diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2020-10-27 15:09:16 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2020-10-27 15:09:16 +0000 |
| commit | 4cb89f2eee3bb358f0491932ab0498b5319f4229 (patch) | |
| tree | fc2691469564e7d7e552247f2b2c6e04dd7efb8a | |
| parent | 7973006f41cdaf144441d1a39f9f075053435e2f (diff) | |
| download | src-4cb89f2eee3bb358f0491932ab0498b5319f4229.tar.gz src-4cb89f2eee3bb358f0491932ab0498b5319f4229.zip | |
Vendor import of Unbound 1.12.0.vendor/unbound/1.12.0
Notes
Notes:
svn path=/vendor/unbound/dist/; revision=367082
svn path=/vendor/unbound/1.12.0/; revision=367083; tag=vendor/unbound/1.12.0
153 files changed, 11874 insertions, 12207 deletions
diff --git a/.gitignore b/.gitignore index 7688fd758bd2..d0c69f81d2e9 100644 --- a/.gitignore +++ b/.gitignore @@ -31,6 +31,7 @@ /unbound.h /asynclook /delayer +/dohclient /lock-verify /memstats /perf diff --git a/Makefile.in b/Makefile.in index bac212df2170..d2600e71f0cf 100644 --- a/Makefile.in +++ b/Makefile.in @@ -231,6 +231,10 @@ STREAMTCP_SRC=testcode/streamtcp.c STREAMTCP_OBJ=streamtcp.lo STREAMTCP_OBJ_LINK=$(STREAMTCP_OBJ) worker_cb.lo $(COMMON_OBJ) $(COMPAT_OBJ) \ $(SLDNS_OBJ) +DOHCLIENT_SRC=testcode/dohclient.c +DOHCLIENT_OBJ=dohclient.lo +DOHCLIENT_OBJ_LINK=$(DOHCLIENT_OBJ) worker_cb.lo $(COMMON_OBJ) $(COMPAT_OBJ) \ +$(SLDNS_OBJ) PERF_SRC=testcode/perf.c PERF_OBJ=perf.lo PERF_OBJ_LINK=$(PERF_OBJ) worker_cb.lo $(COMMON_OBJ) $(COMPAT_OBJ) $(SLDNS_OBJ) @@ -272,7 +276,8 @@ ALL_SRC=$(COMMON_SRC) $(UNITTEST_SRC) $(DAEMON_SRC) \ $(ASYNCLOOK_SRC) $(STREAMTCP_SRC) $(PERF_SRC) $(DELAYER_SRC) \ $(CONTROL_SRC) $(UBANCHOR_SRC) $(PETAL_SRC) $(DNSTAP_SOCKET_SRC)\ $(PYTHONMOD_SRC) $(PYUNBOUND_SRC) $(WIN_DAEMON_THE_SRC) \ - $(SVCINST_SRC) $(SVCUNINST_SRC) $(ANCHORUPD_SRC) $(SLDNS_SRC) + $(SVCINST_SRC) $(SVCUNINST_SRC) $(ANCHORUPD_SRC) $(SLDNS_SRC) \ + $(DOHCLIENT_SRC) ALL_OBJ=$(COMMON_OBJ) $(UNITTEST_OBJ) $(DAEMON_OBJ) \ $(TESTBOUND_OBJ) $(LOCKVERIFY_OBJ) $(PKTVIEW_OBJ) \ @@ -280,7 +285,8 @@ ALL_OBJ=$(COMMON_OBJ) $(UNITTEST_OBJ) $(DAEMON_OBJ) \ $(ASYNCLOOK_OBJ) $(STREAMTCP_OBJ) $(PERF_OBJ) $(DELAYER_OBJ) \ $(CONTROL_OBJ) $(UBANCHOR_OBJ) $(PETAL_OBJ) $(DNSTAP_SOCKET_OBJ)\ $(COMPAT_OBJ) $(PYUNBOUND_OBJ) \ - $(SVCINST_OBJ) $(SVCUNINST_OBJ) $(ANCHORUPD_OBJ) $(SLDNS_OBJ) + $(SVCINST_OBJ) $(SVCUNINST_OBJ) $(ANCHORUPD_OBJ) $(SLDNS_OBJ) \ + $(DOHCLIENT_OBJ) COMPILE=$(LIBTOOL) --tag=CC --mode=compile $(CC) $(CPPFLAGS) $(CFLAGS) @PTHREAD_CFLAGS_ONLY@ LINK=$(LIBTOOL) --tag=CC --mode=link $(CC) $(staticexe) $(RUNTIME_PATH) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) @@ -317,7 +323,7 @@ rsrc_unbound_checkconf.o: $(srcdir)/winrc/rsrc_unbound_checkconf.rc config.h TEST_BIN=asynclook$(EXEEXT) delayer$(EXEEXT) \ lock-verify$(EXEEXT) memstats$(EXEEXT) perf$(EXEEXT) \ petal$(EXEEXT) pktview$(EXEEXT) streamtcp$(EXEEXT) \ - unbound-dnstap-socket$(EXEEXT) \ + unbound-dnstap-socket$(EXEEXT) dohclient$(EXEEXT) \ testbound$(EXEEXT) unittest$(EXEEXT) tests: all $(TEST_BIN) @@ -387,6 +393,9 @@ asynclook$(EXEEXT): $(ASYNCLOOK_OBJ_LINK) libunbound.la streamtcp$(EXEEXT): $(STREAMTCP_OBJ_LINK) $(LINK) -o $@ $(STREAMTCP_OBJ_LINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) +dohclient$(EXEEXT): $(DOHCLIENT_OBJ_LINK) + $(LINK) -o $@ $(DOHCLIENT_OBJ_LINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) + perf$(EXEEXT): $(PERF_OBJ_LINK) $(LINK) -o $@ $(PERF_OBJ_LINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) @@ -672,7 +681,7 @@ dns.lo dns.o: $(srcdir)/services/cache/dns.c config.h $(srcdir)/iterator/iter_de $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h \ $(srcdir)/validator/val_utils.h $(srcdir)/sldns/pkthdr.h $(srcdir)/services/cache/dns.h \ $(srcdir)/util/data/msgreply.h $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h \ - $(srcdir)/util/data/dname.h $(srcdir)/util/module.h $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/rrdef.h \ + $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/data/dname.h $(srcdir)/util/module.h \ $(srcdir)/util/net_help.h $(srcdir)/util/regional.h $(srcdir)/util/config_file.h $(srcdir)/sldns/sbuffer.h infra.lo infra.o: $(srcdir)/services/cache/infra.c config.h $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/str2wire.h \ $(srcdir)/sldns/sbuffer.h $(srcdir)/sldns/wire2str.h $(srcdir)/services/cache/infra.h \ @@ -713,10 +722,11 @@ msgreply.lo msgreply.o: $(srcdir)/util/data/msgreply.c config.h $(srcdir)/util/d $(srcdir)/util/storage/dnstree.h $(srcdir)/services/view.h $(srcdir)/util/config_file.h \ $(srcdir)/services/authzone.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h $(srcdir)/libunbound/unbound.h \ $(srcdir)/respip/respip.h -packed_rrset.lo packed_rrset.o: $(srcdir)/util/data/packed_rrset.c config.h \ - $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \ - $(srcdir)/util/data/dname.h $(srcdir)/util/storage/lookup3.h $(srcdir)/util/alloc.h $(srcdir)/util/regional.h \ - $(srcdir)/util/net_help.h $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/sbuffer.h $(srcdir)/sldns/wire2str.h +packed_rrset.lo packed_rrset.o: $(srcdir)/util/data/packed_rrset.c config.h $(srcdir)/util/data/msgparse.h \ + $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/sldns/pkthdr.h \ + $(srcdir)/sldns/rrdef.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/dname.h \ + $(srcdir)/util/storage/lookup3.h $(srcdir)/util/alloc.h $(srcdir)/util/regional.h $(srcdir)/util/net_help.h \ + $(srcdir)/sldns/sbuffer.h $(srcdir)/sldns/wire2str.h iterator.lo iterator.o: $(srcdir)/iterator/iterator.c config.h $(srcdir)/iterator/iterator.h \ $(srcdir)/services/outbound_list.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/storage/lruhash.h \ $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/module.h \ @@ -785,7 +795,7 @@ listen_dnsport.lo listen_dnsport.o: $(srcdir)/services/listen_dnsport.c config.h $(srcdir)/services/listen_dnsport.h $(srcdir)/util/netevent.h $(srcdir)/dnscrypt/dnscrypt.h \ $(srcdir)/services/outside_network.h $(srcdir)/util/rbtree.h \ $(srcdir)/util/log.h $(srcdir)/util/config_file.h $(srcdir)/util/net_help.h \ - $(srcdir)/sldns/sbuffer.h $(srcdir)/services/mesh.h $(srcdir)/util/data/msgparse.h \ + $(srcdir)/sldns/sbuffer.h $(srcdir)/sldns/parseutil.h $(srcdir)/services/mesh.h $(srcdir)/util/data/msgparse.h \ $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h \ $(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h \ $(srcdir)/services/modstack.h $(srcdir)/services/rpz.h $(srcdir)/services/localzone.h \ @@ -808,10 +818,10 @@ mesh.lo mesh.o: $(srcdir)/services/mesh.c config.h $(srcdir)/services/mesh.h $(s $(srcdir)/services/localzone.h $(srcdir)/util/storage/dnstree.h $(srcdir)/services/view.h \ $(srcdir)/sldns/sbuffer.h $(srcdir)/util/config_file.h $(srcdir)/services/authzone.h $(srcdir)/daemon/stats.h \ $(srcdir)/util/timehist.h $(srcdir)/libunbound/unbound.h $(srcdir)/respip/respip.h \ - $(srcdir)/services/outbound_list.h $(srcdir)/services/cache/dns.h $(srcdir)/util/net_help.h \ - $(srcdir)/util/regional.h $(srcdir)/util/data/msgencode.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h \ - $(srcdir)/util/alloc.h $(srcdir)/util/edns.h $(srcdir)/sldns/wire2str.h $(srcdir)/util/data/dname.h \ - $(srcdir)/services/listen_dnsport.h + $(srcdir)/services/outbound_list.h $(srcdir)/services/cache/dns.h $(srcdir)/services/cache/rrset.h \ + $(srcdir)/util/storage/slabhash.h $(srcdir)/util/net_help.h $(srcdir)/util/regional.h \ + $(srcdir)/util/data/msgencode.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h $(srcdir)/util/alloc.h \ + $(srcdir)/util/edns.h $(srcdir)/sldns/wire2str.h $(srcdir)/util/data/dname.h $(srcdir)/services/listen_dnsport.h modstack.lo modstack.o: $(srcdir)/services/modstack.c config.h $(srcdir)/services/modstack.h \ $(srcdir)/util/module.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \ $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h \ @@ -1204,7 +1214,8 @@ testpkts.lo testpkts.o: $(srcdir)/testcode/testpkts.c config.h $(srcdir)/testcod $(srcdir)/util/net_help.h $(srcdir)/util/log.h $(srcdir)/sldns/sbuffer.h $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/pkthdr.h \ $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/wire2str.h unitldns.lo unitldns.o: $(srcdir)/testcode/unitldns.c config.h $(srcdir)/util/log.h $(srcdir)/testcode/unitmain.h \ - $(srcdir)/sldns/sbuffer.h $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/wire2str.h + $(srcdir)/sldns/sbuffer.h $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/wire2str.h \ + $(srcdir)/sldns/parseutil.h unitecs.lo unitecs.o: $(srcdir)/testcode/unitecs.c config.h unitauth.lo unitauth.o: $(srcdir)/testcode/unitauth.c config.h $(srcdir)/services/authzone.h \ $(srcdir)/util/rbtree.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/services/mesh.h $(srcdir)/util/netevent.h \ @@ -1310,7 +1321,8 @@ worker.lo worker.o: $(srcdir)/daemon/worker.c config.h $(srcdir)/util/log.h $(sr $(srcdir)/util/data/dname.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h $(srcdir)/util/edns.h \ $(srcdir)/iterator/iter_fwd.h $(srcdir)/iterator/iter_hints.h $(srcdir)/validator/autotrust.h \ $(srcdir)/validator/val_anchor.h $(srcdir)/libunbound/context.h $(srcdir)/libunbound/unbound-event.h \ - $(srcdir)/libunbound/libworker.h $(srcdir)/sldns/wire2str.h $(srcdir)/util/shm_side/shm_main.h + $(srcdir)/libunbound/libworker.h $(srcdir)/sldns/wire2str.h $(srcdir)/util/shm_side/shm_main.h \ + $(srcdir)/dnstap/dtstream.h testbound.lo testbound.o: $(srcdir)/testcode/testbound.c config.h $(srcdir)/testcode/testpkts.h \ $(srcdir)/testcode/replay.h $(srcdir)/util/netevent.h $(srcdir)/dnscrypt/dnscrypt.h \ $(srcdir)/util/rbtree.h $(srcdir)/testcode/fake_event.h \ @@ -1344,7 +1356,8 @@ worker.lo worker.o: $(srcdir)/daemon/worker.c config.h $(srcdir)/util/log.h $(sr $(srcdir)/util/data/dname.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h $(srcdir)/util/edns.h \ $(srcdir)/iterator/iter_fwd.h $(srcdir)/iterator/iter_hints.h $(srcdir)/validator/autotrust.h \ $(srcdir)/validator/val_anchor.h $(srcdir)/libunbound/context.h $(srcdir)/libunbound/unbound-event.h \ - $(srcdir)/libunbound/libworker.h $(srcdir)/sldns/wire2str.h $(srcdir)/util/shm_side/shm_main.h + $(srcdir)/libunbound/libworker.h $(srcdir)/sldns/wire2str.h $(srcdir)/util/shm_side/shm_main.h \ + $(srcdir)/dnstap/dtstream.h acl_list.lo acl_list.o: $(srcdir)/daemon/acl_list.c config.h $(srcdir)/daemon/acl_list.h \ $(srcdir)/util/storage/dnstree.h $(srcdir)/util/rbtree.h $(srcdir)/services/view.h $(srcdir)/util/locks.h \ $(srcdir)/util/log.h $(srcdir)/util/regional.h $(srcdir)/util/config_file.h $(srcdir)/util/net_help.h \ @@ -1507,6 +1520,12 @@ unbound-control.lo unbound-control.o: $(srcdir)/smallapp/unbound-control.c confi unbound-anchor.lo unbound-anchor.o: $(srcdir)/smallapp/unbound-anchor.c config.h $(srcdir)/libunbound/unbound.h \ $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/parseutil.h petal.lo petal.o: $(srcdir)/testcode/petal.c config.h +unbound-dnstap-socket.lo unbound-dnstap-socket.o: $(srcdir)/dnstap/unbound-dnstap-socket.c config.h \ + $(srcdir)/dnstap/dtstream.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/dnstap/dnstap_fstrm.h \ + $(srcdir)/util/ub_event.h $(srcdir)/util/net_help.h $(srcdir)/services/listen_dnsport.h \ + $(srcdir)/util/netevent.h $(srcdir)/dnscrypt/dnscrypt.h \ + $(srcdir)/sldns/sbuffer.h $(srcdir)/sldns/wire2str.h $(srcdir)/util/config_file.h \ + $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h pythonmod_utils.lo pythonmod_utils.o: $(srcdir)/pythonmod/pythonmod_utils.c config.h $(srcdir)/util/module.h \ $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/data/msgreply.h \ $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h \ @@ -1542,6 +1561,10 @@ parseutil.lo parseutil.o: $(srcdir)/sldns/parseutil.c config.h $(srcdir)/sldns/p rrdef.lo rrdef.o: $(srcdir)/sldns/rrdef.c config.h $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/parseutil.h str2wire.lo str2wire.o: $(srcdir)/sldns/str2wire.c config.h $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/rrdef.h \ $(srcdir)/sldns/wire2str.h $(srcdir)/sldns/sbuffer.h $(srcdir)/sldns/parse.h $(srcdir)/sldns/parseutil.h +dohclient.lo dohclient.o: $(srcdir)/testcode/dohclient.c config.h $(srcdir)/sldns/wire2str.h \ + $(srcdir)/sldns/sbuffer.h $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/data/msgencode.h \ + $(srcdir)/util/data/msgreply.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \ + $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/net_help.h ctime_r.lo ctime_r.o: $(srcdir)/compat/ctime_r.c config.h $(srcdir)/util/locks.h $(srcdir)/util/log.h fake-rfc2553.lo fake-rfc2553.o: $(srcdir)/compat/fake-rfc2553.c $(srcdir)/compat/fake-rfc2553.h config.h gmtime_r.lo gmtime_r.o: $(srcdir)/compat/gmtime_r.c config.h diff --git a/README.md b/README.md index 7120d486f732..3e11ce58ce0d 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ fast and lean and incorporates modern features based on open standards. If you have any feedback, we would love to hear from you. Don’t hesitate to [create an issue on Github](https://github.com/NLnetLabs/unbound/issues/new) or post a message on the [Unbound mailing list](https://lists.nlnetlabs.nl/mailman/listinfo/unbound-users). -You can lean more about Unbound by reading our +You can learn more about Unbound by reading our [documentation](https://nlnetlabs.nl/documentation/unbound/). ## Compiling diff --git a/acx_nlnetlabs.m4 b/acx_nlnetlabs.m4 index 8eccc15b0d80..31e43d67e875 100644 --- a/acx_nlnetlabs.m4 +++ b/acx_nlnetlabs.m4 @@ -2,7 +2,8 @@ # Copyright 2009, Wouter Wijngaards, NLnet Labs. # BSD licensed. # -# Version 34 +# Version 35 +# 2020-08-24 Use EVP_sha256 instead of HMAC_Update (for openssl-3.0.0). # 2016-03-21 Check -ldl -pthread for libcrypto for ldns and openssl 1.1.0. # 2016-03-21 Use HMAC_Update instead of HMAC_CTX_Init (for openssl-1.1.0). # 2016-01-04 -D_DEFAULT_SOURCE defined with -D_BSD_SOURCE for Linux glibc 2.20 @@ -673,16 +674,16 @@ AC_DEFUN([ACX_SSL_CHECKS], [ ACX_RUNTIME_PATH_ADD([$ssldir/lib]) fi - AC_MSG_CHECKING([for HMAC_Update in -lcrypto]) + AC_MSG_CHECKING([for EVP_sha256 in -lcrypto]) LIBS="$LIBS -lcrypto" LIBSSL_LIBS="$LIBSSL_LIBS -lcrypto" AC_TRY_LINK(, [ - int HMAC_Update(void); - (void)HMAC_Update(); + int EVP_sha256(void); + (void)EVP_sha256(); ], [ AC_MSG_RESULT(yes) - AC_DEFINE([HAVE_HMAC_UPDATE], 1, - [If you have HMAC_Update]) + AC_DEFINE([HAVE_EVP_SHA256], 1, + [If you have EVP_sha256]) ], [ AC_MSG_RESULT(no) # check if -lwsock32 or -lgdi32 are needed. @@ -692,11 +693,11 @@ AC_DEFUN([ACX_SSL_CHECKS], [ LIBSSL_LIBS="$LIBSSL_LIBS -lgdi32 -lws2_32" AC_MSG_CHECKING([if -lcrypto needs -lgdi32]) AC_TRY_LINK([], [ - int HMAC_Update(void); - (void)HMAC_Update(); + int EVP_sha256(void); + (void)EVP_sha256(); ],[ - AC_DEFINE([HAVE_HMAC_UPDATE], 1, - [If you have HMAC_Update]) + AC_DEFINE([HAVE_EVP_SHA256], 1, + [If you have EVP_sha256]) AC_MSG_RESULT(yes) ],[ AC_MSG_RESULT(no) @@ -706,11 +707,11 @@ AC_DEFUN([ACX_SSL_CHECKS], [ LIBSSL_LIBS="$LIBSSL_LIBS -ldl" AC_MSG_CHECKING([if -lcrypto needs -ldl]) AC_TRY_LINK([], [ - int HMAC_Update(void); - (void)HMAC_Update(); + int EVP_sha256(void); + (void)EVP_sha256(); ],[ - AC_DEFINE([HAVE_HMAC_UPDATE], 1, - [If you have HMAC_Update]) + AC_DEFINE([HAVE_EVP_SHA256], 1, + [If you have EVP_sha256]) AC_MSG_RESULT(yes) ],[ AC_MSG_RESULT(no) @@ -720,11 +721,11 @@ AC_DEFUN([ACX_SSL_CHECKS], [ LIBSSL_LIBS="$LIBSSL_LIBS -ldl -pthread" AC_MSG_CHECKING([if -lcrypto needs -ldl -pthread]) AC_TRY_LINK([], [ - int HMAC_Update(void); - (void)HMAC_Update(); + int EVP_sha256(void); + (void)EVP_sha256(); ],[ - AC_DEFINE([HAVE_HMAC_UPDATE], 1, - [If you have HMAC_Update]) + AC_DEFINE([HAVE_EVP_SHA256], 1, + [If you have EVP_sha256]) AC_MSG_RESULT(yes) ],[ AC_MSG_RESULT(no) diff --git a/config.guess b/config.guess index e94095c5fbe8..8d70ec2b2633 100755 --- a/config.guess +++ b/config.guess @@ -2,7 +2,7 @@ # Attempt to guess a canonical system name. # Copyright 1992-2020 Free Software Foundation, Inc. -timestamp='2020-07-12' +timestamp='2020-09-19' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -150,17 +150,15 @@ Linux|GNU|GNU/*) #elif defined(__dietlibc__) LIBC=dietlibc #else + #include <stdarg.h> + #ifdef __DEFINED_va_list + LIBC=musl + #else LIBC=gnu #endif + #endif EOF eval "`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^LIBC' | sed 's, ,,g'`" - - # If ldd exists, use it to detect musl libc. - if command -v ldd >/dev/null && \ - ldd --version 2>&1 | grep -q ^musl - then - LIBC=musl - fi ;; esac @@ -404,7 +402,7 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # If there is a compiler, see if it is configured for 64-bit objects. # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. # This test works for both compilers. - if [ "$CC_FOR_BUILD" != no_compiler_found ]; then + if test "$CC_FOR_BUILD" != no_compiler_found; then if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ grep IS_64BIT_ARCH >/dev/null @@ -544,10 +542,10 @@ EOF AViiON:dgux:*:*) # DG/UX returns AViiON for all architectures UNAME_PROCESSOR=`/usr/bin/uname -p` - if [ "$UNAME_PROCESSOR" = mc88100 ] || [ "$UNAME_PROCESSOR" = mc88110 ] + if test "$UNAME_PROCESSOR" = mc88100 || test "$UNAME_PROCESSOR" = mc88110 then - if [ "$TARGET_BINARY_INTERFACE"x = m88kdguxelfx ] || \ - [ "$TARGET_BINARY_INTERFACE"x = x ] + if test "$TARGET_BINARY_INTERFACE"x = m88kdguxelfx || \ + test "$TARGET_BINARY_INTERFACE"x = x then echo m88k-dg-dgux"$UNAME_RELEASE" else @@ -580,7 +578,7 @@ EOF echo i386-ibm-aix exit ;; ia64:AIX:*:*) - if [ -x /usr/bin/oslevel ] ; then + if test -x /usr/bin/oslevel ; then IBM_REV=`/usr/bin/oslevel` else IBM_REV="$UNAME_VERSION.$UNAME_RELEASE" @@ -620,7 +618,7 @@ EOF else IBM_ARCH=powerpc fi - if [ -x /usr/bin/lslpp ] ; then + if test -x /usr/bin/lslpp ; then IBM_REV=`/usr/bin/lslpp -Lqc bos.rte.libc | awk -F: '{ print $3 }' | sed s/[0-9]*$/0/` else @@ -655,7 +653,7 @@ EOF 9000/31?) HP_ARCH=m68000 ;; 9000/[34]??) HP_ARCH=m68k ;; 9000/[678][0-9][0-9]) - if [ -x /usr/bin/getconf ]; then + if test -x /usr/bin/getconf; then sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` case "$sc_cpu_version" in @@ -669,7 +667,7 @@ EOF esac ;; esac fi - if [ "$HP_ARCH" = "" ]; then + if test "$HP_ARCH" = ""; then set_cc_for_build sed 's/^ //' << EOF > "$dummy.c" @@ -708,7 +706,7 @@ EOF test -z "$HP_ARCH" && HP_ARCH=hppa fi ;; esac - if [ "$HP_ARCH" = hppa2.0w ] + if test "$HP_ARCH" = hppa2.0w then set_cc_for_build @@ -782,7 +780,7 @@ EOF echo hppa1.0-hp-osf exit ;; i*86:OSF1:*:*) - if [ -x /usr/sbin/sysversion ] ; then + if test -x /usr/sbin/sysversion ; then echo "$UNAME_MACHINE"-unknown-osf1mk else echo "$UNAME_MACHINE"-unknown-osf1 @@ -1097,7 +1095,7 @@ EOF x86_64:Linux:*:*) set_cc_for_build LIBCABI=$LIBC - if [ "$CC_FOR_BUILD" != no_compiler_found ]; then + if test "$CC_FOR_BUILD" != no_compiler_found; then if (echo '#ifdef __ILP32__'; echo IS_X32; echo '#endif') | \ (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ grep IS_X32 >/dev/null @@ -1294,7 +1292,7 @@ EOF echo mips-sony-newsos6 exit ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) - if [ -d /usr/nec ]; then + if test -d /usr/nec; then echo mips-nec-sysv"$UNAME_RELEASE" else echo mips-unknown-sysv"$UNAME_RELEASE" @@ -1359,7 +1357,7 @@ EOF else set_cc_for_build fi - if [ "$CC_FOR_BUILD" != no_compiler_found ]; then + if test "$CC_FOR_BUILD" != no_compiler_found; then if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ grep IS_64BIT_ARCH >/dev/null diff --git a/config.h.in b/config.h.in index f7a4095ed348..f993b81b021a 100644 --- a/config.h.in +++ b/config.h.in @@ -113,6 +113,10 @@ don't. */ #undef HAVE_DECL_INET_PTON +/* Define to 1 if you have the declaration of `nghttp2_session_server_new', + and to 0 if you don't. */ +#undef HAVE_DECL_NGHTTP2_SESSION_SERVER_NEW + /* Define to 1 if you have the declaration of `NID_ED25519', and to 0 if you don't. */ #undef HAVE_DECL_NID_ED25519 @@ -221,6 +225,9 @@ /* Define to 1 if you have the `EVP_EncryptInit_ex' function. */ #undef HAVE_EVP_ENCRYPTINIT_EX +/* Define to 1 if you have the `EVP_MAC_CTX_set_params' function. */ +#undef HAVE_EVP_MAC_CTX_SET_PARAMS + /* Define to 1 if you have the `EVP_MD_CTX_new' function. */ #undef HAVE_EVP_MD_CTX_NEW @@ -269,6 +276,9 @@ /* Define to 1 if you have the `getentropy' function. */ #undef HAVE_GETENTROPY +/* Define to 1 if you have the `getifaddrs' function. */ +#undef HAVE_GETIFADDRS + /* Define to 1 if you have the <getopt.h> header file. */ #undef HAVE_GETOPT_H @@ -296,12 +306,12 @@ /* Define to 1 if you have the `HMAC_Init_ex' function. */ #undef HAVE_HMAC_INIT_EX -/* If you have HMAC_Update */ -#undef HAVE_HMAC_UPDATE - /* If we have htobe64 */ #undef HAVE_HTOBE64 +/* Define to 1 if you have the <ifaddrs.h> header file. */ +#undef HAVE_IFADDRS_H + /* Define to 1 if you have the `inet_aton' function. */ #undef HAVE_INET_ATON @@ -371,6 +381,15 @@ /* Define to 1 if you have the <nettle/eddsa.h> header file. */ #undef HAVE_NETTLE_EDDSA_H +/* Define to 1 if you have the <net/if.h> header file. */ +#undef HAVE_NET_IF_H + +/* Define this to use nghttp2 client. */ +#undef HAVE_NGHTTP2 + +/* Define to 1 if you have the <nghttp2/nghttp2.h> header file. */ +#undef HAVE_NGHTTP2_NGHTTP2_H + /* Use libnss for crypto */ #undef HAVE_NSS @@ -497,6 +516,9 @@ /* Define if you have the SSL libraries installed. */ #undef HAVE_SSL +/* Define to 1 if you have the `SSL_CTX_set_alpn_select_cb' function. */ +#undef HAVE_SSL_CTX_SET_ALPN_SELECT_CB + /* Define to 1 if you have the `SSL_CTX_set_ciphersuites' function. */ #undef HAVE_SSL_CTX_SET_CIPHERSUITES @@ -573,6 +595,9 @@ /* Define to 1 if you have the <sys/resource.h> header file. */ #undef HAVE_SYS_RESOURCE_H +/* Define to 1 if you have the <sys/select.h> header file. */ +#undef HAVE_SYS_SELECT_H + /* Define to 1 if you have the <sys/sha2.h> header file. */ #undef HAVE_SYS_SHA2_H @@ -1358,6 +1383,8 @@ void *unbound_stat_realloc_log(void *ptr, size_t size, const char* file, #define UNBOUND_DNS_PORT 53 /** default port for DNS over TLS traffic. */ #define UNBOUND_DNS_OVER_TLS_PORT 853 +/** default port for DNS over HTTPS traffic. */ +#define UNBOUND_DNS_OVER_HTTPS_PORT 443 /** default port for unbound control traffic, registered port with IANA, ub-dns-control 8953/tcp unbound dns nameserver control */ #define UNBOUND_CONTROL_PORT 8953 diff --git a/config.sub b/config.sub index 3d9a8dc3d5a7..9bc49a7e9223 100755 --- a/config.sub +++ b/config.sub @@ -2,7 +2,7 @@ # Configuration validation subroutine script. # Copyright 1992-2020 Free Software Foundation, Inc. -timestamp='2020-07-10' +timestamp='2020-09-08' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -1278,7 +1278,7 @@ esac # Decode manufacturer-specific aliases for certain operating systems. -if [ x$basic_os != x ] +if test x$basic_os != x then # First recognize some ad-hoc caes, or perhaps split kernel-os, or else just @@ -1367,13 +1367,7 @@ case $os in os=psos ;; qnx*) - case $cpu in - x86 | i*86) - ;; - *) - os=nto-$os - ;; - esac + os=qnx ;; hiux*) os=hiuxwe2 @@ -1722,7 +1716,7 @@ case $os in | skyos* | haiku* | rdos* | toppers* | drops* | es* \ | onefs* | tirtos* | phoenix* | fuchsia* | redox* | bme* \ | midnightbsd* | amdhsa* | unleashed* | emscripten* | wasi* \ - | nsk* | powerunix* | genode* | zvmoe* ) + | nsk* | powerunix* | genode* | zvmoe* | qnx* ) ;; # This one is extra strict with allowed versions sco3.2v2 | sco3.2v[4-9]* | sco5v6*) @@ -1741,6 +1735,8 @@ esac case $kernel-$os in linux-gnu* | linux-dietlibc* | linux-android* | linux-newlib* | linux-musl* | linux-uclibc* ) ;; + uclinux-uclibc* ) + ;; -dietlibc* | -newlib* | -musl* | -uclibc* ) # These are just libc implementations, not actual OSes, and thus # require a kernel. diff --git a/configure b/configure index ed66e853047d..69bc15f97fda 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for unbound 1.11.0. +# Generated by GNU Autoconf 2.69 for unbound 1.12.0. # # Report bugs to <unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues>. # @@ -591,8 +591,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='unbound' PACKAGE_TARNAME='unbound' -PACKAGE_VERSION='1.11.0' -PACKAGE_STRING='unbound 1.11.0' +PACKAGE_VERSION='1.12.0' +PACKAGE_STRING='unbound 1.12.0' PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues' PACKAGE_URL='' @@ -882,6 +882,7 @@ enable_tfo_server with_libevent with_libexpat with_libhiredis +with_libnghttp2 enable_static_exe enable_fully_static enable_lock_checks @@ -1458,7 +1459,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures unbound 1.11.0 to adapt to many kinds of systems. +\`configure' configures unbound 1.12.0 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1523,7 +1524,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of unbound 1.11.0:";; + short | recursive ) echo "Configuration of unbound 1.12.0:";; esac cat <<\_ACEOF @@ -1642,6 +1643,7 @@ Optional Packages: outgoing port ranges. --with-libexpat=path specify explicit path for libexpat. --with-libhiredis=path specify explicit path for libhiredis. + --with-libnghttp2=path specify explicit path for libnghttp2. --with-dnstap-socket-path=pathname set default dnstap socket path --with-protobuf-c=path Path where protobuf-c is installed, for dnstap @@ -1750,7 +1752,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -unbound configure 1.11.0 +unbound configure 1.12.0 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2459,7 +2461,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by unbound $as_me 1.11.0, which was +It was created by unbound $as_me 1.12.0, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2809,13 +2811,13 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu UNBOUND_VERSION_MAJOR=1 -UNBOUND_VERSION_MINOR=11 +UNBOUND_VERSION_MINOR=12 UNBOUND_VERSION_MICRO=0 LIBUNBOUND_CURRENT=9 -LIBUNBOUND_REVISION=9 +LIBUNBOUND_REVISION=10 LIBUNBOUND_AGE=1 # 1.0.0 had 0:12:0 # 1.0.1 had 0:13:0 @@ -2892,6 +2894,7 @@ LIBUNBOUND_AGE=1 # 1.10.0 had 9:7:1 # 1.10.1 had 9:8:1 # 1.11.0 had 9:9:1 +# 1.12.0 had 9:10:1 # Current -- the number of the binary API that we're implementing # Revision -- which iteration of the implementation of the binary @@ -14725,7 +14728,7 @@ $as_echo "no" >&6; } fi # Checks for header files. -for ac_header in stdarg.h stdbool.h netinet/in.h netinet/tcp.h sys/param.h sys/socket.h sys/un.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h grp.h login_cap.h winsock2.h ws2tcpip.h endian.h sys/endian.h libkern/OSByteOrder.h sys/ipc.h sys/shm.h +for ac_header in stdarg.h stdbool.h netinet/in.h netinet/tcp.h sys/param.h sys/select.h sys/socket.h sys/un.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h grp.h login_cap.h winsock2.h ws2tcpip.h endian.h sys/endian.h libkern/OSByteOrder.h sys/ipc.h sys/shm.h ifaddrs.h net/if.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default @@ -17942,8 +17945,8 @@ $as_echo "found in $ssldir" >&6; } fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for HMAC_Update in -lcrypto" >&5 -$as_echo_n "checking for HMAC_Update in -lcrypto... " >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_sha256 in -lcrypto" >&5 +$as_echo_n "checking for EVP_sha256 in -lcrypto... " >&6; } LIBS="$LIBS -lcrypto" LIBSSL_LIBS="$LIBSSL_LIBS -lcrypto" cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -17953,8 +17956,8 @@ int main () { - int HMAC_Update(void); - (void)HMAC_Update(); + int EVP_sha256(void); + (void)EVP_sha256(); ; return 0; @@ -17965,7 +17968,7 @@ if ac_fn_c_try_link "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } -$as_echo "#define HAVE_HMAC_UPDATE 1" >>confdefs.h +$as_echo "#define HAVE_EVP_SHA256 1" >>confdefs.h else @@ -17986,8 +17989,8 @@ int main () { - int HMAC_Update(void); - (void)HMAC_Update(); + int EVP_sha256(void); + (void)EVP_sha256(); ; return 0; @@ -17996,7 +17999,7 @@ _ACEOF if ac_fn_c_try_link "$LINENO"; then : -$as_echo "#define HAVE_HMAC_UPDATE 1" >>confdefs.h +$as_echo "#define HAVE_EVP_SHA256 1" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } @@ -18018,8 +18021,8 @@ int main () { - int HMAC_Update(void); - (void)HMAC_Update(); + int EVP_sha256(void); + (void)EVP_sha256(); ; return 0; @@ -18028,7 +18031,7 @@ _ACEOF if ac_fn_c_try_link "$LINENO"; then : -$as_echo "#define HAVE_HMAC_UPDATE 1" >>confdefs.h +$as_echo "#define HAVE_EVP_SHA256 1" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } @@ -18050,8 +18053,8 @@ int main () { - int HMAC_Update(void); - (void)HMAC_Update(); + int EVP_sha256(void); + (void)EVP_sha256(); ; return 0; @@ -18060,7 +18063,7 @@ _ACEOF if ac_fn_c_try_link "$LINENO"; then : -$as_echo "#define HAVE_HMAC_UPDATE 1" >>confdefs.h +$as_echo "#define HAVE_EVP_SHA256 1" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } @@ -18245,11 +18248,11 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext #ifdef __cplusplus extern "C" #endif -char HMAC_Update (); +char EVP_sha256 (); int main () { -return HMAC_Update (); +return EVP_sha256 (); ; return 0; } @@ -18340,7 +18343,7 @@ fi done -for ac_func in OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_MD_CTX_new OpenSSL_add_all_digests OPENSSL_init_crypto EVP_cleanup ENGINE_cleanup ERR_load_crypto_strings CRYPTO_cleanup_all_ex_data ERR_free_strings RAND_cleanup DSA_SIG_set0 EVP_dss1 EVP_DigestVerify EVP_aes_256_cbc EVP_EncryptInit_ex HMAC_Init_ex CRYPTO_THREADID_set_callback +for ac_func in OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_MD_CTX_new OpenSSL_add_all_digests OPENSSL_init_crypto EVP_cleanup ENGINE_cleanup ERR_load_crypto_strings CRYPTO_cleanup_all_ex_data ERR_free_strings RAND_cleanup DSA_SIG_set0 EVP_dss1 EVP_DigestVerify EVP_aes_256_cbc EVP_EncryptInit_ex HMAC_Init_ex CRYPTO_THREADID_set_callback EVP_MAC_CTX_set_params do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" @@ -18356,7 +18359,7 @@ done # these check_funcs need -lssl BAKLIBS="$LIBS" LIBS="-lssl $LIBS" -for ac_func in OPENSSL_init_ssl SSL_CTX_set_security_level SSL_set1_host SSL_get0_peername X509_VERIFY_PARAM_set1_host SSL_CTX_set_ciphersuites SSL_CTX_set_tlsext_ticket_key_evp_cb +for ac_func in OPENSSL_init_ssl SSL_CTX_set_security_level SSL_set1_host SSL_get0_peername X509_VERIFY_PARAM_set1_host SSL_CTX_set_ciphersuites SSL_CTX_set_tlsext_ticket_key_evp_cb SSL_CTX_set_alpn_select_cb do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" @@ -19668,6 +19671,70 @@ _ACEOF fi +# nghttp2 + +# Check whether --with-libnghttp2 was given. +if test "${with_libnghttp2+set}" = set; then : + withval=$with_libnghttp2; +else + withval="no" +fi + +found_libnghttp2="no" +if test x_$withval = x_yes -o x_$withval != x_no; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libnghttp2" >&5 +$as_echo_n "checking for libnghttp2... " >&6; } + if test x_$withval = x_ -o x_$withval = x_yes; then + withval="/usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr" + fi + for dir in $withval ; do + if test -f "$dir/include/nghttp2/nghttp2.h"; then + found_libnghttp2="yes" + if test "$dir" != "/usr"; then + CPPFLAGS="$CPPFLAGS -I$dir/include" + LDFLAGS="$LDFLAGS -L$dir/lib" + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: result: found in $dir" >&5 +$as_echo "found in $dir" >&6; } + +$as_echo "#define HAVE_NGHTTP2 1" >>confdefs.h + + LIBS="$LIBS -lnghttp2" + break; + fi + done + if test x_$found_libnghttp2 != x_yes; then + as_fn_error $? "Could not find libnghttp2, nghttp2.h" "$LINENO" 5 + fi + for ac_header in nghttp2/nghttp2.h +do : + ac_fn_c_check_header_compile "$LINENO" "nghttp2/nghttp2.h" "ac_cv_header_nghttp2_nghttp2_h" "$ac_includes_default +" +if test "x$ac_cv_header_nghttp2_nghttp2_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_NGHTTP2_NGHTTP2_H 1 +_ACEOF + +fi + +done + + ac_fn_c_check_decl "$LINENO" "nghttp2_session_server_new" "ac_cv_have_decl_nghttp2_session_server_new" "$ac_includes_default + #include <nghttp2/nghttp2.h> + +" +if test "x$ac_cv_have_decl_nghttp2_session_server_new" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_NGHTTP2_SESSION_SERVER_NEW $ac_have_decl +_ACEOF + +fi + # set static linking for uninstalled libraries if requested staticexe="" @@ -20223,7 +20290,7 @@ if test "$ac_res" != no; then : fi -for ac_func in tzset sigprocmask fcntl getpwnam endpwent getrlimit setrlimit setsid chroot kill chown sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex endservent endprotoent fsync shmget accept4 +for ac_func in tzset sigprocmask fcntl getpwnam endpwent getrlimit setrlimit setsid chroot kill chown sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex endservent endprotoent fsync shmget accept4 getifaddrs do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" @@ -21619,7 +21686,7 @@ _ACEOF -version=1.11.0 +version=1.12.0 date=`date +'%b %e, %Y'` @@ -22138,7 +22205,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by unbound $as_me 1.11.0, which was +This file was extended by unbound $as_me 1.12.0, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -22204,7 +22271,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -unbound config.status 1.11.0 +unbound config.status 1.12.0 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index 1d16dce72bf8..7d987929469a 100644 --- a/configure.ac +++ b/configure.ac @@ -10,7 +10,7 @@ sinclude(dnscrypt/dnscrypt.m4) # must be numbers. ac_defun because of later processing m4_define([VERSION_MAJOR],[1]) -m4_define([VERSION_MINOR],[11]) +m4_define([VERSION_MINOR],[12]) m4_define([VERSION_MICRO],[0]) AC_INIT(unbound, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues, unbound) AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR]) @@ -18,7 +18,7 @@ AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR]) AC_SUBST(UNBOUND_VERSION_MICRO, [VERSION_MICRO]) LIBUNBOUND_CURRENT=9 -LIBUNBOUND_REVISION=9 +LIBUNBOUND_REVISION=10 LIBUNBOUND_AGE=1 # 1.0.0 had 0:12:0 # 1.0.1 had 0:13:0 @@ -95,6 +95,7 @@ LIBUNBOUND_AGE=1 # 1.10.0 had 9:7:1 # 1.10.1 had 9:8:1 # 1.11.0 had 9:9:1 +# 1.12.0 had 9:10:1 # Current -- the number of the binary API that we're implementing # Revision -- which iteration of the implementation of the binary @@ -398,7 +399,7 @@ ACX_LIBTOOL_C_ONLY PKG_PROG_PKG_CONFIG # Checks for header files. -AC_CHECK_HEADERS([stdarg.h stdbool.h netinet/in.h netinet/tcp.h sys/param.h sys/socket.h sys/un.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h grp.h login_cap.h winsock2.h ws2tcpip.h endian.h sys/endian.h libkern/OSByteOrder.h sys/ipc.h sys/shm.h],,, [AC_INCLUDES_DEFAULT]) +AC_CHECK_HEADERS([stdarg.h stdbool.h netinet/in.h netinet/tcp.h sys/param.h sys/select.h sys/socket.h sys/un.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h grp.h login_cap.h winsock2.h ws2tcpip.h endian.h sys/endian.h libkern/OSByteOrder.h sys/ipc.h sys/shm.h ifaddrs.h net/if.h],,, [AC_INCLUDES_DEFAULT]) # Check for Apple header. This uncovers TARGET_OS_IPHONE, TARGET_OS_TV or TARGET_OS_WATCH AC_CHECK_HEADERS([TargetConditionals.h]) @@ -831,7 +832,7 @@ AC_SUBST(PC_CRYPTO_DEPENDENCY) BAKLIBS="$LIBS" LIBS="-lssl $LIBS" AC_MSG_CHECKING([if libssl needs -lcrypt32]) -AC_TRY_LINK_FUNC([HMAC_Update], [ +AC_TRY_LINK_FUNC([EVP_sha256], [ AC_MSG_RESULT([no]) LIBS="$BAKLIBS" ], [ @@ -851,12 +852,12 @@ else AC_MSG_RESULT([no]) fi AC_CHECK_HEADERS([openssl/conf.h openssl/engine.h openssl/bn.h openssl/dh.h openssl/dsa.h openssl/rsa.h openssl/core_names.h],,, [AC_INCLUDES_DEFAULT]) -AC_CHECK_FUNCS([OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_MD_CTX_new OpenSSL_add_all_digests OPENSSL_init_crypto EVP_cleanup ENGINE_cleanup ERR_load_crypto_strings CRYPTO_cleanup_all_ex_data ERR_free_strings RAND_cleanup DSA_SIG_set0 EVP_dss1 EVP_DigestVerify EVP_aes_256_cbc EVP_EncryptInit_ex HMAC_Init_ex CRYPTO_THREADID_set_callback]) +AC_CHECK_FUNCS([OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_MD_CTX_new OpenSSL_add_all_digests OPENSSL_init_crypto EVP_cleanup ENGINE_cleanup ERR_load_crypto_strings CRYPTO_cleanup_all_ex_data ERR_free_strings RAND_cleanup DSA_SIG_set0 EVP_dss1 EVP_DigestVerify EVP_aes_256_cbc EVP_EncryptInit_ex HMAC_Init_ex CRYPTO_THREADID_set_callback EVP_MAC_CTX_set_params]) # these check_funcs need -lssl BAKLIBS="$LIBS" LIBS="-lssl $LIBS" -AC_CHECK_FUNCS([OPENSSL_init_ssl SSL_CTX_set_security_level SSL_set1_host SSL_get0_peername X509_VERIFY_PARAM_set1_host SSL_CTX_set_ciphersuites SSL_CTX_set_tlsext_ticket_key_evp_cb]) +AC_CHECK_FUNCS([OPENSSL_init_ssl SSL_CTX_set_security_level SSL_set1_host SSL_get0_peername X509_VERIFY_PARAM_set1_host SSL_CTX_set_ciphersuites SSL_CTX_set_tlsext_ticket_key_evp_cb SSL_CTX_set_alpn_select_cb]) LIBS="$BAKLIBS" AC_CHECK_DECLS([SSL_COMP_get_compression_methods,sk_SSL_COMP_pop_free,SSL_CTX_set_ecdh_auto], [], [], [ @@ -1395,6 +1396,39 @@ if test x_$withval = x_yes -o x_$withval != x_no; then ]) fi +# nghttp2 +AC_ARG_WITH(libnghttp2, AC_HELP_STRING([--with-libnghttp2=path], + [specify explicit path for libnghttp2.]), + [ ],[ withval="no" ]) +found_libnghttp2="no" +if test x_$withval = x_yes -o x_$withval != x_no; then + AC_MSG_CHECKING(for libnghttp2) + if test x_$withval = x_ -o x_$withval = x_yes; then + withval="/usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr" + fi + for dir in $withval ; do + if test -f "$dir/include/nghttp2/nghttp2.h"; then + found_libnghttp2="yes" + dnl assume /usr is in default path. + if test "$dir" != "/usr"; then + CPPFLAGS="$CPPFLAGS -I$dir/include" + LDFLAGS="$LDFLAGS -L$dir/lib" + fi + AC_MSG_RESULT(found in $dir) + AC_DEFINE([HAVE_NGHTTP2], [1], [Define this to use nghttp2 client.]) + LIBS="$LIBS -lnghttp2" + break; + fi + done + if test x_$found_libnghttp2 != x_yes; then + AC_ERROR([Could not find libnghttp2, nghttp2.h]) + fi + AC_CHECK_HEADERS([nghttp2/nghttp2.h],,, [AC_INCLUDES_DEFAULT]) + AC_CHECK_DECLS([nghttp2_session_server_new], [], [], [AC_INCLUDES_DEFAULT + #include <nghttp2/nghttp2.h> + ]) +fi + # set static linking for uninstalled libraries if requested AC_SUBST(staticexe) staticexe="" @@ -1551,7 +1585,7 @@ AC_LINK_IFELSE([AC_LANG_PROGRAM([ AC_MSG_RESULT(no)) AC_SEARCH_LIBS([setusercontext], [util]) -AC_CHECK_FUNCS([tzset sigprocmask fcntl getpwnam endpwent getrlimit setrlimit setsid chroot kill chown sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex endservent endprotoent fsync shmget accept4]) +AC_CHECK_FUNCS([tzset sigprocmask fcntl getpwnam endpwent getrlimit setrlimit setsid chroot kill chown sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex endservent endprotoent fsync shmget accept4 getifaddrs]) AC_CHECK_FUNCS([setresuid],,[AC_CHECK_FUNCS([setreuid])]) AC_CHECK_FUNCS([setresgid],,[AC_CHECK_FUNCS([setregid])]) @@ -2131,6 +2165,8 @@ void *unbound_stat_realloc_log(void *ptr, size_t size, const char* file, #define UNBOUND_DNS_PORT 53 /** default port for DNS over TLS traffic. */ #define UNBOUND_DNS_OVER_TLS_PORT 853 +/** default port for DNS over HTTPS traffic. */ +#define UNBOUND_DNS_OVER_HTTPS_PORT 443 /** default port for unbound control traffic, registered port with IANA, ub-dns-control 8953/tcp unbound dns nameserver control */ #define UNBOUND_CONTROL_PORT 8953 diff --git a/contrib/aaaa-filter-iterator.patch b/contrib/aaaa-filter-iterator.patch index 9881bde892ad..f51de2a40d9b 100644 --- a/contrib/aaaa-filter-iterator.patch +++ b/contrib/aaaa-filter-iterator.patch @@ -1,10 +1,10 @@ -Index: trunk/doc/unbound.conf.5.in -=================================================================== ---- trunk/doc/unbound.conf.5.in (revision 4357) -+++ trunk/doc/unbound.conf.5.in (working copy) -@@ -701,6 +701,13 @@ +diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in +index f426ac5f..147fbfa9 100644 +--- a/doc/unbound.conf.5.in ++++ b/doc/unbound.conf.5.in +@@ -872,6 +872,13 @@ potentially broken nameservers. A lot of domains will not be resolvable when this option in enabled. Only use if you know what you are doing. - This option only has effect when qname-minimisation is enabled. Default is off. + This option only has effect when qname-minimisation is enabled. Default is no. .TP +.B aaaa\-filter: \fI<yes or no> +Activate behavior similar to BIND's AAAA-filter. @@ -16,14 +16,15 @@ Index: trunk/doc/unbound.conf.5.in .B aggressive\-nsec: \fI<yes or no> Aggressive NSEC uses the DNSSEC NSEC chain to synthesize NXDOMAIN and other denials, using information from previous NXDOMAINs answers. -Index: trunk/iterator/iter_scrub.c -=================================================================== ---- trunk/iterator/iter_scrub.c (revision 4357) -+++ trunk/iterator/iter_scrub.c (working copy) -@@ -617,6 +617,32 @@ +diff --git a/iterator/iter_scrub.c b/iterator/iter_scrub.c +index aae934dd..55c55de0 100644 +--- a/iterator/iter_scrub.c ++++ b/iterator/iter_scrub.c +@@ -667,6 +667,32 @@ static int sanitize_nsec_is_overreach(struct rrset_parse* rrset, + return 0; } - /** ++/** + * ASN: Lookup A records from rrset cache. + * @param qinfo: the question originally asked. + * @param env: module environment with config and cache. @@ -49,11 +50,10 @@ Index: trunk/iterator/iter_scrub.c + return 0; +} + -+/** + /** * Given a response event, remove suspect RRsets from the response. * "Suspect" rrsets are potentially poison. Note that this routine expects - * the response to be in a "normalized" state -- that is, all "irrelevant" -@@ -635,6 +661,7 @@ +@@ -686,6 +712,7 @@ scrub_sanitize(sldns_buffer* pkt, struct msg_parse* msg, struct query_info* qinfo, uint8_t* zonename, struct module_env* env, struct iter_env* ie) { @@ -61,7 +61,7 @@ Index: trunk/iterator/iter_scrub.c int del_addi = 0; /* if additional-holding rrsets are deleted, we do not trust the normalized additional-A-AAAA any more */ struct rrset_parse* rrset, *prev; -@@ -670,6 +697,13 @@ +@@ -721,6 +748,13 @@ scrub_sanitize(sldns_buffer* pkt, struct msg_parse* msg, rrset = rrset->rrset_all_next; } @@ -75,11 +75,10 @@ Index: trunk/iterator/iter_scrub.c /* At this point, we brutally remove ALL rrsets that aren't * children of the originating zone. The idea here is that, * as far as we know, the server that we contacted is ONLY -@@ -680,6 +714,24 @@ - prev = NULL; +@@ -732,6 +766,24 @@ scrub_sanitize(sldns_buffer* pkt, struct msg_parse* msg, rrset = msg->rrset_first; while(rrset) { -+ + + /* ASN: For AAAA records only... */ + if((ie->aaaa_filter) && (rrset->type == LDNS_RR_TYPE_AAAA)) { + /* ASN: If this is not a AAAA query, then remove AAAA @@ -97,14 +96,15 @@ Index: trunk/iterator/iter_scrub.c + LDNS_RR_TYPE_AAAA, qinfo->qclass); + } + /* ASN: End of added code */ - ++ /* remove private addresses */ if( (rrset->type == LDNS_RR_TYPE_A || -Index: trunk/iterator/iter_utils.c -=================================================================== ---- trunk/iterator/iter_utils.c (revision 4357) -+++ trunk/iterator/iter_utils.c (working copy) -@@ -175,6 +175,7 @@ + rrset->type == LDNS_RR_TYPE_AAAA)) { +diff --git a/iterator/iter_utils.c b/iterator/iter_utils.c +index 7bc67da6..e10f547a 100644 +--- a/iterator/iter_utils.c ++++ b/iterator/iter_utils.c +@@ -175,6 +175,7 @@ iter_apply_cfg(struct iter_env* iter_env, struct config_file* cfg) } iter_env->supports_ipv6 = cfg->do_ip6; iter_env->supports_ipv4 = cfg->do_ip4; @@ -112,11 +112,11 @@ Index: trunk/iterator/iter_utils.c return 1; } -Index: trunk/iterator/iterator.c -=================================================================== ---- trunk/iterator/iterator.c (revision 4357) -+++ trunk/iterator/iterator.c (working copy) -@@ -1847,6 +1847,53 @@ +diff --git a/iterator/iterator.c b/iterator/iterator.c +index 23b07ea9..ca29b48c 100644 +--- a/iterator/iterator.c ++++ b/iterator/iterator.c +@@ -2127,6 +2127,53 @@ processDSNSFind(struct module_qstate* qstate, struct iter_qstate* iq, int id) return 0; } @@ -170,7 +170,7 @@ Index: trunk/iterator/iterator.c /** * This is the request event state where the request will be sent to one of -@@ -1894,6 +1941,13 @@ +@@ -2186,6 +2233,13 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq, return error_response(qstate, id, LDNS_RCODE_SERVFAIL); } @@ -184,7 +184,7 @@ Index: trunk/iterator/iterator.c /* Make sure we have a delegation point, otherwise priming failed * or another failure occurred */ if(!iq->dp) { -@@ -3095,6 +3149,61 @@ +@@ -3574,6 +3628,61 @@ processFinished(struct module_qstate* qstate, struct iter_qstate* iq, return 0; } @@ -246,7 +246,7 @@ Index: trunk/iterator/iterator.c /* * Return priming query results to interested super querystates. * -@@ -3114,6 +3223,9 @@ +@@ -3593,6 +3702,9 @@ iter_inform_super(struct module_qstate* qstate, int id, else if(super->qinfo.qtype == LDNS_RR_TYPE_DS && ((struct iter_qstate*) super->minfo[id])->state == DSNS_FIND_STATE) processDSNSResponse(qstate, id, super); @@ -256,7 +256,7 @@ Index: trunk/iterator/iterator.c else if(qstate->return_rcode != LDNS_RCODE_NOERROR) error_supers(qstate, id, super); else if(qstate->is_priming) -@@ -3151,6 +3263,9 @@ +@@ -3630,6 +3742,9 @@ iter_handle(struct module_qstate* qstate, struct iter_qstate* iq, case INIT_REQUEST_3_STATE: cont = processInitRequest3(qstate, iq, id); break; @@ -266,7 +266,7 @@ Index: trunk/iterator/iterator.c case QUERYTARGETS_STATE: cont = processQueryTargets(qstate, iq, ie, id); break; -@@ -3460,6 +3575,8 @@ +@@ -3961,6 +4076,8 @@ iter_state_to_string(enum iter_state state) return "INIT REQUEST STATE (stage 2)"; case INIT_REQUEST_3_STATE: return "INIT REQUEST STATE (stage 3)"; @@ -275,7 +275,7 @@ Index: trunk/iterator/iterator.c case QUERYTARGETS_STATE : return "QUERY TARGETS STATE"; case PRIME_RESP_STATE : -@@ -3484,6 +3601,7 @@ +@@ -3985,6 +4102,7 @@ iter_state_is_responsestate(enum iter_state s) case INIT_REQUEST_STATE : case INIT_REQUEST_2_STATE : case INIT_REQUEST_3_STATE : @@ -283,11 +283,11 @@ Index: trunk/iterator/iterator.c case QUERYTARGETS_STATE : case COLLECT_CLASS_STATE : return 0; -Index: trunk/iterator/iterator.h -=================================================================== ---- trunk/iterator/iterator.h (revision 4357) -+++ trunk/iterator/iterator.h (working copy) -@@ -130,6 +130,9 @@ +diff --git a/iterator/iterator.h b/iterator/iterator.h +index 342ac207..731948d1 100644 +--- a/iterator/iterator.h ++++ b/iterator/iterator.h +@@ -135,6 +135,9 @@ struct iter_env { */ int* target_fetch_policy; @@ -297,10 +297,11 @@ Index: trunk/iterator/iterator.h /** lock on ratelimit counter */ lock_basic_type queries_ratelimit_lock; /** number of queries that have been ratelimited */ -@@ -182,6 +185,14 @@ +@@ -186,6 +189,14 @@ enum iter_state { + */ INIT_REQUEST_3_STATE, - /** ++ /** + * This state is responsible for intercepting AAAA queries, + * and launch a A subquery on the same target, to populate the + * cache with A records, so the AAAA filter scrubbing logic can @@ -308,29 +309,28 @@ Index: trunk/iterator/iterator.h + */ + ASN_FETCH_A_FOR_AAAA_STATE, + -+ /** + /** * Each time a delegation point changes for a given query or a * query times out and/or wakes up, this state is (re)visited. - * This state is responsible for iterating through a list of -@@ -364,6 +375,13 @@ - * be used when creating the state. A higher one will be attempted. +@@ -375,6 +386,13 @@ struct iter_qstate { */ int refetch_glue; -+ + + /** + * ASN: This is a flag that, if true, means that this query is + * for fetching A records to populate cache and determine if we must + * return AAAA records or not. + */ + int fetch_a_for_aaaa; - ++ /** list of pending queries to authoritative servers. */ struct outbound_list outlist; -Index: trunk/pythonmod/interface.i -=================================================================== ---- trunk/pythonmod/interface.i (revision 4357) -+++ trunk/pythonmod/interface.i (working copy) -@@ -851,6 +851,7 @@ + +diff --git a/pythonmod/interface.i b/pythonmod/interface.i +index f08b575d..47f1bb2e 100644 +--- a/pythonmod/interface.i ++++ b/pythonmod/interface.i +@@ -975,6 +975,7 @@ struct config_file { int harden_dnssec_stripped; int harden_referral_path; int use_caps_bits_for_id; @@ -338,11 +338,11 @@ Index: trunk/pythonmod/interface.i struct config_strlist* private_address; struct config_strlist* private_domain; size_t unwanted_threshold; -Index: trunk/util/config_file.c -=================================================================== ---- trunk/util/config_file.c (revision 4357) -+++ trunk/util/config_file.c (working copy) -@@ -195,6 +195,7 @@ +diff --git a/util/config_file.c b/util/config_file.c +index 0ab8614a..729fb147 100644 +--- a/util/config_file.c ++++ b/util/config_file.c +@@ -218,6 +218,7 @@ config_create(void) cfg->harden_referral_path = 0; cfg->harden_algo_downgrade = 0; cfg->use_caps_bits_for_id = 0; @@ -350,11 +350,11 @@ Index: trunk/util/config_file.c cfg->caps_whitelist = NULL; cfg->private_address = NULL; cfg->private_domain = NULL; -Index: trunk/util/config_file.h -=================================================================== ---- trunk/util/config_file.h (revision 4357) -+++ trunk/util/config_file.h (working copy) -@@ -209,6 +209,8 @@ +diff --git a/util/config_file.h b/util/config_file.h +index e61257a3..dabaa7bb 100644 +--- a/util/config_file.h ++++ b/util/config_file.h +@@ -260,6 +260,8 @@ struct config_file { int harden_algo_downgrade; /** use 0x20 bits in query as random ID bits */ int use_caps_bits_for_id; @@ -363,11 +363,11 @@ Index: trunk/util/config_file.h /** 0x20 whitelist, domains that do not use capsforid */ struct config_strlist* caps_whitelist; /** strip away these private addrs from answers, no DNS Rebinding */ -Index: trunk/util/configlexer.lex -=================================================================== ---- trunk/util/configlexer.lex (revision 4357) -+++ trunk/util/configlexer.lex (working copy) -@@ -279,6 +279,7 @@ +diff --git a/util/configlexer.lex b/util/configlexer.lex +index 79a0edca..4eaec678 100644 +--- a/util/configlexer.lex ++++ b/util/configlexer.lex +@@ -304,6 +304,7 @@ harden-algo-downgrade{COLON} { YDVAR(1, VAR_HARDEN_ALGO_DOWNGRADE) } use-caps-for-id{COLON} { YDVAR(1, VAR_USE_CAPS_FOR_ID) } caps-whitelist{COLON} { YDVAR(1, VAR_CAPS_WHITELIST) } unwanted-reply-threshold{COLON} { YDVAR(1, VAR_UNWANTED_REPLY_THRESHOLD) } @@ -375,11 +375,11 @@ Index: trunk/util/configlexer.lex private-address{COLON} { YDVAR(1, VAR_PRIVATE_ADDRESS) } private-domain{COLON} { YDVAR(1, VAR_PRIVATE_DOMAIN) } prefetch-key{COLON} { YDVAR(1, VAR_PREFETCH_KEY) } -Index: trunk/util/configparser.y -=================================================================== ---- trunk/util/configparser.y (revision 4357) -+++ trunk/util/configparser.y (working copy) -@@ -95,6 +95,7 @@ +diff --git a/util/configparser.y b/util/configparser.y +index 1d0e8658..f284dd43 100644 +--- a/util/configparser.y ++++ b/util/configparser.y +@@ -97,6 +97,7 @@ extern struct config_parser_state* cfg_parser; %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS @@ -387,7 +387,7 @@ Index: trunk/util/configparser.y %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE -@@ -203,6 +204,7 @@ +@@ -233,6 +234,7 @@ content_server: server_num_threads | server_verbosity | server_port | server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size | server_harden_referral_path | server_private_address | server_private_domain | server_extended_statistics | @@ -395,12 +395,10 @@ Index: trunk/util/configparser.y server_local_data_ptr | server_jostle_timeout | server_unwanted_reply_threshold | server_log_time_ascii | server_domain_insecure | server_val_sig_skew_min | -@@ -1183,6 +1185,15 @@ - OUTYY(("P(server_caps_whitelist:%s)\n", $2)); - if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2)) +@@ -1563,6 +1565,15 @@ server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG yyerror("out of memory"); -+ } -+ ; + } + ; +server_aaaa_filter: VAR_AAAA_FILTER STRING_ARG + { + OUTYY(("P(server_aaaa_filter:%s)\n", $2)); @@ -408,6 +406,8 @@ Index: trunk/util/configparser.y + yyerror("expected yes or no."); + else cfg_parser->cfg->aaaa_filter = (strcmp($2, "yes")==0); + free($2); - } - ; ++ } ++ ; server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG + { + OUTYY(("P(server_private_address:%s)\n", $2)); diff --git a/contrib/unbound.service.in b/contrib/unbound.service.in index 8ebe529c9ab6..c95ab94b343a 100644 --- a/contrib/unbound.service.in +++ b/contrib/unbound.service.in @@ -42,9 +42,9 @@ [Unit] Description=Validating, recursive, and caching DNS resolver Documentation=man:unbound(8) -After=network.target -Before=network-online.target nss-lookup.target -Wants=nss-lookup.target +After=network-online.target +Before=nss-lookup.target +Wants=network-online.target nss-lookup.target [Install] WantedBy=multi-user.target diff --git a/contrib/unbound_munin_ b/contrib/unbound_munin_ index 2839cd8b5365..defca291c649 100755 --- a/contrib/unbound_munin_ +++ b/contrib/unbound_munin_ @@ -174,11 +174,11 @@ get_state ( ) { if test "$1" = "autoconf" ; then if test ! -f $conf; then echo no "($conf does not exist)" - exit 1 + exit 0 fi if test ! -d `dirname $state`; then echo no "(`dirname $state` directory does not exist)" - exit 1 + exit 0 fi echo yes exit 0 diff --git a/daemon/daemon.c b/daemon/daemon.c index 5d4279259ed6..f480c94e61f6 100644 --- a/daemon/daemon.c +++ b/daemon/daemon.c @@ -77,6 +77,7 @@ #include "util/storage/lookup3.h" #include "util/storage/slabhash.h" #include "util/tcp_conn_limit.h" +#include "util/edns.h" #include "services/listen_dnsport.h" #include "services/cache/rrset.h" #include "services/cache/infra.h" @@ -290,6 +291,15 @@ daemon_init(void) free(daemon); return NULL; } + if(!(daemon->env->edns_tags = edns_tags_create())) { + auth_zones_delete(daemon->env->auth_zones); + acl_list_delete(daemon->acl); + tcl_list_delete(daemon->tcl); + edns_known_options_delete(daemon->env); + free(daemon->env); + free(daemon); + return NULL; + } return daemon; } @@ -298,6 +308,8 @@ daemon_open_shared_ports(struct daemon* daemon) { log_assert(daemon); if(daemon->cfg->port != daemon->listening_port) { + char** resif = NULL; + int num_resif = 0; size_t i; struct listen_port* p0; daemon->reuseport = 0; @@ -308,15 +320,18 @@ daemon_open_shared_ports(struct daemon* daemon) free(daemon->ports); daemon->ports = NULL; } + if(!resolve_interface_names(daemon->cfg, &resif, &num_resif)) + return 0; /* see if we want to reuseport */ #ifdef SO_REUSEPORT if(daemon->cfg->so_reuseport && daemon->cfg->num_threads > 0) daemon->reuseport = 1; #endif /* try to use reuseport */ - p0 = listening_ports_open(daemon->cfg, &daemon->reuseport); + p0 = listening_ports_open(daemon->cfg, resif, num_resif, &daemon->reuseport); if(!p0) { listening_ports_free(p0); + config_del_strarray(resif, num_resif); return 0; } if(daemon->reuseport) { @@ -330,6 +345,7 @@ daemon_open_shared_ports(struct daemon* daemon) if(!(daemon->ports = (struct listen_port**)calloc( daemon->num_ports, sizeof(*daemon->ports)))) { listening_ports_free(p0); + config_del_strarray(resif, num_resif); return 0; } daemon->ports[0] = p0; @@ -338,16 +354,19 @@ daemon_open_shared_ports(struct daemon* daemon) for(i=1; i<daemon->num_ports; i++) { if(!(daemon->ports[i]= listening_ports_open(daemon->cfg, + resif, num_resif, &daemon->reuseport)) || !daemon->reuseport ) { for(i=0; i<daemon->num_ports; i++) listening_ports_free(daemon->ports[i]); free(daemon->ports); daemon->ports = NULL; + config_del_strarray(resif, num_resif); return 0; } } } + config_del_strarray(resif, num_resif); daemon->listening_port = daemon->cfg->port; } if(!daemon->cfg->remote_control_enable && daemon->rc_port) { @@ -619,6 +638,10 @@ daemon_fork(struct daemon* daemon) &daemon->use_rpz)) fatal_exit("auth_zones could not be setup"); + /* Set-up EDNS tags */ + if(!edns_tags_apply_cfg(daemon->env->edns_tags, daemon->cfg)) + fatal_exit("Could not set up EDNS tags"); + /* setup modules */ daemon_setup_modules(daemon); @@ -750,6 +773,7 @@ daemon_delete(struct daemon* daemon) rrset_cache_delete(daemon->env->rrset_cache); infra_delete(daemon->env->infra_cache); edns_known_options_delete(daemon->env); + edns_tags_delete(daemon->env->edns_tags); auth_zones_delete(daemon->env->auth_zones); } ub_randfree(daemon->rand); diff --git a/daemon/remote.c b/daemon/remote.c index aa263d074c64..8324e1901f3e 100644 --- a/daemon/remote.c +++ b/daemon/remote.c @@ -329,7 +329,8 @@ add_open(const char* ip, int nr, struct listen_port** list, int noproto_is_err, /* open fd */ fd = create_tcp_accept_sock(res, 1, &noproto, 0, - cfg->ip_transparent, 0, cfg->ip_freebind, cfg->use_systemd, cfg->ip_dscp); + cfg->ip_transparent, 0, 0, cfg->ip_freebind, + cfg->use_systemd, cfg->ip_dscp); freeaddrinfo(res); } @@ -348,11 +349,7 @@ add_open(const char* ip, int nr, struct listen_port** list, int noproto_is_err, /* alloc */ n = (struct listen_port*)calloc(1, sizeof(*n)); if(!n) { -#ifndef USE_WINSOCK - close(fd); -#else - closesocket(fd); -#endif + sock_close(fd); log_err("out of memory"); return 0; } @@ -461,11 +458,7 @@ int remote_accept_callback(struct comm_point* c, void* arg, int err, if(rc->active >= rc->max_active) { log_warn("drop incoming remote control: too many connections"); close_exit: -#ifndef USE_WINSOCK - close(newfd); -#else - closesocket(newfd); -#endif + sock_close(newfd); return 0; } @@ -574,11 +567,8 @@ ssl_print_text(RES* res, const char* text) if(r == -1) { if(errno == EAGAIN || errno == EINTR) continue; -#ifndef USE_WINSOCK - log_err("could not send: %s", strerror(errno)); -#else - log_err("could not send: %s", wsa_strerror(WSAGetLastError())); -#endif + log_err("could not send: %s", + sock_strerror(errno)); return 0; } at += r; @@ -635,11 +625,8 @@ ssl_read_line(RES* res, char* buf, size_t max) } if(errno == EINTR || errno == EAGAIN) continue; -#ifndef USE_WINSOCK - log_err("could not recv: %s", strerror(errno)); -#else - log_err("could not recv: %s", wsa_strerror(WSAGetLastError())); -#endif + log_err("could not recv: %s", + sock_strerror(errno)); return 0; } break; @@ -862,6 +849,12 @@ print_mem(RES* ssl, struct worker* worker, struct daemon* daemon, if(!print_longnum(ssl, "mem.streamwait"SQ, (size_t)s->svr.mem_stream_wait)) return 0; + if(!print_longnum(ssl, "mem.http.query_buffer"SQ, + (size_t)s->svr.mem_http2_query_buffer)) + return 0; + if(!print_longnum(ssl, "mem.http.response_buffer"SQ, + (size_t)s->svr.mem_http2_response_buffer)) + return 0; return 1; } @@ -988,6 +981,8 @@ print_ext(RES* ssl, struct ub_stats_info* s) (unsigned long)s->svr.qtls_resume)) return 0; if(!ssl_printf(ssl, "num.query.ipv6"SQ"%lu\n", (unsigned long)s->svr.qipv6)) return 0; + if(!ssl_printf(ssl, "num.query.https"SQ"%lu\n", + (unsigned long)s->svr.qhttps)) return 0; /* flags */ if(!ssl_printf(ssl, "num.query.flags.QR"SQ"%lu\n", (unsigned long)s->svr.qbit_QR)) return 0; @@ -3116,11 +3111,7 @@ handle_req(struct daemon_remote* rc, struct rc_state* s, RES* res) if(rr == 0) return; if(errno == EINTR || errno == EAGAIN) continue; -#ifndef USE_WINSOCK - log_err("could not recv: %s", strerror(errno)); -#else - log_err("could not recv: %s", wsa_strerror(WSAGetLastError())); -#endif + log_err("could not recv: %s", sock_strerror(errno)); return; } r = (int)rr; diff --git a/daemon/stats.c b/daemon/stats.c index a568ba070a57..8720a52d6c6e 100644 --- a/daemon/stats.c +++ b/daemon/stats.c @@ -271,6 +271,7 @@ server_stats_compile(struct worker* worker, struct ub_stats_info* s, int reset) s->svr.ans_secure += (long long)worker->env.mesh->ans_secure; s->svr.ans_bogus += (long long)worker->env.mesh->ans_bogus; s->svr.ans_rcode_nodata += (long long)worker->env.mesh->ans_nodata; + s->svr.ans_expired += (long long)worker->env.mesh->ans_expired; for(i=0; i<UB_STATS_RCODE_NUM; i++) s->svr.ans_rcode[i] += (long long)worker->env.mesh->ans_rcode[i]; for(i=0; i<UB_STATS_RPZ_ACTION_NUM; i++) @@ -335,6 +336,10 @@ server_stats_compile(struct worker* worker, struct ub_stats_info* s, int reset) } s->svr.mem_stream_wait = (long long)tcp_req_info_get_stream_buffer_size(); + s->svr.mem_http2_query_buffer = + (long long)http2_get_query_buffer_size(); + s->svr.mem_http2_response_buffer = + (long long)http2_get_response_buffer_size(); /* Set neg cache usage numbers */ set_neg_cache_stats(worker, &s->svr, reset); @@ -421,6 +426,7 @@ void server_stats_add(struct ub_stats_info* total, struct ub_stats_info* a) total->svr.qtcp_outgoing += a->svr.qtcp_outgoing; total->svr.qtls += a->svr.qtls; total->svr.qtls_resume += a->svr.qtls_resume; + total->svr.qhttps += a->svr.qhttps; total->svr.qipv6 += a->svr.qipv6; total->svr.qbit_QR += a->svr.qbit_QR; total->svr.qbit_AA += a->svr.qbit_AA; @@ -484,6 +490,8 @@ void server_stats_insquery(struct ub_server_stats* stats, struct comm_point* c, if(SSL_session_reused(c->ssl)) stats->qtls_resume++; #endif + if(c->type == comm_http) + stats->qhttps++; } } if(repinfo && addr_is_ip6(&repinfo->addr, repinfo->addrlen)) diff --git a/daemon/unbound.c b/daemon/unbound.c index 3f96603c4307..cd0fd69f2ca4 100644 --- a/daemon/unbound.c +++ b/daemon/unbound.c @@ -92,7 +92,7 @@ #include <TargetConditionals.h> #endif -#if defined(TARGET_OS_TV) || defined(TARGET_OS_WATCH) +#if (defined(TARGET_OS_TV) && TARGET_OS_TV) || (defined(TARGET_OS_WATCH) && TARGET_OS_WATCH) #undef HAVE_FORK #endif diff --git a/daemon/worker.c b/daemon/worker.c index 23e3244c5041..5ad8ce4e4094 100644 --- a/daemon/worker.c +++ b/daemon/worker.c @@ -1109,7 +1109,7 @@ worker_handle_request(struct comm_point* c, void* arg, int error, struct respip_client_info* cinfo = NULL, cinfo_tmp; memset(&qinfo, 0, sizeof(qinfo)); - if(error != NETEVENT_NOERROR || !repinfo) { + if((error != NETEVENT_NOERROR && error != NETEVENT_DONE)|| !repinfo) { /* some bad tcp query DNS formats give these error calls */ verbose(VERB_ALGO, "handle request called with err=%d", error); return 0; @@ -1219,7 +1219,6 @@ worker_handle_request(struct comm_point* c, void* arg, int error, LDNS_QR_SET(sldns_buffer_begin(c->buffer)); LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), LDNS_RCODE_FORMERR); - server_stats_insrcode(&worker->stats, c->buffer); goto send_reply; } if(worker->env.cfg->log_queries) { @@ -1237,7 +1236,6 @@ worker_handle_request(struct comm_point* c, void* arg, int error, LDNS_RCODE_REFUSED); if(worker->stats.extended) { worker->stats.qtype[qinfo.qtype]++; - server_stats_insrcode(&worker->stats, c->buffer); } goto send_reply; } @@ -1259,7 +1257,6 @@ worker_handle_request(struct comm_point* c, void* arg, int error, LDNS_RCODE_FORMERR); if(worker->stats.extended) { worker->stats.qtype[qinfo.qtype]++; - server_stats_insrcode(&worker->stats, c->buffer); } goto send_reply; } @@ -1275,7 +1272,6 @@ worker_handle_request(struct comm_point* c, void* arg, int error, *(uint16_t*)(void *)sldns_buffer_begin(c->buffer), sldns_buffer_read_u16_at(c->buffer, 2), &reply_edns); regional_free_all(worker->scratchpad); - server_stats_insrcode(&worker->stats, c->buffer); goto send_reply; } if(edns.edns_present) { @@ -1354,7 +1350,6 @@ worker_handle_request(struct comm_point* c, void* arg, int error, edns.udp_size = 65535; /* max size for TCP replies */ if(qinfo.qclass == LDNS_RR_CLASS_CH && answer_chaos(worker, &qinfo, &edns, repinfo, c->buffer)) { - server_stats_insrcode(&worker->stats, c->buffer); regional_free_all(worker->scratchpad); goto send_reply; } @@ -1375,7 +1370,6 @@ worker_handle_request(struct comm_point* c, void* arg, int error, comm_point_drop_reply(repinfo); return 0; } - server_stats_insrcode(&worker->stats, c->buffer); goto send_reply; } if(worker->env.auth_zones && @@ -1387,7 +1381,6 @@ worker_handle_request(struct comm_point* c, void* arg, int error, comm_point_drop_reply(repinfo); return 0; } - server_stats_insrcode(&worker->stats, c->buffer); goto send_reply; } if(worker->env.auth_zones && @@ -1403,7 +1396,6 @@ worker_handle_request(struct comm_point* c, void* arg, int error, if(LDNS_RD_WIRE(sldns_buffer_begin(c->buffer)) && acl != acl_deny_non_local && acl != acl_refuse_non_local) LDNS_RA_SET(sldns_buffer_begin(c->buffer)); - server_stats_insrcode(&worker->stats, c->buffer); goto send_reply; } @@ -1432,7 +1424,6 @@ worker_handle_request(struct comm_point* c, void* arg, int error, *(uint16_t*)(void *)sldns_buffer_begin(c->buffer), sldns_buffer_read_u16_at(c->buffer, 2), NULL); regional_free_all(worker->scratchpad); - server_stats_insrcode(&worker->stats, c->buffer); log_addr(VERB_ALGO, "refused nonrec (cache snoop) query from", &repinfo->addr, repinfo->addrlen); goto send_reply; @@ -1588,9 +1579,9 @@ send_reply_rc: if(is_expired_answer) { worker->stats.ans_expired++; } + server_stats_insrcode(&worker->stats, c->buffer); if(worker->stats.extended) { if(is_secure_answer) worker->stats.ans_secure++; - server_stats_insrcode(&worker->stats, repinfo->c->buffer); } #ifdef USE_DNSTAP if(worker->dtenv.log_client_response_messages) @@ -1726,14 +1717,6 @@ worker_create(struct daemon* daemon, int id, int* ports, int n) return NULL; } explicit_bzero(&seed, sizeof(seed)); -#ifdef USE_DNSTAP - if(daemon->cfg->dnstap) { - log_assert(daemon->dtenv != NULL); - memcpy(&worker->dtenv, daemon->dtenv, sizeof(struct dt_env)); - if(!dt_init(&worker->dtenv)) - fatal_exit("dt_init failed"); - } -#endif return worker; } @@ -1792,12 +1775,21 @@ worker_init(struct worker* worker, struct config_file *cfg, } else { /* !do_sigs */ worker->comsig = NULL; } +#ifdef USE_DNSTAP + if(cfg->dnstap) { + log_assert(worker->daemon->dtenv != NULL); + memcpy(&worker->dtenv, worker->daemon->dtenv, sizeof(struct dt_env)); + if(!dt_init(&worker->dtenv, worker->base)) + fatal_exit("dt_init failed"); + } +#endif worker->front = listen_create(worker->base, ports, cfg->msg_buffer_size, (int)cfg->incoming_num_tcp, cfg->do_tcp_keepalive ? cfg->tcp_keepalive_timeout : cfg->tcp_idle_timeout, - worker->daemon->tcl, + cfg->harden_large_queries, cfg->http_max_streams, + cfg->http_endpoint, worker->daemon->tcl, worker->daemon->listen_sslctx, dtenv, worker_handle_request, worker); if(!worker->front) { diff --git a/dnstap/dnstap.c b/dnstap/dnstap.c index cc5449dff4a1..0c8c6c4d462a 100644 --- a/dnstap/dnstap.c +++ b/dnstap/dnstap.c @@ -134,9 +134,15 @@ dt_create(struct config_file* cfg) if(cfg->dnstap && cfg->dnstap_socket_path && cfg->dnstap_socket_path[0] && (cfg->dnstap_ip==NULL || cfg->dnstap_ip[0]==0)) { + char* p = fname_after_chroot(cfg->dnstap_socket_path, cfg, 