional_class", + parse_optional_class, + NULL, + doc_optional_class, + NULL, + NULL }; + +static isc_result_t +parse_querysource(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + isc_netaddr_t netaddr; + in_port_t port = 0; + isc_dscp_t dscp = -1; + unsigned int have_address = 0; + unsigned int have_port = 0; + unsigned int have_dscp = 0; + const unsigned int *flagp = type->of; + + if ((*flagp & CFG_ADDR_V4OK) != 0) { + isc_netaddr_any(&netaddr); + } else if ((*flagp & CFG_ADDR_V6OK) != 0) { + isc_netaddr_any6(&netaddr); + } else { + UNREACHABLE(); + } + + for (;;) { + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_string) { + if (strcasecmp(TOKEN_STRING(pctx), "address") == 0) { + /* read "address" */ + CHECK(cfg_gettoken(pctx, 0)); + CHECK(cfg_parse_rawaddr(pctx, *flagp, + &netaddr)); + have_address++; + } else if (strcasecmp(TOKEN_STRING(pctx), "port") == 0) + { + /* read "port" */ + CHECK(cfg_gettoken(pctx, 0)); + CHECK(cfg_parse_rawport(pctx, CFG_ADDR_WILDOK, + &port)); + have_port++; + } else if (strcasecmp(TOKEN_STRING(pctx), "dscp") == 0) + { + if ((pctx->flags & CFG_PCTX_NODEPRECATED) == 0) + { + cfg_parser_warning( + pctx, 0, + "token 'dscp' is deprecated"); + } + /* read "dscp" */ + CHECK(cfg_gettoken(pctx, 0)); + CHECK(cfg_parse_dscp(pctx, &dscp)); + have_dscp++; + } else if (have_port == 0 && have_dscp == 0 && + have_address == 0) + { + return (cfg_parse_sockaddr(pctx, type, ret)); + } else { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected 'address', 'port', " + "or 'dscp'"); + return (ISC_R_UNEXPECTEDTOKEN); + } + } else { + break; + } + } + if (have_address > 1 || have_port > 1 || have_address + have_port == 0) + { + cfg_parser_error(pctx, 0, "expected one address and/or port"); + return (ISC_R_UNEXPECTEDTOKEN); + } + + if (have_dscp > 1) { + cfg_parser_error(pctx, 0, "expected at most one dscp"); + return (ISC_R_UNEXPECTEDTOKEN); + } + + CHECK(cfg_create_obj(pctx, &cfg_type_querysource, &obj)); + isc_sockaddr_fromnetaddr(&obj->value.sockaddr, &netaddr, port); + obj->value.sockaddrdscp.dscp = dscp; + *ret = obj; + return (ISC_R_SUCCESS); + +cleanup: + cfg_parser_error(pctx, CFG_LOG_NEAR, "invalid query source"); + CLEANUP_OBJ(obj); + return (result); +} + +static void +print_querysource(cfg_printer_t *pctx, const cfg_obj_t *obj) { + isc_netaddr_t na; + isc_netaddr_fromsockaddr(&na, &obj->value.sockaddr); + cfg_print_cstr(pctx, "address "); + cfg_print_rawaddr(pctx, &na); + cfg_print_cstr(pctx, " port "); + cfg_print_rawuint(pctx, isc_sockaddr_getport(&obj->value.sockaddr)); + if (obj->value.sockaddrdscp.dscp != -1) { + cfg_print_cstr(pctx, " dscp "); + cfg_print_rawuint(pctx, obj->value.sockaddrdscp.dscp); + } +} + +static void +doc_querysource(cfg_printer_t *pctx, const cfg_type_t *type) { + const unsigned int *flagp = type->of; + + cfg_print_cstr(pctx, "( ( [ address ] ( "); + if ((*flagp & CFG_ADDR_V4OK) != 0) { + cfg_print_cstr(pctx, ""); + } else if ((*flagp & CFG_ADDR_V6OK) != 0) { + cfg_print_cstr(pctx, ""); + } else { + UNREACHABLE(); + } + cfg_print_cstr(pctx, " | * ) [ port ( | * ) ] ) | " + "( [ [ address ] ( "); + if ((*flagp & CFG_ADDR_V4OK) != 0) { + cfg_print_cstr(pctx, ""); + } else if ((*flagp & CFG_ADDR_V6OK) != 0) { + cfg_print_cstr(pctx, ""); + } else { + UNREACHABLE(); + } + cfg_print_cstr(pctx, " | * ) ] port ( | * ) ) )" + " [ dscp ]"); +} + +static unsigned int sockaddr4wild_flags = CFG_ADDR_WILDOK | CFG_ADDR_V4OK | + CFG_ADDR_DSCPOK; +static unsigned int sockaddr6wild_flags = CFG_ADDR_WILDOK | CFG_ADDR_V6OK | + CFG_ADDR_DSCPOK; + +static cfg_type_t cfg_type_querysource4 = { + "querysource4", parse_querysource, NULL, doc_querysource, + NULL, &sockaddr4wild_flags +}; + +static cfg_type_t cfg_type_querysource6 = { + "querysource6", parse_querysource, NULL, doc_querysource, + NULL, &sockaddr6wild_flags +}; + +static cfg_type_t cfg_type_querysource = { "querysource", NULL, + print_querysource, NULL, + &cfg_rep_sockaddr, NULL }; + +/*% + * The socket address syntax in the "controls" statement is silly. + * It allows both socket address families, but also allows "*", + * which is gratuitously interpreted as the IPv4 wildcard address. + */ +static unsigned int controls_sockaddr_flags = CFG_ADDR_V4OK | CFG_ADDR_V6OK | + CFG_ADDR_WILDOK; +static cfg_type_t cfg_type_controls_sockaddr = { + "controls_sockaddr", cfg_parse_sockaddr, cfg_print_sockaddr, + cfg_doc_sockaddr, &cfg_rep_sockaddr, &controls_sockaddr_flags +}; + +/*% + * Handle the special kludge syntax of the "keys" clause in the "server" + * statement, which takes a single key with or without braces and semicolon. + */ +static isc_result_t +parse_server_key_kludge(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + bool braces = false; + UNUSED(type); + + /* Allow opening brace. */ + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_special && + pctx->token.value.as_char == '{') + { + CHECK(cfg_gettoken(pctx, 0)); + braces = true; + } + + CHECK(cfg_parse_obj(pctx, &cfg_type_astring, ret)); + + if (braces) { + /* Skip semicolon if present. */ + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_special && + pctx->token.value.as_char == ';') + { + CHECK(cfg_gettoken(pctx, 0)); + } + + CHECK(cfg_parse_special(pctx, '}')); + } +cleanup: + return (result); +} +static cfg_type_t cfg_type_server_key_kludge = { + "server_key", parse_server_key_kludge, NULL, cfg_doc_terminal, NULL, + NULL +}; + +/*% + * An optional logging facility. + */ + +static isc_result_t +parse_optional_facility(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + UNUSED(type); + + CHECK(cfg_peektoken(pctx, CFG_LEXOPT_QSTRING)); + if (pctx->token.type == isc_tokentype_string || + pctx->token.type == isc_tokentype_qstring) + { + CHECK(cfg_parse_obj(pctx, &cfg_type_astring, ret)); + } else { + CHECK(cfg_parse_obj(pctx, &cfg_type_void, ret)); + } +cleanup: + return (result); +} + +static void +doc_optional_facility(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "[ ]"); +} + +static cfg_type_t cfg_type_optional_facility = { "optional_facility", + parse_optional_facility, + NULL, + doc_optional_facility, + NULL, + NULL }; + +/*% + * A log severity. Return as a string, except "debug N", + * which is returned as a keyword object. + */ + +static keyword_type_t debug_kw = { "debug", &cfg_type_uint32 }; +static cfg_type_t cfg_type_debuglevel = { "debuglevel", parse_keyvalue, + print_keyvalue, doc_keyvalue, + &cfg_rep_uint32, &debug_kw }; + +static isc_result_t +parse_logseverity(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + UNUSED(type); + + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_string && + strcasecmp(TOKEN_STRING(pctx), "debug") == 0) + { + CHECK(cfg_gettoken(pctx, 0)); /* read "debug" */ + CHECK(cfg_peektoken(pctx, ISC_LEXOPT_NUMBER)); + if (pctx->token.type == isc_tokentype_number) { + CHECK(cfg_parse_uint32(pctx, NULL, ret)); + } else { + /* + * The debug level is optional and defaults to 1. + * This makes little sense, but we support it for + * compatibility with BIND 8. + */ + CHECK(cfg_create_obj(pctx, &cfg_type_uint32, ret)); + (*ret)->value.uint32 = 1; + } + (*ret)->type = &cfg_type_debuglevel; /* XXX kludge */ + } else { + CHECK(cfg_parse_obj(pctx, &cfg_type_loglevel, ret)); + } +cleanup: + return (result); +} + +static cfg_type_t cfg_type_logseverity = { "log_severity", parse_logseverity, + NULL, cfg_doc_terminal, + NULL, NULL }; + +/*% + * The "file" clause of the "channel" statement. + * This is yet another special case. + */ + +static const char *logversions_enums[] = { "unlimited", NULL }; +static isc_result_t +parse_logversions(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + return (cfg_parse_enum_or_other(pctx, type, &cfg_type_uint32, ret)); +} + +static void +doc_logversions(cfg_printer_t *pctx, const cfg_type_t *type) { + cfg_doc_enum_or_other(pctx, type, &cfg_type_uint32); +} + +static cfg_type_t cfg_type_logversions = { + "logversions", parse_logversions, cfg_print_ustring, + doc_logversions, &cfg_rep_string, logversions_enums +}; + +static const char *logsuffix_enums[] = { "increment", "timestamp", NULL }; +static cfg_type_t cfg_type_logsuffix = { "logsuffix", cfg_parse_enum, + cfg_print_ustring, cfg_doc_enum, + &cfg_rep_string, &logsuffix_enums }; + +static cfg_tuplefielddef_t logfile_fields[] = { + { "file", &cfg_type_qstring, 0 }, + { "versions", &cfg_type_logversions, 0 }, + { "size", &cfg_type_size, 0 }, + { "suffix", &cfg_type_logsuffix, 0 }, + { NULL, NULL, 0 } +}; + +static isc_result_t +parse_logfile(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + const cfg_tuplefielddef_t *fields = type->of; + + CHECK(cfg_create_tuple(pctx, type, &obj)); + + /* Parse the mandatory "file" field */ + CHECK(cfg_parse_obj(pctx, fields[0].type, &obj->value.tuple[0])); + + /* Parse "versions" and "size" fields in any order. */ + for (;;) { + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_string) { + CHECK(cfg_gettoken(pctx, 0)); + if (strcasecmp(TOKEN_STRING(pctx), "versions") == 0 && + obj->value.tuple[1] == NULL) + { + CHECK(cfg_parse_obj(pctx, fields[1].type, + &obj->value.tuple[1])); + } else if (strcasecmp(TOKEN_STRING(pctx), "size") == + 0 && + obj->value.tuple[2] == NULL) + { + CHECK(cfg_parse_obj(pctx, fields[2].type, + &obj->value.tuple[2])); + } else if (strcasecmp(TOKEN_STRING(pctx), "suffix") == + 0 && + obj->value.tuple[3] == NULL) + { + CHECK(cfg_parse_obj(pctx, fields[3].type, + &obj->value.tuple[3])); + } else { + break; + } + } else { + break; + } + } + + /* Create void objects for missing optional values. */ + if (obj->value.tuple[1] == NULL) { + CHECK(cfg_parse_void(pctx, NULL, &obj->value.tuple[1])); + } + if (obj->value.tuple[2] == NULL) { + CHECK(cfg_parse_void(pctx, NULL, &obj->value.tuple[2])); + } + if (obj->value.tuple[3] == NULL) { + CHECK(cfg_parse_void(pctx, NULL, &obj->value.tuple[3])); + } + + *ret = obj; + return (ISC_R_SUCCESS); + +cleanup: + CLEANUP_OBJ(obj); + return (result); +} + +static void +print_logfile(cfg_printer_t *pctx, const cfg_obj_t *obj) { + cfg_print_obj(pctx, obj->value.tuple[0]); /* file */ + if (obj->value.tuple[1]->type->print != cfg_print_void) { + cfg_print_cstr(pctx, " versions "); + cfg_print_obj(pctx, obj->value.tuple[1]); + } + if (obj->value.tuple[2]->type->print != cfg_print_void) { + cfg_print_cstr(pctx, " size "); + cfg_print_obj(pctx, obj->value.tuple[2]); + } + if (obj->value.tuple[3]->type->print != cfg_print_void) { + cfg_print_cstr(pctx, " suffix "); + cfg_print_obj(pctx, obj->value.tuple[3]); + } +} + +static void +doc_logfile(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, ""); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ versions ( unlimited | ) ]"); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ size ]"); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ suffix ( increment | timestamp ) ]"); +} + +static cfg_type_t cfg_type_logfile = { "log_file", parse_logfile, + print_logfile, doc_logfile, + &cfg_rep_tuple, logfile_fields }; + +/*% An IPv4 address with optional dscp and port, "*" accepted as wildcard. */ +static cfg_type_t cfg_type_sockaddr4wild = { + "sockaddr4wild", cfg_parse_sockaddr, cfg_print_sockaddr, + cfg_doc_sockaddr, &cfg_rep_sockaddr, &sockaddr4wild_flags +}; + +/*% An IPv6 address with optional port, "*" accepted as wildcard. */ +static cfg_type_t cfg_type_sockaddr6wild = { + "v6addrportwild", cfg_parse_sockaddr, cfg_print_sockaddr, + cfg_doc_sockaddr, &cfg_rep_sockaddr, &sockaddr6wild_flags +}; + +/*% + * rndc + */ + +static cfg_clausedef_t rndcconf_options_clauses[] = { + { "default-key", &cfg_type_astring, 0 }, + { "default-port", &cfg_type_uint32, 0 }, + { "default-server", &cfg_type_astring, 0 }, + { "default-source-address", &cfg_type_netaddr4wild, 0 }, + { "default-source-address-v6", &cfg_type_netaddr6wild, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_clausedef_t *rndcconf_options_clausesets[] = { + rndcconf_options_clauses, NULL +}; + +static cfg_type_t cfg_type_rndcconf_options = { + "rndcconf_options", cfg_parse_map, cfg_print_map, + cfg_doc_map, &cfg_rep_map, rndcconf_options_clausesets +}; + +static cfg_clausedef_t rndcconf_server_clauses[] = { + { "key", &cfg_type_astring, 0 }, + { "port", &cfg_type_uint32, 0 }, + { "source-address", &cfg_type_netaddr4wild, 0 }, + { "source-address-v6", &cfg_type_netaddr6wild, 0 }, + { "addresses", &cfg_type_bracketed_sockaddrnameportlist, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_clausedef_t *rndcconf_server_clausesets[] = { + rndcconf_server_clauses, NULL +}; + +static cfg_type_t cfg_type_rndcconf_server = { + "rndcconf_server", cfg_parse_named_map, cfg_print_map, + cfg_doc_map, &cfg_rep_map, rndcconf_server_clausesets +}; + +static cfg_clausedef_t rndcconf_clauses[] = { + { "key", &cfg_type_key, CFG_CLAUSEFLAG_MULTI }, + { "server", &cfg_type_rndcconf_server, CFG_CLAUSEFLAG_MULTI }, + { "options", &cfg_type_rndcconf_options, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_clausedef_t *rndcconf_clausesets[] = { rndcconf_clauses, NULL }; + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_rndcconf = { + "rndcconf", cfg_parse_mapbody, cfg_print_mapbody, + cfg_doc_mapbody, &cfg_rep_map, rndcconf_clausesets +}; + +static cfg_clausedef_t rndckey_clauses[] = { { "key", &cfg_type_key, 0 }, + { NULL, NULL, 0 } }; + +static cfg_clausedef_t *rndckey_clausesets[] = { rndckey_clauses, NULL }; + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_rndckey = { + "rndckey", cfg_parse_mapbody, cfg_print_mapbody, + cfg_doc_mapbody, &cfg_rep_map, rndckey_clausesets +}; + +/* + * session.key has exactly the same syntax as rndc.key, but it's defined + * separately for clarity (and so we can extend it someday, if needed). + */ +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_sessionkey = { + "sessionkey", cfg_parse_mapbody, cfg_print_mapbody, + cfg_doc_mapbody, &cfg_rep_map, rndckey_clausesets +}; + +static cfg_tuplefielddef_t nameport_fields[] = { + { "name", &cfg_type_astring, 0 }, + { "port", &cfg_type_optional_port, 0 }, + { "dscp", &cfg_type_optional_dscp, CFG_CLAUSEFLAG_DEPRECATED }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_nameport = { "nameport", cfg_parse_tuple, + cfg_print_tuple, cfg_doc_tuple, + &cfg_rep_tuple, nameport_fields }; + +static void +doc_sockaddrnameport(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "( "); + cfg_print_cstr(pctx, ""); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ port ]"); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ dscp ]"); + cfg_print_cstr(pctx, " | "); + cfg_print_cstr(pctx, ""); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ port ]"); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ dscp ]"); + cfg_print_cstr(pctx, " | "); + cfg_print_cstr(pctx, ""); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ port ]"); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ dscp ]"); + cfg_print_cstr(pctx, " )"); +} + +static isc_result_t +parse_sockaddrnameport(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + UNUSED(type); + + CHECK(cfg_peektoken(pctx, CFG_LEXOPT_QSTRING)); + if (pctx->token.type == isc_tokentype_string || + pctx->token.type == isc_tokentype_qstring) + { + if (cfg_lookingat_netaddr(pctx, CFG_ADDR_V4OK | CFG_ADDR_V6OK)) + { + CHECK(cfg_parse_sockaddr(pctx, &cfg_type_sockaddr, + ret)); + } else { + const cfg_tuplefielddef_t *fields = + cfg_type_nameport.of; + CHECK(cfg_create_tuple(pctx, &cfg_type_nameport, &obj)); + CHECK(cfg_parse_obj(pctx, fields[0].type, + &obj->value.tuple[0])); + CHECK(cfg_parse_obj(pctx, fields[1].type, + &obj->value.tuple[1])); + CHECK(cfg_parse_obj(pctx, fields[2].type, + &obj->value.tuple[2])); + *ret = obj; + obj = NULL; + } + } else { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected IP address or hostname"); + return (ISC_R_UNEXPECTEDTOKEN); + } +cleanup: + CLEANUP_OBJ(obj); + return (result); +} + +static cfg_type_t cfg_type_sockaddrnameport = { "sockaddrnameport_element", + parse_sockaddrnameport, + NULL, + doc_sockaddrnameport, + NULL, + NULL }; + +static cfg_type_t cfg_type_bracketed_sockaddrnameportlist = { + "bracketed_sockaddrnameportlist", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_sockaddrnameport +}; + +/*% + * A list of socket addresses or name with an optional default port, + * as used in the dual-stack-servers option. E.g., + * "port 1234 { dual-stack-servers.net; 10.0.0.1; 1::2 port 69; }" + */ +static cfg_tuplefielddef_t nameportiplist_fields[] = { + { "port", &cfg_type_optional_port, 0 }, + { "addresses", &cfg_type_bracketed_sockaddrnameportlist, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_nameportiplist = { + "nameportiplist", cfg_parse_tuple, cfg_print_tuple, + cfg_doc_tuple, &cfg_rep_tuple, nameportiplist_fields +}; + +/*% + * primaries element. + */ + +static void +doc_remoteselement(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "( "); + cfg_print_cstr(pctx, ""); + cfg_print_cstr(pctx, " | "); + cfg_print_cstr(pctx, ""); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ port ]"); + cfg_print_cstr(pctx, " | "); + cfg_print_cstr(pctx, ""); + cfg_print_cstr(pctx, " "); + cfg_print_cstr(pctx, "[ port ]"); + cfg_print_cstr(pctx, " )"); +} + +static isc_result_t +parse_remoteselement(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + UNUSED(type); + + CHECK(cfg_peektoken(pctx, CFG_LEXOPT_QSTRING)); + if (pctx->token.type == isc_tokentype_string || + pctx->token.type == isc_tokentype_qstring) + { + if (cfg_lookingat_netaddr(pctx, CFG_ADDR_V4OK | CFG_ADDR_V6OK)) + { + CHECK(cfg_parse_sockaddr(pctx, &cfg_type_sockaddr, + ret)); + } else { + CHECK(cfg_parse_astring(pctx, &cfg_type_astring, ret)); + } + } else { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected IP address or remote servers list " + "name"); + return (ISC_R_UNEXPECTEDTOKEN); + } +cleanup: + CLEANUP_OBJ(obj); + return (result); +} + +static cfg_type_t cfg_type_remoteselement = { "remotes_element", + parse_remoteselement, + NULL, + doc_remoteselement, + NULL, + NULL }; + +static int +cmp_clause(const void *ap, const void *bp) { + const cfg_clausedef_t *a = (const cfg_clausedef_t *)ap; + const cfg_clausedef_t *b = (const cfg_clausedef_t *)bp; + return (strcmp(a->name, b->name)); +} + +bool +cfg_clause_validforzone(const char *name, unsigned int ztype) { + const cfg_clausedef_t *clause; + bool valid = false; + + for (clause = zone_clauses; clause->name != NULL; clause++) { + if ((clause->flags & ztype) == 0 || + strcmp(clause->name, name) != 0) + { + continue; + } + valid = true; + } + for (clause = zone_only_clauses; clause->name != NULL; clause++) { + if ((clause->flags & ztype) == 0 || + strcmp(clause->name, name) != 0) + { + continue; + } + valid = true; + } + + return (valid); +} + +void +cfg_print_zonegrammar(const unsigned int zonetype, unsigned int flags, + void (*f)(void *closure, const char *text, int textlen), + void *closure) { +#define NCLAUSES \ + (((sizeof(zone_clauses) + sizeof(zone_only_clauses)) / \ + sizeof(clause[0])) - \ + 1) + + cfg_printer_t pctx; + cfg_clausedef_t *clause = NULL; + cfg_clausedef_t clauses[NCLAUSES]; + + pctx.f = f; + pctx.closure = closure; + pctx.indent = 0; + pctx.flags = flags; + + memmove(clauses, zone_clauses, sizeof(zone_clauses)); + memmove(clauses + sizeof(zone_clauses) / sizeof(zone_clauses[0]) - 1, + zone_only_clauses, sizeof(zone_only_clauses)); + qsort(clauses, NCLAUSES - 1, sizeof(clause[0]), cmp_clause); + + cfg_print_cstr(&pctx, "zone [ ] {\n"); + pctx.indent++; + + switch (zonetype) { + case CFG_ZONE_PRIMARY: + cfg_print_indent(&pctx); + cfg_print_cstr(&pctx, "type ( master | primary );\n"); + break; + case CFG_ZONE_SECONDARY: + cfg_print_indent(&pctx); + cfg_print_cstr(&pctx, "type ( slave | secondary );\n"); + break; + case CFG_ZONE_MIRROR: + cfg_print_indent(&pctx); + cfg_print_cstr(&pctx, "type mirror;\n"); + break; + case CFG_ZONE_STUB: + cfg_print_indent(&pctx); + cfg_print_cstr(&pctx, "type stub;\n"); + break; + case CFG_ZONE_HINT: + cfg_print_indent(&pctx); + cfg_print_cstr(&pctx, "type hint;\n"); + break; + case CFG_ZONE_FORWARD: + cfg_print_indent(&pctx); + cfg_print_cstr(&pctx, "type forward;\n"); + break; + case CFG_ZONE_STATICSTUB: + cfg_print_indent(&pctx); + cfg_print_cstr(&pctx, "type static-stub;\n"); + break; + case CFG_ZONE_REDIRECT: + cfg_print_indent(&pctx); + cfg_print_cstr(&pctx, "type redirect;\n"); + break; + case CFG_ZONE_DELEGATION: + cfg_print_indent(&pctx); + cfg_print_cstr(&pctx, "type delegation-only;\n"); + break; + case CFG_ZONE_INVIEW: + /* no zone type is specified for these */ + break; + default: + UNREACHABLE(); + } + + for (clause = clauses; clause->name != NULL; clause++) { + if (((pctx.flags & CFG_PRINTER_ACTIVEONLY) != 0) && + (((clause->flags & CFG_CLAUSEFLAG_OBSOLETE) != 0) || + ((clause->flags & CFG_CLAUSEFLAG_ANCIENT) != 0) || + ((clause->flags & CFG_CLAUSEFLAG_NYI) != 0) || + ((clause->flags & CFG_CLAUSEFLAG_TESTONLY) != 0))) + { + continue; + } + if ((clause->flags & zonetype) == 0 || + strcasecmp(clause->name, "type") == 0) + { + continue; + } + cfg_print_indent(&pctx); + cfg_print_cstr(&pctx, clause->name); + cfg_print_cstr(&pctx, " "); + cfg_doc_obj(&pctx, clause->type); + cfg_print_cstr(&pctx, ";"); + cfg_print_clauseflags(&pctx, clause->flags); + cfg_print_cstr(&pctx, "\n"); + } + + pctx.indent--; + cfg_print_cstr(&pctx, "};\n"); +} diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c new file mode 100644 index 0000000..4ba93ee --- /dev/null +++ b/lib/isccfg/parser.c @@ -0,0 +1,4145 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 AND BSD-2-Clause + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +/* + * duration_fromtext initially taken from OpenDNSSEC code base. + * Modified to fit the BIND 9 code. + * + * Copyright (c) 2009-2018 NLNet Labs. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/*! \file */ + +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include +#include +#include + +/* Shorthand */ +#define CAT CFG_LOGCATEGORY_CONFIG +#define MOD CFG_LOGMODULE_PARSER + +#define MAP_SYM 1 /* Unique type for isc_symtab */ + +#define TOKEN_STRING(pctx) (pctx->token.value.as_textregion.base) + +/* Check a return value. */ +#define CHECK(op) \ + do { \ + result = (op); \ + if (result != ISC_R_SUCCESS) \ + goto cleanup; \ + } while (0) + +/* Clean up a configuration object if non-NULL. */ +#define CLEANUP_OBJ(obj) \ + do { \ + if ((obj) != NULL) \ + cfg_obj_destroy(pctx, &(obj)); \ + } while (0) + +/* + * Forward declarations of static functions. + */ + +static void +free_tuple(cfg_parser_t *pctx, cfg_obj_t *obj); + +static isc_result_t +parse_list(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +static void +print_list(cfg_printer_t *pctx, const cfg_obj_t *obj); + +static void +free_list(cfg_parser_t *pctx, cfg_obj_t *obj); + +static isc_result_t +create_listelt(cfg_parser_t *pctx, cfg_listelt_t **eltp); + +static isc_result_t +create_string(cfg_parser_t *pctx, const char *contents, const cfg_type_t *type, + cfg_obj_t **ret); + +static void +free_string(cfg_parser_t *pctx, cfg_obj_t *obj); + +static isc_result_t +create_map(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **objp); + +static void +free_map(cfg_parser_t *pctx, cfg_obj_t *obj); + +static isc_result_t +parse_symtab_elt(cfg_parser_t *pctx, const char *name, cfg_type_t *elttype, + isc_symtab_t *symtab, bool callback); + +static void +free_noop(cfg_parser_t *pctx, cfg_obj_t *obj); + +static isc_result_t +cfg_getstringtoken(cfg_parser_t *pctx); + +static void +parser_complain(cfg_parser_t *pctx, bool is_warning, unsigned int flags, + const char *format, va_list args); + +#if defined(HAVE_GEOIP2) +static isc_result_t +parse_geoip(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +static void +print_geoip(cfg_printer_t *pctx, const cfg_obj_t *obj); + +static void +doc_geoip(cfg_printer_t *pctx, const cfg_type_t *type); +#endif /* HAVE_GEOIP2 */ + +/* + * Data representations. These correspond to members of the + * "value" union in struct cfg_obj (except "void", which does + * not need a union member). + */ + +LIBISCCFG_EXTERNAL_DATA cfg_rep_t cfg_rep_uint32 = { "uint32", free_noop }; +LIBISCCFG_EXTERNAL_DATA cfg_rep_t cfg_rep_uint64 = { "uint64", free_noop }; +LIBISCCFG_EXTERNAL_DATA cfg_rep_t cfg_rep_string = { "string", free_string }; +LIBISCCFG_EXTERNAL_DATA cfg_rep_t cfg_rep_boolean = { "boolean", free_noop }; +LIBISCCFG_EXTERNAL_DATA cfg_rep_t cfg_rep_map = { "map", free_map }; +LIBISCCFG_EXTERNAL_DATA cfg_rep_t cfg_rep_list = { "list", free_list }; +LIBISCCFG_EXTERNAL_DATA cfg_rep_t cfg_rep_tuple = { "tuple", free_tuple }; +LIBISCCFG_EXTERNAL_DATA cfg_rep_t cfg_rep_sockaddr = { "sockaddr", free_noop }; +LIBISCCFG_EXTERNAL_DATA cfg_rep_t cfg_rep_netprefix = { "netprefix", + free_noop }; +LIBISCCFG_EXTERNAL_DATA cfg_rep_t cfg_rep_void = { "void", free_noop }; +LIBISCCFG_EXTERNAL_DATA cfg_rep_t cfg_rep_fixedpoint = { "fixedpoint", + free_noop }; +LIBISCCFG_EXTERNAL_DATA cfg_rep_t cfg_rep_percentage = { "percentage", + free_noop }; +LIBISCCFG_EXTERNAL_DATA cfg_rep_t cfg_rep_duration = { "duration", free_noop }; + +/* + * Configuration type definitions. + */ + +/*% + * An implicit list. These are formed by clauses that occur multiple times. + */ +static cfg_type_t cfg_type_implicitlist = { "implicitlist", NULL, + print_list, NULL, + &cfg_rep_list, NULL }; + +/* Functions. */ + +void +cfg_print_obj(cfg_printer_t *pctx, const cfg_obj_t *obj) { + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + obj->type->print(pctx, obj); +} + +void +cfg_print_chars(cfg_printer_t *pctx, const char *text, int len) { + REQUIRE(pctx != NULL); + REQUIRE(text != NULL); + + pctx->f(pctx->closure, text, len); +} + +static void +print_open(cfg_printer_t *pctx) { + if ((pctx->flags & CFG_PRINTER_ONELINE) != 0) { + cfg_print_cstr(pctx, "{ "); + } else { + cfg_print_cstr(pctx, "{\n"); + pctx->indent++; + } +} + +void +cfg_print_indent(cfg_printer_t *pctx) { + int indent = pctx->indent; + if ((pctx->flags & CFG_PRINTER_ONELINE) != 0) { + cfg_print_cstr(pctx, " "); + return; + } + while (indent > 0) { + cfg_print_cstr(pctx, "\t"); + indent--; + } +} + +static void +print_close(cfg_printer_t *pctx) { + if ((pctx->flags & CFG_PRINTER_ONELINE) == 0) { + pctx->indent--; + cfg_print_indent(pctx); + } + cfg_print_cstr(pctx, "}"); +} + +isc_result_t +cfg_parse_obj(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + result = type->parse(pctx, type, ret); + if (result != ISC_R_SUCCESS) { + return (result); + } + ENSURE(*ret != NULL); + return (ISC_R_SUCCESS); +} + +void +cfg_print(const cfg_obj_t *obj, + void (*f)(void *closure, const char *text, int textlen), + void *closure) { + REQUIRE(obj != NULL); + REQUIRE(f != NULL); + + cfg_printx(obj, 0, f, closure); +} + +void +cfg_printx(const cfg_obj_t *obj, unsigned int flags, + void (*f)(void *closure, const char *text, int textlen), + void *closure) { + cfg_printer_t pctx; + + REQUIRE(obj != NULL); + REQUIRE(f != NULL); + + pctx.f = f; + pctx.closure = closure; + pctx.indent = 0; + pctx.flags = flags; + obj->type->print(&pctx, obj); +} + +/* Tuples. */ + +isc_result_t +cfg_create_tuple(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + const cfg_tuplefielddef_t *fields; + const cfg_tuplefielddef_t *f; + cfg_obj_t *obj = NULL; + unsigned int nfields = 0; + int i; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + fields = type->of; + + for (f = fields; f->name != NULL; f++) { + nfields++; + } + + CHECK(cfg_create_obj(pctx, type, &obj)); + obj->value.tuple = isc_mem_get(pctx->mctx, + nfields * sizeof(cfg_obj_t *)); + for (f = fields, i = 0; f->name != NULL; f++, i++) { + obj->value.tuple[i] = NULL; + } + *ret = obj; + return (ISC_R_SUCCESS); + +cleanup: + if (obj != NULL) { + isc_mem_put(pctx->mctx, obj, sizeof(*obj)); + } + return (result); +} + +isc_result_t +cfg_parse_tuple(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + const cfg_tuplefielddef_t *fields; + const cfg_tuplefielddef_t *f; + cfg_obj_t *obj = NULL; + unsigned int i; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + fields = type->of; + + CHECK(cfg_create_tuple(pctx, type, &obj)); + for (f = fields, i = 0; f->name != NULL; f++, i++) { + CHECK(cfg_parse_obj(pctx, f->type, &obj->value.tuple[i])); + } + + *ret = obj; + return (ISC_R_SUCCESS); + +cleanup: + CLEANUP_OBJ(obj); + return (result); +} + +void +cfg_print_tuple(cfg_printer_t *pctx, const cfg_obj_t *obj) { + unsigned int i; + const cfg_tuplefielddef_t *fields; + const cfg_tuplefielddef_t *f; + bool need_space = false; + + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + fields = obj->type->of; + + for (f = fields, i = 0; f->name != NULL; f++, i++) { + const cfg_obj_t *fieldobj = obj->value.tuple[i]; + if (need_space && fieldobj->type->rep != &cfg_rep_void) { + cfg_print_cstr(pctx, " "); + } + cfg_print_obj(pctx, fieldobj); + need_space = (need_space || + fieldobj->type->print != cfg_print_void); + } +} + +void +cfg_doc_tuple(cfg_printer_t *pctx, const cfg_type_t *type) { + const cfg_tuplefielddef_t *fields; + const cfg_tuplefielddef_t *f; + bool need_space = false; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + + fields = type->of; + + for (f = fields; f->name != NULL; f++) { + if (need_space) { + cfg_print_cstr(pctx, " "); + } + cfg_doc_obj(pctx, f->type); + need_space = (f->type->print != cfg_print_void); + } +} + +static void +free_tuple(cfg_parser_t *pctx, cfg_obj_t *obj) { + unsigned int i; + const cfg_tuplefielddef_t *fields = obj->type->of; + const cfg_tuplefielddef_t *f; + unsigned int nfields = 0; + + if (obj->value.tuple == NULL) { + return; + } + + for (f = fields, i = 0; f->name != NULL; f++, i++) { + CLEANUP_OBJ(obj->value.tuple[i]); + nfields++; + } + isc_mem_put(pctx->mctx, obj->value.tuple, + nfields * sizeof(cfg_obj_t *)); +} + +bool +cfg_obj_istuple(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + return (obj->type->rep == &cfg_rep_tuple); +} + +const cfg_obj_t * +cfg_tuple_get(const cfg_obj_t *tupleobj, const char *name) { + unsigned int i; + const cfg_tuplefielddef_t *fields; + const cfg_tuplefielddef_t *f; + + REQUIRE(tupleobj != NULL && tupleobj->type->rep == &cfg_rep_tuple); + REQUIRE(name != NULL); + + fields = tupleobj->type->of; + for (f = fields, i = 0; f->name != NULL; f++, i++) { + if (strcmp(f->name, name) == 0) { + return (tupleobj->value.tuple[i]); + } + } + UNREACHABLE(); +} + +isc_result_t +cfg_parse_special(cfg_parser_t *pctx, int special) { + isc_result_t result; + + REQUIRE(pctx != NULL); + + CHECK(cfg_gettoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_special && + pctx->token.value.as_char == special) + { + return (ISC_R_SUCCESS); + } + + cfg_parser_error(pctx, CFG_LOG_NEAR, "'%c' expected", special); + return (ISC_R_UNEXPECTEDTOKEN); +cleanup: + return (result); +} + +/* + * Parse a required semicolon. If it is not there, log + * an error and increment the error count but continue + * parsing. Since the next token is pushed back, + * care must be taken to make sure it is eventually + * consumed or an infinite loop may result. + */ +static isc_result_t +parse_semicolon(cfg_parser_t *pctx) { + isc_result_t result; + + CHECK(cfg_gettoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_special && + pctx->token.value.as_char == ';') + { + return (ISC_R_SUCCESS); + } + + cfg_parser_error(pctx, CFG_LOG_BEFORE, "missing ';'"); + cfg_ungettoken(pctx); +cleanup: + return (result); +} + +/* + * Parse EOF, logging and returning an error if not there. + */ +static isc_result_t +parse_eof(cfg_parser_t *pctx) { + isc_result_t result; + + CHECK(cfg_gettoken(pctx, 0)); + + if (pctx->token.type == isc_tokentype_eof) { + return (ISC_R_SUCCESS); + } + + cfg_parser_error(pctx, CFG_LOG_NEAR, "syntax error"); + return (ISC_R_UNEXPECTEDTOKEN); +cleanup: + return (result); +} + +/* A list of files, used internally for pctx->files. */ + +static cfg_type_t cfg_type_filelist = { "filelist", NULL, + print_list, NULL, + &cfg_rep_list, &cfg_type_qstring }; + +isc_result_t +cfg_parser_create(isc_mem_t *mctx, isc_log_t *lctx, cfg_parser_t **ret) { + isc_result_t result; + cfg_parser_t *pctx; + isc_lexspecials_t specials; + + REQUIRE(mctx != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + pctx = isc_mem_get(mctx, sizeof(*pctx)); + + pctx->mctx = NULL; + isc_mem_attach(mctx, &pctx->mctx); + + isc_refcount_init(&pctx->references, 1); + + pctx->lctx = lctx; + pctx->lexer = NULL; + pctx->seen_eof = false; + pctx->ungotten = false; + pctx->errors = 0; + pctx->warnings = 0; + pctx->open_files = NULL; + pctx->closed_files = NULL; + pctx->line = 0; + pctx->callback = NULL; + pctx->callbackarg = NULL; + pctx->token.type = isc_tokentype_unknown; + pctx->flags = 0; + pctx->buf_name = NULL; + + memset(specials, 0, sizeof(specials)); + specials['{'] = 1; + specials['}'] = 1; + specials[';'] = 1; + specials['/'] = 1; + specials['"'] = 1; + specials['!'] = 1; + + CHECK(isc_lex_create(pctx->mctx, 1024, &pctx->lexer)); + + isc_lex_setspecials(pctx->lexer, specials); + isc_lex_setcomments(pctx->lexer, + (ISC_LEXCOMMENT_C | ISC_LEXCOMMENT_CPLUSPLUS | + ISC_LEXCOMMENT_SHELL)); + + CHECK(cfg_create_list(pctx, &cfg_type_filelist, &pctx->open_files)); + CHECK(cfg_create_list(pctx, &cfg_type_filelist, &pctx->closed_files)); + + *ret = pctx; + return (ISC_R_SUCCESS); + +cleanup: + if (pctx->lexer != NULL) { + isc_lex_destroy(&pctx->lexer); + } + CLEANUP_OBJ(pctx->open_files); + CLEANUP_OBJ(pctx->closed_files); + isc_mem_putanddetach(&pctx->mctx, pctx, sizeof(*pctx)); + return (result); +} + +void +cfg_parser_setflags(cfg_parser_t *pctx, unsigned int flags, bool turn_on) { + REQUIRE(pctx != NULL); + + if (turn_on) { + pctx->flags |= flags; + } else { + pctx->flags &= ~flags; + } +} + +static isc_result_t +parser_openfile(cfg_parser_t *pctx, const char *filename) { + isc_result_t result; + cfg_listelt_t *elt = NULL; + cfg_obj_t *stringobj = NULL; + + result = isc_lex_openfile(pctx->lexer, filename); + if (result != ISC_R_SUCCESS) { + cfg_parser_error(pctx, 0, "open: %s: %s", filename, + isc_result_totext(result)); + goto cleanup; + } + + CHECK(create_string(pctx, filename, &cfg_type_qstring, &stringobj)); + CHECK(create_listelt(pctx, &elt)); + elt->obj = stringobj; + ISC_LIST_APPEND(pctx->open_files->value.list, elt, link); + + return (ISC_R_SUCCESS); +cleanup: + CLEANUP_OBJ(stringobj); + return (result); +} + +void +cfg_parser_setcallback(cfg_parser_t *pctx, cfg_parsecallback_t callback, + void *arg) { + REQUIRE(pctx != NULL); + + pctx->callback = callback; + pctx->callbackarg = arg; +} + +void +cfg_parser_reset(cfg_parser_t *pctx) { + REQUIRE(pctx != NULL); + + if (pctx->lexer != NULL) { + isc_lex_close(pctx->lexer); + } + + pctx->seen_eof = false; + pctx->ungotten = false; + pctx->errors = 0; + pctx->warnings = 0; + pctx->line = 0; +} + +/* + * Parse a configuration using a pctx where a lexer has already + * been set up with a source. + */ +static isc_result_t +parse2(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + + result = cfg_parse_obj(pctx, type, &obj); + + if (pctx->errors != 0) { + /* Errors have been logged. */ + if (result == ISC_R_SUCCESS) { + result = ISC_R_FAILURE; + } + goto cleanup; + } + + if (result != ISC_R_SUCCESS) { + /* Parsing failed but no errors have been logged. */ + cfg_parser_error(pctx, 0, "parsing failed: %s", + isc_result_totext(result)); + goto cleanup; + } + + CHECK(parse_eof(pctx)); + + *ret = obj; + return (ISC_R_SUCCESS); + +cleanup: + CLEANUP_OBJ(obj); + return (result); +} + +isc_result_t +cfg_parse_file(cfg_parser_t *pctx, const char *filename, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + cfg_listelt_t *elt; + + REQUIRE(pctx != NULL); + REQUIRE(filename != NULL); + REQUIRE(type != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + CHECK(parser_openfile(pctx, filename)); + + result = parse2(pctx, type, ret); + + /* Clean up the opened file */ + elt = ISC_LIST_TAIL(pctx->open_files->value.list); + INSIST(elt != NULL); + ISC_LIST_UNLINK(pctx->open_files->value.list, elt, link); + ISC_LIST_APPEND(pctx->closed_files->value.list, elt, link); + +cleanup: + return (result); +} + +isc_result_t +cfg_parse_buffer(cfg_parser_t *pctx, isc_buffer_t *buffer, const char *file, + unsigned int line, const cfg_type_t *type, unsigned int flags, + cfg_obj_t **ret) { + isc_result_t result; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + REQUIRE(buffer != NULL); + REQUIRE(ret != NULL && *ret == NULL); + REQUIRE((flags & ~(CFG_PCTX_NODEPRECATED)) == 0); + + CHECK(isc_lex_openbuffer(pctx->lexer, buffer)); + + pctx->buf_name = file; + pctx->flags = flags; + + if (line != 0U) { + CHECK(isc_lex_setsourceline(pctx->lexer, line)); + } + + CHECK(parse2(pctx, type, ret)); + pctx->buf_name = NULL; + +cleanup: + return (result); +} + +void +cfg_parser_attach(cfg_parser_t *src, cfg_parser_t **dest) { + REQUIRE(src != NULL); + REQUIRE(dest != NULL && *dest == NULL); + + isc_refcount_increment(&src->references); + *dest = src; +} + +void +cfg_parser_destroy(cfg_parser_t **pctxp) { + cfg_parser_t *pctx; + + REQUIRE(pctxp != NULL && *pctxp != NULL); + pctx = *pctxp; + *pctxp = NULL; + + if (isc_refcount_decrement(&pctx->references) == 1) { + isc_lex_destroy(&pctx->lexer); + /* + * Cleaning up open_files does not + * close the files; that was already done + * by closing the lexer. + */ + CLEANUP_OBJ(pctx->open_files); + CLEANUP_OBJ(pctx->closed_files); + isc_mem_putanddetach(&pctx->mctx, pctx, sizeof(*pctx)); + } +} + +/* + * void + */ +isc_result_t +cfg_parse_void(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + REQUIRE(pctx != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + UNUSED(type); + + return (cfg_create_obj(pctx, &cfg_type_void, ret)); +} + +void +cfg_print_void(cfg_printer_t *pctx, const cfg_obj_t *obj) { + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + UNUSED(pctx); + UNUSED(obj); +} + +void +cfg_doc_void(cfg_printer_t *pctx, const cfg_type_t *type) { + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + + UNUSED(pctx); + UNUSED(type); +} + +bool +cfg_obj_isvoid(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + return (obj->type->rep == &cfg_rep_void); +} + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_void = { + "void", cfg_parse_void, cfg_print_void, + cfg_doc_void, &cfg_rep_void, NULL +}; + +/* + * percentage + */ +isc_result_t +cfg_parse_percentage(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + char *endp; + isc_result_t result; + cfg_obj_t *obj = NULL; + uint64_t percent; + + REQUIRE(pctx != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + UNUSED(type); + + CHECK(cfg_gettoken(pctx, 0)); + if (pctx->token.type != isc_tokentype_string) { + cfg_parser_error(pctx, CFG_LOG_NEAR, "expected percentage"); + return (ISC_R_UNEXPECTEDTOKEN); + } + + percent = strtoull(TOKEN_STRING(pctx), &endp, 10); + if (*endp != '%' || *(endp + 1) != 0) { + cfg_parser_error(pctx, CFG_LOG_NEAR, "expected percentage"); + return (ISC_R_UNEXPECTEDTOKEN); + } + + CHECK(cfg_create_obj(pctx, &cfg_type_percentage, &obj)); + obj->value.uint32 = (uint32_t)percent; + *ret = obj; + +cleanup: + return (result); +} + +void +cfg_print_percentage(cfg_printer_t *pctx, const cfg_obj_t *obj) { + char buf[64]; + int n; + + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + n = snprintf(buf, sizeof(buf), "%u%%", obj->value.uint32); + INSIST(n > 0 && (size_t)n < sizeof(buf)); + cfg_print_chars(pctx, buf, strlen(buf)); +} + +uint32_t +cfg_obj_aspercentage(const cfg_obj_t *obj) { + REQUIRE(obj != NULL && obj->type->rep == &cfg_rep_percentage); + return (obj->value.uint32); +} + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_percentage = { + "percentage", cfg_parse_percentage, cfg_print_percentage, + cfg_doc_terminal, &cfg_rep_percentage, NULL +}; + +bool +cfg_obj_ispercentage(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + return (obj->type->rep == &cfg_rep_percentage); +} + +/* + * Fixed point + */ +isc_result_t +cfg_parse_fixedpoint(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + size_t n1, n2, n3, l; + const char *p; + + REQUIRE(pctx != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + UNUSED(type); + + CHECK(cfg_gettoken(pctx, 0)); + if (pctx->token.type != isc_tokentype_string) { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected fixed point number"); + return (ISC_R_UNEXPECTEDTOKEN); + } + + p = TOKEN_STRING(pctx); + l = strlen(p); + n1 = strspn(p, "0123456789"); + n2 = strspn(p + n1, "."); + n3 = strspn(p + n1 + n2, "0123456789"); + + if ((n1 + n2 + n3 != l) || (n1 + n3 == 0) || n1 > 5 || n2 > 1 || n3 > 2) + { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected fixed point number"); + return (ISC_R_UNEXPECTEDTOKEN); + } + + CHECK(cfg_create_obj(pctx, &cfg_type_fixedpoint, &obj)); + + obj->value.uint32 = strtoul(p, NULL, 10) * 100; + switch (n3) { + case 2: + obj->value.uint32 += strtoul(p + n1 + n2, NULL, 10); + break; + case 1: + obj->value.uint32 += strtoul(p + n1 + n2, NULL, 10) * 10; + break; + } + *ret = obj; + +cleanup: + return (result); +} + +void +cfg_print_fixedpoint(cfg_printer_t *pctx, const cfg_obj_t *obj) { + char buf[64]; + int n; + + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + n = snprintf(buf, sizeof(buf), "%u.%02u", obj->value.uint32 / 100, + obj->value.uint32 % 100); + INSIST(n > 0 && (size_t)n < sizeof(buf)); + cfg_print_chars(pctx, buf, strlen(buf)); +} + +uint32_t +cfg_obj_asfixedpoint(const cfg_obj_t *obj) { + REQUIRE(obj != NULL && obj->type->rep == &cfg_rep_fixedpoint); + return (obj->value.uint32); +} + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_fixedpoint = { + "fixedpoint", cfg_parse_fixedpoint, cfg_print_fixedpoint, + cfg_doc_terminal, &cfg_rep_fixedpoint, NULL +}; + +bool +cfg_obj_isfixedpoint(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + return (obj->type->rep == &cfg_rep_fixedpoint); +} + +/* + * uint32 + */ +isc_result_t +cfg_parse_uint32(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + + REQUIRE(pctx != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + UNUSED(type); + + CHECK(cfg_gettoken(pctx, ISC_LEXOPT_NUMBER | ISC_LEXOPT_CNUMBER)); + if (pctx->token.type != isc_tokentype_number) { + cfg_parser_error(pctx, CFG_LOG_NEAR, "expected number"); + return (ISC_R_UNEXPECTEDTOKEN); + } + + CHECK(cfg_create_obj(pctx, &cfg_type_uint32, &obj)); + + obj->value.uint32 = pctx->token.value.as_ulong; + *ret = obj; +cleanup: + return (result); +} + +void +cfg_print_cstr(cfg_printer_t *pctx, const char *s) { + cfg_print_chars(pctx, s, strlen(s)); +} + +void +cfg_print_rawuint(cfg_printer_t *pctx, unsigned int u) { + char buf[32]; + + snprintf(buf, sizeof(buf), "%u", u); + cfg_print_cstr(pctx, buf); +} + +void +cfg_print_uint32(cfg_printer_t *pctx, const cfg_obj_t *obj) { + cfg_print_rawuint(pctx, obj->value.uint32); +} + +bool +cfg_obj_isuint32(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + return (obj->type->rep == &cfg_rep_uint32); +} + +uint32_t +cfg_obj_asuint32(const cfg_obj_t *obj) { + REQUIRE(obj != NULL && obj->type->rep == &cfg_rep_uint32); + return (obj->value.uint32); +} + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_uint32 = { + "integer", cfg_parse_uint32, cfg_print_uint32, + cfg_doc_terminal, &cfg_rep_uint32, NULL +}; + +/* + * uint64 + */ +bool +cfg_obj_isuint64(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + return (obj->type->rep == &cfg_rep_uint64); +} + +uint64_t +cfg_obj_asuint64(const cfg_obj_t *obj) { + REQUIRE(obj != NULL && obj->type->rep == &cfg_rep_uint64); + return (obj->value.uint64); +} + +void +cfg_print_uint64(cfg_printer_t *pctx, const cfg_obj_t *obj) { + char buf[32]; + + snprintf(buf, sizeof(buf), "%" PRIu64, obj->value.uint64); + cfg_print_cstr(pctx, buf); +} + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_uint64 = { + "64_bit_integer", NULL, cfg_print_uint64, cfg_doc_terminal, + &cfg_rep_uint64, NULL +}; + +/* + * Get the number of digits in a number. + */ +static size_t +numlen(uint32_t num) { + uint32_t period = num; + size_t count = 0; + + if (period == 0) { + return (1); + } + while (period > 0) { + count++; + period /= 10; + } + return (count); +} + +/* + * duration + */ +void +cfg_print_duration(cfg_printer_t *pctx, const cfg_obj_t *obj) { + char buf[CFG_DURATION_MAXLEN]; + char *str; + const char *indicators = "YMWDHMS"; + int count, i; + int durationlen[7] = { 0 }; + cfg_duration_t duration; + /* + * D ? The duration has a date part. + * T ? The duration has a time part. + */ + bool D = false, T = false; + + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + duration = obj->value.duration; + + /* If this is not an ISO 8601 duration, just print it as a number. */ + if (!duration.iso8601) { + cfg_print_rawuint(pctx, duration.parts[6]); + return; + } + + /* Calculate length of string. */ + buf[0] = 'P'; + buf[1] = '\0'; + str = &buf[1]; + count = 2; + for (i = 0; i < 6; i++) { + if (duration.parts[i] > 0) { + durationlen[i] = 1 + numlen(duration.parts[i]); + if (i < 4) { + D = true; + } else { + T = true; + } + count += durationlen[i]; + } + } + /* + * Special case for seconds which is not taken into account in the + * above for loop: Count the length of the seconds part if it is + * non-zero, or if all the other parts are also zero. In the latter + * case this function will print "PT0S". + */ + if (duration.parts[6] > 0 || + (!D && !duration.parts[4] && !duration.parts[5])) + { + durationlen[6] = 1 + numlen(duration.parts[6]); + T = true; + count += durationlen[6]; + } + /* Add one character for the time indicator. */ + if (T) { + count++; + } + INSIST(count < CFG_DURATION_MAXLEN); + + /* Now print the duration. */ + for (i = 0; i < 6; i++) { + /* + * We don't check here if weeks and other time indicator are + * used mutually exclusively. + */ + if (duration.parts[i] > 0) { + snprintf(str, durationlen[i] + 2, "%u%c", + (uint32_t)duration.parts[i], indicators[i]); + str += durationlen[i]; + } + if (i == 3 && T) { + snprintf(str, 2, "T"); + str += 1; + } + } + /* Special case for seconds. */ + if (duration.parts[6] > 0 || + (!D && !duration.parts[4] && !duration.parts[5])) + { + snprintf(str, durationlen[6] + 2, "%u%c", + (uint32_t)duration.parts[6], indicators[6]); + } + cfg_print_chars(pctx, buf, strlen(buf)); +} + +void +cfg_print_duration_or_unlimited(cfg_printer_t *pctx, const cfg_obj_t *obj) { + cfg_duration_t duration; + + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + duration = obj->value.duration; + + if (duration.unlimited) { + cfg_print_cstr(pctx, "unlimited"); + } else { + cfg_print_duration(pctx, obj); + } +} + +bool +cfg_obj_isduration(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + return (obj->type->rep == &cfg_rep_duration); +} + +uint32_t +cfg_obj_asduration(const cfg_obj_t *obj) { + uint64_t seconds = 0; + cfg_duration_t duration; + + REQUIRE(obj != NULL && obj->type->rep == &cfg_rep_duration); + + duration = obj->value.duration; + + seconds += (uint64_t)duration.parts[6]; /* Seconds */ + seconds += (uint64_t)duration.parts[5] * 60; /* Minutes */ + seconds += (uint64_t)duration.parts[4] * 3600; /* Hours */ + seconds += (uint64_t)duration.parts[3] * 86400; /* Days */ + seconds += (uint64_t)duration.parts[2] * 86400 * 7; /* Weeks */ + /* + * The below additions are not entirely correct + * because days may vary per month and per year. + */ + seconds += (uint64_t)duration.parts[1] * 86400 * 31; /* Months */ + seconds += (uint64_t)duration.parts[0] * 86400 * 365; /* Years */ + + return (seconds > UINT32_MAX ? UINT32_MAX : (uint32_t)seconds); +} + +static isc_result_t +duration_fromtext(isc_textregion_t *source, cfg_duration_t *duration) { + char buf[CFG_DURATION_MAXLEN] = { 0 }; + char *P, *X, *T, *W, *str; + bool not_weeks = false; + int i; + long long int lli; + + /* + * Copy the buffer as it may not be NULL terminated. + */ + if (source->length > sizeof(buf) - 1) { + return (ISC_R_BADNUMBER); + } + /* Copy source->length bytes and NULL terminate. */ + snprintf(buf, sizeof(buf), "%.*s", (int)source->length, source->base); + str = buf; + + /* Clear out duration. */ + for (i = 0; i < 7; i++) { + duration->parts[i] = 0; + } + + /* Every duration starts with 'P' */ + P = strpbrk(str, "Pp"); + if (P == NULL) { + return (ISC_R_BADNUMBER); + } + + /* Record the time indicator. */ + T = strpbrk(str, "Tt"); + + /* Record years. */ + X = strpbrk(str, "Yy"); + if (X != NULL) { + errno = 0; + lli = strtoll(str + 1, NULL, 10); + if (errno != 0 || lli < 0 || lli > UINT32_MAX) { + return (ISC_R_BADNUMBER); + } + duration->parts[0] = (uint32_t)lli; + str = X; + not_weeks = true; + } + + /* Record months. */ + X = strpbrk(str, "Mm"); + + /* + * M could be months or minutes. This is months if there is no time + * part, or this M indicator is before the time indicator. + */ + if (X != NULL && (T == NULL || (size_t)(X - P) < (size_t)(T - P))) { + errno = 0; + lli = strtoll(str + 1, NULL, 10); + if (errno != 0 || lli < 0 || lli > UINT32_MAX) { + return (ISC_R_BADNUMBER); + } + duration->parts[1] = (uint32_t)lli; + str = X; + not_weeks = true; + } + + /* Record days. */ + X = strpbrk(str, "Dd"); + if (X != NULL) { + errno = 0; + lli = strtoll(str + 1, NULL, 10); + if (errno != 0 || lli < 0 || lli > UINT32_MAX) { + return (ISC_R_BADNUMBER); + } + duration->parts[3] = (uint32_t)lli; + str = X; + not_weeks = true; + } + + /* Time part? */ + if (T != NULL) { + str = T; + not_weeks = true; + } + + /* Record hours. */ + X = strpbrk(str, "Hh"); + if (X != NULL && T != NULL) { + errno = 0; + lli = strtoll(str + 1, NULL, 10); + if (errno != 0 || lli < 0 || lli > UINT32_MAX) { + return (ISC_R_BADNUMBER); + } + duration->parts[4] = (uint32_t)lli; + str = X; + not_weeks = true; + } + + /* Record minutes. */ + X = strpbrk(str, "Mm"); + + /* + * M could be months or minutes. This is minutes if there is a time + * part and the M indicator is behind the time indicator. + */ + if (X != NULL && T != NULL && (size_t)(X - P) > (size_t)(T - P)) { + errno = 0; + lli = strtoll(str + 1, NULL, 10); + if (errno != 0 || lli < 0 || lli > UINT32_MAX) { + return (ISC_R_BADNUMBER); + } + duration->parts[5] = (uint32_t)lli; + str = X; + not_weeks = true; + } + + /* Record seconds. */ + X = strpbrk(str, "Ss"); + if (X != NULL && T != NULL) { + errno = 0; + lli = strtoll(str + 1, NULL, 10); + if (errno != 0 || lli < 0 || lli > UINT32_MAX) { + return (ISC_R_BADNUMBER); + } + duration->parts[6] = (uint32_t)lli; + str = X; + not_weeks = true; + } + + /* Or is the duration configured in weeks? */ + W = strpbrk(buf, "Ww"); + if (W != NULL) { + if (not_weeks) { + /* Mix of weeks and other indicators is not allowed */ + return (ISC_R_BADNUMBER); + } else { + errno = 0; + lli = strtoll(str + 1, NULL, 10); + if (errno != 0 || lli < 0 || lli > UINT32_MAX) { + return (ISC_R_BADNUMBER); + } + duration->parts[2] = (uint32_t)lli; + str = W; + } + } + + /* Deal with trailing garbage. */ + if (str[1] != '\0') { + return (ISC_R_BADNUMBER); + } + + return (ISC_R_SUCCESS); +} + +static isc_result_t +parse_duration(cfg_parser_t *pctx, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + cfg_duration_t duration; + + duration.unlimited = false; + + if (toupper((unsigned char)TOKEN_STRING(pctx)[0]) == 'P') { + result = duration_fromtext(&pctx->token.value.as_textregion, + &duration); + duration.iso8601 = true; + } else { + uint32_t ttl; + result = dns_ttl_fromtext(&pctx->token.value.as_textregion, + &ttl); + /* + * With dns_ttl_fromtext() the information on optional units. + * is lost, and is treated as seconds from now on. + */ + for (int i = 0; i < 6; i++) { + duration.parts[i] = 0; + } + duration.parts[6] = ttl; + duration.iso8601 = false; + } + + if (result == ISC_R_RANGE) { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "duration or TTL out of range"); + return (result); + } else if (result != ISC_R_SUCCESS) { + goto cleanup; + } + + CHECK(cfg_create_obj(pctx, &cfg_type_duration, &obj)); + obj->value.duration = duration; + *ret = obj; + + return (ISC_R_SUCCESS); + +cleanup: + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected ISO 8601 duration or TTL value"); + return (result); +} + +isc_result_t +cfg_parse_duration(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + + UNUSED(type); + + CHECK(cfg_gettoken(pctx, 0)); + if (pctx->token.type != isc_tokentype_string) { + result = ISC_R_UNEXPECTEDTOKEN; + goto cleanup; + } + + return (parse_duration(pctx, ret)); + +cleanup: + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected ISO 8601 duration or TTL value"); + return (result); +} + +isc_result_t +cfg_parse_duration_or_unlimited(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + cfg_duration_t duration; + + UNUSED(type); + + CHECK(cfg_gettoken(pctx, 0)); + if (pctx->token.type != isc_tokentype_string) { + result = ISC_R_UNEXPECTEDTOKEN; + goto cleanup; + } + + if (strcmp(TOKEN_STRING(pctx), "unlimited") == 0) { + for (int i = 0; i < 7; i++) { + duration.parts[i] = 0; + } + duration.iso8601 = false; + duration.unlimited = true; + + CHECK(cfg_create_obj(pctx, &cfg_type_duration, &obj)); + obj->value.duration = duration; + *ret = obj; + return (ISC_R_SUCCESS); + } + + return (parse_duration(pctx, ret)); + +cleanup: + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected ISO 8601 duration, TTL value, or unlimited"); + return (result); +} + +/*% + * A duration as defined by ISO 8601 (P[n]Y[n]M[n]DT[n]H[n]M[n]S). + * - P is the duration indicator ("period") placed at the start. + * - Y is the year indicator that follows the value for the number of years. + * - M is the month indicator that follows the value for the number of months. + * - D is the day indicator that follows the value for the number of days. + * - T is the time indicator that precedes the time components. + * - H is the hour indicator that follows the value for the number of hours. + * - M is the minute indicator that follows the value for the number of + * minutes. + * - S is the second indicator that follows the value for the number of + * seconds. + * + * A duration can also be a TTL value (number + optional unit). + */ +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_duration = { + "duration", cfg_parse_duration, cfg_print_duration, + cfg_doc_terminal, &cfg_rep_duration, NULL +}; +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_duration_or_unlimited = { + "duration_or_unlimited", + cfg_parse_duration_or_unlimited, + cfg_print_duration_or_unlimited, + cfg_doc_terminal, + &cfg_rep_duration, + NULL +}; + +/* + * qstring (quoted string), ustring (unquoted string), astring + * (any string), sstring (secret string) + */ + +/* Create a string object from a null-terminated C string. */ +static isc_result_t +create_string(cfg_parser_t *pctx, const char *contents, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + int len; + + CHECK(cfg_create_obj(pctx, type, &obj)); + len = strlen(contents); + obj->value.string.length = len; + obj->value.string.base = isc_mem_get(pctx->mctx, len + 1); + if (obj->value.string.base == 0) { + isc_mem_put(pctx->mctx, obj, sizeof(*obj)); + return (ISC_R_NOMEMORY); + } + memmove(obj->value.string.base, contents, len); + obj->value.string.base[len] = '\0'; + + *ret = obj; +cleanup: + return (result); +} + +isc_result_t +cfg_parse_qstring(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + + REQUIRE(pctx != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + UNUSED(type); + + CHECK(cfg_gettoken(pctx, CFG_LEXOPT_QSTRING)); + if (pctx->token.type != isc_tokentype_qstring) { + cfg_parser_error(pctx, CFG_LOG_NEAR, "expected quoted string"); + return (ISC_R_UNEXPECTEDTOKEN); + } + return (create_string(pctx, TOKEN_STRING(pctx), &cfg_type_qstring, + ret)); +cleanup: + return (result); +} + +static isc_result_t +parse_ustring(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + + UNUSED(type); + + CHECK(cfg_gettoken(pctx, 0)); + if (pctx->token.type != isc_tokentype_string) { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected unquoted string"); + return (ISC_R_UNEXPECTEDTOKEN); + } + return (create_string(pctx, TOKEN_STRING(pctx), &cfg_type_ustring, + ret)); +cleanup: + return (result); +} + +isc_result_t +cfg_parse_astring(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + + REQUIRE(pctx != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + UNUSED(type); + + CHECK(cfg_getstringtoken(pctx)); + return (create_string(pctx, TOKEN_STRING(pctx), &cfg_type_qstring, + ret)); +cleanup: + return (result); +} + +isc_result_t +cfg_parse_sstring(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + + REQUIRE(pctx != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + UNUSED(type); + + CHECK(cfg_getstringtoken(pctx)); + return (create_string(pctx, TOKEN_STRING(pctx), &cfg_type_sstring, + ret)); +cleanup: + return (result); +} + +static isc_result_t +parse_btext(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + + UNUSED(type); + + CHECK(cfg_gettoken(pctx, ISC_LEXOPT_BTEXT)); + if (pctx->token.type != isc_tokentype_btext) { + cfg_parser_error(pctx, CFG_LOG_NEAR, "expected bracketed text"); + return (ISC_R_UNEXPECTEDTOKEN); + } + return (create_string(pctx, TOKEN_STRING(pctx), + &cfg_type_bracketed_text, ret)); +cleanup: + return (result); +} + +static void +print_btext(cfg_printer_t *pctx, const cfg_obj_t *obj) { + /* + * We need to print "{" instead of running print_open() + * in order to preserve the exact original formatting + * of the bracketed text. But we increment the indent value + * so that print_close() will leave us back in our original + * state. + */ + pctx->indent++; + cfg_print_cstr(pctx, "{"); + cfg_print_chars(pctx, obj->value.string.base, obj->value.string.length); + print_close(pctx); +} + +static void +doc_btext(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + + cfg_print_cstr(pctx, "{ }"); +} + +bool +cfg_is_enum(const char *s, const char *const *enums) { + const char *const *p; + + REQUIRE(s != NULL); + REQUIRE(enums != NULL); + + for (p = enums; *p != NULL; p++) { + if (strcasecmp(*p, s) == 0) { + return (true); + } + } + return (false); +} + +static isc_result_t +check_enum(cfg_parser_t *pctx, cfg_obj_t *obj, const char *const *enums) { + const char *s = obj->value.string.base; + + if (cfg_is_enum(s, enums)) { + return (ISC_R_SUCCESS); + } + cfg_parser_error(pctx, 0, "'%s' unexpected", s); + return (ISC_R_UNEXPECTEDTOKEN); +} + +isc_result_t +cfg_parse_enum(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + CHECK(parse_ustring(pctx, NULL, &obj)); + CHECK(check_enum(pctx, obj, type->of)); + *ret = obj; + return (ISC_R_SUCCESS); +cleanup: + CLEANUP_OBJ(obj); + return (result); +} + +void +cfg_doc_enum(cfg_printer_t *pctx, const cfg_type_t *type) { + const char *const *p; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + + cfg_print_cstr(pctx, "( "); + for (p = type->of; *p != NULL; p++) { + cfg_print_cstr(pctx, *p); + if (p[1] != NULL) { + cfg_print_cstr(pctx, " | "); + } + } + cfg_print_cstr(pctx, " )"); +} + +isc_result_t +cfg_parse_enum_or_other(cfg_parser_t *pctx, const cfg_type_t *enumtype, + const cfg_type_t *othertype, cfg_obj_t **ret) { + isc_result_t result; + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_string && + cfg_is_enum(TOKEN_STRING(pctx), enumtype->of)) + { + CHECK(cfg_parse_enum(pctx, enumtype, ret)); + } else { + CHECK(cfg_parse_obj(pctx, othertype, ret)); + } +cleanup: + return (result); +} + +void +cfg_doc_enum_or_other(cfg_printer_t *pctx, const cfg_type_t *enumtype, + const cfg_type_t *othertype) { + const char *const *p; + bool first = true; + + /* + * If othertype is cfg_type_void, it means that enumtype is + * optional. + */ + + if (othertype == &cfg_type_void) { + cfg_print_cstr(pctx, "[ "); + } + cfg_print_cstr(pctx, "( "); + for (p = enumtype->of; *p != NULL; p++) { + if (!first) { + cfg_print_cstr(pctx, " | "); + } + first = false; + cfg_print_cstr(pctx, *p); + } + if (othertype != &cfg_type_void) { + if (!first) { + cfg_print_cstr(pctx, " | "); + } + cfg_doc_terminal(pctx, othertype); + } + cfg_print_cstr(pctx, " )"); + if (othertype == &cfg_type_void) { + cfg_print_cstr(pctx, " ]"); + } +} + +void +cfg_print_ustring(cfg_printer_t *pctx, const cfg_obj_t *obj) { + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + cfg_print_chars(pctx, obj->value.string.base, obj->value.string.length); +} + +static void +print_qstring(cfg_printer_t *pctx, const cfg_obj_t *obj) { + cfg_print_cstr(pctx, "\""); + for (size_t i = 0; i < obj->value.string.length; i++) { + if (obj->value.string.base[i] == '"') { + cfg_print_cstr(pctx, "\\"); + } + cfg_print_chars(pctx, &obj->value.string.base[i], 1); + } + cfg_print_cstr(pctx, "\""); +} + +static void +print_sstring(cfg_printer_t *pctx, const cfg_obj_t *obj) { + cfg_print_cstr(pctx, "\""); + if ((pctx->flags & CFG_PRINTER_XKEY) != 0) { + unsigned int len = obj->value.string.length; + while (len-- > 0) { + cfg_print_cstr(pctx, "?"); + } + } else { + cfg_print_ustring(pctx, obj); + } + cfg_print_cstr(pctx, "\""); +} + +static void +free_string(cfg_parser_t *pctx, cfg_obj_t *obj) { + isc_mem_put(pctx->mctx, obj->value.string.base, + obj->value.string.length + 1); +} + +bool +cfg_obj_isstring(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + return (obj->type->rep == &cfg_rep_string); +} + +const char * +cfg_obj_asstring(const cfg_obj_t *obj) { + REQUIRE(obj != NULL && obj->type->rep == &cfg_rep_string); + return (obj->value.string.base); +} + +/* Quoted string only */ +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_qstring = { + "quoted_string", cfg_parse_qstring, print_qstring, + cfg_doc_terminal, &cfg_rep_string, NULL +}; + +/* Unquoted string only */ +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_ustring = { + "string", parse_ustring, cfg_print_ustring, + cfg_doc_terminal, &cfg_rep_string, NULL +}; + +/* Any string (quoted or unquoted); printed with quotes */ +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_astring = { + "string", cfg_parse_astring, print_qstring, + cfg_doc_terminal, &cfg_rep_string, NULL +}; + +/* + * Any string (quoted or unquoted); printed with quotes. + * If CFG_PRINTER_XKEY is set when printing the string will be '?' out. + */ +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_sstring = { + "string", cfg_parse_sstring, print_sstring, + cfg_doc_terminal, &cfg_rep_string, NULL +}; + +/* + * Text enclosed in brackets. Used to pass a block of configuration + * text to dynamic library or external application. Checked for + * bracket balance, but not otherwise parsed. + */ +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_bracketed_text = { + "bracketed_text", parse_btext, print_btext, + doc_btext, &cfg_rep_string, NULL +}; + +#if defined(HAVE_GEOIP2) +/* + * "geoip" ACL element: + * geoip [ db ] search-type + */ +static const char *geoiptype_enums[] = { + "area", "areacode", "asnum", "city", "continent", + "country", "country3", "countryname", "domain", "isp", + "metro", "metrocode", "netspeed", "org", "postal", + "postalcode", "region", "regionname", "timezone", "tz", + NULL +}; +static cfg_type_t cfg_type_geoiptype = { "geoiptype", cfg_parse_enum, + cfg_print_ustring, cfg_doc_enum, + &cfg_rep_string, &geoiptype_enums }; + +static cfg_tuplefielddef_t geoip_fields[] = { + { "negated", &cfg_type_void, 0 }, + { "db", &cfg_type_astring, 0 }, + { "subtype", &cfg_type_geoiptype, 0 }, + { "search", &cfg_type_astring, 0 }, + { NULL, NULL, 0 } +}; + +static cfg_type_t cfg_type_geoip = { "geoip", parse_geoip, print_geoip, + doc_geoip, &cfg_rep_tuple, geoip_fields }; + +static isc_result_t +parse_geoip(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + const cfg_tuplefielddef_t *fields = type->of; + + CHECK(cfg_create_tuple(pctx, type, &obj)); + CHECK(cfg_parse_void(pctx, NULL, &obj->value.tuple[0])); + + /* Parse the optional "db" field. */ + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_string) { + CHECK(cfg_gettoken(pctx, 0)); + if (strcasecmp(TOKEN_STRING(pctx), "db") == 0 && + obj->value.tuple[1] == NULL) + { + CHECK(cfg_parse_obj(pctx, fields[1].type, + &obj->value.tuple[1])); + } else { + CHECK(cfg_parse_void(pctx, NULL, &obj->value.tuple[1])); + cfg_ungettoken(pctx); + } + } + + CHECK(cfg_parse_obj(pctx, fields[2].type, &obj->value.tuple[2])); + CHECK(cfg_parse_obj(pctx, fields[3].type, &obj->value.tuple[3])); + + *ret = obj; + return (ISC_R_SUCCESS); + +cleanup: + CLEANUP_OBJ(obj); + return (result); +} + +static void +print_geoip(cfg_printer_t *pctx, const cfg_obj_t *obj) { + if (obj->value.tuple[1]->type->print != cfg_print_void) { + cfg_print_cstr(pctx, " db "); + cfg_print_obj(pctx, obj->value.tuple[1]); + } + cfg_print_obj(pctx, obj->value.tuple[2]); + cfg_print_obj(pctx, obj->value.tuple[3]); +} + +static void +doc_geoip(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + cfg_print_cstr(pctx, "[ db "); + cfg_doc_obj(pctx, &cfg_type_astring); + cfg_print_cstr(pctx, " ]"); + cfg_print_cstr(pctx, " "); + cfg_doc_enum(pctx, &cfg_type_geoiptype); + cfg_print_cstr(pctx, " "); + cfg_doc_obj(pctx, &cfg_type_astring); +} +#endif /* HAVE_GEOIP2 */ + +static cfg_type_t cfg_type_addrmatchelt; +static cfg_type_t cfg_type_negated; + +static isc_result_t +parse_addrmatchelt(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + UNUSED(type); + + CHECK(cfg_peektoken(pctx, CFG_LEXOPT_QSTRING)); + + if (pctx->token.type == isc_tokentype_string || + pctx->token.type == isc_tokentype_qstring) + { + if (pctx->token.type == isc_tokentype_string && + (strcasecmp(TOKEN_STRING(pctx), "key") == 0)) + { + CHECK(cfg_parse_obj(pctx, &cfg_type_keyref, ret)); + } else if (pctx->token.type == isc_tokentype_string && + (strcasecmp(TOKEN_STRING(pctx), "geoip") == 0)) + { +#if defined(HAVE_GEOIP2) + CHECK(cfg_gettoken(pctx, 0)); + CHECK(cfg_parse_obj(pctx, &cfg_type_geoip, ret)); +#else /* if defined(HAVE_GEOIP2) */ + cfg_parser_error(pctx, CFG_LOG_NEAR, + "'geoip' " + "not supported in this build"); + return (ISC_R_UNEXPECTEDTOKEN); +#endif /* if defined(HAVE_GEOIP2) */ + } else { + if (cfg_lookingat_netaddr( + pctx, CFG_ADDR_V4OK | CFG_ADDR_V4PREFIXOK | + CFG_ADDR_V6OK)) + { + CHECK(cfg_parse_netprefix(pctx, NULL, ret)); + } else { + CHECK(cfg_parse_astring(pctx, NULL, ret)); + } + } + } else if (pctx->token.type == isc_tokentype_special) { + if (pctx->token.value.as_char == '{') { + /* Nested match list. */ + CHECK(cfg_parse_obj(pctx, &cfg_type_bracketed_aml, + ret)); + } else if (pctx->token.value.as_char == '!') { + CHECK(cfg_gettoken(pctx, 0)); /* read "!" */ + CHECK(cfg_parse_obj(pctx, &cfg_type_negated, ret)); + } else { + goto bad; + } + } else { + bad: + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected IP match list element"); + return (ISC_R_UNEXPECTEDTOKEN); + } +cleanup: + return (result); +} + +/*% + * A negated address match list element (like "! 10.0.0.1"). + * Somewhat sneakily, the caller is expected to parse the + * "!", but not to print it. + */ +static cfg_tuplefielddef_t negated_fields[] = { + { "negated", &cfg_type_addrmatchelt, 0 }, { NULL, NULL, 0 } +}; + +static void +print_negated(cfg_printer_t *pctx, const cfg_obj_t *obj) { + cfg_print_cstr(pctx, "!"); + cfg_print_tuple(pctx, obj); +} + +static cfg_type_t cfg_type_negated = { "negated", cfg_parse_tuple, + print_negated, NULL, + &cfg_rep_tuple, &negated_fields }; + +/*% An address match list element */ + +static cfg_type_t cfg_type_addrmatchelt = { "address_match_element", + parse_addrmatchelt, + NULL, + cfg_doc_terminal, + NULL, + NULL }; + +/*% + * A bracketed address match list + */ +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_bracketed_aml = { + "bracketed_aml", + cfg_parse_bracketed_list, + cfg_print_bracketed_list, + cfg_doc_bracketed_list, + &cfg_rep_list, + &cfg_type_addrmatchelt +}; + +/* + * Optional bracketed text + */ +static isc_result_t +parse_optional_btext(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + + UNUSED(type); + + CHECK(cfg_peektoken(pctx, ISC_LEXOPT_BTEXT)); + if (pctx->token.type == isc_tokentype_btext) { + CHECK(cfg_parse_obj(pctx, &cfg_type_bracketed_text, ret)); + } else { + CHECK(cfg_parse_obj(pctx, &cfg_type_void, ret)); + } +cleanup: + return (result); +} + +static void +print_optional_btext(cfg_printer_t *pctx, const cfg_obj_t *obj) { + if (obj->type == &cfg_type_void) { + return; + } + + pctx->indent++; + cfg_print_cstr(pctx, "{"); + cfg_print_chars(pctx, obj->value.string.base, obj->value.string.length); + print_close(pctx); +} + +static void +doc_optional_btext(cfg_printer_t *pctx, const cfg_type_t *type) { + UNUSED(type); + + cfg_print_cstr(pctx, "[ { } ]"); +} + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_optional_bracketed_text = { + "optional_btext", + parse_optional_btext, + print_optional_btext, + doc_optional_btext, + NULL, + NULL +}; + +/* + * Booleans + */ + +bool +cfg_obj_isboolean(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + return (obj->type->rep == &cfg_rep_boolean); +} + +bool +cfg_obj_asboolean(const cfg_obj_t *obj) { + REQUIRE(obj != NULL && obj->type->rep == &cfg_rep_boolean); + return (obj->value.boolean); +} + +isc_result_t +cfg_parse_boolean(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + bool value; + cfg_obj_t *obj = NULL; + + REQUIRE(pctx != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + UNUSED(type); + + result = cfg_gettoken(pctx, 0); + if (result != ISC_R_SUCCESS) { + return (result); + } + + if (pctx->token.type != isc_tokentype_string) { + goto bad_boolean; + } + + if ((strcasecmp(TOKEN_STRING(pctx), "true") == 0) || + (strcasecmp(TOKEN_STRING(pctx), "yes") == 0) || + (strcmp(TOKEN_STRING(pctx), "1") == 0)) + { + value = true; + } else if ((strcasecmp(TOKEN_STRING(pctx), "false") == 0) || + (strcasecmp(TOKEN_STRING(pctx), "no") == 0) || + (strcmp(TOKEN_STRING(pctx), "0") == 0)) + { + value = false; + } else { + goto bad_boolean; + } + + CHECK(cfg_create_obj(pctx, &cfg_type_boolean, &obj)); + obj->value.boolean = value; + *ret = obj; + return (result); + +bad_boolean: + cfg_parser_error(pctx, CFG_LOG_NEAR, "boolean expected"); + return (ISC_R_UNEXPECTEDTOKEN); + +cleanup: + return (result); +} + +void +cfg_print_boolean(cfg_printer_t *pctx, const cfg_obj_t *obj) { + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + if (obj->value.boolean) { + cfg_print_cstr(pctx, "yes"); + } else { + cfg_print_cstr(pctx, "no"); + } +} + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_boolean = { + "boolean", cfg_parse_boolean, cfg_print_boolean, + cfg_doc_terminal, &cfg_rep_boolean, NULL +}; + +/* + * Lists. + */ + +isc_result_t +cfg_create_list(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **obj) { + isc_result_t result; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + REQUIRE(obj != NULL && *obj == NULL); + + CHECK(cfg_create_obj(pctx, type, obj)); + ISC_LIST_INIT((*obj)->value.list); +cleanup: + return (result); +} + +static isc_result_t +create_listelt(cfg_parser_t *pctx, cfg_listelt_t **eltp) { + cfg_listelt_t *elt; + + elt = isc_mem_get(pctx->mctx, sizeof(*elt)); + elt->obj = NULL; + ISC_LINK_INIT(elt, link); + *eltp = elt; + return (ISC_R_SUCCESS); +} + +static void +free_listelt(cfg_parser_t *pctx, cfg_listelt_t *elt) { + if (elt->obj != NULL) { + cfg_obj_destroy(pctx, &elt->obj); + } + isc_mem_put(pctx->mctx, elt, sizeof(*elt)); +} + +static void +free_list(cfg_parser_t *pctx, cfg_obj_t *obj) { + cfg_listelt_t *elt, *next; + for (elt = ISC_LIST_HEAD(obj->value.list); elt != NULL; elt = next) { + next = ISC_LIST_NEXT(elt, link); + free_listelt(pctx, elt); + } +} + +isc_result_t +cfg_parse_listelt(cfg_parser_t *pctx, const cfg_type_t *elttype, + cfg_listelt_t **ret) { + isc_result_t result; + cfg_listelt_t *elt = NULL; + cfg_obj_t *value = NULL; + + REQUIRE(pctx != NULL); + REQUIRE(elttype != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + CHECK(create_listelt(pctx, &elt)); + + result = cfg_parse_obj(pctx, elttype, &value); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + + elt->obj = value; + + *ret = elt; + return (ISC_R_SUCCESS); + +cleanup: + isc_mem_put(pctx->mctx, elt, sizeof(*elt)); + return (result); +} + +/* + * Parse a homogeneous list whose elements are of type 'elttype' + * and where each element is terminated by a semicolon. + */ +static isc_result_t +parse_list(cfg_parser_t *pctx, const cfg_type_t *listtype, cfg_obj_t **ret) { + cfg_obj_t *listobj = NULL; + const cfg_type_t *listof = listtype->of; + isc_result_t result; + cfg_listelt_t *elt = NULL; + + CHECK(cfg_create_list(pctx, listtype, &listobj)); + + for (;;) { + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_special && + pctx->token.value.as_char == /*{*/ '}') + { + break; + } + CHECK(cfg_parse_listelt(pctx, listof, &elt)); + CHECK(parse_semicolon(pctx)); + ISC_LIST_APPEND(listobj->value.list, elt, link); + elt = NULL; + } + *ret = listobj; + return (ISC_R_SUCCESS); + +cleanup: + if (elt != NULL) { + free_listelt(pctx, elt); + } + CLEANUP_OBJ(listobj); + return (result); +} + +static void +print_list(cfg_printer_t *pctx, const cfg_obj_t *obj) { + const cfg_list_t *list = &obj->value.list; + const cfg_listelt_t *elt; + + for (elt = ISC_LIST_HEAD(*list); elt != NULL; + elt = ISC_LIST_NEXT(elt, link)) + { + if ((pctx->flags & CFG_PRINTER_ONELINE) != 0) { + cfg_print_obj(pctx, elt->obj); + cfg_print_cstr(pctx, "; "); + } else { + cfg_print_indent(pctx); + cfg_print_obj(pctx, elt->obj); + cfg_print_cstr(pctx, ";\n"); + } + } +} + +isc_result_t +cfg_parse_bracketed_list(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + isc_result_t result; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + CHECK(cfg_parse_special(pctx, '{')); + CHECK(parse_list(pctx, type, ret)); + CHECK(cfg_parse_special(pctx, '}')); +cleanup: + return (result); +} + +void +cfg_print_bracketed_list(cfg_printer_t *pctx, const cfg_obj_t *obj) { + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + print_open(pctx); + print_list(pctx, obj); + print_close(pctx); +} + +void +cfg_doc_bracketed_list(cfg_printer_t *pctx, const cfg_type_t *type) { + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + + cfg_print_cstr(pctx, "{ "); + cfg_doc_obj(pctx, type->of); + cfg_print_cstr(pctx, "; ... }"); +} + +/* + * Parse a homogeneous list whose elements are of type 'elttype' + * and where elements are separated by space. The list ends + * before the first semicolon. + */ +isc_result_t +cfg_parse_spacelist(cfg_parser_t *pctx, const cfg_type_t *listtype, + cfg_obj_t **ret) { + cfg_obj_t *listobj = NULL; + const cfg_type_t *listof; + isc_result_t result; + + REQUIRE(pctx != NULL); + REQUIRE(listtype != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + listof = listtype->of; + + CHECK(cfg_create_list(pctx, listtype, &listobj)); + + for (;;) { + cfg_listelt_t *elt = NULL; + + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_special && + pctx->token.value.as_char == ';') + { + break; + } + CHECK(cfg_parse_listelt(pctx, listof, &elt)); + ISC_LIST_APPEND(listobj->value.list, elt, link); + } + *ret = listobj; + return (ISC_R_SUCCESS); + +cleanup: + CLEANUP_OBJ(listobj); + return (result); +} + +void +cfg_print_spacelist(cfg_printer_t *pctx, const cfg_obj_t *obj) { + const cfg_list_t *list = NULL; + const cfg_listelt_t *elt = NULL; + + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + list = &obj->value.list; + + for (elt = ISC_LIST_HEAD(*list); elt != NULL; + elt = ISC_LIST_NEXT(elt, link)) + { + cfg_print_obj(pctx, elt->obj); + if (ISC_LIST_NEXT(elt, link) != NULL) { + cfg_print_cstr(pctx, " "); + } + } +} + +bool +cfg_obj_islist(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + return (obj->type->rep == &cfg_rep_list); +} + +const cfg_listelt_t * +cfg_list_first(const cfg_obj_t *obj) { + REQUIRE(obj == NULL || obj->type->rep == &cfg_rep_list); + if (obj == NULL) { + return (NULL); + } + return (ISC_LIST_HEAD(obj->value.list)); +} + +const cfg_listelt_t * +cfg_list_next(const cfg_listelt_t *elt) { + REQUIRE(elt != NULL); + return (ISC_LIST_NEXT(elt, link)); +} + +/* + * Return the length of a list object. If obj is NULL or is not + * a list, return 0. + */ +unsigned int +cfg_list_length(const cfg_obj_t *obj, bool recurse) { + const cfg_listelt_t *elt; + unsigned int count = 0; + + if (obj == NULL || !cfg_obj_islist(obj)) { + return (0U); + } + for (elt = cfg_list_first(obj); elt != NULL; elt = cfg_list_next(elt)) { + if (recurse && cfg_obj_islist(elt->obj)) { + count += cfg_list_length(elt->obj, recurse); + } else { + count++; + } + } + return (count); +} + +cfg_obj_t * +cfg_listelt_value(const cfg_listelt_t *elt) { + REQUIRE(elt != NULL); + return (elt->obj); +} + +/* + * Maps. + */ + +/* + * Parse a map body. That's something like + * + * "foo 1; bar { glub; }; zap true; zap false;" + * + * i.e., a sequence of option names followed by values and + * terminated by semicolons. Used for the top level of + * the named.conf syntax, as well as for the body of the + * options, view, zone, and other statements. + */ +isc_result_t +cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + const cfg_clausedef_t *const *clausesets; + isc_result_t result; + const cfg_clausedef_t *const *clauseset; + const cfg_clausedef_t *clause; + cfg_obj_t *value = NULL; + cfg_obj_t *obj = NULL; + cfg_obj_t *eltobj = NULL; + cfg_obj_t *includename = NULL; + isc_symvalue_t symval; + cfg_list_t *list = NULL; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + clausesets = type->of; + + CHECK(create_map(pctx, type, &obj)); + + obj->value.map.clausesets = clausesets; + + for (;;) { + cfg_listelt_t *elt; + + redo: + /* + * Parse the option name and see if it is known. + */ + CHECK(cfg_gettoken(pctx, 0)); + + if (pctx->token.type != isc_tokentype_string) { + cfg_ungettoken(pctx); + break; + } + + /* + * We accept "include" statements wherever a map body + * clause can occur. + */ + if (strcasecmp(TOKEN_STRING(pctx), "include") == 0) { + /* + * Turn the file name into a temporary configuration + * object just so that it is not overwritten by the + * semicolon token. + */ + CHECK(cfg_parse_obj(pctx, &cfg_type_qstring, + &includename)); + CHECK(parse_semicolon(pctx)); + CHECK(parser_openfile(pctx, + includename->value.string.base)); + cfg_obj_destroy(pctx, &includename); + goto redo; + } + + clause = NULL; + for (clauseset = clausesets; *clauseset != NULL; clauseset++) { + for (clause = *clauseset; clause->name != NULL; + clause++) + { + if (strcasecmp(TOKEN_STRING(pctx), + clause->name) == 0) + { + goto done; + } + } + } + done: + if (clause == NULL || clause->name == NULL) { + cfg_parser_error(pctx, CFG_LOG_NOPREP, + "unknown option"); + /* + * Try to recover by parsing this option as an unknown + * option and discarding it. + */ + CHECK(cfg_parse_obj(pctx, &cfg_type_unsupported, + &eltobj)); + cfg_obj_destroy(pctx, &eltobj); + CHECK(parse_semicolon(pctx)); + continue; + } + + /* Clause is known. */ + + /* Issue fatal errors if appropriate */ + if ((clause->flags & CFG_CLAUSEFLAG_ANCIENT) != 0) { + cfg_parser_error(pctx, 0, + "option '%s' no longer exists", + clause->name); + CHECK(ISC_R_FAILURE); + } + + /* Issue warnings if appropriate */ + if ((pctx->flags & CFG_PCTX_NODEPRECATED) == 0 && + (clause->flags & CFG_CLAUSEFLAG_DEPRECATED) != 0) + { + cfg_parser_warning(pctx, 0, "option '%s' is deprecated", + clause->name); + } + if ((clause->flags & CFG_CLAUSEFLAG_OBSOLETE) != 0) { + cfg_parser_warning(pctx, 0, + "option '%s' is obsolete and " + "should be removed ", + clause->name); + } + if ((clause->flags & CFG_CLAUSEFLAG_NOTIMP) != 0) { + cfg_parser_warning(pctx, 0, + "option '%s' is not implemented", + clause->name); + } + if ((clause->flags & CFG_CLAUSEFLAG_NYI) != 0) { + cfg_parser_warning(pctx, 0, + "option '%s' is not implemented", + clause->name); + } + if ((clause->flags & CFG_CLAUSEFLAG_NOOP) != 0) { + cfg_parser_warning(pctx, 0, + "option '%s' was not " + "enabled at compile time " + "(ignored)", + clause->name); + } + + if ((clause->flags & CFG_CLAUSEFLAG_NOTCONFIGURED) != 0) { + cfg_parser_error(pctx, 0, + "option '%s' was not " + "enabled at compile time", + clause->name); + CHECK(ISC_R_FAILURE); + } + + /* + * Don't log options with CFG_CLAUSEFLAG_NEWDEFAULT + * set here - we need to log the *lack* of such an option, + * not its presence. + */ + + /* See if the clause already has a value; if not create one. */ + result = isc_symtab_lookup(obj->value.map.symtab, clause->name, + 0, &symval); + + if ((clause->flags & CFG_CLAUSEFLAG_MULTI) != 0) { + /* Multivalued clause */ + cfg_obj_t *listobj = NULL; + if (result == ISC_R_NOTFOUND) { + CHECK(cfg_create_list(pctx, + &cfg_type_implicitlist, + &listobj)); + symval.as_pointer = listobj; + result = isc_symtab_define( + obj->value.map.symtab, clause->name, 1, + symval, isc_symexists_reject); + if (result != ISC_R_SUCCESS) { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "isc_symtab_define(%s)" + " " + "failed", + clause->name); + isc_mem_put(pctx->mctx, list, + sizeof(cfg_list_t)); + goto cleanup; + } + } else { + INSIST(result == ISC_R_SUCCESS); + listobj = symval.as_pointer; + } + + elt = NULL; + CHECK(cfg_parse_listelt(pctx, clause->type, &elt)); + CHECK(parse_semicolon(pctx)); + + ISC_LIST_APPEND(listobj->value.list, elt, link); + } else { + /* Single-valued clause */ + if (result == ISC_R_NOTFOUND) { + bool callback = ((clause->flags & + CFG_CLAUSEFLAG_CALLBACK) != + 0); + CHECK(parse_symtab_elt( + pctx, clause->name, clause->type, + obj->value.map.symtab, callback)); + CHECK(parse_semicolon(pctx)); + } else if (result == ISC_R_SUCCESS) { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "'%s' redefined", + clause->name); + result = ISC_R_EXISTS; + goto cleanup; + } else { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "isc_symtab_define() failed"); + goto cleanup; + } + } + } + + *ret = obj; + return (ISC_R_SUCCESS); + +cleanup: + CLEANUP_OBJ(value); + CLEANUP_OBJ(obj); + CLEANUP_OBJ(eltobj); + CLEANUP_OBJ(includename); + return (result); +} + +static isc_result_t +parse_symtab_elt(cfg_parser_t *pctx, const char *name, cfg_type_t *elttype, + isc_symtab_t *symtab, bool callback) { + isc_result_t result; + cfg_obj_t *obj = NULL; + isc_symvalue_t symval; + + CHECK(cfg_parse_obj(pctx, elttype, &obj)); + + if (callback && pctx->callback != NULL) { + CHECK(pctx->callback(name, obj, pctx->callbackarg)); + } + + symval.as_pointer = obj; + CHECK(isc_symtab_define(symtab, name, 1, symval, isc_symexists_reject)); + return (ISC_R_SUCCESS); + +cleanup: + CLEANUP_OBJ(obj); + return (result); +} + +/* + * Parse a map; e.g., "{ foo 1; bar { glub; }; zap true; zap false; }" + */ +isc_result_t +cfg_parse_map(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + CHECK(cfg_parse_special(pctx, '{')); + CHECK(cfg_parse_mapbody(pctx, type, ret)); + CHECK(cfg_parse_special(pctx, '}')); +cleanup: + return (result); +} + +/* + * Subroutine for cfg_parse_named_map() and cfg_parse_addressed_map(). + */ +static isc_result_t +parse_any_named_map(cfg_parser_t *pctx, cfg_type_t *nametype, + const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *idobj = NULL; + cfg_obj_t *mapobj = NULL; + + REQUIRE(pctx != NULL); + REQUIRE(nametype != NULL); + REQUIRE(type != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + CHECK(cfg_parse_obj(pctx, nametype, &idobj)); + CHECK(cfg_parse_map(pctx, type, &mapobj)); + mapobj->value.map.id = idobj; + *ret = mapobj; + return (result); +cleanup: + CLEANUP_OBJ(idobj); + CLEANUP_OBJ(mapobj); + return (result); +} + +/* + * Parse a map identified by a string name. E.g., "name { foo 1; }". + * Used for the "key" and "channel" statements. + */ +isc_result_t +cfg_parse_named_map(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + return (parse_any_named_map(pctx, &cfg_type_astring, type, ret)); +} + +/* + * Parse a map identified by a network address. + * Used to be used for the "server" statement. + */ +isc_result_t +cfg_parse_addressed_map(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + return (parse_any_named_map(pctx, &cfg_type_netaddr, type, ret)); +} + +/* + * Parse a map identified by a network prefix. + * Used for the "server" statement. + */ +isc_result_t +cfg_parse_netprefix_map(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + return (parse_any_named_map(pctx, &cfg_type_netprefix, type, ret)); +} + +static void +print_symval(cfg_printer_t *pctx, const char *name, cfg_obj_t *obj) { + if ((pctx->flags & CFG_PRINTER_ONELINE) == 0) { + cfg_print_indent(pctx); + } + + cfg_print_cstr(pctx, name); + cfg_print_cstr(pctx, " "); + cfg_print_obj(pctx, obj); + + if ((pctx->flags & CFG_PRINTER_ONELINE) == 0) { + cfg_print_cstr(pctx, ";\n"); + } else { + cfg_print_cstr(pctx, "; "); + } +} + +void +cfg_print_mapbody(cfg_printer_t *pctx, const cfg_obj_t *obj) { + const cfg_clausedef_t *const *clauseset; + + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + for (clauseset = obj->value.map.clausesets; *clauseset != NULL; + clauseset++) + { + isc_symvalue_t symval; + const cfg_clausedef_t *clause; + + for (clause = *clauseset; clause->name != NULL; clause++) { + isc_result_t result; + result = isc_symtab_lookup(obj->value.map.symtab, + clause->name, 0, &symval); + if (result == ISC_R_SUCCESS) { + cfg_obj_t *symobj = symval.as_pointer; + if (symobj->type == &cfg_type_implicitlist) { + /* Multivalued. */ + cfg_list_t *list = &symobj->value.list; + cfg_listelt_t *elt; + for (elt = ISC_LIST_HEAD(*list); + elt != NULL; + elt = ISC_LIST_NEXT(elt, link)) + { + print_symval(pctx, clause->name, + elt->obj); + } + } else { + /* Single-valued. */ + print_symval(pctx, clause->name, + symobj); + } + } else if (result == ISC_R_NOTFOUND) { + /* do nothing */ + } else { + UNREACHABLE(); + } + } + } +} + +static struct flagtext { + unsigned int flag; + const char *text; +} flagtexts[] = { { CFG_CLAUSEFLAG_NOTIMP, "not implemented" }, + { CFG_CLAUSEFLAG_NYI, "not yet implemented" }, + { CFG_CLAUSEFLAG_OBSOLETE, "obsolete" }, + { CFG_CLAUSEFLAG_NEWDEFAULT, "default changed" }, + { CFG_CLAUSEFLAG_TESTONLY, "test only" }, + { CFG_CLAUSEFLAG_NOTCONFIGURED, "not configured" }, + { CFG_CLAUSEFLAG_MULTI, "may occur multiple times" }, + { CFG_CLAUSEFLAG_EXPERIMENTAL, "experimental" }, + { CFG_CLAUSEFLAG_NOOP, "non-operational" }, + { CFG_CLAUSEFLAG_DEPRECATED, "deprecated" }, + { CFG_CLAUSEFLAG_ANCIENT, "ancient" }, + { 0, NULL } }; + +void +cfg_print_clauseflags(cfg_printer_t *pctx, unsigned int flags) { + struct flagtext *p; + bool first = true; + for (p = flagtexts; p->flag != 0; p++) { + if ((flags & p->flag) != 0) { + if (first) { + cfg_print_cstr(pctx, " // "); + } else { + cfg_print_cstr(pctx, ", "); + } + cfg_print_cstr(pctx, p->text); + first = false; + } + } +} + +void +cfg_doc_mapbody(cfg_printer_t *pctx, const cfg_type_t *type) { + const cfg_clausedef_t *const *clauseset; + const cfg_clausedef_t *clause; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + + for (clauseset = type->of; *clauseset != NULL; clauseset++) { + for (clause = *clauseset; clause->name != NULL; clause++) { + if (((pctx->flags & CFG_PRINTER_ACTIVEONLY) != 0) && + (((clause->flags & CFG_CLAUSEFLAG_OBSOLETE) != 0) || + ((clause->flags & CFG_CLAUSEFLAG_ANCIENT) != 0) || + ((clause->flags & CFG_CLAUSEFLAG_NYI) != 0) || + ((clause->flags & CFG_CLAUSEFLAG_TESTONLY) != 0))) + { + continue; + } + cfg_print_cstr(pctx, clause->name); + cfg_print_cstr(pctx, " "); + cfg_doc_obj(pctx, clause->type); + cfg_print_cstr(pctx, ";"); + cfg_print_clauseflags(pctx, clause->flags); + cfg_print_cstr(pctx, "\n\n"); + } + } +} + +void +cfg_print_map(cfg_printer_t *pctx, const cfg_obj_t *obj) { + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + if (obj->value.map.id != NULL) { + cfg_print_obj(pctx, obj->value.map.id); + cfg_print_cstr(pctx, " "); + } + print_open(pctx); + cfg_print_mapbody(pctx, obj); + print_close(pctx); +} + +void +cfg_doc_map(cfg_printer_t *pctx, const cfg_type_t *type) { + const cfg_clausedef_t *const *clauseset; + const cfg_clausedef_t *clause; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + + if (type->parse == cfg_parse_named_map) { + cfg_doc_obj(pctx, &cfg_type_astring); + cfg_print_cstr(pctx, " "); + } else if (type->parse == cfg_parse_addressed_map) { + cfg_doc_obj(pctx, &cfg_type_netaddr); + cfg_print_cstr(pctx, " "); + } else if (type->parse == cfg_parse_netprefix_map) { + cfg_doc_obj(pctx, &cfg_type_netprefix); + cfg_print_cstr(pctx, " "); + } + + print_open(pctx); + + for (clauseset = type->of; *clauseset != NULL; clauseset++) { + for (clause = *clauseset; clause->name != NULL; clause++) { + if (((pctx->flags & CFG_PRINTER_ACTIVEONLY) != 0) && + (((clause->flags & CFG_CLAUSEFLAG_OBSOLETE) != 0) || + ((clause->flags & CFG_CLAUSEFLAG_ANCIENT) != 0) || + ((clause->flags & CFG_CLAUSEFLAG_NYI) != 0) || + ((clause->flags & CFG_CLAUSEFLAG_TESTONLY) != 0))) + { + continue; + } + cfg_print_indent(pctx); + cfg_print_cstr(pctx, clause->name); + if (clause->type->print != cfg_print_void) { + cfg_print_cstr(pctx, " "); + } + cfg_doc_obj(pctx, clause->type); + cfg_print_cstr(pctx, ";"); + cfg_print_clauseflags(pctx, clause->flags); + cfg_print_cstr(pctx, "\n"); + } + } + print_close(pctx); +} + +bool +cfg_obj_ismap(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + return (obj->type->rep == &cfg_rep_map); +} + +isc_result_t +cfg_map_get(const cfg_obj_t *mapobj, const char *name, const cfg_obj_t **obj) { + isc_result_t result; + isc_symvalue_t val; + const cfg_map_t *map; + + REQUIRE(mapobj != NULL && mapobj->type->rep == &cfg_rep_map); + REQUIRE(name != NULL); + REQUIRE(obj != NULL && *obj == NULL); + + map = &mapobj->value.map; + + result = isc_symtab_lookup(map->symtab, name, MAP_SYM, &val); + if (result != ISC_R_SUCCESS) { + return (result); + } + *obj = val.as_pointer; + return (ISC_R_SUCCESS); +} + +const cfg_obj_t * +cfg_map_getname(const cfg_obj_t *mapobj) { + REQUIRE(mapobj != NULL && mapobj->type->rep == &cfg_rep_map); + return (mapobj->value.map.id); +} + +unsigned int +cfg_map_count(const cfg_obj_t *mapobj) { + const cfg_map_t *map; + + REQUIRE(mapobj != NULL && mapobj->type->rep == &cfg_rep_map); + + map = &mapobj->value.map; + return (isc_symtab_count(map->symtab)); +} + +const char * +cfg_map_firstclause(const cfg_type_t *map, const void **clauses, + unsigned int *idx) { + cfg_clausedef_t *const *clauseset; + + REQUIRE(map != NULL && map->rep == &cfg_rep_map); + REQUIRE(idx != NULL); + REQUIRE(clauses != NULL && *clauses == NULL); + + clauseset = map->of; + if (*clauseset == NULL) { + return (NULL); + } + *clauses = *clauseset; + *idx = 0; + while ((*clauseset)[*idx].name == NULL) { + *clauses = (*++clauseset); + if (*clauses == NULL) { + return (NULL); + } + } + return ((*clauseset)[*idx].name); +} + +const char * +cfg_map_nextclause(const cfg_type_t *map, const void **clauses, + unsigned int *idx) { + cfg_clausedef_t *const *clauseset; + + REQUIRE(map != NULL && map->rep == &cfg_rep_map); + REQUIRE(idx != NULL); + REQUIRE(clauses != NULL && *clauses != NULL); + + clauseset = map->of; + while (*clauseset != NULL && *clauseset != *clauses) { + clauseset++; + } + INSIST(*clauseset == *clauses); + (*idx)++; + while ((*clauseset)[*idx].name == NULL) { + *idx = 0; + *clauses = (*++clauseset); + if (*clauses == NULL) { + return (NULL); + } + } + return ((*clauseset)[*idx].name); +} + +/* Parse an arbitrary token, storing its raw text representation. */ +static isc_result_t +parse_token(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + cfg_obj_t *obj = NULL; + isc_result_t result; + isc_region_t r; + + UNUSED(type); + + CHECK(cfg_create_obj(pctx, &cfg_type_token, &obj)); + CHECK(cfg_gettoken(pctx, CFG_LEXOPT_QSTRING)); + if (pctx->token.type == isc_tokentype_eof) { + cfg_ungettoken(pctx); + result = ISC_R_EOF; + goto cleanup; + } + + isc_lex_getlasttokentext(pctx->lexer, &pctx->token, &r); + + obj->value.string.base = isc_mem_get(pctx->mctx, r.length + 1); + obj->value.string.length = r.length; + memmove(obj->value.string.base, r.base, r.length); + obj->value.string.base[r.length] = '\0'; + *ret = obj; + return (result); + +cleanup: + if (obj != NULL) { + isc_mem_put(pctx->mctx, obj, sizeof(*obj)); + } + return (result); +} + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_token = { + "token", parse_token, cfg_print_ustring, + cfg_doc_terminal, &cfg_rep_string, NULL +}; + +/* + * An unsupported option. This is just a list of tokens with balanced braces + * ending in a semicolon. + */ + +static isc_result_t +parse_unsupported(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + cfg_obj_t *listobj = NULL; + isc_result_t result; + int braces = 0; + + CHECK(cfg_create_list(pctx, type, &listobj)); + + for (;;) { + cfg_listelt_t *elt = NULL; + + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_special) { + if (pctx->token.value.as_char == '{') { + braces++; + } else if (pctx->token.value.as_char == '}') { + braces--; + } else if (pctx->token.value.as_char == ';') { + if (braces == 0) { + break; + } + } + } + if (pctx->token.type == isc_tokentype_eof || braces < 0) { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "unexpected token"); + result = ISC_R_UNEXPECTEDTOKEN; + goto cleanup; + } + + CHECK(cfg_parse_listelt(pctx, &cfg_type_token, &elt)); + ISC_LIST_APPEND(listobj->value.list, elt, link); + } + INSIST(braces == 0); + *ret = listobj; + return (ISC_R_SUCCESS); + +cleanup: + CLEANUP_OBJ(listobj); + return (result); +} + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_unsupported = { + "unsupported", parse_unsupported, cfg_print_spacelist, + cfg_doc_terminal, &cfg_rep_list, NULL +}; + +/* + * Try interpreting the current token as a network address. + * + * If CFG_ADDR_WILDOK is set in flags, "*" can be used as a wildcard + * and at least one of CFG_ADDR_V4OK and CFG_ADDR_V6OK must also be set. The + * "*" is interpreted as the IPv4 wildcard address if CFG_ADDR_V4OK is + * set (including the case where CFG_ADDR_V4OK and CFG_ADDR_V6OK are both set), + * and the IPv6 wildcard address otherwise. + */ +static isc_result_t +token_addr(cfg_parser_t *pctx, unsigned int flags, isc_netaddr_t *na) { + char *s; + struct in_addr in4a; + struct in6_addr in6a; + + if (pctx->token.type != isc_tokentype_string) { + return (ISC_R_UNEXPECTEDTOKEN); + } + + s = TOKEN_STRING(pctx); + if ((flags & CFG_ADDR_WILDOK) != 0 && strcmp(s, "*") == 0) { + if ((flags & CFG_ADDR_V4OK) != 0) { + isc_netaddr_any(na); + return (ISC_R_SUCCESS); + } else if ((flags & CFG_ADDR_V6OK) != 0) { + isc_netaddr_any6(na); + return (ISC_R_SUCCESS); + } else { + UNREACHABLE(); + } + } else { + if ((flags & (CFG_ADDR_V4OK | CFG_ADDR_V4PREFIXOK)) != 0) { + if (inet_pton(AF_INET, s, &in4a) == 1) { + isc_netaddr_fromin(na, &in4a); + return (ISC_R_SUCCESS); + } + } + if ((flags & CFG_ADDR_V4PREFIXOK) != 0 && strlen(s) <= 15U) { + char buf[64]; + int i; + + strlcpy(buf, s, sizeof(buf)); + for (i = 0; i < 3; i++) { + strlcat(buf, ".0", sizeof(buf)); + if (inet_pton(AF_INET, buf, &in4a) == 1) { + isc_netaddr_fromin(na, &in4a); + return (ISC_R_IPV4PREFIX); + } + } + } + if ((flags & CFG_ADDR_V6OK) != 0 && strlen(s) <= 127U) { + char buf[128]; /* see lib/bind9/getaddresses.c */ + char *d; /* zone delimiter */ + uint32_t zone = 0; /* scope zone ID */ + + strlcpy(buf, s, sizeof(buf)); + d = strchr(buf, '%'); + if (d != NULL) { + *d = '\0'; + } + + if (inet_pton(AF_INET6, buf, &in6a) == 1) { + if (d != NULL) { + isc_result_t result; + + result = isc_netscope_pton( + AF_INET6, d + 1, &in6a, &zone); + if (result != ISC_R_SUCCESS) { + return (result); + } + } + + isc_netaddr_fromin6(na, &in6a); + isc_netaddr_setzone(na, zone); + return (ISC_R_SUCCESS); + } + } + } + return (ISC_R_UNEXPECTEDTOKEN); +} + +isc_result_t +cfg_parse_rawaddr(cfg_parser_t *pctx, unsigned int flags, isc_netaddr_t *na) { + isc_result_t result; + const char *wild = ""; + const char *prefix = ""; + + REQUIRE(pctx != NULL); + REQUIRE(na != NULL); + + CHECK(cfg_gettoken(pctx, 0)); + result = token_addr(pctx, flags, na); + if (result == ISC_R_UNEXPECTEDTOKEN) { + if ((flags & CFG_ADDR_WILDOK) != 0) { + wild = " or '*'"; + } + if ((flags & CFG_ADDR_V4PREFIXOK) != 0) { + wild = " or IPv4 prefix"; + } + if ((flags & CFG_ADDR_MASK) == CFG_ADDR_V4OK) { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected IPv4 address%s%s", prefix, + wild); + } else if ((flags & CFG_ADDR_MASK) == CFG_ADDR_V6OK) { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected IPv6 address%s%s", prefix, + wild); + } else { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected IP address%s%s", prefix, + wild); + } + } +cleanup: + return (result); +} + +bool +cfg_lookingat_netaddr(cfg_parser_t *pctx, unsigned int flags) { + isc_result_t result; + isc_netaddr_t na_dummy; + + REQUIRE(pctx != NULL); + + result = token_addr(pctx, flags, &na_dummy); + return (result == ISC_R_SUCCESS || result == ISC_R_IPV4PREFIX); +} + +isc_result_t +cfg_parse_rawport(cfg_parser_t *pctx, unsigned int flags, in_port_t *port) { + isc_result_t result; + + REQUIRE(pctx != NULL); + REQUIRE(port != NULL); + + CHECK(cfg_gettoken(pctx, ISC_LEXOPT_NUMBER)); + + if ((flags & CFG_ADDR_WILDOK) != 0 && + pctx->token.type == isc_tokentype_string && + strcmp(TOKEN_STRING(pctx), "*") == 0) + { + *port = 0; + return (ISC_R_SUCCESS); + } + if (pctx->token.type != isc_tokentype_number) { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected port number or '*'"); + return (ISC_R_UNEXPECTEDTOKEN); + } + if (pctx->token.value.as_ulong >= 65536U) { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "port number out of range"); + return (ISC_R_UNEXPECTEDTOKEN); + } + *port = (in_port_t)(pctx->token.value.as_ulong); + return (ISC_R_SUCCESS); +cleanup: + return (result); +} + +void +cfg_print_rawaddr(cfg_printer_t *pctx, const isc_netaddr_t *na) { + isc_result_t result; + char text[128]; + isc_buffer_t buf; + + REQUIRE(pctx != NULL); + REQUIRE(na != NULL); + + isc_buffer_init(&buf, text, sizeof(text)); + result = isc_netaddr_totext(na, &buf); + RUNTIME_CHECK(result == ISC_R_SUCCESS); + cfg_print_chars(pctx, isc_buffer_base(&buf), + isc_buffer_usedlength(&buf)); +} + +isc_result_t +cfg_parse_dscp(cfg_parser_t *pctx, isc_dscp_t *dscp) { + isc_result_t result; + + REQUIRE(pctx != NULL); + REQUIRE(dscp != NULL); + + CHECK(cfg_gettoken(pctx, ISC_LEXOPT_NUMBER | ISC_LEXOPT_CNUMBER)); + + if (pctx->token.type != isc_tokentype_number) { + cfg_parser_error(pctx, CFG_LOG_NEAR, "expected number"); + return (ISC_R_UNEXPECTEDTOKEN); + } + if (pctx->token.value.as_ulong > 63U) { + cfg_parser_error(pctx, CFG_LOG_NEAR, "dscp out of range"); + return (ISC_R_RANGE); + } + *dscp = (isc_dscp_t)(pctx->token.value.as_ulong); + return (ISC_R_SUCCESS); +cleanup: + return (result); +} + +/* netaddr */ + +static unsigned int netaddr_flags = CFG_ADDR_V4OK | CFG_ADDR_V6OK; +static unsigned int netaddr4_flags = CFG_ADDR_V4OK; +static unsigned int netaddr4wild_flags = CFG_ADDR_V4OK | CFG_ADDR_WILDOK; +static unsigned int netaddr6_flags = CFG_ADDR_V6OK; +static unsigned int netaddr6wild_flags = CFG_ADDR_V6OK | CFG_ADDR_WILDOK; + +static isc_result_t +parse_netaddr(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + cfg_obj_t *obj = NULL; + isc_netaddr_t netaddr; + unsigned int flags = *(const unsigned int *)type->of; + + CHECK(cfg_create_obj(pctx, type, &obj)); + CHECK(cfg_parse_rawaddr(pctx, flags, &netaddr)); + isc_sockaddr_fromnetaddr(&obj->value.sockaddr, &netaddr, 0); + obj->value.sockaddrdscp.dscp = -1; + *ret = obj; + return (ISC_R_SUCCESS); +cleanup: + CLEANUP_OBJ(obj); + return (result); +} + +static void +cfg_doc_netaddr(cfg_printer_t *pctx, const cfg_type_t *type) { + const unsigned int *flagp = type->of; + int n = 0; + if (*flagp != CFG_ADDR_V4OK && *flagp != CFG_ADDR_V6OK) { + cfg_print_cstr(pctx, "( "); + } + if ((*flagp & CFG_ADDR_V4OK) != 0) { + cfg_print_cstr(pctx, ""); + n++; + } + if ((*flagp & CFG_ADDR_V6OK) != 0) { + if (n != 0) { + cfg_print_cstr(pctx, " | "); + } + cfg_print_cstr(pctx, ""); + n++; + } + if ((*flagp & CFG_ADDR_WILDOK) != 0) { + if (n != 0) { + cfg_print_cstr(pctx, " | "); + } + cfg_print_cstr(pctx, "*"); + n++; + POST(n); + } + if (*flagp != CFG_ADDR_V4OK && *flagp != CFG_ADDR_V6OK) { + cfg_print_cstr(pctx, " )"); + } +} + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_netaddr = { + "netaddr", parse_netaddr, cfg_print_sockaddr, + cfg_doc_netaddr, &cfg_rep_sockaddr, &netaddr_flags +}; + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_netaddr4 = { + "netaddr4", parse_netaddr, cfg_print_sockaddr, + cfg_doc_netaddr, &cfg_rep_sockaddr, &netaddr4_flags +}; + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_netaddr4wild = { + "netaddr4wild", parse_netaddr, cfg_print_sockaddr, + cfg_doc_netaddr, &cfg_rep_sockaddr, &netaddr4wild_flags +}; + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_netaddr6 = { + "netaddr6", parse_netaddr, cfg_print_sockaddr, + cfg_doc_netaddr, &cfg_rep_sockaddr, &netaddr6_flags +}; + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_netaddr6wild = { + "netaddr6wild", parse_netaddr, cfg_print_sockaddr, + cfg_doc_netaddr, &cfg_rep_sockaddr, &netaddr6wild_flags +}; + +/* netprefix */ + +isc_result_t +cfg_parse_netprefix(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + cfg_obj_t *obj = NULL; + isc_result_t result; + isc_netaddr_t netaddr; + unsigned int addrlen = 0, prefixlen; + bool expectprefix; + + REQUIRE(pctx != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + UNUSED(type); + + result = cfg_parse_rawaddr( + pctx, CFG_ADDR_V4OK | CFG_ADDR_V4PREFIXOK | CFG_ADDR_V6OK, + &netaddr); + if (result != ISC_R_SUCCESS && result != ISC_R_IPV4PREFIX) { + CHECK(result); + } + switch (netaddr.family) { + case AF_INET: + addrlen = 32; + break; + case AF_INET6: + addrlen = 128; + break; + default: + UNREACHABLE(); + } + expectprefix = (result == ISC_R_IPV4PREFIX); + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_special && + pctx->token.value.as_char == '/') + { + CHECK(cfg_gettoken(pctx, 0)); /* read "/" */ + CHECK(cfg_gettoken(pctx, ISC_LEXOPT_NUMBER)); + if (pctx->token.type != isc_tokentype_number) { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "expected prefix length"); + return (ISC_R_UNEXPECTEDTOKEN); + } + prefixlen = pctx->token.value.as_ulong; + if (prefixlen > addrlen) { + cfg_parser_error(pctx, CFG_LOG_NOPREP, + "invalid prefix length"); + return (ISC_R_RANGE); + } + result = isc_netaddr_prefixok(&netaddr, prefixlen); + if (result != ISC_R_SUCCESS) { + char buf[ISC_NETADDR_FORMATSIZE + 1]; + isc_netaddr_format(&netaddr, buf, sizeof(buf)); + cfg_parser_error(pctx, CFG_LOG_NOPREP, + "'%s/%u': address/prefix length " + "mismatch", + buf, prefixlen); + return (ISC_R_FAILURE); + } + } else { + if (expectprefix) { + cfg_parser_error(pctx, CFG_LOG_NEAR, + "incomplete IPv4 address or prefix"); + return (ISC_R_FAILURE); + } + prefixlen = addrlen; + } + CHECK(cfg_create_obj(pctx, &cfg_type_netprefix, &obj)); + obj->value.netprefix.address = netaddr; + obj->value.netprefix.prefixlen = prefixlen; + *ret = obj; + return (ISC_R_SUCCESS); +cleanup: + cfg_parser_error(pctx, CFG_LOG_NEAR, "expected network prefix"); + return (result); +} + +static void +print_netprefix(cfg_printer_t *pctx, const cfg_obj_t *obj) { + const cfg_netprefix_t *p = &obj->value.netprefix; + + cfg_print_rawaddr(pctx, &p->address); + cfg_print_cstr(pctx, "/"); + cfg_print_rawuint(pctx, p->prefixlen); +} + +bool +cfg_obj_isnetprefix(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + return (obj->type->rep == &cfg_rep_netprefix); +} + +void +cfg_obj_asnetprefix(const cfg_obj_t *obj, isc_netaddr_t *netaddr, + unsigned int *prefixlen) { + REQUIRE(obj != NULL && obj->type->rep == &cfg_rep_netprefix); + REQUIRE(netaddr != NULL); + REQUIRE(prefixlen != NULL); + + *netaddr = obj->value.netprefix.address; + *prefixlen = obj->value.netprefix.prefixlen; +} + +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_netprefix = { + "netprefix", cfg_parse_netprefix, print_netprefix, + cfg_doc_terminal, &cfg_rep_netprefix, NULL +}; + +static isc_result_t +parse_sockaddrsub(cfg_parser_t *pctx, const cfg_type_t *type, int flags, + cfg_obj_t **ret) { + isc_result_t result; + isc_netaddr_t netaddr; + in_port_t port = 0; + isc_dscp_t dscp = -1; + cfg_obj_t *obj = NULL; + int have_port = 0, have_dscp = 0; + + CHECK(cfg_create_obj(pctx, type, &obj)); + CHECK(cfg_parse_rawaddr(pctx, flags, &netaddr)); + for (;;) { + CHECK(cfg_peektoken(pctx, 0)); + if (pctx->token.type == isc_tokentype_string) { + if (strcasecmp(TOKEN_STRING(pctx), "port") == 0) { + CHECK(cfg_gettoken(pctx, 0)); /* read "port" */ + CHECK(cfg_parse_rawport(pctx, flags, &port)); + ++have_port; + } else if ((flags & CFG_ADDR_DSCPOK) != 0 && + strcasecmp(TOKEN_STRING(pctx), "dscp") == 0) + { + if ((pctx->flags & CFG_PCTX_NODEPRECATED) == 0) + { + cfg_parser_warning( + pctx, 0, + "token 'dscp' is deprecated"); + } + CHECK(cfg_gettoken(pctx, 0)); /* read "dscp" */ + CHECK(cfg_parse_dscp(pctx, &dscp)); + ++have_dscp; + } else { + break; + } + } else { + break; + } + } + if (have_port > 1) { + cfg_parser_error(pctx, 0, "expected at most one port"); + result = ISC_R_UNEXPECTEDTOKEN; + goto cleanup; + } + + if (have_dscp > 1) { + cfg_parser_error(pctx, 0, "expected at most one dscp"); + result = ISC_R_UNEXPECTEDTOKEN; + goto cleanup; + } + isc_sockaddr_fromnetaddr(&obj->value.sockaddr, &netaddr, port); + obj->value.sockaddrdscp.dscp = dscp; + *ret = obj; + return (ISC_R_SUCCESS); + +cleanup: + CLEANUP_OBJ(obj); + return (result); +} + +static unsigned int sockaddr_flags = CFG_ADDR_V4OK | CFG_ADDR_V6OK; +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_sockaddr = { + "sockaddr", cfg_parse_sockaddr, cfg_print_sockaddr, + cfg_doc_sockaddr, &cfg_rep_sockaddr, &sockaddr_flags +}; + +static unsigned int sockaddrdscp_flags = CFG_ADDR_V4OK | CFG_ADDR_V6OK | + CFG_ADDR_DSCPOK; +LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_sockaddrdscp = { + "sockaddr", cfg_parse_sockaddr, cfg_print_sockaddr, + cfg_doc_sockaddr, &cfg_rep_sockaddr, &sockaddrdscp_flags +}; + +isc_result_t +cfg_parse_sockaddr(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) { + const unsigned int *flagp; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + flagp = type->of; + + return (parse_sockaddrsub(pctx, &cfg_type_sockaddr, *flagp, ret)); +} + +void +cfg_print_sockaddr(cfg_printer_t *pctx, const cfg_obj_t *obj) { + isc_netaddr_t netaddr; + in_port_t port; + char buf[ISC_NETADDR_FORMATSIZE]; + + REQUIRE(pctx != NULL); + REQUIRE(obj != NULL); + + isc_netaddr_fromsockaddr(&netaddr, &obj->value.sockaddr); + isc_netaddr_format(&netaddr, buf, sizeof(buf)); + cfg_print_cstr(pctx, buf); + port = isc_sockaddr_getport(&obj->value.sockaddr); + if (port != 0) { + cfg_print_cstr(pctx, " port "); + cfg_print_rawuint(pctx, port); + } + if (obj->value.sockaddrdscp.dscp != -1) { + cfg_print_cstr(pctx, " dscp "); + cfg_print_rawuint(pctx, obj->value.sockaddrdscp.dscp); + } +} + +void +cfg_doc_sockaddr(cfg_printer_t *pctx, const cfg_type_t *type) { + const unsigned int *flagp; + int n = 0; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + + flagp = type->of; + + cfg_print_cstr(pctx, "( "); + if ((*flagp & CFG_ADDR_V4OK) != 0) { + cfg_print_cstr(pctx, ""); + n++; + } + if ((*flagp & CFG_ADDR_V6OK) != 0) { + if (n != 0) { + cfg_print_cstr(pctx, " | "); + } + cfg_print_cstr(pctx, ""); + n++; + } + if ((*flagp & CFG_ADDR_WILDOK) != 0) { + if (n != 0) { + cfg_print_cstr(pctx, " | "); + } + cfg_print_cstr(pctx, "*"); + n++; + POST(n); + } + cfg_print_cstr(pctx, " ) "); + if ((*flagp & CFG_ADDR_WILDOK) != 0) { + cfg_print_cstr(pctx, "[ port ( | * ) ]"); + } else { + cfg_print_cstr(pctx, "[ port ]"); + } + if ((*flagp & CFG_ADDR_DSCPOK) != 0) { + cfg_print_cstr(pctx, " [ dscp ]"); + } +} + +bool +cfg_obj_issockaddr(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + return (obj->type->rep == &cfg_rep_sockaddr); +} + +const isc_sockaddr_t * +cfg_obj_assockaddr(const cfg_obj_t *obj) { + REQUIRE(obj != NULL && obj->type->rep == &cfg_rep_sockaddr); + return (&obj->value.sockaddr); +} + +isc_dscp_t +cfg_obj_getdscp(const cfg_obj_t *obj) { + REQUIRE(obj != NULL && obj->type->rep == &cfg_rep_sockaddr); + return (obj->value.sockaddrdscp.dscp); +} + +isc_result_t +cfg_gettoken(cfg_parser_t *pctx, int options) { + isc_result_t result; + + REQUIRE(pctx != NULL); + + if (pctx->seen_eof) { + return (ISC_R_SUCCESS); + } + + options |= (ISC_LEXOPT_EOF | ISC_LEXOPT_NOMORE); + +redo: + pctx->token.type = isc_tokentype_unknown; + result = isc_lex_gettoken(pctx->lexer, options, &pctx->token); + pctx->ungotten = false; + pctx->line = isc_lex_getsourceline(pctx->lexer); + + switch (result) { + case ISC_R_SUCCESS: + if (pctx->token.type == isc_tokentype_eof) { + result = isc_lex_close(pctx->lexer); + INSIST(result == ISC_R_NOMORE || + result == ISC_R_SUCCESS); + + if (isc_lex_getsourcename(pctx->lexer) != NULL) { + /* + * Closed an included file, not the main file. + */ + cfg_listelt_t *elt; + elt = ISC_LIST_TAIL( + pctx->open_files->value.list); + INSIST(elt != NULL); + ISC_LIST_UNLINK(pctx->open_files->value.list, + elt, link); + ISC_LIST_APPEND(pctx->closed_files->value.list, + elt, link); + goto redo; + } + pctx->seen_eof = true; + } + break; + + case ISC_R_NOSPACE: + /* More understandable than "ran out of space". */ + cfg_parser_error(pctx, CFG_LOG_NEAR, "token too big"); + break; + + case ISC_R_IOERROR: + cfg_parser_error(pctx, 0, "%s", isc_result_totext(result)); + break; + + default: + cfg_parser_error(pctx, CFG_LOG_NEAR, "%s", + isc_result_totext(result)); + break; + } + return (result); +} + +void +cfg_ungettoken(cfg_parser_t *pctx) { + REQUIRE(pctx != NULL); + + if (pctx->seen_eof) { + return; + } + isc_lex_ungettoken(pctx->lexer, &pctx->token); + pctx->ungotten = true; +} + +isc_result_t +cfg_peektoken(cfg_parser_t *pctx, int options) { + isc_result_t result; + + REQUIRE(pctx != NULL); + + CHECK(cfg_gettoken(pctx, options)); + cfg_ungettoken(pctx); +cleanup: + return (result); +} + +/* + * Get a string token, accepting both the quoted and the unquoted form. + * Log an error if the next token is not a string. + */ +static isc_result_t +cfg_getstringtoken(cfg_parser_t *pctx) { + isc_result_t result; + + result = cfg_gettoken(pctx, CFG_LEXOPT_QSTRING); + if (result != ISC_R_SUCCESS) { + return (result); + } + + if (pctx->token.type != isc_tokentype_string && + pctx->token.type != isc_tokentype_qstring) + { + cfg_parser_error(pctx, CFG_LOG_NEAR, "expected string"); + return (ISC_R_UNEXPECTEDTOKEN); + } + return (ISC_R_SUCCESS); +} + +void +cfg_parser_error(cfg_parser_t *pctx, unsigned int flags, const char *fmt, ...) { + va_list args; + + REQUIRE(pctx != NULL); + REQUIRE(fmt != NULL); + + va_start(args, fmt); + parser_complain(pctx, false, flags, fmt, args); + va_end(args); + pctx->errors++; +} + +void +cfg_parser_warning(cfg_parser_t *pctx, unsigned int flags, const char *fmt, + ...) { + va_list args; + + REQUIRE(pctx != NULL); + REQUIRE(fmt != NULL); + + va_start(args, fmt); + parser_complain(pctx, true, flags, fmt, args); + va_end(args); + pctx->warnings++; +} + +#define MAX_LOG_TOKEN 30 /* How much of a token to quote in log messages. */ + +static bool +have_current_file(cfg_parser_t *pctx) { + cfg_listelt_t *elt; + if (pctx->open_files == NULL) { + return (false); + } + + elt = ISC_LIST_TAIL(pctx->open_files->value.list); + if (elt == NULL) { + return (false); + } + + return (true); +} + +static char * +current_file(cfg_parser_t *pctx) { + static char none[] = "none"; + cfg_listelt_t *elt; + cfg_obj_t *fileobj; + + if (!have_current_file(pctx)) { + return (none); + } + + elt = ISC_LIST_TAIL(pctx->open_files->value.list); + if (elt == NULL) { /* shouldn't be possible, but... */ + return (none); + } + + fileobj = elt->obj; + INSIST(fileobj->type == &cfg_type_qstring); + return (fileobj->value.string.base); +} + +static void +parser_complain(cfg_parser_t *pctx, bool is_warning, unsigned int flags, + const char *format, va_list args) { + char tokenbuf[MAX_LOG_TOKEN + 10]; + static char where[PATH_MAX + 100]; + static char message[2048]; + int level = ISC_LOG_ERROR; + const char *prep = ""; + size_t len; + + if (is_warning) { + level = ISC_LOG_WARNING; + } + + where[0] = '\0'; + if (have_current_file(pctx)) { + snprintf(where, sizeof(where), "%s:%u: ", current_file(pctx), + pctx->line); + } else if (pctx->buf_name != NULL) { + snprintf(where, sizeof(where), "%s: ", pctx->buf_name); + } + + len = vsnprintf(message, sizeof(message), format, args); +#define ELLIPSIS " ... " + if (len >= sizeof(message)) { + message[sizeof(message) - sizeof(ELLIPSIS)] = 0; + strlcat(message, ELLIPSIS, sizeof(message)); + } + + if ((flags & (CFG_LOG_NEAR | CFG_LOG_BEFORE | CFG_LOG_NOPREP)) != 0) { + isc_region_t r; + + if (pctx->ungotten) { + (void)cfg_gettoken(pctx, 0); + } + + if (pctx->token.type == isc_tokentype_eof) { + snprintf(tokenbuf, sizeof(tokenbuf), "end of file"); + } else if (pctx->token.type == isc_tokentype_unknown) { + flags = 0; + tokenbuf[0] = '\0'; + } else { + isc_lex_getlasttokentext(pctx->lexer, &pctx->token, &r); + if (r.length > MAX_LOG_TOKEN) { + snprintf(tokenbuf, sizeof(tokenbuf), + "'%.*s...'", MAX_LOG_TOKEN, r.base); + } else { + snprintf(tokenbuf, sizeof(tokenbuf), "'%.*s'", + (int)r.length, r.base); + } + } + + /* Choose a preposition. */ + if ((flags & CFG_LOG_NEAR) != 0) { + prep = " near "; + } else if ((flags & CFG_LOG_BEFORE) != 0) { + prep = " before "; + } else { + prep = " "; + } + } else { + tokenbuf[0] = '\0'; + } + isc_log_write(pctx->lctx, CAT, MOD, level, "%s%s%s%s", where, message, + prep, tokenbuf); +} + +void +cfg_obj_log(const cfg_obj_t *obj, isc_log_t *lctx, int level, const char *fmt, + ...) { + va_list ap; + char msgbuf[2048]; + + REQUIRE(obj != NULL); + REQUIRE(fmt != NULL); + + if (!isc_log_wouldlog(lctx, level)) { + return; + } + + va_start(ap, fmt); + vsnprintf(msgbuf, sizeof(msgbuf), fmt, ap); + va_end(ap); + + if (obj->file != NULL) { + isc_log_write(lctx, CAT, MOD, level, "%s:%u: %s", obj->file, + obj->line, msgbuf); + } else { + isc_log_write(lctx, CAT, MOD, level, "%s", msgbuf); + } +} + +const char * +cfg_obj_file(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + + return (obj->file); +} + +unsigned int +cfg_obj_line(const cfg_obj_t *obj) { + REQUIRE(obj != NULL); + + return (obj->line); +} + +isc_result_t +cfg_create_obj(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + cfg_obj_t *obj; + + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + REQUIRE(ret != NULL && *ret == NULL); + + obj = isc_mem_get(pctx->mctx, sizeof(cfg_obj_t)); + + obj->type = type; + obj->file = current_file(pctx); + obj->line = pctx->line; + obj->pctx = pctx; + + isc_refcount_init(&obj->references, 1); + + *ret = obj; + + return (ISC_R_SUCCESS); +} + +static void +map_symtabitem_destroy(char *key, unsigned int type, isc_symvalue_t symval, + void *userarg) { + cfg_obj_t *obj = symval.as_pointer; + cfg_parser_t *pctx = (cfg_parser_t *)userarg; + + UNUSED(key); + UNUSED(type); + + cfg_obj_destroy(pctx, &obj); +} + +static isc_result_t +create_map(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { + isc_result_t result; + isc_symtab_t *symtab = NULL; + cfg_obj_t *obj = NULL; + + CHECK(cfg_create_obj(pctx, type, &obj)); + CHECK(isc_symtab_create(pctx->mctx, 5, /* XXX */ + map_symtabitem_destroy, pctx, false, &symtab)); + obj->value.map.symtab = symtab; + obj->value.map.id = NULL; + + *ret = obj; + return (ISC_R_SUCCESS); + +cleanup: + if (obj != NULL) { + isc_mem_put(pctx->mctx, obj, sizeof(*obj)); + } + return (result); +} + +static void +free_map(cfg_parser_t *pctx, cfg_obj_t *obj) { + CLEANUP_OBJ(obj->value.map.id); + isc_symtab_destroy(&obj->value.map.symtab); +} + +bool +cfg_obj_istype(const cfg_obj_t *obj, const cfg_type_t *type) { + REQUIRE(obj != NULL); + REQUIRE(type != NULL); + + return (obj->type == type); +} + +/* + * Destroy 'obj', a configuration object created in 'pctx'. + */ +void +cfg_obj_destroy(cfg_parser_t *pctx, cfg_obj_t **objp) { + REQUIRE(objp != NULL && *objp != NULL); + REQUIRE(pctx != NULL); + + cfg_obj_t *obj = *objp; + *objp = NULL; + + if (isc_refcount_decrement(&obj->references) == 1) { + obj->type->rep->free(pctx, obj); + isc_refcount_destroy(&obj->references); + isc_mem_put(pctx->mctx, obj, sizeof(cfg_obj_t)); + } +} + +void +cfg_obj_attach(cfg_obj_t *src, cfg_obj_t **dest) { + REQUIRE(src != NULL); + REQUIRE(dest != NULL && *dest == NULL); + + isc_refcount_increment(&src->references); + *dest = src; +} + +static void +free_noop(cfg_parser_t *pctx, cfg_obj_t *obj) { + UNUSED(pctx); + UNUSED(obj); +} + +void +cfg_doc_obj(cfg_printer_t *pctx, const cfg_type_t *type) { + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + + type->doc(pctx, type); +} + +void +cfg_doc_terminal(cfg_printer_t *pctx, const cfg_type_t *type) { + REQUIRE(pctx != NULL); + REQUIRE(type != NULL); + + cfg_print_cstr(pctx, "<"); + cfg_print_cstr(pctx, type->name); + cfg_print_cstr(pctx, ">"); +} + +void +cfg_print_grammar(const cfg_type_t *type, unsigned int flags, + void (*f)(void *closure, const char *text, int textlen), + void *closure) { + cfg_printer_t pctx; + + pctx.f = f; + pctx.closure = closure; + pctx.indent = 0; + pctx.flags = flags; + cfg_doc_obj(&pctx, type); +} + +isc_result_t +cfg_parser_mapadd(cfg_parser_t *pctx, cfg_obj_t *mapobj, cfg_obj_t *obj, + const char *clausename) { + isc_result_t result = ISC_R_SUCCESS; + const cfg_map_t *map; + isc_symvalue_t symval; + cfg_obj_t *destobj = NULL; + cfg_listelt_t *elt = NULL; + const cfg_clausedef_t *const *clauseset; + const cfg_clausedef_t *clause; + + REQUIRE(pctx != NULL); + REQUIRE(mapobj != NULL && mapobj->type->rep == &cfg_rep_map); + REQUIRE(obj != NULL); + REQUIRE(clausename != NULL); + + map = &mapobj->value.map; + + clause = NULL; + for (clauseset = map->clausesets; *clauseset != NULL; clauseset++) { + for (clause = *clauseset; clause->name != NULL; clause++) { + if (strcasecmp(clause->name, clausename) == 0) { + goto breakout; + } + } + } + +breakout: + if (clause == NULL || clause->name == NULL) { + return (ISC_R_FAILURE); + } + + result = isc_symtab_lookup(map->symtab, clausename, 0, &symval); + if (result == ISC_R_NOTFOUND) { + if ((clause->flags & CFG_CLAUSEFLAG_MULTI) != 0) { + CHECK(cfg_create_list(pctx, &cfg_type_implicitlist, + &destobj)); + CHECK(create_listelt(pctx, &elt)); + cfg_obj_attach(obj, &elt->obj); + ISC_LIST_APPEND(destobj->value.list, elt, link); + symval.as_pointer = destobj; + } else { + symval.as_pointer = obj; + } + + CHECK(isc_symtab_define(map->symtab, clausename, 1, symval, + isc_symexists_reject)); + } else { + cfg_obj_t *destobj2 = symval.as_pointer; + + INSIST(result == ISC_R_SUCCESS); + + if (destobj2->type == &cfg_type_implicitlist) { + CHECK(create_listelt(pctx, &elt)); + cfg_obj_attach(obj, &elt->obj); + ISC_LIST_APPEND(destobj2->value.list, elt, link); + } else { + result = ISC_R_EXISTS; + } + } + + destobj = NULL; + elt = NULL; + +cleanup: + if (elt != NULL) { + free_listelt(pctx, elt); + } + CLEANUP_OBJ(destobj); + + return (result); +} + +isc_result_t +cfg_pluginlist_foreach(const cfg_obj_t *config, const cfg_obj_t *list, + isc_log_t *lctx, pluginlist_cb_t *callback, + void *callback_data) { + isc_result_t result = ISC_R_SUCCESS; + const cfg_listelt_t *element; + + REQUIRE(config != NULL); + REQUIRE(callback != NULL); + + for (element = cfg_list_first(list); element != NULL; + element = cfg_list_next(element)) + { + const cfg_obj_t *plugin = cfg_listelt_value(element); + const cfg_obj_t *obj; + const char *type, *library; + const char *parameters = NULL; + + /* Get the path to the plugin module. */ + obj = cfg_tuple_get(plugin, "type"); + type = cfg_obj_asstring(obj); + + /* Only query plugins are supported currently. */ + if (strcasecmp(type, "query") != 0) { + cfg_obj_log(obj, lctx, ISC_LOG_ERROR, + "unsupported plugin type"); + return (ISC_R_FAILURE); + } + + library = cfg_obj_asstring(cfg_tuple_get(plugin, "library")); + + obj = cfg_tuple_get(plugin, "parameters"); + if (obj != NULL && cfg_obj_isstring(obj)) { + parameters = cfg_obj_asstring(obj); + } + + result = callback(config, obj, library, parameters, + callback_data); + if (result != ISC_R_SUCCESS) { + break; + } + } + + return (result); +} diff --git a/lib/isccfg/tests/Kyuafile b/lib/isccfg/tests/Kyuafile new file mode 100644 index 0000000..ad599af --- /dev/null +++ b/lib/isccfg/tests/Kyuafile @@ -0,0 +1,16 @@ +-- Copyright (C) Internet Systems Consortium, Inc. ("ISC") +-- +-- SPDX-License-Identifier: MPL-2.0 +-- +-- This Source Code Form is subject to the terms of the Mozilla Public +-- License, v. 2.0. If a copy of the MPL was not distributed with this +-- file, you can obtain one at https://mozilla.org/MPL/2.0/. +-- +-- See the COPYRIGHT file distributed with this work for additional +-- information regarding copyright ownership. + +syntax(2) +test_suite('bind9') + +tap_test_program{name='duration_test'} +tap_test_program{name='parser_test'} diff --git a/lib/isccfg/tests/Makefile.in b/lib/isccfg/tests/Makefile.in new file mode 100644 index 0000000..33b74c8 --- /dev/null +++ b/lib/isccfg/tests/Makefile.in @@ -0,0 +1,57 @@ +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +VERSION=@BIND9_VERSION@ + +@BIND9_MAKE_INCLUDES@ + +CINCLUDES = -I. -Iinclude \ + ${DNS_INCLUDES} ${ISC_INCLUDES} ${ISCCFG_INCLUDES} \ + ${OPENSSL_CFLAGS} @CMOCKA_CFLAGS@ +CDEFINES = -DTESTS="\"${top_builddir}/lib/dns/tests/\"" + +ISCLIBS = ../../isc/libisc.@A@ @NO_LIBTOOL_ISCLIBS@ +ISCDEPLIBS = ../../isc/libisc.@A@ +DNSLIBS = ../../dns/libdns.@A@ @NO_LIBTOOL_DNSLIBS@ +DNSDEPLIBS = ../../dns/libdns.@A@ +ISCCFGLIBS = ../libisccfg.@A@ +ISCCFGDEPLIBS = ../libisccfg.@A@ + +LIBS = @LIBS@ @CMOCKA_LIBS@ + +OBJS = +SRCS = duration_test.c parser_test.c + +SUBDIRS = +TARGETS = duration_test@EXEEXT@ parser_test@EXEEXT@ + +@BIND9_MAKE_RULES@ + +duration_test@EXEEXT@: duration_test.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS} ${ISCCFGDEPLIBS} + ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} \ + ${LDFLAGS} -o $@ duration_test.@O@ \ + ${ISCCFGLIBS} ${DNSLIBS} ${ISCLIBS} ${LIBS} + +parser_test@EXEEXT@: parser_test.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS} ${ISCCFGDEPLIBS} + ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} \ + ${LDFLAGS} -o $@ parser_test.@O@ \ + ${ISCCFGLIBS} ${DNSLIBS} ${ISCLIBS} ${LIBS} + +unit:: + sh ${top_builddir}/unit/unittest.sh + +clean distclean:: + rm -f ${TARGETS} + rm -f atf.out diff --git a/lib/isccfg/tests/duration_test.c b/lib/isccfg/tests/duration_test.c new file mode 100644 index 0000000..da52903 --- /dev/null +++ b/lib/isccfg/tests/duration_test.c @@ -0,0 +1,278 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#if HAVE_CMOCKA + +#include /* IWYU pragma: keep */ +#include +#include +#include +#include +#include +#include +#include +#include + +#define UNIT_TESTING +#include + +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include + +#define CHECK(r) \ + do { \ + result = (r); \ + if (result != ISC_R_SUCCESS) \ + goto cleanup; \ + } while (0) + +isc_mem_t *mctx = NULL; +isc_log_t *lctx = NULL; +static isc_logcategory_t categories[] = { { "", 0 }, + { "client", 0 }, + { "network", 0 }, + { "update", 0 }, + { "queries", 0 }, + { "unmatched", 0 }, + { "update-security", 0 }, + { "query-errors", 0 }, + { NULL, 0 } }; + +static void +cleanup() { + if (lctx != NULL) { + isc_log_destroy(&lctx); + } + if (mctx != NULL) { + isc_mem_destroy(&mctx); + } +} + +static isc_result_t +setup() { + isc_result_t result; + + isc_mem_debugging |= ISC_MEM_DEBUGRECORD; + isc_mem_create(&mctx); + + isc_logdestination_t destination; + isc_logconfig_t *logconfig = NULL; + + isc_log_create(mctx, &lctx, &logconfig); + isc_log_registercategories(lctx, categories); + isc_log_setcontext(lctx); + + destination.file.stream = stderr; + destination.file.name = NULL; + destination.file.versions = ISC_LOG_ROLLNEVER; + destination.file.maximum_size = 0; + isc_log_createchannel(logconfig, "stderr", ISC_LOG_TOFILEDESC, + ISC_LOG_DYNAMIC, &destination, 0); + CHECK(isc_log_usechannel(logconfig, "stderr", NULL, NULL)); + + return (ISC_R_SUCCESS); + +cleanup: + cleanup(); + return (result); +} + +struct duration_conf { + const char *string; + uint32_t time; + const char *out; +}; +typedef struct duration_conf duration_conf_t; + +static void +output(void *closure, const char *text, int textlen) { + int r; + + REQUIRE(textlen >= 0 && textlen < CFG_DURATION_MAXLEN); + + r = snprintf(closure, CFG_DURATION_MAXLEN, "%s", text); + INSIST(r == textlen); +} + +/* test cfg_obj_asduration() and cfg_print_duration() */ +static void +duration_test(void **state) { + isc_result_t result; + /* + * When 'out' is NULL, the printed result is expected to be the same as + * the input 'string', compared by ignoring the case of the characters. + */ + duration_conf_t durations[] = { + { .string = "unlimited", .time = 0 }, + { .string = "PT0S", .time = 0 }, + { .string = "PT42S", .time = 42 }, + { .string = "PT10m", .time = 600 }, + { .string = "PT10m4S", .time = 604 }, + { .string = "PT3600S", .time = 3600 }, + { .string = "pT2H", .time = 7200 }, + { .string = "Pt2H3S", .time = 7203 }, + { .string = "PT2h1m3s", .time = 7263 }, + { .string = "p7d", .time = 604800 }, + { .string = "P7DT2h", .time = 612000 }, + { .string = "P2W", .time = 1209600 }, + { .string = "P3M", .time = 8035200 }, + { .string = "P3MT10M", .time = 8035800 }, + { .string = "p5y", .time = 157680000 }, + { .string = "P5YT2H", .time = 157687200 }, + { .string = "P1Y1M1DT1H1M1S", .time = 34304461 }, + { .string = "P99Y399M999DT3999H9999M2911754S", + .time = UINT32_MAX - 1 }, + { .string = "P99Y399M999DT3999H9999M2911755S", + .time = UINT32_MAX }, + { .string = "P4294967295Y4294967295M4294967295D" + "T4294967295H4294967295M4294967295S", + .time = UINT32_MAX }, + { .string = "PT4294967294S", .time = UINT32_MAX - 1 }, + { .string = "PT4294967295S", .time = UINT32_MAX }, + { .string = "0", .time = 0 }, + { .string = "30", .time = 30 }, + { .string = "42s", .time = 42, .out = "42" }, + { .string = "10m", .time = 600, .out = "600" }, + { .string = "2H", .time = 7200, .out = "7200" }, + { .string = "7d", .time = 604800, .out = "604800" }, + { .string = "2w", .time = 1209600, .out = "1209600" }, + { 0 }, /* Indicates that the remaining durations are invalid. */ + { .string = "PT4Y" }, + { .string = "P-4Y2M" }, + { .string = "P5H1M30S" }, + { .string = "P7Y4W" }, + { .string = "X7Y4M" }, + { .string = "T7H4M" }, + { .string = "1Y6M" }, + { .string = "PT4294967296S" }, + { .string = "PT99999999999S" }, + { .string = "P99999999999Y99999999999M99999999999D" + "T99999999999H99999999999M99999999999S" }, + }; + isc_buffer_t buf1; + cfg_parser_t *p1 = NULL; + cfg_obj_t *c1 = NULL; + bool must_fail = false; + + UNUSED(state); + + setup(); + + for (size_t i = 0; i < ARRAY_SIZE(durations); i++) { + const cfg_listelt_t *element; + const cfg_obj_t *kasps = NULL; + const char cfg_tpl[] = + "dnssec-policy \"dp\"\n" + "{\nkeys {csk lifetime %s algorithm rsasha256;};\n};\n"; + char conf[sizeof(cfg_tpl) + CFG_DURATION_MAXLEN] = { 0 }; + char out[CFG_DURATION_MAXLEN] = { 0 }; + cfg_printer_t pctx = { .f = output, .closure = out }; + + if (durations[i].string == NULL) { + must_fail = true; + continue; + } + + snprintf(&conf[0], sizeof(conf), cfg_tpl, durations[i].string); + + isc_buffer_init(&buf1, conf, strlen(conf) - 1); + isc_buffer_add(&buf1, strlen(conf) - 1); + + /* Parse with default line numbering */ + result = cfg_parser_create(mctx, lctx, &p1); + assert_int_equal(result, ISC_R_SUCCESS); + + result = cfg_parse_buffer(p1, &buf1, "text1", 0, + &cfg_type_namedconf, 0, &c1); + if (must_fail) { + assert_int_not_equal(result, ISC_R_SUCCESS); + cfg_parser_destroy(&p1); + continue; + } + assert_int_equal(result, ISC_R_SUCCESS); + + (void)cfg_map_get(c1, "dnssec-policy", &kasps); + assert_non_null(kasps); + for (element = cfg_list_first(kasps); element != NULL; + element = cfg_list_next(element)) + { + const cfg_listelt_t *key_element; + const cfg_obj_t *lifetime = NULL; + const cfg_obj_t *keys = NULL; + const cfg_obj_t *key = NULL; + const cfg_obj_t *kopts = NULL; + cfg_obj_t *kconf = cfg_listelt_value(element); + int cmp; + + assert_non_null(kconf); + + kopts = cfg_tuple_get(kconf, "options"); + result = cfg_map_get(kopts, "keys", &keys); + assert_int_equal(result, ISC_R_SUCCESS); + + key_element = cfg_list_first(keys); + assert_non_null(key_element); + + key = cfg_listelt_value(key_element); + assert_non_null(key); + + lifetime = cfg_tuple_get(key, "lifetime"); + assert_non_null(lifetime); + + assert_int_equal(durations[i].time, + cfg_obj_asduration(lifetime)); + + cfg_print_duration_or_unlimited(&pctx, lifetime); + cmp = strncasecmp(durations[i].out != NULL + ? durations[i].out + : durations[i].string, + out, strlen(durations[i].string)); + assert_int_equal(cmp, 0); + } + + cfg_obj_destroy(p1, &c1); + cfg_parser_destroy(&p1); + } + + cleanup(); +} + +int +main(void) { + const struct CMUnitTest tests[] = { + cmocka_unit_test(duration_test), + }; + + return (cmocka_run_group_tests(tests, NULL, NULL)); +} + +#else /* HAVE_CMOCKA */ + +#include + +int +main(void) { + printf("1..0 # Skipped: cmocka not available\n"); + return (SKIPPED_TEST_EXIT_CODE); +} + +#endif /* if HAVE_CMOCKA */ diff --git a/lib/isccfg/tests/parser_test.c b/lib/isccfg/tests/parser_test.c new file mode 100644 index 0000000..960f592 --- /dev/null +++ b/lib/isccfg/tests/parser_test.c @@ -0,0 +1,290 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#if HAVE_CMOCKA + +#include /* IWYU pragma: keep */ +#include +#include +#include +#include +#include +#include +#include + +#define UNIT_TESTING +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include + +#define CHECK(r) \ + do { \ + result = (r); \ + if (result != ISC_R_SUCCESS) \ + goto cleanup; \ + } while (0) + +isc_mem_t *mctx = NULL; +isc_log_t *lctx = NULL; +static isc_logcategory_t categories[] = { { "", 0 }, + { "client", 0 }, + { "network", 0 }, + { "update", 0 }, + { "queries", 0 }, + { "unmatched", 0 }, + { "update-security", 0 }, + { "query-errors", 0 }, + { NULL, 0 } }; + +static void +cleanup() { + if (lctx != NULL) { + isc_log_setcontext(NULL); + isc_log_destroy(&lctx); + } + if (mctx != NULL) { + isc_mem_destroy(&mctx); + } +} + +static isc_result_t +setup() { + isc_result_t result; + + isc_mem_debugging |= ISC_MEM_DEBUGRECORD; + isc_mem_create(&mctx); + + isc_logdestination_t destination; + isc_logconfig_t *logconfig = NULL; + + isc_log_create(mctx, &lctx, &logconfig); + isc_log_registercategories(lctx, categories); + isc_log_setcontext(lctx); + + destination.file.stream = stderr; + destination.file.name = NULL; + destination.file.versions = ISC_LOG_ROLLNEVER; + destination.file.maximum_size = 0; + isc_log_createchannel(logconfig, "stderr", ISC_LOG_TOFILEDESC, + ISC_LOG_DYNAMIC, &destination, 0); + CHECK(isc_log_usechannel(logconfig, "stderr", NULL, NULL)); + + return (ISC_R_SUCCESS); + +cleanup: + cleanup(); + return (result); +} + +static int +_setup(void **state) { + isc_result_t result; + + UNUSED(state); + + result = setup(); + assert_int_equal(result, ISC_R_SUCCESS); + + return (0); +} + +static int +_teardown(void **state) { + UNUSED(state); + + cleanup(); + + return (0); +} + +/* mimic calling nzf_append() */ +static void +append(void *arg, const char *str, int len) { + char *buf = arg; + size_t l = strlen(buf); + snprintf(buf + l, 1024 - l, "%.*s", len, str); +} + +static void +addzoneconf(void **state) { + isc_result_t result; + isc_buffer_t b; + cfg_parser_t *p = NULL; + const char *tests[] = { + "zone \"test4.baz\" { type master; file \"e.db\"; };", + "zone \"test/.baz\" { type master; file \"e.db\"; };", + "zone \"test\\\".baz\" { type master; file \"e.db\"; };", + "zone \"test\\.baz\" { type master; file \"e.db\"; };", + "zone \"test\\\\.baz\" { type master; file \"e.db\"; };", + "zone \"test\\032.baz\" { type master; file \"e.db\"; };", + "zone \"test\\010.baz\" { type master; file \"e.db\"; };" + }; + char buf[1024]; + + UNUSED(state); + + /* Parse with default line numbering */ + result = cfg_parser_create(mctx, lctx, &p); + assert_int_equal(result, ISC_R_SUCCESS); + +#define ARRAYSIZE(x) (sizeof(x) / sizeof(x[0])) + + for (size_t i = 0; i < ARRAYSIZE(tests); i++) { + cfg_obj_t *conf = NULL; + const cfg_obj_t *obj = NULL, *zlist = NULL; + + isc_buffer_constinit(&b, tests[i], strlen(tests[i])); + isc_buffer_add(&b, strlen(tests[i])); + + result = cfg_parse_buffer(p, &b, "text1", 0, + &cfg_type_namedconf, 0, &conf); + assert_int_equal(result, ISC_R_SUCCESS); + + /* + * Mimic calling nzf_append() from bin/named/server.c + * and check that the output matches the input. + */ + result = cfg_map_get(conf, "zone", &zlist); + assert_int_equal(result, ISC_R_SUCCESS); + + obj = cfg_listelt_value(cfg_list_first(zlist)); + assert_ptr_not_equal(obj, NULL); + + strlcpy(buf, "zone ", sizeof(buf)); + cfg_printx(obj, CFG_PRINTER_ONELINE, append, buf); + strlcat(buf, ";", sizeof(buf)); + assert_string_equal(tests[i], buf); + + cfg_obj_destroy(p, &conf); + cfg_parser_reset(p); + } + + cfg_parser_destroy(&p); +} + +/* test cfg_parse_buffer() */ +static void +parse_buffer_test(void **state) { + isc_result_t result; + unsigned char text[] = "options\n{\nrecursion yes;\n};\n"; + isc_buffer_t buf1, buf2; + cfg_parser_t *p1 = NULL, *p2 = NULL; + cfg_obj_t *c1 = NULL, *c2 = NULL; + + UNUSED(state); + + isc_buffer_init(&buf1, &text[0], sizeof(text) - 1); + isc_buffer_add(&buf1, sizeof(text) - 1); + + /* Parse with default line numbering */ + result = cfg_parser_create(mctx, lctx, &p1); + assert_int_equal(result, ISC_R_SUCCESS); + + result = cfg_parse_buffer(p1, &buf1, "text1", 0, &cfg_type_namedconf, 0, + &c1); + assert_int_equal(result, ISC_R_SUCCESS); + assert_int_equal(p1->line, 5); + + isc_buffer_init(&buf2, &text[0], sizeof(text) - 1); + isc_buffer_add(&buf2, sizeof(text) - 1); + + /* Parse with changed line number */ + result = cfg_parser_create(mctx, lctx, &p2); + assert_int_equal(result, ISC_R_SUCCESS); + + result = cfg_parse_buffer(p2, &buf2, "text2", 100, &cfg_type_namedconf, + 0, &c2); + assert_int_equal(result, ISC_R_SUCCESS); + assert_int_equal(p2->line, 104); + + cfg_obj_destroy(p1, &c1); + cfg_obj_destroy(p2, &c2); + + cfg_parser_destroy(&p1); + cfg_parser_destroy(&p2); +} + +/* test cfg_map_firstclause() */ +static void +cfg_map_firstclause_test(void **state) { + const char *name = NULL; + const void *clauses = NULL; + unsigned int idx; + + UNUSED(state); + + name = cfg_map_firstclause(&cfg_type_zoneopts, &clauses, &idx); + assert_non_null(name); + assert_non_null(clauses); + assert_int_equal(idx, 0); +} + +/* test cfg_map_nextclause() */ +static void +cfg_map_nextclause_test(void **state) { + const char *name = NULL; + const void *clauses = NULL; + unsigned int idx; + + UNUSED(state); + + name = cfg_map_firstclause(&cfg_type_zoneopts, &clauses, &idx); + assert_non_null(name); + assert_non_null(clauses); + assert_int_equal(idx, ISC_R_SUCCESS); + + do { + name = cfg_map_nextclause(&cfg_type_zoneopts, &clauses, &idx); + if (name != NULL) { + assert_non_null(clauses); + } else { + assert_null(clauses); + assert_int_equal(idx, 0); + } + } while (name != NULL); +} + +int +main(void) { + const struct CMUnitTest tests[] = { + cmocka_unit_test(addzoneconf), + cmocka_unit_test(parse_buffer_test), + cmocka_unit_test(cfg_map_firstclause_test), + cmocka_unit_test(cfg_map_nextclause_test), + }; + + return (cmocka_run_group_tests(tests, _setup, _teardown)); +} + +#else /* HAVE_CMOCKA */ + +#include + +int +main(void) { + printf("1..0 # Skipped: cmocka not available\n"); + return (SKIPPED_TEST_EXIT_CODE); +} + +#endif /* if HAVE_CMOCKA */ diff --git a/lib/isccfg/version.c b/lib/isccfg/version.c new file mode 100644 index 0000000..8d8f424 --- /dev/null +++ b/lib/isccfg/version.c @@ -0,0 +1,18 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +/*! \file */ + +#include + +const char cfg_version[] = VERSION; diff --git a/lib/isccfg/win32/DLLMain.c b/lib/isccfg/win32/DLLMain.c new file mode 100644 index 0000000..5c38e89 --- /dev/null +++ b/lib/isccfg/win32/DLLMain.c @@ -0,0 +1,51 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#include +#include + +/* + * Called when we enter the DLL + */ +__declspec(dllexport) BOOL WINAPI + DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved) { + switch (fdwReason) { + /* + * The DLL is loading due to process + * initialization or a call to LoadLibrary. + */ + case DLL_PROCESS_ATTACH: + break; + + /* + * The attached process creates a new thread. + */ + case DLL_THREAD_ATTACH: + break; + + /* The thread of the attached process terminates. */ + case DLL_THREAD_DETACH: + break; + + /* + * The DLL is unloading from a process due to + * process termination or a call to FreeLibrary. + */ + case DLL_PROCESS_DETACH: + break; + + default: + break; + } + return (TRUE); +} diff --git a/lib/isccfg/win32/libisccfg.def b/lib/isccfg/win32/libisccfg.def new file mode 100644 index 0000000..eba897e --- /dev/null +++ b/lib/isccfg/win32/libisccfg.def @@ -0,0 +1,175 @@ +LIBRARY libisccfg + +; Exported Functions +EXPORTS + +cfg_acl_fromconfig +cfg_acl_fromconfig2 +cfg_aclconfctx_attach +cfg_aclconfctx_create +cfg_aclconfctx_detach +cfg_clause_validforzone +cfg_create_list +cfg_create_obj +cfg_create_tuple +cfg_doc_bracketed_list +cfg_doc_enum +cfg_doc_enum_or_other +cfg_doc_map +cfg_doc_mapbody +cfg_doc_obj +cfg_doc_sockaddr +cfg_doc_terminal +cfg_doc_tuple +cfg_doc_void +cfg_gettoken +cfg_is_enum +cfg_kasp_fromconfig +cfg_list_first +cfg_list_length +cfg_list_next +cfg_listelt_value +cfg_log_init +cfg_lookingat_netaddr +cfg_map_count +cfg_map_firstclause +cfg_map_get +cfg_map_getname +cfg_map_nextclause +cfg_obj_asboolean +cfg_obj_asduration +cfg_obj_asfixedpoint +cfg_obj_asnetprefix +cfg_obj_aspercentage +cfg_obj_assockaddr +cfg_obj_asstring +cfg_obj_asuint32 +cfg_obj_asuint64 +cfg_obj_attach +cfg_obj_destroy +cfg_obj_file +cfg_obj_getdscp +cfg_obj_isboolean +cfg_obj_isduration +cfg_obj_isfixedpoint +cfg_obj_islist +cfg_obj_ismap +cfg_obj_isnetprefix +cfg_obj_ispercentage +cfg_obj_issockaddr +cfg_obj_isstring +cfg_obj_istuple +cfg_obj_istype +cfg_obj_isuint32 +cfg_obj_isuint64 +cfg_obj_isvoid +cfg_obj_line +cfg_obj_log +cfg_parse_addressed_map +cfg_parse_astring +cfg_parse_boolean +cfg_parse_bracketed_list +cfg_parse_buffer +cfg_parse_dscp +cfg_parse_duration +cfg_parse_duration_or_unlimited +cfg_parse_enum +cfg_parse_enum_or_other +cfg_parse_file +cfg_parse_fixedpoint +cfg_parse_listelt +cfg_parse_map +cfg_parse_mapbody +cfg_parse_named_map +cfg_parse_netprefix +cfg_parse_netprefix_map +cfg_parse_obj +cfg_parse_percentage +cfg_parse_qstring +cfg_parse_rawaddr +cfg_parse_rawport +cfg_parse_sockaddr +cfg_parse_spacelist +cfg_parse_special +cfg_parse_sstring +cfg_parse_tuple +cfg_parse_uint32 +cfg_parse_void +cfg_parser_attach +cfg_parser_create +cfg_parser_destroy +cfg_parser_error +cfg_parser_mapadd +cfg_parser_reset +cfg_parser_setcallback +cfg_parser_setflags +cfg_parser_warning +cfg_peektoken +cfg_pluginlist_foreach +cfg_print +cfg_print_boolean +cfg_print_bracketed_list +cfg_print_chars +cfg_print_clauseflags +cfg_print_cstr +cfg_print_duration +cfg_print_duration_or_unlimited +cfg_print_fixedpoint +cfg_print_grammar +cfg_print_indent +cfg_print_map +cfg_print_mapbody +cfg_print_obj +cfg_print_percentage +cfg_print_rawaddr +cfg_print_rawuint +cfg_print_sockaddr +cfg_print_spacelist +cfg_print_tuple +cfg_print_uint32 +cfg_print_uint64 +cfg_print_ustring +cfg_print_void +cfg_print_zonegrammar +cfg_printx +cfg_tuple_get +cfg_ungettoken + +; Exported Data + +;cfg_rep_boolean +;cfg_rep_duration +;cfg_rep_fixedpoint +;cfg_rep_list +;cfg_rep_map +;cfg_rep_netprefix +;cfg_rep_percentage +;cfg_rep_sockaddr +;cfg_rep_string +;cfg_rep_tuple +;cfg_rep_uint32 +;cfg_rep_uint64 +;cfg_rep_void +;cfg_type_astring +;cfg_type_boolean +;cfg_type_bracketed_text +;cfg_type_fixedpoint +;cfg_type_netaddr +;cfg_type_netaddr4 +;cfg_type_netaddr4wild +;cfg_type_netaddr6 +;cfg_type_netaddr6wild +;cfg_type_netprefix +;cfg_type_optional_bracketed_text +;cfg_type_percentage +;cfg_type_qstring +;cfg_type_rndcconf +;cfg_type_sockaddr +;cfg_type_sockaddrdscp +;cfg_type_sstring +;cfg_type_token +;cfg_type_uint32 +;cfg_type_uint64 +;cfg_type_unsupported +;cfg_type_ustring +;cfg_type_void diff --git a/lib/isccfg/win32/libisccfg.vcxproj.filters.in b/lib/isccfg/win32/libisccfg.vcxproj.filters.in new file mode 100644 index 0000000..91d4202 --- /dev/null +++ b/lib/isccfg/win32/libisccfg.vcxproj.filters.in @@ -0,0 +1,72 @@ + + + + + {4FC737F1-C7A5-4376-A066-2A32D752A2FF} + cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx + + + {93995380-89BD-4b04-88EB-625FBE52EBFB} + h;hpp;hxx;hm;inl;inc;xsd + + + {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} + rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms + + + + + + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + diff --git a/lib/isccfg/win32/libisccfg.vcxproj.in b/lib/isccfg/win32/libisccfg.vcxproj.in new file mode 100644 index 0000000..4b81300 --- /dev/null +++ b/lib/isccfg/win32/libisccfg.vcxproj.in @@ -0,0 +1,143 @@ + + + + + Debug + @PLATFORM@ + + + Release + @PLATFORM@ + + + + {B2DFA58C-6347-478E-81E8-01E06999D4F1} + Win32Proj + libisccfg + @WINDOWS_TARGET_PLATFORM_VERSION@ + + + + DynamicLibrary + true + MultiByte + @PLATFORM_TOOLSET@ + + + DynamicLibrary + false + true + MultiByte + @PLATFORM_TOOLSET@ + + + + + + + + + + + + + true + ..\..\..\Build\$(Configuration)\ + .\$(Configuration)\ + None + + + false + ..\..\..\Build\$(Configuration)\ + .\$(Configuration)\ + None + + + + + + Level4 + false + Disabled + WIN32;_DEBUG;_WINDOWS;_USRDLL;LIBISCCFG_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) + ..\..\..\config.h + .\;..\..\..\;include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\dns\include;@LIBXML2_INC@@GEOIP_INC@%(AdditionalIncludeDirectories) + true + .\$(Configuration)\$(TargetName).pch + .\$(Configuration)\ + .\$(Configuration)\ + $(OutDir)$(TargetName).pdb + true + CompileAsC + + + Console + true + ..\..\dns\win32\$(Configuration);..\..\isc\win32\$(Configuration);%(AdditionalLibraryDirectories) + @OPENSSL_LIBCRYPTO@@OPENSSL_LIBSSL@libdns.lib;libisc.lib;ws2_32.lib;%(AdditionalDependencies) + ..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt) + $(ProjectName).def + .\$(Configuration)\$(ProjectName).lib + + + + + Level1 + true + + + MaxSpeed + true + @INTRINSIC@ + WIN32;NDEBUG;_WINDOWS;_USRDLL;LIBISCCFG_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions) + ..\..\..\config.h + .\;..\..\..\;include;..\include;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;..\..\dns\include;@LIBXML2_INC@@GEOIP_INC@%(AdditionalIncludeDirectories) + OnlyExplicitInline + true + .\$(Configuration)\$(TargetName).pch + .\$(Configuration)\ + .\$(Configuration)\ + $(OutDir)$(TargetName).pdb + false + CompileAsC + + + Console + false + true + true + ..\..\dns\win32\$(Configuration);..\..\isc\win32\$(Configuration);%(AdditionalLibraryDirectories) + @OPENSSL_LIBCRYPTO@@OPENSSL_LIBSSL@libdns.lib;libisc.lib;ws2_32.lib;%(AdditionalDependencies) + Default + ..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt) + $(ProjectName).def + .\$(Configuration)\$(ProjectName).lib + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/lib/isccfg/win32/libisccfg.vcxproj.user b/lib/isccfg/win32/libisccfg.vcxproj.user new file mode 100644 index 0000000..ace9a86 --- /dev/null +++ b/lib/isccfg/win32/libisccfg.vcxproj.user @@ -0,0 +1,3 @@ + + + \ No newline at end of file diff --git a/lib/isccfg/win32/version.c b/lib/isccfg/win32/version.c new file mode 100644 index 0000000..ad4271f --- /dev/null +++ b/lib/isccfg/win32/version.c @@ -0,0 +1,18 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +#include + +#include + +LIBISCCFG_EXTERNAL_DATA const char cfg_version[] = VERSION; -- cgit v1.2.3