diff options
Diffstat (limited to 'util/config_file.h')
| -rw-r--r-- | util/config_file.h | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/util/config_file.h b/util/config_file.h index 79b0948940226..bb7a292050b4c 100644 --- a/util/config_file.h +++ b/util/config_file.h @@ -176,6 +176,8 @@ struct config_file { /** list of servers we send edns-client-subnet option to and * accept option from, linked list */ struct config_strlist* client_subnet; + /** list of zones we send edns-client-subnet option for */ + struct config_strlist* client_subnet_zone; /** opcode assigned by IANA for edns0-client-subnet option */ uint16_t client_subnet_opcode; /** Do not check whitelist if incoming query contains an ECS record */ @@ -274,6 +276,8 @@ struct config_file { struct config_strlist* dlv_anchor_list; /** insecure domain list */ struct config_strlist* domain_insecure; + /** send key tag query */ + int trust_anchor_signaling; /** if not 0, this value is the validation date for RRSIGs */ int32_t val_date_override; @@ -317,6 +321,8 @@ struct config_file { struct config_str2list* local_zones; /** local zones nodefault list */ struct config_strlist* local_zones_nodefault; + /** do not add any default local zone */ + int local_zones_disable_default; /** local data RRs configured */ struct config_strlist* local_data; /** local zone override types per netblock */ @@ -458,6 +464,22 @@ struct config_file { struct config_strlist* dnscrypt_secret_key; /** dnscrypt provider certs 1.cert */ struct config_strlist* dnscrypt_provider_cert; + + /** IPsec module */ +#ifdef USE_IPSECMOD + /** false to bypass the IPsec module */ + int ipsecmod_enabled; + /** whitelisted domains for ipsecmod */ + struct config_strlist* ipsecmod_whitelist; + /** path to external hook */ + char* ipsecmod_hook; + /** true to proceed even with a bogus IPSECKEY */ + int ipsecmod_ignore_bogus; + /** max TTL for the A/AAAA records that call the hook */ + int ipsecmod_max_ttl; + /** false to proceed even when ipsecmod_hook fails */ + int ipsecmod_strict; +#endif }; /** from cfg username, after daemonise setup performed */ |