1); + if(!p) { + log_err("malloc failure"); + return NULL; + } verbose(VERB_OPS, "attempting to connect to dnstap socket %s", - cfg->dnstap_socket_path); - check_socket_file(cfg->dnstap_socket_path); + p); + check_socket_file(p); + free(p); } env = (struct dt_env *) calloc(1, sizeof(struct dt_env)); @@ -240,9 +246,9 @@ dt_apply_cfg(struct dt_env *env, struct config_file *cfg) } int -dt_init(struct dt_env *env) +dt_init(struct dt_env *env, struct comm_base* base) { - env->msgqueue = dt_msg_queue_create(); + env->msgqueue = dt_msg_queue_create(base); if(!env->msgqueue) { log_err("malloc failure"); return 0; diff --git a/dnstap/dnstap.h b/dnstap/dnstap.h index cfef6fc420b9..783b8c51430a 100644 --- a/dnstap/dnstap.h +++ b/dnstap/dnstap.h @@ -101,10 +101,11 @@ dt_apply_cfg(struct dt_env *env, struct config_file *cfg); /** * Initialize per-worker state in dnstap environment object. * @param env: dnstap environment object to initialize, created with dt_create(). + * @param base: event base for wakeup timer. * @return: true on success, false on failure. */ int -dt_init(struct dt_env *env); +dt_init(struct dt_env *env, struct comm_base* base); /** * Deletes the per-worker state created by dt_init diff --git a/dnstap/dtstream.c b/dnstap/dtstream.c index dda3ef1ff485..b0918c52cc63 100644 --- a/dnstap/dtstream.c +++ b/dnstap/dtstream.c @@ -68,6 +68,8 @@ #define DTIO_RECONNECT_TIMEOUT_MAX 1000 /** the msec to wait for reconnect slow, to stop busy spinning on reconnect */ #define DTIO_RECONNECT_TIMEOUT_SLOW 1000 +/** number of messages before wakeup of thread */ +#define DTIO_MSG_FOR_WAKEUP 32 /** maximum length of received frame */ #define DTIO_RECV_FRAME_MAX_LEN 1000 @@ -99,13 +101,18 @@ static int dtio_enable_brief_write(struct dt_io_thread* dtio); #endif struct dt_msg_queue* -dt_msg_queue_create(void) +dt_msg_queue_create(struct comm_base* base) { struct dt_msg_queue* mq = calloc(1, sizeof(*mq)); if(!mq) return NULL; mq->maxsize = 1*1024*1024; /* set max size of buffer, per worker, about 1 M should contain 64K messages with some overhead, or a whole bunch smaller ones */ + mq->wakeup_timer = comm_timer_create(base, mq_wakeup_cb, mq); + if(!mq->wakeup_timer) { + free(mq); + return NULL; + } lock_basic_init(&mq->lock); lock_protect(&mq->lock, mq, sizeof(*mq)); return mq; @@ -125,6 +132,7 @@ dt_msg_queue_clear(struct dt_msg_queue* mq) mq->first = NULL; mq->last = NULL; mq->cursize = 0; + mq->msgcount = 0; } void @@ -133,6 +141,7 @@ dt_msg_queue_delete(struct dt_msg_queue* mq) if(!mq) return; lock_basic_destroy(&mq->lock); dt_msg_queue_clear(mq); + comm_timer_delete(mq->wakeup_timer); free(mq); } @@ -149,15 +158,14 @@ static void dtio_wakeup(struct dt_io_thread* dtio) #ifndef USE_WINSOCK if(errno == EINTR || errno == EAGAIN) continue; - log_err("dnstap io wakeup: write: %s", strerror(errno)); #else if(WSAGetLastError() == WSAEINPROGRESS) continue; if(WSAGetLastError() == WSAEWOULDBLOCK) continue; - log_err("dnstap io stop: write: %s", - wsa_strerror(WSAGetLastError())); #endif + log_err("dnstap io wakeup: write: %s", + sock_strerror(errno)); break; } break; @@ -165,9 +173,56 @@ static void dtio_wakeup(struct dt_io_thread* dtio) } void +mq_wakeup_cb(void* arg) +{ + struct dt_msg_queue* mq = (struct dt_msg_queue*)arg; + /* even if the dtio is already active, because perhaps much + * traffic suddenly, we leave the timer running to save on + * managing it, the once a second timer is less work then + * starting and stopping the timer frequently */ + lock_basic_lock(&mq->dtio->wakeup_timer_lock); + mq->dtio->wakeup_timer_enabled = 0; + lock_basic_unlock(&mq->dtio->wakeup_timer_lock); + dtio_wakeup(mq->dtio); +} + +/** start timer to wakeup dtio because there is content in the queue */ +static void +dt_msg_queue_start_timer(struct dt_msg_queue* mq) +{ + struct timeval tv; + /* Start a timer to process messages to be logged. + * If we woke up the dtio thread for every message, the wakeup + * messages take up too much processing power. If the queue + * fills up the wakeup happens immediately. The timer wakes it up + * if there are infrequent messages to log. */ + + /* we cannot start a timer in dtio thread, because it is a different + * thread and its event base is in use by the other thread, it would + * give race conditions if we tried to modify its event base, + * and locks would wait until it woke up, and this is what we do. */ + + /* do not start the timer if a timer already exists, perhaps + * in another worker. So this variable is protected by a lock in + * dtio */ + lock_basic_lock(&mq->dtio->wakeup_timer_lock); + if(mq->dtio->wakeup_timer_enabled) { + lock_basic_unlock(&mq->dtio->wakeup_timer_lock); + return; + } + mq->dtio->wakeup_timer_enabled = 1; /* we are going to start one */ + lock_basic_unlock(&mq->dtio->wakeup_timer_lock); + + /* start the timer, in mq, in the event base of our worker */ + tv.tv_sec = 1; + tv.tv_usec = 0; + comm_timer_set(mq->wakeup_timer, &tv); +} + +void dt_msg_queue_submit(struct dt_msg_queue* mq, void* buf, size_t len) { - int wakeup = 0; + int wakeupnow = 0, wakeupstarttimer = 0; struct dt_msg_entry* entry; /* check conditions */ @@ -198,9 +253,15 @@ dt_msg_queue_submit(struct dt_msg_queue* mq, void* buf, size_t len) /* aqcuire lock */ lock_basic_lock(&mq->lock); - /* list was empty, wakeup dtio */ + /* if list was empty, start timer for (eventual) wakeup */ if(mq->first == NULL) - wakeup = 1; + wakeupstarttimer = 1; + /* if list contains more than wakeupnum elements, wakeup now, + * or if list is (going to be) almost full */ + if(mq->msgcount == DTIO_MSG_FOR_WAKEUP || + (mq->cursize < mq->maxsize * 9 / 10 && + mq->cursize+len >= mq->maxsize * 9 / 10)) + wakeupnow = 1; /* see if it is going to fit */ if(mq->cursize + len > mq->maxsize) { /* buffer full, or congested. */ @@ -211,6 +272,7 @@ dt_msg_queue_submit(struct dt_msg_queue* mq, void* buf, size_t len) return; } mq->cursize += len; + mq->msgcount ++; /* append to list */ if(mq->last) { mq->last->next = entry; @@ -221,13 +283,19 @@ dt_msg_queue_submit(struct dt_msg_queue* mq, void* buf, size_t len) /* release lock */ lock_basic_unlock(&mq->lock); - if(wakeup) + if(wakeupnow) { dtio_wakeup(mq->dtio); + } else if(wakeupstarttimer) { + dt_msg_queue_start_timer(mq); + } } struct dt_io_thread* dt_io_thread_create(void) { struct dt_io_thread* dtio = calloc(1, sizeof(*dtio)); + lock_basic_init(&dtio->wakeup_timer_lock); + lock_protect(&dtio->wakeup_timer_lock, &dtio->wakeup_timer_enabled, + sizeof(dtio->wakeup_timer_enabled)); return dtio; } @@ -235,6 +303,7 @@ void dt_io_thread_delete(struct dt_io_thread* dtio) { struct dt_io_list_item* item, *nextitem; if(!dtio) return; + lock_basic_destroy(&dtio->wakeup_timer_lock); item=dtio->io_list; while(item) { nextitem = item->next; @@ -279,7 +348,8 @@ int dt_io_thread_apply_cfg(struct dt_io_thread* dtio, struct config_file *cfg) return 0; } free(dtio->socket_path); - dtio->socket_path = strdup(cfg->dnstap_socket_path); + dtio->socket_path = fname_after_chroot(cfg->dnstap_socket_path, + cfg, 1); if(!dtio->socket_path) { log_err("dnstap setup: malloc failure"); return 0; @@ -416,6 +486,7 @@ static int dt_msg_queue_pop(struct dt_msg_queue* mq, void** buf, mq->first = entry->next; if(!entry->next) mq->last = NULL; mq->cursize -= entry->len; + mq->msgcount --; lock_basic_unlock(&mq->lock); *buf = entry->buf; @@ -587,11 +658,7 @@ static void dtio_del_output_event(struct dt_io_thread* dtio) /** close dtio socket and set it to -1 */ static void dtio_close_fd(struct dt_io_thread* dtio) { -#ifndef USE_WINSOCK - close(dtio->fd); -#else - closesocket(dtio->fd); -#endif + sock_close(dtio->fd); dtio->fd = -1; } @@ -659,13 +726,8 @@ static int dtio_check_nb_connect(struct dt_io_thread* dtio) char* to = dtio->socket_path; if(!to) to = dtio->ip_str; if(!to) to = ""; -#ifndef USE_WINSOCK log_err("dnstap io: failed to connect to \"%s\": %s", - to, strerror(error)); -#else - log_err("dnstap io: failed to connect to \"%s\": %s", - to, wsa_strerror(error)); -#endif + to, sock_strerror(error)); return -1; /* error, close it */ } @@ -742,7 +804,6 @@ static int dtio_write_buf(struct dt_io_thread* dtio, uint8_t* buf, #ifndef USE_WINSOCK if(errno == EINTR || errno == EAGAIN) return 0; - log_err("dnstap io: failed send: %s", strerror(errno)); #else if(WSAGetLastError() == WSAEINPROGRESS) return 0; @@ -752,9 +813,8 @@ static int dtio_write_buf(struct dt_io_thread* dtio, uint8_t* buf, UB_EV_WRITE); return 0; } - log_err("dnstap io: failed send: %s", - wsa_strerror(WSAGetLastError())); #endif + log_err("dnstap io: failed send: %s", sock_strerror(errno)); return -1; } return ret; @@ -778,7 +838,6 @@ static int dtio_write_with_writev(struct dt_io_thread* dtio) #ifndef USE_WINSOCK if(errno == EINTR || errno == EAGAIN) return 0; - log_err("dnstap io: failed writev: %s", strerror(errno)); #else if(WSAGetLastError() == WSAEINPROGRESS) return 0; @@ -788,9 +847,8 @@ static int dtio_write_with_writev(struct dt_io_thread* dtio) UB_EV_WRITE); return 0; } - log_err("dnstap io: failed writev: %s", - wsa_strerror(WSAGetLastError())); #endif + log_err("dnstap io: failed writev: %s", sock_strerror(errno)); /* close the channel */ dtio_del_output_event(dtio); dtio_close_output(dtio); @@ -1115,6 +1173,8 @@ static int dtio_read_accept_frame(struct dt_io_thread* dtio) goto close_connection; } dtio->accept_frame_received = 1; + if(!dtio_add_output_event_write(dtio)) + goto close_connection; return 1; } else { /* unknow content type */ @@ -1482,15 +1542,13 @@ void dtio_cmd_cb(int fd, short ATTR_UNUSED(bits), void* arg) #ifndef USE_WINSOCK if(errno == EINTR || errno == EAGAIN) return; /* ignore this */ - log_err("dnstap io: failed to read: %s", strerror(errno)); #else if(WSAGetLastError() == WSAEINPROGRESS) return; if(WSAGetLastError() == WSAEWOULDBLOCK) return; - log_err("dnstap io: failed to read: %s", - wsa_strerror(WSAGetLastError())); #endif + log_err("dnstap io: failed to read: %s", sock_strerror(errno)); /* and then fall through to quit the thread */ } else if(r == 0) { verbose(VERB_ALGO, "dnstap io: cmd channel closed"); @@ -1852,13 +1910,8 @@ static int dtio_open_output_local(struct dt_io_thread* dtio) struct sockaddr_un s; dtio->fd = socket(AF_LOCAL, SOCK_STREAM, 0); if(dtio->fd == -1) { -#ifndef USE_WINSOCK - log_err("dnstap io: failed to create socket: %s", - strerror(errno)); -#else log_err("dnstap io: failed to create socket: %s", - wsa_strerror(WSAGetLastError())); -#endif + sock_strerror(errno)); return 0; } memset(&s, 0, sizeof(s)); @@ -1873,13 +1926,13 @@ static int dtio_open_output_local(struct dt_io_thread* dtio) if(connect(dtio->fd, (struct sockaddr*)&s, (socklen_t)sizeof(s)) == -1) { char* to = dtio->socket_path; -#ifndef USE_WINSOCK - log_err("dnstap io: failed to connect to \"%s\": %s", - to, strerror(errno)); -#else + if(dtio->reconnect_timeout > DTIO_RECONNECT_TIMEOUT_MIN && + verbosity < 4) { + dtio_close_fd(dtio); + return 0; /* no log retries on low verbosity */ + } log_err("dnstap io: failed to connect to \"%s\": %s", - to, wsa_strerror(WSAGetLastError())); -#endif + to, sock_strerror(errno)); dtio_close_fd(dtio); return 0; } @@ -1904,18 +1957,18 @@ static int dtio_open_output_tcp(struct dt_io_thread* dtio) } dtio->fd = socket(addr.ss_family, SOCK_STREAM, 0); if(dtio->fd == -1) { -#ifndef USE_WINSOCK - log_err("can't create socket: %s", strerror(errno)); -#else - log_err("can't create socket: %s", - wsa_strerror(WSAGetLastError())); -#endif + log_err("can't create socket: %s", sock_strerror(errno)); return 0; } fd_set_nonblock(dtio->fd); if(connect(dtio->fd, (struct sockaddr*)&addr, addrlen) == -1) { if(errno == EINPROGRESS) return 1; /* wait until connect done*/ + if(dtio->reconnect_timeout > DTIO_RECONNECT_TIMEOUT_MIN && + verbosity < 4) { + dtio_close_fd(dtio); + return 0; /* no log retries on low verbosity */ + } #ifndef USE_WINSOCK if(tcp_connect_errno_needs_log( (struct sockaddr *)&addr, addrlen)) { @@ -2097,15 +2150,14 @@ void dt_io_thread_stop(struct dt_io_thread* dtio) #ifndef USE_WINSOCK if(errno == EINTR || errno == EAGAIN) continue; - log_err("dnstap io stop: write: %s", strerror(errno)); #else if(WSAGetLastError() == WSAEINPROGRESS) continue; if(WSAGetLastError() == WSAEWOULDBLOCK) continue; - log_err("dnstap io stop: write: %s", - wsa_strerror(WSAGetLastError())); #endif + log_err("dnstap io stop: write: %s", + sock_strerror(errno)); break; } break; diff --git a/dnstap/dtstream.h b/dnstap/dtstream.h index ede491f30d3e..f87d6dc8d386 100644 --- a/dnstap/dtstream.h +++ b/dnstap/dtstream.h @@ -49,6 +49,7 @@ struct dt_msg_entry; struct dt_io_list_item; struct dt_io_thread; struct config_file; +struct comm_base; /** * A message buffer with dnstap messages queued up. It is per-worker. @@ -68,11 +69,15 @@ struct dt_msg_queue { /** current size of the buffer, in bytes. data bytes of messages. * If a new message make it more than maxsize, the buffer is full */ size_t cursize; + /** number of messages in the queue */ + int msgcount; /** list of messages. The messages are added to the back and taken * out from the front. */ struct dt_msg_entry* first, *last; /** reference to the io thread to wakeup */ struct dt_io_thread* dtio; + /** the wakeup timer for dtio, on worker event base */ + struct comm_timer* wakeup_timer; }; /** @@ -166,6 +171,10 @@ struct dt_io_thread { * for the current message length that precedes the frame */ size_t cur_msg_len_done; + /** lock on wakeup_timer_enabled */ + lock_basic_type wakeup_timer_lock; + /** if wakeup timer is enabled in some thread */ + int wakeup_timer_enabled; /** command pipe that stops the pipe if closed. Used to quit * the program. [0] is read, [1] is written to. */ int commandpipe[2]; @@ -233,9 +242,10 @@ struct dt_io_list_item { /** * Create new (empty) worker message queue. Limit set to default on max. + * @param base: event base for wakeup timer. * @return NULL on malloc failure or a new queue (not locked). */ -struct dt_msg_queue* dt_msg_queue_create(void); +struct dt_msg_queue* dt_msg_queue_create(struct comm_base* base); /** * Delete a worker message queue. It has to be unlinked from access, @@ -258,6 +268,9 @@ void dt_msg_queue_delete(struct dt_msg_queue* mq); */ void dt_msg_queue_submit(struct dt_msg_queue* mq, void* buf, size_t len); +/** timer callback to wakeup dtio thread to process messages */ +void mq_wakeup_cb(void* arg); + /** * Create IO thread. * @return new io thread object. not yet started. or NULL malloc failure. diff --git a/dnstap/unbound-dnstap-socket.c b/dnstap/unbound-dnstap-socket.c index 44a0eda95994..3ebe2b4e4124 100644 --- a/dnstap/unbound-dnstap-socket.c +++ b/dnstap/unbound-dnstap-socket.c @@ -278,57 +278,31 @@ static int make_tcp_accept(char* ip) } if((s = socket(addr.ss_family, SOCK_STREAM, 0)) == -1) { -#ifndef USE_WINSOCK - log_err("can't create socket: %s", strerror(errno)); -#else - log_err("can't create socket: %s", - wsa_strerror(WSAGetLastError())); -#endif + log_err("can't create socket: %s", sock_strerror(errno)); return -1; } #ifdef SO_REUSEADDR if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void*)&on, (socklen_t)sizeof(on)) < 0) { -#ifndef USE_WINSOCK log_err("setsockopt(.. SO_REUSEADDR ..) failed: %s", - strerror(errno)); - close(s); -#else - log_err("setsockopt(.. SO_REUSEADDR ..) failed: %s", - wsa_strerror(WSAGetLastError())); - closesocket(s); -#endif + sock_strerror(errno)); + sock_close(s); return -1; } #endif /* SO_REUSEADDR */ if(bind(s, (struct sockaddr*)&addr, len) != 0) { -#ifndef USE_WINSOCK - log_err_addr("can't bind socket", strerror(errno), + log_err_addr("can't bind socket", sock_strerror(errno), &addr, len); - close(s); -#else - log_err_addr("can't bind socket", - wsa_strerror(WSAGetLastError()), &addr, len); - closesocket(s); -#endif + sock_close(s); return -1; } if(!fd_set_nonblock(s)) { -#ifndef USE_WINSOCK - close(s); -#else - closesocket(s); -#endif + sock_close(s); return -1; } if(listen(s, LISTEN_BACKLOG) == -1) { -#ifndef USE_WINSOCK - log_err("can't listen: %s", strerror(errno)); - close(s); -#else - log_err("can't listen: %s", wsa_strerror(WSAGetLastError())); - closesocket(s); -#endif + log_err("can't listen: %s", sock_strerror(errno)); + sock_close(s); return -1; } return s; @@ -654,7 +628,6 @@ static ssize_t receive_bytes(struct tap_data* data, int fd, void* buf, #ifndef USE_WINSOCK if(errno == EINTR || errno == EAGAIN) return -1; - log_err("could not recv: %s", strerror(errno)); #else /* USE_WINSOCK */ if(WSAGetLastError() == WSAEINPROGRESS) return -1; @@ -662,9 +635,8 @@ static ssize_t receive_bytes(struct tap_data* data, int fd, void* buf, ub_winsock_tcp_wouldblock(data->ev, UB_EV_READ); return -1; } - log_err("could not recv: %s", - wsa_strerror(WSAGetLastError())); #endif + log_err("could not recv: %s", sock_strerror(errno)); if(verbosity) log_info("dnstap client stream closed from %s", (data->id?data->id:"")); return 0; @@ -796,12 +768,7 @@ static int reply_with_accept(struct tap_data* data) } } else { if(send(data->fd, acceptframe, len, 0) == -1) { -#ifndef USE_WINSOCK - log_err("send failed: %s", strerror(errno)); -#else - log_err("send failed: %s", - wsa_strerror(WSAGetLastError())); -#endif + log_err("send failed: %s", sock_strerror(errno)); fd_set_nonblock(data->fd); free(acceptframe); return 0; @@ -834,11 +801,7 @@ static int reply_with_finish(int fd) fd_set_block(fd); if(send(fd, finishframe, len, 0) == -1) { -#ifndef USE_WINSOCK - log_err("send failed: %s", strerror(errno)); -#else - log_err("send failed: %s", wsa_strerror(WSAGetLastError())); -#endif + log_err("send failed: %s", sock_strerror(errno)); fd_set_nonblock(fd); free(finishframe); return 0; @@ -1094,7 +1057,6 @@ void dtio_mainfdcallback(int fd, short ATTR_UNUSED(bits), void* arg) #endif /* EPROTO */ ) return; - log_err_addr("accept failed", strerror(errno), &addr, addrlen); #else /* USE_WINSOCK */ if(WSAGetLastError() == WSAEINPROGRESS || WSAGetLastError() == WSAECONNRESET) @@ -1103,9 +1065,9 @@ void dtio_mainfdcallback(int fd, short ATTR_UNUSED(bits), void* arg) ub_winsock_tcp_wouldblock(maindata->ev, UB_EV_READ); return; } - log_err_addr("accept failed", wsa_strerror(WSAGetLastError()), - &addr, addrlen); #endif + log_err_addr("accept failed", sock_strerror(errno), &addr, + addrlen); return; } fd_set_nonblock(s); @@ -1205,8 +1167,10 @@ int sig_quit = 0; static RETSIGTYPE main_sigh(int sig) { verbose(VERB_ALGO, "exit on signal %d\n", sig); - if(sig_base) + if(sig_base) { ub_event_base_loopexit(sig_base); + sig_base = NULL; + } sig_quit = 1; } @@ -1247,9 +1211,9 @@ setup_and_run(struct config_strlist_head* local_list, if(verbosity) log_info("start of service"); ub_event_base_dispatch(base); + sig_base = NULL; if(verbosity) log_info("end of service"); - sig_base = NULL; tap_socket_list_delete(maindata->acceptlist); ub_event_base_free(base); free(maindata); diff --git a/doc/Changelog b/doc/Changelog index 3339e77b30c6..87f796398993 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,133 @@ +1 October 2020: Wouter + - Current repo is version 1.12.0 for release. Tag for 1.12.0rc1. + +30 September 2020: Wouter + - Fix doh tests when not compiled in. + - Add dohclient test executable to gitignore. + - Fix stream_ssl, ssl_req_order and ssl_req_timeout tests for + alloc check debug output. + - Easier kill of unbound-dnstap-socket tool in test. + - Fix memory leak of edns tags at libunbound context delete. + - Fix double loopexit for unbound-dnstap-socket after sigterm. + +29 September 2020: Ralph + - DNS Flag Day 2020: change edns-buffer-size default to 1232. + +28 September 2020: Wouter + - Fix unit test for dnstap changes, so that it waits for the timer. + +23 September 2020: Wouter + - Fix #305: dnstap logging significantly affects unbound performance + (regression in 1.11). + - Fix #305: only wake up thread when threshold reached. + - Fix to ifdef fptr wlist item for dnstap. + +23 September 2020: Ralph + - Fix edns-client-tags get_option typo + - Add edns-client-tag-opcode option + - Use inclusive language in configuration + +21 September 2020: Ralph + - Fix #304: dnstap logging not recovering after dnstap process restarts + +21 September 2020: Wouter + - Merge PR #311 by luismerino: Dynlibmod leak. + - Error message is logged for dynlibmod malloc failures. + - iana portlist updated. + +18 September 2020: Wouter + - Fix that prefer-ip4 and prefer-ip6 can be get and set with + unbound-control, with libunbound and the unbound-checkconf option + output function. + - iana portlist updated. + +15 September 2020: George + - Introduce test for statistics. + +15 September 2020: Wouter + - Spelling fix. + +11 September 2020: Wouter + - Remove x file mode on ipset/ipset.c and h files. + +9 September 2020: Wouter + - Fix num.expired statistics output. + +31 August 2020: Wouter + - Merge PR #293: Add missing prototype. Also refactor to use the new + shorthand function to clean up the code. + - Refactor to use sock_strerr shorthand function. + - Fix #296: systemd nss-lookup.target is reached before unbound can + successfully answer queries. Changed contrib/unbound.service.in. + +27 August 2020: Wouter + - Similar to NSD PR#113, implement that interface names can be used, + eg. something like interface: eth0 is resolved at server start and + uses the IP addresses for that named interface. + - Review fix, doxygen and assign null in case of error free. + +26 August 2020: George + - Update documentation in python example code. + +24 August 2020: Wouter + - Fix that dnstap reconnects do not spam the log with the repeated + attempts. Attempts on the timer are only logged on high verbosity, + if they produce a connection failure error. + - Fix to apply chroot to dnstap-socket-path, if chroot is enabled. + - Change configure to use EVP_sha256 instead of HMAC_Update for + openssl-3.0.0. + +20 August 2020: Ralph + - Fix stats double count issue (#289). + +13 August 2020: Ralph + - Create and init edns tags data for libunbound. + +10 August 2020: Ralph + - Merge (modified) PR #277, use EVP_MAC_CTX_set_params if available, + by VÃtÄ›zslav ČÞek. + +10 August 2020: Wouter + - Fix #287: doc typo: "Additionaly". + - Rerun autoconf + +6 August 2020: Wouter + - Merge PR #284 and Fix #246: Remove DLV entirely from Unbound. + The DLV has been decommisioned and in unbound 1.5.4, in 2015, there + was advise to stop using it. The current code base does not contain + DLV code any more. The use of dlv options displays a warning. + +5 August 2020: Wouter + - contrib/aaaa-filter-iterator.patch file renewed diff content to + apply cleanly to the current coderepo for the current code version. + +5 August 2020: Ralph + - Merge PR #272: Add EDNS client tag functionality. + +4 August 2020: George + - Improve error log message when inserting rpz RR. + - Merge PR #280, Make tvOS & watchOS checks verify truthiness as well as + definedness, by Felipe Gasper. + +4 August 2020: Wouter + - Fix mini_event.h on OpenBSD cannot find fd_set. + +31 July 2020: Wouter + - Fix doxygen comment for no ssl for tls session ticket key callback + routine. + +27 July 2020: George + - Merge PR #268, draft-ietf-dnsop-serve-stale-10 has become RFC 8767 on + March 2020, by and0x000. + +27 July 2020: Ralph + - Merge PR #269, Fix python module len() implementations, by Torbjörn + Lönnemark + +27 July 2020: Wouter + - branch now named 1.11.1. 1.11.0rc1 became the 1.11.0 release. + - Merge PR #270 from cgzones: munin plugin: always exit 0 in autoconf + 20 July 2020: Wouter - Fix streamtcp to print packet data to stdout. This makes the stdout and stderr not mix together lines, when parsing its output. diff --git a/doc/README b/doc/README index 6bd9a4c5fdae..c6ff31a6fac3 100644 --- a/doc/README +++ b/doc/README @@ -1,4 +1,4 @@ -README for Unbound 1.11.0 +README for Unbound 1.12.0 Copyright 2007 NLnet Labs http://unbound.net diff --git a/doc/example.conf.in b/doc/example.conf.in index 4f6411033e69..2fe9a2c7e7a7 100644 --- a/doc/example.conf.in +++ b/doc/example.conf.in @@ -1,7 +1,7 @@ # # Example configuration file. # -# See unbound.conf(5) man page, version 1.11.0. +# See unbound.conf(5) man page, version 1.12.0. # # this is a comment. @@ -129,8 +129,8 @@ server: # ip-dscp: 0 # EDNS reassembly buffer to advertise to UDP peers (the actual buffer - # is set with msg-buffer-size). 1472 can solve fragmentation (timeouts) - # edns-buffer-size: 4096 + # is set with msg-buffer-size). + # edns-buffer-size: 1232 # Maximum UDP response size (not applied to TCP response). # Suggested values are 512 to 4096. Default is 4096. 65536 disables it. @@ -431,8 +431,8 @@ server: # Domains (and domains in them) without support for dns-0x20 and # the fallback fails because they keep sending different answers. - # caps-whitelist: "licdn.com" - # caps-whitelist: "senderbase.org" + # caps-exempt: "licdn.com" + # caps-exempt: "senderbase.org" # Enforce privacy of these addresses. Strips them away from answers. # It may cause DNSSEC validation to additionally mark it as bogus. @@ -509,11 +509,6 @@ server: # Root key trust anchor sentinel (draft-ietf-dnsop-kskroll-sentinel) # root-key-sentinel: yes - # File with DLV trusted keys. Same format as trust-anchor-file. - # There can be only one DLV configured, it is trusted from root down. - # DLV is going to be decommissioned. Please do not use it any more. - # dlv-anchor-file: "dlv.isc.org.key" - # File with trusted keys for validation. Specify more than one file # with several entries, one file per entry. # Zone file format, with DS and DNSKEY entries. @@ -589,7 +584,7 @@ server: # # Time in milliseconds before replying to the client with expired data. # This essentially enables the serve-stale behavior as specified in - # draft-ietf-dnsop-serve-stale-10 that first tries to resolve before + # RFC 8767 that first tries to resolve before # immediately responding with expired data. 0 disables this behavior. # A recommended value is 1800. # serve-expired-client-timeout: 0 @@ -627,7 +622,7 @@ server: # more slabs reduce lock contention, but fragment memory usage. # key-cache-slabs: 4 - # the amount of memory to use for the negative cache (used for DLV). + # the amount of memory to use for the negative cache. # plain value in bytes or you can append k, m or G. default is "1Mb". # neg-cache-size: 1m @@ -738,12 +733,14 @@ server: # add a netblock specific override to a localzone, with zone type # local-zone-override: "example.com" 192.0.2.0/24 refuse - # service clients over TLS (on the TCP sockets), with plain DNS inside - # the TLS stream. Give the certificate to use and private key. + # service clients over TLS (on the TCP sockets) with plain DNS inside + # the TLS stream, and over HTTPS using HTTP/2 as specified in RFC8484. + # Give the certificate to use and private key. # default is "" (disabled). requires restart to take effect. # tls-service-key: "path/to/privatekeyfile.key" # tls-service-pem: "path/to/publiccertfile.pem" # tls-port: 853 + # https-port: 443 # cipher setting for TLSv1.2 # tls-ciphers: "DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256" @@ -775,6 +772,22 @@ server: # Also serve tls on these port numbers (eg. 443, ...), by listing # tls-additional-port: portno for each of the port numbers. + # HTTP endpoint to provide DNS-over-HTTPS service on. + # http-endpoint: "/dns-query" + + # HTTP/2 SETTINGS_MAX_CONCURRENT_STREAMS value to use. + # http-max-streams: 100 + + # Maximum number of bytes used for all HTTP/2 query buffers. + # http-query-buffer-size: 4m + + # Maximum number of bytes used for all HTTP/2 response buffers. + # http-response-buffer-size: 4m + + # Set TCP_NODELAY socket option on sockets used for DNS-over-HTTPS + # service. + # http-nodelay: yes + # DNS64 prefix. Must be specified when DNS64 is use. # Enable dns64 in module-config. Used to synthesize IPv6 from IPv4. # dns64-prefix: 64:ff9b::0/96 @@ -848,9 +861,9 @@ server: # ipsecmod-ignore-bogus: no # # Domains for which ipsecmod will be triggered. If not defined (default) - # all domains are treated as being whitelisted. - # ipsecmod-whitelist: "example.com" - # ipsecmod-whitelist: "nlnetlabs.nl" + # all domains are treated as being allowed. + # ipsecmod-allow: "example.com" + # ipsecmod-allow: "nlnetlabs.nl" # Python config section. To enable: @@ -948,27 +961,27 @@ remote-control: # upstream (which saves a lookup to the upstream). The first example # has a copy of the root for local usage. The second serves example.org # authoritatively. zonefile: reads from file (and writes to it if you also -# download it), master: fetches with AXFR and IXFR, or url to zonefile. -# With allow-notify: you can give additional (apart from masters) sources of +# download it), primary: fetches with AXFR and IXFR, or url to zonefile. +# With allow-notify: you can give additional (apart from primaries) sources of # notifies. # auth-zone: # name: "." -# master: 199.9.14.201 # b.root-servers.net -# master: 192.33.4.12 # c.root-servers.net -# master: 199.7.91.13 # d.root-servers.net -# master: 192.5.5.241 # f.root-servers.net -# master: 192.112.36.4 # g.root-servers.net -# master: 193.0.14.129 # k.root-servers.net -# master: 192.0.47.132 # xfr.cjr.dns.icann.org -# master: 192.0.32.132 # xfr.lax.dns.icann.org -# master: 2001:500:200::b # b.root-servers.net -# master: 2001:500:2::c # c.root-servers.net -# master: 2001:500:2d::d # d.root-servers.net -# master: 2001:500:2f::f # f.root-servers.net -# master: 2001:500:12::d0d # g.root-servers.net -# master: 2001:7fd::1 # k.root-servers.net -# master: 2620:0:2830:202::132 # xfr.cjr.dns.icann.org -# master: 2620:0:2d0:202::132 # xfr.lax.dns.icann.org +# primary: 199.9.14.201 # b.root-servers.net +# primary: 192.33.4.12 # c.root-servers.net +# primary: 199.7.91.13 # d.root-servers.net +# primary: 192.5.5.241 # f.root-servers.net +# primary: 192.112.36.4 # g.root-servers.net +# primary: 193.0.14.129 # k.root-servers.net +# primary: 192.0.47.132 # xfr.cjr.dns.icann.org +# primary: 192.0.32.132 # xfr.lax.dns.icann.org +# primary: 2001:500:200::b # b.root-servers.net +# primary: 2001:500:2::c # c.root-servers.net +# primary: 2001:500:2d::d # d.root-servers.net +# primary: 2001:500:2f::f # f.root-servers.net +# primary: 2001:500:12::d0d # g.root-servers.net +# primary: 2001:7fd::1 # k.root-servers.net +# primary: 2620:0:2830:202::132 # xfr.cjr.dns.icann.org +# primary: 2620:0:2d0:202::132 # xfr.lax.dns.icann.org # fallback-enabled: yes # for-downstream: no # for-upstream: yes @@ -1088,7 +1101,7 @@ remote-control: # rpz: # name: "rpz.example.com" # zonefile: "rpz.example.com" -# master: 192.0.2.0 +# primary: 192.0.2.0 # allow-notify: 192.0.2.0/32 # url: http://www.example.com/rpz.example.org.zone # rpz-action-override: cname diff --git a/doc/libunbound.3.in b/doc/libunbound.3.in index 10bda1614b26..34778ee5c09e 100644 --- a/doc/libunbound.3.in +++ b/doc/libunbound.3.in @@ -1,4 +1,4 @@ -.TH "libunbound" "3" "Jul 27, 2020" "NLnet Labs" "unbound 1.11.0" +.TH "libunbound" "3" "Oct 8, 2020" "NLnet Labs" "unbound 1.12.0" .\" .\" libunbound.3 -- unbound library functions manual .\" @@ -44,7 +44,7 @@ .B ub_ctx_zone_remove, .B ub_ctx_data_add, .B ub_ctx_data_remove -\- Unbound DNS validating resolver 1.11.0 functions. +\- Unbound DNS validating resolver 1.12.0 functions. .SH "SYNOPSIS" .B #include <unbound.h> .LP diff --git a/doc/unbound-anchor.8.in b/doc/unbound-anchor.8.in index 1c7799ca11d8..21f12ebeff1c 100644 --- a/doc/unbound-anchor.8.in +++ b/doc/unbound-anchor.8.in @@ -1,4 +1,4 @@ -.TH "unbound-anchor" "8" "Jul 27, 2020" "NLnet Labs" "unbound 1.11.0" +.TH "unbound-anchor" "8" "Oct 8, 2020" "NLnet Labs" "unbound 1.12.0" .\" .\" unbound-anchor.8 -- unbound anchor maintenance utility manual .\" diff --git a/doc/unbound-checkconf.8.in b/doc/unbound-checkconf.8.in index c7a0f9449572..a7389376599a 100644 --- a/doc/unbound-checkconf.8.in +++ b/doc/unbound-checkconf.8.in @@ -1,4 +1,4 @@ -.TH "unbound-checkconf" "8" "Jul 27, 2020" "NLnet Labs" "unbound 1.11.0" +.TH "unbound-checkconf" "8" "Oct 8, 2020" "NLnet Labs" "unbound 1.12.0" .\" .\" unbound-checkconf.8 -- unbound configuration checker manual .\" diff --git a/doc/unbound-control.8.in b/doc/unbound-control.8.in index 154450303366..f82b62d3d9b6 100644 --- a/doc/unbound-control.8.in +++ b/doc/unbound-control.8.in @@ -1,4 +1,4 @@ -.TH "unbound-control" "8" "Jul 27, 2020" "NLnet Labs" "unbound 1.11.0" +.TH "unbound-control" "8" "Oct 8, 2020" "NLnet Labs" "unbound 1.12.0" .\" .\" unbound-control.8 -- unbound remote control manual .\" @@ -506,6 +506,14 @@ negative cache. Memory in bytes in used by the TCP and TLS stream wait buffers. These are answers waiting to be written back to the clients. .TP +.I mem.http.query_buffer +Memory in bytes used by the HTTP/2 query buffers. Containing (partial) DNS +queries waiting for request stream completion. +.TP +.I mem.http.response_buffer +Memory in bytes used by the HTTP/2 response buffers. Containing DNS responses +waiting to be written back to the clients. +.TP .I histogram.<sec>.<usec>.to.<sec>.<usec> Shows a histogram, summed over all threads. Every element counts the recursive queries whose reply time fit between the lower and upper bound. @@ -545,6 +553,11 @@ These are also counted in num.query.tcp, because TLS uses TCP. Number of TLS session resumptions, these are queries over TLS towards the unbound server where the client negotiated a TLS session resumption key. .TP +.I num.query.https +Number of queries that were made using HTTPS towards the unbound server. +These are also counted in num.query.tcp and num.query.tls, because HTTPS +uses TLS and TCP. +.TP .I num.query.ipv6 Number of queries that were made using IPv6 towards the unbound server. .TP diff --git a/doc/unbound-host.1.in b/doc/unbound-host.1.in index cae708d66b12..d3b502d92657 100644 --- a/doc/unbound-host.1.in +++ b/doc/unbound-host.1.in @@ -1,4 +1,4 @@ -.TH "unbound\-host" "1" "Jul 27, 2020" "NLnet Labs" "unbound 1.11.0" +.TH "unbound\-host" "1" "Oct 8, 2020" "NLnet Labs" "unbound 1.12.0" .\" .\" unbound-host.1 -- unbound DNS lookup utility .\" diff --git a/doc/unbound.8.in b/doc/unbound.8.in index fcdb3d833406..44a9879e5872 100644 --- a/doc/unbound.8.in +++ b/doc/unbound.8.in @@ -1,4 +1,4 @@ -.TH "unbound" "8" "Jul 27, 2020" "NLnet Labs" "unbound 1.11.0" +.TH "unbound" "8" "Oct 8, 2020" "NLnet Labs" "unbound 1.12.0" .\" .\" unbound.8 -- unbound manual .\" @@ -9,7 +9,7 @@ .\" .SH "NAME" .B unbound -\- Unbound DNS validating resolver 1.11.0. +\- Unbound DNS validating resolver 1.12.0. .SH "SYNOPSIS" .B unbound .RB [ \-h ] diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in index 04dca3561ea2..bcbc9f205333 100644 --- a/doc/unbound.conf.5.in +++ b/doc/unbound.conf.5.in @@ -1,4 +1,4 @@ -.TH "unbound.conf" "5" "Jul 27, 2020" "NLnet Labs" "unbound 1.11.0" +.TH "unbound.conf" "5" "Oct 8, 2020" "NLnet Labs" "unbound 1.12.0" .\" .\" unbound.conf.5 -- unbound.conf manual .\" @@ -122,7 +122,8 @@ The port number, default 53, on which the server responds to queries. Interface to use to connect to the network. This interface is listened to for queries from clients, and answers to clients are given from it. Can be given multiple times to work on several interfaces. If none are -given the default is to listen to localhost. +given the default is to listen to localhost. If an interface name is used +instead of an ip address, the list of ip addresses on that interface are used. The interfaces are not changed on a reload (kill \-HUP) but only on restart. A port number can be specified with @port (without spaces between interface and port number), if not specified the default port (from @@ -206,12 +207,11 @@ accepted. For larger installations increasing this value is a good idea. Number of bytes size to advertise as the EDNS reassembly buffer size. This is the value put into datagrams over UDP towards peers. The actual buffer size is determined by msg\-buffer\-size (both for TCP and UDP). Do -not set higher than that value. Default is 4096 which is RFC recommended. -If you have fragmentation reassembly problems, usually seen as timeouts, -then a value of 1472 can fix it. Setting to 512 bypasses even the most -stringent path MTU problems, but is seen as extreme, since the amount -of TCP fallback generated is excessive (probably also for this resolver, -consider tuning the outgoing tcp number). +not set higher than that value. Default is 1232 which is the DNS Flag Day 2020 +recommendation. Setting to 512 bypasses even the most stringent path MTU +problems, but is seen as extreme, since the amount of TCP fallback generated is +excessive (probably also for this resolver, consider tuning the outgoing tcp +number). .TP .B max\-udp\-size: \fI<number> Maximum UDP response size (not applied to TCP response). 65536 disables the @@ -484,15 +484,16 @@ Alternate syntax for \fBtls\-upstream\fR. If both are present in the config file the last is used. .TP .B tls\-service\-key: \fI<file> -If enabled, the server provides TLS service on the TCP ports marked -implicitly or explicitly for TLS service with tls\-port. The file must -contain the private key for the TLS session, the public certificate is in -the tls\-service\-pem file and it must also be specified if tls\-service\-key -is specified. The default is "", turned off. Enabling or disabling -this service requires a restart (a reload is not enough), because the -key is read while root permissions are held and before chroot (if any). -The ports enabled implicitly or explicitly via \fBtls\-port:\fR do not provide -normal DNS TCP service. +If enabled, the server provides DNS-over-TLS or DNS-over-HTTPS service on the +TCP ports marked implicitly or explicitly for these services with tls\-port or +https\-port. The file must contain the private key for the TLS session, the +public certificate is in the tls\-service\-pem file and it must also be +specified if tls\-service\-key is specified. The default is "", turned off. +Enabling or disabling this service requires a restart (a reload is not enough), +because the key is read while root permissions are held and before chroot (if any). +The ports enabled implicitly or explicitly via \fBtls\-port:\fR and +\fBhttps\-port:\fR do not provide normal DNS TCP service. Unbound needs to be +compiled with libnghttp2 in order to provide DNS-over-HTTPS. .TP .B ssl\-service\-key: \fI<file> Alternate syntax for \fBtls\-service\-key\fR. @@ -557,6 +558,35 @@ Enable or disable sending the SNI extension on TLS connections. Default is yes. Changing the value requires a reload. .TP +.B https\-port: \fI<number> +The port number on which to provide DNS-over-HTTPS service, default 443, only +interfaces configured with that port number as @number get the HTTPS service. +.TP +.B http\-endpoint: \fI<endpoint string> +The HTTP endpoint to provide DNS-over-HTTPS service on. Default "/dns-query". +.TP +.B http\-max\-streams: \fI<number of streams> +Number used in the SETTINGS_MAX_CONCURRENT_STREAMS parameter in the HTTP/2 +SETTINGS frame for DNS-over-HTTPS connections. Default 100. +.TP +.B http\-query\-buffer\-size: \fI<size in bytes> +Maximum number of bytes used for all HTTP/2 query buffers combined. These +buffers contain (partial) DNS queries waiting for request stream completion. +An RST_STREAM frame will be send to streams exceeding this limit. Default is 4 +megabytes. A plain number is in bytes, append 'k', 'm' or 'g' for kilobytes, +megabytes or gigabytes (1024*1024 bytes in a megabyte). +.TP +.B http\-response\-buffer\-size: \fI<size in bytes> +Maximum number of bytes used for all HTTP/2 response buffers combined. These +buffers contain DNS responses waiting to be written back to the clients. +An RST_STREAM frame will be send to streams exceeding this limit. Default is 4 +megabytes. A plain number is in bytes, append 'k', 'm' or 'g' for kilobytes, +megabytes or gigabytes (1024*1024 bytes in a megabyte). +.TP +.B http\-nodelay: \fI<yes or no> +Set TCP_NODELAY socket option on sockets used to provide DNS-over-HTTPS service. +Ignored if the option is not available. Default is yes. +.TP .B use\-systemd: \fI<yes or no> Enable or disable systemd socket activation. Default is no. @@ -853,12 +883,15 @@ authority servers and checks if the reply still has the correct casing. Disabled by default. This feature is an experimental implementation of draft dns\-0x20. .TP -.B caps\-whitelist: \fI<domain> -Whitelist the domain so that it does not receive caps\-for\-id perturbed +.B caps\-exempt: \fI<domain> +Exempt the domain so that it does not receive caps\-for\-id perturbed queries. For domains that do not support 0x20 and also fail with fallback because they keep sending different answers, like some load balancers. Can be given multiple times, for different domains. .TP +.B caps\-whitelist: \fI<yes or no> +Alternate syntax for \fBcaps\-exempt\fR. +.TP .B qname\-minimisation: \fI<yes or no> Send minimum amount of information to upstream servers to enhance privacy. Only send minimum required labels of the QNAME and set QTYPE to A when @@ -1010,26 +1043,11 @@ Send RFC8145 key tag query after trust anchor priming. Default is yes. .B root\-key\-sentinel: \fI<yes or no> Root key trust anchor sentinel. Default is yes. .TP -.B dlv\-anchor\-file: \fI<filename> -This option was used during early days DNSSEC deployment when no parent-side -DS record registrations were easily available. Nowadays, it is best to have -DS records registered with the parent zone (many top level zones are signed). -File with trusted keys for DLV (DNSSEC Lookaside Validation). Both DS and -DNSKEY entries can be used in the file, in the same format as for -\fItrust\-anchor\-file:\fR statements. Only one DLV can be configured, more -would be slow. The DLV configured is used as a root trusted DLV, this -means that it is a lookaside for the root. Default is "", or no dlv anchor -file. DLV is going to be decommissioned. Please do not use it any more. -.TP -.B dlv\-anchor: \fI<"Resource Record"> -Much like trust\-anchor, this is a DLV anchor with the DS or DNSKEY inline. -DLV is going to be decommissioned. Please do not use it any more. -.TP .B domain\-insecure: \fI<domain name> Sets domain name to be insecure, DNSSEC chain of trust is ignored towards the domain name. So a trust anchor above the domain name can not make the domain secure with a DS record, such a DS record is then ignored. -Also keys from DLV are ignored for the domain. Can be given multiple times +Can be given multiple times to specify multiple domains that are treated as if unsigned. If you set trust anchors for the domain they override this setting (and the domain is secured). @@ -1108,7 +1126,7 @@ later on. Default is "no". .B serve\-expired\-ttl: \fI<seconds> Limit serving of expired responses to configured seconds after expiration. 0 disables the limit. This option only applies when \fBserve\-expired\fR is -enabled. A suggested value per draft-ietf-dnsop-serve-stale-10 is between +enabled. A suggested value per RFC 8767 is between 86400 (1 day) and 259200 (3 days). The default is 0. .TP .B serve\-expired\-ttl\-reset: \fI<yes or no> @@ -1120,14 +1138,14 @@ expired records will be served as long as there are queries for it. Default is .B serve\-expired\-reply\-ttl: \fI<seconds> TTL value to use when replying with expired data. If \fBserve\-expired\-client\-timeout\fR is also used then it is RECOMMENDED to -use 30 as the value (draft-ietf-dnsop-serve-stale-10). The default is 30. +use 30 as the value (RFC 8767). The default is 30. .TP .B serve\-expired\-client\-timeout: \fI<msec> Time in milliseconds before replying to the client with expired data. This essentially enables the serve-stale behavior as specified in -draft-ietf-dnsop-serve-stale-10 that first tries to resolve before immediately +RFC 8767 that first tries to resolve before immediately responding with expired data. A recommended value per -draft-ietf-dnsop-serve-stale-10 is 1800. Setting this to 0 will disable this +RFC 8767 is 1800. Setting this to 0 will disable this behavior. Default is 0. .TP .B val\-nsec3\-keysize\-iterations: \fI<"list of values"> @@ -1516,6 +1534,16 @@ servers set. The default for fast\-server\-permil is 0. Set the number of servers that should be used for fast server selection. Only use the fastest specified number of servers with the fast\-server\-permil option, that turns this on or off. The default is to use the fastest 3 servers. +.TP 5 +.B edns\-client\-tag: \fI<IP netblock> <tag data> +Include an edns-client-tag option in queries with destination address matching +the configured IP netblock. This configuration option can be used multiple +times. The most specific match will be used. The tag data is configured in +decimal format, from 0 to 65535. +.TP 5 +.B edns\-client\-tag\-opcode: \fI<opcode> +EDNS0 option code for the edns-client-tag option, from 0 to 65535. Default is +16, as assigned by IANA. .SS "Remote Control Options" In the .B remote\-control: @@ -1718,16 +1746,16 @@ uses the SOA timer values and performs SOA UDP queries to detect zone changes. If the update fetch fails, the timers in the SOA record are used to time another fetch attempt. Until the SOA expiry timer is reached. Then the zone is expired. When a zone is expired, queries are SERVFAIL, and -any new serial number is accepted from the master (even if older), and if +any new serial number is accepted from the primary (even if older), and if fallback is enabled, the fallback activates to fetch from the upstream instead of the SERVFAIL. .TP .B name: \fI<zone name> Name of the authority zone. .TP -.B master: \fI<IP address or host name> +.B primary: \fI<IP address or host name> Where to download a copy of the zone from, with AXFR and IXFR. Multiple -masters can be specified. They are all tried if one fails. +primaries can be specified. They are all tried if one fails. With the "ip#name" notation a AXFR over TLS can be used. If you point it at another Unbound instance, it would not work because that does not support AXFR/IXFR for the zone, but if you used \fBurl:\fR to download @@ -1736,27 +1764,31 @@ If you specify the hostname, you cannot use the domain from the zonefile, because it may not have that when retrieving that data, instead use a plain IP address to avoid a circular dependency on retrieving that IP address. .TP +.B master: \fI<IP address or host name> +Alternate syntax for \fBprimary\fR. +.TP .B url: \fI<url to zonefile> Where to download a zonefile for the zone. With http or https. An example for the url is "http://www.example.com/example.org.zone". Multiple url statements can be given, they are tried in turn. If only urls are given the SOA refresh timer is used to wait for making new downloads. If also -masters are listed, the masters are first probed with UDP SOA queries to +primaries are listed, the primaries are first probed with UDP SOA queries to see if the SOA serial number has changed, reducing the number of downloads. -If none of the urls work, the masters are tried with IXFR and AXFR. +If none of the urls work, the primaries are tried with IXFR and AXFR. For https, the \fBtls\-cert\-bundle\fR and the hostname from the url are used to authenticate the connection. If you specify a hostname in the URL, you cannot use the domain from the zonefile, because it may not have that when retrieving that data, instead use a plain IP address to avoid a circular dependency on retrieving that IP -address. Avoid dependencies on name lookups by using a notation like "http://192.0.2.1/unbound-master/example.com.zone", with an explicit IP address. +address. Avoid dependencies on name lookups by using a notation like +"http://192.0.2.1/unbound-primaries/example.com.zone", with an explicit IP address. .TP .B allow\-notify: \fI<IP address or host name or netblockIP/prefix> With allow\-notify you can specify additional sources of notifies. When notified, the server attempts to first probe and then zone transfer. -If the notify is from a master, it first attempts that master. Otherwise -other masters are attempted. If there are no masters, but only urls, the -file is downloaded when notified. The masters from master: statements are +If the notify is from a primary, it first attempts that primary. Otherwise +other primaries are attempted. If there are no primaries, but only urls, the +file is downloaded when notified. The primaries from primary: statements are allowed notify by default. .TP .B fallback\-enabled: \fI<yes or no> @@ -1784,7 +1816,7 @@ downstream clients, and use the zone data as a local copy to speed up lookups. .B zonefile: \fI<filename> The filename where the zone is stored. If not given then no zonefile is used. If the file does not exist or is empty, unbound will attempt to fetch zone -data (eg. from the master servers). +data (eg. from the primary servers). .SS "View Options" .LP There may be multiple @@ -1951,14 +1983,16 @@ The ECS module must be configured in the \fBmodule\-config:\fR "subnetcache validator iterator" directive and be compiled into the daemon to be enabled. These settings go in the \fBserver:\fR section. .LP -If the destination address is whitelisted with Unbound will add the EDNS0 -option to the query containing the relevant part of the client's address. When -an answer contains the ECS option the response and the option are placed in a -specialized cache. If the authority indicated no support, the response is +If the destination address is allowed in the configuration Unbound will add the +EDNS0 option to the query containing the relevant part of the client's address. +When an answer contains the ECS option the response and the option are placed in +a specialized cache. If the authority indicated no support, the response is stored in the regular cache. .LP Additionally, when a client includes the option in its queries, Unbound will -forward the option to the authority if present in the whitelist, or +forward the option when sending the query to addresses that are explicitly +allowed in the configuration using \fBsend\-client\-subnet\fR. The option will +always be forwarded, regardless the allowed addresses, if \fBclient\-subnet\-always\-forward\fR is set to yes. In this case the lookup in the regular cache is skipped. .LP @@ -1979,11 +2013,11 @@ given multiple times. Zones not listed will not receive edns-subnet information, unless hosted by authority specified in \fBsend\-client\-subnet\fR. .TP .B client\-subnet\-always\-forward: \fI<yes or no>\fR -Specify whether the ECS whitelist check (configured using +Specify whether the ECS address check (configured using \fBsend\-client\-subnet\fR) is applied for all queries, even if the triggering query contains an ECS record, or only for queries for which the ECS record is generated using the querier address (and therefore did not contain ECS data in -the client query). If enabled, the whitelist check is skipped when the client +the client query). If enabled, the address check is skipped when the client query contains an ECS record. Default is no. .TP .B max\-client\-subnet\-ipv6: \fI<number>\fR @@ -2073,10 +2107,13 @@ to yes, the hook will be called and the A/AAAA answer will be returned to the client. If set to no, the hook will not be called and the answer to the A/AAAA query will be SERVFAIL. Mainly used for testing. Defaults to no. .TP -.B ipsecmod\-whitelist: \fI<domain>\fR -Whitelist the domain so that the module logic will be executed. Can -be given multiple times, for different domains. If the option is not -specified, all domains are treated as being whitelisted (default). +.B ipsecmod\-allow: \fI<domain>\fR +Allow the ipsecmod functionality for the domain so that the module logic will be +executed. Can be given multiple times, for different domains. If the option is +not specified, all domains are treated as being allowed (default). +.TP +.B ipsecmod\-whitelist: \fI<yes or no> +Alternate syntax for \fBipsecmod\-allow\fR. .SS "Cache DB Module Options" .LP The Cache DB module must be configured in the \fBmodule\-config:\fR @@ -2110,7 +2147,7 @@ even if some data have expired in terms of DNS TTL or the Redis server has cached too much data; if necessary the Redis server must be configured to limit the cache size, preferably with some kind of least-recently-used eviction policy. -Additionaly, the \fBredis\-expire\-records\fR option can be used in order to +Additionally, the \fBredis\-expire\-records\fR option can be used in order to set the relative DNS TTL of the message as timeout to the Redis records; keep in mind that some additional memory is used per key and that the expire information is stored as absolute Unix timestamps in Redis (computer time must @@ -2273,33 +2310,36 @@ are applied after .B name: \fI<zone name> Name of the authority zone. .TP -.B master: \fI<IP address or host name> +.B primary: \fI<IP address or host name> Where to download a copy of the zone from, with AXFR and IXFR. Multiple -masters can be specified. They are all tried if one fails. +primaries can be specified. They are all tried if one fails. +.TP +.B master: \fI<IP address or host name> +Alternate syntax for \fBprimary\fR. .TP .B url: \fI<url to zonefile> Where to download a zonefile for the zone. With http or https. An example for the url is "http://www.example.com/example.org.zone". Multiple url statements can be given, they are tried in turn. If only urls are given the SOA refresh timer is used to wait for making new downloads. If also -masters are listed, the masters are first probed with UDP SOA queries to +primaries are listed, the primaries are first probed with UDP SOA queries to see if the SOA serial number has changed, reducing the number of downloads. -If none of the urls work, the masters are tried with IXFR and AXFR. +If none of the urls work, the primaries are tried with IXFR and AXFR. For https, the \fBtls\-cert\-bundle\fR and the hostname from the url are used to authenticate the connection. .TP .B allow\-notify: \fI<IP address or host name or netblockIP/prefix> With allow\-notify you can specify additional sources of notifies. When notified, the server attempts to first probe and then zone transfer. -If the notify is from a master, it first attempts that master. Otherwise -other masters are attempted. If there are no masters, but only urls, the -file is downloaded when notified. The masters from master: statements are +If the notify is from a primary, it first attempts that primary. Otherwise +other primaries are attempted. If there are no primaries, but only urls, the +file is downloaded when notified. The primaries from primary: statements are allowed notify by default. .TP .B zonefile: \fI<filename> The filename where the zone is stored. If not given then no zonefile is used. If the file does not exist or is empty, unbound will attempt to fetch zone -data (eg. from the master servers). +data (eg. from the primary servers). .TP .B rpz\-action\-override: \fI<action> Always use this RPZ action for matching triggers from this zone. Possible action diff --git a/dynlibmod/dynlibmod.c b/dynlibmod/dynlibmod.c index f9751d8c6f73..3bf9d1acb0b8 100644 --- a/dynlibmod/dynlibmod.c +++ b/dynlibmod/dynlibmod.c @@ -242,6 +242,10 @@ int inplace_cb_register_wrapped(void* cb, enum inplace_cb_list_type type, void* cbarg, struct module_env* env, int id) { struct cb_pair* cb_pair = malloc(sizeof(struct cb_pair)); + if(cb_pair == NULL) { + log_err("dynlibmod[%d]: malloc failure", id); + return 0; + } cb_pair->cb = cb; cb_pair->cb_arg = cbarg; if(type >= inplace_cb_reply && type <= inplace_cb_reply_servfail) { @@ -253,6 +257,7 @@ inplace_cb_register_wrapped(void* cb, enum inplace_cb_list_type type, void* cbar } else if(type == inplace_cb_edns_back_parsed) { return inplace_cb_register(&dynlib_inplace_cb_edns_back_parsed, type, (void*) cb_pair, env, id); } else { + free(cb_pair); return 0; } } diff --git a/iterator/iterator.c b/iterator/iterator.c index 23b07ea9095b..99d020117842 100644 --- a/iterator/iterator.c +++ b/iterator/iterator.c @@ -3191,7 +3191,7 @@ processPrimeResponse(struct module_qstate* qstate, int id) /* validate the root or stub after priming (if enabled). * This is the same query as the prime query, but with validation. * Now that we are primed, the additional queries that validation - * may need can be resolved, such as DLV. */ + * may need can be resolved. */ if(qstate->env->cfg->harden_referral_path) { struct module_qstate* subq = NULL; log_nametypeclass(VERB_ALGO, "schedule prime validation", diff --git a/libunbound/context.c b/libunbound/context.c index 6d62e32b50fd..713259c718ce 100644 --- a/libunbound/context.c +++ b/libunbound/context.c @@ -50,6 +50,7 @@ #include "services/authzone.h" #include "util/data/msgreply.h" #include "util/storage/slabhash.h" +#include "util/edns.h" #include "sldns/sbuffer.h" int @@ -79,6 +80,8 @@ context_finalize(struct ub_ctx* ctx) return UB_INITFAIL; if(!auth_zones_apply_cfg(ctx->env->auth_zones, cfg, 1, &is_rpz)) return UB_INITFAIL; + if(!edns_tags_apply_cfg(ctx->env->edns_tags, cfg)) + return UB_INITFAIL; if(!slabhash_is_size(ctx->env->msg_cache, cfg->msg_cache_size, cfg->msg_cache_slabs)) { slabhash_delete(ctx->env->msg_cache); diff --git a/libunbound/libunbound.c b/libunbound/libunbound.c index 3b30419b315e..3922eb0417f8 100644 --- a/libunbound/libunbound.c +++ b/libunbound/libunbound.c @@ -58,6 +58,7 @@ #include "util/net_help.h" #include "util/tube.h" #include "util/ub_event.h" +#include "util/edns.h" #include "services/modstack.h" #include "services/localzone.h" #include "services/cache/infra.h" @@ -153,6 +154,18 @@ static struct ub_ctx* ub_ctx_create_nopipe(void) errno = ENOMEM; return NULL; } + ctx->env->edns_tags = edns_tags_create(); + if(!ctx->env->edns_tags) { + auth_zones_delete(ctx->env->auth_zones); + edns_known_options_delete(ctx->env); + config_delete(ctx->env->cfg); + free(ctx->env); + ub_randfree(ctx->seed_rnd); + free(ctx); + errno = ENOMEM; + return NULL; + } + ctx->env->alloc = &ctx->superalloc; ctx->env->worker = NULL; ctx->env->need_to_validate = 0; @@ -173,6 +186,7 @@ ub_ctx_create(void) config_delete(ctx->env->cfg); modstack_desetup(&ctx->mods, ctx->env); edns_known_options_delete(ctx->env); + edns_tags_delete(ctx->env->edns_tags); free(ctx->env); free(ctx); errno = e; @@ -185,6 +199,7 @@ ub_ctx_create(void) config_delete(ctx->env->cfg); modstack_desetup(&ctx->mods, ctx->env); edns_known_options_delete(ctx->env); + edns_tags_delete(ctx->env->edns_tags); free(ctx->env); free(ctx); errno = e; @@ -323,6 +338,7 @@ ub_ctx_delete(struct ub_ctx* ctx) infra_delete(ctx->env->infra_cache); config_delete(ctx->env->cfg); edns_known_options_delete(ctx->env); + edns_tags_delete(ctx->env->edns_tags); auth_zones_delete(ctx->env->auth_zones); free(ctx->env); } diff --git a/libunbound/libworker.c b/libunbound/libworker.c index 44b8d790561f..bd42462e1be6 100644 --- a/libunbound/libworker.c +++ b/libunbound/libworker.c @@ -78,7 +78,7 @@ #include <TargetConditionals.h> #endif -#if defined(TARGET_OS_TV) || defined(TARGET_OS_WATCH) +#if (defined(TARGET_OS_TV) && TARGET_OS_TV) || (defined(TARGET_OS_WATCH) && TARGET_OS_WATCH) #undef HAVE_FORK #endif diff --git a/libunbound/unbound.h b/libunbound/unbound.h index b53426c76d54..945c17a8fb5b 100644 --- a/libunbound/unbound.h +++ b/libunbound/unbound.h @@ -697,6 +697,8 @@ struct ub_server_stats { long long qtcp_outgoing; /** number of queries over (DNS over) TLS */ long long qtls; + /** number of queries over (DNS over) HTTPS */ + long long qhttps; /** number of queries over IPv6 */ long long qipv6; /** number of queries with QR bit */ @@ -787,6 +789,10 @@ struct ub_server_stats { long long num_query_subnet_cache; /** number of bytes in the stream wait buffers */ long long mem_stream_wait; + /** number of bytes in the HTTP2 query buffers */ + long long mem_http2_query_buffer; + /** number of bytes in the HTTP2 response buffers */ + long long mem_http2_response_buffer; /** number of TLS connection resume */ long long qtls_resume; /** RPZ action stats */ diff --git a/pythonmod/doc/modules/config.rst b/pythonmod/doc/modules/config.rst index 43333bdaeaa7..89afbef8ac2c 100644 --- a/pythonmod/doc/modules/config.rst +++ b/pythonmod/doc/modules/config.rst @@ -256,14 +256,6 @@ config_file Files with trusted DNSKEYs in named.conf format, list. - .. attribute:: dlv_anchor_file - - DLV anchor file. - - .. attribute:: dlv_anchor_list - - DLV anchor inline. - .. attribute:: max_ttl The number of seconds maximal TTL used for RRsets and messages. diff --git a/pythonmod/examples/avahi-resolver.py b/pythonmod/examples/avahi-resolver.py index b1d4e36fc887..497e1e74f69a 100644 --- a/pythonmod/examples/avahi-resolver.py +++ b/pythonmod/examples/avahi-resolver.py @@ -59,6 +59,8 @@ # | num-threads: 32 # | cache-max-negative-ttl: 60 # | cache-max-ttl: 60 +# | python: +# | python-script: path/to/this/file # # # The plugin can also be run interactively. Provide the name and diff --git a/pythonmod/interface.i b/pythonmod/interface.i index c02ebaf951d0..71f2bf774d0f 100644 --- a/pythonmod/interface.i +++ b/pythonmod/interface.i @@ -314,16 +314,16 @@ struct packed_rrset_data { class RRSetData_RRLen: def __init__(self, obj): self.obj = obj def __getitem__(self, index): return _unboundmodule._get_data_rr_len(self.obj, index) - def __len__(self): return obj.count + obj.rrsig_count + def __len__(self): return self.obj.count + self.obj.rrsig_count class RRSetData_RRTTL: def __init__(self, obj): self.obj = obj def __getitem__(self, index): return _unboundmodule._get_data_rr_ttl(self.obj, index) def __setitem__(self, index, value): _unboundmodule._set_data_rr_ttl(self.obj, index, value) - def __len__(self): return obj.count + obj.rrsig_count + def __len__(self): return self.obj.count + self.obj.rrsig_count class RRSetData_RRData: def __init__(self, obj): self.obj = obj def __getitem__(self, index): return _unboundmodule._get_data_rr_data(self.obj, index) - def __len__(self): return obj.count + obj.rrsig_count + def __len__(self): return self.obj.count + self.obj.rrsig_count %} %inline %{ @@ -404,12 +404,12 @@ struct dns_msg { class ReplyInfo_RRSet: def __init__(self, obj): self.obj = obj def __getitem__(self, index): return _unboundmodule._rrset_rrsets_get(self.obj, index) - def __len__(self): return obj.rrset_count + def __len__(self): return self.obj.rrset_count class ReplyInfo_Ref: def __init__(self, obj): self.obj = obj def __getitem__(self, index): return _unboundmodule._rrset_ref_get(self.obj, index) - def __len__(self): return obj.rrset_count + def __len__(self): return self.obj.rrset_count %} %inline %{ @@ -992,8 +992,6 @@ struct config_file { struct config_strlist* trust_anchor_file_list; struct config_strlist* trust_anchor_list; struct config_strlist* trusted_keys_file_list; - char* dlv_anchor_file; - struct config_strlist* dlv_anchor_list; int max_ttl; int32_t val_date_override; int bogus_ttl; diff --git a/services/cache/dns.c b/services/cache/dns.c index 7b6e142c9915..f3149b614b54 100644 --- a/services/cache/dns.c +++ b/services/cache/dns.c @@ -890,9 +890,8 @@ dns_cache_lookup(struct module_env* env, lock_rw_unlock(&rrset->entry.lock); } - /* construct DS, DNSKEY, DLV messages from rrset cache. */ - if((qtype == LDNS_RR_TYPE_DS || qtype == LDNS_RR_TYPE_DNSKEY || - qtype == LDNS_RR_TYPE_DLV) && + /* construct DS, DNSKEY messages from rrset cache. */ + if((qtype == LDNS_RR_TYPE_DS || qtype == LDNS_RR_TYPE_DNSKEY) && (rrset=rrset_cache_lookup(env->rrset_cache, qname, qnamelen, qtype, qclass, 0, now, 0))) { /* if the rrset is from the additional section, and the diff --git a/services/listen_dnsport.c b/services/listen_dnsport.c index cc56d3fd3167..3a98c264297a 100644 --- a/services/listen_dnsport.c +++ b/services/listen_dnsport.c @@ -53,6 +53,7 @@ #include "util/config_file.h" #include "util/net_help.h" #include "sldns/sbuffer.h" +#include "sldns/parseutil.h" #include "services/mesh.h" #include "util/fptr_wlist.h" #include "util/locks.h" @@ -70,6 +71,13 @@ #include <systemd/sd-daemon.h> #endif +#ifdef HAVE_IFADDRS_H +#include <ifaddrs.h> +#endif +#ifdef HAVE_NET_IF_H +#include <net/if.h> +#endif + /** number of queued TCP connections for listen() */ #define TCP_BACKLOG 256 @@ -79,11 +87,23 @@ #ifndef THREADS_DISABLED /** lock on the counter of stream buffer memory */ static lock_basic_type stream_wait_count_lock; +/** lock on the counter of HTTP2 query buffer memory */ +static lock_basic_type http2_query_buffer_count_lock; +/** lock on the counter of HTTP2 response buffer memory */ +static lock_basic_type http2_response_buffer_count_lock; #endif /** size (in bytes) of stream wait buffers */ static size_t stream_wait_count = 0; /** is the lock initialised for stream wait buffers */ static int stream_wait_lock_inited = 0; +/** size (in bytes) of HTTP2 query buffers */ +static size_t http2_query_buffer_count = 0; +/** is the lock initialised for HTTP2 query buffers */ +static int http2_query_buffer_lock_inited = 0; +/** size (in bytes) of HTTP2 response buffers */ +static size_t http2_response_buffer_count = 0; +/** is the lock initialised for HTTP2 response buffers */ +static int http2_response_buffer_lock_inited = 0; /** * Debug print of the getaddrinfo returned address. @@ -221,16 +241,14 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, *noproto = 1; return -1; } - log_err("can't create socket: %s", strerror(errno)); #else if(WSAGetLastError() == WSAEAFNOSUPPORT || WSAGetLastError() == WSAEPROTONOSUPPORT) { *noproto = 1; return -1; } - log_err("can't create socket: %s", - wsa_strerror(WSAGetLastError())); #endif + log_err("can't create socket: %s", sock_strerror(errno)); *noproto = 0; return -1; } @@ -243,9 +261,9 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, #ifdef SO_REUSEADDR if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void*)&on, (socklen_t)sizeof(on)) < 0) { -#ifndef USE_WINSOCK log_err("setsockopt(.. SO_REUSEADDR ..) failed: %s", - strerror(errno)); + sock_strerror(errno)); +#ifndef USE_WINSOCK if(errno != ENOSYS) { close(s); *noproto = 