diff options
Diffstat (limited to 'util/config_file.c')
| -rw-r--r-- | util/config_file.c | 52 |
1 files changed, 51 insertions, 1 deletions
diff --git a/util/config_file.c b/util/config_file.c index 1eba4af860c37..af176929dc352 100644 --- a/util/config_file.c +++ b/util/config_file.c @@ -62,6 +62,9 @@ #ifdef HAVE_GLOB_H # include <glob.h> #endif +#ifdef CLIENT_SUBNET +#include "edns-subnet/edns-subnet.h" +#endif #ifdef HAVE_PWD_H #include <pwd.h> #endif @@ -173,6 +176,13 @@ config_create(void) cfg->out_ifs = NULL; cfg->stubs = NULL; cfg->forwards = NULL; +#ifdef CLIENT_SUBNET + cfg->client_subnet = NULL; + cfg->client_subnet_opcode = LDNS_EDNS_CLIENT_SUBNET; + cfg->client_subnet_always_forward = 0; + cfg->max_client_subnet_ipv4 = 24; + cfg->max_client_subnet_ipv6 = 56; +#endif cfg->views = NULL; cfg->acls = NULL; cfg->harden_short_bufsize = 0; @@ -189,6 +199,7 @@ config_create(void) cfg->unwanted_threshold = 0; cfg->hide_identity = 0; cfg->hide_version = 0; + cfg->hide_trustanchor = 0; cfg->identity = NULL; cfg->version = NULL; cfg->auto_trust_anchor_file_list = NULL; @@ -237,7 +248,11 @@ config_create(void) if(!(cfg->control_cert_file = strdup(RUN_DIR"/unbound_control.pem"))) goto error_exit; +#ifdef CLIENT_SUBNET + if(!(cfg->module_conf = strdup("subnetcache validator iterator"))) goto error_exit; +#else if(!(cfg->module_conf = strdup("validator iterator"))) goto error_exit; +#endif if(!(cfg->val_nsec3_key_iterations = strdup("1024 150 2048 500 4096 2500"))) goto error_exit; #if defined(DNSTAP_SOCKET_PATH) @@ -257,6 +272,13 @@ config_create(void) cfg->ratelimit_factor = 10; cfg->qname_minimisation = 0; cfg->qname_minimisation_strict = 0; + cfg->shm_enable = 0; + cfg->shm_key = 11777; + cfg->dnscrypt = 0; + cfg->dnscrypt_port = 0; + cfg->dnscrypt_provider = NULL; + cfg->dnscrypt_provider_cert = NULL; + cfg->dnscrypt_secret_key = NULL; return cfg; error_exit: config_delete(cfg); @@ -380,6 +402,8 @@ int config_set_option(struct config_file* cfg, const char* opt, else S_STR("log-identity:", log_identity) else S_YNO("extended-statistics:", stat_extended) else S_YNO("statistics-cumulative:", stat_cumulative) + else S_YNO("shm-enable:", shm_enable) + else S_NUMBER_OR_ZERO("shm-key:", shm_key) else S_YNO("do-ip4:", do_ip4) else S_YNO("do-ip6:", do_ip6) else S_YNO("do-udp:", do_udp) @@ -433,6 +457,7 @@ int config_set_option(struct config_file* cfg, const char* opt, else S_STR("pidfile:", pidfile) else S_YNO("hide-identity:", hide_identity) else S_YNO("hide-version:", hide_version) + else S_YNO("hide-trustanchor:", hide_trustanchor) else S_STR("identity:", identity) else S_STR("version:", version) else S_STRLIST("root-hints:", root_hints) @@ -492,6 +517,12 @@ int config_set_option(struct config_file* cfg, const char* opt, else S_STR("module-config:", module_conf) else S_STR("python-script:", python_script) else S_YNO("disable-dnssec-lame-check:", disable_dnssec_lame_check) +#ifdef CLIENT_SUBNET + /* Can't set max subnet prefix here, since that value is used when + * generating the address tree. */ + /* No client-subnet-always-forward here, module registration depends on + * this option. */ +#endif else if(strcmp(opt, "ip-ratelimit:") == 0) { IS_NUMBER_OR_ZERO; cfg->ip_ratelimit = atoi(val); infra_ip_ratelimit=cfg->ip_ratelimit; @@ -535,7 +566,9 @@ int config_set_option(struct config_file* cfg, const