m += getmem_config_str3list(cfg->acl_tag_datas);
m += getmem_config_str2list(cfg->acl_view);
m += getmem_config_str2list(cfg->interface_actions);
+ m += getmem_config_str2list(cfg->allow_response_list);
m += getmem_config_strbytelist(cfg->interface_tags);
m += getmem_config_str3list(cfg->interface_tag_actions);
m += getmem_config_str3list(cfg->interface_tag_datas);
*/
COPY_VAR_ptr(acl_view);
COPY_VAR_ptr(interface_actions);
+ COPY_VAR_ptr(allow_response_list);
/* These reference tags
COPY_VAR_ptr(interface_tags);
COPY_VAR_ptr(interface_tag_actions);
const char* tsig_name = "\x19""foobar-example-dyn-update\x00";
const char* alg = "\x0b""hmac-sha256\x00";
const char* tsig_secret =
- "\x59\x2E\xD3\xD0\x84\xA8\x69\x5F\x8C\xCA\x07\xBE\x1B\xFC\x1E\x98\x74\xE7\xF6\x64\x30\x32\x10\xC6\x33\x09\x93\x94\x9D\xF1\x71\x74\x42\x27\xAB\xF5\x11\x59\x0D\x2E\x52\x2F\xBD\xA8\x7E\xD9\xEA\xD6\x8F\x3D\x6F\xD2\x60\x56\xD8\xD3\xCA\x02\xB7\x16\x1C\x43\x6D\xB8";
- const size_t tsig_secret_len = 64;
+ "\x59\x2E\xD3\xD0\x84\xA8\x69\x5F\x8C\xCA\x07\xBE\x1B\xFC\x1E\x98\x74\xE7\xF6\x64\x30\x32\x10\xC6\x33\x09\x93\x94\x9D\xF1\x71\x74";
+ const size_t tsig_secret_len = 32;
if (!worker_check_response(c->buffer, worker)) {
verbose(VERB_ALGO, "Bad response");
cfg->ifs = NULL;
cfg->num_dist = 0;
cfg->dist = NULL;
+ cfg->allow_response_list = NULL;
cfg->num_out_ifs = 0;
cfg->out_ifs = NULL;
cfg->stubs = NULL;
else O_DEC(opt, "num-threads", num_threads)
else O_IFC(opt, "interface", num_ifs, ifs)
else O_IFC(opt, "distribute", num_dist, dist)
+ else O_LS2(opt, "allow-response", allow_response_list)
else O_IFC(opt, "outgoing-interface", num_out_ifs, out_ifs)
else O_YNO(opt, "interface-automatic", if_automatic)
else O_STR(opt, "interface-automatic-ports", if_automatic_ports)
}
config_del_strarray(cfg->ifs, cfg->num_ifs);
config_del_strarray(cfg->dist, cfg->num_dist);
+ config_deldblstrlist(cfg->allow_response_list);
config_del_strarray(cfg->out_ifs, cfg->num_out_ifs);
config_delstubs(cfg->stubs);
config_delstubs(cfg->forwards);
/** distribute description strings (IP addresses) */
char **dist;
+ /** list of allowed responses, linked list */
+ struct config_str2list* allow_response_list;
+
/** number of outgoing interfaces to open.
* If 0 default all interfaces. */
int num_out_ifs;
interface{COLON} { YDVAR(1, VAR_INTERFACE) }
ip-address{COLON} { YDVAR(1, VAR_INTERFACE) }
distribute{COLON} { YDVAR(1, VAR_DISTRIBUTE ) }
+allow-response{COLON} { YDVAR(2, VAR_ALLOW_RESPONSE) }
outgoing-interface{COLON} { YDVAR(1, VAR_OUTGOING_INTERFACE) }
interface-automatic{COLON} { YDVAR(1, VAR_INTERFACE_AUTOMATIC) }
interface-automatic-ports{COLON} { YDVAR(1, VAR_INTERFACE_AUTOMATIC_PORTS) }
%token <str> STRING_ARG
%token VAR_FORCE_TOPLEVEL
%token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT
-%token VAR_OUTGOING_RANGE VAR_INTERFACE VAR_DISTRIBUTE VAR_PREFER_IP4
-%token VAR_DO_IP4 VAR_DO_IP6 VAR_DO_NAT64 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP
+%token VAR_OUTGOING_RANGE VAR_INTERFACE VAR_DISTRIBUTE VAR_ALLOW_RESPONSE
+%token VAR_PREFER_IP4 VAR_DO_IP4 VAR_DO_IP6 VAR_DO_NAT64 VAR_PREFER_IP6
+%token VAR_DO_UDP VAR_DO_TCP
%token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT
%token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT
%token VAR_SOCK_QUEUE_TIMEOUT
server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout |
server_tcp_keepalive | server_tcp_keepalive_timeout |
server_sock_queue_timeout |
- server_interface | server_distribute | server_chroot | server_username |
+ server_interface | server_distribute | server_allow_response |
+ server_chroot | server_username |
server_directory | server_logfile | server_pidfile |
server_msg_cache_size | server_msg_cache_slabs |
server_num_queries_per_thread | server_rrset_cache_size |
cfg_parser->cfg->dist[cfg_parser->cfg->num_dist++] = $2;
}
;
+server_allow_response: VAR_ALLOW_RESPONSE STRING_ARG STRING_ARG
+ {
+ OUTYY(("P(allow_response: %s %s)\n", $2, $3));
+ if(!cfg_str2list_insert(&cfg_parser->cfg->allow_response_list, $2, $3))
+ fatal_exit("out of memory adding acl");
+ }
+ ;
server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG
{
OUTYY(("P(server_outgoing_interface:%s)\n", $2));
projects / thirdparty / unbound.git / commitdiff