0; @@ -253,8 +271,6 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, return -1; } #else - log_err("setsockopt(.. SO_REUSEADDR ..) failed: %s", - wsa_strerror(WSAGetLastError())); closesocket(s); *noproto = 0; *inuse = 0; @@ -346,16 +362,9 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, if(setsockopt(s, SOL_SOCKET, SO_RCVBUFFORCE, (void*)&rcv, (socklen_t)sizeof(rcv)) < 0) { if(errno != EPERM) { -# ifndef USE_WINSOCK - log_err("setsockopt(..., SO_RCVBUFFORCE, " - "...) failed: %s", strerror(errno)); - close(s); -# else log_err("setsockopt(..., SO_RCVBUFFORCE, " - "...) failed: %s", - wsa_strerror(WSAGetLastError())); - closesocket(s); -# endif + "...) failed: %s", sock_strerror(errno)); + sock_close(s); *noproto = 0; *inuse = 0; return -1; @@ -363,16 +372,9 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, # endif /* SO_RCVBUFFORCE */ if(setsockopt(s, SOL_SOCKET, SO_RCVBUF, (void*)&rcv, (socklen_t)sizeof(rcv)) < 0) { -# ifndef USE_WINSOCK log_err("setsockopt(..., SO_RCVBUF, " - "...) failed: %s", strerror(errno)); - close(s); -# else - log_err("setsockopt(..., SO_RCVBUF, " - "...) failed: %s", - wsa_strerror(WSAGetLastError())); - closesocket(s); -# endif + "...) failed: %s", sock_strerror(errno)); + sock_close(s); *noproto = 0; *inuse = 0; return -1; @@ -405,16 +407,9 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, if(setsockopt(s, SOL_SOCKET, SO_SNDBUFFORCE, (void*)&snd, (socklen_t)sizeof(snd)) < 0) { if(errno != EPERM) { -# ifndef USE_WINSOCK log_err("setsockopt(..., SO_SNDBUFFORCE, " - "...) failed: %s", strerror(errno)); - close(s); -# else - log_err("setsockopt(..., SO_SNDBUFFORCE, " - "...) failed: %s", - wsa_strerror(WSAGetLastError())); - closesocket(s); -# endif + "...) failed: %s", sock_strerror(errno)); + sock_close(s); *noproto = 0; *inuse = 0; return -1; @@ -422,16 +417,9 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, # endif /* SO_SNDBUFFORCE */ if(setsockopt(s, SOL_SOCKET, SO_SNDBUF, (void*)&snd, (socklen_t)sizeof(snd)) < 0) { -# ifndef USE_WINSOCK - log_err("setsockopt(..., SO_SNDBUF, " - "...) failed: %s", strerror(errno)); - close(s); -# else log_err("setsockopt(..., SO_SNDBUF, " - "...) failed: %s", - wsa_strerror(WSAGetLastError())); - closesocket(s); -# endif + "...) failed: %s", sock_strerror(errno)); + sock_close(s); *noproto = 0; *inuse = 0; return -1; @@ -461,16 +449,9 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, int val=(v6only==2)?0:1; if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, (void*)&val, (socklen_t)sizeof(val)) < 0) { -#ifndef USE_WINSOCK log_err("setsockopt(..., IPV6_V6ONLY" - ", ...) failed: %s", strerror(errno)); - close(s); -#else - log_err("setsockopt(..., IPV6_V6ONLY" - ", ...) failed: %s", - wsa_strerror(WSAGetLastError())); - closesocket(s); -#endif + ", ...) failed: %s", sock_strerror(errno)); + sock_close(s); *noproto = 0; *inuse = 0; return -1; @@ -488,16 +469,9 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, */ if (setsockopt(s, IPPROTO_IPV6, IPV6_USE_MIN_MTU, (void*)&on, (socklen_t)sizeof(on)) < 0) { -# ifndef USE_WINSOCK - log_err("setsockopt(..., IPV6_USE_MIN_MTU, " - "...) failed: %s", strerror(errno)); - close(s); -# else log_err("setsockopt(..., IPV6_USE_MIN_MTU, " - "...) failed: %s", - wsa_strerror(WSAGetLastError())); - closesocket(s); -# endif + "...) failed: %s", sock_strerror(errno)); + sock_close(s); *noproto = 0; *inuse = 0; return -1; @@ -510,15 +484,9 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, */ if (setsockopt(s, IPPROTO_IPV6, IPV6_MTU, (void*)&mtu, (socklen_t)sizeof(mtu)) < 0) { -# ifndef USE_WINSOCK - log_err("setsockopt(..., IPV6_MTU, ...) failed: %s", - strerror(errno)); - close(s); -# else log_err("setsockopt(..., IPV6_MTU, ...) failed: %s", - wsa_strerror(WSAGetLastError())); - closesocket(s); -# endif + sock_strerror(errno)); + sock_close(s); *noproto = 0; *inuse = 0; return -1; @@ -542,12 +510,7 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, if (errno != EINVAL) { log_err("setsockopt(..., IP_MTU_DISCOVER, IP_PMTUDISC_OMIT...) failed: %s", strerror(errno)); - -# ifndef USE_WINSOCK - close(s); -# else - closesocket(s); -# endif + sock_close(s); *noproto = 0; *inuse = 0; return -1; @@ -564,11 +527,7 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, &action, (socklen_t)sizeof(action)) < 0) { log_err("setsockopt(..., IP_MTU_DISCOVER, IP_PMTUDISC_DONT...) failed: %s", strerror(errno)); -# ifndef USE_WINSOCK - close(s); -# else - closesocket(s); -# endif + sock_close(s); *noproto = 0; *inuse = 0; return -1; @@ -580,11 +539,7 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, &off, (socklen_t)sizeof(off)) < 0) { log_err("setsockopt(..., IP_DONTFRAG, ...) failed: %s", strerror(errno)); -# ifndef USE_WINSOCK - close(s); -# else - closesocket(s); -# endif + sock_close(s); *noproto = 0; *inuse = 0; return -1; @@ -614,7 +569,6 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, (struct sockaddr_storage*)addr, addrlen); } #endif /* EADDRINUSE */ - close(s); #else /* USE_WINSOCK */ if(WSAGetLastError() != WSAEADDRINUSE && WSAGetLastError() != WSAEADDRNOTAVAIL && @@ -623,18 +577,14 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, wsa_strerror(WSAGetLastError()), (struct sockaddr_storage*)addr, addrlen); } - closesocket(s); #endif /* USE_WINSOCK */ + sock_close(s); return -1; } if(!fd_set_nonblock(s)) { *noproto = 0; *inuse = 0; -#ifndef USE_WINSOCK - close(s); -#else - closesocket(s); -#endif + sock_close(s); return -1; } return s; @@ -642,7 +592,8 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, int create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto, - int* reuseport, int transparent, int mss, int freebind, int use_systemd, int dscp) + int* reuseport, int transparent, int mss, int nodelay, int freebind, + int use_systemd, int dscp) { int s; char* err; @@ -678,29 +629,38 @@ create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto, *noproto = 1; return -1; } - log_err("can't create socket: %s", strerror(errno)); #else if(WSAGetLastError() == WSAEAFNOSUPPORT || WSAGetLastError() == WSAEPROTONOSUPPORT) { *noproto = 1; return -1; } - log_err("can't create socket: %s", - wsa_strerror(WSAGetLastError())); #endif + log_err("can't create socket: %s", sock_strerror(errno)); return -1; } - if (mss > 0) { -#if defined(IPPROTO_TCP) && defined(TCP_MAXSEG) - if(setsockopt(s, IPPROTO_TCP, TCP_MAXSEG, (void*)&mss, - (socklen_t)sizeof(mss)) < 0) { + if(nodelay) { +#if defined(IPPROTO_TCP) && defined(TCP_NODELAY) + if(setsockopt(s, IPPROTO_TCP, TCP_NODELAY, (void*)&on, + (socklen_t)sizeof(on)) < 0) { #ifndef USE_WINSOCK - log_err(" setsockopt(.. TCP_MAXSEG ..) failed: %s", + log_err(" setsockopt(.. TCP_NODELAY ..) failed: %s", strerror(errno)); #else - log_err(" setsockopt(.. TCP_MAXSEG ..) failed: %s", + log_err(" setsockopt(.. TCP_NODELAY ..) failed: %s", wsa_strerror(WSAGetLastError())); #endif + } +#else + log_warn(" setsockopt(TCP_NODELAY) unsupported"); +#endif /* defined(IPPROTO_TCP) && defined(TCP_NODELAY) */ + } + if (mss > 0) { +#if defined(IPPROTO_TCP) && defined(TCP_MAXSEG) + if(setsockopt(s, IPPROTO_TCP, TCP_MAXSEG, (void*)&mss, + (socklen_t)sizeof(mss)) < 0) { + log_err(" setsockopt(.. TCP_MAXSEG ..) failed: %s", + sock_strerror(errno)); } else { verbose(VERB_ALGO, " tcp socket mss set to %d", mss); @@ -717,15 +677,9 @@ create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto, #ifdef SO_REUSEADDR if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void*)&on, (socklen_t)sizeof(on)) < 0) { -#ifndef USE_WINSOCK log_err("setsockopt(.. SO_REUSEADDR ..) failed: %s", - strerror(errno)); - close(s); -#else - log_err("setsockopt(.. SO_REUSEADDR ..) failed: %s", - wsa_strerror(WSAGetLastError())); - closesocket(s); -#endif + sock_strerror(errno)); + sock_close(s); return -1; } #endif /* SO_REUSEADDR */ @@ -760,15 +714,9 @@ create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto, if(addr->ai_family == AF_INET6 && v6only) { if(setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, (void*)&on, (socklen_t)sizeof(on)) < 0) { -#ifndef USE_WINSOCK log_err("setsockopt(..., IPV6_V6ONLY, ...) failed: %s", - strerror(errno)); - close(s); -#else - log_err("setsockopt(..., IPV6_V6ONLY, ...) failed: %s", - wsa_strerror(WSAGetLastError())); - closesocket(s); -#endif + sock_strerror(errno)); + sock_close(s); return -1; } } @@ -815,32 +763,22 @@ create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto, (struct sockaddr_storage*)addr->ai_addr, addr->ai_addrlen); } - close(s); #else log_err_addr("can't bind socket", wsa_strerror(WSAGetLastError()), (struct sockaddr_storage*)addr->ai_addr, addr->ai_addrlen); - closesocket(s); #endif + sock_close(s); return -1; } if(!fd_set_nonblock(s)) { -#ifndef USE_WINSOCK - close(s); -#else - closesocket(s); -#endif + sock_close(s); return -1; } if(listen(s, TCP_BACKLOG) == -1) { -#ifndef USE_WINSOCK - log_err("can't listen: %s", strerror(errno)); - close(s); -#else - log_err("can't listen: %s", wsa_strerror(WSAGetLastError())); - closesocket(s); -#endif + log_err("can't listen: %s", sock_strerror(errno)); + sock_close(s); return -1; } #ifdef USE_TCP_FASTOPEN @@ -895,34 +833,6 @@ set_ip_dscp(int socket, int addrfamily, int dscp) return NULL; } -# ifndef USE_WINSOCK -char* -sock_strerror(int errn) -{ - return strerror(errn); -} - -void -sock_close(int socket) -{ - close(socket); -} - -# else -char* -sock_strerror(int ATTR_UNUSED(errn)) -{ - return wsa_strerror(WSAGetLastError()); -} - -void -sock_close(int socket) -{ - closesocket(socket); -} - -# endif /* USE_WINSOCK */ - int create_local_accept_sock(const char *path, int* noproto, int use_systemd) { @@ -983,11 +893,7 @@ create_local_accept_sock(const char *path, int* noproto, int use_systemd) return s; err: -#ifndef USE_WINSOCK - close(s); -#else - closesocket(s); -#endif + sock_close(s); return -1; #ifdef HAVE_SYSTEMD @@ -1009,7 +915,8 @@ err: static int make_sock(int stype, const char* ifname, const char* port, struct addrinfo *hints, int v6only, int* noip6, size_t rcv, size_t snd, - int* reuseport, int transparent, int tcp_mss, int freebind, int use_systemd, int dscp) + int* reuseport, int transparent, int tcp_mss, int nodelay, int freebind, + int use_systemd, int dscp) { struct addrinfo *res = NULL; int r, s, inuse, noproto; @@ -1045,7 +952,8 @@ make_sock(int stype, const char* ifname, const char* port, } } else { s = create_tcp_accept_sock(res, v6only, &noproto, reuseport, - transparent, tcp_mss, freebind, use_systemd, dscp); + transparent, tcp_mss, nodelay, freebind, use_systemd, + dscp); if(s == -1 && noproto && hints->ai_family == AF_INET6){ *noip6 = 1; } @@ -1058,7 +966,8 @@ make_sock(int stype, const char* ifname, const char* port, static int make_sock_port(int stype, const char* ifname, const char* port, struct addrinfo *hints, int v6only, int* noip6, size_t rcv, size_t snd, - int* reuseport, int transparent, int tcp_mss, int freebind, int use_systemd, int dscp) + int* reuseport, int transparent, int tcp_mss, int nodelay, int freebind, + int use_systemd, int dscp) { char* s = strchr(ifname, '@'); if(s) { @@ -1079,11 +988,13 @@ make_sock_port(int stype, const char* ifname, const char* port, newif[s-ifname] = 0; (void)strlcpy(p, s+1, sizeof(p)); p[strlen(s+1)]=0; - return make_sock(stype, newif, p, hints, v6only, noip6, - rcv, snd, reuseport, transparent, tcp_mss, freebind, use_systemd, dscp); + return make_sock(stype, newif, p, hints, v6only, noip6, rcv, + snd, reuseport, transparent, tcp_mss, nodelay, freebind, + use_systemd, dscp); } return make_sock(stype, ifname, port, hints, v6only, noip6, rcv, snd, - reuseport, transparent, tcp_mss, freebind, use_systemd, dscp); + reuseport, transparent, tcp_mss, nodelay, freebind, use_systemd, + dscp); } /** @@ -1182,6 +1093,18 @@ if_is_ssl(const char* ifname, const char* port, int ssl_port, return 0; } +/** see if interface is https, its port number == the https port number */ +static int +if_is_https(const char* ifname, const char* port, int https_port) +{ + char* p = strchr(ifname, '@'); + if(!p && atoi(port) == https_port) + return 1; + if(p && atoi(p+1) == https_port) + return 1; + return 0; +} + /** * Helper for ports_open. Creates one interface (or NULL for default). * @param ifname: The interface ip address. @@ -1196,11 +1119,13 @@ if_is_ssl(const char* ifname, const char* port, int ssl_port, * @param snd: send buffer size for UDP * @param ssl_port: ssl service port number * @param tls_additional_port: list of additional ssl service port numbers. + * @param https_port: DoH service port number * @param reuseport: try to set SO_REUSEPORT if nonNULL and true. * set to false on exit if reuseport failed due to no kernel support. * @param transparent: set IP_TRANSPARENT socket option. * @param tcp_mss: maximum segment size of tcp socket. default if zero. * @param freebind: set IP_FREEBIND socket option. + * @param http2_nodelay: set TCP_NODELAY on HTTP/2 connection * @param use_systemd: if true, fetch sockets from systemd. * @param dnscrypt_port: dnscrypt service port number * @param dscp: DSCP to use. @@ -1210,11 +1135,13 @@ static int ports_create_if(const char* ifname, int do_auto, int do_udp, int do_tcp, struct addrinfo *hints, const char* port, struct listen_port** list, size_t rcv, size_t snd, int ssl_port, - struct config_strlist* tls_additional_port, int* reuseport, - int transparent, int tcp_mss, int freebind, int use_systemd, - int dnscrypt_port, int dscp) + struct config_strlist* tls_additional_port, int https_port, + int* reuseport, int transparent, int tcp_mss, int freebind, + int http2_nodelay, int use_systemd, int dnscrypt_port, int dscp) { int s, noip6=0; + int is_https = if_is_https(ifname, port, https_port); + int nodelay = is_https && http2_nodelay; #ifdef USE_DNSCRYPT int is_dnscrypt = ((strchr(ifname, '@') && atoi(strchr(ifname, '@')+1) == dnscrypt_port) || @@ -1229,7 +1156,7 @@ ports_create_if(const char* ifname, int do_auto, int do_udp, int do_tcp, if(do_auto) { if((s = make_sock_port(SOCK_DGRAM, ifname, port, hints, 1, &noip6, rcv, snd, reuseport, transparent, - tcp_mss, freebind, use_systemd, dscp)) == -1) { + tcp_mss, nodelay, freebind, use_systemd, dscp)) == -1) { if(noip6) { log_warn("IPv6 protocol not available"); return 1; @@ -1238,27 +1165,19 @@ ports_create_if(const char* ifname, int do_auto, int do_udp, int do_tcp, } /* getting source addr packet info is highly non-portable */ if(!set_recvpktinfo(s, hints->ai_family)) { -#ifndef USE_WINSOCK - close(s); -#else - closesocket(s); -#endif + sock_close(s); return 0; } if(!port_insert(list, s, is_dnscrypt?listen_type_udpancil_dnscrypt:listen_type_udpancil)) { -#ifndef USE_WINSOCK - close(s); -#else - closesocket(s); -#endif + sock_close(s); return 0; } } else if(do_udp) { /* regular udp socket */ if((s = make_sock_port(SOCK_DGRAM, ifname, port, hints, 1, &noip6, rcv, snd, reuseport, transparent, - tcp_mss, freebind, use_systemd, dscp)) == -1) { + tcp_mss, nodelay, freebind, use_systemd, dscp)) == -1) { if(noip6) { log_warn("IPv6 protocol not available"); return 1; @@ -1267,19 +1186,24 @@ ports_create_if(const char* ifname, int do_auto, int do_udp, int do_tcp, } if(!port_insert(list, s, is_dnscrypt?listen_type_udp_dnscrypt:listen_type_udp)) { -#ifndef USE_WINSOCK - close(s); -#else - closesocket(s); -#endif + sock_close(s); return 0; } } if(do_tcp) { int is_ssl = if_is_ssl(ifname, port, ssl_port, tls_additional_port); + enum listen_type port_type; + if(is_ssl) + port_type = listen_type_ssl; + else if(is_https) + port_type = listen_type_http; + else if(is_dnscrypt) + port_type = listen_type_tcp_dnscrypt; + else + port_type = listen_type_tcp; if((s = make_sock_port(SOCK_STREAM, ifname, port, hints, 1, - &noip6, 0, 0, reuseport, transparent, tcp_mss, + &noip6, 0, 0, reuseport, transparent, tcp_mss, nodelay, freebind, use_systemd, dscp)) == -1) { if(noip6) { /*log_warn("IPv6 protocol not available");*/ @@ -1289,13 +1213,8 @@ ports_create_if(const char* ifname, int do_auto, int do_udp, int do_tcp, } if(is_ssl) verbose(VERB_ALGO, "setup TCP for SSL service"); - if(!port_insert(list, s, is_ssl?listen_type_ssl: - (is_dnscrypt?listen_type_tcp_dnscrypt:listen_type_tcp))) { -#ifndef USE_WINSOCK - close(s); -#else - closesocket(s); -#endif + if(!port_insert(list, s, port_type)) { + sock_close(s); return 0; } } @@ -1324,7 +1243,8 @@ listen_cp_insert(struct comm_point* c, struct listen_dnsport* front) struct listen_dnsport* listen_create(struct comm_base* base, struct listen_port* ports, size_t bufsize, int tcp_accept_count, int tcp_idle_timeout, - struct tcl_list* tcp_conn_limit, void* sslctx, + int harden_large_queries, uint32_t http_max_streams, + char* http_endpoint, struct tcl_list* tcp_conn_limit, void* sslctx, struct dt_env* dtenv, comm_point_callback_type* cb, void *cb_arg) { struct listen_dnsport* front = (struct listen_dnsport*) @@ -1344,6 +1264,14 @@ listen_create(struct comm_base* base, struct listen_port* ports, lock_basic_init(&stream_wait_count_lock); stream_wait_lock_inited = 1; } + if(!http2_query_buffer_lock_inited) { + lock_basic_init(&http2_query_buffer_count_lock); + http2_query_buffer_lock_inited = 1; + } + if(!http2_response_buffer_lock_inited) { + lock_basic_init(&http2_response_buffer_count_lock); + http2_response_buffer_lock_inited = 1; + } /* create comm points as needed */ while(ports) { @@ -1356,14 +1284,36 @@ listen_create(struct comm_base* base, struct listen_port* ports, ports->ftype == listen_type_tcp_dnscrypt) cp = comm_point_create_tcp(base, ports->fd, tcp_accept_count, tcp_idle_timeout, + harden_large_queries, 0, NULL, tcp_conn_limit, bufsize, front->udp_buff, - cb, cb_arg); - else if(ports->ftype == listen_type_ssl) { + ports->ftype, cb, cb_arg); + else if(ports->ftype == listen_type_ssl || + ports->ftype == listen_type_http) { cp = comm_point_create_tcp(base, ports->fd, tcp_accept_count, tcp_idle_timeout, + harden_large_queries, + http_max_streams, http_endpoint, tcp_conn_limit, bufsize, front->udp_buff, - cb, cb_arg); + ports->ftype, cb, cb_arg); cp->ssl = sslctx; + if(ports->ftype == listen_type_http) { + if(!sslctx) { + log_warn("HTTPS port configured, but no TLS " + "tls-service-key or tls-service-pem " + "set"); + } +#ifndef HAVE_SSL_CTX_SET_ALPN_SELECT_CB + log_warn("Unbound is not compiled with an " + "OpenSSL version supporting ALPN " + " (OpenSSL >= 1.0.2). This is required " + "to use DNS-over-HTTPS"); +#endif +#ifndef HAVE_NGHTTP2_NGHTTP2_H + log_warn("Unbound is not compiled with " + "nghttp2. This is required to use " + "DNS-over-HTTPS."); +#endif + } } else if(ports->ftype == listen_type_udpancil || ports->ftype == listen_type_udpancil_dnscrypt) cp = comm_point_create_udp_ancil(base, ports->fd, @@ -1437,10 +1387,173 @@ listen_delete(struct listen_dnsport* front) stream_wait_lock_inited = 0; lock_basic_destroy(&stream_wait_count_lock); } + if(http2_query_buffer_lock_inited) { + http2_query_buffer_lock_inited = 0; + lock_basic_destroy(&http2_query_buffer_count_lock); + } + if(http2_response_buffer_lock_inited) { + http2_response_buffer_lock_inited = 0; + lock_basic_destroy(&http2_response_buffer_count_lock); + } +} + +#ifdef HAVE_GETIFADDRS +static int +resolve_ifa_name(struct ifaddrs *ifas, const char *search_ifa, char ***ip_addresses, int *ip_addresses_size) +{ + struct ifaddrs *ifa; + int last_ip_addresses_size = *ip_addresses_size; + + for(ifa = ifas; ifa != NULL; ifa = ifa->ifa_next) { + sa_family_t family; + const char* atsign; +#ifdef INET6 /* | address ip | % | ifa name | @ | port | nul */ + char addr_buf[INET6_ADDRSTRLEN + 1 + IF_NAMESIZE + 1 + 16 + 1]; +#else + char addr_buf[INET_ADDRSTRLEN + 1 + 16 + 1]; +#endif + + if((atsign=strrchr(search_ifa, '@')) != NULL) { + if(strlen(ifa->ifa_name) != (size_t)(atsign-search_ifa) + || strncmp(ifa->ifa_name, search_ifa, + atsign-search_ifa) != 0) + continue; + } else { + if(strcmp(ifa->ifa_name, search_ifa) != 0) + continue; + atsign = ""; + } + + if(ifa->ifa_addr == NULL) + continue; + + family = ifa->ifa_addr->sa_family; + if(family == AF_INET) { + char a4[INET_ADDRSTRLEN + 1]; + struct sockaddr_in *in4 = (struct sockaddr_in *) + ifa->ifa_addr; + if(!inet_ntop(family, &in4->sin_addr, a4, sizeof(a4))) { + log_err("inet_ntop failed"); + return 0; + } + snprintf(addr_buf, sizeof(addr_buf), "%s%s", + a4, atsign); + } +#ifdef INET6 + else if(family == AF_INET6) { + struct sockaddr_in6 *in6 = (struct sockaddr_in6 *) + ifa->ifa_addr; + char a6[INET6_ADDRSTRLEN + 1]; + char if_index_name[IF_NAMESIZE + 1]; + if_index_name[0] = 0; + if(!inet_ntop(family, &in6->sin6_addr, a6, sizeof(a6))) { + log_err("inet_ntop failed"); + return 0; + } + if_indextoname(in6->sin6_scope_id, + (char *)if_index_name); + if (strlen(if_index_name) != 0) { + snprintf(addr_buf, sizeof(addr_buf), + "%s%%%s%s", a6, if_index_name, atsign); + } else { + snprintf(addr_buf, sizeof(addr_buf), "%s%s", + a6, atsign); + } + } +#endif + else { + continue; + } + verbose(4, "interface %s has address %s", search_ifa, addr_buf); + + *ip_addresses = realloc(*ip_addresses, sizeof(char *) * (*ip_addresses_size + 1)); + if(!*ip_addresses) { + log_err("realloc failed: out of memory"); + return 0; + } + (*ip_addresses)[*ip_addresses_size] = strdup(addr_buf); + if(!(*ip_addresses)[*ip_addresses_size]) { + log_err("strdup failed: out of memory"); + return 0; + } + (*ip_addresses_size)++; + } + + if (*ip_addresses_size == last_ip_addresses_size) { + *ip_addresses = realloc(*ip_addresses, sizeof(char *) * (*ip_addresses_size + 1)); + if(!*ip_addresses) { + log_err("realloc failed: out of memory"); + return 0; + } + (*ip_addresses)[*ip_addresses_size] = strdup(search_ifa); + if(!(*ip_addresses)[*ip_addresses_size]) { + log_err("strdup failed: out of memory"); + return 0; + } + (*ip_addresses_size)++; + } + return 1; +} +#endif /* HAVE_GETIFADDRS */ + +int resolve_interface_names(struct config_file* cfg, char*** resif, + int* num_resif) +{ +#ifdef HAVE_GETIFADDRS + int i; + struct ifaddrs *addrs = NULL; + if(cfg->num_ifs == 0) { + *resif = NULL; + *num_resif = 0; + return 1; + } + if(getifaddrs(&addrs) == -1) { + log_err("failed to list interfaces: getifaddrs: %s", + strerror(errno)); + freeifaddrs(addrs); + return 0; + } + for(i=0; i<cfg->num_ifs; i++) { + if(!resolve_ifa_name(addrs, cfg->ifs[i], resif, num_resif)) { + freeifaddrs(addrs); + config_del_strarray(*resif, *num_resif); + *resif = NULL; + *num_resif = 0; + return 0; + } + } + freeifaddrs(addrs); + return 1; +#else + int i; + if(cfg->num_ifs == 0) { + *resif = NULL; + *num_resif = 0; + return 1; + } + *num_resif = cfg->num_ifs; + *resif = calloc(*num_resif, sizeof(**resif)); + if(!*resif) { + log_err("out of memory"); + return 0; + } + for(i=0; i<*num_resif; i++) { + (*resif)[i] = strdup(cfg->ifs[i]); + if(!((*resif)[i])) { + log_err("out of memory"); + config_del_strarray(*resif, *num_resif); + *resif = NULL; + *num_resif = 0; + return 0; + } + } + return 1; +#endif /* HAVE_GETIFADDRS */ } struct listen_port* -listening_ports_open(struct config_file* cfg, int* reuseport) +listening_ports_open(struct config_file* cfg, char** ifs, int num_ifs, + int* reuseport) { struct listen_port* list = NULL; struct addrinfo hints; @@ -1459,7 +1572,7 @@ listening_ports_open(struct config_file* cfg, int* reuseport) memset(&hints, 0, sizeof(hints)); hints.ai_flags = AI_PASSIVE; /* no name lookups on our listening ports */ - if(cfg->num_ifs > 0) + if(num_ifs > 0) hints.ai_flags |= AI_NUMERICHOST; hints.ai_family = AF_UNSPEC; #ifndef INET6 @@ -1469,7 +1582,7 @@ listening_ports_open(struct config_file* cfg, int* reuseport) return NULL; } /* create ip4 and ip6 ports so that return addresses are nice. */ - if(do_auto || cfg->num_ifs == 0) { + if(do_auto || num_ifs == 0) { if(do_ip6) { hints.ai_family = AF_INET6; if(!ports_create_if(do_auto?"::0":"::1", @@ -1477,8 +1590,9 @@ listening_ports_open(struct config_file* cfg, int* reuseport) &hints, portbuf, &list, cfg->so_rcvbuf, cfg->so_sndbuf, cfg->ssl_port, cfg->tls_additional_port, - reuseport, cfg->ip_transparent, - cfg->tcp_mss, cfg->ip_freebind, cfg->use_systemd, + cfg->https_port, reuseport, cfg->ip_transparent, + cfg->tcp_mss, cfg->ip_freebind, + cfg->http_nodelay, cfg->use_systemd, cfg->dnscrypt_port, cfg->ip_dscp)) { listening_ports_free(list); return NULL; @@ -1491,24 +1605,26 @@ listening_ports_open(struct config_file* cfg, int* reuseport) &hints, portbuf, &list, cfg->so_rcvbuf, cfg->so_sndbuf, cfg->ssl_port, cfg->tls_additional_port, - reuseport, cfg->ip_transparent, - cfg->tcp_mss, cfg->ip_freebind, cfg->use_systemd, + cfg->https_port, reuseport, cfg->ip_transparent, + cfg->tcp_mss, cfg->ip_freebind, + cfg->http_nodelay, cfg->use_systemd, cfg->dnscrypt_port, cfg->ip_dscp)) { listening_ports_free(list); return NULL; } } - } else for(i = 0; i<cfg->num_ifs; i++) { - if(str_is_ip6(cfg->ifs[i])) { + } else for(i = 0; i<num_ifs; i++) { + if(str_is_ip6(ifs[i])) { if(!do_ip6) continue; hints.ai_family = AF_INET6; - if(!ports_create_if(cfg->ifs[i], 0, cfg->do_udp, + if(!ports_create_if(ifs[i], 0, cfg->do_udp, do_tcp, &hints, portbuf, &list, cfg->so_rcvbuf, cfg->so_sndbuf, cfg->ssl_port, cfg->tls_additional_port, - reuseport, cfg->ip_transparent, - cfg->tcp_mss, cfg->ip_freebind, cfg->use_systemd, + cfg->https_port, reuseport, cfg->ip_transparent, + cfg->tcp_mss, cfg->ip_freebind, + cfg->http_nodelay, cfg->use_systemd, cfg->dnscrypt_port, cfg->ip_dscp)) { listening_ports_free(list); return NULL; @@ -1517,12 +1633,13 @@ listening_ports_open(struct config_file* cfg, int* reuseport) if(!do_ip4) continue; hints.ai_family = AF_INET; - if(!ports_create_if(cfg->ifs[i], 0, cfg->do_udp, + if(!ports_create_if(ifs[i], 0, cfg->do_udp, do_tcp, &hints, portbuf, &list, cfg->so_rcvbuf, cfg->so_sndbuf, cfg->ssl_port, cfg->tls_additional_port, - reuseport, cfg->ip_transparent, - cfg->tcp_mss, cfg->ip_freebind, cfg->use_systemd, + cfg->https_port, reuseport, cfg->ip_transparent, + cfg->tcp_mss, cfg->ip_freebind, + cfg->http_nodelay, cfg->use_systemd, cfg->dnscrypt_port, cfg->ip_dscp)) { listening_ports_free(list); return NULL; @@ -1538,11 +1655,7 @@ void listening_ports_free(struct listen_port* list) while(list) { nx = list->next; if(list->fd != -1) { -#ifndef USE_WINSOCK - close(list->fd); -#else - closesocket(list->fd); -#endif + sock_close(list->fd); } free(list); list = nx; @@ -1964,3 +2077,739 @@ size_t tcp_req_info_get_stream_buffer_size(void) lock_basic_unlock(&stream_wait_count_lock); return s; } + +size_t http2_get_query_buffer_size(void) +{ + size_t s; + if(!http2_query_buffer_lock_inited) + return http2_query_buffer_count; + lock_basic_lock(&http2_query_buffer_count_lock); + s = http2_query_buffer_count; + lock_basic_unlock(&http2_query_buffer_count_lock); + return s; +} + +size_t http2_get_response_buffer_size(void) +{ + size_t s; + if(!http2_response_buffer_lock_inited) + return http2_response_buffer_count; + lock_basic_lock(&http2_response_buffer_count_lock); + s = http2_response_buffer_count; + lock_basic_unlock(&http2_response_buffer_count_lock); + return s; +} + +#ifdef HAVE_NGHTTP2 +/** nghttp2 callback. Used to copy response from rbuffer to nghttp2 session */ +static ssize_t http2_submit_response_read_callback( + nghttp2_session* ATTR_UNUSED(session), + int32_t stream_id, uint8_t* buf, size_t length, uint32_t* data_flags, + nghttp2_data_source* source, void* ATTR_UNUSED(cb_arg)) +{ + struct http2_stream* h2_stream; + struct http2_session* h2_session = source->ptr; + size_t copylen = length; + if(!(h2_stream = nghttp2_session_get_stream_user_data( + h2_session->session, stream_id))) { + verbose(VERB_QUERY, "http2: cannot get stream data, closing " + "stream"); + return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE; + } + if(!h2_stream->rbuffer || + sldns_buffer_remaining(h2_stream->rbuffer) == 0) { + verbose(VERB_QUERY, "http2: cannot submit buffer. No data " + "available in rbuffer"); + /* rbuffer will be free'd in frame close cb */ + return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE; + } + + if(copylen > sldns_buffer_remaining(h2_stream->rbuffer)) + copylen = sldns_buffer_remaining(h2_stream->rbuffer); + if(copylen > SSIZE_MAX) + copylen = SSIZE_MAX; /* will probably never happen */ + + memcpy(buf, sldns_buffer_current(h2_stream->rbuffer), copylen); + sldns_buffer_skip(h2_stream->rbuffer, copylen); + + if(sldns_buffer_remaining(h2_stream->rbuffer) == 0) { + *data_flags |= NGHTTP2_DATA_FLAG_EOF; + lock_basic_lock(&http2_response_buffer_count_lock); + http2_response_buffer_count -= + sldns_buffer_capacity(h2_stream->rbuffer); + lock_basic_unlock(&http2_response_buffer_count_lock); + sldns_buffer_free(h2_stream->rbuffer); + h2_stream->rbuffer = NULL; + } + + return copylen; +} + +/** + * Send RST_STREAM frame for stream. + * @param h2_session: http2 session to submit frame to + * @param h2_stream: http2 stream containing frame ID to use in RST_STREAM + * @return 0 on error, 1 otherwise + */ +static int http2_submit_rst_stream(struct http2_session* h2_session, + struct http2_stream* h2_stream) +{ + int ret = nghttp2_submit_rst_stream(h2_session->session, + NGHTTP2_FLAG_NONE, h2_stream->stream_id, + NGHTTP2_INTERNAL_ERROR); + if(ret) { + verbose(VERB_QUERY, "http2: nghttp2_submit_rst_stream failed, " + "error: %s", nghttp2_strerror(ret)); + return 0; + } + return 1; +} + +/** + * DNS response ready to be submitted to nghttp2, to be prepared for sending + * out. Response is stored in c->buffer. Copy to rbuffer because the c->buffer + * might be used before this will be sent out. + * @param h2_session: http2 session, containing c->buffer which contains answer + * @return 0 on error, 1 otherwise + */ +int http2_submit_dns_response(struct http2_session* h2_session) +{ + int ret; + nghttp2_data_provider data_prd; + char status[4]; + nghttp2_nv headers[2]; + struct http2_stream* h2_stream = h2_session->c->h2_stream; + size_t rlen; + + if(h2_stream->rbuffer) { + log_err("http2 submit response error: rbuffer already " + "exists"); + return 0; + } + if(sldns_buffer_remaining(h2_session->c->buffer) == 0) { + log_err("http2 submit response error: c->buffer not complete"); + return 0; + } + + if(snprintf(status, 4, "%d", h2_stream->status) != 3) { + verbose(VERB_QUERY, "http2: submit response error: " + "invalid status"); + return 0; + } + + rlen = sldns_buffer_remaining(h2_session->c->buffer); + lock_basic_lock(&http2_response_buffer_count_lock); + if(http2_response_buffer_count + rlen > http2_response_buffer_max) { + lock_basic_unlock(&http2_response_buffer_count_lock); + verbose(VERB_ALGO, "reset HTTP2 stream, no space left, " + "in https-response-buffer-size"); + return http2_submit_rst_stream(h2_session, h2_stream); + } + http2_response_buffer_count += rlen; + lock_basic_unlock(&http2_response_buffer_count_lock); + + if(!(h2_stream->rbuffer = sldns_buffer_new(rlen))) { + lock_basic_lock(&http2_response_buffer_count_lock); + http2_response_buffer_count -= rlen; + lock_basic_unlock(&http2_response_buffer_count_lock); + log_err("http2 submit response error: malloc failure"); + return 0; + } + + headers[0].name = (uint8_t*)":status"; + headers[0].namelen = 7; + headers[0].value = (uint8_t*)status; + headers[0].valuelen = 3; + headers[0].flags = NGHTTP2_NV_FLAG_NONE; + + headers[1].name = (uint8_t*)"content-type"; + headers[1].namelen = 12; + headers[1].value = (uint8_t*)"application/dns-message"; + headers[1].valuelen = 23; + headers[1].flags = NGHTTP2_NV_FLAG_NONE; + + /*TODO be nice and add the content-length header + headers[2].name = (uint8_t*)"content-length"; + headers[2].namelen = 14; + headers[2].value = + headers[2].valuelen = + headers[2].flags = NGHTTP2_NV_FLAG_NONE; + */ + + sldns_buffer_write(h2_stream->rbuffer, + sldns_buffer_current(h2_session->c->buffer), + sldns_buffer_remaining(h2_session->c->buffer)); + sldns_buffer_flip(h2_stream->rbuffer); + + data_prd.source.ptr = h2_session; + data_prd.read_callback = http2_submit_response_read_callback; + ret = nghttp2_submit_response(h2_session->session, h2_stream->stream_id, + headers, 2, &data_prd); + if(ret) { + verbose(VERB_QUERY, "http2: set_stream_user_data failed, " + "error: %s", nghttp2_strerror(ret)); + return 0; + } + return 1; +} +#else +int http2_submit_dns_response(void* ATTR_UNUSED(v)) +{ + return 0; +} +#endif + +#ifdef HAVE_NGHTTP2 +/** HTTP status to descriptive string */ +static char* http_status_to_str(enum http_status s) +{ + switch(s) { + case HTTP_STATUS_OK: + return "OK"; + case HTTP_STATUS_BAD_REQUEST: + return "Bad Request"; + case HTTP_STATUS_NOT_FOUND: + return "Not Found"; + case HTTP_STATUS_PAYLOAD_TOO_LARGE: + return "Payload Too Large"; + case HTTP_STATUS_URI_TOO_LONG: + return "URI Too Long"; + case HTTP_STATUS_UNSUPPORTED_MEDIA_TYPE: + return "Unsupported Media Type"; + case HTTP_STATUS_NOT_IMPLEMENTED: + return "Not Implemented"; + } + return "Status Unknown"; +} + +/** nghttp2 callback. Used to copy error message to nghttp2 session */ +static ssize_t http2_submit_error_read_callback( + nghttp2_session* ATTR_UNUSED(session), + int32_t stream_id, uint8_t* buf, size_t length, uint32_t* data_flags, + nghttp2_data_source* source, void* ATTR_UNUSED(cb_arg)) +{ + struct http2_stream* h2_stream; + struct http2_session* h2_session = source->ptr; + char* msg; + if(!(h2_stream = nghttp2_session_get_stream_user_data( + h2_session->session, stream_id))) { + verbose(VERB_QUERY, "http2: cannot get stream data, closing " + "stream"); + return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE; + } + *data_flags |= NGHTTP2_DATA_FLAG_EOF; + msg = http_status_to_str(h2_stream->status); + if(length < strlen(msg)) + return 0; /* not worth trying over multiple frames */ + memcpy(buf, msg, strlen(msg)); + return strlen(msg); + +} + +/** + * HTTP error response ready to be submitted to nghttp2, to be prepared for + * sending out. Message body will contain descriptive string for HTTP status. + * @param h2_session: http2 session to submit to + * @param h2_stream: http2 stream containing HTTP status to use for error + * @return 0 on error, 1 otherwise + */ +static int http2_submit_error(struct http2_session* h2_session, + struct http2_stream* h2_stream) +{ + int ret; + char status[4]; + nghttp2_data_provider data_prd; + nghttp2_nv headers[1]; /* will be copied by nghttp */ + if(snprintf(status, 4, "%d", h2_stream->status) != 3) { + verbose(VERB_QUERY, "http2: submit error failed, " + "invalid status"); + return 0; + } + headers[0].name = (uint8_t*)":status"; + headers[0].namelen = 7; + headers[0].value = (uint8_t*)status; + headers[0].valuelen = 3; + headers[0].flags = NGHTTP2_NV_FLAG_NONE; + + data_prd.source.ptr = h2_session; + data_prd.read_callback = http2_submit_error_read_callback; + + ret = nghttp2_submit_response(h2_session->session, h2_stream->stream_id, + headers, 1, &data_prd); + if(ret) { + verbose(VERB_QUERY, "http2: submit error failed, " + "error: %s", nghttp2_strerror(ret)); + return 0; + } + return 1; +} + +/** + * Start query handling. Query is stored in the stream, and will be free'd here. + * @param h2_session: http2 session, containing comm point + * @param h2_stream: stream containing buffered query + * @return: -1 on error, 1 if answer is stored in c->buffer, 0 if there is no + * reply available (yet). + */ +static int http2_query_read_done(struct http2_session* h2_session, + struct http2_stream* h2_stream) +{ + log_assert(h2_stream->qbuffer); + + if(h2_session->c->h2_stream) { + verbose(VERB_ALGO, "http2_query_read_done failure: shared " + "buffer already assigned to stream"); + return -1; + } + if(sldns_buffer_remaining(h2_session->c->buffer) < + sldns_buffer_remaining(h2_stream->qbuffer)) { + /* qbuffer will be free'd in frame close cb */ + sldns_buffer_clear(h2_session->c->buffer); + verbose(VERB_ALGO, "http2_query_read_done failure: can't fit " + "qbuffer in c->buffer"); + return -1; + } + + sldns_buffer_write(h2_session->c->buffer, + sldns_buffer_current(h2_stream->qbuffer), + sldns_buffer_remaining(h2_stream->qbuffer)); + + lock_basic_lock(&http2_query_buffer_count_lock); + http2_query_buffer_count -= sldns_buffer_capacity(h2_stream->qbuffer); + lock_basic_unlock(&http2_query_buffer_count_lock); + sldns_buffer_free(h2_stream->qbuffer); + h2_stream->qbuffer = NULL; + + sldns_buffer_flip(h2_session->c->buffer); + h2_session->c->h2_stream = h2_stream; + fptr_ok(fptr_whitelist_comm_point(h2_session->c->callback)); + if((*h2_session->c->callback)(h2_session->c, h2_session->c->cb_arg, + NETEVENT_NOERROR, &h2_session->c->repinfo)) { + return 1; /* answer in c->buffer */ + } + sldns_buffer_clear(h2_session->c->buffer); + h2_session->c->h2_stream = NULL; + return 0; /* mesh state added, or dropped */ +} + +/** nghttp2 callback. Used to check if the received frame indicates the end of a + * stream. Gather collected request data and start query handling. */ +static int http2_req_frame_recv_cb(nghttp2_session* session, + const nghttp2_frame* frame, void* cb_arg) +{ + struct http2_session* h2_session = (struct http2_session*)cb_arg; + struct http2_stream* h2_stream; + int query_read_done; + + if((frame->hd.type != NGHTTP2_DATA && + frame->hd.type != NGHTTP2_HEADERS) || + !(frame->hd.flags & NGHTTP2_FLAG_END_STREAM)) { + return 0; + } + + if(!(h2_stream = nghttp2_session_get_stream_user_data( + session, frame->hd.stream_id))) + return 0; + + if(h2_stream->invalid_endpoint) { + h2_stream->status = HTTP_STATUS_NOT_FOUND; + goto submit_http_error; + } + + if(h2_stream->invalid_content_type) { + h2_stream->status = HTTP_STATUS_UNSUPPORTED_MEDIA_TYPE; + goto submit_http_error; + } + + if(h2_stream->http_method != HTTP_METHOD_GET && + h2_stream->http_method != HTTP_METHOD_POST) { + h2_stream->status = HTTP_STATUS_NOT_IMPLEMENTED; + goto submit_http_error; + } + + if(h2_stream->query_too_large) { + if(h2_stream->http_method == HTTP_METHOD_POST) + h2_stream->status = HTTP_STATUS_PAYLOAD_TOO_LARGE; + else + h2_stream->status = HTTP_STATUS_URI_TOO_LONG; + goto submit_http_error; + } + + if(!h2_stream->qbuffer) { + h2_stream->status = HTTP_STATUS_BAD_REQUEST; + goto submit_http_error; + } + + if(h2_stream->status) { +submit_http_error: + verbose(VERB_QUERY, "http2 request invalid, returning :status=" + "%d", h2_stream->status); + if(!http2_submit_error(h2_session, h2_stream)) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + return 0; + } + h2_stream->status = HTTP_STATUS_OK; + + sldns_buffer_flip(h2_stream->qbuffer); + h2_session->postpone_drop = 1; + query_read_done = http2_query_read_done(h2_session, h2_stream); + if(query_read_done < 0) + return NGHTTP2_ERR_CALLBACK_FAILURE; + else if(!query_read_done) { + if(h2_session->is_drop) { + /* connection needs to be closed. Return failure to make + * sure no other action are taken anymore on comm point. + * failure will result in reclaiming (and closing) + * of comm point. */ + verbose(VERB_QUERY, "http2 query dropped in worker cb"); + h2_session->postpone_drop = 0; + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + /* nothing to submit right now, query added to mesh. */ + h2_session->postpone_drop = 0; + return 0; + } + if(!http2_submit_dns_response(h2_session)) { + sldns_buffer_clear(h2_session->c->buffer); + h2_session->c->h2_stream = NULL; + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + verbose(VERB_QUERY, "http2 query submitted to session"); + sldns_buffer_clear(h2_session->c->buffer); + h2_session->c->h2_stream = NULL; + return 0; +} + +/** nghttp2 callback. Used to detect start of new streams. */ +static int http2_req_begin_headers_cb(nghttp2_session* session, + const nghttp2_frame* frame, void* cb_arg) +{ + struct http2_session* h2_session = (struct http2_session*)cb_arg; + struct http2_stream* h2_stream; + int ret; + if(frame->hd.type != NGHTTP2_HEADERS || + frame->headers.cat != NGHTTP2_HCAT_REQUEST) { + /* only interrested in request headers */ + return 0; + } + if(!(h2_stream = http2_stream_create(frame->hd.stream_id))) { + log_err("malloc failure while creating http2 stream"); + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + http2_session_add_stream(h2_session, h2_stream); + ret = nghttp2_session_set_stream_user_data(session, + frame->hd.stream_id, h2_stream); + if(ret) { + /* stream does not exist */ + verbose(VERB_QUERY, "http2: set_stream_user_data failed, " + "error: %s", nghttp2_strerror(ret)); + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +/** + * base64url decode, store in qbuffer + * @param h2_session: http2 session + * @param h2_stream: http2 stream + * @param start: start of the base64 string + * @param length: length of the base64 string + * @return: 0 on error, 1 otherwise. query will be stored in h2_stream->qbuffer, + * buffer will be NULL is unparseble. + */ +static int http2_buffer_uri_query(struct http2_session* h2_session, + struct http2_stream* h2_stream, const uint8_t* start, size_t length) +{ + size_t expectb64len; + int b64len; + if(h2_stream->http_method == HTTP_METHOD_POST) + return 1; + if(length == 0) + return 1; + if(h2_stream->qbuffer) { + verbose(VERB_ALGO, "http2_req_header fail, " + "qbuffer already set"); + return 0; + } + + /* calculate size, might be a bit bigger than the real + * decoded buffer size */ + expectb64len = sldns_b64_pton_calculate_size(length); + log_assert(expectb64len > 0); + if(expectb64len > + h2_session->c->http2_stream_max_qbuffer_size) { + h2_stream->query_too_large = 1; + return 1; + } + + lock_basic_lock(&http2_query_buffer_count_lock); + if(http2_query_buffer_count + expectb64len > http2_query_buffer_max) { + lock_basic_unlock(&http2_query_buffer_count_lock); + verbose(VERB_ALGO, "reset HTTP2 stream, no space left, " + "in http2-query-buffer-size"); + return http2_submit_rst_stream(h2_session, h2_stream); + } + http2_query_buffer_count += expectb64len; + lock_basic_unlock(&http2_query_buffer_count_lock); + if(!(h2_stream->qbuffer = sldns_buffer_new(expectb64len))) { + lock_basic_lock(&http2_query_buffer_count_lock); + http2_query_buffer_count -= expectb64len; + lock_basic_unlock(&http2_query_buffer_count_lock); + log_err("http2_req_header fail, qbuffer " + "malloc failure"); + return 0; + } + + if(!(b64len = sldns_b64url_pton( + (char const *)start, length, + sldns_buffer_current(h2_stream->qbuffer), + expectb64len)) || b64len < 0) { + lock_basic_lock(&http2_query_buffer_count_lock); + http2_query_buffer_count -= expectb64len; + lock_basic_unlock(&http2_query_buffer_count_lock); + sldns_buffer_free(h2_stream->qbuffer); + h2_stream->qbuffer = NULL; + /* return without error, method can be an + * unknown POST */ + return 1; + } + sldns_buffer_skip(h2_stream->qbuffer, (size_t)b64len); + return 1; +} + +/** nghttp2 callback. Used to parse headers from HEADER frames. */ +static int http2_req_header_cb(nghttp2_session* session, + const nghttp2_frame* frame, const uint8_t* name, size_t namelen, + const uint8_t* value, size_t valuelen, uint8_t ATTR_UNUSED(flags), + void* cb_arg) +{ + struct http2_stream* h2_stream = NULL; + struct http2_session* h2_session = (struct http2_session*)cb_arg; + /* nghttp2 deals with CONTINUATION frames and provides them as part of + * the HEADER */ + if(frame->hd.type != NGHTTP2_HEADERS || + frame->headers.cat != NGHTTP2_HCAT_REQUEST) { + /* only interrested in request headers */ + return 0; + } + if(!(h2_stream = nghttp2_session_get_stream_user_data(session, + frame->hd.stream_id))) + return 0; + + /* earlier checks already indicate we can stop handling this query */ + if(h2_stream->http_method == HTTP_METHOD_UNSUPPORTED || + h2_stream->invalid_content_type || + h2_stream->invalid_endpoint) + return 0; + + + /* nghttp2 performs some sanity checks in the headers, including: + * name and value are guaranteed to be null terminated + * name is guaranteed to be lowercase + * content-length value is guaranteed to contain digits + */ + + if(!h2_stream->http_method && namelen == 7 && + memcmp(":method", name, namelen) == 0) { + /* Case insensitive check on :method value to be on the safe + * side. I failed to find text about case sensitivity in specs. + */ + if(valuelen == 3 && strcasecmp("GET", (const char*)value) == 0) + h2_stream->http_method = HTTP_METHOD_GET; + else if(valuelen == 4 && + strcasecmp("POST", (const char*)value) == 0) { + h2_stream->http_method = HTTP_METHOD_POST; + if(h2_stream->qbuffer) { + /* POST method uses query from DATA frames */ + lock_basic_lock(&http2_query_buffer_count_lock); + http2_query_buffer_count -= + sldns_buffer_capacity(h2_stream->qbuffer); + lock_basic_unlock(&http2_query_buffer_count_lock); + sldns_buffer_free(h2_stream->qbuffer); + h2_stream->qbuffer = NULL; + } + } else + h2_stream->http_method = HTTP_METHOD_UNSUPPORTED; + return 0; + } + if(namelen == 5 && memcmp(":path", name, namelen) == 0) { + /* :path may contain DNS query, depending on method. Method might + * not be known yet here, so check after finishing receiving + * stream. */ +#define HTTP_QUERY_PARAM "?dns=" + size_t el = strlen(h2_session->c->http_endpoint); + size_t qpl = strlen(HTTP_QUERY_PARAM); + + if(valuelen < el || memcmp(h2_session->c->http_endpoint, + value, el) != 0) { + h2_stream->invalid_endpoint = 1; + return 0; + } + /* larger than endpoint only allowed if it is for the query + * parameter */ + if(valuelen <= el+qpl || + memcmp(HTTP_QUERY_PARAM, value+el, qpl) != 0) { + if(valuelen != el) + h2_stream->invalid_endpoint = 1; + return 0; + } + + if(!http2_buffer_uri_query(h2_session, h2_stream, + value+(el+qpl), valuelen-(el+qpl))) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + return 0; + } + /* Content type is a SHOULD (rfc7231#section-3.1.1.5) when using POST, + * and not needed when using GET. Don't enfore. + * If set only allow lowercase "application/dns-message". + * + * Clients SHOULD (rfc8484#section-4.1) set an accept header, but MUST + * be able to handle "application/dns-message". Since that is the only + * content-type supported we can ignore the accept header. + */ + if((namelen == 12 && memcmp("content-type", name, namelen) == 0)) { + if(valuelen != 23 || memcmp("application/dns-message", value, + valuelen) != 0) { + h2_stream->invalid_content_type = 1; + } + } + + /* Only interested in content-lentg for POST (on not yet known) method. + */ + if((!h2_stream->http_method || + h2_stream->http_method == HTTP_METHOD_POST) && + !h2_stream->content_length && namelen == 14 && + memcmp("content-length", name, namelen) == 0) { + if(valuelen > 5) { + h2_stream->query_too_large = 1; + return 0; + } + /* guaranteed to only contian digits and be null terminated */ + h2_stream->content_length = atoi((const char*)value); + if(h2_stream->content_length > + h2_session->c->http2_stream_max_qbuffer_size) { + h2_stream->query_too_large = 1; + return 0; + } + } + return 0; +} + +/** nghttp2 callback. Used to get data from DATA frames, which can contain + * queries in POST requests. */ +static int http2_req_data_chunk_recv_cb(nghttp2_session* ATTR_UNUSED(session), + uint8_t ATTR_UNUSED(flags), int32_t stream_id, const uint8_t* data, + size_t len, void* cb_arg) +{ + struct http2_session* h2_session = (struct http2_session*)cb_arg; + struct http2_stream* h2_stream; + size_t qlen = 0; + + if(!(h2_stream = nghttp2_session_get_stream_user_data( + h2_session->session, stream_id))) { + return 0; + } + + if(h2_stream->query_too_large) + return 0; + + if(!h2_stream->qbuffer) { + if(h2_stream->content_length) { + if(h2_stream->content_length < len) + /* getting more data in DATA frame than + * advertised in content-length header. */ + return NGHTTP2_ERR_CALLBACK_FAILURE; + qlen = h2_stream->content_length; + } else if(len <= h2_session->c->http2_stream_max_qbuffer_size) { + /* setting this to msg-buffer-size can result in a lot + * of memory consuption. Most queries should fit in a + * single DATA frame, and most POST queries will + * containt content-length which does not impose this + * limit. */ + qlen = len; + } + } + if(!h2_stream->qbuffer && qlen) { + lock_basic_lock(&http2_query_buffer_count_lock); + if(http2_query_buffer_count + qlen > http2_query_buffer_max) { + lock_basic_unlock(&http2_query_buffer_count_lock); + verbose(VERB_ALGO, "reset HTTP2 stream, no space left, " + "in http2-query-buffer-size"); + return http2_submit_rst_stream(h2_session, h2_stream); + } + http2_query_buffer_count += qlen; + lock_basic_unlock(&http2_query_buffer_count_lock); + if(!(h2_stream->qbuffer = sldns_buffer_new(qlen))) { + lock_basic_lock(&http2_query_buffer_count_lock); + http2_query_buffer_count -= qlen; + lock_basic_unlock(&http2_query_buffer_count_lock); + } + } + + if(!h2_stream->qbuffer || + sldns_buffer_remaining(h2_stream->qbuffer) < len) { + verbose(VERB_ALGO, "http2 data_chunck_recv failed. Not enough " + "buffer space for POST query. Can happen on multi " + "frame requests without content-length header"); + h2_stream->query_too_large = 1; + return 0; + } + + sldns_buffer_write(h2_stream->qbuffer, data, len); + + return 0; +} + +void http2_req_stream_clear(struct http2_stream* h2_stream) +{ + if(h2_stream->qbuffer) { + lock_basic_lock(&http2_query_buffer_count_lock); + http2_query_buffer_count -= + sldns_buffer_capacity(h2_stream->qbuffer); + lock_basic_unlock(&http2_query_buffer_count_lock); + sldns_buffer_free(h2_stream->qbuffer); + h2_stream->qbuffer = NULL; + } + if(h2_stream->rbuffer) { + lock_basic_lock(&http2_response_buffer_count_lock); + http2_response_buffer_count -= + sldns_buffer_capacity(h2_stream->rbuffer); + lock_basic_unlock(&http2_response_buffer_count_lock); + sldns_buffer_free(h2_stream->rbuffer); + h2_stream->rbuffer = NULL; + } +} + +nghttp2_session_callbacks* http2_req_callbacks_create() +{ + nghttp2_session_callbacks *callbacks; + if(nghttp2_session_callbacks_new(&callbacks) == NGHTTP2_ERR_NOMEM) { + log_err("failed to initialize nghttp2 callback"); + return NULL; + } + /* reception of header block started, used to create h2_stream */ + nghttp2_session_callbacks_set_on_begin_headers_callback(callbacks, + http2_req_begin_headers_cb); + /* complete frame received, used to get data from stream if frame + * has end stream flag, and start processing query */ + nghttp2_session_callbacks_set_on_frame_recv_callback(callbacks, + http2_req_frame_recv_cb); + /* get request info from headers */ + nghttp2_session_callbacks_set_on_header_callback(callbacks, + http2_req_header_cb); + /* get data from DATA frames, containing POST query */ + nghttp2_session_callbacks_set_on_data_chunk_recv_callback(callbacks, + http2_req_data_chunk_recv_cb); + + /* generic HTTP2 callbacks */ + nghttp2_session_callbacks_set_recv_callback(callbacks, http2_recv_cb); + nghttp2_session_callbacks_set_send_callback(callbacks, http2_send_cb); + nghttp2_session_callbacks_set_on_stream_close_callback(callbacks, + http2_stream_close_cb); + + return callbacks; +} +#endif /* HAVE_NGHTTP2 */ diff --git a/services/listen_dnsport.h b/services/listen_dnsport.h index ddd1b63a4d95..4bbde0691fec 100644 --- a/services/listen_dnsport.h +++ b/services/listen_dnsport.h @@ -43,6 +43,9 @@ #define LISTEN_DNSPORT_H #include "util/netevent.h" +#ifdef HAVE_NGHTTP2_NGHTTP2_H +#include <nghttp2/nghttp2.h> +#endif struct listen_list; struct config_file; struct addrinfo; @@ -94,8 +97,9 @@ enum listen_type { /** tcp type + dnscrypt */ listen_type_tcp_dnscrypt, /** udp ipv6 (v4mapped) for use with ancillary data + dnscrypt*/ - listen_type_udpancil_dnscrypt - + listen_type_udpancil_dnscrypt, + /** HTTP(2) over TLS over TCP */ + listen_type_http }; /** @@ -117,13 +121,15 @@ struct listen_port { * interfaces for IP4 and/or IP6, for UDP and/or TCP. * On the given port number. It creates the sockets. * @param cfg: settings on what ports to open. + * @param ifs: interfaces to open, array of IP addresses, "ip[@port]". + * @param num_ifs: length of ifs. * @param reuseport: set to true if you want reuseport, or NULL to not have it, * set to false on exit if reuseport failed to apply (because of no * kernel support). * @return: linked list of ports or NULL on error. */ struct listen_port* listening_ports_open(struct config_file* cfg, - int* reuseport); + char** ifs, int num_ifs, int* reuseport); /** * Close and delete the (list of) listening ports. @@ -131,6 +137,17 @@ struct listen_port* listening_ports_open(struct config_file* cfg, void listening_ports_free(struct listen_port* list); /** + * Resolve interface names in config and store result IP addresses + * @param cfg: config + * @param resif: string array (malloced array of malloced strings) with + * result. NULL if cfg has none. + * @param num_resif: length of resif. Zero if cfg has zero num_ifs. + * @return 0 on failure. + */ +int resolve_interface_names(struct config_file* cfg, char*** resif, + int* num_resif); + +/** * Create commpoints with for this thread for the shared ports. * @param base: the comm_base that provides event functionality. * for default all ifs. @@ -139,6 +156,9 @@ void listening_ports_free(struct listen_port* list); * @param tcp_accept_count: max number of simultaneous TCP connections * from clients. * @param tcp_idle_timeout: idle timeout for TCP connections in msec. + * @param harden_large_queries: whether query size should be limited. + * @param http_max_streams: maximum number of HTTP/2 streams per connection. + * @param http_endpoint: HTTP endpoint to service queries on * @param tcp_conn_limit: TCP connection limit info. * @param sslctx: nonNULL if ssl context. * @param dtenv: nonNULL if dnstap enabled. @@ -147,11 +167,12 @@ void listening_ports_free(struct listen_port* list); * @param cb_arg: user data argument for callback function. * @return: the malloced listening structure, ready for use. NULL on error. */ -struct listen_dnsport* listen_create(struct comm_base* base, - struct listen_port* ports, size_t bufsize, - int tcp_accept_count, int tcp_idle_timeout, - struct tcl_list* tcp_conn_limit, void* sslctx, - struct dt_env *dtenv, comm_point_callback_type* cb, void* cb_arg); +struct listen_dnsport* +listen_create(struct comm_base* base, struct listen_port* ports, + size_t bufsize, int tcp_accept_count, int tcp_idle_timeout, + int harden_large_queries, uint32_t http_max_streams, + char* http_endpoint, struct tcl_list* tcp_conn_limit, void* sslctx, + struct dt_env* dtenv, comm_point_callback_type* cb, void *cb_arg); /** * delete the listening structure @@ -221,13 +242,15 @@ int create_udp_sock(int family, int socktype, struct sockaddr* addr, * listening UDP port. Set to false on return if it failed to do so. * @param transparent: set IP_TRANSPARENT socket option. * @param mss: maximum segment size of the socket. if zero, leaves the default. + * @param nodelay: if true set TCP_NODELAY and TCP_QUICKACK socket options. * @param freebind: set IP_FREEBIND socket option. * @param use_systemd: if true, fetch sockets from systemd. * @param dscp: DSCP to use. * @return: the socket. -1 on error. */ int create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto, - int* reuseport, int transparent, int mss, int freebind, int use_systemd, int dscp); + int* reuseport, int transparent, int mss, int nodelay, int freebind, + int use_systemd, int dscp); /** * Create and bind local listening socket @@ -369,7 +392,34 @@ int tcp_req_info_handle_read_close(struct tcp_req_info* req); /** get the size of currently used tcp stream wait buffers (in bytes) */ size_t tcp_req_info_get_stream_buffer_size(void); +/** get the size of currently used HTTP2 query buffers (in bytes) */ +size_t http2_get_query_buffer_size(void); +/** get the size of currently used HTTP2 response buffers (in bytes) */ +size_t http2_get_response_buffer_size(void); + +#ifdef HAVE_NGHTTP2 +/** + * Create nghttp2 callbacks to handle HTTP2 requests. + * @return malloc'ed struct, NULL on failure + */ +nghttp2_session_callbacks* http2_req_callbacks_create(); + +/** Free http2 stream buffers and decrease buffer counters */ +void http2_req_stream_clear(struct http2_stream* h2_stream); + +/** + * DNS response ready to be submitted to nghttp2, to be prepared for sending + * out. Response is stored in c->buffer. Copy to rbuffer because the c->buffer + * might be used before this will be send out. + * @param h2_session: http2 session, containing c->buffer which contains answer + * @param h2_stream: http2 stream, containing buffer to store answer in + * @return 0 on error, 1 otherwise + */ +int http2_submit_dns_response(struct http2_session* h2_session); +#else +int http2_submit_dns_response(void* v); +#endif /* HAVE_NGHTTP2 */ + char* set_ip_dscp(int socket, int addrfamily, int ds); -char* sock_strerror(int errn); #endif /* LISTEN_DNSPORT_H */ diff --git a/services/mesh.c b/services/mesh.c index 4b0c5db418f7..52ff97e4a2e8 100644 --- a/services/mesh.c +++ b/services/mesh.c @@ -551,6 +551,9 @@ void mesh_new_client(struct mesh_area* mesh, struct query_info* qinfo, goto servfail_mem; } } + if(rep->c->use_h2) { + http2_stream_add_meshstate(rep->c->h2_stream, mesh, s); + } /* add serve expired timer if required and not already there */ if(timeout && !mesh_serve_expired_init(s, timeout)) { log_err("mesh_new_client: out of memory initializing serve expired"); @@ -1207,6 +1210,13 @@ mesh_send_reply(struct mesh_state* m, int rcode, struct reply_info* rep, else secure = 0; if(!rep && rcode == LDNS_RCODE_NOERROR) rcode = LDNS_RCODE_SERVFAIL; + if(r->query_reply.c->use_h2) { + r->query_reply.c->h2_stream = r->h2_stream; + /* Mesh reply won't exist for long anymore. Make it impossible + * for HTTP/2 stream to refer to mesh state, in case + * connection gets cleanup before HTTP/2 stream close. */ + r->h2_stream->mesh_state = NULL; + } /* send the reply */ /* We don't reuse the encoded answer if either the previous or current * response has a local alias. We could compare the alias records @@ -1495,6 +1505,8 @@ int mesh_state_add_reply(struct mesh_state* s, struct edns_data* edns, s->s.qinfo.qname_len); if(!r->qname) return 0; + if(rep->c->use_h2) + r->h2_stream = rep->c->h2_stream; /* Data related to local alias stored in 'qinfo' (if any) is ephemeral * and can be different for different original queries (even if the diff --git a/services/mesh.h b/services/mesh.h index df2972ac3306..d0a4b5fb3d0d 100644 --- a/services/mesh.h +++ b/services/mesh.h @@ -230,6 +230,8 @@ struct mesh_reply { uint8_t* qname; /** same as that in query_info. */ struct local_rrset* local_alias; + /** send query to this http2 stream, if set */ + struct http2_stream* h2_stream; }; /** diff --git a/services/outside_network.c b/services/outside_network.c index 44e01d7450cb..41a1d83f1454 100644 --- a/services/outside_network.c +++ b/services/outside_network.c @@ -58,6 +58,7 @@ #include "util/net_help.h" #include "util/random.h" #include "util/fptr_wlist.h" +#include "util/edns.h" #include "sldns/sbuffer.h" #include "dnstap/dnstap.h" #ifdef HAVE_OPENSSL_SSL_H @@ -165,11 +166,7 @@ pick_outgoing_tcp(struct waiting_tcp* w, int s) if(num == 0) { log_err("no TCP outgoing interfaces of family"); log_addr(VERB_OPS, "for addr", &w->addr, w->addrlen); -#ifndef USE_WINSOCK - close(s); -#else - closesocket(s); -#endif + sock_close(s); return 0; } #ifdef INET6 @@ -188,14 +185,8 @@ pick_outgoing_tcp(struct waiting_tcp* w, int s) ((struct sockaddr_in6*)&pi->addr)->sin6_port = 0; else ((struct sockaddr_in*)&pi->addr)->sin_port = 0; if(bind(s, (struct sockaddr*)&pi->addr, pi->addrlen) != 0) { -#ifndef USE_WINSOCK - log_err("outgoing tcp: bind: %s", strerror(errno)); - close(s); -#else - log_err("outgoing tcp: bind: %s", - wsa_strerror(WSAGetLastError())); - closesocket(s); -#endif + log_err("outgoing tcp: bind: %s", sock_strerror(errno)); + sock_close(s); return 0; } log_addr(VERB_ALGO, "tcp bound to src", &pi->addr, pi->addrlen); @@ -225,13 +216,8 @@ outnet_get_tcp_fd(struct sockaddr_storage* addr, socklen_t addrlen, int tcp_mss, s = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); } if(s == -1) { -#ifndef USE_WINSOCK - log_err_addr("outgoing tcp: socket", strerror(errno), + log_err_addr("outgoing tcp: socket", sock_strerror(errno), addr, addrlen); -#else - log_err_addr("outgoing tcp: socket", - wsa_strerror(WSAGetLastError()), addr, addrlen); -#endif return -1; } @@ -2111,9 +2097,20 @@ outnet_serviced_query(struct outside_network* outnet, { struct serviced_query* sq; struct service_callback* cb; + struct edns_tag_addr* client_tag_addr; + if(!inplace_cb_query_call(env, qinfo, flags, addr, addrlen, zone, zonelen, qstate, qstate->region)) return NULL; + + if((client_tag_addr = edns_tag_addr_lookup(&env->edns_tags->client_tags, + addr, addrlen))) { + uint16_t client_tag = htons(client_tag_addr->tag_data); + edns_opt_list_append(&qstate->edns_opts_back_out, + env->edns_tags->client_tag_opcode, 2, + (uint8_t*)&client_tag, qstate->region); + } + serviced_gen_query(buff, qinfo->qname, qinfo->qname_len, qinfo->qtype, qinfo->qclass, flags); sq = lookup_serviced(outnet, buff, dnssec, addr, addrlen, diff --git a/services/rpz.c b/services/rpz.c index 105f238d0a6d..ba5dd186daad 100644 --- a/services/rpz.c +++ b/services/rpz.c @@ -597,8 +597,18 @@ rpz_insert_rr(struct rpz* r, uint8_t* azname, size_t aznamelen, uint8_t* dname, uint8_t* policydname; if(!dname_subdomain_c(dname, azname)) { - log_err("RPZ: name of record to insert into RPZ is not a " - "subdomain of the configured name of the RPZ zone"); + char* dname_str = sldns_wire2str_dname(dname, dnamelen); + char* azname_str = sldns_wire2str_dname(azname, aznamelen); + if(dname_str && azname_str) { + log_err("RPZ: name of record (%s) to insert into RPZ is not a " + "subdomain of the configured name of the RPZ zone (%s)", + dname_str, azname_str); + } else { + log_err("RPZ: name of record to insert into RPZ is not a " + "subdomain of the configured name of the RPZ zone"); + } + free(dname_str); + free(azname_str); return 0; } diff --git a/sldns/parseutil.c b/sldns/parseutil.c index 3515d64c5d10..9f289d3596c3 100644 --- a/sldns/parseutil.c +++ b/sldns/parseutil.c @@ -619,13 +619,18 @@ size_t sldns_b64_ntop_calculate_size(size_t srcsize) * * This routine does not insert spaces or linebreaks after 76 characters. */ -int sldns_b64_ntop(uint8_t const *src, size_t srclength, - char *target, size_t targsize) +static int sldns_b64_ntop_base(uint8_t const *src, size_t srclength, + char *target, size_t targsize, int base64url, int padding) { - const char* b64 = - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; + char* b64; const char pad64 = '='; size_t i = 0, o = 0; + if(base64url) + b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123" + "456789-_"; + else + b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123" + "456789+/"; if(targsize < sldns_b64_ntop_calculate_size(srclength)) return -1; /* whole chunks: xxxxxxyy yyyyzzzz zzwwwwww */ @@ -645,18 +650,26 @@ int sldns_b64_ntop(uint8_t const *src, size_t srclength, target[o] = b64[src[i] >> 2]; target[o+1] = b64[ ((src[i]&0x03)<<4) | (src[i+1]>>4) ]; target[o+2] = b64[ ((src[i+1]&0x0f)<<2) ]; - target[o+3] = pad64; - /* i += 2; */ - o += 4; + if(padding) { + target[o+3] = pad64; + /* i += 2; */ + o += 4; + } else { + o += 3; + } break; case 1: /* one at end, converted into A B = = */ target[o] = b64[src[i] >> 2]; target[o+1] = b64[ ((src[i]&0x03)<<4) ]; - target[o+2] = pad64; - target[o+3] = pad64; - /* i += 1; */ - o += 4; + if(padding) { + target[o+2] = pad64; + target[o+3] = pad64; + /* i += 1; */ + o += 4; + } else { + o += 2; + } break; case 0: default: @@ -669,19 +682,36 @@ int sldns_b64_ntop(uint8_t const *src, size_t srclength, return (int)o; } +int sldns_b64_ntop(uint8_t const *src, size_t srclength, char *target, + size_t targsize) +{ + return sldns_b64_ntop_base(src, srclength, target, targsize, + 0 /* no base64url */, 1 /* padding */); +} + +int sldns_b64url_ntop(uint8_t const *src, size_t srclength, char *target, + size_t targsize) +{ + return sldns_b64_ntop_base(src, srclength, target, targsize, + 1 /* base64url */, 0 /* no padding */); +} + size_t sldns_b64_pton_calculate_size(size_t srcsize) { return (((((srcsize + 3) / 4) * 3)) + 1); } -int sldns_b64_pton(char const *src, uint8_t *target, size_t targsize) +/* padding not required if srcsize is set */ +static int sldns_b64_pton_base(char const *src, size_t srcsize, uint8_t *target, + size_t targsize, int base64url) { const uint8_t pad64 = 64; /* is 64th in the b64 array */ const char* s = src; uint8_t in[4]; size_t o = 0, incount = 0; + int check_padding = (srcsize) ? 