char* opt, * stub-ssl-upstream, forward-zone, * name, forward-addr, forward-host, * ratelimit-for-domain, ratelimit-below-domain, - * local-zone-tag, access-control-view */ + * local-zone-tag, access-control-view + * send-client-subnet client-subnet-always-forward + * max-client-subnet-ipv4 max-client-subnet-ipv6 */ return 0; } return 1; @@ -697,6 +730,8 @@ config_get_option(struct config_file* cfg, const char* opt, else O_DEC(opt, "statistics-interval", stat_interval) else O_YNO(opt, "statistics-cumulative", stat_cumulative) else O_YNO(opt, "extended-statistics", stat_extended) + else O_YNO(opt, "shm-enable", shm_enable) + else O_DEC(opt, "shm-key", shm_key) else O_YNO(opt, "use-syslog", use_syslog) else O_STR(opt, "log-identity", log_identity) else O_YNO(opt, "log-time-ascii", log_time_ascii) @@ -753,6 +788,7 @@ config_get_option(struct config_file* cfg, const char* opt, else O_STR(opt, "pidfile", pidfile) else O_YNO(opt, "hide-identity", hide_identity) else O_YNO(opt, "hide-version", hide_version) + else O_YNO(opt, "hide-trustanchor", hide_trustanchor) else O_STR(opt, "identity", identity) else O_STR(opt, "version", version) else O_STR(opt, "target-fetch-policy", target_fetch_policy) @@ -804,6 +840,13 @@ config_get_option(struct config_file* cfg, const char* opt, else O_UNS(opt, "val-override-date", val_date_override) else O_YNO(opt, "minimal-responses", minimal_responses) else O_YNO(opt, "rrset-roundrobin", rrset_roundrobin) +#ifdef CLIENT_SUBNET + else O_LST(opt, "send-client-subnet", client_subnet) + else O_DEC(opt, "max-client-subnet-ipv4", max_client_subnet_ipv4) + else O_DEC(opt, "max-client-subnet-ipv6", max_client_subnet_ipv6) + else O_YNO(opt, "client-subnet-always-forward:", + client_subnet_always_forward) +#endif else O_YNO(opt, "unblock-lan-zones", unblock_lan_zones) else O_YNO(opt, "insecure-lan-zones", insecure_lan_zones) else O_DEC(opt, "max-udp-size", max_udp_size) @@ -826,6 +869,7 @@ config_get_option(struct config_file* cfg, const char* opt, else O_IFC(opt, "define-tag", num_tags, tagname) else O_LTG(opt, "local-zone-tag", local_zone_tags) else O_LTG(opt, "access-control-tag", acl_tags) + else O_LTG(opt, "response-ip-tag", respip_tags) else O_LS3(opt, "local-zone-override", local_zone_overrides) else O_LS3(opt, "access-control-tag-action", acl_tag_actions) else O_LS3(opt, "access-control-tag-data", acl_tag_datas) @@ -934,6 +978,8 @@ config_read(struct config_file* cfg, const char* filename, const char* chroot) ub_c_parse(); fclose(in); + if(!cfg->dnscrypt) cfg->dnscrypt_port = 0; + if(cfg_parser->errors != 0) { fprintf(stderr, "read %s failed: %d errors in configuration file\n", fname, cfg_parser->errors); @@ -1083,6 +1129,9 @@ config_delete(struct config_file* cfg) config_delviews(cfg->views); config_delstrlist(cfg->donotqueryaddrs); config_delstrlist(cfg->root_hints); +#ifdef CLIENT_SUBNET + config_delstrlist(cfg->client_subnet); +#endif free(cfg->identity); free(cfg->version); free(cfg->module_conf); @@ -1106,6 +1155,7 @@ config_delete(struct config_file* cfg) config_del_strarray(cfg->tagname, cfg->num_tags); config_del_strbytelist(cfg->local_zone_tags); config_del_strbytelist(cfg->acl_tags); + config_del_strbytelist(cfg->respip_tags); config_deltrplstrlist(cfg->acl_tag_actions); config_deltrplstrlist(cfg->acl_tag_datas); config_delstrlist(cfg->control_ifs); |