0 : 1; - while(*s) { + while(*s && (check_padding || srcsize)) { /* skip any character that is not base64 */ /* conceptually we do: const char* b64 = pad'=' is appended to array @@ -690,30 +720,43 @@ int sldns_b64_pton(char const *src, uint8_t *target, size_t targsize) and use d-b64; */ char d = *s++; + srcsize--; if(d <= 'Z' && d >= 'A') d -= 'A'; else if(d <= 'z' && d >= 'a') d = d - 'a' + 26; else if(d <= '9' && d >= '0') d = d - '0' + 52; - else if(d == '+') + else if(!base64url && d == '+') d = 62; - else if(d == '/') + else if(base64url && d == '-') + d = 62; + else if(!base64url && d == '/') + d = 63; + else if(base64url && d == '_') d = 63; - else if(d == '=') + else if(d == '=') { + if(!check_padding) + continue; d = 64; - else continue; + } else continue; + in[incount++] = (uint8_t)d; - if(incount != 4) + /* work on block of 4, unless padding is not used and there are + * less than 4 chars left */ + if(incount != 4 && (check_padding || srcsize)) continue; + assert(!check_padding || incount==4); /* process whole block of 4 characters into 3 output bytes */ - if(in[3] == pad64 && in[2] == pad64) { /* A B = = */ + if((incount == 2 || + (incount == 4 && in[3] == pad64 && in[2] == pad64))) { /* A B = = */ if(o+1 > targsize) return -1; target[o] = (in[0]<<2) | ((in[1]&0x30)>>4); o += 1; break; /* we are done */ - } else if(in[3] == pad64) { /* A B C = */ + } else if(incount == 3 || + (incount == 4 && in[3] == pad64)) { /* A B C = */ if(o+2 > targsize) return -1; target[o] = (in[0]<<2) | ((in[1]&0x30)>>4); @@ -721,7 +764,7 @@ int sldns_b64_pton(char const *src, uint8_t *target, size_t targsize) o += 2; break; /* we are done */ } else { - if(o+3 > targsize) + if(incount != 4 || o+3 > targsize) return -1; /* write xxxxxxyy yyyyzzzz zzwwwwww */ target[o] = (in[0]<<2) | ((in[1]&0x30)>>4); @@ -733,3 +776,17 @@ int sldns_b64_pton(char const *src, uint8_t *target, size_t targsize) } return (int)o; } + +int sldns_b64_pton(char const *src, uint8_t *target, size_t targsize) +{ + return sldns_b64_pton_base(src, 0, target, targsize, 0); +} + +int sldns_b64url_pton(char const *src, size_t srcsize, uint8_t *target, + size_t targsize) +{ + if(!srcsize) { + return 0; + } + return sldns_b64_pton_base(src, srcsize, target, targsize, 1); +} diff --git a/sldns/parseutil.h b/sldns/parseutil.h index 10a2630a9733..7eb23317f285 100644 --- a/sldns/parseutil.h +++ b/sldns/parseutil.h @@ -92,13 +92,16 @@ size_t sldns_b64_ntop_calculate_size(size_t srcsize); int sldns_b64_ntop(uint8_t const *src, size_t srclength, char *target, size_t targsize); +int sldns_b64url_ntop(uint8_t const *src, size_t srclength, char *target, + size_t targsize); /** * calculates the size needed to store the result of sldns_b64_pton */ size_t sldns_b64_pton_calculate_size(size_t srcsize); - int sldns_b64_pton(char const *src, uint8_t *target, size_t targsize); +int sldns_b64url_pton(char const *src, size_t srcsize, uint8_t *target, + size_t targsize); /** * calculates the size needed to store the result of b32_ntop diff --git a/sldns/rrdef.h b/sldns/rrdef.h index 4e7fef5745f2..e084f354a8a1 100644 --- a/sldns/rrdef.h +++ b/sldns/rrdef.h @@ -426,7 +426,8 @@ enum sldns_enum_edns_option LDNS_EDNS_N3U = 7, /* RFC6975 */ LDNS_EDNS_CLIENT_SUBNET = 8, /* RFC7871 */ LDNS_EDNS_KEEPALIVE = 11, /* draft-ietf-dnsop-edns-tcp-keepalive*/ - LDNS_EDNS_PADDING = 12 /* RFC7830 */ + LDNS_EDNS_PADDING = 12, /* RFC7830 */ + LDNS_EDNS_CLIENT_TAG = 16 /* draft-bellis-dnsop-edns-tags-01 */ }; typedef enum sldns_enum_edns_option sldns_edns_option; diff --git a/smallapp/unbound-checkconf.c b/smallapp/unbound-checkconf.c index 0cf348adde28..b1b7ae7ef9d4 100644 --- a/smallapp/unbound-checkconf.c +++ b/smallapp/unbound-checkconf.c @@ -624,8 +624,6 @@ morechecks(struct config_file* cfg) cfg->auto_trust_anchor_file_list, cfg->chrootdir, cfg); check_chroot_filelist_wild("trusted-keys-file", cfg->trusted_keys_file_list, cfg->chrootdir, cfg); - check_chroot_string("dlv-anchor-file", &cfg->dlv_anchor_file, - cfg->chrootdir, cfg); #ifdef USE_IPSECMOD if(cfg->ipsecmod_enabled && strstr(cfg->module_conf, "ipsecmod")) { /* only check hook if enabled */ diff --git a/smallapp/unbound-control.c b/smallapp/unbound-control.c index c2b42e951640..842dbe0d85b9 100644 --- a/smallapp/unbound-control.c +++ b/smallapp/unbound-control.c @@ -278,6 +278,8 @@ static void print_mem(struct ub_shm_stat_info* shm_stat, shm_stat->mem.dnscrypt_nonce); #endif PR_LL("mem.streamwait", s->svr.mem_stream_wait); + PR_LL("mem.http.query_buffer", s->svr.mem_http2_query_buffer); + PR_LL("mem.http.response_buffer", s->svr.mem_http2_response_buffer); } /** print histogram */ @@ -342,6 +344,7 @@ static void print_extended(struct ub_stats_info* s) PR_UL("num.query.tls", s->svr.qtls); PR_UL("num.query.tls_resume", s->svr.qtls_resume); PR_UL("num.query.ipv6", s->svr.qipv6); + PR_UL("num.query.https", s->svr.qhttps); /* flags */ PR_UL("num.query.flags.QR", s->svr.qbit_QR); @@ -593,11 +596,7 @@ contact_server(const char* svr, struct config_file* cfg, int statuscmd) addrfamily = addr_is_ip6(&addr, addrlen)?PF_INET6:PF_INET; fd = socket(addrfamily, SOCK_STREAM, proto); if(fd == -1) { -#ifndef USE_WINSOCK - fatal_exit("socket: %s", strerror(errno)); -#else - fatal_exit("socket: %s", wsa_strerror(WSAGetLastError())); -#endif + fatal_exit("socket: %s", sock_strerror(errno)); } if(connect(fd, (struct sockaddr*)&addr, addrlen) < 0) { #ifndef USE_WINSOCK @@ -681,11 +680,7 @@ remote_read(SSL* ssl, int fd, char* buf, size_t len) /* EOF */ return 0; } -#ifndef USE_WINSOCK - fatal_exit("could not recv: %s", strerror(errno)); -#else - fatal_exit("could not recv: %s", wsa_strerror(WSAGetLastError())); -#endif + fatal_exit("could not recv: %s", sock_strerror(errno)); } buf[rr] = 0; } @@ -701,11 +696,7 @@ remote_write(SSL* ssl, int fd, const char* buf, size_t len) ssl_err("could not SSL_write"); } else { if(send(fd, buf, len, 0) < (ssize_t)len) { -#ifndef USE_WINSOCK - fatal_exit("could not send: %s", strerror(errno)); -#else - fatal_exit("could not send: %s", wsa_strerror(WSAGetLastError())); -#endif + fatal_exit("could not send: %s", sock_strerror(errno)); } } } @@ -824,11 +815,7 @@ go(const char* cfgfile, char* svr, int quiet, int argc, char* argv[]) ret = go_cmd(ssl, fd, quiet, argc, argv); if(ssl) SSL_free(ssl); -#ifndef USE_WINSOCK - close(fd); -#else - closesocket(fd); -#endif + sock_close(fd); if(ctx) SSL_CTX_free(ctx); config_delete(cfg); return ret; @@ -886,7 +873,7 @@ int main(int argc, char* argv[]) if(argc == 0) usage(); if(argc >= 1 && strcmp(argv[0], "start")==0) { -#if defined(TARGET_OS_TV) || defined(TARGET_OS_WATCH) +#if (defined(TARGET_OS_TV) && TARGET_OS_TV) || (defined(TARGET_OS_WATCH) && TARGET_OS_WATCH) fatal_exit("could not exec unbound: %s", strerror(ENOSYS)); #else diff --git a/testcode/delayer.c b/testcode/delayer.c index ebf883926cba..54175dbe3ecc 100644 --- a/testcode/delayer.c +++ b/testcode/delayer.c @@ -372,11 +372,7 @@ service_send(struct ringbuf* ring, struct timeval* now, sldns_buffer* pkt, sldns_buffer_limit(pkt), 0, (struct sockaddr*)srv_addr, srv_len); if(sent == -1) { -#ifndef USE_WINSOCK - log_err("sendto: %s", strerror(errno)); -#else - log_err("sendto: %s", wsa_strerror(WSAGetLastError())); -#endif + log_err("sendto: %s", sock_strerror(errno)); } else if(sent != (ssize_t)sldns_buffer_limit(pkt)) { log_err("sendto: partial send"); } @@ -398,13 +394,12 @@ do_proxy(struct proxy* p, int retsock, sldns_buffer* pkt) #ifndef USE_WINSOCK if(errno == EAGAIN || errno == EINTR) return; - log_err("recv: %s", strerror(errno)); #else if(WSAGetLastError() == WSAEINPROGRESS || WSAGetLastError() == WSAEWOULDBLOCK) return; - log_err("recv: %s", wsa_strerror(WSAGetLastError())); #endif + log_err("recv: %s", sock_strerror(errno)); return; } sldns_buffer_set_limit(pkt, (size_t)r); @@ -414,11 +409,7 @@ do_proxy(struct proxy* p, int retsock, sldns_buffer* pkt) r = sendto(retsock, (void*)sldns_buffer_begin(pkt), (size_t)r, 0, (struct sockaddr*)&p->addr, p->addr_len); if(r == -1) { -#ifndef USE_WINSOCK - log_err("sendto: %s", strerror(errno)); -#else - log_err("sendto: %s", wsa_strerror(WSAGetLastError())); -#endif + log_err("sendto: %s", sock_strerror(errno)); } } } @@ -469,11 +460,7 @@ find_create_proxy(struct sockaddr_storage* from, socklen_t from_len, if(!p) fatal_exit("out of memory"); p->s = socket(serv_ip6?AF_INET6:AF_INET, SOCK_DGRAM, 0); if(p->s == -1) { -#ifndef USE_WINSOCK - fatal_exit("socket: %s", strerror(errno)); -#else - fatal_exit("socket: %s", wsa_strerror(WSAGetLastError())); -#endif + fatal_exit("socket: %s", sock_strerror(errno)); } fd_set_nonblock(p->s); memmove(&p->addr, from, from_len); @@ -507,14 +494,12 @@ service_recv(int s, struct ringbuf* ring, sldns_buffer* pkt, #ifndef USE_WINSOCK if(errno == EAGAIN || errno == EINTR) return; - fatal_exit("recvfrom: %s", strerror(errno)); #else if(WSAGetLastError() == WSAEWOULDBLOCK || WSAGetLastError() == WSAEINPROGRESS) return; - fatal_exit("recvfrom: %s", - wsa_strerror(WSAGetLastError())); #endif + fatal_exit("recvfrom: %s", sock_strerror(errno)); } sldns_buffer_set_limit(pkt, (size_t)len); /* find its proxy element */ @@ -550,15 +535,9 @@ tcp_proxy_delete(struct tcp_proxy* p) free(s); s = sn; } -#ifndef USE_WINSOCK - close(p->client_s); - if(p->server_s != -1) - close(p->server_s); -#else - closesocket(p->client_s); + sock_close(p->client_s); if(p->server_s != -1) - closesocket(p->server_s); -#endif + sock_close(p->server_s); free(p); } @@ -577,14 +556,13 @@ service_tcp_listen(int s, fd_set* rorig, int* max, struct tcp_proxy** proxies, #ifndef USE_WINSOCK if(errno == EAGAIN || errno == EINTR) return; - fatal_exit("accept: %s", strerror(errno)); #else if(WSAGetLastError() == WSAEWOULDBLOCK || WSAGetLastError() == WSAEINPROGRESS || WSAGetLastError() == WSAECONNRESET) return; - fatal_exit("accept: %s", wsa_strerror(WSAGetLastError())); #endif + fatal_exit("accept: %s", sock_strerror(errno)); } p = (struct tcp_proxy*)calloc(1, sizeof(*p)); if(!p) fatal_exit("out of memory"); @@ -595,11 +573,7 @@ service_tcp_listen(int s, fd_set* rorig, int* max, struct tcp_proxy** proxies, p->server_s = socket(addr_is_ip6(srv_addr, srv_len)?AF_INET6:AF_INET, SOCK_STREAM, 0); if(p->server_s == -1) { -#ifndef USE_WINSOCK - fatal_exit("tcp socket: %s", strerror(errno)); -#else - fatal_exit("tcp socket: %s", wsa_strerror(WSAGetLastError())); -#endif + fatal_exit("tcp socket: %s", sock_strerror(errno)); } fd_set_nonblock(p->client_s); fd_set_nonblock(p->server_s); @@ -607,16 +581,14 @@ service_tcp_listen(int s, fd_set* rorig, int* max, struct tcp_proxy** proxies, #ifndef USE_WINSOCK if(errno != EINPROGRESS) { log_err("tcp connect: %s", strerror(errno)); - close(p->server_s); - close(p->client_s); #else if(WSAGetLastError() != WSAEWOULDBLOCK && WSAGetLastError() != WSAEINPROGRESS) { log_err("tcp connect: %s", wsa_strerror(WSAGetLastError())); - closesocket(p->server_s); - closesocket(p->client_s); #endif + sock_close(p->server_s); + sock_close(p->client_s); free(p); return; } @@ -650,13 +622,12 @@ tcp_relay_read(int s, struct tcp_send_list** first, #ifndef USE_WINSOCK if(errno == EINTR || errno == EAGAIN) return 1; - log_err("tcp read: %s", strerror(errno)); #else if(WSAGetLastError() == WSAEINPROGRESS || WSAGetLastError() == WSAEWOULDBLOCK) return 1; - log_err("tcp read: %s", wsa_strerror(WSAGetLastError())); #endif + log_err("tcp read: %s", sock_strerror(errno)); return 0; } else if(r == 0) { /* connection closed */ @@ -708,14 +679,12 @@ tcp_relay_write(int s, struct tcp_send_list** first, #ifndef USE_WINSOCK if(errno == EAGAIN || errno == EINTR) return 1; - log_err("tcp write: %s", strerror(errno)); #else if(WSAGetLastError() == WSAEWOULDBLOCK || WSAGetLastError() == WSAEINPROGRESS) return 1; - log_err("tcp write: %s", - wsa_strerror(WSAGetLastError())); #endif + log_err("tcp write: %s", sock_strerror(errno)); return 0; } else if(r == 0) { /* closed */ @@ -769,11 +738,7 @@ service_tcp_relay(struct tcp_proxy** tcp_proxies, struct timeval* now, log_addr(1, "read tcp answer", &p->addr, p->addr_len); if(!tcp_relay_read(p->server_s, &p->answerlist, &p->answerlast, now, delay, pkt)) { -#ifndef USE_WINSOCK - close(p->server_s); -#else - closesocket(p->server_s); -#endif + sock_close(p->server_s); FD_CLR(FD_SET_T p->server_s, worig); FD_CLR(FD_SET_T p->server_s, rorig); p->server_s = -1; @@ -901,11 +866,7 @@ proxy_list_clear(struct proxy* p) "%u returned\n", i++, from, port, (int)p->numreuse+1, (unsigned)p->numwait, (unsigned)p->numsent, (unsigned)p->numreturn); -#ifndef USE_WINSOCK - close(p->s); -#else - closesocket(p->s); -#endif + sock_close(p->s); free(p); p = np; } @@ -1034,11 +995,7 @@ service(const char* bind_str, int bindport, const char* serv_str, /* bind UDP port */ if((s = socket(str_is_ip6(bind_str)?AF_INET6:AF_INET, SOCK_DGRAM, 0)) == -1) { -#ifndef USE_WINSOCK - fatal_exit("socket: %s", strerror(errno)); -#else - fatal_exit("socket: %s", wsa_strerror(WSAGetLastError())); -#endif + fatal_exit("socket: %s", sock_strerror(errno)); } i=0; if(bindport == 0) { @@ -1051,11 +1008,7 @@ service(const char* bind_str, int bindport, const char* serv_str, exit(1); } if(bind(s, (struct sockaddr*)&bind_addr, bind_len) == -1) { -#ifndef USE_WINSOCK - log_err("bind: %s", strerror(errno)); -#else - log_err("bind: %s", wsa_strerror(WSAGetLastError())); -#endif + log_err("bind: %s", sock_strerror(errno)); if(i--==0) fatal_exit("cannot bind any port"); bindport = 1024 + ((int)arc4random())%64000; @@ -1065,39 +1018,22 @@ service(const char* bind_str, int bindport, const char* serv_str, /* and TCP port */ if((listen_s = socket(str_is_ip6(bind_str)?AF_INET6:AF_INET, SOCK_STREAM, 0)) == -1) { -#ifndef USE_WINSOCK - fatal_exit("tcp socket: %s", strerror(errno)); -#else - fatal_exit("tcp socket: %s", wsa_strerror(WSAGetLastError())); -#endif + fatal_exit("tcp socket: %s", sock_strerror(errno)); } #ifdef SO_REUSEADDR if(1) { int on = 1; if(setsockopt(listen_s, SOL_SOCKET, SO_REUSEADDR, (void*)&on, (socklen_t)sizeof(on)) < 0) -#ifndef USE_WINSOCK - fatal_exit("setsockopt(.. SO_REUSEADDR ..) failed: %s", - strerror(errno)); -#else fatal_exit("setsockopt(.. SO_REUSEADDR ..) failed: %s", - wsa_strerror(WSAGetLastError())); -#endif + sock_strerror(errno)); } #endif if(bind(listen_s, (struct sockaddr*)&bind_addr, bind_len) == -1) { -#ifndef USE_WINSOCK - fatal_exit("tcp bind: %s", strerror(errno)); -#else - fatal_exit("tcp bind: %s", wsa_strerror(WSAGetLastError())); -#endif + fatal_exit("tcp bind: %s", sock_strerror(errno)); } if(listen(listen_s, 5) == -1) { -#ifndef USE_WINSOCK - fatal_exit("tcp listen: %s", strerror(errno)); -#else - fatal_exit("tcp listen: %s", wsa_strerror(WSAGetLastError())); -#endif + fatal_exit("tcp listen: %s", sock_strerror(errno)); } fd_set_nonblock(listen_s); printf("listening on port: %d\n", bindport); @@ -1109,13 +1045,8 @@ service(const char* bind_str, int bindport, const char* serv_str, /* cleanup */ verbose(1, "cleanup"); -#ifndef USE_WINSOCK - close(s); - close(listen_s); -#else - closesocket(s); - closesocket(listen_s); -#endif + sock_close(s); + sock_close(listen_s); sldns_buffer_free(pkt); ring_delete(ring); } diff --git a/testcode/dohclient.c b/testcode/dohclient.c new file mode 100644 index 000000000000..adcc7d831554 --- /dev/null +++ b/testcode/dohclient.c @@ -0,0 +1,586 @@ +/* + * testcode/dohclient.c - debug program. Perform multiple DNS queries using DoH. + * + * Copyright (c) 2020, NLnet Labs. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * \file + * + * Simple DNS-over-HTTPS client. For testing and debugging purposes. + * No authentication of TLS cert. + */ + +#include "config.h" +#ifdef HAVE_GETOPT_H +#include <getopt.h> +#endif +#include "sldns/wire2str.h" +#include "sldns/sbuffer.h" +#include "sldns/str2wire.h" +#include "sldns/parseutil.h" +#include "util/data/msgencode.h" +#include "util/data/msgreply.h" +#include "util/data/msgparse.h" +#include "util/net_help.h" +#include <openssl/ssl.h> +#include <openssl/err.h> +#ifdef HAVE_NGHTTP2 +#include <nghttp2/nghttp2.h> + +struct http2_session { + nghttp2_session* session; + SSL* ssl; + int fd; + int query_count; + /* Use POST :method if 1 */ + int post; + int block_select; + const char* authority; + const char* endpoint; + const char* content_type; +}; + +struct http2_stream { + int32_t stream_id; + int res_status; + struct sldns_buffer* buf; + char* path; +}; + +static void usage(char* argv[]) +{ + printf("usage: %s [options] name type class ...\n", argv[0]); + printf(" sends the name-type-class queries over " + "DNS-over-HTTPS.\n"); + printf("-s server IP address to send the queries to, " + "default: 127.0.0.1\n"); + printf("-p Port to connect to, default: %d\n", + UNBOUND_DNS_OVER_HTTPS_PORT); + printf("-P Use POST method instead of default GET\n"); + printf("-e HTTP endpoint, default: /dns-query\n"); + printf("-c Content-type in request, default: " + "application/dns-message\n"); + printf("-h This help text\n"); + exit(1); +} + +/** open TCP socket to svr */ +static int +open_svr(const char* svr, int port) +{ + struct sockaddr_storage addr; + socklen_t addrlen; + int fd = -1; + int r; + if(!ipstrtoaddr(svr, port, &addr, &addrlen)) { + printf("fatal: bad server specs '%s'\n", svr); + exit(1); + } + + fd = socket(addr_is_ip6(&addr, addrlen)?PF_INET6:PF_INET, + SOCK_STREAM, 0); + if(fd == -1) { + perror("socket() error"); + exit(1); + } + r = connect(fd, (struct sockaddr*)&addr, addrlen); + if(r < 0 && r != EINPROGRESS) { + perror("connect() error"); + exit(1); + } + return fd; +} + +static ssize_t http2_submit_request_read_cb( + nghttp2_session* ATTR_UNUSED(session), + int32_t ATTR_UNUSED(stream_id), uint8_t* buf, size_t length, + uint32_t* data_flags, nghttp2_data_source* source, + void* ATTR_UNUSED(cb_arg)) +{ + if(length > sldns_buffer_remaining(source->ptr)) + length = sldns_buffer_remaining(source->ptr); + + memcpy(buf, sldns_buffer_current(source->ptr), length); + sldns_buffer_skip(source->ptr, length); + + if(sldns_buffer_remaining(source->ptr) == 0) { + *data_flags |= NGHTTP2_DATA_FLAG_EOF; + } + + return length; +} + +static void +submit_query(struct http2_session* h2_session, struct sldns_buffer* buf) +{ + int32_t stream_id; + struct http2_stream* h2_stream; + nghttp2_nv headers[5]; + char* qb64; + size_t qb64_size; + size_t qb64_expected_size; + size_t i; + nghttp2_data_provider data_prd; + + h2_stream = calloc(1, sizeof(*h2_stream)); + if(!h2_stream) + fatal_exit("could not malloc http2 stream"); + h2_stream->buf = buf; + + if(h2_session->post) { + data_prd.source.ptr = buf; + data_prd.read_callback = http2_submit_request_read_cb; + h2_stream->path = (char*)h2_session->endpoint; + } else { + qb64_expected_size = sldns_b64_ntop_calculate_size( + sldns_buffer_remaining(buf)); + qb64 = malloc(qb64_expected_size); + if(!qb64) fatal_exit("out of memory"); + qb64_size = sldns_b64url_ntop(sldns_buffer_begin(buf), + sldns_buffer_remaining(buf), qb64, qb64_expected_size); + h2_stream->path = malloc(strlen( + h2_session->endpoint)+strlen("?dns=")+qb64_size+1); + if(!h2_stream->path) fatal_exit("out of memory"); + snprintf(h2_stream->path, strlen(h2_session->endpoint)+ + strlen("?dns=")+qb64_size+1, "%s?dns=%s", + h2_session->endpoint, qb64); + free(qb64); + } + + headers[0].name = (uint8_t*)":method"; + if(h2_session->post) + headers[0].value = (uint8_t*)"POST"; + else + headers[0].value = (uint8_t*)"GET"; + headers[1].name = (uint8_t*)":path"; + headers[1].value = (uint8_t*)h2_stream->path; + headers[2].name = (uint8_t*)":scheme"; + headers[2].value = (uint8_t*)"https"; + headers[3].name = (uint8_t*)":authority"; + headers[3].value = (uint8_t*)h2_session->authority; + headers[4].name = (uint8_t*)"content-type"; + headers[4].value = (uint8_t*)h2_session->content_type; + + printf("Request headers\n"); + for(i=0; i<sizeof(headers)/sizeof(headers[0]); i++) { + headers[i].namelen = strlen((char*)headers[i].name); + headers[i].valuelen = strlen((char*)headers[i].value); + headers[i].flags = NGHTTP2_NV_FLAG_NONE; + printf("%s: %s\n", headers[i].name, headers[i].value); + } + + stream_id = nghttp2_submit_request(h2_session->session, NULL, headers, + sizeof(headers)/sizeof(headers[0]), + (h2_session->post) ? &data_prd : NULL, h2_stream); + if(stream_id < 0) { + printf("Failed to submit nghttp2 request"); + exit(1); + } + h2_session->query_count++; + h2_stream->stream_id = stream_id; +} + +static sldns_buffer* +make_query(char* qname, char* qtype, char* qclass) +{ + struct query_info qinfo; + struct edns_data edns; + sldns_buffer* buf = sldns_buffer_new(65553); + if(!buf) fatal_exit("out of memory"); + qinfo.qname = sldns_str2wire_dname(qname, &qinfo.qname_len); + if(!qinfo.qname) { + printf("cannot parse query name: '%s'\n", qname); + exit(1); + } + + qinfo.qtype = sldns_get_rr_type_by_name(qtype); + qinfo.qclass = sldns_get_rr_class_by_name(qclass); + qinfo.local_alias = NULL; + + qinfo_query_encode(buf, &qinfo); /* flips buffer */ + free(qinfo.qname); + sldns_buffer_write_u16_at(buf, 0, 0x0000); + sldns_buffer_write_u16_at(buf, 2, BIT_RD); + memset(&edns, 0, sizeof(edns)); + edns.edns_present = 1; + edns.bits = EDNS_DO; + edns.udp_size = 4096; + if(sldns_buffer_capacity(buf) >= + sldns_buffer_limit(buf)+calc_edns_field_size(&edns)) + attach_edns_record(buf, &edns); + return buf; +} + +static ssize_t http2_recv_cb(nghttp2_session* ATTR_UNUSED(session), + uint8_t* buf, size_t len, int ATTR_UNUSED(flags), void* cb_arg) +{ + struct http2_session* h2_session = (struct http2_session*)cb_arg; + int r; + struct timeval tv, *waittv; + fd_set rfd; + ERR_clear_error(); + + memset(&tv, 0, sizeof(tv)); + + if(h2_session->block_select && h2_session->query_count <= 0) { + return NGHTTP2_ERR_WOULDBLOCK; + } + if(h2_session->block_select) + waittv = NULL; + else + waittv = &tv; + memset(&rfd, 0, sizeof(rfd)); + FD_ZERO(&rfd); + FD_SET(h2_session->fd, &rfd); + r = select(h2_session->fd+1, &rfd, NULL, NULL, waittv); + if(r <= 0) { + return NGHTTP2_ERR_WOULDBLOCK; + } + + r = SSL_read(h2_session->ssl, buf, len); + if(r <= 0) { + int want = SSL_get_error(h2_session->ssl, r); + if(want == SSL_ERROR_ZERO_RETURN) { + return NGHTTP2_ERR_EOF; + } + log_crypto_err("could not SSL_read"); + return NGHTTP2_ERR_EOF; + } + return r; +} + +static ssize_t http2_send_cb(nghttp2_session* ATTR_UNUSED(session), + const uint8_t* buf, size_t len, int ATTR_UNUSED(flags), void* cb_arg) +{ + struct http2_session* h2_session = (struct http2_session*)cb_arg; + + int r; + ERR_clear_error(); + r = SSL_write(h2_session->ssl, buf, len); + if(r <= 0) { + int want = SSL_get_error(h2_session->ssl, r); + if(want == SSL_ERROR_ZERO_RETURN) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + log_crypto_err("could not SSL_write"); + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + return r; +} + +static int http2_stream_close_cb(nghttp2_session* ATTR_UNUSED(session), + int32_t ATTR_UNUSED(stream_id), + nghttp2_error_code ATTR_UNUSED(error_code), void *cb_arg) +{ + struct http2_session* h2_session = (struct http2_session*)cb_arg; + struct http2_stream* h2_stream; + if(!(h2_stream = nghttp2_session_get_stream_user_data( + h2_session->session, stream_id))) { + return 0; + } + h2_session->query_count--; + sldns_buffer_free(h2_stream->buf); + if(!h2_session->post) + free(h2_stream->path); + free(h2_stream); + h2_stream = NULL; + return 0; +} + +static int http2_data_chunk_recv_cb(nghttp2_session* ATTR_UNUSED(session), + uint8_t ATTR_UNUSED(flags), int32_t stream_id, const uint8_t* data, + size_t len, void* cb_arg) +{ + struct http2_session* h2_session = (struct http2_session*)cb_arg; + struct http2_stream* h2_stream; + + if(!(h2_stream = nghttp2_session_get_stream_user_data( + h2_session->session, stream_id))) { + return 0; + } + + if(sldns_buffer_remaining(h2_stream->buf) < len) { + log_err("received data chunck does not fit into buffer"); + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + + sldns_buffer_write(h2_stream->buf, data, len); + + return 0; +} + +static int http2_frame_recv_cb(nghttp2_session *session, + const nghttp2_frame *frame, void* ATTR_UNUSED(cb_arg)) +{ + struct http2_stream* h2_stream; + + if(!(h2_stream = nghttp2_session_get_stream_user_data( + session, frame->hd.stream_id))) + return 0; + if(frame->hd.type == NGHTTP2_HEADERS && + frame->headers.cat == NGHTTP2_HCAT_RESPONSE) { + sldns_buffer_clear(h2_stream->buf); + } + if(((frame->hd.type != NGHTTP2_DATA && + frame->hd.type != NGHTTP2_HEADERS) || + frame->hd.flags & NGHTTP2_FLAG_END_STREAM) && + h2_stream->res_status == 200) { + char* pktstr; + sldns_buffer_flip(h2_stream->buf); + pktstr = sldns_wire2str_pkt( + sldns_buffer_begin(h2_stream->buf), + sldns_buffer_limit(h2_stream->buf)); + printf("%s\n", pktstr); + free(pktstr); + return 0; + } + return 0; +} +static int http2_header_cb(nghttp2_session* ATTR_UNUSED(session), + const nghttp2_frame* frame, const uint8_t* name, size_t namelen, + const uint8_t* value, size_t ATTR_UNUSED(valuelen), + uint8_t ATTR_UNUSED(flags), void* cb_arg) +{ + struct http2_stream* h2_stream; + struct http2_session* h2_session = (struct http2_session*)cb_arg; + printf("%s %s\n", name, value); + if(namelen == 7 && memcmp(":status", name, namelen) == 0) { + if(!(h2_stream = nghttp2_session_get_stream_user_data( + h2_session->session, frame->hd.stream_id))) { + return 0; + } + h2_stream->res_status = atoi((char*)value); + } + return 0; +} + +static struct http2_session* +http2_session_create() +{ + struct http2_session* h2_session = calloc(1, + sizeof(struct http2_session)); + nghttp2_session_callbacks* callbacks; + if(!h2_session) + fatal_exit("out of memory"); + + if(nghttp2_session_callbacks_new(&callbacks) == NGHTTP2_ERR_NOMEM) { + log_err("failed to initialize nghttp2 callback"); + return NULL; + } + nghttp2_session_callbacks_set_recv_callback(callbacks, http2_recv_cb); + nghttp2_session_callbacks_set_send_callback(callbacks, http2_send_cb); + nghttp2_session_callbacks_set_on_stream_close_callback(callbacks, + http2_stream_close_cb); + nghttp2_session_callbacks_set_on_data_chunk_recv_callback(callbacks, + http2_data_chunk_recv_cb); + nghttp2_session_callbacks_set_on_frame_recv_callback(callbacks, + http2_frame_recv_cb); + nghttp2_session_callbacks_set_on_header_callback(callbacks, + http2_header_cb); + nghttp2_session_client_new(&h2_session->session, callbacks, h2_session); + nghttp2_session_callbacks_del(callbacks); + return h2_session; +} + +static void +http2_session_delete(struct http2_session* h2_session) +{ + nghttp2_session_del(h2_session->session); + free(h2_session); +} + +static void +http2_submit_setting(struct http2_session* h2_session) +{ + int ret; + nghttp2_settings_entry settings[1] = { + {NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, + 100}}; + + ret = nghttp2_submit_settings(h2_session->session, NGHTTP2_FLAG_NONE, + settings, 1); + if(ret) { + printf("http2: submit_settings failed, " + "error: %s\n", nghttp2_strerror(ret)); + exit(1); + } +} + +static void +http2_write(struct http2_session* h2_session) +{ + if(nghttp2_session_want_write(h2_session->session)) { + if(nghttp2_session_send(h2_session->session)) { + printf("nghttp2 session send failed\n"); + exit(1); + } + } +} + +static void +http2_read(struct http2_session* h2_session) +{ + if(nghttp2_session_want_read(h2_session->session)) { + if(nghttp2_session_recv(h2_session->session)) { + printf("nghttp2 session mem_recv failed\n"); + exit(1); + } + } +} + +static void +run(struct http2_session* h2_session, int port, int count, char** q) +{ + int i; + SSL_CTX* ctx = NULL; + SSL* ssl = NULL; + int fd; + struct sldns_buffer* buf = NULL; + + fd = open_svr(h2_session->authority, port); + h2_session->fd = fd; + + ctx = connect_sslctx_create(NULL, NULL, NULL, 0); + if(!ctx) fatal_exit("cannot create ssl ctx"); + SSL_CTX_set_alpn_protos(ctx, (const unsigned char *)"\x02h2", 3); + ssl = outgoing_ssl_fd(ctx, fd); + if(!ssl) { + printf("cannot create ssl\n"); + exit(1); + } + h2_session->ssl = ssl; + while(1) { + int r; + ERR_clear_error(); + if( (r=SSL_do_handshake(ssl)) == 1) + break; + r = SSL_get_error(ssl, r); + if(r != SSL_ERROR_WANT_READ && + r != SSL_ERROR_WANT_WRITE) { + log_crypto_err("could not ssl_handshake"); + exit(1); + } + } + + http2_submit_setting(h2_session); + http2_write(h2_session); + http2_read(h2_session); /* Read setting from remote peer */ + + h2_session->block_select = 1; + + /* hande query */ + for(i=0; i<count; i+=3) { + buf = make_query(q[i], q[i+1], q[i+2]); + submit_query(h2_session, buf); + } + http2_write(h2_session); + while(h2_session->query_count) { + http2_read(h2_session); + http2_write(h2_session); + } + + /* shutdown */ + http2_session_delete(h2_session); + SSL_shutdown(ssl); + SSL_free(ssl); + SSL_CTX_free(ctx); + close(fd); +} + +/** getopt global, in case header files fail to declare it. */ +extern int optind; +/** getopt global, in case header files fail to declare it. */ +extern char* optarg; +int main(int argc, char** argv) +{ + int c; + int port = UNBOUND_DNS_OVER_HTTPS_PORT; + struct http2_session* h2_session = http2_session_create(); + if(!h2_session) fatal_exit("out of memory"); + + if(argc == 1) { + usage(argv); + } + + h2_session->authority = "127.0.0.1"; + h2_session->post = 0; + h2_session->endpoint = "/dns-query"; + h2_session->content_type = "application/dns-message"; + + while((c=getopt(argc, argv, "c:e:hs:p:P")) != -1) { + switch(c) { + case 'c': + h2_session->content_type = optarg; + break; + case 'e': + h2_session->endpoint = optarg; + break; + case 'p': + if(atoi(optarg)==0 && strcmp(optarg,"0")!=0) { + printf("error parsing port, " + "number expected: %s\n", optarg); + return 1; + } + port = atoi(optarg); + break; + case 'P': + h2_session->post = 1; + break; + case 's': + h2_session->authority = optarg; + break; + case 'h': + case '?': + default: + usage(argv); + } + } + argc -= optind; + argv += optind; + if(argc%3!=0) { + printf("Invalid input. Specify qname, qtype, and qclass.\n"); + return 1; + } + + + run(h2_session, port, argc, argv); + + return 0; +} +#else +int main(int ATTR_UNUSED(argc), char** ATTR_UNUSED(argv)) +{ + printf("Compiled without nghttp2, cannot run test.\n"); + return 1; +} +#endif /* HAVE_NGHTTP2 */ diff --git a/testcode/fake_event.c b/testcode/fake_event.c index d89eedce8bd0..d8df76492540 100644 --- a/testcode/fake_event.c +++ b/testcode/fake_event.c @@ -52,6 +52,7 @@ #include "util/data/msgreply.h" #include "util/data/msgencode.h" #include "util/data/dname.h" +#include "util/edns.h" #include "util/config_file.h" #include "services/listen_dnsport.h" #include "services/outside_network.h" @@ -868,9 +869,12 @@ struct listen_dnsport* listen_create(struct comm_base* base, struct listen_port* ATTR_UNUSED(ports), size_t bufsize, int ATTR_UNUSED(tcp_accept_count), int ATTR_UNUSED(tcp_idle_timeout), + int ATTR_UNUSED(harden_large_queries), + uint32_t ATTR_UNUSED(http_max_streams), + char* ATTR_UNUSED(http_endpoint), struct tcl_list* ATTR_UNUSED(tcp_conn_limit), void* ATTR_UNUSED(sslctx), struct dt_env* ATTR_UNUSED(dtenv), - comm_point_callback_type* cb, void* cb_arg) + comm_point_callback_type* cb, void *cb_arg) { struct replay_runtime* runtime = (struct replay_runtime*)base; struct listen_dnsport* l= calloc(1, sizeof(struct listen_dnsport)); @@ -1180,7 +1184,7 @@ struct serviced_query* outnet_serviced_query(struct outside_network* outnet, socklen_t addrlen, uint8_t* zone, size_t zonelen, struct module_qstate* qstate, comm_point_callback_type* callback, void* callback_arg, sldns_buffer* ATTR_UNUSED(buff), - struct module_env* ATTR_UNUSED(env)) + struct module_env* env) { struct replay_runtime* runtime = (struct replay_runtime*)outnet->base; struct fake_pending* pend = (struct fake_pending*)calloc(1, @@ -1209,6 +1213,7 @@ struct serviced_query* outnet_serviced_query(struct outside_network* outnet, sldns_buffer_flip(pend->buffer); if(1) { struct edns_data edns; + struct edns_tag_addr* client_tag_addr; if(!inplace_cb_query_call(env, qinfo, flags, addr, addrlen, zone, zonelen, qstate, qstate->region)) { free(pend); @@ -1220,9 +1225,17 @@ struct serviced_query* outnet_serviced_query(struct outside_network* outnet, edns.edns_version = EDNS_ADVERTISED_VERSION; edns.udp_size = EDNS_ADVERTISED_SIZE; edns.bits = 0; - edns.opt_list = qstate->edns_opts_back_out; if(dnssec) edns.bits = EDNS_DO; + if((client_tag_addr = edns_tag_addr_lookup( + &env->edns_tags->client_tags, + addr, addrlen))) { + uint16_t client_tag = htons(client_tag_addr->tag_data); + edns_opt_list_append(&qstate->edns_opts_back_out, + env->edns_tags->client_tag_opcode, 2, + (uint8_t*)&client_tag, qstate->region); + } + edns.opt_list = qstate->edns_opts_back_out; attach_edns_record(pend->buffer, &edns); } memcpy(&pend->addr, addr, addrlen); @@ -1290,7 +1303,14 @@ void outnet_serviced_query_stop(struct serviced_query* sq, void* cb_arg) log_info("double delete of pending serviced query"); } +int resolve_interface_names(struct config_file* ATTR_UNUSED(cfg), + char*** ATTR_UNUSED(resif), int* ATTR_UNUSED(num_resif)) +{ + return 1; +} + struct listen_port* listening_ports_open(struct config_file* ATTR_UNUSED(cfg), + char** ATTR_UNUSED(ifs), int ATTR_UNUSED(num_ifs), int* ATTR_UNUSED(reuseport)) { return calloc(1, 1); @@ -1825,4 +1845,21 @@ tcp_req_info_get_stream_buffer_size(void) return 0; } +size_t +http2_get_query_buffer_size(void) +{ + return 0; +} + +size_t +http2_get_response_buffer_size(void) +{ + return 0; +} + +void http2_stream_add_meshstate(struct http2_stream* ATTR_UNUSED(h2_stream), + struct mesh_area* ATTR_UNUSED(mesh), struct mesh_state* ATTR_UNUSED(m)) +{ +} + /*********** End of Dummy routines ***********/ diff --git a/testcode/perf.c b/testcode/perf.c index 5b170ca57379..b13eca6d3946 100644 --- a/testcode/perf.c +++ b/testcode/perf.c @@ -233,12 +233,7 @@ perfsetup(struct perfinfo* info) addr_is_ip6(&info->dest, info->destlen)? AF_INET6:AF_INET, SOCK_DGRAM, 0); if(info->io[i].fd == -1) { -#ifndef USE_WINSOCK - fatal_exit("socket: %s", strerror(errno)); -#else - fatal_exit("socket: %s", - wsa_strerror(WSAGetLastError())); -#endif + fatal_exit("socket: %s", sock_strerror(errno)); } if(info->io[i].fd > info->maxfd) info->maxfd = info->io[i].fd; @@ -260,11 +255,7 @@ perffree(struct perfinfo* info) if(!info) return; if(info->io) { for(i=0; i<info->io_num; i++) { -#ifndef USE_WINSOCK - close(info->io[i].fd); -#else - closesocket(info->io[i].fd); -#endif + sock_close(info->io[i].fd); } free(info->io); } @@ -285,11 +276,7 @@ perfsend(struct perfinfo* info, size_t n, struct timeval* now) /*log_hex("send", info->qlist_data[info->qlist_idx], info->qlist_len[info->qlist_idx]);*/ if(r == -1) { -#ifndef USE_WINSOCK - log_err("sendto: %s", strerror(errno)); -#else - log_err("sendto: %s", wsa_strerror(WSAGetLastError())); -#endif + log_err("sendto: %s", sock_strerror(errno)); } else if(r != (ssize_t)info->qlist_len[info->qlist_idx]) { log_err("partial sendto"); } @@ -309,11 +296,7 @@ perfreply(struct perfinfo* info, size_t n, struct timeval* now) r = recv(info->io[n].fd, (void*)sldns_buffer_begin(info->buf), sldns_buffer_capacity(info->buf), 0); if(r == -1) { -#ifndef USE_WINSOCK - log_err("recv: %s", strerror(errno)); -#else - log_err("recv: %s", wsa_strerror(WSAGetLastError())); -#endif + log_err("recv: %s", sock_strerror(errno)); } else { info->by_rcode[LDNS_RCODE_WIRE(sldns_buffer_begin( info->buf))]++; diff --git a/testcode/streamtcp.c b/testcode/streamtcp.c index c49159d33a58..ffdddbe9db48 100644 --- a/testcode/streamtcp.c +++ b/testcode/streamtcp.c @@ -388,11 +388,7 @@ send_em(const char* svr, int udp, int usessl, int noanswer, int onarrival, SSL_free(ssl); SSL_CTX_free(ctx); } -#ifndef USE_WINSOCK - close(fd); -#else - closesocket(fd); -#endif + sock_close(fd); sldns_buffer_free(buf); printf("orderly exit\n"); } diff --git a/testcode/testpkts.c b/testcode/testpkts.c index 82c1439677c0..dee45176167a 100644 --- a/testcode/testpkts.c +++ b/testcode/testpkts.c @@ -501,7 +501,7 @@ add_edns(uint8_t* pktbuf, size_t pktsize, int do_flag, uint8_t *ednsdata, { uint8_t edns[] = {0x00, /* root label */ 0x00, LDNS_RR_TYPE_OPT, /* type */ - 0x10, 0x00, /* class is UDPSIZE 4096 */ + 0x04, 0xD0, /* class is UDPSIZE 1232 */ 0x00, /* TTL[0] is ext rcode */ 0x00, /* TTL[1] is edns version */ (uint8_t)(do_flag?0x80:0x00), 0x00, /* TTL[2-3] is edns flags, DO */ diff --git a/testcode/unitldns.c b/testcode/unitldns.c index 66f75617037d..22c9ed945585 100644 --- a/testcode/unitldns.c +++ b/testcode/unitldns.c @@ -44,6 +44,7 @@ #include "sldns/sbuffer.h" #include "sldns/str2wire.h" #include "sldns/wire2str.h" +#include "sldns/parseutil.h" /** verbose this unit test */ static int vbmp = 0; @@ -220,9 +221,60 @@ rr_tests(void) SRCDIRSTR "/testdata/test_ldnsrr.c5"); } +/** test various base64 decoding options */ +static void +b64_test(void) +{ + /* "normal" b64 alphabet, with padding */ + char* p1 = "aGVsbG8="; /* "hello" */ + char* p2 = "aGVsbG8+"; /* "hello>" */ + char* p3 = "aGVsbG8/IQ=="; /* "hello?!" */ + char* p4 = "aGVsbG8"; /* "hel" + extra garbage */ + + /* base64 url, without padding */ + char* u1 = "aGVsbG8"; /* "hello" */ + char* u2 = "aGVsbG8-"; /* "hello>" */ + char* u3 = "aGVsbG8_IQ"; /* "hello?!" */ + char* u4 = "aaaaa"; /* garbage */ + + char target[128]; + size_t tarsize = 128; + int result; + + memset(target, 0, sizeof(target)); + result = sldns_b64_pton(p1, (uint8_t*)target, tarsize); + unit_assert(result == strlen("hello") && strcmp(target, "hello") == 0); + memset(target, 0, sizeof(target)); + result = sldns_b64_pton(p2, (uint8_t*)target, tarsize); + unit_assert(result == strlen("hello>") && strcmp(target, "hello>") == 0); + memset(target, 0, sizeof(target)); + result = sldns_b64_pton(p3, (uint8_t*)target, tarsize); + unit_assert(result == strlen("hello?!") && strcmp(target, "hello?!") == 0); + memset(target, 0, sizeof(target)); + result = sldns_b64_pton(p4, (uint8_t*)target, tarsize); + /* when padding is used everything that is not a block of 4 will be + * ignored */ + unit_assert(result == strlen("hel") && strcmp(target, "hel") == 0); + + memset(target, 0, sizeof(target)); + result = sldns_b64url_pton(u1, strlen(u1), (uint8_t*)target, tarsize); + unit_assert(result == strlen("hello") && strcmp(target, "hello") == 0); + memset(target, 0, sizeof(target)); + result = sldns_b64url_pton(u2, strlen(u2), (uint8_t*)target, tarsize); + unit_assert(result == strlen("hello>") && strcmp(target, "hello>") == 0); + memset(target, 0, sizeof(target)); + result = sldns_b64url_pton(u3, strlen(u3), (uint8_t*)target, tarsize); + unit_assert(result == strlen("hello+/") && strcmp(target, "hello?!") == 0); + /* one item in block of four is not allowed */ + memset(target, 0, sizeof(target)); + result = sldns_b64url_pton(u4, strlen(u4), (uint8_t*)target, tarsize); + unit_assert(result == -1); +} + void ldns_test(void) { unit_show_feature("sldns"); rr_tests(); + b64_test(); } diff --git a/testdata/dlv_anchor.rpl b/testdata/dlv_anchor.rpl deleted file mode 100644 index 81547454eff6..000000000000 --- a/testdata/dlv_anchor.rpl +++ /dev/null @@ -1,279 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - minimal-responses: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with DLV anchor -; positive response for DLV. - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; DLV query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net.example.com. IN DLV -SECTION ANSWER -example.net.example.com. 3600 IN DLV 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -example.net.example.com. 3600 IN RRSIG DLV 3 4 3600 20070926134150 20070829134150 2854 example.com. ACK48Q/oKwh/SM9yRiKjZYuc+AtEZ2yCPNJ15kKCN8nsVcv7xigmNTY= ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; www.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -SCENARIO_END diff --git a/testdata/dlv_ask_higher.rpl b/testdata/dlv_ask_higher.rpl deleted file mode 100644 index fad8355c803b..000000000000 --- a/testdata/dlv_ask_higher.rpl +++ /dev/null @@ -1,354 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - minimal-responses: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with DLV where it needs to ask higher up in dlv. -; at first negative DLV response, it needs to ask higher. -; the SOA record in that negative response has a big span (if interpreted as NSEC) -; then a positive response for DLV. - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; failed DLV query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR AA NXDOMAIN -SECTION QUESTION -sub.example.net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.net.example.com IN NSEC not.example.com. RRSIG NSEC DLV -example.net.example.com. 3600 IN RRSIG NSEC 3 4 3600 20070926134150 20070829134150 2854 example.com. AKz/e6KOw8gCx6wnpIatBwKb0WOPBTWmNNMg91XR/wlJQ9Z2+qICPmA= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -SECTION ADDITIONAL -ENTRY_END - -; DLV query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net.example.com. IN DLV -SECTION ANSWER -example.net.example.com. 3600 IN DLV 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -example.net.example.com. 3600 IN RRSIG DLV 3 4 3600 20070926134150 20070829134150 2854 example.com. ACK48Q/oKwh/SM9yRiKjZYuc+AtEZ2yCPNJ15kKCN8nsVcv7xigmNTY= ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; www.sub.example.net query -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -sub.example.net. IN A -SECTION ANSWER -SECTION AUTHORITY -sub.example.net. IN NS ns.sub.example.net. -sub.example.net. 3600 IN DS 30899 5 1 36b39460f94a807cbbbf3b31cc9db955081b2b36 ; xetir-fahok-bovug-pebyl-sovur-zyvaf-cufan-tivih-hadec-rypof-kixox -sub.example.net. 3600 IN RRSIG DS 5 3 3600 20070926134150 20070829134150 30899 example.net. nM5HAlRsrLurc5mUNKwCye5X6LSH53pLgSeyni4wb6Jd2J48ZRWwrVvy7IpyvI75+Wlu3aGOjv/kEyVaizChRQ== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ENTRY_END - -RANGE_END - -; ns.sub.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.6 -; DS -; sub.example.net. 3600 IN DS 30899 5 1 36b39460f94a807cbbbf3b31cc9db955081b2b36 ; xetir-fahok-bovug-pebyl-sovur-zyvaf-cufan-tivih-hadec-rypof-kixox -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -sub.example.net. IN DNSKEY -SECTION ANSWER -sub.example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -sub.example.net. 3600 IN RRSIG DNSKEY 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. PATh0K1jz9QeN02C79noX9gwK+Nr5VznWPQwygm/pYDsOb0z3EsaiOrzyoreegDKgoNn3kN0CywS+usCWM6hrw== ;{id = 30899} -SECTION AUTHORITY -sub.example.net. IN NS ns.sub.example.net. -sub.example.net. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. JZUK303aE7R428S5XXLaowpM79YSc2g7wy2rDOH+6Ts2UefZInv6X5cjJU4+qBrS8i9XhdllqG7SEnPKZ0GtAw== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ns.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. AluXPa4XdlCysQMVrt0YairoOug4GMvy8rNUeKLCfQ5xVqRMqkTisbzJXBQPgYEVA0DJR74eEpgLrcz5ztb1aA== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -sub.example.net. IN NS -SECTION ANSWER -sub.example.net. IN NS ns.sub.example.net. -sub.example.net. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. JZUK303aE7R428S5XXLaowpM79YSc2g7wy2rDOH+6Ts2UefZInv6X5cjJU4+qBrS8i9XhdllqG7SEnPKZ0GtAw== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ns.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. AluXPa4XdlCysQMVrt0YairoOug4GMvy8rNUeKLCfQ5xVqRMqkTisbzJXBQPgYEVA0DJR74eEpgLrcz5ztb1aA== ;{id = 30899} -ENTRY_END - -; www.sub.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.sub.example.net. IN A -SECTION ANSWER -www.sub.example.net. 3600 IN A 10.20.30.40 -www.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. Q+88AIM3K8q6S0bHeFVT742EepZFxOxgtaL1V68DEkP4NePKzL4zttWQD3uI/5ALw/fIrC7G43Eo+epWn2ZGCA== ;{id = 30899} -SECTION AUTHORITY -sub.example.net. IN NS ns.sub.example.net. -sub.example.net. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. JZUK303aE7R428S5XXLaowpM79YSc2g7wy2rDOH+6Ts2UefZInv6X5cjJU4+qBrS8i9XhdllqG7SEnPKZ0GtAw== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ns.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. AluXPa4XdlCysQMVrt0YairoOug4GMvy8rNUeKLCfQ5xVqRMqkTisbzJXBQPgYEVA0DJR74eEpgLrcz5ztb1aA== ;{id = 30899} -ENTRY_END - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.sub.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.sub.example.net. IN A -SECTION ANSWER -www.sub.example.net. 3600 IN A 10.20.30.40 -www.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. Q+88AIM3K8q6S0bHeFVT742EepZFxOxgtaL1V68DEkP4NePKzL4zttWQD3uI/5ALw/fIrC7G43Eo+epWn2ZGCA== ;{id = 30899} -SECTION AUTHORITY -sub.example.net. IN NS ns.sub.example.net. -sub.example.net. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. JZUK303aE7R428S5XXLaowpM79YSc2g7wy2rDOH+6Ts2UefZInv6X5cjJU4+qBrS8i9XhdllqG7SEnPKZ0GtAw== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ns.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. AluXPa4XdlCysQMVrt0YairoOug4GMvy8rNUeKLCfQ5xVqRMqkTisbzJXBQPgYEVA0DJR74eEpgLrcz5ztb1aA== ;{id = 30899} -ENTRY_END - -SCENARIO_END diff --git a/testdata/dlv_below_ta.rpl b/testdata/dlv_below_ta.rpl deleted file mode 100644 index f5d630dfb2d7..000000000000 --- a/testdata/dlv_below_ta.rpl +++ /dev/null @@ -1,355 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - trust-anchor: "example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - minimal-responses: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator, use DLV for nonDSed zone below trustanchor. -; DLV example.com. -; trust anchor at example.net but no secure delegation to -; sub.example.net signed with DLV but not by parent. - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; DLV query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -sub.example.net.example.com. IN DLV -SECTION ANSWER -sub.example.net.example.com. 3600 IN DLV 30899 5 1 36b39460f94a807cbbbf3b31cc9db955081b2b36 ; xetir-fahok-bovug-pebyl-sovur-zyvaf-cufan-tivih-hadec-rypof-kixox -sub.example.net.example.com. 3600 IN RRSIG DLV 3 5 3600 20070926135752 20070829135752 2854 example.com. AAdhy87nuDEaxmc+k9pJHYnhKiEYL++OLPxzOdwEQOtsHi7jeD3lRDU= ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC sub.example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. ALITtZY03PDWnuAeEL/5VwMIXY3iC2y7Qkeq5DgAHmPbNyWiOmJNEKg= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC sub.example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. ALITtZY03PDWnuAeEL/5VwMIXY3iC2y7Qkeq5DgAHmPbNyWiOmJNEKg= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; no DS to sub.example.net, securely insecure. -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -sub.example.net. IN DS -SECTION ANSWER -SECTION AUTHORITY -example.net. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.net. 3600 IN RRSIG SOA 5 2 3600 20070926134150 20070829134150 30899 example.net. ELVULZHTRc0Qk06rSBRnB/T6sm1+AbAtdEJHN6PCsz2Z3s3E5A8NH7Krz0VzRaYIEUStnbAtuE3oP8XHWHBnyQ== ;{id = 30899} -sub.example.net. IN NSEC tut.example.net. NS NSEC -sub.example.net. 3600 IN RRSIG NSEC 5 3 3600 20070926134150 20070829134150 30899 example.net. eNJ2OPjMhGKvg70aYT9l9Uo1lJsqmDqVRMlHibv6t+CNjljytI9Vwbao17oV0cjIksmESAewReb73x9fmVIgEQ== ;{id = 30899} -SECTION ADDITIONAL -ENTRY_END - -; delegation to sub.example.net, securely insecure. -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -sub.example.net. IN NS -SECTION ANSWER -SECTION AUTHORITY -sub.example.net. IN NS ns.sub.example.net. -sub.example.net. IN NSEC tut.example.net. NS NSEC -sub.example.net. 3600 IN RRSIG NSEC 5 3 3600 20070926134150 20070829134150 30899 example.net. eNJ2OPjMhGKvg70aYT9l9Uo1lJsqmDqVRMlHibv6t+CNjljytI9Vwbao17oV0cjIksmESAewReb73x9fmVIgEQ== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ENTRY_END - - -RANGE_END - -; ns.sub.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.6 -; DS is -; sub.example.net. 3600 IN DS 30899 5 1 36b39460f94a807cbbbf3b31cc9db955081b2b36 ; xetir-fahok-bovug-pebyl-sovur-zyvaf-cufan-tivih-hadec-rypof-kixox -; DNSKEY query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR AA NOERROR -SECTION QUESTION -sub.example.net. IN DNSKEY -SECTION ANSWER -sub.example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -sub.example.net. 3600 IN RRSIG DNSKEY 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. PATh0K1jz9QeN02C79noX9gwK+Nr5VznWPQwygm/pYDsOb0z3EsaiOrzyoreegDKgoNn3kN0CywS+usCWM6hrw== ;{id = 30899} -SECTION AUTHORITY -sub.example.net. IN NS ns.sub.example.net. -sub.example.net. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. JZUK303aE7R428S5XXLaowpM79YSc2g7wy2rDOH+6Ts2UefZInv6X5cjJU4+qBrS8i9XhdllqG7SEnPKZ0GtAw== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ns.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. AluXPa4XdlCysQMVrt0YairoOug4GMvy8rNUeKLCfQ5xVqRMqkTisbzJXBQPgYEVA0DJR74eEpgLrcz5ztb1aA== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR AA NOERROR -SECTION QUESTION -sub.example.net. IN NS -SECTION ANSWER -sub.example.net. IN NS ns.sub.example.net. -sub.example.net. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. JZUK303aE7R428S5XXLaowpM79YSc2g7wy2rDOH+6Ts2UefZInv6X5cjJU4+qBrS8i9XhdllqG7SEnPKZ0GtAw== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ns.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. AluXPa4XdlCysQMVrt0YairoOug4GMvy8rNUeKLCfQ5xVqRMqkTisbzJXBQPgYEVA0DJR74eEpgLrcz5ztb1aA== ;{id = 30899} -ENTRY_END - -; www.sub.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR AA NOERROR -SECTION QUESTION -www.sub.example.net. IN A -SECTION ANSWER -www.sub.example.net. IN A 10.20.30.40 -www.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. Q+88AIM3K8q6S0bHeFVT742EepZFxOxgtaL1V68DEkP4NePKzL4zttWQD3uI/5ALw/fIrC7G43Eo+epWn2ZGCA== ;{id = 30899} -SECTION AUTHORITY -sub.example.net. IN NS ns.sub.example.net. -sub.example.net. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. JZUK303aE7R428S5XXLaowpM79YSc2g7wy2rDOH+6Ts2UefZInv6X5cjJU4+qBrS8i9XhdllqG7SEnPKZ0GtAw== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ns.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. AluXPa4XdlCysQMVrt0YairoOug4GMvy8rNUeKLCfQ5xVqRMqkTisbzJXBQPgYEVA0DJR74eEpgLrcz5ztb1aA== ;{id = 30899} -ENTRY_END - - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.sub.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.sub.example.net. IN A -SECTION ANSWER -www.sub.example.net. IN A 10.20.30.40 -www.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. Q+88AIM3K8q6S0bHeFVT742EepZFxOxgtaL1V68DEkP4NePKzL4zttWQD3uI/5ALw/fIrC7G43Eo+epWn2ZGCA== ;{id = 30899} -SECTION AUTHORITY -sub.example.net. IN NS ns.sub.example.net. -sub.example.net. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. JZUK303aE7R428S5XXLaowpM79YSc2g7wy2rDOH+6Ts2UefZInv6X5cjJU4+qBrS8i9XhdllqG7SEnPKZ0GtAw== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ns.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. AluXPa4XdlCysQMVrt0YairoOug4GMvy8rNUeKLCfQ5xVqRMqkTisbzJXBQPgYEVA0DJR74eEpgLrcz5ztb1aA== ;{id = 30899} -ENTRY_END - -SCENARIO_END diff --git a/testdata/dlv_delegation.rpl b/testdata/dlv_delegation.rpl deleted file mode 100644 index 53074c8e257f..000000000000 --- a/testdata/dlv_delegation.rpl +++ /dev/null @@ -1,335 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - minimal-responses: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with delegation in DLV repository -; positive response for DLV. -; but the DLV repository has a (secure) delegation inside it. - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; referral to the net.example.com DLV server -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -net.example.com. NS ns.net.example.com. -net.example.com. 3600 IN DS 2854 3 1 24d80cd822bc4083cf491b7f055890345a77dd9b ; xenat-myfat-memir-sabym-fefig-nakol-zucyh-megef-gakel-lolyn-ruxox -net.example.com. 3600 IN RRSIG DS 3 3 3600 20070926134150 20070829134150 2854 example.com. AA0APyTN12wzj1XmDEZe+wrPE1hkLAINKT8cT9zGup7zX3O8R4Ki2N8= ;{id = 2854} -SECTION ADDITIONAL -ns.net.example.com. A 1.2.3.6 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AJEvfI+tX6Y1OF0h1CNHERJjXaaTsmLWTMLgXk4UYJl8JjAikCpsf9Q= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.net.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.6 -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN NS -SECTION ANSWER -net.example.com. NS ns.net.example.com. -net.example.com. 3600 IN RRSIG NS 3 3 3600 20070926134150 20070829134150 2854 net.example.com. AHjTvB20SzZVV9P3LXJ6lVzFWCoDk7T71VHllOwmom3a/EutlUpsgNM= ;{id = 2854} -SECTION ADDITIONAL -ns.net.example.com. A 1.2.3.6 -ns.net.example.com. 3600 IN RRSIG A 3 4 3600 20070926134150 20070829134150 2854 net.example.com. AE2wjNCJayCBi6e8QAGwgujdMC2LbVWQVbQCuQx+grjoQJXQxxpFB5I= ;{id = 2854} -ENTRY_END - -; DNSKEY query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DNSKEY -SECTION ANSWER -net.example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJIIs70j+sDS/UT2QRp61SE7S3EEXopNXoFE73JLRmvpi/UrOO/Vz4Se6wXv/CYCKjGw06U4WRgRYXcpEhJROyNapmdIKSxhOzfLVE1gqA0PweZR8dtY3aNQSRn3sPpwJr6Mi/PqQKAMMrZ9ckJpf1+bQMOOvxgzz2U1GS18b3yZKcgTMEaJzd/GZYzi/BN2DzQ0MsrSwYXfsNLFOBbs8PJMW4LYIxeeOe6rUgkWOF7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -net.example.com. 3600 IN RRSIG DNSKEY 3 3 3600 20070926134150 20070829134150 2854 net.example.com. ADgKDV1Yi2iFOXFUN1XkvBU7KW/rdtGcOEdc9VMIxfIKDo5h24E5fqs= ;{id = 2854} -SECTION AUTHORITY -net.example.com. NS ns.net.example.com. -net.example.com. 3600 IN RRSIG NS 3 3 3600 20070926134150 20070829134150 2854 net.example.com. AHjTvB20SzZVV9P3LXJ6lVzFWCoDk7T71VHllOwmom3a/EutlUpsgNM= ;{id = 2854} -SECTION ADDITIONAL -ns.net.example.com. A 1.2.3.6 -ns.net.example.com. 3600 IN RRSIG A 3 4 3600 20070926134150 20070829134150 2854 net.example.com. AE2wjNCJayCBi6e8QAGwgujdMC2LbVWQVbQCuQx+grjoQJXQxxpFB5I= ;{id = 2854} -ENTRY_END - -; DLV apex -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -net.example.com. SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -net.example.com. 3600 IN RRSIG SOA 3 3 3600 20070926134150 20070829134150 2854 net.example.com. AKAjedAeGWRHaqhDhNhbTvVUQMgCspiD4GNC7dMVbEZSd87AFcqwg1Y= ;{id = 2854} -net.example.com. NSEC example.net.example.com. SOA NS DNSKEY RRSIG NSEC -net.example.com. 3600 IN RRSIG NSEC 3 3 3600 20070926134150 20070829134150 2854 net.example.com. AAHqj3xDqng7ZuNFn89sTjTo2qfuXTv0yR6v8mZ1+L5mCsOwjpGXrJw= ;{id = 2854} -SECTION ADDITIONAL -ENTRY_END - -; DLV of interest -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net.example.com. IN DLV -SECTION ANSWER -example.net.example.com. 3600 IN DLV 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -example.net.example.com. 3600 IN RRSIG DLV 3 4 3600 20070926134150 20070829134150 2854 net.example.com. AIZmoTbAlXYwLknm84i7sbglbHr1Iq7t0yyTENO/MsPj7K/mvEQAI/g= ;{id = 2854} -SECTION AUTHORITY -net.example.com. NS ns.net.example.com. -net.example.com. 3600 IN RRSIG NS 3 3 3600 20070926134150 20070829134150 2854 net.example.com. AHjTvB20SzZVV9P3LXJ6lVzFWCoDk7T71VHllOwmom3a/EutlUpsgNM= ;{id = 2854} -SECTION ADDITIONAL -ns.net.example.com. A 1.2.3.6 -ns.net.example.com. 3600 IN RRSIG A 3 4 3600 20070926134150 20070829134150 2854 net.example.com. AE2wjNCJayCBi6e8QAGwgujdMC2LbVWQVbQCuQx+grjoQJXQxxpFB5I= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; www.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -SCENARIO_END diff --git a/testdata/dlv_ds_lookup.rpl b/testdata/dlv_ds_lookup.rpl deleted file mode 100644 index 663cd9c3642b..000000000000 --- a/testdata/dlv_ds_lookup.rpl +++ /dev/null @@ -1,281 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with DLV anchor for a DS lookup. -; positive response for DLV. - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DS -SECTION AUTHORITY -net. 900 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1251367385 1800 900 604800 86400 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; DLV query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net.example.com. IN DLV -SECTION ANSWER -example.net.example.com. 3600 IN DLV 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -example.net.example.com. 3600 IN RRSIG DLV 3 4 3600 20070926134150 20070829134150 2854 example.com. ACK48Q/oKwh/SM9yRiKjZYuc+AtEZ2yCPNJ15kKCN8nsVcv7xigmNTY= ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; www.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -example.net. IN DS -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA DO NOERROR -SECTION QUESTION -example.net. IN DS -SECTION AUTHORITY -net. 900 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1251367385 1800 900 604800 86400 -ENTRY_END - -SCENARIO_END diff --git a/testdata/dlv_insecure.rpl b/testdata/dlv_insecure.rpl deleted file mode 100644 index e6515a9fb6ec..000000000000 --- a/testdata/dlv_insecure.rpl +++ /dev/null @@ -1,254 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - harden-referral-path: no - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - minimal-responses: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with insecure zone with no DLV - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; DLV query -; could be picked out of the negative cache due to NS queries in between. -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -www.example.net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -example.com IN NSEC zazz.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. AAi21jQpno6gXnrPrtK0NvNgX9B8E9U5RvTd47QiCWLF7KdtKxB7Xz0= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC zazz.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. AAi21jQpno6gXnrPrtK0NvNgX9B8E9U5RvTd47QiCWLF7KdtKxB7Xz0= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC zazz.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. AAi21jQpno6gXnrPrtK0NvNgX9B8E9U5RvTd47QiCWLF7KdtKxB7Xz0= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END - -; www.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END - - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA DO NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END - -SCENARIO_END diff --git a/testdata/dlv_insecure_negcache.rpl b/testdata/dlv_insecure_negcache.rpl deleted file mode 100644 index 8408870b9969..000000000000 --- a/testdata/dlv_insecure_negcache.rpl +++ /dev/null @@ -1,311 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - harden-referral-path: no - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - minimal-responses: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with insecure zone, no DLV from negative cache - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 300 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; DLV query -; could be picked out of the negative cache due to NS queries in between. -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -www.example.net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -zoink.name.example.com IN NSEC zazz.net.example.com. RRSIG NSEC DLV -zoink.name.example.com. 3600 IN RRSIG NSEC 3 4 3600 20070926134150 20070829134150 2854 example.com. AHipxvshRHglCEN4nZCT4m/4RIj8TrCOE2AsqEoH9e+6OYSo+yuNzzo= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -zoink.name.example.com IN NSEC zazz.net.example.com. RRSIG NSEC DLV -zoink.name.example.com. 3600 IN RRSIG NSEC 3 4 3600 20070926134150 20070829134150 2854 example.com. AHipxvshRHglCEN4nZCT4m/4RIj8TrCOE2AsqEoH9e+6OYSo+yuNzzo= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC frump.aqua.example.com. SOA NS RRSIG NSEC DNSKEY -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AAscY9DfNm3Uy8f8Q4WX6AzR0flHYNSr3fKfgQ0Xc20fzj1lGP9ebfk= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC zazz.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. AAi21jQpno6gXnrPrtK0NvNgX9B8E9U5RvTd47QiCWLF7KdtKxB7Xz0= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 300 - ADDRESS 1.2.3.5 -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END - -; www.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 10 IN A 10.20.30.40 -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END - - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA DO NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 10 IN A 10.20.30.40 -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END - -STEP 150 TIME_PASSES ELAPSE 30 - -; no more DLV authority reachable -STEP 200 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.net. IN A -ENTRY_END - -STEP 210 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA DO NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 10 IN A 10.20.30.40 -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END - -STEP 220 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -net. IN NS -ENTRY_END - -STEP 230 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA DO NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -SCENARIO_END diff --git a/testdata/dlv_keyretry.rpl b/testdata/dlv_keyretry.rpl deleted file mode 100644 index 8d477b5a5187..000000000000 --- a/testdata/dlv_keyretry.rpl +++ /dev/null @@ -1,287 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with DLV anchor and subsequently key retries -; positive response for DLV. But the DNSKEY for the target fails validation. - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; DLV query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net.example.com. IN DLV -SECTION ANSWER -example.net.example.com. 3600 IN DLV 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -example.net.example.com. 3600 IN RRSIG DLV 3 4 3600 20070926134150 20070829134150 2854 example.com. ACK48Q/oKwh/SM9yRiKjZYuc+AtEZ2yCPNJ15kKCN8nsVcv7xigmNTY= ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -; expired signature -example.net. 3600 IN RRSIG DNSKEY 5 2 3600 20050926134150 20050829134150 30899 example.net. ydM0/eWMqFn4RxMTbscdSLU7bJNoPuzjCa0eI7HSV/r/54slSGvkl0fmwqrROl1tpc0YMV6kAzgB1T5lJbvdsA== ;{id = 30899} -; good signature: -;example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; AAAA for nameserver (for dnssec retry) query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR AA NOERROR -SECTION QUESTION -ns.example.net. IN AAAA -SECTION AUTHORITY -example.net. IN SOA . . 2007091300 28800 7200 604800 3600 -example.net. 3600 IN RRSIG SOA 5 2 3600 20070926134150 20070829134150 30899 example.net. MrpP4svNpbN/YKhuYRlNbvNg0yVxn4ywW1tyEFA9v6F7BR6k1pP8iPfN5XV+XWPAmbss9h3fwKq8zNs4F/SPkg== ;{id = 30899} -ns.example.net. IN NSEC ppp.example.net. A RRSIG NSEC -ns.example.net. 3600 IN RRSIG NSEC 5 3 3600 20070926134150 20070829134150 30899 example.net. freWP6rXWsU5iyRE2gIM9rICuBxCYlQSW01GkLPez5czqtEL0hHN8vtjTlfoNxjJjiZj3vAavZDIQGgOOOMIsA== ;{id = 30899} -ENTRY_END - -; www.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA DO SERVFAIL -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -ENTRY_END - -SCENARIO_END diff --git a/testdata/dlv_negnx.rpl b/testdata/dlv_negnx.rpl deleted file mode 100644 index 03edf1a47c64..000000000000 --- a/testdata/dlv_negnx.rpl +++ /dev/null @@ -1,405 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with DLV anchor for negcache nxdomain proof -; put a DLV in the negcache. -; then test ask-higher with that in the cache. - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; DLV query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net.example.com. IN DLV -SECTION ANSWER -example.net.example.com. 3600 IN DLV 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -example.net.example.com. 3600 IN RRSIG DLV 3 4 3600 20070926134150 20070829134150 2854 example.com. ACK48Q/oKwh/SM9yRiKjZYuc+AtEZ2yCPNJ15kKCN8nsVcv7xigmNTY= ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; under example.net in DLV -ENTRY_BEGIN -MATCH opcode qtype subdomain -ADJUST copy_id copy_query -REPLY QR NXDOMAIN -SECTION QUESTION -example.net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.net.example.com. 3600 IN NSEC fru.net.example.com. RRSIG NSEC DLV -example.net.example.com. 3600 IN RRSIG NSEC 3 4 3600 20070926134150 20070829134150 2854 example.com. AI6NNKt4dGcAdCrW73GYwyoqelsdj1dd8mBNPpHRQIL0yp7yYFZ7kXU= ;{id = 2854} -example.com. IN SOA . . 1 2 3 4 5 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AIkRPbv+kZaiG61pH/wQy8fX2UqQS5YRwHaxe4yjEUXk59fgO71Db3s= ;{id = 2854} -SECTION ADDITIONAL -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -; have it flushed out of the cache quickly. -example.net. 0 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -example.net. 0 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; www.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; subzone -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -sub1.example.net. IN A -SECTION ANSWER -SECTION AUTHORITY -sub1.example.net. 3600 IN DS 30899 5 1 8916603e54c6f7edcfd885602e3b7b8dc475ba5c ; xodec-komif-vehis-kotav-tefot-mecyk-biryf-rivym-ticol-huvyh-saxox -sub1.example.net. 3600 IN RRSIG DS 5 3 3600 20070926134150 20070829134150 30899 example.net. A3vVrEY3+oIUqdbAa3tkKaU3o47eBD01hVXfAEAue1M+Uci2PA5YyiulLzStyiP75XUXkvubLQ2+ltKMTtfdag== ;{id = 30899} -sub1.example.net. IN NS ns.sub1.example.net. -SECTION ADDITIONAL -ns.sub1.example.net. IN A 1.2.3.10 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -sub2.example.net. IN A -SECTION ANSWER -SECTION AUTHORITY -sub2.example.net. 3600 IN DS 30899 5 1 627f7a51f1545133fec3ecbd19b85b92b15679c9 ; ximil-zovah-casuh-gygef-fyzas-farir-tikir-mukon-disih-kavus-nyxex -sub2.example.net. 3600 IN RRSIG DS 5 3 3600 20070926134150 20070829134150 30899 example.net. azMXKt4VPHj2hk5MDU6h8E/HOtNnHnIVS6Le3BV43wtJcHG5wlCxOksOZBOpXMkpbWLvbCJOOMPOnh31nlbjgg== ;{id = 30899} -sub2.example.net. IN NS ns.sub2.example.net. -SECTION ADDITIONAL -ns.sub2.example.net. IN A 1.2.3.12 -ENTRY_END -RANGE_END - -; sub1.example.net. -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.10 -; DNSKEY query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -sub1.example.net. IN DNSKEY -SECTION ANSWER -sub1.example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -sub1.example.net. 3600 IN RRSIG DNSKEY 5 3 3600 20070926134150 20070829134150 30899 sub1.example.net. E200eTdRnkL7/fk54i1nXEE9a/rC2GxZfVkWMU044tpwV6d4XRxVhlFBzY4FytbRFFBUDhz7L3B0qC6BXJM8rg== ;{id = 30899} -ENTRY_END - -; www query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.sub1.example.net. IN A -SECTION ANSWER -www.sub1.example.net. IN A 192.168.1.1 -www.sub1.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub1.example.net. JKxcjPjc/TsQmUmCYHLQa3cBk1c+SbDPtVml69nDWC167NNWG8OLjLrLtUBVCfbTzCmqOWXq2qhrGPxjO65GCQ== ;{id = 30899} -ENTRY_END - -RANGE_END - -; sub2.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.12 -; DNSKEY query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -sub2.example.net. IN DNSKEY -SECTION ANSWER -sub2.example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -sub2.example.net. 3600 IN RRSIG DNSKEY 5 3 3600 20070926134150 20070829134150 30899 sub2.example.net. VcNaPuz9Mmjj5ofZqOa4FsixBomFJTjd/9wxhZOVdxf1LsNR5L++8k09gQvnjtCvqSPfNer/uv0xl+9sRr8Wmw== ;{id = 30899} -ENTRY_END - -; www query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.sub2.example.net. IN A -SECTION ANSWER -www.sub2.example.net. IN A 192.168.1.12 -www.sub2.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub2.example.net. PsWY6+5/0+hsTOhNak/jdSeG44hvHgX5az1Q5XY/YkIchsflH9rmvP1EruFhflNhRR+22M7POiljYOoD5ylQXQ== ;{id = 30899} -ENTRY_END - -RANGE_END - - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.sub1.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.sub1.example.net. IN A -SECTION ANSWER -www.sub1.example.net. IN A 192.168.1.1 -www.sub1.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub1.example.net. JKxcjPjc/TsQmUmCYHLQa3cBk1c+SbDPtVml69nDWC167NNWG8OLjLrLtUBVCfbTzCmqOWXq2qhrGPxjO65GCQ== ;{id = 30899} -SECTION AUTHORITY -SECTION ADDITIONAL -ENTRY_END - -; have example.net DNSKEY time out -STEP 14 TIME_PASSES ELAPSE 1.0 - -STEP 20 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.sub2.example.net. IN A -ENTRY_END - -STEP 30 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.sub2.example.net. IN A -SECTION ANSWER -www.sub2.example.net. IN A 192.168.1.12 -www.sub2.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub2.example.net. PsWY6+5/0+hsTOhNak/jdSeG44hvHgX5az1Q5XY/YkIchsflH9rmvP1EruFhflNhRR+22M7POiljYOoD5ylQXQ== ;{id = 30899} -SECTION AUTHORITY -SECTION ADDITIONAL -ENTRY_END - - -SCENARIO_END diff --git a/testdata/dlv_optout.rpl b/testdata/dlv_optout.rpl deleted file mode 100644 index e5a8fdd629e1..000000000000 --- a/testdata/dlv_optout.rpl +++ /dev/null @@ -1,440 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - trust-anchor: "example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator, DLV to zone below optout, check negative cache. -; DLV example.com. -; trust anchor at example.net but no secure delegation to -; sub.example.net signed with DLV but not by parent. -; parent uses optout NSEC3. -; then a signed delegation to down.sub.example.net. - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; DLV query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -sub.example.net.example.com. IN DLV -SECTION ANSWER -sub.example.net.example.com. 3600 IN DLV 30899 5 1 36b39460f94a807cbbbf3b31cc9db955081b2b36 ; xetir-fahok-bovug-pebyl-sovur-zyvaf-cufan-tivih-hadec-rypof-kixox -sub.example.net.example.com. 3600 IN RRSIG DLV 3 5 3600 20070926135752 20070829135752 2854 example.com. AAdhy87nuDEaxmc+k9pJHYnhKiEYL++OLPxzOdwEQOtsHi7jeD3lRDU= ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -down.sub.example.net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -sub.example.net.example.com. IN NSEC zzz.example.net.example.com. RRSIG NSEC DLV -sub.example.net.example.com. 3600 IN RRSIG NSEC 3 5 3600 20070926134150 20070829134150 2854 example.com. AG/M+H/lex1CMTIuO+JpdmTjCzt7XBsLtRLPDfYTykhxnnECzZwkMnQ= ;{id = 2854} -SECTION ADDITIONAL -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC sub.example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. ALITtZY03PDWnuAeEL/5VwMIXY3iC2y7Qkeq5DgAHmPbNyWiOmJNEKg= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC sub.example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. ALITtZY03PDWnuAeEL/5VwMIXY3iC2y7Qkeq5DgAHmPbNyWiOmJNEKg= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; no DS to sub.example.net, optout NSEC3. -; NSEC3PARAM 1 1 31 DE15C001 -; example.net. -> hk4jq0lg6q3bt992urc88dqten1k2be8. -; sub.example.net. -> ecs17hqd0kf7dk9g1cjvevj25pginrf2. -; *.example.net. -> 1tgbedpeeuubbsejh2dqvso62f8n4dk1. -; down.sub.example.net. -> 9j1r8re9b1238vd907tilclgat1i0fre. -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -sub.example.net. IN DS -SECTION ANSWER -SECTION AUTHORITY -example.net. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.net. 3600 IN RRSIG SOA 5 2 3600 20070926134150 20070829134150 30899 example.net. ELVULZHTRc0Qk06rSBRnB/T6sm1+AbAtdEJHN6PCsz2Z3s3E5A8NH7Krz0VzRaYIEUStnbAtuE3oP8XHWHBnyQ== ;{id = 30899} -; CE is example.net -hk4jq0lg6q3bt992urc88dqten1k2be8.example.net. IN NSEC3 1 1 31 DE15C001 hl4jq0lg6q3bt992urc88dqten1k2be8 NS SOA NAPTR RRSIG DNSKEY NSEC3PARAM -hk4jq0lg6q3bt992urc88dqten1k2be8.example.net. 3600 IN RRSIG NSEC3 5 3 3600 20070926134150 20070829134150 30899 example.net. n1dQKbRoB+X4K003RAhdUp6ZUP5dCiwQi+apGfLII8wmCUmw/cKiz7/Ijhs/+88hZwq/7yhlZM0D/yqAUKUiAA== ;{id = 30899} -; NC covers sub.example.net -ebs17hqd0kf7dk9g1cjvevj25pginrf2.example.net. IN NSEC3 1 1 31 de15c001 efs17hqd0kf7dk9g1cjvevj25pginrf2 A RRSIG -ebs17hqd0kf7dk9g1cjvevj25pginrf2.example.net. 3600 IN RRSIG NSEC3 5 3 3600 20070926134150 20070829134150 30899 example.net. oSVB7Dyp7/yaOlT8AFwBJZdqwRRSQ8XFzCpu1AP51JPIuhCg5byepdvY6UC3xXc7YVO6h74tpxFCGqLpRXwDoQ== ;{id = 30899} -SECTION ADDITIONAL -ENTRY_END - -; delegation to sub.example.net, optout NSEC3. -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -sub.example.net. IN NS -SECTION ANSWER -SECTION AUTHORITY -sub.example.net. IN NS ns.sub.example.net. -hk4jq0lg6q3bt992urc88dqten1k2be8.example.net. IN NSEC3 1 1 31 DE15C001 hl4jq0lg6q3bt992urc88dqten1k2be8 NS SOA NAPTR RRSIG DNSKEY NSEC3PARAM -hk4jq0lg6q3bt992urc88dqten1k2be8.example.net. 3600 IN RRSIG NSEC3 5 3 3600 20070926134150 20070829134150 30899 example.net. n1dQKbRoB+X4K003RAhdUp6ZUP5dCiwQi+apGfLII8wmCUmw/cKiz7/Ijhs/+88hZwq/7yhlZM0D/yqAUKUiAA== ;{id = 30899} -ebs17hqd0kf7dk9g1cjvevj25pginrf2.example.net. IN NSEC3 1 1 31 de15c001 efs17hqd0kf7dk9g1cjvevj25pginrf2 A RRSIG -ebs17hqd0kf7dk9g1cjvevj25pginrf2.example.net. 3600 IN RRSIG NSEC3 5 3 3600 20070926134150 20070829134150 30899 example.net. oSVB7Dyp7/yaOlT8AFwBJZdqwRRSQ8XFzCpu1AP51JPIuhCg5byepdvY6UC3xXc7YVO6h74tpxFCGqLpRXwDoQ== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ENTRY_END - - -RANGE_END - -; ns.sub.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.6 -; DS is -; sub.example.net. 3600 IN DS 30899 5 1 36b39460f94a807cbbbf3b31cc9db955081b2b36 ; xetir-fahok-bovug-pebyl-sovur-zyvaf-cufan-tivih-hadec-rypof-kixox -; DNSKEY query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR AA NOERROR -SECTION QUESTION -sub.example.net. IN DNSKEY -SECTION ANSWER -sub.example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -sub.example.net. 3600 IN RRSIG DNSKEY 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. PATh0K1jz9QeN02C79noX9gwK+Nr5VznWPQwygm/pYDsOb0z3EsaiOrzyoreegDKgoNn3kN0CywS+usCWM6hrw== ;{id = 30899} -SECTION AUTHORITY -sub.example.net. IN NS ns.sub.example.net. -sub.example.net. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. JZUK303aE7R428S5XXLaowpM79YSc2g7wy2rDOH+6Ts2UefZInv6X5cjJU4+qBrS8i9XhdllqG7SEnPKZ0GtAw== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ns.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. AluXPa4XdlCysQMVrt0YairoOug4GMvy8rNUeKLCfQ5xVqRMqkTisbzJXBQPgYEVA0DJR74eEpgLrcz5ztb1aA== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR AA NOERROR -SECTION QUESTION -sub.example.net. IN NS -SECTION ANSWER -sub.example.net. IN NS ns.sub.example.net. -sub.example.net. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. JZUK303aE7R428S5XXLaowpM79YSc2g7wy2rDOH+6Ts2UefZInv6X5cjJU4+qBrS8i9XhdllqG7SEnPKZ0GtAw== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ns.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. AluXPa4XdlCysQMVrt0YairoOug4GMvy8rNUeKLCfQ5xVqRMqkTisbzJXBQPgYEVA0DJR74eEpgLrcz5ztb1aA== ;{id = 30899} -ENTRY_END - -; www.sub.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR AA NOERROR -SECTION QUESTION -www.sub.example.net. IN A -SECTION ANSWER -www.sub.example.net. IN A 10.20.30.40 -www.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. Q+88AIM3K8q6S0bHeFVT742EepZFxOxgtaL1V68DEkP4NePKzL4zttWQD3uI/5ALw/fIrC7G43Eo+epWn2ZGCA== ;{id = 30899} -SECTION AUTHORITY -sub.example.net. IN NS ns.sub.example.net. -sub.example.net. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.net. JZUK303aE7R428S5XXLaowpM79YSc2g7wy2rDOH+6Ts2UefZInv6X5cjJU4+qBrS8i9XhdllqG7SEnPKZ0GtAw== ;{id = 30899} -SECTION ADDITIONAL -ns.sub.example.net. IN A 1.2.3.6 -ns.sub.example.net. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. AluXPa4XdlCysQMVrt0YairoOug4GMvy8rNUeKLCfQ5xVqRMqkTisbzJXBQPgYEVA0DJR74eEpgLrcz5ztb1aA== ;{id = 30899} -ENTRY_END - -; DS for down.sub.example.net -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR AA NOERROR -SECTION QUESTION -down.sub.example.net. IN DS -SECTION ANSWER -down.sub.example.net. 3600 IN DS 60946 5 1 c636304ab7cdb6272215aceac95a8d312ac7a4f6 -down.sub.example.net. 3600 IN RRSIG DS 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. AMc8J534UF2+0PtPSNBw6RzN4Q5gXfnBXiUfpuT/MR1YtOE/5AP/0dTgvqvKRiFZx3NjOPeZmRnaabxkw0Qzrw== ;{id = 30899} -SECTION AUTHORITY -SECTION ADDITIONAL -ENTRY_END - -; delegation to down.sub.example.net -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -down.sub.example.net. IN NS -SECTION ANSWER -SECTION AUTHORITY -down.sub.example.net. IN NS ns.down.sub.example.net. -; the DS record is not given (like it was parent and child hosted on the same -; server) -;down.sub.example.net. 3600 IN DS 60946 5 1 c636304ab7cdb6272215aceac95a8d312ac7a4f6 -;down.sub.example.net. 3600 IN RRSIG DS 5 4 3600 20070926134150 20070829134150 30899 sub.example.net. AMc8J534UF2+0PtPSNBw6RzN4Q5gXfnBXiUfpuT/MR1YtOE/5AP/0dTgvqvKRiFZx3NjOPeZmRnaabxkw0Qzrw== ;{id = 30899} -SECTION ADDITIONAL -ns.down.sub.example.net. IN A 1.2.3.7 -ENTRY_END - -RANGE_END - -; ns.down.sub.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.7 -; DNSKEY query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR AA NOERROR -SECTION QUESTION -down.sub.example.net. IN DNSKEY -SECTION ANSWER -down.sub.example.net. 3600 IN DNSKEY 257 3 5 AwEAAeiaUiUIpWMfYz5L0sfJTZWnuN9IyBX4em9VjsoqQTsOD1HDQpNb4buvJo7pN2aBCxNS7e0OL8e2mVB6CLZ+8ek= ;{id = 60946 (ksk), size = 512b} -down.sub.example.net. 3600 IN RRSIG DNSKEY 5 4 3600 20070926134150 20070829134150 60946 down.sub.example.net. lK5HNva/IPw0CS9BfBd16fqm5y9bgCSwGsBLBAA1d5SCcKep6AVrv6NFuXl12d1G3MdQ4ruHi6eDDO5dhtkfrw== ;{id = 60946} -SECTION AUTHORITY -SECTION ADDITIONAL -ENTRY_END - -; www.down.sub.example.net. -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR AA NOERROR -SECTION QUESTION -www.down.sub.example.net. IN A -SECTION ANSWER -www.down.sub.example.net. IN A 10.20.30.44 -www.down.sub.example.net. 3600 IN RRSIG A 5 5 3600 20070926134150 20070829134150 60946 down.sub.example.net. Hg5WF/xW8PRth2rl1mZcYK8/pgGpM73e/fD+mH/XElEKgL9zq0ou8psA0I6OvMLGBN6RQeknQHRAy3D2/5k/Wg== ;{id = 60946} -SECTION AUTHORITY -SECTION ADDITIONAL -ENTRY_END - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.down.sub.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.down.sub.example.net. IN A -SECTION ANSWER -www.down.sub.example.net. IN A 10.20.30.44 -www.down.sub.example.net. 3600 IN RRSIG A 5 5 3600 20070926134150 20070829134150 60946 down.sub.example.net. Hg5WF/xW8PRth2rl1mZcYK8/pgGpM73e/fD+mH/XElEKgL9zq0ou8psA0I6OvMLGBN6RQeknQHRAy3D2/5k/Wg== ;{id = 60946} -ENTRY_END - -SCENARIO_END diff --git a/testdata/dlv_remove.rpl b/testdata/dlv_remove.rpl deleted file mode 100644 index d503148c7d76..000000000000 --- a/testdata/dlv_remove.rpl +++ /dev/null @@ -1,198 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - fake-sha1: yes - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with DLV anchor but DLV domain is down -; so DLV has been decommissioned. - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 - -ENTRY_BEGIN -MATCH opcode -ADJUST copy_id copy_query -REPLY QR SERVFAIL -SECTION QUESTION -example.com. IN NS -ENTRY_END -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; www.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA DO SERVFAIL -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -ENTRY_END - -SCENARIO_END diff --git a/testdata/dlv_remove_empty.rpl b/testdata/dlv_remove_empty.rpl deleted file mode 100644 index 11b825bc2621..000000000000 --- a/testdata/dlv_remove_empty.rpl +++ /dev/null @@ -1,272 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - fake-sha1: yes - minimal-responses: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with DLV and DLV repository is empty. - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; DLV query, everything is NXDOMAIN -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR AA NXDOMAIN -SECTION QUESTION -example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. 3600 IN NSEC example.com. NS SOA RRSIG NSEC DNSKEY -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. AH++lP1qhsBw6zO1g3JVPZeQIpDhL9xT8V9xdgjXvCjIGQ1BUUlfQkA= -SECTION ADDITIONAL -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; www.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA DO NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -SCENARIO_END diff --git a/testdata/dlv_remove_nodel.rpl b/testdata/dlv_remove_nodel.rpl deleted file mode 100644 index 1abe5a32f37a..000000000000 --- a/testdata/dlv_remove_nodel.rpl +++ /dev/null @@ -1,276 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "dlv.example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - fake-sha1: yes - minimal-responses: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with DLV and DLV is removed and not delegated -; so the response is that the dlv domain itself does not exist, but it's -; parent domain does exist (securely). - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; DLV query, everything is NXDOMAIN -; thus, no delegation to the dlv repository in dlv.example.com -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR AA NXDOMAIN -SECTION QUESTION -example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. 3600 IN NSEC example.com. NS SOA RRSIG NSEC DNSKEY -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. AH++lP1qhsBw6zO1g3JVPZeQIpDhL9xT8V9xdgjXvCjIGQ1BUUlfQkA= -SECTION ADDITIONAL -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; www.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA DO NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -SCENARIO_END diff --git a/testdata/dlv_remove_pos.rpl b/testdata/dlv_remove_pos.rpl deleted file mode 100644 index 892ffa3c0c47..000000000000 --- a/testdata/dlv_remove_pos.rpl +++ /dev/null @@ -1,167 +0,0 @@ -; config options -; The island of trust is at example.com -server: - dlv-anchor: "dlv.example.net. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - minimal-responses: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with DLV removed for positive anchored response -; So the destination has a valid DNSSEC chain of trust to the root, -; but the configured dlv anchor fails. - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -; this covers dlv.example.net and thus makes it servfail (unusable). -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR SERVFAIL -SECTION QUESTION -net. IN NS -ENTRY_END - -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to query of interest -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.com. IN A -SECTION ANSWER -www.example.com. IN A 10.20.30.40 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} -ENTRY_END -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.com. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.example.com. IN A -SECTION ANSWER -www.example.com. IN A 10.20.30.40 -www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} -ENTRY_END - -SCENARIO_END diff --git a/testdata/dlv_unused.rpl b/testdata/dlv_unused.rpl deleted file mode 100644 index aa7d04c1eab4..000000000000 --- a/testdata/dlv_unused.rpl +++ /dev/null @@ -1,277 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - trust-anchor: "example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - fake-sha1: yes - trust-anchor-signaling: no - minimal-responses: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator, DLV anchor unused because trustanchor works. - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; DLV query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -example.net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -example.com IN NSEC zazz.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. AAi21jQpno6gXnrPrtK0NvNgX9B8E9U5RvTd47QiCWLF7KdtKxB7Xz0= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC zazz.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. AAi21jQpno6gXnrPrtK0NvNgX9B8E9U5RvTd47QiCWLF7KdtKxB7Xz0= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC zazz.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. AAi21jQpno6gXnrPrtK0NvNgX9B8E9U5RvTd47QiCWLF7KdtKxB7Xz0= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; www.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA AD DO NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -SCENARIO_END diff --git a/testdata/dnstap.tdir/dnstap.test b/testdata/dnstap.tdir/dnstap.test index 04db17b2749d..d548e2dad784 100644 --- a/testdata/dnstap.tdir/dnstap.test +++ b/testdata/dnstap.tdir/dnstap.test @@ -24,6 +24,8 @@ else exit 1 fi +echo "> wait for log to happen on timer" +sleep 3 echo "> check tap.log for dnstap info" # see if it logged the information in tap.log # wait for a moment for filesystem to catch up. diff --git a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.post b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.post index 8474b3a02cfc..0056a20d9506 100644 --- a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.post +++ b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.post @@ -13,4 +13,6 @@ kill_pid $FWD_PID kill $UNBOUND_PID kill $UNBOUND_PID >/dev/null 2>&1 cat unbound.log +cat tap.log +cat tap.errlog exit 0 diff --git a/testdata/doh_downstream.tdir/doh_downstream.conf b/testdata/doh_downstream.tdir/doh_downstream.conf new file mode 100644 index 000000000000..f0857bb58519 --- /dev/null +++ b/testdata/doh_downstream.tdir/doh_downstream.conf @@ -0,0 +1,27 @@ +server: + verbosity: 2 + # num-threads: 1 + interface: 127.0.0.1@@PORT@ + https-port: @PORT@ + tls-service-key: "unbound_server.key" + tls-service-pem: "unbound_server.pem" + use-syslog: no + directory: . + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + http-query-buffer-size: 1G + http-response-buffer-size: 1G + http-max-streams: 200 + + local-zone: "example.net" static + local-data: "www1.example.net. IN A 1.2.3.1" + local-data: "www2.example.net. IN A 1.2.3.2" + local-data: "www3.example.net. IN A 1.2.3.3" + local-zone: "drop.net" deny + tcp-upstream: yes + +forward-zone: + name: "." + forward-addr: "127.0.0.1@@TOPORT@" diff --git a/testdata/doh_downstream.tdir/doh_downstream.dsc b/testdata/doh_downstream.tdir/doh_downstream.dsc new file mode 100644 index 000000000000..66b84284e4f3 --- /dev/null +++ b/testdata/doh_downstream.tdir/doh_downstream.dsc @@ -0,0 +1,16 @@ +BaseName: doh_downstream +Version: 1.0 +Description: Test DNS-over-HTTPS query processing +CreationDate: Mon Jun 12 12:00:00 CET 2020 +Maintainer: +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: doh_downstream.pre +Post: doh_downstream.post +Test: doh_downstream.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/doh_downstream.tdir/doh_downstream.post b/testdata/doh_downstream.tdir/doh_downstream.post new file mode 100644 index 000000000000..0e3c00b05531 --- /dev/null +++ b/testdata/doh_downstream.tdir/doh_downstream.post @@ -0,0 +1,13 @@ +# #-- doh_downstream.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +PRE="../.." +if grep "define HAVE_NGHTTP2 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +. ../common.sh +kill_pid $FWD_PID +kill_pid $UNBOUND_PID +cat unbound.log diff --git a/testdata/doh_downstream.tdir/doh_downstream.pre b/testdata/doh_downstream.tdir/doh_downstream.pre new file mode 100644 index 000000000000..29bb805a16cc --- /dev/null +++ b/testdata/doh_downstream.tdir/doh_downstream.pre @@ -0,0 +1,33 @@ +# #-- doh_downstream.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +PRE="../.." +. ../common.sh +if grep "define HAVE_NGHTTP2 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +get_random_port 2 +UNBOUND_PORT=$RND_PORT +FWD_PORT=$(($RND_PORT + 1)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test + +# start forwarder +get_ldns_testns +$LDNS_TESTNS -p $FWD_PORT doh_downstream.testns >fwd.log 2>&1 & +FWD_PID=$! +echo "FWD_PID=$FWD_PID" >> .tpkg.var.test + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < doh_downstream.conf > ub.conf +# start unbound in the background +$PRE/unbound -vvvv -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_ldns_testns_up fwd.log +wait_unbound_up unbound.log + diff --git a/testdata/doh_downstream.tdir/doh_downstream.test b/testdata/doh_downstream.tdir/doh_downstream.test new file mode 100644 index 000000000000..d66168fbaab5 --- /dev/null +++ b/testdata/doh_downstream.tdir/doh_downstream.test @@ -0,0 +1,339 @@ +# #-- doh_downstream.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +PRE="../.." +. ../common.sh +if grep "define HAVE_NGHTTP2 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +get_make +(cd $PRE; $MAKE dohclient) + + +# this test query should just work (server is up) +echo "> query www1.example.net." +$PRE/dohclient -s 127.0.0.1 -p $UNBOUND_PORT www1.example.net. A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www1.example.net" outfile | grep "1.2.3.1"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +echo "OK" + +# multiple requests (from localdata) +echo "> query www1.example.net. www2.example.net. www3.example.net." +$PRE/dohclient -s 127.0.0.1 -p $UNBOUND_PORT www1.example.net. A IN www2.example.net A IN www3.example.net A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www1.example.net" outfile | grep "1.2.3.1"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www2.example.net" outfile | grep "1.2.3.2"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www3.example.net" outfile | grep "1.2.3.3"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi + +# out of order requests, the example.com elements take 2 seconds to wait. +echo "" +echo "> query www1.example.net. www.example.com. www2.example.net. www2.example.com. www3.example.net." +$PRE/dohclient -s 127.0.0.1 -p $UNBOUND_PORT www1.example.net. A IN www.example.com. A IN www2.example.net A IN www2.example.com. A IN www3.example.net A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www1.example.net" outfile | grep "1.2.3.1"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www2.example.net" outfile | grep "1.2.3.2"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www3.example.net" outfile | grep "1.2.3.3"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www.example.com" outfile | grep "10.20.30.40"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www2.example.com" outfile | grep "10.20.30.42"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi + +# out of order requests, the example.com elements take 2 seconds to wait. +# www.example.com present twice, answered twice. +echo "" +echo "> query www1.example.net. www.example.com. www2.example.net. www.example.com. www3.example.net." +$PRE/dohclient -s 127.0.0.1 -p $UNBOUND_PORT www1.example.net. A IN www.example.com. A IN www2.example.net A IN www.example.com. A IN www3.example.net A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www1.example.net" outfile | grep "1.2.3.1"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www2.example.net" outfile | grep "1.2.3.2"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www3.example.net" outfile | grep "1.2.3.3"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www.example.com" outfile | grep "10.20.30.40"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi + +# out of order requests, the example.com elements take 2 seconds to wait. +# www3.example.com present twice, answered twice. +echo "" +echo "> query www1.example.net. www3.example.com. www2.example.net. www3.example.com. www3.example.net." +$PRE/dohclient -s 127.0.0.1 -p $UNBOUND_PORT www1.example.net. A IN www3.example.com. A IN www2.example.net A IN www3.example.com. A IN www3.example.net A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www1.example.net" outfile | grep "1.2.3.1"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www2.example.net" outfile | grep "1.2.3.2"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www3.example.net" outfile | grep "1.2.3.3"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www3.example.com" outfile | grep "10.20.30.43"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi + +echo "" +echo "> query www4.example.com. www3.example.net." +$PRE/dohclient -s 127.0.0.1 -p $UNBOUND_PORT www4.example.com. A IN www3.example.net A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www3.example.net" outfile | grep "1.2.3.3"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www4.example.com" outfile | grep "10.20.30.44"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi + + +echo "" +echo "> query a1.example.com. - a90.example.com." +$PRE/dohclient -s 127.0.0.1 -p $UNBOUND_PORT www6.example.com. A IN a1.a.example.com. A IN a2.a.example.com. A IN a3.a.example.com. A IN a4.a.example.com. A IN a5.a.example.com. A IN a6.a.example.com. A IN a7.a.example.com. A IN a8.a.example.com. A IN a9.a.example.com. A IN a10.a.example.com. A IN a11.a.example.com. A IN a12.a.example.com. A IN a13.a.example.com. A IN a14.a.example.com. A IN a15.a.example.com. A IN a16.a.example.com. A IN a17.a.example.com. A IN a18.a.example.com. A IN a19.a.example.com. A IN a20.a.example.com. A IN a21.a.example.com. A IN a22.a.example.com. A IN a23.a.example.com. A IN a24.a.example.com. A IN a25.a.example.com. A IN a26.a.example.com. A IN a27.a.example.com. A IN a28.a.example.com. A IN a29.a.example.com. A IN a30.a.example.com. A IN a31.a.example.com. A IN a32.a.example.com. A IN a33.a.example.com. A IN a34.a.example.com. A IN a35.a.example.com. A IN a36.a.example.com. A IN a37.a.example.com. A IN a38.a.example.com. A IN a39.a.example.com. A IN a40.a.example.com. A IN a41.a.example.com. A IN a42.a.example.com. A IN a43.a.example.com. A IN a44.a.example.com. A IN a45.a.example.com. A IN a46.a.example.com. A IN a47.a.example.com. A IN a48.a.example.com. A IN a49.a.example.com. A IN a50.a.example.com. A IN a51.a.example.com. A IN a52.a.example.com. A IN a53.a.example.com. A IN a54.a.example.com. A IN a55.a.example.com. A IN a56.a.example.com. A IN a57.a.example.com. A IN a58.a.example.com. A IN a59.a.example.com. A IN a60.a.example.com. A IN a61.a.example.com. A IN a62.a.example.com. A IN a63.a.example.com. A IN a64.a.example.com. A IN a65.a.example.com. A IN a66.a.example.com. A IN a67.a.example.com. A IN a68.a.example.com. A IN a69.a.example.com. A IN a70.a.example.com. A IN a71.a.example.com. A IN a72.a.example.com. A IN a73.a.example.com. A IN a74.a.example.com. A IN a75.a.example.com. A IN a76.a.example.com. A IN a77.a.example.com. A IN a78.a.example.com. A IN a79.a.example.com. A IN a80.a.example.com. A IN a81.a.example.com. A IN a82.a.example.com. A IN a83.a.example.com. A IN a84.a.example.com. A IN a85.a.example.com. A IN a86.a.example.com. A IN a87.a.example.com. A IN a88.a.example.com. A IN a89.a.example.com. A IN a90.a.example.com. A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +num_ans=$(grep -B 3 "a.example.com. IN A" outfile | grep "rcode: NOERROR" | wc -l ) +if test "$num_ans" -ne 90; then + echo "number of answers not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "OK" +exit 0 diff --git a/testdata/doh_downstream.tdir/doh_downstream.testns b/testdata/doh_downstream.tdir/doh_downstream.testns new file mode 100644 index 000000000000..c53941b678bc --- /dev/null +++ b/testdata/doh_downstream.tdir/doh_downstream.testns @@ -0,0 +1,74 @@ +; nameserver test file +$ORIGIN example.com. +$TTL 3600 + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=2 +SECTION QUESTION +www IN A +SECTION ANSWER +www IN A 10.20.30.40 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +www2 IN A +SECTION ANSWER +www2 IN A 10.20.30.42 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +www3 IN A +SECTION ANSWER +www3 IN A 10.20.30.43 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=2 +SECTION QUESTION +www4 IN A +SECTION ANSWER +www4 IN A 10.20.30.44 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=2 +SECTION QUESTION +www5 IN A +SECTION ANSWER +www5 IN A 10.20.30.45 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=2 +SECTION QUESTION +www6 IN A +SECTION ANSWER +www6 IN A 10.20.30.46 +ENTRY_END + +; lots of noerror/nodata answers for other queries (a.. queries) +ENTRY_BEGIN +MATCH opcode qtype subdomain +REPLY QR AA NOERROR +ADJUST copy_id copy_query +SECTION QUESTION +a.example.com. IN A +SECTION AUTHORITY +example.com. IN SOA ns hostmaster 2019 28800 7200 604800 3600 +ENTRY_END diff --git a/testdata/doh_downstream.tdir/unbound_server.key b/testdata/doh_downstream.tdir/unbound_server.key new file mode 100644 index 000000000000..4256c421dd0d --- /dev/null +++ b/testdata/doh_downstream.tdir/unbound_server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA +3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s +RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB +AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS +6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds +sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi +XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3 +fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL +CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP +0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2 +oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l +In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S +LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg== +-----END RSA PRIVATE KEY----- diff --git a/testdata/doh_downstream.tdir/unbound_server.pem b/testdata/doh_downstream.tdir/unbound_server.pem new file mode 100644 index 000000000000..aeda3ff11882 --- /dev/null +++ b/testdata/doh_downstream.tdir/unbound_server.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE +AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS +y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/ +/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu +g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ +9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG +l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH +Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg== +-----END CERTIFICATE----- diff --git a/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.conf b/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.conf new file mode 100644 index 000000000000..30d8e2a4f206 --- /dev/null +++ b/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.conf @@ -0,0 +1,17 @@ +server: + verbosity: 2 + # num-threads: 1 + interface: 127.0.0.1@@PORT@ + https-port: @PORT@ + tls-service-key: "unbound_server.key" + tls-service-pem: "unbound_server.pem" + use-syslog: no + directory: . + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + http-response-buffer-size: 500 + + local-zone: "example.net" redirect + local-data: "example.net. IN A 1.2.3.1" diff --git a/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.dsc b/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.dsc new file mode 100644 index 000000000000..c271fcdc18b0 --- /dev/null +++ b/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.dsc @@ -0,0 +1,16 @@ +BaseName: doh_downstream_buffer_size +Version: 1.0 +Description: Test DNS-over-HTTPS http-response-buffer-size +CreationDate: Mon Jun 12 12:00:00 CET 2020 +Maintainer: +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: doh_downstream_buffer_size.pre +Post: doh_downstream_buffer_size.post +Test: doh_downstream_buffer_size.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.post b/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.post new file mode 100644 index 000000000000..881970a77c0c --- /dev/null +++ b/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.post @@ -0,0 +1,12 @@ +# #-- doh_downstream.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +PRE="../.." +if grep "define HAVE_NGHTTP2 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +. ../common.sh +kill_pid $UNBOUND_PID +cat unbound.log diff --git a/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.pre b/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.pre new file mode 100644 index 000000000000..a58780ab315a --- /dev/null +++ b/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.pre @@ -0,0 +1,24 @@ +# #-- doh_downstream.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +PRE="../.." +. ../common.sh +if grep "define HAVE_NGHTTP2 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +get_random_port 1 +UNBOUND_PORT=$RND_PORT +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < doh_downstream_buffer_size.conf > ub.conf +# start unbound in the background +$PRE/unbound -vvvv -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_unbound_up unbound.log + diff --git a/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.test b/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.test new file mode 100644 index 000000000000..78c46081d39b --- /dev/null +++ b/testdata/doh_downstream_buffer_size.tdir/doh_downstream_buffer_size.test @@ -0,0 +1,39 @@ +# #-- doh_downstream.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +PRE="../.." +. ../common.sh +if grep "define HAVE_NGHTTP2 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +get_make +(cd $PRE; $MAKE dohclient) + + +echo "> query www.example.net. endpoint /dns-query" +$PRE/dohclient -s 127.0.0.1 -p $UNBOUND_PORT 1.example.net. A IN 2.example.net. A IN 3.example.net. A IN 4.example.net. A IN 5.example.net. A IN 6.example.net. A IN 7.example.net. A IN 8.example.net. A IN 9.example.net. A IN 10.example.net. A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat unbound.log + echo "Not OK" + exit 1 +fi +num=$(grep "ANSWER SEC" outfile | wc -l) +# 58 byte answers, 500 byte max response buffer -> 8 answers +if [ $num -eq 8 ]; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat unbound.log + echo "result contents not OK" + exit 1 +fi +echo "OK" + +exit 0 diff --git a/testdata/doh_downstream_buffer_size.tdir/unbound_server.key b/testdata/doh_downstream_buffer_size.tdir/unbound_server.key new file mode 100644 index 000000000000..4256c421dd0d --- /dev/null +++ b/testdata/doh_downstream_buffer_size.tdir/unbound_server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA +3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s +RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB +AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS +6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds +sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi +XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3 +fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL +CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP +0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2 +oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l +In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S +LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg== +-----END RSA PRIVATE KEY----- diff --git a/testdata/doh_downstream_buffer_size.tdir/unbound_server.pem b/testdata/doh_downstream_buffer_size.tdir/unbound_server.pem new file mode 100644 index 000000000000..aeda3ff11882 --- /dev/null +++ b/testdata/doh_downstream_buffer_size.tdir/unbound_server.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE +AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS +y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/ +/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu +g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ +9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG +l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH +Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg== +-----END CERTIFICATE----- diff --git a/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.conf b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.conf new file mode 100644 index 000000000000..3ec5ed4a13e3 --- /dev/null +++ b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.conf @@ -0,0 +1,17 @@ +server: + verbosity: 2 + # num-threads: 1 + interface: 127.0.0.1@@PORT@ + https-port: @PORT@ + tls-service-key: "unbound_server.key" + tls-service-pem: "unbound_server.pem" + use-syslog: no + directory: . + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + http-endpoint: "/abc" + + local-zone: "example.net" static + local-data: "www.example.net. IN A 1.2.3.1" diff --git a/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.dsc b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.dsc new file mode 100644 index 000000000000..ef36a19680a4 --- /dev/null +++ b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.dsc @@ -0,0 +1,16 @@ +BaseName: doh_downstream +Version: 1.0 +Description: Test DNS-over-HTTPS query processing, endpoint setting +CreationDate: Mon Jun 12 12:00:00 CET 2020 +Maintainer: +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: doh_downstream_endpoint.pre +Post: doh_downstream_endpoint.post +Test: doh_downstream_endpoint.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.post b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.post new file mode 100644 index 000000000000..dcdf8627e076 --- /dev/null +++ b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.post @@ -0,0 +1,12 @@ +# #-- doh_downstream.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +PRE="../.." +. ../common.sh +if grep "define HAVE_NGHTTP2 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +kill_pid $UNBOUND_PID +cat unbound.log diff --git a/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.pre b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.pre new file mode 100644 index 000000000000..cd0d11fd4b3d --- /dev/null +++ b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.pre @@ -0,0 +1,23 @@ +# #-- doh_downstream.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +PRE="../.." +. ../common.sh +if grep "define HAVE_NGHTTP2 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +get_random_port 1 +UNBOUND_PORT=$RND_PORT +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < doh_downstream_endpoint.conf > ub.conf +# start unbound in the background +$PRE/unbound -vvvv -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_unbound_up unbound.log + diff --git a/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.test b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.test new file mode 100644 index 000000000000..2a6954cab645 --- /dev/null +++ b/testdata/doh_downstream_endpoint.tdir/doh_downstream_endpoint.test @@ -0,0 +1,59 @@ +# #-- doh_downstream.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +PRE="../.." +. ../common.sh +if grep "define HAVE_NGHTTP2 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +get_make +(cd $PRE; $MAKE dohclient) + + +echo "> query www.example.net. endpoint /dns-query" +$PRE/dohclient -s 127.0.0.1 -p $UNBOUND_PORT www.example.net. A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "status 404" outfile; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat unbound.log + echo "result contents not OK" + exit 1 +fi +echo "OK" + +echo "> query www.example.net. endpoint /abc" +$PRE/dohclient -e /abc -s 127.0.0.1 -p $UNBOUND_PORT www.example.net. A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep ":status 200" outfile; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat unbound.log + echo "result contents not OK" + exit 1 +fi +echo "OK" +exit 0 diff --git a/testdata/doh_downstream_endpoint.tdir/unbound_server.key b/testdata/doh_downstream_endpoint.tdir/unbound_server.key new file mode 100644 index 000000000000..4256c421dd0d --- /dev/null +++ b/testdata/doh_downstream_endpoint.tdir/unbound_server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA +3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s +RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB +AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS +6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds +sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi +XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3 +fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL +CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP +0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2 +oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l +In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S +LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg== +-----END RSA PRIVATE KEY----- diff --git a/testdata/doh_downstream_endpoint.tdir/unbound_server.pem b/testdata/doh_downstream_endpoint.tdir/unbound_server.pem new file mode 100644 index 000000000000..aeda3ff11882 --- /dev/null +++ b/testdata/doh_downstream_endpoint.tdir/unbound_server.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE +AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS +y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/ +/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu +g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ +9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG +l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH +Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg== +-----END CERTIFICATE----- diff --git a/testdata/doh_downstream_post.tdir/doh_downstream_post.conf b/testdata/doh_downstream_post.tdir/doh_downstream_post.conf new file mode 100644 index 000000000000..f0857bb58519 --- /dev/null +++ b/testdata/doh_downstream_post.tdir/doh_downstream_post.conf @@ -0,0 +1,27 @@ +server: + verbosity: 2 + # num-threads: 1 + interface: 127.0.0.1@@PORT@ + https-port: @PORT@ + tls-service-key: "unbound_server.key" + tls-service-pem: "unbound_server.pem" + use-syslog: no + directory: . + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + http-query-buffer-size: 1G + http-response-buffer-size: 1G + http-max-streams: 200 + + local-zone: "example.net" static + local-data: "www1.example.net. IN A 1.2.3.1" + local-data: "www2.example.net. IN A 1.2.3.2" + local-data: "www3.example.net. IN A 1.2.3.3" + local-zone: "drop.net" deny + tcp-upstream: yes + +forward-zone: + name: "." + forward-addr: "127.0.0.1@@TOPORT@" diff --git a/testdata/doh_downstream_post.tdir/doh_downstream_post.dsc b/testdata/doh_downstream_post.tdir/doh_downstream_post.dsc new file mode 100644 index 000000000000..70de7502fc5c --- /dev/null +++ b/testdata/doh_downstream_post.tdir/doh_downstream_post.dsc @@ -0,0 +1,16 @@ +BaseName: doh_downstream_post +Version: 1.0 +Description: Test DNS-over-HTTPS query processing, using POST method +CreationDate: Mon Jun 12 12:00:00 CET 2020 +Maintainer: +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: doh_downstream_post.pre +Post: doh_downstream_post.post +Test: doh_downstream_post.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/doh_downstream_post.tdir/doh_downstream_post.post b/testdata/doh_downstream_post.tdir/doh_downstream_post.post new file mode 100644 index 000000000000..98034a32c439 --- /dev/null +++ b/testdata/doh_downstream_post.tdir/doh_downstream_post.post @@ -0,0 +1,13 @@ +# #-- doh_downstream_post.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +PRE="../.." +. ../common.sh +if grep "define HAVE_NGHTTP2 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +kill_pid $FWD_PID +kill_pid $UNBOUND_PID +cat unbound.log diff --git a/testdata/doh_downstream_post.tdir/doh_downstream_post.pre b/testdata/doh_downstream_post.tdir/doh_downstream_post.pre new file mode 100644 index 000000000000..34df83d4b4d2 --- /dev/null +++ b/testdata/doh_downstream_post.tdir/doh_downstream_post.pre @@ -0,0 +1,31 @@ +# #-- doh_downstream_post.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +PRE="../.." +. ../common.sh +if grep "define HAVE_NGHTTP2 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +get_random_port 2 +UNBOUND_PORT=$RND_PORT +FWD_PORT=$(($RND_PORT + 1)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test + +# start forwarder +get_ldns_testns +$LDNS_TESTNS -p $FWD_PORT doh_downstream_post.testns >fwd.log 2>&1 & +FWD_PID=$! +echo "FWD_PID=$FWD_PID" >> .tpkg.var.test + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < doh_downstream_post.conf > ub.conf +# start unbound in the background +$PRE/unbound -vvvv -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_ldns_testns_up fwd.log +wait_unbound_up unbound.log diff --git a/testdata/doh_downstream_post.tdir/doh_downstream_post.test b/testdata/doh_downstream_post.tdir/doh_downstream_post.test new file mode 100644 index 000000000000..6442d1e12751 --- /dev/null +++ b/testdata/doh_downstream_post.tdir/doh_downstream_post.test @@ -0,0 +1,340 @@ +# #-- doh_downstream_post.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +PRE="../.." +. ../common.sh +if grep "define HAVE_NGHTTP2 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +get_make +(cd $PRE; $MAKE dohclient) + + +# this test query should just work (server is up) +echo "> query www1.example.net." +$PRE/dohclient -P -s 127.0.0.1 -p $UNBOUND_PORT www1.example.net. A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www1.example.net" outfile | grep "1.2.3.1"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +echo "OK" + +# multiple requests (from localdata) +echo "> query www1.example.net. www2.example.net. www3.example.net." +$PRE/dohclient -P -s 127.0.0.1 -p $UNBOUND_PORT www1.example.net. A IN www2.example.net A IN www3.example.net A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www1.example.net" outfile | grep "1.2.3.1"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www2.example.net" outfile | grep "1.2.3.2"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www3.example.net" outfile | grep "1.2.3.3"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi + +# out of order requests, the example.com elements take 2 seconds to wait. +echo "" +echo "> query www1.example.net. www.example.com. www2.example.net. www2.example.com. www3.example.net." +$PRE/dohclient -P -s 127.0.0.1 -p $UNBOUND_PORT www1.example.net. A IN www.example.com. A IN www2.example.net A IN www2.example.com. A IN www3.example.net A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www1.example.net" outfile | grep "1.2.3.1"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www2.example.net" outfile | grep "1.2.3.2"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www3.example.net" outfile | grep "1.2.3.3"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www.example.com" outfile | grep "10.20.30.40"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www2.example.com" outfile | grep "10.20.30.42"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi + +# out of order requests, the example.com elements take 2 seconds to wait. +# www.example.com present twice, answered twice. +echo "" +echo "> query www1.example.net. www.example.com. www2.example.net. www.example.com. www3.example.net." +$PRE/dohclient -P -s 127.0.0.1 -p $UNBOUND_PORT www1.example.net. A IN www.example.com. A IN www2.example.net A IN www.example.com. A IN www3.example.net A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www1.example.net" outfile | grep "1.2.3.1"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www2.example.net" outfile | grep "1.2.3.2"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www3.example.net" outfile | grep "1.2.3.3"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www.example.com" outfile | grep "10.20.30.40"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi + +# out of order requests, the example.com elements take 2 seconds to wait. +# www3.example.com present twice, answered twice. +echo "" +echo "> query www1.example.net. www3.example.com. www2.example.net. www3.example.com. www3.example.net." +$PRE/dohclient -P -s 127.0.0.1 -p $UNBOUND_PORT www1.example.net. A IN www3.example.com. A IN www2.example.net A IN www3.example.com. A IN www3.example.net A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www1.example.net" outfile | grep "1.2.3.1"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www2.example.net" outfile | grep "1.2.3.2"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www3.example.net" outfile | grep "1.2.3.3"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www3.example.com" outfile | grep "10.20.30.43"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi + +echo "" +echo "> query www4.example.com. www3.example.net." +$PRE/dohclient -P -s 127.0.0.1 -p $UNBOUND_PORT www4.example.com. A IN www3.example.net A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www3.example.net" outfile | grep "1.2.3.3"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www4.example.com" outfile | grep "10.20.30.44"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi + + +echo "" +echo "> query a1.example.com. - a90.example.com." +$PRE/dohclient -P -s 127.0.0.1 -p $UNBOUND_PORT www6.example.com. A IN a1.a.example.com. A IN a2.a.example.com. A IN a3.a.example.com. A IN a4.a.example.com. A IN a5.a.example.com. A IN a6.a.example.com. A IN a7.a.example.com. A IN a8.a.example.com. A IN a9.a.example.com. A IN a10.a.example.com. A IN a11.a.example.com. A IN a12.a.example.com. A IN a13.a.example.com. A IN a14.a.example.com. A IN a15.a.example.com. A IN a16.a.example.com. A IN a17.a.example.com. A IN a18.a.example.com. A IN a19.a.example.com. A IN a20.a.example.com. A IN a21.a.example.com. A IN a22.a.example.com. A IN a23.a.example.com. A IN a24.a.example.com. A IN a25.a.example.com. A IN a26.a.example.com. A IN a27.a.example.com. A IN a28.a.example.com. A IN a29.a.example.com. A IN a30.a.example.com. A IN a31.a.example.com. A IN a32.a.example.com. A IN a33.a.example.com. A IN a34.a.example.com. A IN a35.a.example.com. A IN a36.a.example.com. A IN a37.a.example.com. A IN a38.a.example.com. A IN a39.a.example.com. A IN a40.a.example.com. A IN a41.a.example.com. A IN a42.a.example.com. A IN a43.a.example.com. A IN a44.a.example.com. A IN a45.a.example.com. A IN a46.a.example.com. A IN a47.a.example.com. A IN a48.a.example.com. A IN a49.a.example.com. A IN a50.a.example.com. A IN a51.a.example.com. A IN a52.a.example.com. A IN a53.a.example.com. A IN a54.a.example.com. A IN a55.a.example.com. A IN a56.a.example.com. A IN a57.a.example.com. A IN a58.a.example.com. A IN a59.a.example.com. A IN a60.a.example.com. A IN a61.a.example.com. A IN a62.a.example.com. A IN a63.a.example.com. A IN a64.a.example.com. A IN a65.a.example.com. A IN a66.a.example.com. A IN a67.a.example.com. A IN a68.a.example.com. A IN a69.a.example.com. A IN a70.a.example.com. A IN a71.a.example.com. A IN a72.a.example.com. A IN a73.a.example.com. A IN a74.a.example.com. A IN a75.a.example.com. A IN a76.a.example.com. A IN a77.a.example.com. A IN a78.a.example.com. A IN a79.a.example.com. A IN a80.a.example.com. A IN a81.a.example.com. A IN a82.a.example.com. A IN a83.a.example.com. A IN a84.a.example.com. A IN a85.a.example.com. A IN a86.a.example.com. A IN a87.a.example.com. A IN a88.a.example.com. A IN a89.a.example.com. A IN a90.a.example.com. A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +num_ans=$(grep -B 3 "a.example.com. IN A" outfile | grep "rcode: NOERROR" | wc -l ) +if test "$num_ans" -ne 90; then + echo "number of answers not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "OK" +exit 0 diff --git a/testdata/doh_downstream_post.tdir/doh_downstream_post.testns b/testdata/doh_downstream_post.tdir/doh_downstream_post.testns new file mode 100644 index 000000000000..c53941b678bc --- /dev/null +++ b/testdata/doh_downstream_post.tdir/doh_downstream_post.testns @@ -0,0 +1,74 @@ +; nameserver test file +$ORIGIN example.com. +$TTL 3600 + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=2 +SECTION QUESTION +www IN A +SECTION ANSWER +www IN A 10.20.30.40 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +www2 IN A +SECTION ANSWER +www2 IN A 10.20.30.42 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +www3 IN A +SECTION ANSWER +www3 IN A 10.20.30.43 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=2 +SECTION QUESTION +www4 IN A +SECTION ANSWER +www4 IN A 10.20.30.44 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=2 +SECTION QUESTION +www5 IN A +SECTION ANSWER +www5 IN A 10.20.30.45 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=2 +SECTION QUESTION +www6 IN A +SECTION ANSWER +www6 IN A 10.20.30.46 +ENTRY_END + +; lots of noerror/nodata answers for other queries (a.. queries) +ENTRY_BEGIN +MATCH opcode qtype subdomain +REPLY QR AA NOERROR +ADJUST copy_id copy_query +SECTION QUESTION +a.example.com. IN A +SECTION AUTHORITY +example.com. IN SOA ns hostmaster 2019 28800 7200 604800 3600 +ENTRY_END diff --git a/testdata/doh_downstream_post.tdir/unbound_server.key b/testdata/doh_downstream_post.tdir/unbound_server.key new file mode 100644 index 000000000000..4256c421dd0d --- /dev/null +++ b/testdata/doh_downstream_post.tdir/unbound_server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA +3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s +RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB +AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS +6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds +sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi +XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3 +fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL +CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP +0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2 +oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l +In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S +LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg== +-----END RSA PRIVATE KEY----- diff --git a/testdata/doh_downstream_post.tdir/unbound_server.pem b/testdata/doh_downstream_post.tdir/unbound_server.pem new file mode 100644 index 000000000000..aeda3ff11882 --- /dev/null +++ b/testdata/doh_downstream_post.tdir/unbound_server.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE +AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS +y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/ +/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu +g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ +9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG +l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH +Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg== +-----END CERTIFICATE----- diff --git a/testdata/domain_insec_dlv.rpl b/testdata/domain_insec_dlv.rpl deleted file mode 100644 index c8bd98344d30..000000000000 --- a/testdata/domain_insec_dlv.rpl +++ /dev/null @@ -1,277 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - domain-insecure: "example.net" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - minimal-responses: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with domain-insecure below a DLV -; positive response for DLV. - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; DLV query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net.example.com. IN DLV -SECTION ANSWER -example.net.example.com. 3600 IN DLV 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -example.net.example.com. 3600 IN RRSIG DLV 3 4 3600 20070926134150 20070829134150 2854 example.com. ACK48Q/oKwh/SM9yRiKjZYuc+AtEZ2yCPNJ15kKCN8nsVcv7xigmNTY= ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; www.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA DO NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -SCENARIO_END diff --git a/testdata/edns_client_tag.rpl b/testdata/edns_client_tag.rpl new file mode 100644 index 000000000000..767652c26aa2 --- /dev/null +++ b/testdata/edns_client_tag.rpl @@ -0,0 +1,151 @@ +; config options +server: + edns-client-tag: 10.0.0.0/24 1234 + edns-client-tag: 10.0.0.10/32 5678 + +stub-zone: + name: "tag1234." + stub-addr: 10.0.0.1 + +stub-zone: + name: "tag5678." + stub-addr: 10.0.0.10 + +stub-zone: + name: "notag." + stub-addr: 10.10.0.1 + +CONFIG_END + +SCENARIO_BEGIN Test EDNS client tag option + +RANGE_BEGIN 0 1000 + ADDRESS 10.0.0.1 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +tag1234. IN A +SECTION ANSWER +tag1234. IN A 10.20.30.40 +SECTION ADDITIONAL +ENTRY_END +RANGE_END + +RANGE_BEGIN 0 1000 + ADDRESS 10.0.0.10 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +tag5678. IN A +SECTION ANSWER +tag5678. IN A 10.20.30.40 +SECTION ADDITIONAL +ENTRY_END +RANGE_END + +RANGE_BEGIN 0 1000 + ADDRESS 10.10.0.1 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +notag. IN A +SECTION ANSWER +notag. IN A 10.20.30.40 +SECTION ADDITIONAL +ENTRY_END +RANGE_END + +STEP 10 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +tag1234. IN A +ENTRY_END + +STEP 20 CHECK_OUT_QUERY +ENTRY_BEGIN +MATCH qname qtype opcode ednsdata +SECTION QUESTION +tag1234. IN A +SECTION ADDITIONAL + HEX_EDNSDATA_BEGIN + 00 10 ; Opcode 16 + 00 02 ; Length 2 + 04 d2 ; 1234 + HEX_EDNSDATA_END +ENTRY_END + +STEP 30 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA NOERROR +SECTION QUESTION +tag1234. IN A +SECTION ANSWER +tag1234. IN A 10.20.30.40 +ENTRY_END + +STEP 110 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +tag5678. IN A +ENTRY_END + +STEP 120 CHECK_OUT_QUERY +ENTRY_BEGIN +MATCH qname qtype opcode ednsdata +SECTION QUESTION +tag5678. IN A +SECTION ADDITIONAL + HEX_EDNSDATA_BEGIN + 00 10 ; Opcode 16 + 00 02 ; Length 2 + 16 2e ; 5678 + HEX_EDNSDATA_END +ENTRY_END + +STEP 130 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA NOERROR +SECTION QUESTION +tag5678. IN A +SECTION ANSWER +tag5678. IN A 10.20.30.40 +ENTRY_END + +STEP 210 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +notag. IN A +ENTRY_END + +STEP 220 CHECK_OUT_QUERY +ENTRY_BEGIN +MATCH qname qtype opcode ednsdata +SECTION QUESTION +notag. IN A +SECTION ADDITIONAL + HEX_EDNSDATA_BEGIN + HEX_EDNSDATA_END +ENTRY_END + +STEP 230 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA NOERROR +SECTION QUESTION +notag. IN A +SECTION ANSWER +notag. IN A 10.20.30.40 +ENTRY_END + +SCENARIO_END diff --git a/testdata/fwddlv_parse.rpl b/testdata/fwddlv_parse.rpl deleted file mode 100644 index 8b8a9613f17a..000000000000 --- a/testdata/fwddlv_parse.rpl +++ /dev/null @@ -1,134 +0,0 @@ -; config options -; The island of trust is at example.com -server: - trust-anchor: "dlv.isc.org. 5072 IN DNSKEY 256 3 5 BEAAAAOlYGw53D+f01yCL5JsP0SB6EjYrnd0JYRBooAaGPT+Q0kpiN+7GviFh+nIazoB8e2Yv7mupgqkmIjObdcbGstYpUltdECdNpNmBvASKB9SBdtGeRvXXpORi3Qyxb9kHGG7SpzyYbc+KDVKnzYHB94pvqu3ZZpPFPBFtCibp/mkhw==" - val-override-date: "20090617133009" - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test parse of packet when forwarding and dlv are in use - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -org. IN NS -SECTION AUTHORITY -org. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. (for ORG) -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -org. IN NS -SECTION ANSWER -org. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -dlv.isc.org. IN NS -SECTION AUTHORITY -dlv.isc.org. IN NS ns.org. -SECTION ADDITIONAL -ns.org. IN A 1.2.3.4 -ENTRY_END -RANGE_END - -; ns.org for dlv.isc.org -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -dlv.isc.org. IN DNSKEY -SECTION ANSWER -dlv.isc.org. 5072 IN DNSKEY 256 3 5 BEAAAAOlYGw53D+f01yCL5JsP0SB6EjYrnd0JYRBooAaGPT+Q0kpiN+7GviFh+nIazoB8e2Yv7mupgqkmIjObdcbGstYpUltdECdNpNmBvASKB9SBdtGeRvXXpORi3Qyxb9kHGG7SpzyYbc+KDVKnzYHB94pvqu3ZZpPFPBFtCibp/mkhw== ;{id = 64263 (zsk), size = 1024b} -dlv.isc.org. 5072 IN DNSKEY 257 3 5 BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URkY62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboMQKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VStTDN0YUuWrBNh ;{id = 19297 (ksk), size = 2048b} -dlv.isc.org. 5072 IN RRSIG DNSKEY 5 3 7200 20090717133009 20090617133009 19297 dlv.isc.org. iqGOzsIQKFHcPLbJHLb/kNzcm7TlHiyT4kzTknCjKsC7DCB86YCOhnZZjvZQyA+D0N0KDgNWY8v5czbyX57qR6qORciT2zmPSTGj7CIOe4zrq60n8HzsChKgvk+RSYQrzf6vRfnZhce6Y1waXQd4wh1buPAUw/l46Ovt74ALXzcWSgfMNyx6PBz7rbusuePKeSv0GZL9+M2qhXKe9LJmnzD9uCwnbV/Y5yu+xLfxLdm9q4IKp6Rn50CeHYKf3tO2jI9dkWqFR94XHSTNGfhC02i5UsfP1HRPnk49bX7OMstuuCq9zMX+qTt602MVFYdTSHTy/5+Yw5DvOA9JgOqO4w== ;{id = 19297} -dlv.isc.org. 5072 IN RRSIG DNSKEY 5 3 7200 20090717133009 20090617133009 64263 dlv.isc.org. W1KX1PagXsaWWmxkaOfnLetnw1hhSw7ym91S4rSu14QfFbYi5iN9ZkSuKa21M7Do52S9om/2hDllMF7EFfnv9l4e4/rMOc59vKGVojpHOvZyRVhIiMyh1H9NfLTYUovORRvKO0Cnp65gBXspVf1WhzoY3pC1NZ+5pscPWLeD1rw= ;{id = 64263} -ENTRY_END - -; response to query of interest -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -www.example.com.dlv.isc.org. IN DLV -SECTION ANSWER -SECTION AUTHORITY -dlv.isc.org. 2776 IN SOA ns-int.isc.org. hostmaster.isc.org. 2009061702 7200 3600 2419200 3600 -dlv.isc.org. 2776 IN RRSIG SOA 5 3 3600 20090717133009 20090617133009 64263 dlv.isc.org. S5iTFqF8k9XWoGq4Wajo1GQF6Oc1e5lI1kGFWyaKf3oM2asbzCbVk2aZLtyDCGjYA4euZWXD0q2vol7/1cPB5Ds4SteCuo5Jkpa/mw7mPAcbNu8mYexq1RaodVCbWrW8KSxEyVd8X5mZx2OBaSyK8zns/W5I3ZPNNLf4Kz6Zpo0= ;{id = 64263} -seatex.com.cn.dlv.isc.org. 2776 IN RRSIG NSEC 5 6 3600 20090717133009 20090617133009 64263 dlv.isc.org. Rxv7gVdu8rpWbJ3fJm7cY66IKV+C94I4/HYiDQke1m2P7hXo5bpDBBShKpIvME34ANN8Lb0cZQK9XT7NYpWjE5rjW7CaMiVjiR6U1LyDGQyK4X3wdkbv3aJcHLSg7sWsxyZXj5iVUxkU5JO3JBjo412oKQ3bh+RGi1BxTIIq09g= ;{id = 64263} -seatex.com.cn.dlv.isc.org. 2776 IN NSEC absolight.com.dlv.isc.org. RRSIG NSEC DLV -ericgermann.com.dlv.isc.org. 2776 IN RRSIG NSEC 5 5 3600 20090717133009 20090617133009 64263 dlv.isc.org. OEUizWAXsWFBzt4rN5+AUTaND8phZc4ezux06LA/Ua5N/B/LQQ1cb42eEqCQHwnGK8BsRhbsRiVywPNgnnPlL1Gy8n25gi+0qWOpA27fOwZJbO3n944gKvPDWZoDeCbdJr6AQG5Z9/Ka0ERRtHC6uI2Xn6KCQPjgTEihqhoayYg= ;{id = 64263} -ericgermann.com.dlv.isc.org. 2776 IN NSEC fayengineering.com.dlv.isc.org. RRSIG NSEC DLV -SECTION ADDITIONAL -ENTRY_END -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.com.dlv.isc.org. IN DLV -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA AD DO NXDOMAIN -SECTION QUESTION -www.example.com.dlv.isc.org. IN DLV -SECTION ANSWER -SECTION AUTHORITY -dlv.isc.org. 2776 IN SOA ns-int.isc.org. hostmaster.isc.org. 2009061702 7200 3600 2419200 3600 -dlv.isc.org. 2776 IN RRSIG SOA 5 3 3600 20090717133009 20090617133009 64263 dlv.isc.org. S5iTFqF8k9XWoGq4Wajo1GQF6Oc1e5lI1kGFWyaKf3oM2asbzCbVk2aZLtyDCGjYA4euZWXD0q2vol7/1cPB5Ds4SteCuo5Jkpa/mw7mPAcbNu8mYexq1RaodVCbWrW8KSxEyVd8X5mZx2OBaSyK8zns/W5I3ZPNNLf4Kz6Zpo0= ;{id = 64263} -seatex.com.cn.dlv.isc.org. 2776 IN NSEC absolight.com.dlv.isc.org. RRSIG NSEC DLV -seatex.com.cn.dlv.isc.org. 2776 IN RRSIG NSEC 5 6 3600 20090717133009 20090617133009 64263 dlv.isc.org. Rxv7gVdu8rpWbJ3fJm7cY66IKV+C94I4/HYiDQke1m2P7hXo5bpDBBShKpIvME34ANN8Lb0cZQK9XT7NYpWjE5rjW7CaMiVjiR6U1LyDGQyK4X3wdkbv3aJcHLSg7sWsxyZXj5iVUxkU5JO3JBjo412oKQ3bh+RGi1BxTIIq09g= ;{id = 64263} -ericgermann.com.dlv.isc.org. 2776 IN NSEC fayengineering.com.dlv.isc.org. RRSIG NSEC DLV -ericgermann.com.dlv.isc.org. 2776 IN RRSIG NSEC 5 5 3600 20090717133009 20090617133009 64263 dlv.isc.org. OEUizWAXsWFBzt4rN5+AUTaND8phZc4ezux06LA/Ua5N/B/LQQ1cb42eEqCQHwnGK8BsRhbsRiVywPNgnnPlL1Gy8n25gi+0qWOpA27fOwZJbO3n944gKvPDWZoDeCbdJr6AQG5Z9/Ka0ERRtHC6uI2Xn6KCQPjgTEihqhoayYg= ;{id = 64263} -ENTRY_END - -SCENARIO_END diff --git a/testdata/ssl_req_order.tdir/ssl_req_order.test b/testdata/ssl_req_order.tdir/ssl_req_order.test index 65981d16cea4..360a09922fe7 100644 --- a/testdata/ssl_req_order.tdir/ssl_req_order.test +++ b/testdata/ssl_req_order.tdir/ssl_req_order.test @@ -11,12 +11,14 @@ get_make # this test query should just work (server is up) echo "> query www1.example.net." -$PRE/streamtcp -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN >outfile 2>&1 +$PRE/streamtcp -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN >outfile 2>outerr cat outfile +cat outerr if test "$?" -ne 0; then echo "exit status not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "Not OK" @@ -28,6 +30,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -37,12 +40,14 @@ echo "OK" # multiple requests (from localdata) echo "> query www1.example.net. www2.example.net. www3.example.net." -$PRE/streamtcp -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN www2.example.net A IN www3.example.net A IN >outfile 2>&1 +$PRE/streamtcp -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN www2.example.net A IN www3.example.net A IN >outfile 2>outerr cat outfile +cat outerr if test "$?" -ne 0; then echo "exit status not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "Not OK" @@ -54,6 +59,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -65,6 +71,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -76,6 +83,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -85,12 +93,14 @@ fi # out of order requests, the example.com elements take 2 seconds to wait. echo "" echo "> query www1.example.net. www.example.com. www2.example.net. www2.example.com. www3.example.net." -$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN www.example.com. A IN www2.example.net A IN www2.example.com. A IN www3.example.net A IN >outfile 2>&1 +$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN www.example.com. A IN www2.example.net A IN www2.example.com. A IN www3.example.net A IN >outfile 2>outerr cat outfile +cat outerr if test "$?" -ne 0; then echo "exit status not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "Not OK" @@ -102,6 +112,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -113,6 +124,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -124,6 +136,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -135,6 +148,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -146,6 +160,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -156,12 +171,14 @@ fi # www.example.com present twice, answered twice. echo "" echo "> query www1.example.net. www.example.com. www2.example.net. www.example.com. www3.example.net." -$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN www.example.com. A IN www2.example.net A IN www.example.com. A IN www3.example.net A IN >outfile 2>&1 +$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN www.example.com. A IN www2.example.net A IN www.example.com. A IN www3.example.net A IN >outfile 2>outerr cat outfile +cat outerr if test "$?" -ne 0; then echo "exit status not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "Not OK" @@ -173,6 +190,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -184,6 +202,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -195,6 +214,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -206,6 +226,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -216,12 +237,14 @@ fi # www3.example.com present twice, answered twice. echo "" echo "> query www1.example.net. www3.example.com. www2.example.net. www3.example.com. www3.example.net." -$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN www3.example.com. A IN www2.example.net A IN www3.example.com. A IN www3.example.net A IN >outfile 2>&1 +$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN www3.example.com. A IN www2.example.net A IN www3.example.com. A IN www3.example.net A IN >outfile 2>outerr cat outfile +cat outerr if test "$?" -ne 0; then echo "exit status not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "Not OK" @@ -233,6 +256,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -244,6 +268,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -255,6 +280,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -266,6 +292,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -274,12 +301,14 @@ fi echo "" echo "> query www4.example.com. www3.example.net." -$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www4.example.com. A IN www3.example.net A IN >outfile 2>&1 +$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www4.example.com. A IN www3.example.net A IN >outfile 2>outerr cat outfile +cat outerr if test "$?" -ne 0; then echo "exit status not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "Not OK" @@ -291,6 +320,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -302,6 +332,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -310,12 +341,14 @@ fi echo "" echo "> query a1.example.com. - a100.example.com." -$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www6.example.com. A IN a1.a.example.com. A IN a2.a.example.com. A IN a3.a.example.com. A IN a4.a.example.com. A IN a5.a.example.com. A IN a6.a.example.com. A IN a7.a.example.com. A IN a8.a.example.com. A IN a9.a.example.com. A IN a10.a.example.com. A IN a11.a.example.com. A IN a12.a.example.com. A IN a13.a.example.com. A IN a14.a.example.com. A IN a15.a.example.com. A IN a16.a.example.com. A IN a17.a.example.com. A IN a18.a.example.com. A IN a19.a.example.com. A IN a20.a.example.com. A IN a21.a.example.com. A IN a22.a.example.com. A IN a23.a.example.com. A IN a24.a.example.com. A IN a25.a.example.com. A IN a26.a.example.com. A IN a27.a.example.com. A IN a28.a.example.com. A IN a29.a.example.com. A IN a30.a.example.com. A IN a31.a.example.com. A IN a32.a.example.com. A IN a33.a.example.com. A IN a34.a.example.com. A IN a35.a.example.com. A IN a36.a.example.com. A IN a37.a.example.com. A IN a38.a.example.com. A IN a39.a.example.com. A IN a40.a.example.com. A IN a41.a.example.com. A IN a42.a.example.com. A IN a43.a.example.com. A IN a44.a.example.com. A IN a45.a.example.com. A IN a46.a.example.com. A IN a47.a.example.com. A IN a48.a.example.com. A IN a49.a.example.com. A IN a50.a.example.com. A IN a51.a.example.com. A IN a52.a.example.com. A IN a53.a.example.com. A IN a54.a.example.com. A IN a55.a.example.com. A IN a56.a.example.com. A IN a57.a.example.com. A IN a58.a.example.com. A IN a59.a.example.com. A IN a60.a.example.com. A IN a61.a.example.com. A IN a62.a.example.com. A IN a63.a.example.com. A IN a64.a.example.com. A IN a65.a.example.com. A IN a66.a.example.com. A IN a67.a.example.com. A IN a68.a.example.com. A IN a69.a.example.com. A IN a70.a.example.com. A IN a71.a.example.com. A IN a72.a.example.com. A IN a73.a.example.com. A IN a74.a.example.com. A IN a75.a.example.com. A IN a76.a.example.com. A IN a77.a.example.com. A IN a78.a.example.com. A IN a79.a.example.com. A IN a80.a.example.com. A IN a81.a.example.com. A IN a82.a.example.com. A IN a83.a.example.com. A IN a84.a.example.com. A IN a85.a.example.com. A IN a86.a.example.com. A IN a87.a.example.com. A IN a88.a.example.com. A IN a89.a.example.com. A IN a90.a.example.com. A IN a91.a.example.com. A IN a92.a.example.com. A IN a93.a.example.com. A IN a94.a.example.com. A IN a95.a.example.com. A IN a96.a.example.com. A IN a97.a.example.com. A IN a98.a.example.com. A IN a99.a.example.com. A IN a100.a.example.com. A IN >outfile 2>&1 +$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www6.example.com. A IN a1.a.example.com. A IN a2.a.example.com. A IN a3.a.example.com. A IN a4.a.example.com. A IN a5.a.example.com. A IN a6.a.example.com. A IN a7.a.example.com. A IN a8.a.example.com. A IN a9.a.example.com. A IN a10.a.example.com. A IN a11.a.example.com. A IN a12.a.example.com. A IN a13.a.example.com. A IN a14.a.example.com. A IN a15.a.example.com. A IN a16.a.example.com. A IN a17.a.example.com. A IN a18.a.example.com. A IN a19.a.example.com. A IN a20.a.example.com. A IN a21.a.example.com. A IN a22.a.example.com. A IN a23.a.example.com. A IN a24.a.example.com. A IN a25.a.example.com. A IN a26.a.example.com. A IN a27.a.example.com. A IN a28.a.example.com. A IN a29.a.example.com. A IN a30.a.example.com. A IN a31.a.example.com. A IN a32.a.example.com. A IN a33.a.example.com. A IN a34.a.example.com. A IN a35.a.example.com. A IN a36.a.example.com. A IN a37.a.example.com. A IN a38.a.example.com. A IN a39.a.example.com. A IN a40.a.example.com. A IN a41.a.example.com. A IN a42.a.example.com. A IN a43.a.example.com. A IN a44.a.example.com. A IN a45.a.example.com. A IN a46.a.example.com. A IN a47.a.example.com. A IN a48.a.example.com. A IN a49.a.example.com. A IN a50.a.example.com. A IN a51.a.example.com. A IN a52.a.example.com. A IN a53.a.example.com. A IN a54.a.example.com. A IN a55.a.example.com. A IN a56.a.example.com. A IN a57.a.example.com. A IN a58.a.example.com. A IN a59.a.example.com. A IN a60.a.example.com. A IN a61.a.example.com. A IN a62.a.example.com. A IN a63.a.example.com. A IN a64.a.example.com. A IN a65.a.example.com. A IN a66.a.example.com. A IN a67.a.example.com. A IN a68.a.example.com. A IN a69.a.example.com. A IN a70.a.example.com. A IN a71.a.example.com. A IN a72.a.example.com. A IN a73.a.example.com. A IN a74.a.example.com. A IN a75.a.example.com. A IN a76.a.example.com. A IN a77.a.example.com. A IN a78.a.example.com. A IN a79.a.example.com. A IN a80.a.example.com. A IN a81.a.example.com. A IN a82.a.example.com. A IN a83.a.example.com. A IN a84.a.example.com. A IN a85.a.example.com. A IN a86.a.example.com. A IN a87.a.example.com. A IN a88.a.example.com. A IN a89.a.example.com. A IN a90.a.example.com. A IN a91.a.example.com. A IN a92.a.example.com. A IN a93.a.example.com. A IN a94.a.example.com. A IN a95.a.example.com. A IN a96.a.example.com. A IN a97.a.example.com. A IN a98.a.example.com. A IN a99.a.example.com. A IN a100.a.example.com. A IN >outfile 2>outerr cat outfile +cat outerr if test "$?" -ne 0; then echo "exit status not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "Not OK" @@ -325,12 +358,14 @@ grep "a.example.com. IN A" outfile echo "" echo "> query www5.example.net. www3.example.net. www.drop.net." -$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www5.example.com. A IN www3.example.net A IN www.drop.net A IN >outfile 2>&1 +$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www5.example.com. A IN www3.example.net A IN www.drop.net A IN >outfile 2>outerr cat outfile +cat outerr if test "$?" -ne 0; then echo "exit status not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "Not OK" diff --git a/testdata/ssl_req_timeout.tdir/ssl_req_timeout.test b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.test index 5223fc9853b3..7f6527e0d6a6 100644 --- a/testdata/ssl_req_timeout.tdir/ssl_req_timeout.test +++ b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.test @@ -17,12 +17,14 @@ fi # this test query should just work (server is up) echo "> query www1.example.net." -$PRE/streamtcp -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN >outfile 2>&1 +$PRE/streamtcp -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN >outfile 2>outerr cat outfile +cat outerr if test "$?" -ne 0; then echo "exit status not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "Not OK" @@ -34,6 +36,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -43,12 +46,14 @@ echo "OK" # multiple requests that are answered immediately and then the timeout echo "> query www1.example.net. www2.example.net. www3.example.net. www.example.com." -$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN www2.example.net A IN www3.example.net A IN www.example.com. A IN >outfile 2>&1 +$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN www2.example.net A IN www3.example.net A IN www.example.com. A IN >outfile 2>outerr cat outfile +cat outerr if test "$?" -ne 0; then echo "exit status not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "Not OK" @@ -60,6 +65,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -71,6 +77,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -82,6 +89,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -93,6 +101,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" @@ -101,12 +110,14 @@ fi # multiple requests that are waiting for answers and then the timeout echo "> query www2.example.com. www2.example.com. www3.example.com." -$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www2.example.com. A IN www2.example.com A IN www3.example.com A IN >outfile 2>&1 +$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www2.example.com. A IN www2.example.com A IN www3.example.com A IN >outfile 2>outerr cat outfile +cat outerr if test "$?" -ne 0; then echo "exit status not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "Not OK" @@ -118,6 +129,7 @@ else echo "result contents not OK" echo "> cat logfiles" cat outfile + cat outerr cat fwd.log cat unbound.log echo "result contents not OK" diff --git a/testdata/stat_values.tdir/stat_values.conf b/testdata/stat_values.tdir/stat_values.conf new file mode 100644 index 000000000000..5cec691f589d --- /dev/null +++ b/testdata/stat_values.tdir/stat_values.conf @@ -0,0 +1,31 @@ +server: + verbosity: 2 + num-threads: 1 + interface: 127.0.0.1 + port: @PORT@ + use-syslog: no + directory: "" + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + extended-statistics: yes + identity: "stat_values" + + local-zone: local.zone static + local-data: "www.local.zone A 192.0.2.1" +remote-control: + control-enable: yes + control-interface: 127.0.0.1 + # control-interface: ::1 + control-port: @CONTROL_PORT@ + server-key-file: "unbound_server.key" + server-cert-file: "unbound_server.pem" + control-key-file: "unbound_control.key" + control-cert-file: "unbound_control.pem" +forward-zone: + name: "." + forward-addr: "127.0.0.1@@TOPORT@" +forward-zone: + name: "expired." + forward-addr: "127.0.0.1@@EXPIREDPORT@" diff --git a/testdata/stat_values.tdir/stat_values.dsc b/testdata/stat_values.tdir/stat_values.dsc new file mode 100644 index 000000000000..5112dbcf97af --- /dev/null +++ b/testdata/stat_values.tdir/stat_values.dsc @@ -0,0 +1,16 @@ +BaseName: stat_values +Version: 1.0 +Description: Test unbound statistics +CreationDate: Mon Sep 09 14:48:03 CEST 2020 +Maintainer: +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: stat_values.pre +Post: stat_values.post +Test: stat_values.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/stat_values.tdir/stat_values.post b/testdata/stat_values.tdir/stat_values.post new file mode 100644 index 000000000000..8656b599fc18 --- /dev/null +++ b/testdata/stat_values.tdir/stat_values.post @@ -0,0 +1,14 @@ +# #-- stat_values.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +. ../common.sh +kill_pid $FWD_PID +kill $FWD_EXPIRED_PID >/dev/null 2>&1 # This is killed during testing. +# it was stopped with unbound-control (if the test succeeded) +kill $UNBOUND_PID >/dev/null 2>&1 +kill $UNBOUND_PID >/dev/null 2>&1 +exit 0 diff --git a/testdata/stat_values.tdir/stat_values.pre b/testdata/stat_values.tdir/stat_values.pre new file mode 100644 index 000000000000..2db4a17e0096 --- /dev/null +++ b/testdata/stat_values.tdir/stat_values.pre @@ -0,0 +1,41 @@ +# #-- stat_values.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh +get_random_port 4 +UNBOUND_PORT=$RND_PORT +FWD_PORT=$(($RND_PORT + 1)) +FWD_EXPIRED_PORT=$(($RND_PORT + 2)) +CONTROL_PORT=$(($RND_PORT + 3)) +FWD_EXPIRED_PORT=$(($RND_PORT + 4)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test +echo "FWD_EXPIRED_PORT=$FWD_EXPIRED_PORT" >> .tpkg.var.test +echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test + +# start forwarder +get_ldns_testns +$LDNS_TESTNS -p $FWD_PORT stat_values.testns >fwd.log 2>&1 & +FWD_PID=$! +echo "FWD_PID=$FWD_PID" >> .tpkg.var.test + +# start expired forwarder +$LDNS_TESTNS -p $FWD_EXPIRED_PORT stat_values.testexpiredns >fwd_expired.log 2>&1 & +FWD_EXPIRED_PID=$! +echo "FWD_EXPIRED_PID=$FWD_EXPIRED_PID" >> .tpkg.var.test + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@EXPIREDPORT\@/'$FWD_EXPIRED_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' < stat_values.conf > ub.conf +# start unbound in the background +PRE="../.." +$PRE/unbound -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_ldns_testns_up fwd.log +wait_ldns_testns_up fwd_expired.log +wait_unbound_up unbound.log diff --git a/testdata/stat_values.tdir/stat_values.test b/testdata/stat_values.tdir/stat_values.test new file mode 100644 index 000000000000..1cd19fa2b43e --- /dev/null +++ b/testdata/stat_values.tdir/stat_values.test @@ -0,0 +1,411 @@ +# #-- stat_values.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test +# We need kill_pid for the serve-expired-client-timeout test +. ../common.sh + +PRE="../.." + +# Individual thread stats. +STATS_IGNORE_THREAD="\ +^thread" + +# Histogram stats. +STATS_IGNORE_HISTOGRAM="\ +^histogram" + +# Time dependent stats. +STATS_IGNORE_TIME_SPECIFIC="\ +^total.recursion.time.avg= +^total.recursion.time.median= +^time.now= +^time.up= +^time.elapsed=" + +# Usage dependent stats. +STATS_IGNORE_USAGE_SPECIFIC="\ +^total.requestlist.avg= +^total.requestlist.max= +^total.requestlist.overwritten= +^total.requestlist.exceeded= +^total.requestlist.current.all= +^total.requestlist.current.user= +^total.tcpusage= +^mem\." + +# Stats to ignore by default. +STATS_IGNORE_DEFAULT="\ +$STATS_IGNORE_THREAD +$STATS_IGNORE_HISTOGRAM +$STATS_IGNORE_TIME_SPECIFIC +$STATS_IGNORE_USAGE_SPECIFIC" + +# Various files to be used while testing. +STATS_FILE=stats.$$ +EXPECTED_STATS_FILE=expected_stats.$$ +IGNORE_REGEX_FILE=ignore_regex.$$ +FILTERED_STATS_FILE=filtered_stats.$$ +FOUND_STATS_FILE=found_stats.$$ +REST_STATS_FILE=rest_stats.$$ + +DEBUG=0 + +# Write stats to $STATS_FILE. +# Call this when you want to get stats from unbound. +get_stats () { + echo "> Getting stats" + echo "$PRE/unbound-control -c ub.conf stats" + $PRE/unbound-control -c ub.conf stats > $STATS_FILE + if test $? -ne 0; then + echo "wrong exit value after success" + exit 1 + fi +} + +# Set the expected stat values by writing to $EXPECTED_STATS_FILE. +# sort is used for proper diff later. +set_expected_stats () { + echo "$1" | sort > $EXPECTED_STATS_FILE +} + +# Set the regex to ignore stats by writing to $IGNORE_REGEX_FILE. +set_ignore_regex_stats () { + echo "$1" > $IGNORE_REGEX_FILE +} + +# Filter the stats by removing any matched regex from $IGNORE_REGEX_FILE, +# sorts and writes the left over stats to $FILTERED_STATS_FILE. +filter_stats () { + grep -v -f $IGNORE_REGEX_FILE $STATS_FILE | sort > $FILTERED_STATS_FILE +} + +# Check that the stats in $FILTERED_STATS_FILE include the expected stats in +# $EXPECTED_STATS_FILE. +check_expected_stats () { + echo "> Checking expected stats" + grep -F -x -f $EXPECTED_STATS_FILE $FILTERED_STATS_FILE > $FOUND_STATS_FILE + if test $DEBUG -ne 0; then + echo "Found:" + cat $FOUND_STATS_FILE + fi + if diff $EXPECTED_STATS_FILE $FOUND_STATS_FILE; then + echo "OK" + else + echo "! bad expected stats:" + cat $FILTERED_STATS_FILE + exit 1 + fi +} + +# Check that the rest (unspecified) stats are all 0 (no surprises). +check_rest_stats () { + echo "> Checking rest stats" + grep -F -x -v -f $EXPECTED_STATS_FILE $FILTERED_STATS_FILE > $REST_STATS_FILE + if test $DEBUG -ne 0; then + echo "Rest:" + cat $REST_STATS_FILE + fi + if grep -v "=0$" $REST_STATS_FILE; then + echo "! bad rest stats" + exit 1 + else + echo "OK" + fi +} + +# Main function to check stats by: +# - Getting stats from unbound +# - Filtering out the stats we are not interested in +# - Checking that the expected stats are part of the filtered stats +# - The rest of the stats have 0 values. +check_stats () { + set_expected_stats "$1" + if test $DEBUG -ne 0; then + echo "Expected:" + cat $EXPECTED_STATS_FILE + fi + get_stats + filter_stats + if test $DEBUG -ne 0; then + echo "Filtered:" + cat $FILTERED_STATS_FILE + fi + check_expected_stats + check_rest_stats +} + +# Convenient function to set an option through unbound-control. +set_ub_option () { + name=$1 + value=$2 + echo "$PRE/unbound-control -c ub.conf set_option $name: $value" + $PRE/unbound-control -c ub.conf set_option $name: $value + if test $? -ne 0; then + echo "wrong exit value after success" + exit 1 + fi +} + +# Convenient function to exit the test. +end () { + echo "> cat logfiles" + cat fwd.log + cat unbound.log + if test $1 -eq 1; then + echo "Not OK" + else + echo "> OK" + fi + exit $1 +} + +# Ignore all run specific stats. +set_ignore_regex_stats "$STATS_IGNORE_DEFAULT" + +# Check if the server is up. +echo "> dig 1ttl.example.com." +dig @127.0.0.1 -p $UNBOUND_PORT 1ttl.example.com. | tee outfile +echo "> check answer" +if grep "1.1.1.1" outfile; then + echo "OK" +else + end 1 +fi + +echo +echo "[ Check initial stats based on first query. ]" +check_stats "\ +total.num.queries=1 +total.num.cachemiss=1 +total.num.recursivereplies=1 +num.query.type.A=1 +num.query.class.IN=1 +num.query.opcode.QUERY=1 +num.query.flags.RD=1 +num.query.flags.AD=1 +num.query.edns.present=1 +msg.cache.count=1 +rrset.cache.count=1 +infra.cache.count=1 +num.answer.rcode.NOERROR=1" + +echo +echo "[ Check stat reset. ]" +check_stats "\ +msg.cache.count=1 +rrset.cache.count=1 +infra.cache.count=1" + + +echo +echo "[ Enable serve-expired and check. ]" +set_ub_option serve-expired yes +sleep 2 # make sure the TTL has expired. +echo "> dig 1ttl.example.com." +dig @127.0.0.1 -p $UNBOUND_PORT 1ttl.example.com. | tee outfile +echo "> check answer" +if grep "1.1.1.1" outfile; then + echo "OK" +else + end 1 +fi +check_stats "\ +total.num.queries=1 +total.num.expired=1 +total.num.cachehits=1 +total.num.prefetch=1 +num.answer.rcode.NOERROR=1 +num.query.class.IN=1 +num.query.edns.present=1 +num.query.flags.AD=1 +num.query.flags.RD=1 +num.query.opcode.QUERY=1 +num.query.type.A=1 +msg.cache.count=1 +rrset.cache.count=1 +infra.cache.count=1" + + +echo +echo "[ Enable serve-expired-client-timeout and check. ]" +set_ub_option serve-expired-client-timeout 1 +echo "> dig servfail.expired." +dig @127.0.0.1 -p $UNBOUND_PORT servfail.expired. | tee outfile +echo "> check answer" +if grep "192.0.2.1" outfile; then + echo "OK" +else + end 1 +fi +check_stats "\ +total.num.queries=1 +total.num.cachemiss=1 +total.num.recursivereplies=1 +num.query.type.A=1 +num.query.class.IN=1 +num.query.opcode.QUERY=1 +num.query.flags.RD=1 +num.query.flags.AD=1 +num.query.edns.present=1 +msg.cache.count=2 +rrset.cache.count=2 +infra.cache.count=2 +num.answer.rcode.NOERROR=1" +kill_pid $FWD_EXPIRED_PID # kill the expired forwarder to force a servfail from upstream. +sleep 2 # make sure the TTL has expired. +echo "> dig servfail.expired." +dig @127.0.0.1 -p $UNBOUND_PORT servfail.expired. | tee outfile +echo "> check answer" +if grep "192.0.2.1" outfile; then + echo "OK" +else + end 1 +fi +check_stats "\ +total.num.queries=1 +total.num.expired=1 +total.num.recursivereplies=1 +num.answer.rcode.NOERROR=1 +num.query.class.IN=1 +num.query.edns.present=1 +num.query.flags.AD=1 +num.query.flags.RD=1 +num.query.opcode.QUERY=1 +num.query.type.A=1 +total.num.cachemiss=1 +msg.cache.count=2 +rrset.cache.count=2 +infra.cache.count=2" + + +# Disable serve-expired +set_ub_option serve-expired no + + +echo +echo "[ Check REFUSED; try without RD flag. ]" +echo "> dig somethingelse.example.com." +dig @127.0.0.1 -p $UNBOUND_PORT +nordflag somethingelse.example.com. | tee outfile +echo "> check answer" +if grep "REFUSED" outfile; then + echo "OK" +else + end 1 +fi +check_stats "\ +num.answer.rcode.REFUSED=1 +total.num.cachehits=1 +num.query.class.IN=1 +num.query.edns.present=1 +num.query.flags.AD=1 +num.query.opcode.QUERY=1 +num.query.type.A=1 +total.num.queries=1 +msg.cache.count=2 +rrset.cache.count=2 +infra.cache.count=2" + + +echo +echo "[ Check the AD flag. ]" +echo "> dig www.example.com." +dig @127.0.0.1 -p $UNBOUND_PORT +noadflag www.example.com. | tee outfile +echo "> check answer" +if grep "10.20.30.40" outfile; then + echo "OK" +else + end 1 +fi +check_stats "\ +num.query.flags.AD=0 +total.num.cachemiss=1 +num.answer.rcode.NOERROR=1 +num.query.class.IN=1 +num.query.edns.present=1 +num.query.flags.RD=1 +num.query.opcode.QUERY=1 +num.query.type.A=1 +total.num.queries=1 +total.num.recursivereplies=1 +msg.cache.count=3 +rrset.cache.count=3 +infra.cache.count=2" + +echo +echo "[ Check local zone. ]" +echo "> dig www.local.zone." +dig @127.0.0.1 -p $UNBOUND_PORT www.local.zone. | tee outfile +echo "> check answer" +if grep "192.0.2.1" outfile; then + echo "OK" +else + end 1 +fi +check_stats "\ +num.answer.rcode.NOERROR=1 +total.num.cachehits=1 +num.query.class.IN=1 +num.query.edns.present=1 +num.query.flags.AD=1 +num.query.flags.RD=1 +num.query.opcode.QUERY=1 +num.query.type.A=1 +total.num.queries=1 +msg.cache.count=3 +rrset.cache.count=3 +infra.cache.count=2" + + +echo +echo "[ Check NXDOMAIN (with local data). ]" +echo "> dig mail.local.zone." +dig @127.0.0.1 -p $UNBOUND_PORT mail.local.zone. | tee outfile +echo "> check answer" +if grep "NXDOMAIN" outfile; then + echo "OK" +else + end 1 +fi +check_stats "\ +num.answer.rcode.NXDOMAIN=1 +total.num.cachehits=1 +num.query.class.IN=1 +num.query.edns.present=1 +num.query.flags.AD=1 +num.query.flags.RD=1 +num.query.opcode.QUERY=1 +num.query.type.A=1 +total.num.queries=1 +msg.cache.count=3 +rrset.cache.count=3 +infra.cache.count=2" + + +echo +echo "[ Check CHAOS. ]" +echo "> dig id.server. ch txt" +dig @127.0.0.1 -p $UNBOUND_PORT id.server. ch txt | tee outfile +echo "> check answer" +if grep "stat_values" outfile; then + echo "OK" +else + end 1 +fi +check_stats "\ +num.query.class.CH=1 +total.num.cachehits=1 +num.answer.rcode.NOERROR=1 +num.query.edns.present=1 +num.query.flags.AD=1 +num.query.flags.RD=1 +num.query.opcode.QUERY=1 +num.query.type.TXT=1 +total.num.queries=1 +msg.cache.count=3 +rrset.cache.count=3 +infra.cache.count=2" + + +end 0 diff --git a/testdata/stat_values.tdir/stat_values.testexpiredns b/testdata/stat_values.tdir/stat_values.testexpiredns new file mode 100644 index 000000000000..a737a4a7930c --- /dev/null +++ b/testdata/stat_values.tdir/stat_values.testexpiredns @@ -0,0 +1,13 @@ +; nameserver test file +$ORIGIN expired. +$TTL 3600 + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +servfail IN A +SECTION ANSWER +servfail 1 IN A 192.0.2.1 +ENTRY_END diff --git a/testdata/stat_values.tdir/stat_values.testns b/testdata/stat_values.tdir/stat_values.testns new file mode 100644 index 000000000000..6691b01998ad --- /dev/null +++ b/testdata/stat_values.tdir/stat_values.testns @@ -0,0 +1,23 @@ +; nameserver test file +$ORIGIN example.com. +$TTL 3600 + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +www IN A +SECTION ANSWER +www IN A 10.20.30.40 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +1ttl IN A +SECTION ANSWER +1ttl 1 IN A 1.1.1.1 +ENTRY_END diff --git a/testdata/stat_values.tdir/unbound_control.key b/testdata/stat_values.tdir/unbound_control.key new file mode 100644 index 000000000000..753a4ef6162e --- /dev/null +++ b/testdata/stat_values.tdir/unbound_control.key @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG4gIBAAKCAYEAstEp+Pyh8XGrtZ77A4FhYjvbeB3dMa7Q2rGWxobzlA9przhA +1aChAvUtCOAuM+rB6NTNB8YWfZJbQHawyMNpmC77cg6vXLYCGUQHZyAqidN049RJ +F5T7j4N8Vniv17LiRdr0S6swy4PRvEnIPPV43EQHZqC5jVvHsKkhIfmBF/Dj5TXR +ypeawWV/m5jeU6/4HRYMfytBZdO1mPXuWLh0lgbQ4SCbgrOUVD3rniMk1yZIbQOm +vlDHYqekjDb/vOW2KxUQLG04aZMJ1mWfdbwG0CKQkSjISEDZ1l76vhM6mTM0fwXb +IvyFZ9yPPCle1mF5aSlxS2cmGuGVSRQaw8XF9fe3a9ACJJTr33HdSpyaZkKRAUzL +cKqLCl323daKv3NwwAT03Tj4iQM416ASMoiyfFa/2GWTKQVjddu8Crar7tGaf5xr +lig4DBmrBvdYA3njy72/RD71hLwmlRoCGU7dRuDr9O6KASUm1Ri91ONZ/qdjMvov +15l2vj4GV+KXR00dAgMBAAECggGAHepIL1N0dEQkCdpy+/8lH54L9WhpnOo2HqAf +LU9eaKK7d4jdr9+TkD8cLaPzltPrZNxVALvu/0sA4SP6J1wpyj/x6P7z73qzly5+ +Xo5PD4fEwmi9YaiW/UduAblnEZrnp/AddptJKoL/D5T4XtpiQddPtael4zQ7kB57 +YIexRSQTvEDovA/o3/nvA0TrzOxfgd4ycQP3iOWGN/TMzyLsvjydrUwbOB567iz9 +whL3Etdgvnwh5Sz2blbFfH+nAR8ctvFFz+osPvuIVR21VMEI6wm7kTpSNnQ6sh/c +lrLb/bTADn4g7z/LpIZJ+MrLvyEcoqValrLYeFBhM9CV8woPxvkO2P3pU47HVGax +tC7GV6a/kt5RoKFd/TNdiA3OC7NGZtaeXv9VkPf4fVwBtSO9d5ZZXTGEynDD/rUQ +U4KFJe6OD23APjse08HiiKqTPhsOneOONU67iqoaTdIkT2R4EdlkVEDpXVtWb+G9 +Q+IqYzVljlzuyHrhWXLJw/FMa2aBAoHBAOnZbi4gGpH+P6886WDWVgIlTccuXoyc +Mg9QQYk9UDeXxL0AizR5bZy49Sduegz9vkHpAiZARQsUnizHjZ8YlRcrmn4t6tx3 +ahTIKAjdprnxJfYINM580j8CGbXvX5LhIlm3O267D0Op+co3+7Ujy+cjsIuFQrP+ +1MqMgXSeBjzC1APivmps7HeFE+4w0k2PfN5wSMDNCzLo99PZuUG5XZ93OVOS5dpN +b+WskdcD8NOoJy/X/5A08veEI/jYO/DyqQKBwQDDwUQCOWf41ecvJLtBHKmEnHDz +ftzHino9DRKG8a9XaN4rmetnoWEaM2vHGX3pf3mwH+dAe8vJdAQueDhBKYeEpm6C +TYNOpou1+Zs5s99BilCTNYo8fkMOAyqwRwmz9zgHS6QxXuPwsghKefLJGt6o6RFF +tfWVTfLlYJ+I3GQe3ySsk3wjVz4oUTKiyiq5+KzD+HhEkS7u+RQ7Z0ZI2xd2cF8Y +aN2hjKDpcOiFf3CDoqka5D1qMNLgIHO52AHww1UCgcA1h7o7AMpURRka6hyaODY0 +A4oMYEbwdQjYjIyT998W+rzkbu1us6UtzQEBZ760npkgyU/epbOoV63lnkCC/MOU +LD0PST+L/CHiY/cWIHb79YG1EifUZKpUFg0Aoq0EGFkepF0MefGCkbRGYA5UZr9U +R80wAu9D+L+JJiS0J0BSRF74DL196zUuHt5zFeXuLzxsRtPAnq9DliS08BACRYZy +7H3I7cWD9Vn5/0jbKWHFcaaWwyETR6uekTcSzZzbCRECgcBeoE3/xUA9SSk34Mmj +7/cB4522Ft0imA3+9RK/qJTZ7Bd5fC4PKjOGNtUiqW/0L2rjeIiQ40bfWvWqgPKw +jSK1PL6uvkl6+4cNsFsYyZpiVDoe7wKju2UuoNlB3RUTqa2r2STFuNj2wRjA57I1 +BIgdnox65jqQsd14g/yaa+75/WP9CE45xzKEyrtvdcqxm0Pod3OrsYK+gikFjiar +kT0GQ8u0QPzh2tjt/2ZnIfOBrl+QYERP0MofDZDjhUdq2wECgcB0Lu841+yP5cdR +qbJhXO4zJNh7oWNcJlOuQp3ZMNFrA1oHpe9pmLukiROOy01k9WxIMQDzU5GSqRv3 +VLkYOIcbhJ3kClKAcM3j95SkKbU2H5/RENb3Ck52xtl4pNU1x/3PnVFZfDVuuHO9 +MZ9YBcIeK98MyP2jr5JtFKnOyPE7xKq0IHIhXadpbc2wjje5FtZ1cUtMyEECCXNa +C1TpXebHGyXGpY9WdWXhjdE/1jPvfS+uO5WyuDpYPr339gsdq1g= +-----END RSA PRIVATE KEY----- diff --git a/testdata/stat_values.tdir/unbound_control.pem b/testdata/stat_values.tdir/unbound_control.pem new file mode 100644 index 000000000000..a1edf7017f1d --- /dev/null +++ b/testdata/stat_values.tdir/unbound_control.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDszCCAhsCFGD5193whHQ2bVdzbaQfdf1gc4SkMA0GCSqGSIb3DQEBCwUAMBIx +EDAOBgNVBAMMB3VuYm91bmQwHhcNMjAwNzA4MTMzMjMwWhcNNDAwMzI1MTMzMjMw +WjAaMRgwFgYDVQQDDA91bmJvdW5kLWNvbnRyb2wwggGiMA0GCSqGSIb3DQEBAQUA +A4IBjwAwggGKAoIBgQCy0Sn4/KHxcau1nvsDgWFiO9t4Hd0xrtDasZbGhvOUD2mv +OEDVoKEC9S0I4C4z6sHo1M0HxhZ9kltAdrDIw2mYLvtyDq9ctgIZRAdnICqJ03Tj +1EkXlPuPg3xWeK/XsuJF2vRLqzDLg9G8Scg89XjcRAdmoLmNW8ewqSEh+YEX8OPl +NdHKl5rBZX+bmN5Tr/gdFgx/K0Fl07WY9e5YuHSWBtDhIJuCs5RUPeueIyTXJkht +A6a+UMdip6SMNv+85bYrFRAsbThpkwnWZZ91vAbQIpCRKMhIQNnWXvq+EzqZMzR/ +Bdsi/IVn3I88KV7WYXlpKXFLZyYa4ZVJFBrDxcX197dr0AIklOvfcd1KnJpmQpEB +TMtwqosKXfbd1oq/c3DABPTdOPiJAzjXoBIyiLJ8Vr/YZZMpBWN127wKtqvu0Zp/ +nGuWKDgMGasG91gDeePLvb9EPvWEvCaVGgIZTt1G4Ov07ooBJSbVGL3U41n+p2My ++i/XmXa+PgZX4pdHTR0CAwEAATANBgkqhkiG9w0BAQsFAAOCAYEAd++Wen6l8Ifj +4h3p/y16PhSsWJWuJ4wdNYy3/GM84S26wGjzlEEwiW76HpH6VJzPOiBAeWnFKE83 +hFyetEIxgJeIPbcs9ZP/Uoh8GZH9tRISBSN9Hgk2Slr9llo4t1H0g/XTgA5HqMQU +9YydlBh43G7Vw3FVwh09OM6poNOGQKNc/tq2/QdKeUMtyBbLWpRmjH5XcCT35fbn +ZiVOUldqSHD4kKrFO4nJYXZyipRbcXybsLiX9GP0GLemc3IgIvOXyJ2RPp06o/SJ +pzlMlkcAfLJaSuEW57xRakhuNK7m051TKKzJzIEX+NFYOVdafFHS8VwGrYsdrFvD +72tMfu+Fu55y3awdWWGc6YlaGogZiuMnJkvQphwgn+5qE/7CGEckoKEsH601rqIZ +muaIc85+nEcHJeijd/ZlBN9zeltjFoMuqTUENgmv8+tUAdVm/UMY9Vjme6b43ydP +uv6DS02+k9z8toxXworLiPr94BGaiGV1NxgwZKLZigYJt/Fi2Qte +-----END CERTIFICATE----- diff --git a/testdata/stat_values.tdir/unbound_server.key b/testdata/stat_values.tdir/unbound_server.key new file mode 100644 index 000000000000..370a7bbb2f22 --- /dev/null +++ b/testdata/stat_values.tdir/unbound_server.key @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG5AIBAAKCAYEAvjSVSN2QMXudpzukdLCqgg/IOhCX8KYkD0FFFfWcQjgKq5wI +0x41iG32a6wbGanre4IX7VxaSPu9kkHfnGgynCk5nwDRedE/FLFhAU78PoT0+Nqq +GRS7XVQ24vLmIz9Hqc2Ozx1um1BXBTmIT0UfN2e22I0LWQ6a3seZlEDRj45gnk7Z +uh9MDgotaBdm+v1JAbupSf6Zis4VEH3JNdvVGE3O1DHEIeuuz/3BDhpf6WBDH+8K +WaBe1ca4TZHr9ThL2gEMEfAQl0wXDwRWRoi3NjNMH+mw0L1rjwThI5GXqNIee7o5 +FzUReSXZuTdFMyGe3Owcx+XoYnwi6cplSNoGsDBu4B9bKKglR9YleJVw4L4Xi8xP +q6O9UPj4+nypHk/DOoC7DIM3ufN0yxPBsFo5TVowxfhdjZXJbbftd2TZv7AH8+XL +A5UoZgRzXgzECelXSCTBFlMTnT48LfA9pMLydyjAz2UdPHs5Iv+TK5nnI+aJoeaP +7kFZSngxdy1+A/bNAgMBAAECggGBALpTOIqQwVg4CFBylL/a8K1IWJTI/I65sklf +XxYL7G7SB2HlEJ//z+E+F0+S4Vlao1vyLQ5QkgE82pAUB8FoMWvY1qF0Y8A5wtm6 +iZSGk4OLK488ZbT8Ii9i+AGKgPe2XbVxsJwj8N4k7Zooqec9hz73Up8ATEWJkRz7 +2u7oMGG4z91E0PULA64dOi3l/vOQe5w/Aa+CwVbAWtI05o7kMvQEBMDJn6C7CByo +MB5op9wueJMnz7PM7hns+U7Dy6oE4ljuolJUy51bDzFWwoM54cRoQqLFNHd8JVQj +WxldCkbfF43iyprlsEcUrTyUjtdA+ZeiG39vg/mtdmgNpGmdupHJZQvSuG8IcVlz +O+eMSeQS1QXPD6Ik8UK4SU0h+zOl8xIWtRrsxQuh4fnTN40udm/YUWl/6gOebsBI +IrVLlKGqJSfB3tMjpCRqdTzJ0dA9keVpkqm2ugZkxEf1+/efq/rFIQ2pUBLCqNTN +qpNqruK8y8FphP30I2uI4Ej2UIB8AQKBwQDd2Yptj2FyDyaXCycsyde0wYkNyzGU +dRnzdibfHnMZwjgTjwAwgIUBVIS8H0/z7ZJQKN7osJfddMrtjJtYYUk9g/dCpHXs +bNh2QSoWah3FdzNGuWd0iRf9+LFxhjAAMo/FS8zFJAJKrFsBdCGTfFUMdsLC0bjr +YjiWBuvV72uKf8XIZX5KIZruKdWBBcWukcb21R1UDyFYyXRBsly5XHaIYKZql3km +7pV7MKWO0IYgHbHIqGUqPQlzZ/lkunS1jKECgcEA23wHffD6Ou9/x3okPx2AWpTr +gh8rgqbyo6hQkBW5Y90Wz824cqaYebZDaBR/xlVx/YwjKkohv8Bde2lpH/ZxRZ1Z +5Sk2s6GJ/vU0L9RsJZgCgj4L6Coal1NMxuZtCXAlnOpiCdxSZgfqbshbTVz30KsG +ZJG361Cua1ScdAHxlZBxT52/1Sm0zRC2hnxL7h4qo7Idmtzs40LAJvYOKekR0pPN +oWeJfra7vgx/jVNvMFWoOoSLpidVO4g+ot4ery6tAoHAdW3rCic1C2zdnmH28Iw+ +s50l8Lk3mz+I5wgJd1zkzCO0DxZIoWPGA3g7cmCYr6N3KRsZMs4W9NAXgjpFGDkW +zYsG3K21BdpvkdjYcFjnPVjlOXB2RIc0vehf9Jl02wXoeCSxVUDEPcaRvWk9RJYx +ZpGOchUU7vNkxHURbIJ4yCzuAi9G8/Jp0dsu+kaV5tufF5SjG5WOrzKjaQsCbdN1 +oqaWMCHRrTvov/Z2C+xwsptFOdN5CSyZzg6hQiI4GMlBAoHAXyb6KINcOEi0YMp3 +BFXJ23tMTnEs78tozcKeipigcsbaqORK3omS+NEnj+uzKUzJyl4CsMbKstK2tFYS +mSTCHqgE3PBtIpsZtEqhgUraR8IK9GPpzZDTTl9ynZgwFTNlWw3RyuyVXF56J+T8 +kCGJ3hEHCHqT/ZRQyX85BKIDFhA0z4tYKxWVqIFiYBNq56R0X9tMMmMs36mEnF93 +7Ht6mowxTZQRa7nU0qOgeKh/P7ki4Zus3y+WJ+T9IqahLtlRAoHBAIhqMrcxSAB8 +RpB9jukJlAnidw2jCMPgrFE8tP0khhVvGrXMldxAUsMKntDIo8dGCnG1KTcWDI0O +jepvSPHSsxVLFugL79h0eVIS5z4huW48i9xgU8VlHdgAcgEPIAOFcOw2BCu/s0Vp +O+MM/EyUOdo3NsibB3qc/GJI6iNBYS7AljYEVo6rXo5V/MZvZUF4vClen6Obzsre +MTTb+4sJjfqleWuvr1XNMeu2mBfXBQkWGZP1byBK0MvD/aQ2PWq92A== +-----END RSA PRIVATE KEY----- diff --git a/testdata/stat_values.tdir/unbound_server.pem b/testdata/stat_values.tdir/unbound_server.pem new file mode 100644 index 000000000000..986807310f2b --- /dev/null +++ b/testdata/stat_values.tdir/unbound_server.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDqzCCAhMCFBHWXeQ6ZIa9QcQbXLFfC6tj+KA+MA0GCSqGSIb3DQEBCwUAMBIx +EDAOBgNVBAMMB3VuYm91bmQwHhcNMjAwNzA4MTMzMjI5WhcNNDAwMzI1MTMzMjI5 +WjASMRAwDgYDVQQDDAd1bmJvdW5kMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIB +igKCAYEAvjSVSN2QMXudpzukdLCqgg/IOhCX8KYkD0FFFfWcQjgKq5wI0x41iG32 +a6wbGanre4IX7VxaSPu9kkHfnGgynCk5nwDRedE/FLFhAU78PoT0+NqqGRS7XVQ2 +4vLmIz9Hqc2Ozx1um1BXBTmIT0UfN2e22I0LWQ6a3seZlEDRj45gnk7Zuh9MDgot +aBdm+v1JAbupSf6Zis4VEH3JNdvVGE3O1DHEIeuuz/3BDhpf6WBDH+8KWaBe1ca4 +TZHr9ThL2gEMEfAQl0wXDwRWRoi3NjNMH+mw0L1rjwThI5GXqNIee7o5FzUReSXZ +uTdFMyGe3Owcx+XoYnwi6cplSNoGsDBu4B9bKKglR9YleJVw4L4Xi8xPq6O9UPj4 ++nypHk/DOoC7DIM3ufN0yxPBsFo5TVowxfhdjZXJbbftd2TZv7AH8+XLA5UoZgRz +XgzECelXSCTBFlMTnT48LfA9pMLydyjAz2UdPHs5Iv+TK5nnI+aJoeaP7kFZSngx +dy1+A/bNAgMBAAEwDQYJKoZIhvcNAQELBQADggGBABunf93MKaCUHiZgnoOTinsW +84/EgInrgtKzAyH+BhnKkJOhhR0kkIAx5d9BpDlaSiRTACFon9moWCgDIIsK/Ar7 +JE0Kln9cV//wiiNoFU0O4mnzyGUIMvlaEX6QHMJJQYvL05+w/3AAcf5XmMJtR5ca +fJ8FqvGC34b2WxX9lTQoyT52sRt+1KnQikiMEnEyAdKktMG+MwKsFDdOwDXyZhZg +XZhRrfX3/NVJolqB6EahjWIGXDeKuSSKZVtCyib6LskyeMzN5lcRfvubKDdlqFVF +qlD7rHBsKhQUWK/IO64mGf7y/de+CgHtED5vDvr/p2uj/9sABATfbrOQR3W/Of25 +sLBj4OEfrJ7lX8hQgFaxkMI3x6VFT3W8dTCp7xnQgb6bgROWB5fNEZ9jk/gjSRmD +yIU+r0UbKe5kBk/CmZVFXL2TyJ92V5NYEQh8V4DGy19qZ6u/XKYyNJL4ocs35GGe +CA8SBuyrmdhx38h1RHErR2Skzadi1S7MwGf1y431fQ== +-----END CERTIFICATE----- diff --git a/testdata/stream_ssl.tdir/stream_ssl.test b/testdata/stream_ssl.tdir/stream_ssl.test index 08bbcdee9205..b5bc2d911b62 100644 --- a/testdata/stream_ssl.tdir/stream_ssl.test +++ b/testdata/stream_ssl.tdir/stream_ssl.test @@ -11,11 +11,12 @@ get_make # first test streamtcp against the server unbound. echo "> streamtcp -s www.example.com A IN" -$PRE/streamtcp -s -f 127.0.0.1@$SERV_PORT www.example.com. A IN >outfile 2>&1 +$PRE/streamtcp -s -f 127.0.0.1@$SERV_PORT www.example.com. A IN >outfile 2>outerr if test "$?" -ne 0; then echo "exit status not OK" echo "> cat logfiles" cat outfile + cat outerr echo "SSLSERVICE" cat unboundserv.log echo "SSLCLIENT" @@ -27,6 +28,7 @@ else fi echo "> cat logfiles" cat outfile +cat outerr echo "SSLSERVICE" cat unboundserv.log echo "SSLCLIENT" diff --git a/testdata/val_cnametocnamewctoposwc.rpl b/testdata/val_cnametocnamewctoposwc.rpl index f17f5aafcaaf..c290026baa20 100644 --- a/testdata/val_cnametocnamewctoposwc.rpl +++ b/testdata/val_cnametocnamewctoposwc.rpl @@ -186,7 +186,7 @@ ENTRY_END STEP 10 CHECK_ANSWER ENTRY_BEGIN MATCH all -REPLY QR RD RA AD DO NOERROR +REPLY QR TC RD RA AD DO NOERROR SECTION QUESTION start.example.com. IN A SECTION ANSWER @@ -201,11 +201,7 @@ SECTION AUTHORITY *.wc.example.com. 86400 IN RRSIG NSEC 8 3 86400 20121126131853 20121029131853 64050 example.com. YrmCLu0uGgD2gcU4p12BGnUGYcrKmfg82MJHSF5OnVmmJxXiSbSBnZPahbJNGA/kPLt+SlDyBTcssZKXWxM6bW7WF57OwffOj7rMyr5vhx7J6OsuWKotPVqnUFDx9j/rOum24yCKqoBWvpW/RYUHLuX1Wm05WMCgNWhuN4wqwiU= *.end.example.com. 86400 IN NSEC escapedtext.example.com. A RRSIG NSEC *.end.example.com. 86400 IN RRSIG NSEC 8 3 86400 20121126131826 20121029131826 64050 example.com. P6uJSImaee+5NHlTP06pMxgO69qxjJc0Uo1+htjVyE8f15MhG8A7NttvzggbtyzmfLMPr7TilM+Mm7hC3pIk/TeBEdH8p+8qypnY0NzPntz5z1+6C6ZTjDXp6NxDwMz7th31r3B3u4xo/K4qMnXmrAFOIE5Lopk0uDGXfjKPCKE= -example.com. 3600 IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 8 2 3600 20121126131826 20121029131826 64050 example.com. NgY7UAdkXprnCi/O6c5XoB82tqLBd1bY9LmDG9wwN0zEUR5aHQcOmX9waHyqXQI86SOFQbGCvO2wDLqdqWniw1IYf4S66Vf9KrpaH2gVbvHKiEpGJPeDYQcD5xkv50Lsp4ktcLyuO/dk8ORCP7E2yC5IQVNeFgUfaqttZcJoxuQ= SECTION ADDITIONAL -ns.example.com. 3600 IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 8 2 3600 20121126123249 20121029123249 64050 example.com. zxGyimwFsd39j8T7jJ+tSAQPwZ7tjk6HHmzosTMCRePM4k4newbLb5HbrpucSiW/plaEZvjRTDTJ6bPkw0msPXjPCI/22Zh236XO5vhGtMOlxDgAEazuhifVF6UsM7GZwONPBCvw705HgWQyCR1YlTK2w9ffH3GopU9f4oP7Pmk= ENTRY_END SCENARIO_END diff --git a/testdata/val_nsec3_cnametocnamewctoposwc.rpl b/testdata/val_nsec3_cnametocnamewctoposwc.rpl index 23d2b6a89c44..0fba0e2e17e7 100644 --- a/testdata/val_nsec3_cnametocnamewctoposwc.rpl +++ b/testdata/val_nsec3_cnametocnamewctoposwc.rpl @@ -184,7 +184,7 @@ ENTRY_END STEP 10 CHECK_ANSWER ENTRY_BEGIN MATCH all -REPLY QR RD RA AD DO NOERROR +REPLY QR TC RD RA AD DO NOERROR SECTION QUESTION start.example.com. IN A SECTION ANSWER @@ -199,11 +199,7 @@ isjq5aarcp8p5sukc56g961cccjus5u2.example.com. 86400 IN NSEC3 1 0 1 abcd isoaarj isjq5aarcp8p5sukc56g961cccjus5u2.example.com. 86400 IN RRSIG NSEC3 8 3 86400 20121126123259 20121029123259 64050 example.com. Cxwzq1DUQvhkTVHEJHlb92c511Y+uJy/C0yL9br6W/5lB/usuSiK2DjW58ibPh2kLH1P3SpGqd1Y7LigptdXoPBDFakcNcimPWCN93R3J80+vrHHPkPyIsBaywwYI3SNGgfnHfPF+wmH+tZ1vfEHbigOxqPFK+T0ntKq7dkSndg= a61sejfu6am5a36p628t4s089s309o44.example.com. 86400 IN NSEC3 1 0 1 abcd a64lt5ij9a1up15h5cdsn1u2071901hu A RRSIG a61sejfu6am5a36p628t4s089s309o44.example.com. 86400 IN RRSIG NSEC3 8 3 86400 20121126123315 20121029123315 64050 example.com. gfBu4oqo9cVxJbqrw2Ly7mK638kGPOF8l8eh7ovalniwkU3F+PNYJyfSE9yGX8tMGbXrkEW9mAzAh39igr2+Bbzi9WPTRp4RDVM0qw+eyMmQRPWKt7FeanDtP+OcdVp0Hf2aPzsgmgTdS6s0AboUq1rX53H2M6F8xAiwPrBJXDQ= -example.com. 3600 IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 8 2 3600 20121126123249 20121029123249 64050 example.com. cpLjgKPacNxVIGo59tYMZ98GVYpH28WHRWj3AeIHK0StYFcAlflGLdkae1LEgMwfUmzrayrA5GMe3AH8LyuTgA2Dn1oNFxGfuShQvK2MFQ+LxvQfiuoqlAlL5Aa94IWcSoU/wLrr66I1K8oSB2yK1Tyyv73c2N40D1mBbzIE70U= SECTION ADDITIONAL -ns.example.com. 3600 IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 8 2 3600 20121126123249 20121029123249 64050 example.com. zxGyimwFsd39j8T7jJ+tSAQPwZ7tjk6HHmzosTMCRePM4k4newbLb5HbrpucSiW/plaEZvjRTDTJ6bPkw0msPXjPCI/22Zh236XO5vhGtMOlxDgAEazuhifVF6UsM7GZwONPBCvw705HgWQyCR1YlTK2w9ffH3GopU9f4oP7Pmk= ENTRY_END SCENARIO_END diff --git a/testdata/val_stub_noroot.rpl b/testdata/val_stub_noroot.rpl index 4235bcc5213b..07113bef7f8a 100644 --- a/testdata/val_stub_noroot.rpl +++ b/testdata/val_stub_noroot.rpl @@ -3,8 +3,6 @@ server: target-fetch-policy: "0 0 0 0 0" trust-anchor: "lp0.eu. IN DNSKEY 257 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3" val-override-date: "20100913111500" - ; the dlv anchor is completely ignored, but here to test that. - dlv-anchor: "dlv.isc.org. IN DNSKEY 257 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3" fake-sha1: yes trust-anchor-signaling: no minimal-responses: no diff --git a/testdata/val_unalgo_dlv.rpl b/testdata/val_unalgo_dlv.rpl deleted file mode 100644 index 142beae8d10b..000000000000 --- a/testdata/val_unalgo_dlv.rpl +++ /dev/null @@ -1,284 +0,0 @@ -; config options -; The island of trust is at example.com (the DLV repository) -server: - dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" - val-override-date: "20070916134226" - target-fetch-policy: "0 0 0 0 0" - qname-minimisation: "no" - fake-sha1: yes - trust-anchor-signaling: no - minimal-responses: no - -stub-zone: - name: "." - stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. -CONFIG_END - -SCENARIO_BEGIN Test validator with unknown algorithm DLV anchor -; positive response for DLV. -; but only has unknown algos -; have to treat zone as insecure - -; K.ROOT-SERVERS.NET. -RANGE_BEGIN 0 100 - ADDRESS 193.0.14.129 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -. IN NS -SECTION ANSWER -. IN NS K.ROOT-SERVERS.NET. -SECTION ADDITIONAL -K.ROOT-SERVERS.NET. IN A 193.0.14.129 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -com. IN A -SECTION AUTHORITY -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -net. IN A -SECTION AUTHORITY -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END -RANGE_END - -; a.gtld-servers.net. -RANGE_BEGIN 0 100 - ADDRESS 192.5.6.30 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -com. IN NS -SECTION ANSWER -com. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net. IN NS -SECTION ANSWER -net. IN NS a.gtld-servers.net. -SECTION ADDITIONAL -a.gtld-servers.net. IN A 192.5.6.30 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.com. IN A -SECTION AUTHORITY -example.com. IN NS ns.example.com. -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ENTRY_END - -ENTRY_BEGIN -MATCH opcode subdomain -ADJUST copy_id copy_query -REPLY QR NOERROR -SECTION QUESTION -example.net. IN A -SECTION AUTHORITY -example.net. IN NS ns.example.net. -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ENTRY_END -RANGE_END - -; ns.example.com. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.4 -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN NS -SECTION ANSWER -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; response to DNSKEY priming query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.com. IN DNSKEY -SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} -example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -; DLV query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net.example.com. IN DLV -SECTION ANSWER -; algo 208 is unknown -example.net.example.com. 3600 IN DLV 30899 208 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -example.net.example.com. 3600 IN RRSIG DLV 3 4 3600 20070926134150 20070829134150 2854 example.com. AFBU1dN/KstcLfQQzy7ZKvPq+2hQg7D6QynqgwI3f8envPQGj782/NA= ;{id = 2854} -;example.net.example.com. 3600 IN DLV 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -;example.net.example.com. 3600 IN RRSIG DLV 3 4 3600 20070926134150 20070829134150 2854 example.com. ACK48Q/oKwh/SM9yRiKjZYuc+AtEZ2yCPNJ15kKCN8nsVcv7xigmNTY= ;{id = 2854} -SECTION AUTHORITY -example.com. IN NS ns.example.com. -example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} -SECTION ADDITIONAL -ns.example.com. IN A 1.2.3.4 -ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -net.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NXDOMAIN -SECTION QUESTION -com.example.com. IN DLV -SECTION ANSWER -SECTION AUTHORITY -example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 -example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} -example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC -example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} -ENTRY_END - -RANGE_END - -; ns.example.net. -RANGE_BEGIN 0 100 - ADDRESS 1.2.3.5 -; DS RR is -; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix -; DNSKEY prime query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN DNSKEY -SECTION ANSWER -example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} -example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; NS query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -example.net. IN NS -SECTION ANSWER -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -; www.example.net query -ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id -REPLY QR NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - - -RANGE_END - -STEP 1 QUERY -ENTRY_BEGIN -REPLY RD DO -SECTION QUESTION -www.example.net. IN A -ENTRY_END - -; recursion happens here. -STEP 10 CHECK_ANSWER -ENTRY_BEGIN -MATCH all -REPLY QR RD RA DO NOERROR -SECTION QUESTION -www.example.net. IN A -SECTION ANSWER -www.example.net. 3600 IN A 10.20.30.40 -www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} -SECTION AUTHORITY -example.net. IN NS ns.example.net. -example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} -SECTION ADDITIONAL -ns.example.net. IN A 1.2.3.5 -ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} -ENTRY_END - -SCENARIO_END diff --git a/util/config_file.c b/util/config_file.c index 0e9ee471b1bb..b789c3359979 100644 --- a/util/config_file.c +++ b/util/config_file.c @@ -78,6 +78,8 @@ gid_t cfg_gid = (gid_t)-1; int autr_permit_small_holddown = 0; /** size (in bytes) of stream wait buffers max */ size_t stream_wait_max = 4 * 1024 * 1024; +size_t http2_query_buffer_max = 4 * 1024 * 1024; +size_t http2_response_buffer_max = 4 * 1024 * 1024; /** global config during parsing */ struct config_parser_state* cfg_parser = 0; @@ -117,6 +119,12 @@ config_create(void) cfg->tls_cert_bundle = NULL; cfg->tls_win_cert = 0; cfg->tls_use_sni = 1; + cfg->https_port = UNBOUND_DNS_OVER_HTTPS_PORT; + if(!(cfg->http_endpoint = strdup("/dns-query"))) goto error_exit; + cfg->http_max_streams = 100; + cfg->http_query_buffer_size = 4*1024*1024; + cfg->http_response_buffer_size = 4*1024*1024; + cfg->http_nodelay = 1; cfg->use_syslog = 1; cfg->log_identity = NULL; /* changed later with argv[0] */ cfg->log_time_ascii = 0; @@ -144,7 +152,7 @@ config_create(void) cfg->incoming_num_tcp = 2; #endif cfg->stream_wait_size = 4 * 1024 * 1024; - cfg->edns_buffer_size = 4096; /* 4k from rfc recommendation */ + cfg->edns_buffer_size = 1232; /* from DNS flagday recommendation */ cfg->msg_buffer_size = 65552; /* 64 k + a small margin */ cfg->msg_cache_size = 4 * 1024 * 1024; cfg->msg_cache_slabs = 4; @@ -233,8 +241,6 @@ config_create(void) cfg->trusted_keys_file_list = NULL; cfg->trust_anchor_signaling = 1; cfg->root_key_sentinel = 1; - cfg->dlv_anchor_file = NULL; - cfg->dlv_anchor_list = NULL; cfg->domain_insecure = NULL; cfg->val_date_override = 0; cfg->val_sig_skew_min = 3600; /* at least daylight savings trouble */ @@ -315,6 +321,8 @@ config_create(void) cfg->qname_minimisation_strict = 0; cfg->shm_enable = 0; cfg->shm_key = 11777; + cfg->edns_client_tags = NULL; + cfg->edns_client_tag_opcode = LDNS_EDNS_CLIENT_TAG; cfg->dnscrypt = 0; cfg->dnscrypt_port = 0; cfg->dnscrypt_provider = NULL; @@ -490,6 +498,8 @@ int config_set_option(struct config_file* cfg, const char* opt, else S_YNO("do-ip6:", do_ip6) else S_YNO("do-udp:", do_udp) else S_YNO("do-tcp:", do_tcp) + else S_YNO("prefer-ip4:", prefer_ip4) + else S_YNO("prefer-ip6:", prefer_ip6) else S_YNO("tcp-upstream:", tcp_upstream) else S_YNO("udp-upstream-without-downstream:", udp_upstream_without_downstream) @@ -511,6 +521,12 @@ int config_set_option(struct config_file* cfg, const char* opt, else S_STR("tls-ciphers:", tls_ciphers) else S_STR("tls-ciphersuites:", tls_ciphersuites) else S_YNO("tls-use-sni:", tls_use_sni) + else S_NUMBER_NONZERO("https-port:", https_port) + else S_STR("http-endpoint", http_endpoint) + else S_NUMBER_NONZERO("http-max-streams", http_max_streams) + else S_MEMSIZE("http-query-buffer-size", http_query_buffer_size) + else S_MEMSIZE("http-response-buffer-size", http_response_buffer_size) + else S_YNO("http-nodelay", http_nodelay) else S_YNO("interface-automatic:", if_automatic) else S_YNO("use-systemd:", use_systemd) else S_YNO("do-daemonize:", do_daemonize) @@ -581,8 +597,6 @@ int config_set_option(struct config_file* cfg, const char* opt, else S_STRLIST("trusted-keys-file:", trusted_keys_file_list) else S_YNO("trust-anchor-signaling:", trust_anchor_signaling) else S_YNO("root-key-sentinel:", root_key_sentinel) - else S_STR("dlv-anchor-file:", dlv_anchor_file) - else S_STRLIST("dlv-anchor:", dlv_anchor_list) else S_STRLIST("domain-insecure:", domain_insecure) else S_NUMBER_OR_ZERO("val-bogus-ttl:", bogus_ttl) else S_YNO("val-clean-additional:", val_clean_additional) @@ -950,6 +964,8 @@ config_get_option(struct config_file* cfg, const char* opt, else O_YNO(opt, "do-ip6", do_ip6) else O_YNO(opt, "do-udp", do_udp) else O_YNO(opt, "do-tcp", do_tcp) + else O_YNO(opt, "prefer-ip4", prefer_ip4) + else O_YNO(opt, "prefer-ip6", prefer_ip6) else O_YNO(opt, "tcp-upstream", tcp_upstream) else O_YNO(opt, "udp-upstream-without-downstream", udp_upstream_without_downstream) else O_DEC(opt, "tcp-mss", tcp_mss) @@ -968,6 +984,12 @@ config_get_option(struct config_file* cfg, const char* opt, else O_STR(opt, "tls-ciphers", tls_ciphers) else O_STR(opt, "tls-ciphersuites", tls_ciphersuites) else O_YNO(opt, "tls-use-sni", tls_use_sni) + else O_DEC(opt, "https-port", https_port) + else O_STR(opt, "http-endpoint", http_endpoint) + else O_UNS(opt, "http-max-streams", http_max_streams) + else O_MEM(opt, "http-query-buffer-size", http_query_buffer_size) + else O_MEM(opt, "http-response-buffer-size", http_response_buffer_size) + else O_YNO(opt, "http-nodelay", http_nodelay) else O_YNO(opt, "use-systemd", use_systemd) else O_YNO(opt, "do-daemonize", do_daemonize) else O_STR(opt, "chroot", chrootdir) @@ -998,7 +1020,6 @@ config_get_option(struct config_file* cfg, const char* opt, else O_DEC(opt, "unwanted-reply-threshold", unwanted_threshold) else O_YNO(opt, "do-not-query-localhost", donotquery_localhost) else O_STR(opt, "module-config", module_conf) - else O_STR(opt, "dlv-anchor-file", dlv_anchor_file) else O_DEC(opt, "val-bogus-ttl", bogus_ttl) else O_YNO(opt, "val-clean-additional", val_clean_additional) else O_DEC(opt, "val-log-level", val_log_level) @@ -1036,7 +1057,6 @@ config_get_option(struct config_file* cfg, const char* opt, else O_LST(opt, "trusted-keys-file", trusted_keys_file_list) else O_YNO(opt, "trust-anchor-signaling", trust_anchor_signaling) else O_YNO(opt, "root-key-sentinel", root_key_sentinel) - else O_LST(opt, "dlv-anchor", dlv_anchor_list) else O_LST(opt, "control-interface", control_ifs.first) else O_LST(opt, "domain-insecure", domain_insecure) else O_UNS(opt, "val-override-date", val_date_override) @@ -1130,6 +1150,7 @@ config_get_option(struct config_file* cfg, const char* opt, else O_LS3(opt, "access-control-tag-action", acl_tag_actions) else O_LS3(opt, "access-control-tag-data", acl_tag_datas) else O_LS2(opt, "access-control-view", acl_view) + else O_LS2(opt, "edns-client-tags", edns_client_tags) #ifdef USE_IPSECMOD else O_YNO(opt, "ipsecmod-enabled", ipsecmod_enabled) else O_YNO(opt, "ipsecmod-ignore-bogus", ipsecmod_ignore_bogus) @@ -1391,8 +1412,8 @@ config_delviews(struct config_view* p) p = np; } } -/** delete string array */ -static void + +void config_del_strarray(char** array, int num) { int i; @@ -1434,6 +1455,7 @@ config_delete(struct config_file* cfg) config_delstrlist(cfg->tls_session_ticket_keys.first); free(cfg->tls_ciphers); free(cfg->tls_ciphersuites); + free(cfg->http_endpoint); if(cfg->log_identity) { log_ident_revert_to_default(); free(cfg->log_identity); @@ -1462,8 +1484,6 @@ config_delete(struct config_file* cfg) config_delstrlist(cfg->trusted_keys_file_list); config_delstrlist(cfg->trust_anchor_list); config_delstrlist(cfg->domain_insecure); - free(cfg->dlv_anchor_file); - config_delstrlist(cfg->dlv_anchor_list); config_deldblstrlist(cfg->acls); config_deldblstrlist(cfg->tcp_connection_limits); free(cfg->val_nsec3_key_iterations); @@ -1499,6 +1519,7 @@ config_delete(struct config_file* cfg) config_deldblstrlist(cfg->ratelimit_below_domain); config_delstrlist(cfg->python_script); config_delstrlist(cfg->dynlib_file); + config_deldblstrlist(cfg->edns_client_tags); #ifdef USE_IPSECMOD free(cfg->ipsecmod_hook); config_delstrlist(cfg->ipsecmod_whitelist); @@ -2043,6 +2064,8 @@ config_apply(struct config_file* config) log_set_time_asc(config->log_time_ascii); autr_permit_small_holddown = config->permit_small_holddown; stream_wait_max = config->stream_wait_size; + http2_query_buffer_max = config->http_query_buffer_size; + http2_response_buffer_max = config->http_response_buffer_size; } void config_lookup_uid(struct config_file* cfg) diff --git a/util/config_file.h b/util/config_file.h index 66e5025d05b2..7750eaa0e6b0 100644 --- a/util/config_file.h +++ b/util/config_file.h @@ -131,6 +131,19 @@ struct config_file { /** if SNI is to be used */ int tls_use_sni; + /** port on which to provide DNS over HTTPS service */ + int https_port; + /** endpoint for HTTP service */ + char* http_endpoint; + /** MAX_CONCURRENT_STREAMS HTTP/2 setting */ + uint32_t http_max_streams; + /** maximum size of all HTTP2 query buffers combined. */ + size_t http_query_buffer_size; + /** maximum size of all HTTP2 response buffers combined. */ + size_t http_response_buffer_size; + /** set TCP_NODELAY option for http sockets */ + int http_nodelay; + /** outgoing port range number of ports (per thread) */ int outgoing_num_ports; /** number of outgoing tcp buffers per (per thread) */ @@ -331,10 +344,6 @@ struct config_file { struct config_strlist* auto_trust_anchor_file_list; /** files with trusted DNSKEYs in named.conf format, list */ struct config_strlist* trusted_keys_file_list; - /** DLV anchor file */ - char* dlv_anchor_file; - /** DLV anchor inline */ - struct config_strlist* dlv_anchor_list; /** insecure domain list */ struct config_strlist* domain_insecure; /** send key tag query */ @@ -553,6 +562,11 @@ struct config_file { /** SHM data - key for the shm */ int shm_key; + /** list of EDNS client tag entries, linked list */ + struct config_str2list* edns_client_tags; + /** EDNS opcode to use for EDNS client tags */ + uint16_t edns_client_tag_opcode; + /** DNSCrypt */ /** true to enable dnscrypt */ int dnscrypt; @@ -625,6 +639,10 @@ extern gid_t cfg_gid; extern int autr_permit_small_holddown; /** size (in bytes) of stream wait buffers max */ extern size_t stream_wait_max; +/** size (in bytes) of all total HTTP2 query buffers max */ +extern size_t http2_query_buffer_max; +/** size (in bytes) of all total HTTP2 response buffers max */ +extern size_t http2_response_buffer_max; /** * Stub config options @@ -970,6 +988,9 @@ void config_deldblstrlist(struct config_str2list* list); */ void config_deltrplstrlist(struct config_str3list* list); +/** delete string array */ +void config_del_strarray(char** array, int num); + /** delete stringbytelist */ void config_del_strbytelist(struct config_strbytelist* list); diff --git a/util/configlexer.c b/util/configlexer.c index 004b334cffad..a57aaa53fe2a 100644 --- a/util/configlexer.c +++ b/util/configlexer.c @@ -354,8 +354,8 @@ static void yynoreturn yy_fatal_error ( const char* msg ); (yy_hold_char) = *yy_cp; \ *yy_cp = '\0'; \ (yy_c_buf_p) = yy_cp; -#define YY_NUM_RULES 323 -#define YY_END_OF_BUFFER 324 +#define YY_NUM_RULES 334 +#define YY_END_OF_BUFFER 335 /* This struct is not used in this scanner, but its presence is necessary. */ struct yy_trans_info @@ -363,353 +363,366 @@ struct yy_trans_info flex_int32_t yy_verify; flex_int32_t yy_nxt; }; -static const flex_int16_t yy_accept[3137] = +static const flex_int16_t yy_accept[3253] = { 0, - 1, 1, 297, 297, 301, 301, 305, 305, 309, 309, - 1, 1, 313, 313, 317, 317, 324, 321, 1, 295, - 295, 322, 2, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 322, 297, 298, 298, 299, - 322, 301, 302, 302, 303, 322, 308, 305, 306, 306, - 307, 322, 309, 310, 310, 311, 322, 320, 296, 2, - 300, 320, 322, 316, 313, 314, 314, 315, 322, 317, - 318, 318, 319, 322, 321, 0, 1, 2, 2, 2, - 2, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 297, 0, 301, 0, - 308, 0, 305, 309, 0, 320, 0, 2, 2, 320, - 316, 0, 313, 317, 0, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 320, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 115, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 123, - 321, 321, 321, 321, 321, 321, 321, 320, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 99, 321, 321, 321, 321, 321, - 321, 8, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 116, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 128, 321, 320, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 290, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 320, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 57, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 227, 321, 14, 15, 321, 19, 18, 321, 321, 211, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 122, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 209, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 3, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 320, 321, 321, - 321, 321, 321, 321, 321, 284, 321, 321, 283, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 304, 321, 321, - 321, 321, 321, 321, 321, 56, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 60, 321, 258, 321, 321, 321, 321, 321, - 321, 321, 321, 291, 292, 321, 321, 321, 321, 321, - 61, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 119, 321, 321, - 321, 321, 321, 321, 321, 321, 198, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 21, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 147, 321, 321, 320, - 304, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 97, 321, 321, 321, 321, 321, 321, 321, 266, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 170, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 146, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 96, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 32, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 33, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 58, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 121, 320, 321, 321, 321, 321, - 321, 114, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 59, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 231, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 171, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 47, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 249, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 51, 321, 52, 321, 321, 321, 321, 321, 100, - 321, 101, 321, 321, 321, 321, 98, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 7, 321, 320, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 220, 321, 321, 321, 321, - 149, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 232, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 48, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 190, - 321, 189, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 16, 17, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 62, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 197, 321, 321, 321, 321, - 321, 321, 103, 321, 102, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 181, 321, 321, 321, - - 321, 321, 321, 321, 321, 129, 320, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 81, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 210, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 85, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 55, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 184, 185, 321, 321, 321, 260, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 6, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 264, 321, 321, 321, 321, 321, 321, - 285, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 42, 321, 321, 321, 321, 44, 321, 321, 321, - 321, 321, 321, 321, 321, 45, 321, 321, 321, 321, - 321, 321, 321, 320, 321, 177, 321, 321, 321, 124, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 202, 321, 178, 321, 321, 321, 217, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 46, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 126, 108, 321, - 109, 321, 321, 321, 107, 321, 321, 321, 321, 321, - 321, 321, 321, 144, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 248, 321, 321, 321, - 321, 321, 321, 321, 321, 179, 321, 321, 321, 321, - 321, 182, 321, 188, 321, 321, 321, 321, 321, 216, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 95, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 120, 321, 321, 321, 321, 321, 321, - 53, 321, 321, 321, 26, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 20, 321, 321, 321, 321, 321, - 321, 27, 36, 321, 154, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 320, 321, - 321, 321, 321, 321, 321, 70, 72, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 268, 321, 321, 321, 321, 228, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 110, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 143, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 279, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 148, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 208, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 288, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 165, - 321, 321, 321, 321, 321, 321, 321, 321, 104, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 160, 321, - 172, 321, 321, 321, 321, 320, 321, 132, 321, 321, - 321, 321, 321, 91, 321, 321, 321, 321, 200, 321, - 321, 321, 321, 321, 321, 218, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 240, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 125, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 164, 321, 321, 321, 321, 321, 321, - 73, 74, 321, 321, 321, 321, 321, 54, 321, 321, - 321, 321, 321, 80, 173, 321, 191, 321, 221, 321, - 321, 183, 261, 321, 321, 321, 321, 321, 66, 321, - 175, 321, 321, 321, 321, 321, 9, 321, 321, 321, - 94, 321, 321, 321, 321, 253, 321, 321, 321, 321, - 199, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 320, 321, 321, 321, - 321, 163, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 150, 321, 267, 321, 321, 321, 321, 321, - 239, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 212, 321, 321, 321, 321, 259, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 282, 321, 174, 321, 321, 321, 321, - 321, 321, 321, 65, 67, 321, 321, 321, 321, 321, - 321, 321, 93, 321, 321, 321, 321, 251, 321, 321, - - 321, 321, 263, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 204, 34, 28, 30, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 35, 321, 29, - 31, 321, 321, 321, 321, 321, 321, 321, 321, 90, - 321, 321, 321, 321, 321, 321, 320, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 206, 203, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 64, 321, - 321, 127, 321, 111, 321, 321, 321, 321, 321, 321, - 321, 321, 145, 312, 13, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 277, 321, 280, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 12, 321, 321, - 22, 321, 321, 321, 257, 321, 321, 321, 321, 265, - 321, 321, 321, 68, 321, 214, 321, 321, 321, 321, - 205, 321, 321, 63, 321, 321, 321, 321, 23, 321, - 43, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 159, 158, 312, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 207, 201, 321, 219, 321, - 321, 269, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 75, 321, 321, 321, 252, 321, 321, 321, 321, 187, - 321, 321, 321, 321, 213, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 286, 287, 156, 321, 321, 69, - 321, 321, 321, 321, 166, 321, 321, 105, 106, 321, - 321, 321, 321, 151, 321, 153, 321, 192, 321, 321, - 321, 321, 157, 321, 321, 222, 321, 321, 321, 321, - 321, 321, 321, 134, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 230, 321, 321, 321, - 321, 321, 321, 321, 24, 321, 262, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 193, 321, - 321, 250, 321, 281, 321, 186, 321, 321, 321, 321, - 49, 321, 321, 321, 321, 4, 321, 321, 321, 321, - 118, 133, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 225, 37, 38, 321, 321, 321, 321, 321, 321, 321, - 270, 321, 321, 321, 321, 321, 321, 321, 238, 321, - 321, 321, 321, 321, 321, 321, 196, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 78, 321, 50, 256, - 321, 226, 321, 321, 321, 321, 11, 321, 321, 321, - - 321, 321, 321, 117, 321, 321, 321, 321, 194, 82, - 321, 40, 321, 321, 321, 321, 321, 321, 321, 321, - 162, 321, 321, 321, 321, 321, 136, 321, 321, 321, - 321, 229, 321, 321, 321, 321, 321, 237, 321, 321, - 321, 321, 130, 321, 321, 112, 113, 321, 321, 321, - 84, 88, 83, 321, 76, 321, 321, 321, 321, 321, - 10, 321, 321, 321, 254, 289, 321, 321, 321, 321, - 294, 39, 321, 321, 321, 321, 321, 161, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 89, 87, 321, 77, 278, 321, 321, 321, 321, 321, - 321, 321, 180, 321, 321, 321, 321, 321, 195, 321, - 321, 321, 321, 321, 321, 321, 321, 152, 71, 321, - 321, 321, 321, 321, 271, 321, 321, 321, 321, 321, - 321, 321, 234, 321, 321, 233, 131, 321, 86, 137, - 138, 141, 142, 139, 140, 79, 321, 255, 321, 321, - 321, 321, 155, 321, 321, 321, 321, 321, 224, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 168, 167, 41, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 321, 321, 92, 321, 223, 321, 247, 275, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 5, 321, 321, 215, 321, 321, 276, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 235, 25, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - 321, 236, 321, 321, 321, 135, 321, 321, 321, 321, - 321, 321, 321, 321, 169, 321, 176, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 272, 321, 321, 321, - 321, 321, 321, 321, 321, 321, 321, 321, 321, 321, - - 321, 321, 321, 321, 293, 321, 321, 243, 321, 321, - 321, 321, 321, 273, 321, 321, 321, 321, 321, 321, - 274, 321, 321, 321, 241, 321, 244, 245, 321, 321, - 321, 321, 321, 242, 246, 0 + 1, 1, 308, 308, 312, 312, 316, 316, 320, 320, + 1, 1, 324, 324, 328, 328, 335, 332, 1, 306, + 306, 333, 2, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 333, 308, 309, 309, 310, + 333, 312, 313, 313, 314, 333, 319, 316, 317, 317, + 318, 333, 320, 321, 321, 322, 333, 331, 307, 2, + 311, 331, 333, 327, 324, 325, 325, 326, 333, 328, + 329, 329, 330, 333, 332, 0, 1, 2, 2, 2, + 2, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 308, 0, 312, + 0, 319, 0, 316, 320, 0, 331, 0, 2, 2, + 331, 327, 0, 324, 328, 0, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 331, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 122, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 131, 332, 332, 332, 332, 332, 332, + 332, 331, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 106, 332, 332, 332, 332, 332, 332, 8, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 123, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 136, 332, 331, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 299, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 331, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 63, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 235, 332, 14, + 15, 332, 19, 18, 332, 332, 219, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 129, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 217, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 3, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 331, 332, 332, 332, 332, 332, 332, 332, + 293, 332, 332, 292, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 315, 332, 332, 332, 332, 332, 332, 332, 62, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 66, 332, 266, 332, 332, + 332, 332, 332, 332, 332, 332, 300, 301, 332, 332, + 332, 332, 332, 67, 332, 332, 130, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 126, 332, 332, 332, 332, 332, 332, 332, 332, + 206, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 21, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 155, 332, 332, 331, 315, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 104, 332, 332, 332, + + 332, 332, 332, 332, 274, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 178, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 154, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 103, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 32, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 33, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 64, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 128, 331, 332, 332, + 332, 332, 332, 121, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 65, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 239, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 179, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 53, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 257, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 57, 332, 58, 332, 332, 332, 332, 332, + 107, 332, 108, 332, 332, 332, 332, 105, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 7, 332, 331, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 228, 332, 332, + 332, 332, 157, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 240, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 45, 332, 332, 332, 332, + 332, 332, 332, 332, 54, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 198, + 332, 197, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 16, 17, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 68, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 205, 332, 332, 332, 332, + 332, 332, 110, 332, 109, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 189, 332, 332, 332, + 332, 332, 332, 332, 332, 137, 331, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 98, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 87, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 218, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 91, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 61, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 192, 193, 332, 332, 332, 268, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 6, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 272, 332, 332, 332, 332, 332, 332, 294, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 42, + 332, 332, 332, 332, 44, 332, 332, 332, 332, 332, + 332, 332, 332, 51, 332, 332, 332, 332, 332, 332, + 332, 331, 332, 185, 332, 332, 332, 132, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 210, 332, + 186, 332, 332, 332, 225, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 52, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 134, 115, 332, 116, + 332, 332, 332, 114, 332, 332, 332, 332, 332, 332, + 332, 332, 152, 332, 332, 50, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 256, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 187, 332, 332, 332, 332, 332, 190, 332, 196, 332, + 332, 332, 332, 332, 224, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 102, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 127, 332, + 332, 332, 332, 332, 332, 59, 332, 332, 332, 26, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 20, + 332, 332, 332, 332, 332, 332, 27, 36, 332, 162, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 331, 332, 332, 332, 332, 332, 332, + 76, 78, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 276, 332, 332, 332, 332, + 236, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 117, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 151, 332, 46, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 287, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 156, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 216, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 297, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 173, 332, 332, 332, 332, 332, 332, 332, 332, 111, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 168, + 332, 180, 332, 332, 332, 332, 331, 332, 140, 332, + 332, 332, 332, 332, 97, 332, 332, 332, 332, 208, + 332, 332, 332, 332, 332, 332, 226, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 248, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 133, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 172, 332, + 332, 332, 332, 332, 332, 79, 80, 332, 332, 332, + + 332, 332, 60, 290, 332, 332, 332, 332, 332, 86, + 181, 332, 199, 332, 229, 332, 332, 191, 269, 332, + 332, 332, 332, 332, 72, 332, 183, 332, 332, 332, + 332, 332, 9, 332, 332, 332, 101, 332, 332, 332, + 332, 261, 332, 332, 332, 332, 207, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 331, 332, 332, 332, 332, 171, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 158, 332, + 275, 332, 332, 332, 332, 332, 247, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 220, 332, + 332, 304, 332, 332, 332, 267, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 291, 332, 182, 332, 332, 332, + 332, 332, 332, 332, 71, 73, 332, 332, 332, 332, + 332, 332, 332, 100, 332, 332, 332, 332, 259, 332, + 332, 332, 332, 271, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 212, 34, 28, 30, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 35, 332, + 29, 31, 332, 332, 332, 332, 332, 332, 332, 332, + 96, 332, 332, 332, 332, 332, 332, 331, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 214, + 211, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 70, + 332, 332, 332, 135, 332, 118, 332, 332, 332, 332, + 332, 332, 332, 332, 153, 47, 332, 332, 323, 13, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 285, + + 332, 288, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 12, 332, 332, 22, 332, 332, 332, 265, + 332, 332, 332, 332, 273, 332, 332, 332, 74, 332, + 222, 332, 332, 332, 332, 213, 332, 332, 69, 332, + 332, 332, 332, 23, 332, 43, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 167, 166, + 323, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 215, 209, 332, 227, 332, 332, 277, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 81, 332, + 332, 332, 260, 332, 332, 332, 332, 195, 332, 332, + 332, 332, 221, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 295, 296, 164, 332, 332, 75, 332, 332, + 332, 332, 174, 332, 332, 112, 113, 332, 332, 332, + 332, 159, 332, 161, 332, 200, 332, 332, 332, 332, + 165, 332, 332, 230, 332, 332, 332, 332, 332, 332, + 332, 142, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 238, 332, 332, 332, 332, 332, + 332, 332, 332, 24, 332, 270, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 332, 201, + 332, 332, 258, 332, 289, 332, 194, 332, 332, 332, + 332, 55, 332, 332, 332, 332, 4, 332, 332, 332, + 332, 125, 141, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 233, 37, 38, 332, 332, 332, 332, 332, 332, + 332, 278, 332, 332, 332, 332, 332, 332, 332, 246, + 332, 332, 332, 332, 332, 332, 332, 332, 204, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 84, 332, 56, 264, 332, 234, 332, 332, 332, 332, + + 11, 332, 332, 332, 332, 332, 332, 124, 332, 332, + 332, 332, 202, 88, 332, 40, 332, 332, 332, 332, + 332, 332, 332, 332, 170, 332, 332, 332, 332, 332, + 144, 332, 332, 332, 332, 237, 332, 332, 332, 332, + 332, 245, 332, 332, 332, 332, 138, 332, 332, 332, + 119, 120, 332, 332, 332, 90, 94, 89, 332, 332, + 332, 82, 332, 332, 332, 332, 332, 10, 332, 332, + 332, 262, 298, 332, 332, 332, 332, 303, 39, 332, + 332, 332, 332, 332, 169, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 332, 332, 332, 332, 332, 332, 95, 93, + 332, 332, 332, 83, 286, 332, 332, 332, 332, 332, + 332, 332, 188, 332, 332, 332, 332, 332, 203, 332, + 332, 332, 332, 332, 332, 332, 332, 160, 77, 332, + 332, 332, 332, 332, 279, 332, 332, 332, 332, 332, + 332, 332, 242, 332, 332, 241, 139, 305, 332, 92, + 48, 332, 145, 146, 149, 150, 147, 148, 85, 332, + 263, 332, 332, 332, 332, 163, 332, 332, 332, 332, + 332, 232, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + + 176, 175, 41, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 99, 332, + 231, 332, 255, 283, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 49, 5, 332, 332, + 223, 332, 332, 284, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 243, 25, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 244, 332, 332, + 332, 143, 332, 332, 332, 332, 332, 332, 332, 332, + 177, 332, 184, 332, 332, 332, 332, 332, 332, 332, + + 332, 332, 280, 332, 332, 332, 332, 332, 332, 332, + 332, 332, 332, 332, 332, 332, 332, 332, 332, 332, + 302, 332, 332, 251, 332, 332, 332, 332, 332, 281, + 332, 332, 332, 332, 332, 332, 282, 332, 332, 332, + 249, 332, 252, 253, 332, 332, 332, 332, 332, 250, + 254, 0 } ; static const YY_CHAR yy_ec[256] = @@ -755,709 +768,733 @@ static const YY_CHAR yy_meta[67] = 1, 1, 1, 1, 1, 1 } ; -static const flex_int16_t yy_base[3155] = +static const flex_int16_t yy_base[3271] = { 0, 0, 0, 64, 67, 70, 72, 78, 84, 89, 92, - 131, 137, 112, 118, 123, 142, 476, 428, 96, 8937, - 8937, 8937, 160, 185, 116, 183, 229, 132, 175, 173, - 232, 50, 66, 120, 263, 275, 145, 319, 134, 371, - 412, 286, 308, 283, 126, 237, 419, 8937, 8937, 8937, - 95, 418, 8937, 8937, 8937, 186, 394, 423, 8937, 8937, - 8937, 258, 366, 8937, 8937, 8937, 104, 347, 8937, 266, - 8937, 167, 349, 346, 376, 8937, 8937, 8937, 356, 303, - 8937, 8937, 8937, 146, 281, 368, 234, 0, 388, 0, - 0, 291, 270, 235, 193, 259, 339, 367, 340, 177, + 131, 137, 112, 118, 123, 142, 479, 435, 96, 9263, + 9263, 9263, 160, 185, 116, 183, 229, 132, 175, 173, + 232, 50, 66, 120, 263, 275, 151, 319, 134, 371, + 412, 286, 308, 283, 126, 237, 394, 9263, 9263, 9263, + 95, 385, 9263, 9263, 9263, 186, 366, 385, 9263, 9263, + 9263, 258, 340, 9263, 9263, 9263, 104, 338, 9263, 266, + 9263, 167, 349, 303, 319, 9263, 9263, 9263, 356, 273, + 9263, 9263, 9263, 146, 268, 368, 177, 0, 388, 0, + 0, 291, 270, 235, 346, 259, 339, 367, 178, 177, 226, 395, 373, 384, 377, 368, 410, 411, 309, 429, - 357, 408, 438, 444, 416, 458, 455, 443, 467, 480, - 471, 452, 469, 479, 484, 501, 489, 498, 494, 505, - 513, 528, 500, 514, 523, 540, 363, 522, 519, 554, - 539, 250, 549, 573, 571, 566, 550, 535, 576, 600, - 585, 558, 595, 586, 601, 603, 273, 179, 268, 205, - 208, 648, 241, 194, 187, 180, 654, 660, 0, 605, - 138, 664, 168, 128, 341, 609, 652, 639, 644, 654, - 653, 655, 646, 668, 667, 650, 666, 673, 651, 680, - 697, 256, 706, 750, 703, 696, 692, 710, 712, 701, - - 694, 723, 716, 724, 731, 707, 740, 730, 756, 757, - 798, 758, 749, 776, 290, 767, 805, 325, 760, 779, - 806, 787, 783, 807, 810, 814, 786, 809, 817, 801, - 824, 825, 819, 840, 850, 849, 841, 843, 842, 865, - 861, 845, 860, 851, 876, 877, 880, 874, 879, 897, - 883, 891, 886, 910, 889, 914, 900, 901, 916, 919, - 935, 925, 929, 909, 928, 922, 938, 937, 920, 946, - 927, 943, 968, 961, 964, 973, 956, 960, 958, 965, - 978, 972, 987, 991, 988, 980, 187, 984, 1003, 1008, - 996, 995, 1013, 1015, 1011, 1017, 1030, 1014, 1032, 1031, - - 1037, 1041, 1047, 1029, 1054, 1043, 1049, 1044, 1039, 1050, - 1066, 1055, 1076, 1064, 1068, 1084, 1070, 1096, 1075, 1103, - 1098, 1092, 1135, 1097, 1090, 1100, 1136, 1115, 1109, 1134, - 1148, 1164, 1162, 1166, 1143, 1160, 1163, 1121, 1171, 1187, - 1179, 1190, 1185, 1110, 1180, 1189, 1206, 1208, 8937, 1198, - 1214, 1207, 1221, 1232, 1225, 1215, 1246, 1196, 1250, 1213, - 1140, 1234, 1266, 1314, 1254, 1223, 1253, 1257, 1271, 8937, - 1294, 1277, 1363, 1292, 1273, 1263, 1299, 1295, 1301, 1296, - 1318, 1312, 1259, 1323, 1309, 1332, 1357, 1344, 1354, 1360, - 1368, 1364, 1370, 1373, 1371, 1388, 1391, 1397, 1394, 1389, - - 1401, 1415, 1424, 1399, 1409, 1413, 1418, 1281, 1435, 1423, - 1430, 1438, 1441, 1416, 1447, 1451, 1453, 1461, 1462, 1468, - 1475, 1476, 1477, 1465, 1478, 1487, 1490, 1494, 1489, 1500, - 1502, 1386, 1514, 1510, 1506, 1527, 1520, 1516, 1511, 1525, - 1534, 1544, 1528, 1529, 1517, 1536, 1557, 1561, 1552, 1567, - 1569, 1556, 1572, 1426, 8937, 1580, 1576, 1578, 1584, 1562, - 1590, 8937, 1592, 1594, 1601, 1595, 1589, 1611, 1613, 1609, - 1619, 1628, 1620, 1617, 1638, 1629, 1640, 1653, 1637, 1647, - 1641, 1639, 1658, 1664, 1657, 1668, 1659, 1674, 1670, 1720, - 8937, 1661, 1667, 1688, 1684, 1689, 1700, 1724, 1708, 1717, - - 1738, 1716, 1763, 1743, 1711, 1748, 1742, 1773, 1751, 1778, - 1765, 1760, 1767, 1718, 1761, 1786, 1784, 1758, 1781, 1806, - 8937, 1788, 1798, 1819, 1804, 1807, 1808, 1803, 1811, 1608, - 1824, 1823, 1830, 1813, 1837, 1846, 1833, 1847, 1840, 1853, - 1844, 1850, 1857, 1863, 1859, 1854, 1887, 1881, 1861, 1869, - 1896, 1876, 1898, 1904, 1906, 1886, 1897, 1905, 1890, 1903, - 1912, 1913, 1893, 1922, 1924, 1917, 1925, 1908, 1942, 1930, - 1927, 1943, 1932, 1955, 1944, 1959, 1954, 1949, 1956, 1973, - 1952, 1969, 8937, 1985, 1982, 1992, 1994, 1996, 1999, 2003, - 1988, 1979, 2000, 2019, 2009, 1990, 2013, 2024, 2023, 2022, - - 2030, 2031, 2021, 2046, 2041, 2055, 2053, 2040, 2057, 2047, - 2060, 2058, 2067, 2073, 2059, 2097, 2068, 2080, 2091, 2082, - 2079, 2090, 2100, 2092, 2088, 2094, 2126, 2109, 2118, 2108, - 2146, 2121, 2106, 2132, 2123, 2141, 2133, 2136, 2137, 2147, - 2145, 2152, 2158, 2167, 2160, 2168, 2159, 2161, 2172, 2181, - 2195, 2186, 2179, 2178, 2182, 2194, 2199, 2203, 2202, 2213, - 2214, 2207, 2221, 2215, 2234, 2218, 2225, 2239, 2244, 2240, - 2250, 2241, 2248, 2246, 2263, 2252, 2267, 2268, 2278, 2265, - 2273, 2279, 2277, 2293, 2299, 2303, 2294, 2282, 2295, 2297, - 2296, 2319, 2327, 2331, 2323, 8937, 2314, 2344, 2320, 2338, - - 2337, 2318, 2330, 2356, 2345, 2354, 2350, 2357, 2346, 2408, - 8937, 2347, 8937, 8937, 2370, 8937, 8937, 2369, 2373, 8937, - 2385, 2376, 2394, 2406, 2414, 2405, 2381, 2397, 2402, 2409, - 2457, 2418, 2425, 2421, 2426, 2453, 2465, 2455, 2466, 2472, - 2470, 2463, 2474, 2495, 2479, 2503, 2496, 2488, 2506, 2489, - 2492, 2504, 2516, 2498, 2514, 2519, 2524, 2533, 2499, 2436, - 2544, 2529, 2557, 8937, 2548, 2523, 2559, 2556, 2563, 2562, - 2558, 2560, 2566, 2567, 2569, 2552, 2573, 2574, 2579, 2582, - 2590, 2594, 2608, 2588, 8937, 2601, 2603, 2587, 2613, 2614, - 2616, 2615, 2617, 2597, 2624, 2635, 2632, 2651, 2638, 2636, - - 2645, 2637, 2663, 8937, 2665, 2656, 2649, 2664, 2650, 2675, - 2679, 2662, 2680, 2676, 2681, 2682, 2687, 2691, 2641, 2706, - 2707, 2697, 2703, 2714, 2709, 2724, 2721, 2708, 2730, 2718, - 2732, 2733, 2727, 2742, 2743, 2757, 2767, 2744, 2769, 2748, - 2777, 2778, 2770, 2760, 2771, 2776, 2765, 2788, 2782, 2790, - 2784, 2787, 2804, 2792, 2807, 2803, 2817, 2828, 2809, 2829, - 2825, 2810, 2815, 2836, 2819, 8937, 2816, 2831, 8937, 2827, - 2843, 2889, 2849, 2853, 2846, 2866, 2844, 2875, 2870, 2868, - 2876, 2872, 2920, 2895, 2887, 2907, 2902, 2921, 2906, 2919, - 2916, 2914, 2925, 2931, 2943, 2880, 2947, 2954, 433, 2960, - - 2934, 2945, 2941, 2991, 2957, 2966, 2961, 2967, 2976, 2968, - 2974, 2993, 2989, 2994, 2985, 3018, 3003, 8937, 3019, 3012, - 3006, 3014, 3033, 3024, 3028, 8937, 3034, 3039, 3037, 3036, - 3049, 3038, 3054, 3042, 3063, 3051, 3055, 3064, 3070, 3066, - 3075, 3041, 8937, 3080, 8937, 3074, 3083, 3068, 3091, 3090, - 3094, 3106, 3107, 8937, 8937, 3115, 3104, 3121, 3129, 3114, - 8937, 3110, 3150, 3124, 3140, 3130, 3138, 3145, 3141, 3133, - 3147, 3168, 3149, 3171, 3160, 3173, 3165, 8937, 3177, 3163, - 3176, 3186, 3166, 3189, 3192, 3187, 8937, 3195, 3196, 3204, - 3188, 3217, 3211, 3207, 3224, 3228, 3214, 3216, 3213, 3239, - - 3223, 3250, 3251, 3243, 3244, 3252, 3258, 8937, 3246, 3241, - 3263, 3260, 3267, 3271, 3272, 3256, 3270, 3279, 3283, 3284, - 3275, 3288, 3277, 3308, 3310, 3297, 3309, 3317, 3299, 3305, - 3313, 91, 3303, 3320, 3315, 3306, 8937, 3324, 3328, 3330, - 115, 3335, 3338, 3342, 3355, 3357, 3359, 3344, 3368, 3372, - 3369, 3371, 3370, 3365, 3376, 3378, 3389, 3388, 3387, 3393, - 3392, 8937, 3385, 3395, 3400, 3398, 3417, 3406, 3427, 8937, - 3420, 3428, 3425, 3437, 3435, 3434, 3436, 3452, 3431, 3451, - 3462, 3453, 3465, 3469, 3470, 3463, 8937, 3483, 3479, 3480, - 3466, 3490, 3487, 3493, 3473, 3501, 3500, 3509, 3508, 3498, - - 3512, 3507, 3510, 3515, 3532, 3525, 3527, 3529, 3535, 8937, - 3546, 3530, 3541, 3553, 3543, 3559, 3554, 3583, 3550, 3565, - 3562, 3584, 3608, 3574, 3588, 3599, 3602, 3593, 3596, 3609, - 3614, 3623, 3606, 3618, 3636, 3644, 3632, 3624, 3629, 3633, - 3656, 3581, 3650, 3662, 3667, 3665, 3669, 3692, 3671, 3686, - 3664, 8937, 3678, 3688, 3689, 3684, 3722, 3705, 3696, 3699, - 3711, 3715, 3702, 3717, 3713, 3748, 3745, 3739, 3741, 3751, - 3743, 3744, 3732, 3733, 3759, 3503, 3752, 3761, 3760, 8937, - 3766, 3771, 3773, 3772, 3790, 3775, 3797, 3800, 3799, 3784, - 3785, 3807, 3789, 3810, 3794, 3815, 3816, 3821, 3811, 8937, - - 3827, 3824, 3840, 3832, 3844, 3847, 3848, 3856, 3857, 3859, - 3817, 3854, 3862, 3850, 8937, 3870, 3873, 3874, 3875, 3883, - 3876, 3867, 3893, 3884, 8937, 3894, 3887, 3885, 3903, 3918, - 3910, 8937, 3920, 3912, 3897, 3911, 3913, 3915, 3924, 3921, - 3930, 3931, 3951, 3946, 3938, 3957, 8937, 3944, 3969, 3948, - 3958, 3964, 3960, 3965, 3982, 3990, 3977, 3979, 3988, 8937, - 3984, 3999, 3994, 4019, 3991, 4007, 4013, 4011, 4015, 4017, - 4018, 4021, 8937, 4022, 4034, 4037, 4038, 4047, 4049, 4050, - 4058, 4044, 4053, 4043, 4060, 4066, 4070, 4068, 4079, 4083, - 4074, 4082, 4097, 4090, 4101, 4087, 4099, 4106, 4095, 4109, - - 4122, 4126, 8937, 4112, 4117, 4128, 4113, 4115, 4130, 4134, - 4142, 4132, 4138, 4155, 4148, 4144, 4181, 4183, 4147, 4165, - 4158, 4161, 4175, 4186, 4176, 4178, 4179, 4201, 4194, 4174, - 4214, 4193, 4209, 4219, 4204, 4210, 4211, 4213, 4220, 4222, - 4218, 4247, 4241, 4239, 4235, 4252, 4249, 4259, 4240, 4246, - 4245, 4281, 8937, 4266, 4264, 4250, 4268, 4278, 4289, 4292, - 4303, 4286, 4291, 4302, 4295, 4305, 4313, 4317, 4318, 4322, - 4312, 8937, 4319, 8937, 4320, 4343, 4324, 4328, 4330, 8937, - 4342, 8937, 4351, 4353, 4340, 4345, 8937, 4355, 4339, 4362, - 4372, 4364, 4363, 4368, 4369, 4378, 4375, 4385, 4386, 4382, - - 4383, 4406, 4401, 4398, 4412, 4403, 4393, 4419, 4402, 4425, - 4405, 4429, 4432, 4428, 4433, 8937, 4437, 4435, 4430, 4444, - 4449, 4452, 4445, 4460, 4472, 4453, 4462, 4474, 4476, 4464, - 4488, 4487, 4491, 4478, 4499, 8937, 4493, 4502, 4494, 4500, - 8937, 4511, 4504, 4521, 4523, 4518, 4512, 4520, 4533, 4540, - 4519, 4542, 4538, 4568, 4517, 4548, 4563, 8937, 4543, 4551, - 4562, 4569, 4561, 4578, 4579, 4575, 4590, 4597, 4589, 4595, - 4592, 4585, 4580, 4612, 4602, 4625, 4618, 4630, 4603, 4627, - 4628, 4629, 4620, 4613, 4616, 4635, 4637, 4646, 4654, 4655, - 4653, 4647, 4650, 4657, 4648, 8937, 4672, 4659, 4678, 4686, - - 4673, 4675, 4677, 4685, 4681, 4692, 4684, 4711, 4705, 8937, - 4709, 8937, 4700, 4719, 4726, 4731, 4727, 4715, 4732, 4737, - 4728, 4738, 4740, 4756, 4744, 4753, 4764, 4751, 4765, 4766, - 4749, 4779, 4762, 4768, 4767, 4772, 4771, 4791, 8937, 8937, - 4780, 4792, 4814, 4795, 4807, 4812, 4820, 4819, 4818, 4806, - 4832, 4809, 4825, 8937, 4842, 4834, 4838, 4852, 4845, 4846, - 4863, 4871, 4862, 4873, 4868, 8937, 4850, 4861, 4876, 4865, - 4890, 4886, 8937, 4877, 8937, 4887, 4888, 4900, 4901, 4869, - 4898, 4902, 4904, 4919, 4926, 4927, 4917, 4923, 4912, 4924, - 4922, 4934, 4929, 4933, 4936, 4944, 8937, 4948, 4938, 4960, - - 4961, 4965, 4967, 4968, 4953, 8937, 4969, 4963, 4973, 4979, - 4974, 4983, 4984, 4993, 5005, 4997, 5003, 4995, 4996, 5022, - 5006, 5001, 5020, 5021, 5024, 5031, 8937, 5030, 5028, 5043, - 5040, 5032, 5048, 5049, 5036, 5038, 5051, 5054, 5061, 5063, - 5064, 5062, 5065, 5077, 5075, 5078, 5101, 5089, 5088, 5085, - 5091, 5087, 8937, 5100, 5104, 5090, 5121, 5118, 5125, 5122, - 5129, 5116, 5138, 5140, 5130, 5133, 5139, 5158, 5147, 5152, - 8937, 5149, 5146, 5163, 5144, 5167, 5172, 5174, 5178, 5182, - 5194, 5168, 5173, 5185, 5184, 8937, 5192, 5189, 5196, 5211, - 5199, 5191, 5215, 5209, 5216, 5217, 5201, 5231, 5219, 5223, - - 5246, 5248, 5233, 8937, 8937, 5252, 5230, 5254, 8937, 5256, - 5240, 5267, 5268, 5249, 5262, 5264, 5260, 5258, 5285, 5273, - 5287, 8937, 5288, 5283, 5281, 5295, 5310, 5311, 5307, 5304, - 5308, 5296, 5300, 5306, 5321, 5314, 5313, 5341, 5326, 5330, - 5327, 5334, 5351, 8937, 5336, 5338, 5345, 5352, 5343, 5358, - 8937, 5348, 5376, 5375, 5377, 5364, 5384, 5379, 5392, 5372, - 5382, 5378, 5405, 5394, 5398, 5389, 5411, 5407, 5401, 5428, - 5423, 8937, 5421, 5420, 5413, 5435, 8937, 5442, 5449, 5448, - 5451, 5438, 5447, 5454, 5456, 8937, 5455, 5457, 5458, 5446, - 5473, 5450, 5485, 5481, 5475, 8937, 5477, 5476, 5491, 8937, - - 5498, 5504, 5490, 5492, 5500, 5511, 5503, 5502, 5515, 5517, - 8937, 5519, 8937, 5530, 5523, 5536, 8937, 5527, 5528, 5538, - 5541, 5547, 5544, 5553, 5542, 5552, 5555, 5550, 5560, 5554, - 5557, 5584, 5595, 5574, 5582, 5576, 5579, 8937, 5596, 5580, - 5590, 5603, 5601, 5600, 5611, 5609, 5602, 8937, 8937, 5613, - 8937, 5630, 5618, 5627, 8937, 5629, 5635, 5651, 5631, 5646, - 5650, 5653, 5655, 8937, 5657, 5645, 5661, 5665, 5659, 5662, - 5673, 5675, 5684, 5671, 5686, 5698, 8937, 5679, 5691, 5705, - 5689, 5695, 5706, 5714, 5700, 8937, 5716, 5727, 5722, 5730, - 5731, 8937, 5728, 8937, 5732, 5736, 5739, 5758, 5734, 8937, - - 5766, 5755, 5752, 5744, 5771, 5772, 5778, 5779, 5763, 5780, - 5791, 5787, 5762, 5786, 8937, 5785, 5795, 5788, 5815, 5802, - 5803, 5825, 5819, 5826, 5814, 5829, 5833, 5822, 5838, 5846, - 5831, 5830, 5836, 8937, 5859, 5867, 5849, 5880, 5873, 5865, - 8937, 5866, 5874, 5883, 8937, 5872, 5864, 5881, 5887, 5895, - 5898, 5902, 5905, 5906, 8937, 5908, 5911, 5904, 5922, 5925, - 5917, 8937, 8937, 5936, 8937, 5931, 5933, 5944, 5943, 5914, - 5953, 5965, 5958, 5968, 5954, 5970, 5971, 5964, 5957, 6007, - 5907, 5983, 5969, 5982, 5985, 8937, 8937, 5987, 6010, 5999, - 5993, 6012, 6003, 6000, 6021, 6014, 6022, 6024, 6026, 6027, - - 8937, 6029, 6035, 6039, 6037, 8937, 6034, 6042, 6044, 6050, - 6063, 6054, 6060, 6053, 6070, 6056, 6079, 6081, 6074, 6083, - 6087, 6084, 6090, 6093, 6091, 6101, 6107, 8937, 6114, 6102, - 6105, 6103, 6111, 6118, 6106, 6130, 6123, 8937, 6128, 6139, - 6147, 6153, 6145, 6146, 6148, 6162, 6159, 6165, 6166, 6155, - 6175, 6182, 6177, 6173, 8937, 6179, 6187, 6190, 6185, 6196, - 6198, 6200, 6199, 6195, 6201, 6205, 6211, 6215, 6229, 6217, - 6221, 6222, 6214, 8937, 6234, 6235, 6226, 6250, 6237, 6246, - 6248, 6253, 6259, 6249, 6256, 6265, 6267, 8937, 6270, 6262, - 6272, 6289, 6274, 6281, 6283, 6276, 6292, 8937, 6302, 6286, - - 6297, 6295, 6303, 6305, 6299, 6327, 6326, 6336, 6339, 8937, - 6329, 6340, 6344, 6312, 6333, 6353, 6356, 6317, 8937, 6370, - 6372, 6363, 6352, 6360, 6387, 6380, 6384, 6366, 6379, 6393, - 6386, 6394, 6400, 6401, 6411, 6399, 6405, 6413, 8937, 6404, - 8937, 6406, 6428, 6439, 6434, 6436, 6426, 8937, 6431, 6433, - 6445, 6442, 6450, 8937, 6452, 6438, 6456, 6455, 8937, 6475, - 6480, 6468, 6477, 6487, 6491, 8937, 6490, 6493, 6494, 6498, - 6502, 6497, 6500, 6495, 6507, 6501, 6516, 6512, 6510, 6515, - 6518, 6536, 8937, 6540, 6543, 6547, 6545, 6539, 6529, 6551, - 6552, 6556, 8937, 6557, 6533, 6534, 6571, 6560, 6566, 6583, - - 6570, 6584, 6574, 8937, 6582, 6579, 6597, 6604, 6599, 6598, - 8937, 8937, 6589, 6613, 6605, 6610, 6617, 8937, 6616, 6628, - 6621, 6638, 6630, 8937, 8937, 6642, 8937, 6631, 8937, 6632, - 6634, 8937, 8937, 6647, 6627, 6651, 6657, 6664, 8937, 6667, - 8937, 6673, 6669, 6655, 6659, 6680, 8937, 6668, 6663, 6672, - 8937, 6679, 6697, 6683, 6678, 8937, 6703, 6706, 6692, 6686, - 8937, 6715, 6717, 6713, 6705, 6712, 6720, 6724, 6708, 6727, - 6734, 6732, 6735, 6751, 6757, 6758, 6760, 6763, 6753, 6748, - 6762, 6768, 6770, 6764, 6774, 6752, 6761, 6781, 6783, 6800, - 6805, 6795, 6797, 6804, 6803, 6787, 6812, 6796, 6798, 6819, - - 6826, 6794, 6821, 6824, 6825, 6836, 6828, 6853, 6847, 6842, - 6843, 8937, 6848, 6838, 6855, 6868, 6845, 6874, 6883, 6873, - 6889, 6890, 8937, 6893, 8937, 6895, 6881, 6886, 6884, 6877, - 8937, 6882, 6907, 6905, 6908, 6922, 6913, 6910, 6916, 6920, - 6923, 6943, 8937, 6942, 6924, 6939, 6945, 8937, 6947, 6953, - 6949, 6959, 6954, 6963, 6964, 6966, 6969, 6960, 6962, 6992, - 6995, 7002, 6980, 6986, 6981, 6994, 6983, 6996, 7009, 7013, - 7017, 7018, 7024, 8937, 7012, 8937, 7023, 7019, 7021, 7029, - 7030, 7034, 7036, 8937, 8937, 7044, 7050, 7052, 7051, 7056, - 7067, 7065, 8937, 7057, 7071, 7068, 7060, 8937, 7070, 7083, - - 7084, 7086, 8937, 7078, 7079, 7105, 7089, 7095, 7107, 7113, - 7099, 7111, 7112, 7119, 8937, 8937, 8937, 8937, 7120, 7101, - 7125, 7116, 7131, 7128, 7133, 7149, 7138, 8937, 7157, 8937, - 8937, 7154, 7156, 7148, 7158, 7160, 7147, 7164, 7169, 8937, - 7152, 7165, 7193, 7184, 7178, 7182, 7201, 7195, 7203, 7188, - 7189, 7007, 7205, 7211, 7204, 7209, 7213, 7217, 8937, 8937, - 7229, 7218, 7220, 7248, 7222, 7246, 7238, 7226, 7253, 7250, - 7249, 7244, 7254, 7239, 7266, 7268, 7265, 7271, 8937, 7267, - 7261, 8937, 7278, 8937, 7269, 7295, 7284, 7291, 7294, 7297, - 7307, 7305, 8937, 8937, 8937, 7293, 7289, 7296, 7313, 7318, - - 7316, 7311, 7319, 7328, 8937, 7329, 8937, 7330, 7345, 7348, - 7333, 7356, 7359, 7364, 7361, 7354, 7360, 8937, 7357, 7355, - 8937, 7363, 7382, 7383, 8937, 7372, 7352, 7378, 7380, 8937, - 7401, 7399, 7397, 8937, 7404, 8937, 7386, 7407, 7405, 7416, - 8937, 7388, 7413, 8937, 7418, 7419, 7424, 7409, 8937, 7420, - 8937, 7428, 7437, 7441, 7450, 7443, 7452, 7440, 7439, 7445, - 7461, 7460, 7467, 8937, 8937, 73, 7478, 7466, 7454, 7456, - 7484, 7468, 7472, 7487, 7482, 8937, 8937, 7495, 8937, 7488, - 7499, 8937, 7479, 7505, 7506, 7503, 7514, 7510, 7516, 7498, - 7513, 7524, 7539, 7530, 7526, 7541, 7559, 7533, 7556, 7557, - - 7560, 7563, 7566, 7546, 7565, 7554, 7569, 7571, 7555, 7579, - 8937, 7578, 7597, 7585, 8937, 7604, 7601, 7609, 7605, 8937, - 7611, 7606, 7607, 7612, 8937, 7596, 7613, 7625, 7635, 7630, - 7651, 7634, 7640, 7646, 8937, 8937, 8937, 7648, 7654, 8937, - 7655, 7652, 7633, 7641, 8937, 7656, 7657, 8937, 8937, 7662, - 7661, 7671, 7668, 8937, 7678, 8937, 7673, 8937, 7696, 7697, - 7698, 7695, 8937, 7703, 7705, 8937, 7707, 7710, 7711, 7718, - 7692, 7721, 7715, 8937, 7746, 7738, 7739, 7749, 7732, 7741, - 7730, 7747, 7737, 7761, 7733, 7762, 8937, 7759, 7764, 7767, - 7774, 7765, 7766, 7777, 8937, 7783, 8937, 7782, 7785, 7796, - - 7778, 7790, 7788, 7805, 7811, 7792, 7803, 7801, 8937, 7821, - 7826, 8937, 7808, 8937, 7831, 8937, 7823, 7825, 7828, 7832, - 8937, 7836, 7822, 7834, 7827, 8937, 7850, 7848, 7853, 7860, - 8937, 8937, 7847, 7870, 7871, 7859, 7879, 7882, 7863, 7885, - 7880, 7884, 7868, 7875, 7873, 7889, 7894, 7896, 7902, 7912, - 8937, 8937, 8937, 7910, 7897, 7930, 7926, 7924, 7935, 7915, - 8937, 7929, 7936, 7938, 7928, 7940, 7941, 7945, 8937, 7952, - 7948, 7921, 7956, 7950, 7957, 7962, 8937, 7978, 7980, 7977, - 7967, 7983, 7987, 7990, 7992, 7994, 8937, 7995, 8937, 8937, - 7993, 8937, 7975, 7979, 7989, 8017, 8937, 8000, 8009, 8005, - - 8004, 8029, 8030, 8937, 8038, 8014, 8016, 8032, 8937, 8937, - 8042, 8937, 8046, 8043, 8033, 8054, 8039, 8045, 8055, 8058, - 8937, 8056, 8057, 8062, 8059, 8073, 8937, 8060, 8069, 8072, - 8081, 8937, 8075, 8089, 8094, 8070, 8102, 8937, 8104, 8090, - 8118, 8117, 8937, 8103, 8113, 8937, 8937, 8114, 8124, 8121, - 8937, 8937, 8937, 8127, 8937, 8133, 8144, 8148, 8157, 8131, - 8937, 8159, 8143, 8149, 8937, 8937, 8145, 8146, 8162, 8164, - 8937, 8937, 8152, 8171, 8170, 8160, 8153, 8937, 8181, 8173, - 8184, 8183, 8202, 8188, 8201, 8204, 8219, 8212, 8193, 8207, - 8196, 8220, 8227, 8223, 8221, 8229, 8230, 8235, 8237, 8233, - - 8937, 8937, 8241, 8937, 8937, 8251, 8253, 8255, 8258, 8261, - 8266, 8267, 8937, 8262, 8270, 8263, 8264, 8254, 8937, 8256, - 8273, 8269, 8279, 8283, 8285, 8289, 8287, 8937, 8937, 8290, - 8302, 8294, 8306, 8291, 8937, 8312, 8328, 8310, 8321, 8311, - 8322, 8325, 8937, 8337, 8318, 8937, 8937, 8329, 8937, 8937, - 8937, 8937, 8937, 8937, 8937, 8937, 8347, 8937, 8333, 8358, - 8359, 8361, 8937, 8339, 8354, 8365, 8352, 8364, 8937, 8353, - 8371, 8370, 8381, 8379, 8386, 8380, 8385, 8397, 8368, 8391, - 8402, 8392, 8410, 8405, 8403, 8420, 8937, 8937, 8937, 8413, - 8414, 8433, 8429, 8435, 8444, 8436, 8439, 8432, 8428, 8443, - - 8452, 8453, 8442, 8449, 8473, 8460, 8465, 8476, 8462, 8483, - 8471, 8469, 8490, 8937, 8478, 8937, 8479, 8937, 8937, 8495, - 8498, 8494, 8492, 8512, 8517, 8500, 8503, 8504, 8513, 8528, - 8532, 8937, 8515, 8526, 8937, 8520, 8529, 8937, 8531, 8530, - 8545, 8539, 8541, 8548, 8544, 8560, 8569, 8937, 8937, 8550, - 8556, 8561, 8582, 8579, 8590, 8585, 8588, 8594, 8595, 8583, - 8603, 8937, 8589, 8609, 8604, 8937, 8601, 8606, 8611, 8615, - 8616, 8613, 8620, 8610, 8937, 8643, 8937, 8619, 8642, 8648, - 8630, 8636, 8645, 8659, 8662, 8652, 8937, 8647, 8663, 8669, - 8676, 8682, 8679, 8686, 8678, 8668, 8694, 8696, 8701, 8695, - - 8700, 8689, 8709, 8711, 8937, 8712, 8713, 8937, 8726, 8728, - 8718, 8723, 8716, 8937, 8719, 8729, 8735, 8746, 8749, 8744, - 8937, 8752, 8761, 8756, 8937, 8760, 8937, 8937, 8762, 8753, - 8758, 8766, 8768, 8937, 8937, 8937, 8817, 8824, 8831, 8838, - 8845, 8852, 8859, 102, 8866, 8873, 8880, 8887, 8894, 8901, - 8908, 8915, 8922, 8929 + 357, 408, 438, 423, 444, 446, 458, 462, 436, 467, + 483, 474, 470, 476, 488, 487, 489, 499, 482, 503, + 514, 510, 526, 516, 523, 520, 552, 363, 533, 515, + 554, 551, 250, 558, 548, 582, 561, 527, 553, 578, + 601, 575, 602, 596, 588, 605, 599, 208, 341, 205, + 236, 194, 628, 225, 180, 438, 158, 652, 656, 0, + 622, 152, 664, 176, 130, 454, 633, 659, 639, 646, + 654, 652, 664, 648, 655, 666, 658, 665, 705, 677, + 682, 707, 256, 716, 760, 710, 691, 693, 717, 718, + + 701, 704, 732, 721, 751, 741, 744, 746, 750, 748, + 767, 771, 808, 790, 759, 784, 290, 796, 807, 325, + 798, 715, 810, 783, 726, 811, 820, 825, 822, 817, + 815, 831, 827, 837, 853, 849, 858, 856, 852, 854, + 846, 874, 877, 857, 864, 876, 892, 881, 901, 885, + 902, 904, 891, 908, 916, 918, 895, 921, 911, 903, + 919, 680, 941, 926, 937, 928, 935, 942, 930, 944, + 938, 955, 947, 966, 968, 967, 975, 978, 962, 974, + 973, 976, 984, 971, 989, 1003, 1007, 1011, 144, 995, + 1019, 1023, 994, 999, 1005, 1021, 1018, 1022, 1033, 1015, + + 1048, 1042, 1058, 1051, 1056, 1054, 1066, 1068, 1047, 1046, + 1041, 1052, 1069, 1073, 1080, 1084, 1082, 1086, 1089, 1092, + 1102, 1094, 1085, 1115, 1096, 1141, 1111, 1109, 1119, 1152, + 1136, 1135, 1144, 1162, 1172, 1166, 1177, 1163, 1186, 1189, + 1143, 1176, 1200, 1205, 1187, 1204, 1199, 1188, 1190, 1203, + 1107, 1238, 9263, 1215, 1242, 1149, 1243, 1244, 1251, 1226, + 1269, 1237, 1259, 1217, 1252, 1275, 1292, 1340, 1264, 1273, + 1282, 1283, 1279, 9263, 1320, 1289, 1389, 1311, 1309, 1342, + 1302, 1306, 1325, 1331, 1348, 1353, 1224, 1367, 1335, 1337, + 1394, 1390, 1380, 1382, 1370, 1406, 1399, 1262, 1409, 1419, + + 1422, 1428, 1354, 1418, 1431, 1445, 1425, 1424, 1432, 1437, + 1440, 1455, 1476, 1456, 1481, 1461, 1360, 1471, 1449, 1472, + 1477, 1502, 1547, 1468, 1492, 1488, 1503, 1505, 1499, 1489, + 1515, 1527, 1506, 1530, 1519, 1542, 1532, 1304, 1548, 1550, + 1554, 1549, 1567, 1541, 1557, 1568, 1580, 1588, 1574, 1520, + 1575, 1584, 1600, 1595, 1592, 1605, 1609, 1607, 1616, 1613, + 9263, 1620, 1618, 1602, 1629, 1622, 1634, 9263, 1632, 1633, + 1637, 1640, 1658, 1659, 1663, 1665, 1660, 1664, 1673, 1666, + 1656, 1687, 1669, 1685, 1699, 1691, 1701, 1682, 1692, 1707, + 1703, 1695, 1715, 1709, 1702, 1714, 1754, 9263, 1719, 1730, + + 1752, 1731, 1748, 1757, 1758, 1744, 1771, 1777, 1742, 1797, + 1783, 1803, 1782, 1788, 1810, 1787, 1815, 1798, 1807, 1821, + 1822, 1795, 1823, 1818, 1832, 1837, 1847, 9263, 1848, 1854, + 1861, 1850, 1845, 1846, 1855, 1856, 1849, 1866, 1873, 1888, + 1875, 1883, 1895, 1906, 1892, 1908, 1893, 1909, 1897, 1901, + 1902, 1918, 1928, 1898, 1951, 1927, 1923, 1930, 1932, 1942, + 1949, 1957, 1958, 1935, 1948, 1962, 1961, 1953, 1955, 1967, + 1968, 1954, 1979, 1982, 1984, 1987, 1978, 1997, 1989, 2000, + 1992, 1994, 2005, 2004, 2006, 2013, 2012, 2008, 2033, 2025, + 2037, 2028, 2032, 2049, 2051, 2044, 2035, 9263, 2062, 2052, + + 2063, 2065, 2075, 2071, 2077, 2068, 2076, 2079, 2087, 2092, + 2085, 2099, 2101, 2089, 2104, 2106, 2111, 2122, 2119, 2126, + 2141, 2127, 2131, 2116, 2137, 2146, 2139, 2150, 2145, 2135, + 2154, 2170, 2142, 2161, 2171, 2172, 2165, 2180, 2178, 2173, + 2194, 2197, 2205, 2185, 2167, 2209, 2230, 2201, 2188, 2217, + 2207, 2225, 2215, 2220, 2221, 2218, 2229, 2248, 2247, 2246, + 2243, 2244, 2245, 2242, 2250, 2252, 2273, 2266, 2269, 2264, + 2265, 2291, 2279, 2271, 2285, 2286, 2282, 2294, 2288, 2315, + 2313, 2300, 2309, 2311, 2318, 2321, 2314, 2322, 2327, 2346, + 2332, 2348, 2350, 2338, 2360, 2349, 2343, 2354, 2359, 2364, + + 2365, 2370, 2375, 2379, 2378, 2385, 2382, 2400, 2409, 2404, + 2402, 2405, 9263, 2392, 2413, 2397, 2419, 2416, 2408, 2421, + 2426, 2434, 2440, 2431, 2427, 2436, 2482, 9263, 2444, 9263, + 9263, 2445, 9263, 9263, 2461, 2472, 9263, 2479, 2471, 2465, + 2469, 2489, 2492, 2499, 2450, 2508, 2503, 2430, 2550, 2528, + 2511, 2497, 2509, 2519, 2540, 2529, 2520, 2538, 2547, 2555, + 2588, 2566, 2563, 2560, 2585, 2571, 2589, 2596, 2594, 2595, + 2593, 2587, 2600, 2590, 2599, 2603, 2607, 2614, 2622, 2624, + 2621, 2628, 2620, 2648, 2641, 2644, 2658, 9263, 2645, 2659, + 2662, 2655, 2664, 2667, 2668, 2653, 2665, 2676, 2671, 2663, + + 2673, 2677, 2680, 2683, 2687, 2685, 2702, 2714, 2694, 9263, + 2706, 2707, 2695, 2712, 2709, 2721, 2720, 2723, 2703, 2722, + 2740, 2732, 2734, 2739, 2738, 2747, 2736, 2765, 9263, 2767, + 2770, 2750, 2773, 2758, 2755, 2766, 2777, 2781, 2780, 2787, + 2784, 2791, 2793, 2795, 2808, 2807, 2802, 2811, 2818, 2813, + 2826, 2823, 2822, 2832, 2835, 2839, 2836, 2838, 2845, 2850, + 2848, 2862, 2853, 2866, 2851, 2878, 2881, 2875, 2865, 2876, + 2880, 2874, 2889, 2886, 2897, 2891, 2901, 2904, 2899, 2910, + 2902, 2916, 2930, 2917, 2929, 2934, 2918, 2922, 2945, 2936, + 9263, 2927, 2925, 9263, 2952, 2944, 2947, 2993, 2957, 2949, + + 2966, 2970, 2948, 2979, 2974, 2972, 2985, 2980, 3024, 3006, + 2991, 3018, 3011, 3025, 3016, 3032, 3021, 3023, 3033, 3045, + 3050, 3041, 3063, 3068, 3039, 615, 3070, 3053, 3057, 3051, + 3103, 3067, 3080, 3072, 3081, 3087, 3100, 3083, 3107, 3073, + 3097, 3110, 3106, 3120, 3124, 3112, 3127, 3135, 3136, 3137, + 9263, 3146, 3155, 3141, 3148, 3151, 3154, 3147, 9263, 3156, + 3162, 3163, 3175, 3167, 3172, 3190, 3177, 3182, 3180, 3189, + 3199, 3202, 3204, 3188, 3185, 9263, 3198, 9263, 3206, 3216, + 3194, 3225, 3224, 3219, 3240, 3243, 9263, 9263, 3244, 3241, + 3229, 3258, 3246, 9263, 3238, 3260, 9263, 3278, 3261, 3266, + + 3263, 3268, 3271, 3281, 3277, 3301, 3293, 3302, 3285, 3298, + 3304, 9263, 3296, 3311, 3309, 3310, 3306, 3312, 3319, 3323, + 9263, 3328, 3327, 3341, 3353, 3274, 3348, 3338, 3349, 3359, + 3340, 3344, 3346, 3361, 3365, 3374, 3377, 3376, 3384, 3390, + 3382, 9263, 3379, 3380, 3387, 3391, 3394, 3393, 3401, 3407, + 3411, 3409, 3416, 3388, 3413, 3420, 3414, 3418, 3440, 3427, + 3439, 3448, 3434, 3435, 3438, 91, 3437, 3447, 3451, 3454, + 9263, 3465, 3463, 3466, 128, 3458, 3473, 3475, 3489, 3482, + 3468, 3476, 3478, 3503, 3485, 3499, 3505, 3512, 3506, 3508, + 3514, 3509, 3510, 3518, 3523, 3521, 9263, 3527, 3528, 3535, + + 3543, 3551, 3539, 3563, 9263, 3556, 3570, 3567, 3561, 3566, + 3562, 3578, 3583, 3574, 3587, 3586, 3588, 3599, 3612, 3606, + 3605, 3603, 9263, 3621, 3619, 3623, 3615, 3626, 3632, 3618, + 3610, 3641, 3638, 3648, 3646, 3659, 3652, 3650, 3649, 3653, + 3668, 3663, 3662, 3665, 3672, 3679, 3683, 3688, 3686, 3689, + 3687, 9263, 3548, 3703, 3705, 3709, 3706, 3715, 3710, 3728, + 3716, 3725, 3727, 3723, 3767, 3743, 3751, 3645, 3757, 3764, + 3752, 3730, 3766, 3777, 3773, 3784, 3788, 3803, 3792, 3796, + 3801, 3798, 3815, 3807, 3804, 3746, 3770, 3819, 3823, 3846, + 3825, 3765, 3829, 9263, 3832, 3842, 3843, 3849, 3877, 3856, + + 3852, 3863, 3867, 3869, 3879, 3880, 3883, 3848, 3885, 3892, + 3888, 3904, 3889, 3905, 3893, 3896, 3912, 3844, 3907, 3918, + 3926, 9263, 3930, 3932, 3916, 3931, 3942, 3927, 3946, 3949, + 3951, 3944, 3945, 3952, 3941, 3960, 3955, 3976, 3971, 3968, + 3967, 9263, 3983, 3969, 3994, 3977, 3995, 3993, 4004, 4010, + 4005, 4011, 3996, 4013, 4017, 4012, 9263, 4022, 4034, 4030, + 4039, 4036, 4028, 4037, 4050, 4033, 9263, 4041, 4038, 4044, + 4059, 4064, 4063, 9263, 4075, 4062, 4061, 4072, 4066, 4070, + 4077, 4086, 4080, 4085, 4088, 4093, 4101, 4094, 4111, 9263, + 4099, 4129, 4105, 4121, 4126, 4122, 4120, 4124, 4147, 4131, + + 4144, 4127, 9263, 4164, 4156, 4154, 4175, 4153, 4150, 4166, + 4173, 4180, 4168, 4169, 4183, 4170, 9263, 4187, 4191, 4202, + 4197, 4200, 4203, 4207, 4211, 4196, 4213, 4219, 4222, 4224, + 4223, 4236, 4238, 4247, 4240, 4234, 4253, 4229, 4246, 4256, + 4261, 4280, 4263, 4257, 4272, 4270, 4266, 4289, 4296, 4297, + 4299, 4301, 9263, 4295, 4304, 4303, 4288, 4298, 4305, 4321, + 4311, 4316, 4314, 4332, 4315, 4335, 4331, 4356, 4357, 4333, + 4354, 4345, 4346, 4359, 4361, 4351, 4367, 4371, 4374, 4380, + 4373, 4376, 4377, 4384, 4379, 4383, 4386, 4400, 4401, 4394, + 4388, 4403, 4421, 4428, 4412, 4425, 4433, 4429, 4436, 4430, + + 4432, 4437, 4460, 9263, 4426, 4449, 4457, 4453, 4458, 4438, + 4464, 4480, 4463, 4470, 4477, 4484, 4490, 4475, 4485, 4493, + 4491, 4492, 9263, 4496, 9263, 4504, 4511, 4507, 4529, 4506, + 9263, 4527, 9263, 4533, 4528, 4521, 4523, 9263, 4541, 4522, + 4538, 4531, 4530, 4540, 4543, 4546, 4563, 4574, 4567, 4564, + 4565, 4554, 4583, 4571, 4568, 4588, 4572, 4596, 4601, 4597, + 4599, 4594, 4607, 4604, 4603, 4614, 9263, 4625, 4613, 4615, + 4623, 4628, 4624, 4632, 4635, 4634, 4649, 4650, 4653, 4645, + 4662, 4651, 4656, 4663, 4678, 4659, 4687, 9263, 4674, 4691, + 4673, 4693, 9263, 4697, 4680, 4707, 4709, 4689, 4694, 4696, + + 4714, 4721, 4715, 4701, 4705, 4740, 4732, 4742, 4752, 9263, + 4736, 4748, 4729, 4759, 4750, 4756, 4766, 4760, 4763, 4767, + 4781, 4773, 4775, 4739, 4777, 4779, 4794, 4806, 4808, 4802, + 4814, 4787, 4811, 4812, 4813, 4801, 4800, 4805, 4803, 4822, + 4828, 4830, 4826, 4829, 4835, 9263, 4838, 4847, 4853, 4865, + 4841, 4844, 4856, 4846, 9263, 4872, 4862, 4871, 4873, 4878, + 4869, 4881, 4863, 4883, 4893, 4889, 4900, 4906, 4897, 9263, + 4910, 9263, 4892, 4920, 4921, 4926, 4924, 4914, 4935, 4939, + 4933, 4937, 4944, 4950, 4942, 4927, 4958, 4953, 4966, 4959, + 4963, 4974, 4964, 4976, 4969, 4965, 4981, 4986, 9263, 9263, + + 4982, 4992, 4999, 4988, 5003, 5013, 5020, 5024, 5017, 5005, + 5025, 5011, 5058, 9263, 5014, 5027, 5037, 5038, 5062, 5048, + 5061, 5072, 5063, 5076, 5071, 9263, 5054, 5064, 5081, 5067, + 5093, 5084, 9263, 5079, 9263, 5073, 5090, 5089, 5101, 5099, + 5100, 5104, 5107, 5122, 5088, 5130, 5119, 5133, 5115, 5120, + 5125, 5128, 5155, 5129, 5137, 5136, 9263, 5158, 5146, 5157, + 5162, 5164, 5170, 5163, 5156, 9263, 5165, 5159, 5176, 5168, + 5186, 5181, 5205, 5193, 5202, 5199, 5203, 9263, 5191, 5192, + 5221, 5216, 5204, 5217, 5224, 5230, 5235, 9263, 5236, 5231, + 5226, 5245, 5234, 5250, 5244, 5239, 5242, 5238, 5257, 5249, + + 5265, 5269, 5268, 5267, 5283, 5276, 5273, 5294, 5284, 5286, + 5287, 5295, 5296, 9263, 5300, 5304, 5302, 5310, 5332, 5322, + 5339, 5308, 5341, 5323, 5342, 5346, 5327, 5331, 5353, 5351, + 5337, 5357, 9263, 5344, 5354, 5361, 5358, 5359, 5376, 5370, + 5386, 5377, 5371, 5388, 5394, 5396, 5399, 5417, 5380, 5385, + 5407, 5413, 9263, 5411, 5410, 5420, 5412, 5432, 5427, 5421, + 5437, 5425, 5428, 5450, 5439, 5452, 5441, 5456, 5466, 5471, + 5454, 9263, 9263, 5475, 5457, 5476, 9263, 5477, 5468, 5492, + 5490, 5470, 5481, 5493, 5497, 5484, 5498, 5488, 5505, 9263, + 5502, 5527, 5508, 5523, 5536, 5541, 5538, 5534, 5531, 5522, + + 5524, 5532, 5549, 5529, 5519, 5559, 5558, 5567, 5553, 5562, + 5571, 9263, 5561, 5556, 5579, 5582, 5574, 5580, 9263, 5594, + 5588, 5590, 5601, 5597, 5599, 5616, 5612, 5604, 5615, 5614, + 5630, 5618, 5624, 5619, 5621, 5642, 5634, 5648, 5646, 9263, + 5655, 5656, 5658, 5653, 9263, 5666, 5684, 5660, 5663, 5662, + 5665, 5669, 5673, 9263, 5674, 5691, 5690, 5679, 5703, 5685, + 5708, 5705, 5697, 9263, 5711, 5700, 5715, 9263, 5713, 5724, + 5714, 5721, 5706, 5733, 5738, 5734, 5743, 5736, 9263, 5750, + 9263, 5751, 5746, 5756, 9263, 5747, 5752, 5762, 5768, 5760, + 5770, 5783, 5777, 5790, 5772, 5784, 5782, 5779, 5797, 5803, + + 5810, 5794, 5804, 5796, 5802, 9263, 5821, 5818, 5817, 5831, + 5837, 5825, 5830, 5829, 5841, 5849, 9263, 9263, 5847, 9263, + 5848, 5839, 5854, 9263, 5852, 5857, 5859, 5863, 5882, 5885, + 5872, 5884, 9263, 5888, 5890, 9263, 5889, 5898, 5893, 5874, + 5886, 5901, 5894, 5905, 5912, 5919, 5922, 5909, 5923, 5936, + 9263, 5917, 5918, 5940, 5943, 5929, 5939, 5945, 5949, 5951, + 9263, 5968, 5958, 5962, 5972, 5976, 9263, 5975, 9263, 5970, + 5981, 5979, 5992, 5974, 9263, 6003, 5982, 6012, 5987, 6011, + 6020, 6019, 6021, 6007, 6008, 5913, 6031, 6014, 6029, 9263, + 6023, 6030, 6033, 6058, 6046, 6045, 6050, 6057, 6064, 6049, + + 6071, 6068, 6063, 6069, 6073, 6072, 6077, 6085, 9263, 6098, + 6109, 6092, 6120, 6096, 6104, 9263, 6106, 6112, 6119, 9263, + 6108, 6102, 6132, 6126, 6134, 6136, 6139, 6142, 6135, 9263, + 6145, 6146, 6140, 6159, 6165, 6162, 9263, 9263, 6169, 9263, + 6168, 6153, 6163, 6181, 6179, 6184, 6194, 6191, 6207, 6190, + 6206, 6208, 6201, 6197, 6230, 6217, 6221, 6220, 6224, 6202, + 9263, 9263, 6238, 6241, 6234, 6239, 6244, 6246, 6235, 6257, + 6249, 6259, 6255, 6269, 6268, 9263, 6271, 6270, 6273, 6272, + 9263, 6264, 6283, 6280, 6278, 6301, 6291, 6295, 6294, 6307, + 6286, 6323, 6320, 6310, 6321, 6305, 6322, 6315, 6336, 6335, + + 6330, 6341, 6344, 9263, 6337, 6342, 6346, 6351, 6352, 6356, + 6339, 6368, 6363, 9263, 6362, 9263, 6372, 6387, 6379, 6391, + 6389, 6395, 6383, 6386, 6392, 6408, 6397, 6415, 6402, 6413, + 6427, 6421, 6431, 6434, 6432, 9263, 6436, 6418, 6419, 6435, + 6443, 6449, 6448, 6450, 6451, 6452, 6456, 6468, 6472, 6480, + 6470, 6476, 6474, 6462, 9263, 6477, 6486, 6483, 6487, 6498, + 6499, 6490, 6517, 6492, 6503, 6508, 6509, 6521, 9263, 6504, + 6511, 6512, 6536, 6537, 6538, 6541, 6532, 6543, 9263, 6542, + 6551, 6545, 6539, 6559, 6563, 6549, 6555, 6578, 6586, 6589, + 9263, 6579, 6590, 6594, 6576, 6583, 6603, 6606, 6567, 9263, + + 6620, 6622, 6614, 6605, 6610, 6617, 6630, 6634, 6615, 6632, + 6643, 6641, 6644, 6651, 6654, 6655, 6648, 6670, 6672, 9263, + 6659, 9263, 6665, 6682, 6689, 6684, 6686, 6678, 9263, 6688, + 6692, 6562, 6680, 6705, 9263, 6690, 6707, 6706, 6712, 9263, + 6725, 6731, 6710, 6726, 6740, 6741, 9263, 6743, 6744, 6749, + 6699, 6750, 6737, 6756, 6745, 6760, 6763, 6752, 6765, 6777, + 6767, 6768, 6780, 9263, 6787, 6786, 6796, 6792, 6803, 6790, + 6781, 6802, 6800, 6807, 9263, 6805, 6795, 6811, 6821, 6832, + 6819, 6838, 6826, 6834, 6823, 6825, 6846, 6828, 9263, 6833, + 6848, 6852, 6859, 6861, 6854, 9263, 9263, 6860, 6876, 6879, + + 6863, 6884, 9263, 9263, 6888, 6898, 6868, 6894, 6890, 9263, + 9263, 6897, 9263, 6887, 9263, 6886, 6902, 9263, 9263, 6903, + 6896, 6915, 6923, 6910, 9263, 6931, 9263, 6907, 6932, 6924, + 6914, 6934, 9263, 6919, 6941, 6943, 9263, 6935, 6957, 6930, + 6949, 9263, 6954, 6966, 6955, 6959, 9263, 6971, 6956, 6968, + 6960, 6970, 6980, 6986, 6975, 6976, 6982, 6987, 6991, 7003, + 7010, 7020, 7022, 7023, 7012, 7007, 7021, 7027, 7030, 7017, + 7033, 7016, 7043, 7040, 7042, 7041, 7046, 7051, 7052, 7058, + 7054, 7055, 7069, 7056, 7057, 7071, 7078, 7068, 7070, 7086, + 7082, 7093, 7088, 7109, 7102, 7097, 7101, 9263, 7104, 7096, + + 7117, 7105, 7127, 7120, 7137, 7119, 7130, 7147, 9263, 7149, + 9263, 7152, 7133, 7144, 7139, 7146, 9263, 7136, 7154, 7143, + 7164, 7177, 7167, 7188, 7169, 7175, 7179, 7194, 9263, 7198, + 7185, 9263, 7181, 7192, 7205, 9263, 7209, 7207, 7208, 7211, + 7216, 7222, 7213, 7215, 7225, 7220, 7244, 7246, 7230, 7245, + 7254, 7255, 7264, 7243, 7247, 7250, 7258, 7256, 7259, 7260, + 7278, 7267, 7282, 7293, 9263, 7281, 9263, 7286, 7283, 7285, + 7294, 7296, 7298, 7307, 9263, 9263, 7310, 7312, 7304, 7317, + 7320, 7316, 7329, 9263, 7321, 7331, 7319, 7327, 9263, 7334, + 7344, 7346, 7350, 9263, 7343, 7342, 7348, 7368, 7353, 7374, + + 7376, 7375, 7367, 7373, 7386, 9263, 9263, 9263, 9263, 7387, + 7370, 7389, 7377, 7393, 7396, 7398, 7409, 7403, 9263, 7421, + 9263, 9263, 7417, 7419, 7412, 7423, 7427, 7410, 7431, 7430, + 9263, 7432, 7436, 7437, 7445, 7443, 7452, 7461, 7459, 7468, + 7453, 7457, 7481, 7472, 7482, 7463, 7480, 7489, 7491, 9263, + 9263, 7479, 7494, 7493, 7522, 7498, 7506, 7487, 7486, 7520, + 7510, 7517, 7512, 7521, 7513, 7536, 7537, 7530, 7531, 9263, + 7525, 7540, 7547, 9263, 7548, 9263, 7554, 7561, 7528, 7552, + 7562, 7567, 7568, 7573, 9263, 9263, 7583, 7574, 9263, 9263, + 7572, 7570, 7585, 7584, 7586, 7593, 7599, 7606, 7589, 9263, + + 7600, 9263, 7601, 7618, 7619, 7598, 7629, 7635, 7639, 7636, + 7630, 7632, 9263, 7631, 7634, 9263, 7648, 7641, 7645, 9263, + 7642, 7626, 7651, 7654, 9263, 7673, 7672, 7675, 9263, 7677, + 9263, 7663, 7679, 7674, 7693, 9263, 7665, 7688, 9263, 7691, + 7694, 7692, 7696, 9263, 7687, 9263, 7697, 7698, 7707, 7726, + 7712, 7728, 7716, 7713, 7719, 7735, 7737, 7734, 9263, 9263, + 73, 7747, 7718, 7730, 7732, 7742, 7754, 7745, 7759, 7751, + 9263, 9263, 7761, 9263, 7765, 7764, 9263, 7755, 7768, 7775, + 7787, 7779, 7781, 7769, 7795, 7783, 7798, 7810, 7801, 7800, + 7816, 7814, 7823, 7811, 7820, 7828, 7832, 7834, 7844, 7836, + + 7848, 7838, 7840, 7849, 7859, 7860, 7850, 7854, 9263, 7873, + 7875, 7865, 9263, 7882, 7877, 7888, 7885, 9263, 7889, 7894, + 7897, 7898, 9263, 7881, 7913, 7910, 7909, 7904, 7927, 7915, + 7911, 7925, 9263, 9263, 9263, 7930, 7923, 9263, 7932, 7934, + 7924, 7926, 9263, 7951, 7931, 9263, 9263, 7938, 7955, 7946, + 7972, 9263, 7956, 9263, 7953, 9263, 7976, 7979, 7985, 7980, + 9263, 7983, 7993, 9263, 7969, 7977, 7992, 7991, 7978, 7990, + 8017, 9263, 8007, 8018, 8021, 8014, 8010, 8019, 8008, 8025, + 8015, 8037, 8013, 8039, 9263, 8043, 8046, 8049, 8058, 8042, + 8048, 8052, 8057, 9263, 8062, 9263, 8055, 8070, 8076, 8078, + + 8075, 8073, 8085, 8094, 8089, 8088, 8082, 8096, 8103, 9263, + 8101, 8111, 9263, 8110, 9263, 8113, 9263, 8116, 8118, 8120, + 8112, 9263, 8124, 8121, 8119, 8133, 9263, 8126, 8143, 8137, + 8150, 9263, 9263, 8135, 8170, 8161, 8145, 8171, 8173, 8154, + 8176, 8164, 8169, 8160, 8190, 8185, 8187, 8186, 8189, 8205, + 8191, 9263, 9263, 9263, 8197, 8200, 8215, 8211, 8218, 8228, + 8207, 9263, 8224, 8230, 8232, 8222, 8233, 8226, 8239, 9263, + 8234, 8236, 8240, 8245, 8250, 8255, 8271, 8253, 9263, 8269, + 8276, 8273, 8270, 8281, 8279, 8283, 8287, 8264, 8293, 8289, + 9263, 8295, 9263, 9263, 8280, 9263, 8282, 8296, 8297, 8311, + + 9263, 8315, 8313, 8305, 8320, 8328, 8330, 9263, 8338, 8314, + 8316, 8331, 9263, 9263, 8337, 9263, 8344, 8343, 8339, 8354, + 8347, 8342, 8351, 8355, 9263, 8352, 8356, 8362, 8361, 8378, + 9263, 8377, 8371, 8375, 8381, 9263, 8379, 8380, 8392, 8393, + 8386, 9263, 8411, 8405, 8420, 8421, 9263, 8407, 8424, 8417, + 9263, 9263, 8431, 8433, 8435, 9263, 9263, 9263, 8437, 8436, + 8440, 9263, 8445, 8394, 8451, 8472, 8457, 9263, 8446, 8441, + 8460, 9263, 9263, 8456, 8465, 8470, 8477, 9263, 9263, 8454, + 8473, 8486, 8482, 8478, 9263, 8471, 8487, 8494, 8508, 8510, + 8500, 8506, 8516, 8524, 8499, 8504, 8517, 8509, 8534, 8535, + + 8522, 8545, 8551, 8542, 8547, 8550, 8553, 8549, 9263, 9263, + 8558, 8560, 8555, 9263, 9263, 8563, 8565, 8570, 8571, 8573, + 8579, 8583, 9263, 8575, 8586, 8580, 8576, 8574, 9263, 8577, + 8593, 8590, 8582, 8587, 8607, 8597, 8618, 9263, 9263, 8601, + 8622, 8603, 8626, 8613, 9263, 8630, 8641, 8623, 8638, 8628, + 8624, 8632, 9263, 8655, 8635, 9263, 9263, 9263, 8651, 9263, + 9263, 8646, 9263, 9263, 9263, 9263, 9263, 9263, 9263, 8660, + 9263, 8654, 8676, 8677, 8679, 9263, 8657, 8674, 8681, 8669, + 8678, 9263, 8668, 8675, 8693, 8695, 8694, 8699, 8701, 8696, + 8711, 8716, 8706, 8719, 8708, 8718, 8726, 8735, 8728, 8744, + + 9263, 9263, 9263, 8723, 8743, 8739, 8742, 8752, 8753, 8760, + 8765, 8758, 8762, 8769, 8768, 8778, 8759, 8776, 8793, 8780, + 8785, 8796, 8786, 8798, 8802, 8799, 8789, 8815, 9263, 8804, + 9263, 8809, 9263, 9263, 8817, 8821, 8824, 8811, 8839, 8842, + 8826, 8834, 8831, 8838, 8845, 8852, 9263, 9263, 8835, 8844, + 9263, 8841, 8859, 9263, 8853, 8870, 8857, 8865, 8868, 8866, + 8882, 8883, 8889, 9263, 9263, 8874, 8880, 8877, 8899, 8901, + 8916, 8912, 8914, 8915, 8917, 8905, 8923, 9263, 8927, 8925, + 8929, 9263, 8931, 8918, 8941, 8934, 8936, 8939, 8940, 8947, + 9263, 8964, 9263, 8969, 8961, 8966, 8957, 8958, 8968, 8978, + + 8967, 8988, 9263, 8963, 8982, 8992, 9006, 9012, 8997, 9010, + 8995, 9018, 9015, 9019, 9023, 9024, 9025, 9008, 9038, 9030, + 9263, 9026, 9036, 9263, 9051, 9057, 9041, 9042, 9063, 9263, + 9066, 9048, 9052, 9072, 9074, 9070, 9263, 9080, 9081, 9078, + 9263, 9087, 9263, 9263, 9090, 9083, 9084, 9086, 9096, 9263, + 9263, 9263, 9143, 9150, 9157, 9164, 9171, 9178, 9185, 102, + 9192, 9199, 9206, 9213, 9220, 9227, 9234, 9241, 9248, 9255 } ; -static const flex_int16_t yy_def[3155] = +static const flex_int16_t yy_def[3271] = { 0, - 3136, 1, 3137, 3137, 3138, 3138, 3139, 3139, 3140, 3140, - 3141, 3141, 3142, 3142, 3143, 3143, 3136, 3144, 3136, 3136, - 3136, 3136, 3145, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3146, 3136, 3136, 3136, - 3146, 3147, 3136, 3136, 3136, 3147, 3148, 3136, 3136, 3136, - 3136, 3148, 3149, 3136, 3136, 3136, 3149, 3150, 3136, 3151, - 3136, 3150, 3150, 3152, 3136, 3136, 3136, 3136, 3152, 3153, - 3136, 3136, 3136, 3153, 3144, 3144, 3136, 3154, 3145, 3154, - 3145, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3146, 3146, 3147, 3147, - 3148, 3148, 3136, 3149, 3149, 3150, 3150, 3151, 3151, 3150, - 3152, 3152, 3136, 3153, 3153, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3150, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3150, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3150, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3150, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3136, 3136, 3144, 3136, 3136, 3144, 3144, 3136, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3150, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3136, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3136, 3136, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3150, - 3150, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3136, 3150, 3144, 3144, 3144, 3144, - 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3136, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3136, - 3144, 3136, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3150, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, - 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3136, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3136, 3150, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3136, 3136, 3144, 3144, 3144, 3136, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3136, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3150, 3144, 3136, 3144, 3144, 3144, 3136, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3136, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3136, 3144, - 3136, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - 3144, 3136, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3136, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3136, 3136, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3150, 3144, - 3144, 3144, 3144, 3144, 3144, 3136, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3136, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, - 3136, 3144, 3144, 3144, 3144, 3150, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3136, 3144, - 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, - 3136, 3136, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3136, 3136, 3144, 3136, 3144, 3136, 3144, - 3144, 3136, 3136, 3144, 3144, 3144, 3144, 3144, 3136, 3144, - 3136, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3150, 3144, 3144, 3144, - 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3136, 3144, 3136, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3136, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - - 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3136, 3136, 3136, 3136, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3136, - 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, - 3144, 3144, 3144, 3144, 3144, 3144, 3150, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3136, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, - 3144, 3136, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3136, 3136, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3136, 3144, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - 3136, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3136, - 3144, 3144, 3144, 3136, 3144, 3136, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3136, 3144, - 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3136, 3136, 3150, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3136, 3136, 3144, 3136, 3144, - 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3136, - 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3136, 3136, 3136, 3144, 3144, 3136, - 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3136, 3136, 3144, - 3144, 3144, 3144, 3136, 3144, 3136, 3144, 3136, 3144, 3144, - 3144, 3144, 3136, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3136, 3144, 3136, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, - 3144, 3136, 3144, 3136, 3144, 3136, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - 3136, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3136, 3136, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3136, 3136, - 3144, 3136, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - - 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3136, 3136, - 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3136, 3144, 3144, 3136, 3136, 3144, 3144, 3144, - 3136, 3136, 3136, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3136, 3136, 3144, 3144, 3144, 3144, - 3136, 3136, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3136, 3136, 3144, 3136, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3136, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3136, 3144, - 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3136, 3144, 3144, 3136, 3136, 3144, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3144, 3136, 3144, 3144, - 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3136, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3136, 3136, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3136, 3144, 3136, 3144, 3136, 3136, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3136, 3144, 3144, 3136, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3136, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - 3144, 3136, 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3136, 3144, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3144, - 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, 3144, - - 3144, 3144, 3144, 3144, 3136, 3144, 3144, 3136, 3144, 3144, - 3144, 3144, 3144, 3136, 3144, 3144, 3144, 3144, 3144, 3144, - 3136, 3144, 3144, 3144, 3136, 3144, 3136, 3136, 3144, 3144, - 3144, 3144, 3144, 3136, 3136, 0, 3136, 3136, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, - 3136, 3136, 3136, 3136 + 3252, 1, 3253, 3253, 3254, 3254, 3255, 3255, 3256, 3256, + 3257, 3257, 3258, 3258, 3259, 3259, 3252, 3260, 3252, 3252, + 3252, 3252, 3261, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3262, 3252, 3252, 3252, + 3262, 3263, 3252, 3252, 3252, 3263, 3264, 3252, 3252, 3252, + 3252, 3264, 3265, 3252, 3252, 3252, 3265, 3266, 3252, 3267, + 3252, 3266, 3266, 3268, 3252, 3252, 3252, 3252, 3268, 3269, + 3252, 3252, 3252, 3269, 3260, 3260, 3252, 3270, 3261, 3270, + 3261, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3262, 3262, 3263, + 3263, 3264, 3264, 3252, 3265, 3265, 3266, 3266, 3267, 3267, + 3266, 3268, 3268, 3252, 3269, 3269, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3266, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3266, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3266, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3266, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3252, + 3252, 3260, 3252, 3252, 3260, 3260, 3252, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3266, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3252, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3252, 3260, 3260, + 3260, 3260, 3260, 3252, 3260, 3260, 3252, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3260, 3266, 3266, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3266, 3260, 3260, + 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3252, 3260, 3252, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3252, 3260, 3260, 3260, 3260, 3252, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3266, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3252, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, + 3260, 3260, 3252, 3260, 3252, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3252, 3266, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3252, 3252, 3260, 3260, 3260, 3252, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3266, 3260, 3252, 3260, 3260, 3260, 3252, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3252, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3252, 3260, 3252, + 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3252, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3252, 3260, + 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3252, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3252, 3260, 3252, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3266, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, + 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3252, 3260, 3252, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + 3260, 3252, 3260, 3260, 3260, 3260, 3266, 3260, 3252, 3260, + 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3252, + 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3260, 3260, 3260, 3260, 3260, 3252, 3252, 3260, 3260, 3260, + + 3260, 3260, 3252, 3252, 3260, 3260, 3260, 3260, 3260, 3252, + 3252, 3260, 3252, 3260, 3252, 3260, 3260, 3252, 3252, 3260, + 3260, 3260, 3260, 3260, 3252, 3260, 3252, 3260, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3260, 3252, 3260, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3266, 3260, 3260, 3260, 3260, 3252, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3252, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3260, 3252, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3252, 3260, 3252, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3252, 3252, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3252, 3260, + 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3252, 3252, 3252, 3252, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3252, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3266, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + 3260, 3260, 3260, 3252, 3260, 3252, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3252, 3252, 3260, 3260, 3252, 3252, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + + 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3252, 3260, 3260, 3260, 3252, + 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3252, 3260, + 3252, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3252, 3260, + 3260, 3260, 3260, 3252, 3260, 3252, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3252, + 3266, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3252, 3260, 3252, 3260, 3260, 3252, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3252, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3252, 3252, 3252, 3260, 3260, 3252, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3252, 3252, 3260, 3260, 3260, + 3260, 3252, 3260, 3252, 3260, 3252, 3260, 3260, 3260, 3260, + 3252, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3252, 3260, 3252, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + 3260, 3260, 3252, 3260, 3252, 3260, 3252, 3260, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, + 3260, 3252, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3252, 3252, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3252, 3252, 3260, 3252, 3260, 3260, 3260, 3260, + + 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, + 3260, 3260, 3252, 3252, 3260, 3252, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, + 3252, 3252, 3260, 3260, 3260, 3252, 3252, 3252, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, + 3260, 3252, 3252, 3260, 3260, 3260, 3260, 3252, 3252, 3260, + 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3252, + 3260, 3260, 3260, 3252, 3252, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3252, 3260, + 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3252, 3260, 3260, 3252, 3252, 3252, 3260, 3252, + 3252, 3260, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3260, + 3252, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3252, 3252, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, + 3252, 3260, 3252, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3252, 3260, 3260, + 3252, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3252, 3252, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, + 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + + 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, 3260, + 3252, 3260, 3260, 3252, 3260, 3260, 3260, 3260, 3260, 3252, + 3260, 3260, 3260, 3260, 3260, 3260, 3252, 3260, 3260, 3260, + 3252, 3260, 3252, 3252, 3260, 3260, 3260, 3260, 3260, 3252, + 3252, 0, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, + 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252 } ; -static const flex_int16_t yy_nxt[9004] = +static const flex_int16_t yy_nxt[9330] = { 0, 18, 19, 20, 21, 22, 23, 22, 18, 18, 18, 18, 18, 22, 24, 25, 26, 27, 28, 29, 18, @@ -1466,993 +1503,1028 @@ static const flex_int16_t yy_nxt[9004] = 24, 25, 26, 27, 28, 29, 18, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 18, 18, 18, 45, 48, 49, 50, 48, - 49, 50, 53, 54, 53, 54, 55, 118, 55, 58, - 59, 60, 61, 119, 22, 58, 59, 60, 61, 86, - 22, 64, 65, 66, 64, 65, 66, 87, 157, 157, + 49, 50, 53, 54, 53, 54, 55, 119, 55, 58, + 59, 60, 61, 120, 22, 58, 59, 60, 61, 86, + 22, 64, 65, 66, 64, 65, 66, 87, 158, 158, - 1219, 88, 85, 51, 118, 86, 51, 164, 164, 56, - 119, 56, 167, 75, 76, 77, 78, 62, 22, 75, + 1261, 88, 85, 51, 119, 86, 51, 165, 165, 56, + 120, 56, 168, 75, 76, 77, 78, 62, 22, 75, 76, 77, 78, 62, 22, 81, 82, 83, 67, 97, 86, 67, 19, 20, 21, 69, 70, 71, 19, 20, - 21, 69, 70, 71, 81, 82, 83, 120, 108, 174, - 174, 79, 72, 156, 167, 86, 97, 79, 72, 86, - 134, 90, 84, 90, 90, 86, 90, 175, 109, 173, - 73, 86, 90, 86, 120, 108, 73, 172, 128, 72, - 156, 84, 157, 157, 86, 72, 112, 134, 110, 159, - 164, 164, 159, 170, 113, 109, 98, 399, 185, 91, - - 92, 93, 111, 99, 94, 128, 167, 100, 159, 95, - 101, 159, 86, 112, 86, 110, 86, 179, 96, 167, - 170, 113, 86, 98, 86, 185, 86, 92, 93, 111, - 99, 94, 86, 165, 100, 87, 95, 101, 85, 88, - 85, 85, 163, 85, 179, 96, 102, 162, 114, 85, - 103, 115, 186, 104, 178, 105, 106, 246, 116, 161, - 117, 161, 161, 286, 161, 86, 107, 90, 86, 90, - 90, 86, 90, 102, 86, 114, 121, 103, 115, 186, - 104, 178, 105, 106, 122, 116, 177, 117, 125, 86, - 123, 180, 126, 107, 124, 86, 153, 321, 86, 145, - - 154, 146, 86, 121, 155, 169, 176, 160, 127, 86, - 147, 122, 158, 177, 86, 125, 148, 123, 180, 126, - 86, 124, 86, 153, 149, 86, 145, 154, 146, 86, - 86, 155, 325, 176, 150, 127, 129, 147, 151, 152, - 130, 198, 175, 148, 174, 174, 131, 86, 86, 132, - 166, 149, 166, 166, 181, 166, 133, 171, 86, 171, - 171, 150, 171, 129, 86, 151, 152, 130, 198, 85, - 184, 85, 85, 131, 85, 194, 132, 173, 86, 86, - 85, 181, 182, 133, 135, 172, 167, 202, 136, 90, - 239, 90, 90, 195, 90, 183, 86, 184, 137, 138, - - 90, 139, 86, 190, 191, 165, 86, 86, 193, 182, - 86, 135, 86, 187, 202, 136, 86, 239, 192, 188, - 195, 189, 183, 86, 163, 137, 138, 91, 139, 140, - 190, 191, 141, 162, 86, 193, 196, 197, 203, 142, - 187, 1088, 206, 143, 144, 192, 188, 86, 189, 86, - 86, 86, 199, 200, 204, 86, 140, 160, 158, 141, - 201, 205, 211, 196, 197, 203, 142, 86, 86, 206, - 143, 144, 86, 207, 213, 3136, 208, 86, 221, 199, - 200, 204, 86, 86, 214, 222, 212, 201, 205, 209, - 210, 86, 3136, 3136, 86, 216, 3136, 86, 223, 217, - - 207, 213, 219, 208, 215, 221, 86, 220, 86, 224, - 86, 214, 222, 212, 226, 218, 209, 210, 86, 86, - 225, 229, 216, 86, 228, 223, 217, 234, 86, 219, - 227, 215, 233, 86, 220, 3136, 224, 86, 3136, 86, - 86, 226, 218, 230, 86, 231, 3136, 225, 229, 232, - 241, 228, 86, 86, 234, 235, 236, 227, 86, 233, - 240, 86, 86, 3136, 245, 237, 3136, 86, 255, 242, - 230, 238, 231, 247, 86, 261, 232, 241, 86, 86, - 243, 254, 235, 236, 244, 3136, 248, 240, 86, 86, - 251, 245, 237, 86, 253, 255, 242, 86, 238, 3136, - - 247, 252, 261, 249, 256, 86, 250, 243, 254, 260, - 86, 244, 86, 248, 257, 86, 263, 251, 264, 262, - 266, 253, 3136, 258, 86, 86, 267, 3136, 252, 265, - 249, 256, 3136, 250, 86, 259, 260, 3136, 3136, 86, - 86, 257, 86, 263, 167, 264, 262, 266, 86, 161, - 258, 161, 161, 267, 161, 166, 265, 166, 166, 268, - 166, 90, 259, 90, 90, 171, 90, 171, 171, 270, - 171, 271, 3136, 269, 272, 275, 274, 276, 86, 3136, - 281, 273, 279, 86, 278, 86, 282, 280, 283, 86, - 86, 86, 86, 86, 86, 277, 270, 284, 271, 169, - - 269, 272, 275, 274, 276, 86, 86, 86, 273, 279, - 285, 278, 86, 282, 280, 283, 295, 287, 3136, 86, - 296, 288, 277, 297, 284, 300, 301, 298, 3136, 299, - 302, 86, 304, 86, 307, 86, 86, 285, 289, 3136, - 86, 305, 86, 295, 3136, 86, 86, 296, 288, 86, - 297, 86, 300, 301, 298, 86, 299, 306, 303, 304, - 310, 307, 86, 86, 308, 289, 290, 309, 305, 86, - 86, 291, 3136, 311, 312, 318, 292, 3136, 3136, 86, - 322, 319, 293, 294, 306, 303, 327, 310, 86, 86, - 331, 308, 326, 290, 309, 86, 86, 86, 291, 86, - - 311, 312, 318, 292, 320, 335, 86, 322, 319, 293, - 294, 313, 323, 328, 314, 86, 315, 333, 86, 326, - 330, 334, 86, 324, 332, 86, 86, 329, 316, 3136, - 317, 320, 335, 338, 336, 337, 3136, 86, 313, 341, - 86, 314, 339, 315, 86, 86, 86, 330, 86, 86, - 324, 332, 3136, 86, 329, 316, 86, 317, 86, 340, - 338, 336, 337, 86, 86, 342, 341, 343, 345, 339, - 344, 346, 348, 3136, 347, 351, 352, 349, 350, 86, - 86, 86, 86, 354, 86, 353, 340, 357, 86, 86, - 86, 3136, 342, 363, 343, 345, 359, 344, 346, 86, - - 86, 347, 351, 352, 86, 350, 358, 355, 356, 3136, - 362, 360, 353, 86, 361, 86, 86, 364, 86, 86, - 365, 366, 86, 359, 367, 86, 3136, 368, 86, 369, - 86, 370, 373, 358, 355, 356, 86, 362, 360, 86, - 86, 361, 371, 374, 376, 377, 378, 365, 86, 86, - 384, 367, 381, 86, 368, 86, 369, 380, 86, 86, - 375, 167, 383, 382, 86, 372, 86, 86, 86, 379, - 374, 376, 377, 378, 86, 385, 86, 86, 386, 381, - 388, 387, 86, 389, 380, 86, 390, 375, 391, 383, - 382, 392, 372, 398, 395, 86, 379, 86, 393, 86, - - 86, 3136, 397, 86, 86, 386, 396, 86, 387, 394, - 389, 86, 86, 390, 400, 391, 401, 86, 392, 86, - 398, 402, 404, 86, 403, 393, 86, 86, 405, 397, - 86, 406, 407, 396, 86, 86, 394, 409, 408, 411, - 410, 400, 86, 401, 413, 412, 417, 86, 402, 404, - 86, 403, 86, 86, 86, 405, 86, 414, 406, 407, - 416, 418, 3136, 423, 422, 408, 3136, 410, 86, 86, - 86, 86, 412, 417, 415, 419, 86, 421, 86, 420, - 86, 424, 86, 86, 414, 425, 86, 416, 86, 86, - 423, 422, 426, 86, 86, 427, 3136, 429, 428, 433, - - 430, 415, 419, 86, 421, 86, 420, 86, 424, 86, - 434, 431, 425, 435, 86, 86, 436, 445, 443, 426, - 444, 3136, 427, 86, 429, 428, 433, 430, 432, 86, - 449, 86, 3136, 462, 450, 86, 86, 86, 431, 86, - 435, 468, 86, 436, 445, 443, 3136, 444, 86, 86, - 3136, 446, 491, 447, 86, 432, 437, 449, 451, 438, - 86, 450, 452, 453, 439, 440, 441, 442, 468, 448, - 459, 454, 3136, 86, 86, 86, 455, 456, 446, 86, - 447, 460, 86, 437, 461, 451, 438, 86, 463, 452, - 453, 439, 440, 441, 442, 457, 448, 459, 458, 86, - - 464, 86, 86, 86, 456, 86, 465, 466, 460, 467, - 86, 461, 469, 471, 477, 463, 470, 488, 86, 86, - 490, 472, 457, 473, 86, 458, 86, 464, 86, 86, - 475, 476, 474, 465, 466, 86, 467, 86, 478, 469, - 481, 483, 482, 470, 488, 86, 86, 86, 472, 479, - 473, 492, 86, 86, 86, 480, 504, 475, 476, 474, - 86, 484, 86, 489, 86, 478, 528, 481, 483, 482, - 520, 86, 3136, 86, 485, 521, 479, 486, 492, 487, - 505, 493, 480, 504, 506, 86, 503, 494, 484, 86, - 489, 495, 86, 86, 519, 555, 86, 507, 86, 496, - - 3136, 485, 86, 510, 486, 86, 487, 505, 493, 508, - 86, 506, 86, 503, 494, 3136, 86, 522, 495, 518, - 86, 519, 555, 525, 507, 509, 496, 497, 523, 498, - 510, 86, 524, 86, 167, 86, 508, 3136, 86, 526, - 86, 530, 499, 527, 522, 500, 518, 501, 86, 502, - 525, 86, 509, 86, 497, 523, 498, 86, 531, 524, - 3136, 529, 86, 3136, 532, 3136, 526, 3136, 530, 499, - 527, 86, 500, 533, 501, 3136, 502, 511, 512, 534, - 540, 538, 3136, 86, 541, 531, 535, 513, 529, 514, - 515, 516, 536, 86, 517, 537, 86, 539, 583, 86, - - 533, 545, 86, 86, 511, 512, 534, 86, 538, 86, - 86, 541, 86, 535, 513, 543, 514, 515, 516, 536, - 542, 517, 537, 544, 539, 86, 546, 86, 86, 547, - 86, 551, 548, 86, 549, 550, 86, 552, 86, 558, - 86, 553, 543, 563, 554, 3136, 559, 542, 86, 556, - 544, 561, 86, 546, 86, 86, 547, 86, 551, 548, - 606, 560, 86, 86, 552, 86, 558, 557, 553, 86, - 563, 554, 562, 559, 86, 564, 556, 86, 561, 566, - 86, 565, 567, 570, 574, 571, 86, 606, 560, 3136, - 86, 572, 86, 568, 557, 569, 576, 573, 575, 562, - - 86, 86, 564, 577, 86, 578, 566, 86, 565, 567, - 570, 579, 571, 581, 86, 86, 86, 86, 572, 586, - 568, 580, 569, 576, 573, 575, 86, 582, 86, 86, - 577, 584, 578, 86, 587, 585, 588, 3136, 579, 86, - 581, 86, 591, 589, 590, 86, 586, 597, 580, 86, - 86, 592, 595, 86, 582, 86, 86, 593, 584, 86, - 598, 596, 585, 588, 86, 594, 86, 86, 86, 591, - 589, 590, 599, 86, 597, 86, 601, 600, 592, 595, - 602, 3136, 3136, 86, 593, 605, 603, 598, 596, 604, - 3136, 86, 594, 607, 611, 86, 86, 3136, 609, 599, - - 86, 86, 617, 601, 600, 610, 86, 602, 86, 608, - 618, 86, 605, 603, 612, 86, 604, 86, 619, 86, - 607, 611, 613, 86, 614, 609, 615, 616, 86, 86, - 620, 86, 610, 86, 86, 621, 608, 618, 691, 622, - 86, 612, 623, 624, 626, 627, 625, 86, 86, 613, - 86, 614, 86, 615, 616, 629, 86, 620, 86, 86, - 630, 628, 621, 632, 633, 691, 622, 86, 86, 623, - 624, 626, 635, 625, 636, 634, 86, 86, 86, 86, - 86, 637, 629, 631, 638, 639, 86, 640, 628, 3136, - 632, 633, 86, 651, 652, 642, 86, 86, 86, 635, - - 86, 636, 634, 86, 653, 641, 86, 86, 637, 86, - 631, 638, 639, 86, 640, 654, 656, 655, 3136, 3136, - 651, 652, 642, 86, 3136, 3136, 667, 86, 86, 3136, - 3136, 653, 641, 643, 660, 659, 3136, 663, 644, 86, - 645, 657, 654, 656, 655, 658, 646, 86, 647, 676, - 86, 648, 649, 667, 3136, 86, 86, 86, 650, 86, - 643, 660, 659, 86, 663, 644, 661, 645, 657, 662, - 664, 666, 658, 646, 669, 647, 676, 86, 648, 649, - 665, 86, 86, 668, 674, 650, 670, 86, 671, 680, - 86, 672, 673, 661, 675, 677, 662, 86, 666, 86, - - 86, 669, 86, 678, 86, 679, 86, 665, 681, 683, - 668, 674, 86, 670, 684, 671, 680, 86, 672, 673, - 86, 675, 677, 86, 682, 86, 685, 86, 686, 689, - 678, 3136, 679, 695, 687, 681, 683, 167, 690, 688, - 692, 684, 86, 86, 694, 86, 86, 86, 693, 696, - 86, 682, 86, 697, 699, 686, 689, 698, 86, 3136, - 695, 687, 86, 86, 700, 690, 688, 692, 701, 86, - 702, 694, 86, 713, 704, 693, 86, 703, 705, 86, - 706, 714, 709, 86, 698, 86, 86, 707, 716, 86, - 708, 700, 86, 86, 710, 701, 86, 702, 86, 711, - - 86, 704, 86, 715, 703, 705, 712, 706, 86, 709, - 717, 718, 722, 719, 707, 86, 3136, 708, 720, 721, - 86, 724, 723, 725, 731, 86, 86, 726, 728, 86, - 727, 3136, 86, 712, 736, 86, 86, 86, 733, 722, - 730, 732, 86, 86, 86, 86, 721, 86, 724, 723, - 725, 86, 86, 729, 726, 728, 86, 727, 738, 734, - 737, 86, 735, 86, 86, 733, 86, 730, 732, 86, - 739, 86, 743, 746, 742, 740, 3136, 745, 748, 741, - 729, 86, 86, 86, 744, 738, 734, 737, 86, 735, - 747, 86, 750, 86, 86, 86, 749, 739, 86, 743, - - 746, 742, 740, 751, 745, 748, 741, 752, 86, 759, - 753, 744, 86, 755, 756, 3136, 758, 747, 86, 760, - 757, 86, 763, 749, 86, 764, 762, 86, 770, 86, - 751, 86, 754, 86, 752, 86, 759, 753, 86, 86, - 755, 756, 86, 758, 761, 765, 760, 757, 86, 763, - 767, 768, 86, 762, 766, 769, 772, 776, 86, 754, - 86, 86, 86, 86, 771, 773, 774, 779, 775, 86, - 86, 761, 765, 778, 781, 780, 783, 767, 768, 86, - 86, 766, 769, 772, 776, 86, 86, 777, 782, 791, - 3136, 771, 86, 786, 86, 775, 86, 86, 86, 86, - - 778, 796, 780, 783, 784, 787, 86, 86, 788, 785, - 792, 793, 86, 797, 777, 782, 800, 794, 86, 86, - 786, 86, 789, 790, 795, 802, 3136, 86, 796, 86, - 86, 86, 787, 86, 805, 788, 86, 792, 793, 86, - 797, 798, 801, 806, 794, 86, 807, 86, 86, 789, - 790, 795, 802, 803, 808, 809, 799, 86, 804, 815, - 86, 805, 86, 810, 3136, 86, 811, 812, 798, 801, - 806, 86, 86, 807, 816, 86, 86, 814, 813, 3136, - 86, 808, 809, 799, 86, 86, 86, 818, 817, 820, - 810, 86, 821, 811, 812, 819, 822, 86, 86, 86, - - 86, 816, 824, 826, 814, 813, 86, 86, 823, 827, - 829, 86, 825, 828, 818, 817, 820, 86, 86, 821, - 86, 86, 819, 822, 836, 86, 3136, 3136, 838, 830, - 826, 831, 832, 86, 86, 823, 827, 829, 86, 825, - 828, 86, 86, 833, 834, 835, 86, 837, 841, 840, - 839, 836, 86, 86, 86, 838, 830, 86, 831, 832, - 86, 843, 3136, 848, 86, 842, 846, 847, 844, 850, - 833, 834, 835, 86, 837, 841, 840, 839, 86, 86, - 86, 845, 849, 86, 851, 86, 854, 86, 843, 86, - 848, 86, 842, 846, 847, 844, 850, 853, 852, 855, - - 856, 857, 86, 862, 86, 3136, 86, 86, 845, 849, - 858, 851, 86, 854, 859, 3136, 86, 86, 86, 860, - 861, 86, 863, 864, 853, 852, 855, 856, 857, 865, - 862, 866, 167, 86, 86, 86, 86, 858, 86, 3136, - 867, 859, 86, 869, 870, 871, 860, 861, 868, 863, - 864, 872, 873, 86, 874, 876, 865, 86, 86, 86, - 877, 875, 86, 878, 3136, 879, 86, 867, 3136, 86, - 86, 870, 871, 880, 891, 868, 86, 86, 883, 873, - 881, 874, 876, 86, 86, 86, 86, 877, 875, 86, - 893, 894, 879, 86, 882, 86, 86, 3136, 3136, 892, - - 880, 891, 3136, 895, 896, 883, 3136, 881, 86, 86, - 897, 901, 86, 3136, 3136, 86, 904, 893, 894, 898, - 86, 882, 884, 902, 86, 885, 892, 899, 900, 886, - 895, 896, 887, 86, 903, 912, 86, 897, 901, 888, - 889, 86, 890, 941, 86, 86, 898, 86, 86, 884, - 902, 914, 885, 86, 899, 900, 886, 86, 913, 887, - 86, 903, 912, 915, 86, 86, 888, 889, 916, 890, - 905, 906, 917, 907, 919, 86, 908, 918, 914, 920, - 923, 909, 3136, 922, 3136, 913, 3136, 910, 911, 924, - 915, 926, 86, 3136, 86, 916, 86, 905, 906, 921, - - 907, 919, 86, 908, 86, 86, 920, 923, 909, 86, - 922, 86, 925, 86, 910, 911, 924, 927, 86, 929, - 928, 931, 930, 932, 933, 935, 921, 86, 86, 934, - 947, 86, 937, 940, 86, 86, 3136, 86, 86, 925, - 936, 943, 86, 86, 927, 86, 929, 928, 931, 930, - 932, 933, 935, 86, 938, 86, 934, 939, 86, 937, - 940, 942, 86, 86, 944, 946, 948, 936, 86, 945, - 950, 3136, 86, 949, 3136, 3136, 952, 951, 954, 955, - 953, 938, 957, 86, 939, 3136, 3136, 86, 942, 956, - 958, 86, 946, 959, 961, 86, 86, 86, 86, 86, - - 949, 86, 86, 952, 951, 86, 86, 953, 86, 957, - 960, 962, 86, 86, 963, 964, 956, 958, 86, 965, - 959, 86, 966, 968, 967, 3136, 86, 86, 3136, 86, - 969, 971, 972, 86, 974, 970, 86, 960, 962, 977, - 86, 963, 86, 973, 978, 975, 965, 86, 1000, 966, - 968, 967, 86, 86, 86, 86, 86, 969, 971, 972, - 976, 974, 970, 86, 979, 980, 982, 981, 987, 3136, - 973, 86, 975, 983, 86, 86, 86, 86, 984, 986, - 86, 989, 988, 990, 86, 3136, 985, 976, 86, 86, - 86, 979, 980, 982, 981, 86, 993, 995, 997, 3136, - - 983, 86, 86, 86, 86, 984, 986, 991, 989, 988, - 990, 992, 994, 985, 86, 86, 996, 998, 86, 86, - 86, 86, 999, 993, 995, 997, 86, 1001, 1003, 1004, - 86, 1002, 1005, 1008, 991, 1006, 86, 3136, 992, 994, - 1009, 1007, 86, 996, 998, 86, 86, 86, 86, 999, - 1011, 1010, 1012, 86, 1001, 1003, 1004, 86, 1002, 1005, - 86, 1014, 1006, 86, 1017, 1013, 86, 1009, 1007, 86, - 1019, 86, 86, 1015, 1018, 1016, 1020, 1011, 1010, 1012, - 1021, 86, 86, 86, 1022, 1023, 1024, 86, 1014, 1031, - 3136, 1025, 1013, 1028, 3136, 1026, 86, 1019, 1029, 86, - - 1015, 1030, 1016, 1027, 86, 1032, 86, 1021, 86, 86, - 86, 1035, 1034, 1024, 1033, 86, 86, 86, 1025, 1037, - 1028, 86, 1026, 86, 1036, 1029, 86, 86, 1030, 86, - 1027, 86, 1032, 1038, 1039, 1040, 1042, 3136, 1044, 1034, - 1041, 1033, 86, 86, 1045, 1043, 86, 1046, 86, 86, - 1048, 1036, 1049, 1047, 86, 86, 86, 1050, 86, 1051, - 1038, 1039, 1059, 1042, 86, 1044, 86, 167, 86, 1060, - 86, 1045, 1043, 1061, 1046, 86, 1052, 1048, 1062, 1049, - 1047, 1063, 86, 86, 1050, 86, 1051, 1085, 86, 1059, - 3136, 1064, 86, 1067, 1066, 3136, 1060, 1065, 1068, 3136, - - 1061, 3136, 3136, 1052, 1053, 86, 1054, 86, 1063, 86, - 1055, 86, 1056, 1072, 86, 86, 1071, 1057, 1064, 86, - 1067, 1066, 1058, 1073, 1065, 1068, 86, 1069, 86, 1075, - 1078, 1053, 1070, 1054, 86, 1074, 1079, 1055, 1076, 1056, - 1072, 86, 1080, 1071, 1057, 86, 86, 1081, 1077, 1058, - 1073, 1082, 1083, 86, 1086, 86, 1075, 1078, 86, 86, - 86, 1084, 1074, 1079, 86, 1076, 1087, 1089, 1090, 1080, - 86, 1092, 3136, 86, 1081, 1077, 1091, 3136, 1082, 1083, - 86, 1100, 86, 1101, 86, 1105, 86, 1102, 1084, 1104, - 3136, 1103, 3136, 86, 1106, 1090, 86, 1110, 1092, 86, - - 86, 3136, 3136, 1091, 1093, 86, 86, 86, 1100, 1094, - 1101, 1095, 1105, 86, 1102, 86, 1104, 1096, 1103, 1107, - 1108, 1106, 1097, 1098, 86, 1109, 1113, 1114, 86, 1099, - 86, 1093, 86, 86, 1111, 1112, 1094, 1115, 1095, 1116, - 1117, 1118, 86, 1123, 1096, 86, 1107, 1108, 1135, 1097, - 1098, 86, 1109, 86, 1114, 1120, 1099, 86, 86, 1119, - 1121, 1111, 1112, 86, 1115, 1122, 1116, 86, 1118, 1125, - 1124, 1126, 86, 86, 1127, 86, 86, 86, 86, 1130, - 86, 86, 1120, 1129, 1133, 1131, 1119, 1121, 86, 1128, - 86, 1132, 1122, 86, 86, 3136, 1125, 1124, 1126, 1139, - - 1137, 1127, 86, 86, 1134, 86, 1130, 86, 1136, 86, - 1129, 1133, 1131, 86, 86, 1138, 1128, 1140, 1132, 86, - 1141, 1142, 86, 1143, 1144, 1146, 1139, 1137, 3136, 86, - 86, 1134, 1145, 86, 1147, 1136, 1148, 1153, 1150, 1149, - 1154, 3136, 1138, 86, 1140, 86, 86, 1141, 1142, 86, - 1143, 1144, 1146, 86, 86, 1155, 1156, 1151, 1160, 1145, - 86, 1147, 1152, 86, 1153, 1150, 1149, 1154, 86, 86, - 1157, 1159, 86, 1158, 1161, 1162, 3136, 86, 1164, 86, - 86, 1163, 1155, 1156, 86, 1160, 86, 1165, 86, 86, - 1166, 1167, 1168, 1170, 1172, 1179, 1169, 1157, 1159, 86, - - 1158, 1161, 86, 1171, 86, 86, 1173, 86, 1163, 1174, - 86, 1175, 86, 1176, 1165, 86, 86, 1166, 1167, 1168, - 1170, 1172, 1178, 1169, 1177, 86, 86, 86, 86, 1180, - 1171, 86, 1181, 1173, 86, 86, 1174, 1182, 1175, 1183, - 1176, 1184, 3136, 86, 1185, 1187, 86, 1186, 1189, 1178, - 86, 1177, 86, 86, 1188, 86, 86, 1190, 1191, 1181, - 1192, 1193, 86, 86, 1182, 1195, 1183, 86, 1184, 1194, - 1198, 1185, 1187, 1197, 1186, 1189, 1196, 1199, 86, 1200, - 86, 1188, 86, 86, 3136, 86, 1203, 1192, 1193, 86, - 86, 86, 1201, 1202, 1205, 86, 1194, 86, 1206, 86, - - 1197, 1204, 86, 1196, 1199, 1208, 86, 1207, 1210, 86, - 86, 86, 1209, 1203, 86, 1211, 86, 1212, 86, 1201, - 1202, 1205, 86, 86, 1213, 1206, 1214, 86, 1204, 1215, - 1216, 1217, 1208, 1220, 1207, 1210, 86, 1218, 86, 1209, - 1225, 1221, 86, 1223, 86, 86, 1222, 86, 86, 86, - 3136, 1213, 86, 1214, 86, 1224, 86, 1216, 1217, 86, - 1220, 1227, 1226, 86, 1218, 1228, 1229, 86, 1221, 167, - 1223, 1232, 1230, 1222, 86, 1234, 1233, 86, 1231, 1235, - 3136, 86, 1224, 86, 3136, 1237, 1236, 1238, 1227, 1226, - 3136, 1239, 1228, 1229, 86, 1241, 86, 1247, 86, 1230, - - 3136, 3136, 1240, 1233, 86, 1231, 1244, 86, 86, 86, - 86, 86, 1237, 1236, 1238, 86, 1242, 86, 1239, 1243, - 1245, 1248, 1241, 1246, 86, 1250, 86, 86, 86, 1240, - 1249, 86, 86, 1244, 86, 1251, 1257, 86, 1252, 86, - 3136, 1258, 1259, 1242, 1253, 86, 1243, 1245, 1248, 1260, - 1246, 1263, 1250, 1254, 1261, 1255, 86, 1249, 1256, 86, - 1262, 1265, 1251, 1257, 86, 1252, 86, 86, 1258, 1259, - 86, 1253, 1266, 86, 86, 86, 86, 3136, 1263, 1267, - 1254, 1261, 1255, 1264, 1268, 1256, 1270, 1262, 1265, 1269, - 86, 86, 86, 1271, 1272, 1273, 1274, 1275, 1276, 1266, - - 1280, 86, 86, 1278, 86, 86, 1267, 1277, 86, 86, - 1264, 1268, 86, 1270, 1279, 1372, 1269, 1285, 86, 86, - 1271, 1272, 86, 1274, 1275, 1276, 86, 1280, 1281, 86, - 1278, 1282, 86, 1283, 1277, 1284, 1286, 86, 1287, 86, - 86, 1279, 86, 1288, 1285, 1289, 86, 86, 86, 86, - 1290, 86, 1291, 1295, 86, 1281, 1294, 1296, 1282, 1292, - 1283, 1293, 1284, 1286, 86, 1287, 86, 1297, 86, 86, - 1288, 86, 1289, 1298, 86, 1299, 1300, 1290, 1301, 1291, - 86, 1304, 86, 1294, 1296, 86, 1292, 1306, 1293, 86, - 1302, 1305, 86, 86, 1297, 1303, 3136, 1307, 86, 1314, - - 1298, 86, 1299, 1300, 86, 1301, 1316, 1333, 1304, 1315, - 1318, 3136, 3136, 86, 1306, 1317, 1320, 1319, 1305, 1323, - 86, 3136, 86, 86, 1307, 1308, 1314, 86, 1309, 1310, - 3136, 1321, 86, 1311, 1333, 86, 1315, 1318, 86, 1312, - 1322, 86, 1317, 1313, 1319, 86, 1323, 86, 86, 1325, - 1330, 1324, 1308, 86, 1329, 1309, 1310, 86, 1321, 1326, - 1311, 1327, 86, 86, 1328, 1331, 1312, 1322, 86, 1335, - 1313, 86, 86, 1332, 1336, 86, 1325, 1330, 1324, 3136, - 1334, 1329, 1337, 86, 1344, 1338, 1326, 1347, 1327, 86, - 3136, 1328, 1331, 3136, 1348, 86, 1345, 1346, 3136, 3136, - - 1332, 86, 3136, 86, 86, 1351, 86, 1334, 86, 1337, - 86, 1344, 1338, 1339, 1347, 1349, 1356, 86, 1340, 1350, - 1341, 1348, 1342, 86, 1343, 86, 1354, 86, 86, 1352, - 1355, 86, 1351, 1359, 1353, 86, 1358, 1357, 86, 1361, - 1339, 86, 1349, 1356, 86, 1340, 1350, 1341, 1360, 1342, - 86, 1343, 86, 1354, 86, 1362, 86, 1355, 1363, 1364, - 1359, 86, 1369, 1358, 1357, 1368, 1361, 1365, 1366, 1367, - 1370, 86, 86, 1374, 1375, 1360, 1371, 3136, 86, 1373, - 86, 1376, 86, 86, 86, 1363, 1364, 86, 1377, 1369, - 86, 86, 1368, 1379, 1365, 1366, 1367, 1370, 86, 86, - - 86, 1375, 1380, 1371, 1378, 86, 1373, 1381, 1376, 1382, - 86, 86, 86, 1383, 86, 1377, 1384, 1385, 1386, 1387, - 1379, 1388, 3136, 86, 86, 1389, 1390, 3136, 86, 86, - 3136, 1378, 1391, 86, 1381, 1393, 86, 1392, 86, 86, - 1383, 1394, 1395, 1384, 1385, 1386, 86, 1405, 1388, 86, - 86, 1396, 1389, 1390, 86, 86, 86, 1397, 1398, 1391, - 86, 1399, 1393, 86, 1392, 1401, 86, 1400, 1394, 1395, - 1403, 86, 1406, 1402, 1405, 1408, 1404, 1409, 1396, 86, - 1410, 1407, 1412, 86, 1397, 1398, 86, 86, 1399, 86, - 1415, 1411, 1401, 86, 1400, 86, 86, 1403, 86, 1406, - - 1402, 86, 1408, 1404, 1413, 1416, 86, 1414, 1407, 86, - 1421, 3136, 86, 86, 86, 86, 1417, 1415, 1411, 1419, - 1420, 1418, 86, 86, 86, 1422, 86, 1424, 1423, 1427, - 3136, 1413, 86, 167, 1414, 1428, 86, 1431, 1425, 1429, - 3136, 3136, 86, 1417, 1426, 1430, 1419, 1420, 1418, 86, - 86, 86, 86, 1432, 86, 1423, 1427, 86, 1436, 86, - 86, 1434, 1428, 86, 1431, 1425, 1429, 1433, 1435, 86, - 86, 1426, 1430, 1437, 1438, 1439, 1440, 86, 1442, 1443, - 1432, 1441, 3136, 86, 1444, 86, 1445, 86, 1434, 3136, - 86, 1454, 1446, 1452, 1433, 1435, 86, 86, 1451, 86, - - 1437, 1438, 1439, 86, 86, 1442, 1443, 1449, 86, 1447, - 1450, 1444, 1448, 1445, 1453, 1455, 86, 1456, 86, 1446, - 1452, 86, 1459, 86, 3136, 1451, 1457, 86, 1462, 86, - 86, 1458, 1463, 86, 1449, 1465, 1447, 1450, 86, 1448, - 3136, 1453, 1455, 1461, 1456, 1460, 86, 1464, 1467, 1459, - 86, 1470, 86, 1466, 86, 1462, 86, 86, 86, 1463, - 86, 86, 1465, 1471, 1468, 1474, 3136, 1469, 1475, 1477, - 1461, 3136, 1460, 86, 1464, 1467, 86, 86, 1470, 1472, - 1466, 1473, 86, 86, 1476, 1481, 86, 1478, 86, 86, - 1471, 1468, 86, 1479, 1469, 1475, 1477, 86, 1482, 86, - - 1483, 1480, 1492, 1485, 1484, 86, 1472, 86, 1473, 86, - 1486, 1476, 1481, 86, 1478, 1489, 1493, 1487, 86, 1488, - 1479, 86, 86, 1491, 1496, 1482, 86, 1483, 1480, 86, - 1485, 1484, 1490, 1497, 86, 1494, 86, 1486, 86, 1495, - 86, 1500, 1489, 1499, 1487, 86, 1488, 3136, 86, 1498, - 1491, 86, 86, 1502, 86, 1503, 86, 1501, 1505, 1490, - 1497, 86, 1494, 3136, 1504, 86, 1495, 86, 1500, 86, - 1499, 86, 1506, 86, 1507, 1508, 1498, 86, 1514, 1513, - 1502, 86, 1503, 86, 1501, 1505, 86, 86, 1509, 1515, - 1511, 1504, 1516, 1510, 86, 1512, 1517, 86, 3136, 1506, - - 86, 1507, 1508, 1518, 86, 1514, 1513, 1519, 1522, 1521, - 1520, 1523, 1524, 86, 86, 86, 1515, 86, 86, 1516, - 86, 1525, 86, 1517, 1526, 86, 1528, 1527, 3136, 3136, - 1518, 3136, 86, 86, 1519, 1529, 1521, 1520, 1523, 1524, - 86, 1530, 1531, 86, 1532, 1535, 1533, 1539, 86, 86, - 86, 1526, 86, 86, 1527, 1534, 1537, 86, 86, 86, - 1536, 86, 1529, 1538, 1540, 1543, 1541, 1544, 1530, 1531, - 1545, 1532, 1535, 1533, 86, 1542, 3136, 1551, 86, 86, - 86, 1550, 1534, 1537, 86, 86, 86, 1536, 86, 86, - 1538, 86, 1543, 1541, 1544, 1546, 1549, 1545, 86, 1547, - - 1552, 1554, 1542, 86, 1551, 86, 1553, 86, 1550, 1555, - 1556, 1560, 1548, 1557, 3136, 3136, 1558, 86, 3136, 1559, - 86, 1561, 1546, 1549, 1566, 86, 1547, 1552, 86, 1565, - 86, 86, 3136, 1553, 86, 1571, 1555, 1570, 1560, 1548, - 1557, 86, 86, 1558, 86, 1562, 1559, 1563, 1561, 1567, - 1564, 86, 86, 1568, 1573, 3136, 86, 86, 86, 86, - 1569, 86, 1572, 86, 1570, 1575, 1574, 86, 1576, 86, - 1578, 1579, 1562, 1577, 1563, 3136, 1567, 1564, 86, 86, - 1568, 86, 86, 1580, 86, 1581, 1585, 1569, 1587, 1572, - 86, 1582, 86, 1574, 86, 1576, 1583, 1578, 1579, 1584, - - 1577, 86, 86, 86, 1586, 1597, 1588, 86, 86, 1590, - 1580, 86, 1581, 1585, 86, 1587, 1589, 86, 1582, 1592, - 1591, 86, 86, 1583, 86, 86, 1584, 1593, 1594, 1595, - 1596, 1586, 86, 1588, 1599, 1598, 1590, 86, 1600, 1601, - 86, 86, 86, 1589, 86, 86, 1592, 1591, 1603, 1606, - 1605, 86, 1602, 3136, 1593, 1594, 1595, 1596, 86, 1604, - 1608, 1599, 1598, 1607, 86, 1600, 1601, 86, 86, 86, - 1609, 86, 86, 1614, 167, 1603, 86, 1605, 1612, 1602, - 1610, 1611, 1613, 86, 86, 1616, 1604, 1608, 86, 1615, - 1607, 86, 86, 1619, 1617, 1618, 1620, 1609, 1623, 86, - - 1614, 86, 1621, 86, 1622, 1612, 1625, 1610, 1611, 1613, - 1624, 86, 1616, 86, 1627, 86, 1615, 86, 1629, 1626, - 1619, 1617, 1618, 1620, 1645, 1628, 86, 86, 1630, 1621, - 86, 1622, 86, 86, 1632, 3136, 1633, 1624, 86, 86, - 1631, 86, 1635, 86, 1634, 1629, 1626, 1636, 1637, 1639, - 86, 86, 1628, 1638, 3136, 1630, 86, 86, 86, 86, - 86, 1632, 86, 1633, 1649, 1646, 1640, 1631, 1650, 1635, - 1641, 1634, 86, 1653, 1636, 1637, 1639, 86, 1647, 86, - 1638, 86, 86, 1642, 1652, 1654, 1643, 86, 1656, 3136, - 86, 1649, 1646, 1640, 1648, 1650, 1655, 1641, 1644, 1651, - - 86, 86, 86, 1657, 1658, 1647, 1659, 86, 86, 1665, - 1642, 1652, 1663, 1643, 86, 1656, 1662, 86, 86, 86, - 1660, 1648, 1661, 1655, 86, 1644, 1651, 1664, 86, 86, - 1657, 86, 1666, 1659, 86, 1667, 86, 1668, 1669, 1663, - 1671, 86, 86, 1662, 1670, 1674, 1672, 1660, 1675, 1661, - 1673, 86, 86, 3136, 1664, 86, 3136, 86, 3136, 86, - 1681, 1676, 1667, 1677, 86, 1669, 86, 86, 86, 86, - 1678, 1670, 1674, 1672, 86, 1675, 86, 1673, 1679, 1682, - 1680, 1685, 1683, 1684, 1686, 86, 86, 86, 1676, 86, - 1677, 1687, 86, 86, 86, 1688, 86, 1678, 86, 1689, - - 1690, 1691, 1694, 1696, 3136, 1679, 1682, 1680, 1685, 1683, - 1684, 86, 86, 1692, 86, 1693, 86, 86, 1687, 1695, - 86, 3136, 1688, 86, 86, 86, 1689, 1690, 1691, 1694, - 1696, 86, 1697, 1699, 1703, 1698, 1700, 1702, 1704, 86, - 1692, 1701, 1693, 1705, 86, 1707, 1695, 1708, 86, 1709, - 86, 1706, 3136, 1710, 86, 3136, 1721, 1712, 86, 1697, - 1699, 1703, 1698, 1700, 1702, 86, 86, 86, 1701, 1711, - 86, 86, 1707, 1713, 1708, 1714, 86, 86, 1706, 86, - 1710, 1715, 1717, 86, 1712, 1716, 1718, 1720, 86, 1719, - 86, 1722, 86, 1724, 1723, 86, 1711, 1725, 1726, 1727, - - 1713, 86, 1714, 86, 86, 86, 86, 86, 1715, 1717, - 86, 86, 1716, 1718, 1720, 1728, 1719, 1729, 86, 86, - 1724, 1723, 1730, 1732, 1725, 1726, 1727, 1731, 1733, 1734, - 86, 86, 1743, 1735, 86, 1739, 1740, 1744, 3136, 1742, - 1737, 3136, 1728, 1738, 1729, 86, 86, 1736, 86, 1730, - 1732, 86, 1749, 86, 1731, 1733, 1734, 86, 86, 86, - 1735, 1746, 1739, 1740, 86, 1741, 1742, 1737, 1745, 1748, - 1738, 86, 1747, 86, 1736, 1751, 1750, 86, 1752, 1753, - 1754, 86, 1756, 1758, 86, 86, 1755, 1757, 1746, 86, - 1759, 86, 1741, 1762, 1768, 1745, 1748, 1763, 3136, 1747, - - 86, 86, 86, 1750, 86, 1760, 1753, 86, 86, 1756, - 86, 1761, 86, 1755, 1757, 86, 86, 1759, 1764, 1765, - 1766, 1768, 1767, 1769, 1763, 86, 86, 86, 1770, 86, - 1771, 1772, 1760, 1774, 1775, 1777, 1782, 86, 1761, 86, - 86, 86, 1776, 86, 1778, 1764, 1765, 1766, 3136, 1767, - 1769, 86, 1773, 1780, 1779, 1770, 86, 1771, 86, 1781, - 1786, 86, 86, 86, 1784, 86, 86, 1783, 86, 1776, - 1787, 1778, 86, 86, 1785, 86, 1788, 86, 1789, 1773, - 1780, 1779, 1790, 86, 1791, 1796, 1781, 86, 1793, 1792, - 1795, 1784, 86, 1794, 1783, 3136, 1800, 1787, 1798, 86, - - 86, 1785, 86, 1788, 86, 1789, 86, 86, 167, 1790, - 1797, 1791, 86, 86, 1799, 1793, 1792, 1795, 86, 1801, - 1794, 1803, 86, 86, 1802, 1798, 1805, 1804, 1806, 1807, - 1808, 1809, 86, 1811, 86, 86, 86, 1797, 1810, 1812, - 86, 1799, 86, 1813, 86, 86, 1801, 1814, 1803, 1815, - 1816, 1802, 1817, 1805, 1804, 1806, 1818, 1808, 1809, 86, - 86, 86, 1819, 86, 1820, 1810, 1812, 86, 1821, 86, - 86, 86, 1822, 3136, 1814, 86, 1815, 86, 1825, 86, - 1826, 1823, 86, 1818, 1824, 1827, 1828, 86, 86, 1819, - 86, 1820, 1829, 86, 1830, 1821, 1831, 1838, 1839, 1822, - - 86, 86, 86, 86, 86, 1825, 1836, 1826, 1823, 1832, - 1833, 1824, 1827, 1828, 86, 1837, 86, 86, 1834, 1829, - 1840, 1830, 1843, 1831, 86, 1835, 86, 86, 86, 86, - 86, 1841, 1842, 1836, 1848, 1844, 1832, 1833, 1847, 86, - 86, 1849, 1837, 86, 1845, 1834, 1846, 1840, 1850, 1843, - 1851, 1855, 1835, 1852, 1857, 86, 1859, 86, 1841, 1842, - 86, 86, 1844, 1853, 86, 1847, 1854, 1858, 86, 86, - 1861, 1845, 86, 1846, 1856, 1850, 1860, 86, 86, 86, - 1852, 1862, 1863, 86, 1864, 86, 86, 1865, 86, 1867, - 1853, 86, 1874, 1854, 1858, 1866, 3136, 86, 1882, 1876, - - 1872, 1856, 86, 1860, 1877, 1873, 86, 86, 1862, 1863, - 1879, 86, 86, 86, 1865, 1878, 1875, 86, 1868, 1869, - 1870, 86, 1866, 86, 86, 1871, 1881, 1872, 86, 1886, - 86, 86, 1873, 86, 1880, 86, 1883, 1879, 86, 1887, - 86, 1884, 1878, 1875, 1888, 1868, 1869, 1870, 86, 1885, - 86, 1889, 1871, 1881, 86, 86, 86, 1890, 86, 1891, - 1892, 1880, 86, 1883, 1894, 1893, 1887, 1895, 1884, 86, - 86, 1888, 86, 1898, 1899, 1896, 1885, 1897, 1889, 86, - 1900, 1904, 1901, 1903, 1890, 86, 1891, 86, 86, 1902, - 1910, 86, 1893, 86, 1895, 86, 1905, 86, 1906, 86, - - 1898, 86, 1896, 86, 1897, 1909, 86, 86, 1904, 1901, - 1903, 1907, 86, 1911, 1912, 1908, 1902, 1913, 1914, 1915, - 86, 1916, 86, 1905, 86, 1906, 86, 86, 1918, 1917, - 1920, 1919, 1909, 1925, 86, 86, 1921, 1926, 1907, 86, - 1911, 1912, 1908, 86, 1922, 86, 86, 86, 1916, 86, - 86, 1923, 86, 86, 1924, 1918, 1917, 1920, 1919, 1927, - 86, 1928, 1933, 1921, 1934, 86, 86, 1929, 1931, 86, - 3136, 1922, 1932, 86, 1935, 86, 1941, 86, 1923, 1937, - 86, 1924, 86, 1930, 86, 1936, 1927, 86, 1928, 1933, - 86, 86, 1938, 1939, 1929, 1931, 1952, 86, 1940, 1932, - - 1942, 1935, 1943, 86, 1945, 1946, 1937, 1944, 1947, 1948, - 1930, 86, 1936, 1955, 86, 86, 86, 86, 86, 1938, - 1939, 86, 1949, 86, 1954, 1940, 1950, 1942, 86, 1943, - 1951, 86, 1946, 86, 1944, 1947, 1948, 86, 1953, 1957, - 86, 1956, 1958, 1959, 86, 1961, 86, 1962, 1960, 1949, - 86, 1954, 86, 1950, 1963, 1966, 1964, 1951, 1967, 86, - 86, 1965, 86, 1971, 1969, 1953, 1957, 86, 1956, 1958, - 1959, 3136, 1961, 1973, 86, 1960, 1968, 86, 1970, 1972, - 1976, 86, 1974, 1975, 1977, 86, 86, 86, 86, 86, - 86, 1969, 1978, 86, 86, 86, 86, 86, 1979, 1980, - - 1973, 1981, 1986, 1968, 1987, 1970, 1972, 1982, 1983, 1974, - 1975, 1977, 86, 1984, 86, 86, 86, 1985, 1989, 1991, - 167, 1990, 3136, 3136, 86, 1979, 1980, 3136, 1981, 86, - 86, 86, 1988, 1992, 1982, 1983, 1994, 86, 1993, 86, - 1984, 86, 86, 86, 1985, 1995, 1991, 1996, 1990, 1997, - 86, 1998, 1999, 2001, 86, 2000, 86, 2005, 86, 1988, - 1992, 2003, 86, 1994, 2006, 1993, 86, 86, 2002, 86, - 2004, 2008, 1995, 2011, 1996, 86, 1997, 86, 1998, 1999, - 86, 86, 2000, 86, 2005, 2010, 86, 2007, 2003, 86, - 2009, 86, 86, 86, 86, 2002, 86, 2004, 2008, 86, - - 2011, 2012, 2013, 2015, 2014, 2017, 2016, 3136, 3136, 2018, - 2020, 2021, 2010, 86, 2007, 86, 2022, 2009, 86, 86, - 2019, 86, 2023, 86, 2024, 2028, 2026, 2027, 2012, 86, - 2015, 2014, 2017, 2016, 86, 86, 2018, 2020, 2021, 86, - 86, 86, 86, 2022, 2025, 2029, 2030, 2019, 86, 2023, - 86, 2024, 86, 2026, 2027, 2031, 2032, 86, 2034, 2036, - 2035, 2033, 3136, 3136, 2037, 2038, 86, 3136, 86, 86, - 86, 2025, 2029, 2030, 86, 2039, 2040, 3136, 2043, 2041, - 2044, 3136, 2031, 2032, 86, 86, 2036, 2035, 2033, 86, - 86, 2037, 86, 2042, 86, 2045, 86, 2046, 86, 2047, - - 86, 86, 2039, 2040, 86, 2043, 2041, 2044, 2048, 2049, - 86, 2053, 86, 2050, 86, 2054, 2051, 2055, 86, 2056, - 2042, 2058, 2045, 86, 2046, 86, 2047, 2057, 86, 2052, - 86, 2059, 2060, 2061, 86, 2048, 2049, 86, 2053, 86, - 2050, 2062, 2054, 2051, 86, 86, 2056, 2064, 2058, 2066, - 2065, 3136, 2063, 86, 2057, 86, 2052, 2068, 2059, 2060, - 2061, 86, 2067, 2069, 2074, 2071, 86, 86, 2062, 86, - 86, 86, 2070, 86, 2064, 86, 2066, 2065, 86, 2063, - 2072, 2073, 2075, 86, 2068, 3136, 2077, 2084, 2076, 2067, - 2069, 86, 2071, 2080, 86, 2078, 2079, 86, 2082, 2070, - - 2088, 86, 86, 3136, 2083, 86, 2085, 2072, 2073, 2075, - 86, 86, 2081, 2077, 2084, 2076, 2086, 86, 86, 86, - 2080, 2087, 2078, 2079, 86, 86, 86, 86, 2089, 2090, - 86, 2083, 2092, 2085, 86, 2091, 2093, 3136, 3136, 2081, - 2094, 86, 86, 2086, 2095, 2098, 2099, 2103, 2087, 2096, - 3136, 2100, 2102, 86, 86, 2089, 2090, 2097, 86, 2101, - 3136, 86, 2091, 2093, 86, 86, 2104, 2094, 86, 86, - 86, 2095, 86, 2099, 2103, 86, 2096, 86, 2100, 2102, - 2105, 2107, 2108, 2106, 2097, 86, 2101, 2109, 86, 2112, - 2113, 2114, 2110, 2104, 2111, 3136, 2117, 2116, 86, 2119, - - 2115, 3136, 2118, 86, 86, 86, 86, 2105, 2107, 2108, - 2106, 86, 86, 86, 2149, 3136, 2112, 2113, 2114, 86, - 86, 2111, 86, 2117, 2116, 2120, 86, 2115, 2121, 2118, - 2122, 2123, 2125, 2124, 86, 2126, 2127, 86, 2130, 2128, - 3136, 86, 2129, 86, 86, 86, 86, 86, 3136, 2133, - 86, 2137, 2120, 86, 2131, 2121, 86, 2122, 2123, 2125, - 2124, 86, 2126, 2127, 86, 2130, 2128, 2132, 2134, 2129, - 86, 2135, 86, 2136, 2138, 86, 2133, 2139, 2137, 2140, - 2141, 2131, 86, 86, 2151, 2142, 2143, 3136, 2144, 2145, - 2150, 2146, 86, 86, 2132, 2134, 167, 86, 2135, 2154, - - 2136, 2138, 2152, 86, 86, 2159, 2140, 86, 86, 86, - 86, 2151, 2142, 2143, 2147, 2144, 2145, 2153, 2146, 2148, - 2158, 86, 86, 2155, 86, 2160, 86, 2161, 2163, 2152, - 2162, 2164, 86, 3136, 2168, 2165, 2166, 2156, 86, 86, - 3136, 3136, 86, 2167, 2153, 2169, 86, 2158, 2157, 86, - 2155, 86, 2160, 86, 2161, 2171, 3136, 2162, 2164, 2174, - 86, 86, 2165, 86, 2156, 86, 86, 2170, 86, 2172, - 2167, 2173, 2169, 86, 86, 2157, 86, 2176, 86, 2175, - 2177, 86, 2171, 86, 2178, 2180, 2174, 2181, 2179, 86, - 2182, 2183, 86, 86, 2170, 86, 2172, 2184, 2173, 86, - - 2186, 2185, 86, 3136, 2176, 3136, 2175, 2177, 2188, 86, - 2190, 2178, 2180, 86, 2181, 2179, 2191, 2182, 86, 2193, - 86, 2189, 86, 86, 2184, 2187, 86, 2186, 2185, 86, - 86, 2192, 86, 2195, 2194, 2188, 2196, 2190, 2197, 2200, - 86, 86, 86, 2191, 86, 86, 86, 2198, 2189, 2199, - 86, 2204, 2187, 86, 2201, 2203, 2202, 86, 2192, 3136, - 2195, 2194, 86, 2196, 2205, 2197, 2200, 86, 2206, 86, - 2207, 2211, 2208, 2209, 2198, 2210, 2199, 2212, 86, 3136, - 2214, 2201, 2203, 2202, 86, 86, 86, 86, 2215, 2218, - 2219, 2205, 86, 2213, 86, 2206, 2220, 2207, 86, 2208, - - 2209, 86, 2210, 2216, 86, 86, 2217, 2214, 2224, 2223, - 2225, 2227, 86, 2229, 86, 2215, 86, 2219, 86, 2221, - 2213, 86, 2222, 2220, 86, 2228, 86, 2232, 2231, 86, - 2216, 2226, 2230, 2217, 86, 86, 2223, 86, 86, 86, - 86, 2233, 2235, 2234, 86, 2237, 2221, 2239, 2236, 2222, - 86, 2238, 2228, 86, 86, 2231, 86, 2240, 2226, 2230, - 86, 86, 2241, 2244, 2243, 86, 2245, 2242, 86, 2235, - 2234, 2247, 2237, 86, 86, 2236, 86, 3136, 2238, 2251, - 2248, 2246, 3136, 2249, 2240, 86, 2256, 86, 86, 86, - 2244, 2243, 86, 2245, 2242, 86, 2250, 2253, 86, 2254, - - 2258, 86, 2252, 2259, 86, 2255, 86, 2248, 2246, 86, - 2249, 86, 2257, 86, 2261, 86, 2263, 3136, 2262, 2260, - 86, 2264, 86, 2250, 2253, 86, 2254, 2258, 86, 2252, - 2259, 86, 2255, 2265, 86, 2266, 86, 2267, 86, 2257, - 2268, 86, 86, 2263, 86, 2262, 2260, 2269, 2264, 2277, - 2270, 86, 3136, 2274, 2271, 2281, 86, 2275, 2278, 2285, - 2265, 2276, 2266, 3136, 2267, 86, 86, 2268, 86, 2272, - 3136, 2273, 86, 2280, 2269, 86, 2277, 2270, 86, 86, - 2274, 2271, 2281, 86, 2275, 2278, 2279, 2282, 2276, 2283, - 2284, 86, 86, 2286, 2287, 86, 2272, 2288, 2273, 86, - - 2280, 2289, 86, 2290, 2291, 86, 2298, 2293, 2292, 86, - 3136, 86, 2299, 2279, 2282, 2294, 2283, 2284, 86, 86, - 2286, 2295, 2296, 86, 2288, 86, 86, 2302, 2289, 2300, - 2290, 2291, 86, 86, 2293, 2292, 2301, 2297, 86, 86, - 86, 2303, 2294, 86, 86, 86, 2304, 2305, 2295, 2296, - 86, 3136, 86, 2307, 2302, 2306, 2300, 2312, 2308, 2310, - 2309, 2311, 3136, 2301, 2297, 86, 2316, 86, 2303, 2313, - 86, 2314, 86, 86, 2305, 167, 2315, 86, 86, 2318, - 2307, 86, 2306, 2317, 86, 2308, 2310, 2309, 2311, 86, - 2319, 86, 3136, 2316, 86, 86, 2313, 2320, 2314, 2323, - - 2321, 2322, 2325, 2315, 2324, 2328, 2318, 86, 2326, 2329, - 2317, 2327, 2331, 3136, 86, 3136, 86, 2319, 2330, 86, - 2333, 2332, 2338, 2337, 2320, 2334, 86, 2321, 2322, 86, - 86, 2324, 86, 86, 86, 2326, 86, 86, 2327, 86, - 86, 86, 2335, 2336, 2339, 2330, 86, 2333, 2332, 86, - 2337, 86, 2334, 2340, 86, 86, 2341, 86, 2342, 2343, - 2345, 2346, 2344, 3136, 2348, 2351, 2352, 2347, 86, 2335, - 2336, 2339, 86, 86, 2350, 86, 2354, 2357, 86, 86, - 2340, 2349, 86, 2341, 86, 2342, 86, 2345, 2346, 2344, - 86, 86, 2351, 2352, 2347, 86, 86, 2353, 2355, 86, - - 2356, 2350, 2358, 2354, 2359, 86, 2360, 2361, 2349, 86, - 86, 2363, 2365, 86, 2362, 2366, 3136, 3136, 86, 2364, - 2368, 86, 86, 86, 2353, 2355, 2367, 2356, 86, 2358, - 2370, 2359, 2371, 2360, 2361, 2372, 86, 86, 86, 2365, - 3136, 2362, 2366, 86, 86, 2373, 2364, 2368, 2369, 86, - 2374, 2375, 86, 2367, 2376, 86, 86, 2370, 2378, 2371, - 86, 2377, 2379, 3136, 2380, 2381, 86, 86, 2382, 86, - 86, 86, 2373, 86, 2383, 2369, 2384, 86, 2375, 2385, - 2386, 86, 2387, 2388, 2393, 2378, 86, 2392, 2377, 2379, - 86, 2380, 2381, 2389, 86, 2382, 86, 2390, 86, 2391, - - 2394, 2383, 86, 86, 2395, 2397, 86, 86, 86, 2387, - 2388, 86, 86, 2396, 2392, 2398, 2401, 86, 86, 86, - 2389, 2399, 86, 2400, 2390, 86, 2391, 2394, 2402, 2403, - 2404, 86, 2397, 2406, 2409, 2405, 86, 2407, 2408, 3136, - 2396, 3136, 86, 2401, 86, 86, 3136, 86, 2399, 2412, - 2400, 86, 86, 2410, 86, 2402, 86, 2404, 2411, 86, - 2406, 2409, 2405, 86, 2407, 2408, 86, 2413, 2414, 2415, - 2416, 86, 2417, 86, 86, 2418, 2412, 2419, 2420, 2421, - 2410, 2422, 3136, 2423, 2426, 2411, 3136, 86, 2424, 2427, - 86, 86, 86, 2428, 2413, 2414, 86, 86, 2425, 86, - - 86, 86, 86, 86, 2419, 2420, 2421, 86, 2422, 86, - 2423, 2426, 2430, 86, 2429, 2424, 2427, 2431, 2432, 2436, - 86, 2433, 86, 2434, 3136, 2425, 86, 2435, 2438, 2437, - 2439, 2440, 2442, 86, 86, 86, 86, 86, 3136, 86, - 3136, 2429, 86, 86, 86, 2432, 2436, 2441, 2433, 2444, - 2434, 86, 2447, 2443, 2435, 2438, 2437, 2439, 86, 2442, - 86, 2445, 2446, 86, 86, 86, 2448, 167, 2449, 2450, - 2451, 2456, 2453, 3136, 2441, 86, 2444, 86, 2452, 2447, - 2443, 86, 86, 2455, 86, 2459, 86, 86, 2445, 2446, - 2454, 2457, 86, 2448, 86, 2449, 2450, 2451, 2456, 2453, - - 2458, 2460, 3136, 2461, 2467, 2452, 2462, 86, 2463, 2465, - 2455, 2464, 86, 86, 2468, 2466, 86, 2454, 2457, 3136, - 86, 86, 86, 86, 2474, 86, 3136, 2458, 86, 86, - 2461, 2467, 86, 2462, 86, 2463, 2465, 2469, 2464, 2470, - 2471, 2468, 2466, 2472, 86, 2473, 86, 86, 2475, 86, - 2476, 2474, 86, 2477, 2479, 86, 2478, 2482, 2480, 86, - 2481, 86, 86, 86, 2469, 2484, 2470, 2471, 2483, 3136, - 2472, 3136, 2473, 2487, 2493, 2475, 3136, 2476, 86, 2485, - 2477, 86, 86, 2478, 86, 2480, 86, 2481, 86, 2486, - 2488, 2492, 86, 86, 2489, 2483, 2490, 2491, 86, 86, - - 2487, 86, 86, 86, 2494, 86, 2485, 2495, 86, 2496, - 2497, 2500, 2499, 2498, 2571, 2501, 2486, 2488, 2492, 86, - 86, 2489, 86, 2490, 2491, 86, 2503, 2504, 2502, 2505, - 3136, 86, 2506, 86, 86, 86, 2507, 2497, 2500, 2499, - 2498, 86, 2501, 2508, 2509, 2511, 86, 2513, 86, 3136, - 2510, 86, 86, 2503, 2504, 2502, 86, 86, 86, 2506, - 86, 2512, 86, 86, 2518, 2517, 2514, 2515, 86, 86, - 2508, 2509, 2511, 86, 2513, 86, 2516, 2510, 2519, 2521, - 2525, 2522, 3136, 86, 2523, 2526, 2520, 2524, 2512, 86, - 86, 86, 2517, 2514, 2515, 86, 86, 2527, 2530, 86, - - 2532, 2534, 2531, 2516, 86, 2519, 86, 86, 2522, 86, - 86, 2523, 2526, 2520, 2524, 2528, 2529, 86, 86, 2536, - 2538, 2533, 86, 86, 2527, 86, 2535, 2532, 86, 2531, - 2537, 2541, 3136, 2542, 86, 2543, 2540, 2544, 86, 2539, - 86, 2545, 2528, 2529, 86, 3136, 86, 2538, 2533, 2547, - 86, 86, 86, 2535, 2548, 86, 2546, 2537, 86, 86, - 2542, 2549, 2543, 2540, 86, 2550, 2539, 86, 2545, 2551, - 86, 2552, 86, 2553, 2554, 2555, 2547, 86, 2557, 2560, - 2556, 2548, 2561, 2546, 3136, 2558, 86, 86, 86, 2559, - 2564, 86, 2550, 86, 2565, 86, 86, 86, 2552, 86, - - 2553, 2554, 2555, 86, 86, 2557, 2560, 2556, 86, 2561, - 2562, 2563, 2558, 2566, 2567, 3136, 2559, 86, 2569, 2570, - 2568, 86, 2572, 86, 2573, 2576, 2575, 86, 86, 2577, - 2579, 2574, 86, 2586, 86, 2580, 3136, 2562, 2563, 2583, - 167, 2567, 86, 86, 86, 2569, 2570, 2568, 86, 2572, - 86, 2573, 86, 2575, 2578, 2581, 86, 86, 2574, 86, - 2582, 86, 2580, 2584, 2585, 86, 2583, 2588, 86, 2587, - 2589, 2590, 2592, 2593, 2591, 2594, 2598, 86, 86, 3136, - 3136, 2578, 2595, 86, 2597, 86, 2600, 86, 86, 86, - 2584, 2585, 86, 86, 2588, 2596, 2587, 2589, 2590, 2592, - - 86, 2591, 2599, 2598, 86, 86, 86, 86, 86, 2595, - 86, 2597, 2601, 2600, 2602, 2604, 2603, 86, 2605, 3136, - 2606, 2609, 2596, 86, 2608, 2611, 2607, 2610, 86, 2599, - 86, 2615, 86, 86, 86, 86, 86, 2613, 2614, 2601, - 3136, 2602, 2604, 2603, 86, 2605, 86, 2606, 2609, 2612, - 86, 2608, 86, 2607, 2610, 86, 2617, 86, 86, 2616, - 2620, 2619, 2618, 2622, 2613, 2614, 2623, 86, 86, 86, - 2621, 2624, 86, 2625, 2626, 3136, 2612, 2627, 2628, 2630, - 2629, 3136, 2634, 2617, 86, 2633, 2616, 86, 2619, 2618, - 2635, 86, 2636, 86, 86, 86, 86, 2621, 86, 86, - - 86, 2626, 86, 86, 2627, 2628, 2630, 2629, 2631, 2634, - 2632, 86, 2633, 2637, 2639, 2638, 2640, 86, 2641, 86, - 2646, 86, 86, 2644, 2642, 86, 2647, 86, 2645, 2643, - 2648, 2649, 3136, 3136, 2651, 2631, 86, 2632, 86, 2650, - 86, 2639, 2638, 86, 86, 2641, 86, 2646, 86, 2654, - 2652, 2642, 86, 2647, 2655, 86, 2643, 86, 86, 86, - 2653, 2651, 2656, 86, 2658, 2659, 2650, 86, 2662, 2660, - 2657, 2661, 2663, 3136, 3136, 2671, 86, 2652, 86, 86, - 86, 2655, 86, 2664, 86, 2665, 2668, 2653, 2669, 86, - 2666, 86, 2659, 86, 2674, 86, 2660, 2657, 2661, 86, - - 86, 2667, 2670, 2673, 3136, 86, 86, 86, 2676, 2672, - 2664, 86, 2675, 2668, 2677, 2669, 2678, 86, 86, 2680, - 2679, 86, 3136, 86, 2686, 2687, 86, 86, 2667, 2670, - 2673, 2683, 2681, 2682, 86, 2676, 2672, 86, 86, 2675, - 2684, 2677, 86, 2678, 86, 86, 2680, 2679, 2685, 86, - 2688, 2686, 86, 86, 2689, 86, 2691, 2692, 2683, 2681, - 2682, 2693, 2690, 86, 2696, 86, 2694, 2684, 2697, 86, - 2698, 2695, 86, 2699, 2702, 2685, 2700, 2688, 86, 2701, - 86, 2689, 2703, 2691, 2692, 86, 2704, 2707, 2693, 2690, - 2709, 2696, 2706, 86, 86, 86, 86, 2698, 86, 86, - - 2699, 2702, 86, 2700, 86, 86, 2701, 2705, 86, 2703, - 86, 2708, 2710, 2704, 2707, 2711, 2712, 86, 86, 2706, - 2713, 2714, 2715, 2716, 86, 2721, 2720, 2717, 2718, 3136, - 3136, 3136, 3136, 2719, 2705, 86, 86, 3136, 2708, 2710, - 86, 2722, 2711, 86, 86, 86, 86, 2713, 86, 2715, - 86, 86, 86, 2720, 2717, 2718, 2723, 2724, 2725, 2727, - 2719, 2728, 2729, 2726, 86, 2730, 2731, 2732, 2722, 86, - 2734, 2735, 86, 86, 86, 2741, 3136, 2736, 2733, 86, - 86, 2737, 2739, 2723, 2724, 86, 2727, 86, 2728, 2729, - 86, 86, 2730, 86, 86, 86, 86, 2734, 2735, 2738, - - 86, 86, 2742, 2740, 2736, 2733, 2743, 86, 2737, 2739, - 86, 2746, 86, 2744, 2745, 3136, 2747, 86, 2749, 2751, - 2748, 2750, 2752, 2753, 2755, 3136, 2738, 3136, 3136, 2742, - 2740, 86, 2757, 2743, 86, 86, 86, 86, 2746, 2754, - 2744, 2745, 86, 2747, 86, 2749, 86, 2748, 2750, 86, - 86, 2755, 2756, 2758, 86, 2759, 2760, 86, 3136, 2757, - 86, 2761, 2762, 2764, 2765, 2763, 2754, 2766, 2767, 86, - 2768, 86, 86, 3136, 2769, 2770, 86, 86, 86, 2756, - 86, 2771, 2759, 2760, 2772, 86, 86, 2773, 86, 2762, - 2764, 2765, 2763, 2775, 2766, 2777, 2774, 2768, 86, 2781, - - 86, 86, 2770, 86, 86, 86, 86, 2778, 2771, 2776, - 2779, 2772, 2780, 86, 2773, 2787, 86, 86, 2782, 2783, - 2775, 86, 86, 2774, 86, 2784, 2781, 86, 2785, 86, - 2786, 86, 2788, 2789, 2778, 86, 2776, 2779, 2790, 2780, - 86, 2791, 86, 2792, 86, 2782, 2783, 86, 2797, 2796, - 86, 2793, 2784, 2794, 2798, 2785, 2795, 2786, 2800, 2788, - 86, 86, 86, 2801, 86, 86, 86, 86, 2791, 2799, - 86, 86, 2804, 86, 2802, 86, 2796, 2806, 2793, 2805, - 2794, 2798, 2817, 2795, 2803, 2800, 86, 86, 2807, 86, - 2801, 2809, 86, 2808, 2810, 2811, 2799, 2812, 86, 86, - - 2816, 2802, 86, 2814, 2818, 2815, 2805, 86, 2821, 86, - 86, 2803, 86, 2819, 86, 2807, 2813, 2822, 86, 86, - 2808, 86, 2811, 86, 86, 2823, 2820, 2816, 86, 2825, - 2814, 2818, 2815, 86, 2824, 86, 86, 2826, 2827, 2828, - 2819, 86, 2829, 2813, 2822, 2830, 2831, 2835, 2832, 86, - 3136, 86, 2823, 2820, 86, 2833, 2825, 2838, 2841, 2834, - 86, 2824, 2843, 86, 3136, 86, 2828, 86, 86, 86, - 2836, 2837, 2830, 2831, 86, 86, 2839, 86, 2840, 86, - 86, 2842, 2833, 2845, 86, 2841, 2834, 86, 2844, 86, - 2846, 86, 2847, 2849, 2848, 86, 86, 2836, 2837, 2851, - - 2850, 86, 2852, 2839, 2853, 2840, 86, 2855, 2842, 2857, - 2845, 2854, 2861, 2858, 86, 2844, 86, 86, 86, 86, - 2849, 2848, 86, 2859, 2856, 2864, 86, 2850, 86, 86, - 2860, 86, 86, 86, 86, 2862, 2857, 2863, 2854, 86, - 2858, 2865, 2866, 86, 86, 2867, 2868, 2869, 86, 2870, - 2859, 2856, 2864, 86, 2871, 86, 86, 2860, 2872, 2874, - 2873, 2875, 2862, 2876, 2863, 2877, 3136, 2878, 86, 86, - 3136, 86, 86, 2868, 2869, 2879, 2870, 86, 86, 2882, - 2885, 86, 86, 2883, 86, 86, 2874, 2873, 2880, 2881, - 2876, 2884, 2877, 86, 86, 86, 86, 86, 86, 86, - - 2886, 86, 2879, 2893, 2887, 2889, 2882, 2885, 86, 86, - 2883, 86, 86, 2888, 86, 2880, 2881, 2890, 2884, 2894, - 86, 2895, 2896, 2891, 2892, 2897, 2901, 2886, 86, 86, - 2893, 2887, 2889, 86, 2898, 2899, 2902, 2903, 2900, 2904, - 2888, 86, 86, 86, 2890, 2905, 2894, 2912, 2895, 2896, - 2891, 2892, 86, 86, 2906, 2907, 86, 86, 2908, 2909, - 86, 2898, 2899, 86, 2903, 2900, 86, 2910, 2911, 3136, - 86, 2913, 86, 2914, 2912, 2915, 2919, 2916, 2917, 2918, - 2924, 2923, 86, 86, 86, 86, 2922, 86, 86, 2920, - 2921, 86, 86, 3136, 2926, 2928, 86, 2927, 86, 86, - - 2914, 86, 2915, 86, 2916, 2917, 2918, 2924, 2923, 86, - 86, 2925, 86, 2922, 2929, 2930, 2920, 2921, 2931, 2936, - 86, 2926, 86, 86, 2927, 2932, 2934, 86, 2933, 2939, - 2937, 2935, 86, 2943, 2938, 86, 2944, 2940, 2925, 3136, - 86, 86, 2930, 86, 2941, 2931, 86, 2946, 2945, 2947, - 2948, 86, 2932, 2949, 2942, 2933, 2939, 2937, 86, 86, - 86, 2938, 86, 2950, 2940, 2951, 86, 2952, 86, 86, - 2953, 2941, 86, 2954, 86, 2945, 86, 2948, 2955, 2956, - 86, 2942, 2958, 2957, 2959, 2963, 2961, 2962, 2960, 3136, - 86, 3136, 86, 86, 86, 86, 2964, 86, 2967, 2969, - - 86, 86, 86, 86, 2965, 86, 86, 2966, 86, 86, - 2957, 2959, 86, 2961, 2962, 2960, 2968, 2971, 86, 2973, - 2970, 2974, 86, 2964, 86, 2967, 86, 2975, 86, 86, - 86, 2965, 2972, 86, 2966, 2976, 2977, 3136, 2978, 2983, - 3136, 86, 2979, 2968, 2971, 86, 2973, 2970, 2974, 86, - 86, 86, 2980, 2981, 2975, 2982, 2984, 86, 2986, 2972, - 86, 86, 2985, 2977, 86, 2978, 2983, 86, 86, 2979, - 2987, 2988, 86, 2989, 2990, 2991, 86, 3136, 86, 2980, - 2981, 2992, 2982, 2984, 2993, 2986, 86, 2997, 2995, 2985, - 2994, 86, 86, 86, 2996, 2998, 3004, 86, 86, 3000, - - 86, 2990, 2991, 86, 86, 3001, 2999, 86, 2992, 86, - 86, 2993, 3136, 3007, 2997, 2995, 3002, 2994, 86, 86, - 86, 2996, 2998, 3004, 86, 86, 3000, 3003, 3005, 3006, - 86, 86, 3001, 2999, 3008, 3010, 86, 3011, 3009, 3012, - 3007, 86, 86, 3002, 86, 3014, 3013, 3016, 3018, 86, - 3015, 3019, 86, 86, 3003, 3005, 3006, 3017, 3022, 86, - 3021, 3008, 3010, 3020, 3011, 3009, 3012, 86, 86, 3023, - 3024, 86, 86, 3013, 86, 86, 3026, 3015, 86, 3025, - 3027, 86, 86, 86, 3017, 3022, 3028, 3021, 86, 3029, - 3020, 86, 86, 3030, 3031, 3032, 3023, 3024, 3033, 86, - - 3034, 86, 3035, 3026, 86, 3036, 3025, 3038, 86, 3037, - 86, 3039, 86, 3028, 3040, 86, 3029, 86, 86, 3042, - 3030, 3031, 86, 3041, 3043, 3033, 3044, 3034, 3045, 86, - 3047, 86, 3036, 86, 86, 3046, 3037, 86, 3039, 86, - 3048, 3040, 86, 86, 3049, 3053, 3052, 3055, 3050, 3136, - 3041, 86, 86, 3044, 86, 3045, 86, 3047, 3051, 86, - 3136, 3060, 3046, 3054, 3057, 86, 3058, 86, 86, 86, - 86, 86, 3053, 3052, 3055, 3050, 3056, 3061, 86, 3059, - 86, 3062, 3063, 86, 86, 3051, 3064, 86, 3060, 86, - 3054, 3057, 3065, 3058, 3066, 86, 3067, 3068, 3069, 86, - - 86, 3075, 3136, 3056, 3061, 3070, 3059, 3136, 86, 3063, - 3074, 3071, 3072, 3064, 3073, 3136, 3077, 3078, 86, 3065, - 3083, 86, 86, 3067, 86, 3069, 3076, 86, 86, 86, - 3080, 3087, 3070, 86, 86, 3085, 3136, 3079, 3071, 3072, - 86, 3073, 86, 86, 3078, 86, 3081, 3082, 86, 86, - 86, 3084, 86, 3076, 86, 86, 3086, 3080, 86, 86, - 3136, 3091, 3085, 3088, 3079, 3090, 3089, 3092, 3136, 86, - 3093, 3136, 3094, 3081, 3082, 86, 3098, 3096, 3084, 3095, - 3105, 86, 86, 3086, 86, 3097, 86, 86, 3091, 3100, - 3088, 86, 3090, 3089, 3092, 3101, 3102, 3093, 86, 3094, - - 3099, 86, 86, 3098, 3096, 3103, 3095, 86, 86, 3104, - 3107, 3106, 3097, 3108, 3109, 86, 3100, 86, 86, 3110, - 3111, 86, 3101, 3102, 3114, 86, 3112, 3099, 86, 3120, - 3136, 3121, 3103, 86, 86, 86, 3104, 3107, 3106, 86, - 86, 3109, 3113, 3116, 3115, 3117, 3110, 3111, 86, 3118, - 86, 86, 86, 3112, 3119, 86, 3120, 86, 86, 3124, - 3122, 3125, 86, 3126, 3127, 86, 3123, 86, 86, 3113, - 3116, 3115, 3117, 3128, 86, 3129, 3118, 3130, 3134, 3131, - 3135, 3119, 3136, 86, 3132, 86, 3124, 3122, 86, 3133, - 3126, 86, 86, 3123, 3136, 86, 3136, 86, 3136, 86, - - 86, 86, 3129, 3136, 3130, 86, 3131, 86, 3136, 3136, - 3136, 3132, 3136, 3136, 3136, 3136, 3133, 47, 47, 47, - 47, 47, 47, 47, 52, 52, 52, 52, 52, 52, - 52, 57, 57, 57, 57, 57, 57, 57, 63, 63, - 63, 63, 63, 63, 63, 68, 68, 68, 68, 68, - 68, 68, 74, 74, 74, 74, 74, 74, 74, 80, - 80, 80, 80, 80, 80, 80, 89, 89, 3136, 89, - 89, 89, 89, 157, 157, 3136, 3136, 3136, 157, 157, - 159, 159, 3136, 3136, 159, 3136, 159, 161, 3136, 3136, - 3136, 3136, 3136, 161, 164, 164, 3136, 3136, 3136, 164, - - 164, 166, 3136, 3136, 3136, 3136, 3136, 166, 168, 168, - 3136, 168, 168, 168, 168, 171, 3136, 3136, 3136, 3136, - 3136, 171, 174, 174, 3136, 3136, 3136, 174, 174, 90, - 90, 3136, 90, 90, 90, 90, 17, 3136, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, - - 3136, 3136, 3136 + 21, 69, 70, 71, 81, 82, 83, 121, 108, 175, + 175, 79, 72, 157, 403, 86, 97, 79, 72, 86, + 135, 90, 84, 90, 90, 86, 90, 168, 109, 176, + 73, 86, 90, 86, 121, 108, 73, 174, 87, 72, + 157, 84, 88, 86, 129, 72, 112, 135, 110, 160, + 86, 173, 160, 171, 113, 109, 98, 168, 186, 91, + + 92, 93, 111, 99, 94, 114, 168, 100, 185, 95, + 101, 129, 86, 112, 86, 110, 86, 86, 96, 166, + 171, 113, 86, 98, 86, 186, 164, 92, 93, 111, + 99, 94, 114, 163, 100, 185, 95, 101, 85, 160, + 85, 85, 160, 85, 161, 96, 102, 159, 115, 85, + 103, 116, 187, 104, 179, 105, 106, 248, 117, 162, + 118, 162, 162, 288, 162, 86, 107, 90, 86, 90, + 90, 86, 90, 102, 86, 115, 122, 103, 116, 187, + 104, 179, 105, 106, 123, 117, 178, 118, 126, 86, + 124, 181, 127, 107, 125, 86, 154, 324, 86, 146, + + 155, 147, 86, 122, 156, 170, 177, 86, 128, 86, + 148, 123, 176, 178, 86, 126, 149, 124, 181, 127, + 174, 125, 86, 154, 150, 86, 146, 155, 147, 86, + 86, 156, 328, 177, 151, 128, 130, 148, 152, 153, + 131, 199, 173, 149, 158, 158, 132, 86, 86, 133, + 167, 150, 167, 167, 182, 167, 134, 172, 86, 172, + 172, 151, 172, 130, 86, 152, 153, 131, 199, 85, + 180, 85, 85, 132, 85, 195, 133, 168, 86, 166, + 85, 182, 183, 134, 136, 86, 164, 203, 137, 90, + 241, 90, 90, 196, 90, 184, 86, 180, 138, 139, + + 90, 140, 86, 191, 192, 163, 86, 86, 194, 183, + 86, 136, 86, 188, 203, 137, 86, 241, 193, 189, + 196, 190, 184, 86, 161, 138, 139, 91, 140, 141, + 191, 192, 142, 159, 86, 194, 197, 198, 204, 143, + 188, 165, 165, 144, 145, 193, 189, 86, 190, 86, + 86, 86, 200, 201, 205, 206, 141, 175, 175, 142, + 202, 207, 86, 197, 198, 204, 143, 215, 86, 213, + 144, 145, 208, 209, 86, 86, 210, 86, 3252, 200, + 201, 205, 206, 86, 216, 86, 3252, 202, 207, 211, + 212, 3252, 224, 214, 215, 3252, 223, 86, 218, 208, + + 209, 86, 219, 210, 217, 221, 86, 225, 227, 86, + 222, 216, 226, 86, 229, 86, 211, 212, 220, 224, + 214, 86, 86, 223, 228, 218, 86, 86, 86, 219, + 231, 217, 221, 230, 225, 227, 236, 222, 86, 226, + 232, 229, 86, 233, 3252, 220, 243, 234, 235, 86, + 3252, 228, 237, 86, 86, 86, 3252, 231, 256, 86, + 230, 250, 86, 236, 3252, 86, 86, 232, 238, 244, + 233, 242, 86, 243, 234, 235, 247, 239, 251, 237, + 245, 252, 249, 240, 246, 256, 257, 86, 250, 255, + 86, 86, 86, 86, 3252, 238, 244, 86, 242, 262, + + 86, 253, 3252, 247, 239, 251, 258, 245, 252, 249, + 240, 246, 254, 257, 86, 259, 255, 86, 265, 263, + 264, 86, 266, 1124, 260, 267, 262, 86, 253, 162, + 3252, 162, 162, 258, 162, 86, 261, 268, 86, 254, + 86, 86, 259, 3252, 86, 265, 263, 264, 3252, 266, + 269, 260, 267, 167, 86, 167, 167, 90, 167, 90, + 90, 168, 90, 261, 268, 172, 270, 172, 172, 272, + 172, 3252, 86, 273, 274, 276, 3252, 269, 86, 278, + 271, 275, 279, 280, 277, 86, 282, 86, 3252, 3252, + 281, 86, 374, 86, 86, 170, 272, 86, 86, 286, + + 273, 274, 276, 86, 86, 86, 278, 271, 275, 279, + 280, 277, 283, 282, 285, 298, 86, 281, 284, 86, + 287, 86, 330, 297, 299, 302, 286, 289, 3252, 3252, + 86, 290, 86, 334, 300, 301, 303, 306, 3252, 304, + 86, 285, 298, 86, 86, 284, 86, 287, 291, 86, + 297, 299, 302, 3252, 86, 86, 86, 86, 290, 3252, + 86, 300, 301, 303, 306, 86, 3252, 305, 307, 308, + 309, 86, 3252, 310, 311, 291, 292, 312, 313, 3252, + 86, 293, 3252, 86, 314, 86, 294, 86, 315, 86, + 86, 322, 295, 296, 305, 307, 308, 309, 86, 86, + + 310, 311, 3252, 292, 312, 313, 86, 321, 293, 325, + 86, 314, 323, 294, 326, 315, 333, 331, 322, 295, + 296, 316, 86, 86, 317, 327, 318, 336, 335, 86, + 329, 332, 337, 340, 321, 86, 325, 86, 319, 323, + 320, 338, 339, 333, 3252, 342, 86, 86, 316, 86, + 86, 317, 327, 318, 86, 335, 86, 329, 332, 86, + 340, 86, 343, 341, 86, 319, 86, 320, 338, 339, + 86, 344, 342, 345, 346, 347, 86, 348, 351, 349, + 356, 352, 350, 3252, 3252, 86, 353, 355, 86, 343, + 341, 86, 86, 86, 354, 86, 86, 86, 344, 358, + + 345, 346, 347, 86, 348, 351, 349, 356, 361, 350, + 357, 359, 360, 86, 355, 86, 86, 362, 364, 363, + 86, 354, 365, 367, 86, 368, 369, 366, 370, 372, + 86, 86, 373, 377, 86, 371, 3252, 357, 359, 360, + 86, 86, 86, 86, 362, 364, 363, 86, 375, 365, + 86, 378, 381, 369, 366, 86, 372, 86, 86, 373, + 86, 383, 371, 380, 384, 86, 382, 86, 379, 86, + 385, 376, 386, 388, 86, 389, 86, 86, 378, 381, + 86, 168, 387, 86, 390, 392, 86, 3252, 383, 393, + 380, 384, 391, 382, 86, 379, 399, 385, 376, 386, + + 394, 86, 396, 395, 397, 86, 86, 86, 398, 387, + 86, 390, 86, 86, 86, 86, 393, 86, 400, 391, + 409, 401, 407, 86, 402, 404, 408, 394, 86, 396, + 395, 397, 405, 86, 86, 398, 406, 410, 86, 411, + 413, 414, 86, 412, 86, 400, 86, 409, 401, 407, + 86, 402, 404, 408, 86, 415, 416, 86, 86, 405, + 86, 86, 86, 406, 410, 417, 411, 418, 414, 420, + 412, 421, 86, 422, 427, 423, 426, 428, 3252, 425, + 86, 86, 429, 416, 419, 86, 86, 86, 430, 3252, + 86, 86, 440, 86, 418, 86, 420, 86, 421, 424, + + 432, 427, 435, 426, 428, 86, 425, 86, 86, 429, + 431, 419, 86, 433, 478, 430, 434, 437, 439, 86, + 442, 86, 436, 86, 86, 86, 424, 432, 86, 435, + 441, 86, 449, 86, 438, 86, 451, 431, 3252, 450, + 433, 86, 3252, 434, 437, 439, 86, 442, 86, 436, + 86, 455, 3252, 3252, 86, 468, 484, 441, 86, 449, + 456, 438, 443, 451, 3252, 444, 450, 452, 457, 453, + 445, 446, 447, 448, 86, 86, 458, 459, 455, 460, + 86, 462, 86, 86, 461, 454, 3252, 456, 86, 443, + 465, 86, 444, 469, 452, 457, 453, 445, 446, 447, + + 448, 86, 86, 458, 459, 86, 463, 466, 462, 464, + 467, 86, 454, 470, 472, 86, 86, 465, 471, 475, + 469, 473, 476, 474, 497, 86, 86, 86, 86, 86, + 477, 535, 3252, 463, 466, 3252, 464, 467, 86, 86, + 470, 472, 86, 86, 86, 471, 475, 482, 473, 476, + 474, 479, 490, 480, 86, 3252, 86, 477, 495, 483, + 485, 486, 481, 86, 498, 86, 488, 487, 489, 548, + 3252, 3252, 496, 3252, 482, 3252, 86, 86, 479, 490, + 480, 86, 86, 86, 491, 495, 483, 485, 486, 481, + 86, 86, 499, 488, 487, 489, 510, 492, 86, 496, + + 493, 86, 494, 86, 3252, 514, 511, 500, 86, 512, + 513, 491, 86, 501, 86, 517, 598, 502, 86, 499, + 529, 86, 86, 510, 492, 503, 3252, 493, 86, 494, + 526, 86, 514, 511, 500, 515, 512, 513, 525, 530, + 501, 86, 517, 86, 502, 168, 3252, 529, 86, 527, + 86, 516, 503, 504, 528, 505, 531, 526, 532, 86, + 3252, 553, 515, 538, 86, 525, 530, 537, 506, 533, + 86, 507, 3252, 508, 86, 509, 86, 3252, 516, 86, + 504, 86, 505, 531, 534, 532, 3252, 86, 3252, 3252, + 538, 571, 86, 86, 537, 506, 533, 545, 507, 86, + + 508, 539, 509, 518, 519, 536, 86, 541, 3252, 86, + 540, 534, 543, 520, 544, 521, 522, 523, 571, 86, + 524, 86, 549, 546, 545, 542, 547, 3252, 86, 86, + 518, 519, 536, 86, 541, 557, 558, 540, 86, 543, + 520, 544, 521, 522, 523, 86, 551, 524, 86, 549, + 546, 550, 542, 547, 552, 554, 559, 86, 86, 555, + 560, 86, 556, 86, 86, 561, 562, 86, 3252, 563, + 86, 86, 567, 551, 570, 584, 86, 573, 550, 86, + 3252, 552, 554, 559, 86, 3252, 555, 560, 86, 556, + 564, 565, 561, 562, 86, 86, 563, 568, 572, 567, + + 86, 570, 574, 575, 573, 586, 589, 86, 566, 3252, + 86, 86, 569, 585, 3252, 86, 86, 564, 565, 587, + 86, 593, 590, 576, 568, 572, 588, 86, 86, 574, + 575, 86, 586, 591, 577, 566, 578, 3252, 86, 569, + 585, 86, 86, 592, 86, 86, 587, 594, 593, 590, + 576, 595, 611, 588, 86, 596, 602, 597, 86, 86, + 591, 577, 3252, 578, 579, 599, 86, 601, 604, 86, + 592, 86, 580, 581, 594, 600, 582, 583, 595, 611, + 86, 86, 596, 603, 597, 606, 86, 86, 86, 86, + 605, 579, 599, 86, 601, 604, 86, 607, 610, 580, + + 581, 608, 600, 582, 583, 612, 86, 86, 613, 609, + 603, 615, 606, 86, 86, 614, 616, 605, 617, 86, + 3252, 3252, 624, 86, 607, 610, 618, 86, 608, 620, + 3252, 86, 612, 622, 86, 613, 609, 3252, 615, 86, + 619, 86, 614, 616, 86, 617, 86, 621, 86, 624, + 625, 623, 86, 618, 626, 86, 620, 86, 627, 86, + 622, 86, 628, 630, 629, 633, 632, 619, 86, 631, + 635, 86, 86, 86, 621, 3252, 86, 625, 623, 86, + 634, 626, 636, 642, 638, 627, 637, 639, 640, 628, + 630, 629, 641, 632, 643, 86, 631, 86, 86, 86, + + 645, 644, 86, 86, 86, 86, 646, 634, 86, 636, + 642, 638, 86, 637, 639, 640, 650, 648, 649, 641, + 653, 86, 654, 652, 86, 651, 86, 645, 644, 647, + 86, 86, 655, 657, 86, 3252, 3252, 656, 86, 658, + 86, 86, 86, 650, 648, 649, 86, 653, 86, 654, + 652, 667, 651, 86, 86, 3252, 647, 668, 86, 655, + 657, 3252, 670, 679, 656, 3252, 658, 659, 669, 86, + 86, 675, 660, 672, 661, 673, 671, 3252, 667, 674, + 662, 86, 663, 86, 668, 664, 665, 86, 676, 670, + 679, 86, 666, 86, 659, 669, 86, 86, 675, 660, + + 672, 661, 673, 671, 680, 677, 674, 662, 678, 663, + 86, 682, 664, 665, 681, 676, 86, 684, 683, 666, + 685, 86, 86, 686, 687, 689, 86, 86, 688, 693, + 3252, 690, 677, 3252, 86, 678, 86, 86, 682, 695, + 694, 681, 86, 3252, 684, 683, 86, 685, 691, 86, + 686, 687, 689, 692, 86, 688, 693, 86, 690, 3252, + 86, 86, 86, 696, 697, 698, 695, 694, 701, 699, + 700, 86, 703, 3252, 702, 691, 86, 704, 3252, 707, + 692, 705, 708, 706, 86, 86, 86, 86, 86, 86, + 696, 697, 698, 168, 86, 86, 699, 700, 709, 703, + + 86, 702, 710, 712, 704, 86, 707, 713, 705, 708, + 706, 711, 86, 714, 86, 716, 715, 717, 3252, 721, + 3252, 3252, 86, 719, 718, 709, 726, 86, 720, 710, + 712, 86, 86, 722, 86, 730, 86, 86, 711, 732, + 86, 86, 731, 715, 717, 86, 721, 86, 86, 723, + 719, 718, 729, 726, 733, 720, 724, 86, 727, 725, + 722, 734, 86, 728, 735, 736, 86, 86, 738, 86, + 737, 86, 739, 3252, 86, 743, 723, 740, 741, 729, + 3252, 86, 744, 724, 742, 745, 725, 86, 86, 746, + 86, 749, 86, 86, 86, 738, 86, 86, 748, 739, + + 86, 86, 743, 750, 740, 741, 86, 86, 751, 744, + 747, 742, 745, 754, 752, 753, 746, 86, 86, 755, + 760, 86, 757, 86, 3252, 748, 86, 756, 86, 761, + 750, 86, 758, 86, 762, 751, 86, 747, 759, 86, + 754, 752, 753, 86, 86, 86, 755, 86, 763, 757, + 767, 86, 86, 764, 756, 766, 761, 765, 768, 758, + 769, 762, 773, 3252, 86, 759, 770, 86, 771, 774, + 772, 86, 86, 775, 86, 763, 86, 767, 776, 3252, + 764, 777, 766, 86, 765, 768, 780, 769, 86, 773, + 86, 86, 779, 770, 781, 771, 782, 772, 784, 3252, + + 775, 86, 86, 778, 86, 776, 783, 86, 777, 786, + 86, 788, 785, 780, 86, 86, 86, 787, 86, 779, + 790, 781, 789, 782, 86, 784, 86, 792, 86, 794, + 778, 86, 791, 783, 3252, 793, 786, 795, 86, 785, + 86, 796, 799, 86, 787, 86, 801, 790, 800, 789, + 86, 797, 798, 803, 792, 86, 804, 805, 86, 791, + 806, 86, 793, 802, 795, 86, 86, 811, 796, 799, + 86, 808, 807, 801, 86, 800, 86, 809, 86, 816, + 86, 86, 810, 804, 86, 86, 812, 806, 813, 86, + 802, 826, 825, 86, 811, 819, 817, 3252, 808, 807, + + 86, 818, 814, 815, 86, 820, 86, 821, 3252, 86, + 86, 86, 86, 812, 830, 813, 822, 86, 826, 86, + 823, 3252, 819, 817, 86, 831, 827, 86, 818, 814, + 815, 832, 820, 86, 821, 824, 86, 828, 833, 834, + 86, 830, 829, 822, 86, 835, 86, 823, 86, 838, + 836, 837, 831, 827, 86, 840, 86, 86, 832, 86, + 86, 839, 824, 841, 86, 833, 834, 842, 86, 86, + 843, 844, 835, 846, 847, 845, 838, 836, 837, 848, + 849, 86, 86, 86, 86, 86, 86, 86, 839, 86, + 841, 86, 850, 851, 842, 852, 853, 843, 844, 856, + + 846, 847, 845, 86, 86, 86, 848, 854, 86, 855, + 86, 861, 86, 860, 862, 857, 858, 859, 86, 850, + 851, 86, 852, 853, 86, 86, 856, 86, 863, 864, + 86, 865, 866, 86, 854, 868, 855, 867, 861, 86, + 860, 862, 857, 858, 859, 870, 872, 871, 86, 869, + 86, 874, 86, 86, 86, 863, 864, 86, 865, 866, + 86, 86, 868, 873, 867, 875, 86, 876, 877, 880, + 879, 86, 870, 872, 871, 881, 869, 86, 874, 878, + 884, 883, 86, 882, 3252, 86, 885, 86, 86, 86, + 873, 3252, 875, 86, 876, 877, 880, 879, 86, 86, + + 887, 886, 881, 168, 86, 888, 878, 884, 883, 86, + 882, 889, 891, 885, 86, 890, 894, 86, 86, 895, + 898, 86, 892, 897, 86, 3252, 896, 887, 886, 899, + 893, 86, 888, 904, 3252, 900, 86, 931, 889, 86, + 901, 86, 890, 86, 86, 902, 895, 86, 86, 892, + 897, 903, 86, 896, 905, 86, 899, 893, 86, 906, + 86, 907, 900, 3252, 908, 86, 86, 901, 909, 86, + 86, 917, 902, 86, 918, 86, 3252, 3252, 903, 86, + 928, 905, 919, 86, 86, 924, 906, 3252, 907, 86, + 920, 908, 922, 923, 3252, 909, 910, 921, 917, 911, + + 86, 918, 925, 912, 86, 926, 913, 928, 86, 919, + 86, 86, 924, 914, 915, 3252, 916, 920, 86, 922, + 923, 86, 927, 910, 921, 942, 911, 941, 86, 925, + 912, 86, 926, 913, 929, 930, 86, 3252, 86, 3252, + 914, 915, 86, 916, 940, 939, 945, 86, 86, 927, + 86, 946, 942, 3252, 941, 943, 944, 3252, 86, 86, + 3252, 929, 930, 932, 933, 947, 934, 86, 86, 935, + 949, 940, 939, 945, 936, 3252, 953, 86, 946, 86, + 937, 938, 943, 944, 948, 952, 86, 954, 956, 86, + 932, 933, 947, 934, 86, 950, 935, 949, 955, 86, + + 951, 936, 86, 953, 957, 86, 959, 937, 938, 960, + 86, 948, 952, 958, 954, 956, 963, 961, 962, 3252, + 967, 3252, 964, 966, 86, 955, 86, 86, 86, 86, + 965, 957, 86, 86, 86, 86, 960, 970, 86, 86, + 958, 968, 86, 963, 961, 962, 86, 967, 969, 964, + 966, 971, 972, 86, 973, 974, 976, 965, 975, 86, + 86, 86, 979, 86, 970, 977, 980, 86, 968, 981, + 978, 983, 982, 986, 3252, 969, 3252, 987, 971, 972, + 86, 973, 984, 86, 86, 975, 985, 86, 988, 979, + 991, 989, 86, 990, 86, 994, 992, 86, 86, 982, + + 986, 86, 86, 86, 86, 996, 86, 86, 995, 984, + 86, 993, 86, 985, 997, 86, 86, 991, 989, 86, + 990, 998, 86, 992, 86, 999, 86, 1000, 1001, 1003, + 1004, 1002, 996, 86, 86, 995, 1005, 1006, 993, 1011, + 1008, 86, 86, 1009, 1012, 86, 86, 1013, 86, 1007, + 3252, 86, 999, 86, 1000, 1001, 1003, 1004, 1002, 86, + 86, 86, 86, 1005, 1006, 1010, 1014, 1008, 1016, 1015, + 1009, 86, 1017, 86, 1013, 86, 1007, 86, 86, 86, + 1018, 1020, 1021, 1022, 3252, 3252, 86, 1025, 1019, 86, + 1023, 1024, 1010, 1014, 86, 1016, 1015, 86, 1026, 1017, + + 1031, 1029, 1034, 3252, 86, 86, 86, 1018, 1020, 86, + 1022, 1027, 86, 1028, 1025, 1019, 86, 1023, 1024, 86, + 86, 1032, 1030, 86, 1033, 1026, 86, 1031, 1029, 1035, + 86, 1036, 86, 1037, 86, 1042, 1039, 1038, 1027, 1040, + 1028, 86, 3252, 1041, 3252, 3252, 86, 86, 1032, 1030, + 86, 1033, 86, 1044, 1043, 1051, 1035, 86, 1036, 1046, + 1037, 86, 86, 1039, 1038, 86, 1040, 1045, 1047, 1052, + 1041, 86, 1048, 1054, 86, 86, 1049, 86, 86, 1053, + 1044, 1043, 1050, 1055, 86, 1056, 1046, 86, 1057, 86, + 86, 1058, 86, 1065, 1045, 1047, 1059, 1062, 3252, 1048, + + 1060, 86, 1064, 1049, 86, 86, 1053, 1063, 1061, 1050, + 1055, 1069, 1066, 86, 86, 86, 3252, 86, 1058, 86, + 86, 1067, 1071, 1059, 1062, 86, 1068, 1060, 86, 1064, + 86, 1070, 1072, 1073, 1063, 1061, 86, 1074, 86, 1066, + 86, 86, 1075, 86, 1076, 1077, 3252, 1078, 1067, 86, + 3252, 1084, 1079, 1068, 1080, 86, 86, 86, 1070, 1072, + 1073, 86, 1081, 1083, 86, 1095, 86, 1082, 86, 168, + 1094, 1076, 1077, 86, 1078, 86, 1086, 1085, 1084, 1079, + 1087, 1080, 1097, 86, 86, 1098, 86, 86, 86, 1081, + 1083, 86, 1095, 1096, 1082, 1099, 86, 1094, 1101, 3252, + + 3252, 1100, 1102, 1086, 1085, 86, 1103, 1087, 1088, 86, + 1089, 86, 1098, 86, 1090, 3252, 1091, 1107, 86, 86, + 1096, 1092, 1099, 3252, 86, 1101, 1093, 1106, 1100, 1102, + 86, 1104, 86, 1103, 1108, 1088, 1105, 1089, 1110, 3252, + 1113, 1090, 1111, 1091, 1107, 86, 1109, 1115, 1092, 1114, + 86, 1123, 1112, 1093, 1106, 86, 1116, 86, 1120, 1117, + 86, 1108, 86, 86, 86, 1110, 1118, 1113, 1119, 1111, + 1121, 86, 86, 1109, 1115, 1122, 1114, 1125, 86, 1112, + 86, 1128, 3252, 1116, 86, 1120, 1117, 1126, 1127, 86, + 86, 1136, 86, 1118, 3252, 1119, 86, 1137, 1138, 3252, + + 1140, 3252, 86, 1142, 1144, 1139, 86, 86, 1128, 86, + 3252, 86, 86, 1147, 1126, 1127, 1129, 1141, 1136, 86, + 86, 1130, 86, 1131, 1137, 1138, 86, 1140, 1145, 1132, + 1142, 1144, 1139, 1143, 1133, 1134, 86, 1148, 1146, 86, + 1150, 1135, 86, 1129, 1141, 86, 86, 1152, 1130, 86, + 1131, 86, 1153, 1155, 1149, 1145, 1132, 1151, 1159, 86, + 1143, 1133, 1134, 86, 1148, 1146, 86, 1150, 1135, 1154, + 1156, 1160, 1157, 1158, 86, 86, 86, 1162, 1161, 1153, + 86, 1149, 1165, 1163, 1151, 86, 86, 86, 1166, 3252, + 86, 1164, 1177, 86, 86, 86, 1154, 1156, 1160, 1157, + + 1158, 86, 86, 1167, 1162, 1161, 86, 1168, 1170, 1169, + 1163, 86, 1171, 1172, 86, 1166, 86, 1176, 1164, 86, + 1173, 86, 1175, 1174, 86, 1181, 1178, 86, 86, 86, + 1167, 3252, 1179, 86, 1168, 1170, 1169, 86, 86, 1171, + 1172, 86, 1189, 86, 1176, 86, 1184, 1173, 1180, 1175, + 1174, 1182, 1181, 1178, 1183, 86, 3252, 1185, 86, 1179, + 1186, 1187, 1188, 86, 86, 1190, 1192, 1193, 86, 1189, + 3252, 1191, 1194, 1184, 3252, 1180, 1197, 86, 1182, 86, + 86, 1183, 86, 86, 1185, 86, 1222, 1186, 1187, 1188, + 3252, 1195, 1198, 1192, 1196, 1199, 1200, 86, 1191, 86, + + 86, 1201, 86, 1197, 1203, 86, 1202, 86, 1204, 1206, + 86, 1210, 1207, 86, 3252, 1208, 86, 86, 1195, 1198, + 86, 1196, 1199, 1200, 86, 1205, 1212, 1213, 1201, 1215, + 1209, 1203, 86, 1202, 1214, 86, 1216, 86, 1210, 1207, + 86, 86, 1208, 86, 1211, 86, 1218, 1217, 86, 86, + 86, 86, 1205, 1212, 1213, 1219, 1215, 1209, 86, 1220, + 1221, 1214, 86, 1216, 1225, 3252, 86, 86, 1224, 1223, + 1227, 1211, 1226, 1218, 1217, 1228, 1230, 86, 1229, 86, + 86, 1232, 1219, 86, 1233, 86, 1220, 86, 86, 1237, + 1231, 1225, 86, 1234, 1240, 1224, 1223, 1227, 86, 1226, + + 86, 1235, 1228, 1230, 86, 1229, 1242, 1236, 1241, 1238, + 3252, 1249, 1239, 86, 1243, 86, 86, 1231, 86, 86, + 1234, 86, 1244, 86, 1247, 1253, 86, 86, 1235, 86, + 86, 1248, 86, 86, 1236, 1241, 1238, 1245, 1249, 1239, + 86, 1243, 1246, 1250, 1251, 1252, 86, 1254, 86, 1244, + 86, 1247, 86, 86, 1255, 86, 1256, 86, 1248, 86, + 1257, 1259, 1260, 3252, 1245, 1258, 86, 1262, 1263, 1246, + 1250, 1251, 1252, 86, 86, 1267, 86, 86, 86, 86, + 1274, 1255, 1264, 1256, 1269, 1276, 86, 86, 1259, 1260, + 86, 1265, 1258, 86, 1262, 1263, 1266, 86, 1268, 1271, + + 1270, 3252, 86, 1273, 86, 168, 1272, 86, 1275, 1264, + 1277, 1269, 86, 1278, 86, 86, 1279, 86, 1265, 1280, + 3252, 86, 3252, 1266, 86, 1268, 1271, 1270, 86, 1281, + 1273, 1284, 1282, 1272, 1283, 1275, 1285, 1287, 86, 1290, + 1278, 1286, 86, 1279, 86, 86, 1280, 86, 86, 86, + 1288, 86, 1289, 86, 1291, 1345, 1281, 86, 1284, 1282, + 86, 1283, 86, 1285, 1287, 1292, 86, 86, 1286, 1294, + 1293, 1295, 1300, 1303, 86, 3252, 3252, 1288, 86, 1289, + 1296, 1291, 86, 1301, 1302, 1304, 3252, 86, 1305, 1297, + 86, 1298, 1292, 1306, 1299, 86, 1294, 1293, 1295, 1300, + + 86, 86, 86, 1310, 1308, 86, 86, 1296, 1309, 86, + 1301, 1302, 1304, 86, 1307, 1305, 1297, 86, 1298, 1311, + 1306, 1299, 86, 1312, 3252, 86, 86, 86, 1315, 1313, + 1310, 1308, 1314, 1317, 1316, 1309, 1318, 1324, 86, 1323, + 1319, 1307, 86, 1321, 86, 86, 1311, 1320, 1322, 86, + 1312, 86, 1367, 3252, 86, 1315, 1313, 86, 86, 1314, + 86, 1316, 86, 1318, 1324, 86, 1323, 1319, 1325, 1326, + 1321, 86, 1327, 1328, 1320, 1322, 1330, 86, 1329, 3252, + 86, 1331, 1332, 1333, 86, 86, 1334, 86, 86, 86, + 1335, 86, 86, 1338, 1336, 1325, 1326, 1337, 86, 1327, + + 1328, 86, 86, 1330, 86, 1329, 1339, 86, 1331, 1332, + 1333, 86, 1341, 1334, 1340, 3252, 1343, 1335, 86, 1344, + 1338, 1336, 86, 1342, 1337, 86, 86, 86, 86, 1348, + 1346, 1347, 1350, 1339, 1351, 1352, 1357, 1371, 1349, 1341, + 1353, 1340, 86, 1343, 86, 86, 1344, 1354, 86, 86, + 1342, 1355, 1356, 1386, 86, 86, 1348, 1346, 1347, 1350, + 3252, 1351, 86, 1357, 86, 1349, 86, 86, 1365, 86, + 1368, 3252, 1366, 1370, 1354, 1396, 1397, 1387, 1355, 1356, + 1358, 1369, 86, 1372, 1359, 86, 1374, 1360, 1361, 3252, + 86, 86, 1362, 3252, 1373, 1365, 86, 1368, 1363, 1366, + + 1370, 1376, 1364, 86, 86, 86, 86, 1358, 1369, 86, + 1372, 1359, 86, 1374, 1360, 1361, 86, 1375, 1377, 1362, + 1378, 1373, 1381, 86, 1379, 1363, 1380, 86, 1376, 1364, + 1382, 86, 1383, 1384, 1385, 86, 1388, 86, 1395, 1389, + 86, 3252, 86, 86, 1375, 1377, 86, 1378, 1399, 1381, + 3252, 1379, 1398, 1380, 86, 1413, 1423, 1382, 86, 1383, + 1384, 1385, 86, 1388, 86, 1395, 1389, 1390, 86, 1400, + 1402, 86, 1391, 1401, 1392, 1399, 1393, 1405, 1394, 1398, + 1407, 86, 86, 86, 1403, 86, 1406, 86, 86, 1404, + 1409, 86, 3252, 1408, 1390, 86, 1400, 1402, 1414, 1391, + + 1401, 1392, 86, 1393, 1405, 1394, 86, 1407, 86, 1412, + 1410, 1411, 1415, 1406, 1416, 1418, 86, 1409, 86, 86, + 1408, 1417, 86, 1420, 86, 1414, 1419, 86, 86, 1422, + 1425, 86, 86, 1421, 1424, 86, 1412, 1410, 1411, 1415, + 1426, 1416, 1418, 86, 86, 1427, 86, 1429, 1417, 1428, + 1420, 86, 1430, 1419, 1431, 86, 1422, 86, 1433, 1432, + 1421, 1424, 1434, 3252, 1438, 86, 86, 1426, 1435, 86, + 86, 86, 1427, 1439, 1429, 1440, 1428, 1436, 1437, 1430, + 86, 86, 1444, 86, 86, 86, 1432, 1441, 86, 1434, + 86, 86, 1443, 1442, 86, 1435, 1447, 1445, 1446, 86, + + 1439, 3252, 1440, 1449, 1436, 1437, 86, 86, 86, 1444, + 86, 1448, 1450, 1451, 1441, 86, 86, 3252, 1454, 1443, + 1442, 1452, 86, 1447, 1445, 1446, 1456, 1453, 1455, 1460, + 1449, 1457, 86, 86, 86, 86, 1458, 1459, 1448, 1450, + 1451, 1461, 3252, 86, 86, 1454, 1463, 1462, 1452, 86, + 86, 86, 86, 1456, 1453, 1455, 86, 1464, 1457, 1465, + 1466, 86, 1467, 1458, 1459, 1468, 1472, 86, 1469, 86, + 1470, 1473, 86, 86, 1462, 86, 86, 86, 86, 1471, + 168, 1474, 1475, 86, 1464, 3252, 1465, 1466, 1476, 86, + 1480, 3252, 1468, 1478, 1477, 1469, 1481, 1470, 86, 1483, + + 86, 86, 86, 86, 1479, 86, 1471, 1482, 1474, 86, + 1487, 86, 1484, 1488, 86, 1476, 86, 1480, 1486, 86, + 1478, 1477, 1485, 1481, 86, 86, 1483, 86, 1490, 1489, + 1491, 1479, 86, 86, 1482, 1494, 1492, 1487, 86, 1484, + 86, 1493, 1495, 3252, 86, 1486, 1496, 1498, 1497, 1485, + 86, 1499, 1503, 1505, 1500, 1490, 1489, 1491, 1504, 86, + 86, 86, 1494, 86, 1501, 86, 86, 1502, 86, 1495, + 86, 1506, 1507, 1496, 1498, 1497, 3252, 1508, 1499, 1503, + 1505, 1500, 1509, 86, 1511, 1504, 86, 1510, 1512, 86, + 1514, 1501, 86, 86, 1502, 86, 1513, 1515, 1516, 1507, + + 1518, 1517, 1519, 86, 1508, 86, 3252, 86, 86, 86, + 1523, 1511, 86, 1520, 86, 1512, 1524, 1514, 1527, 86, + 1528, 1521, 86, 1513, 1515, 1516, 86, 1518, 1517, 1519, + 86, 3252, 1522, 1525, 3252, 86, 86, 1523, 1526, 86, + 1520, 86, 86, 1524, 1529, 1530, 86, 1528, 1521, 1531, + 86, 1532, 86, 1534, 1533, 1538, 1540, 1535, 86, 1522, + 1525, 86, 86, 86, 1536, 1526, 1539, 1541, 86, 1546, + 1537, 1529, 1530, 86, 1543, 86, 1531, 86, 1532, 86, + 1534, 1533, 1538, 1540, 1535, 86, 86, 1544, 1542, 1545, + 1547, 1536, 86, 1539, 1541, 86, 86, 1537, 1548, 1549, + + 86, 1543, 86, 1551, 1552, 86, 1550, 1555, 3252, 86, + 3252, 86, 1553, 3252, 1554, 1542, 1545, 1547, 1558, 86, + 1556, 3252, 1559, 3252, 1557, 1548, 1549, 86, 86, 1563, + 1562, 1560, 1566, 1550, 86, 86, 86, 86, 86, 1553, + 86, 1554, 86, 86, 86, 1558, 1564, 1556, 1561, 1559, + 86, 1557, 1565, 86, 86, 86, 1563, 1562, 1560, 1566, + 86, 1567, 1568, 1569, 1571, 1573, 3252, 1574, 1570, 1572, + 86, 86, 86, 1564, 86, 1561, 1575, 1576, 1578, 1565, + 1577, 1582, 1579, 1585, 86, 86, 1588, 3252, 1567, 1568, + 86, 3252, 1573, 86, 1574, 86, 86, 1583, 86, 1580, + + 86, 1581, 1587, 1575, 1576, 1578, 86, 1577, 1586, 1579, + 86, 1584, 86, 86, 1589, 86, 86, 1590, 86, 86, + 1593, 1594, 86, 86, 1583, 86, 1580, 86, 1581, 1587, + 1595, 1591, 1592, 86, 1596, 1586, 1598, 1599, 1584, 86, + 86, 1589, 86, 1597, 1590, 1600, 1601, 1593, 1594, 3252, + 1614, 86, 1602, 1604, 3252, 1603, 1609, 1595, 1591, 1592, + 86, 1596, 1605, 1598, 86, 86, 1610, 86, 86, 86, + 1597, 86, 86, 1601, 1606, 86, 86, 86, 1607, 1602, + 1604, 1615, 1603, 1609, 1611, 1612, 1613, 1616, 86, 1605, + 1617, 1608, 86, 1610, 1619, 1618, 86, 86, 1625, 86, + + 1620, 1606, 86, 86, 1626, 1607, 1621, 1622, 1615, 86, + 3252, 1611, 1612, 1613, 86, 1623, 86, 1617, 1608, 86, + 1630, 1619, 1618, 86, 86, 1624, 1627, 1620, 1629, 86, + 86, 86, 86, 1621, 1622, 86, 1631, 1628, 1632, 1633, + 1635, 3252, 1623, 86, 1641, 86, 86, 1630, 1634, 1636, + 86, 1637, 1624, 1627, 1639, 1629, 1638, 1642, 3252, 1640, + 86, 86, 86, 1645, 1628, 1632, 86, 86, 86, 86, + 86, 1641, 86, 1643, 1644, 1634, 1636, 86, 1637, 86, + 86, 1639, 86, 1638, 1642, 86, 1640, 1647, 1648, 1646, + 1645, 1651, 1650, 86, 1649, 3252, 1652, 1653, 1654, 1656, + + 1643, 1644, 86, 86, 86, 1655, 86, 86, 1657, 3252, + 86, 86, 1660, 86, 1647, 1648, 1646, 1658, 1651, 1650, + 1663, 1649, 86, 1652, 1653, 1654, 1656, 86, 1661, 1659, + 1662, 1665, 1655, 86, 1664, 86, 86, 1666, 86, 1660, + 86, 1667, 86, 86, 1658, 1668, 86, 1663, 1674, 1669, + 1672, 1675, 168, 86, 86, 1661, 1659, 1662, 1665, 1670, + 1671, 1664, 86, 86, 86, 1678, 1679, 86, 1667, 1673, + 1682, 86, 1668, 86, 86, 1674, 1669, 1672, 1675, 1680, + 1683, 1676, 1677, 1681, 86, 1684, 1670, 1671, 86, 86, + 86, 1685, 86, 1679, 1686, 86, 1673, 1682, 86, 3252, + + 1687, 86, 86, 1688, 1689, 3252, 1680, 1683, 1676, 1677, + 1681, 1690, 86, 86, 1691, 1695, 1692, 86, 1685, 86, + 1693, 3252, 1694, 1697, 1696, 1701, 86, 1687, 86, 1698, + 86, 1689, 86, 86, 1699, 86, 86, 1702, 1690, 1706, + 86, 1691, 1695, 1692, 86, 1700, 86, 1693, 86, 1694, + 1697, 1696, 1701, 86, 86, 1703, 1698, 1710, 1704, 1707, + 86, 1699, 1714, 1715, 1702, 1711, 1712, 1708, 86, 1723, + 1705, 86, 1700, 1716, 1713, 86, 1718, 1717, 86, 86, + 1719, 86, 1703, 1709, 1710, 1704, 1707, 86, 1720, 86, + 1721, 86, 1711, 1712, 1708, 86, 1723, 1705, 86, 86, + + 1722, 1713, 86, 1718, 1717, 86, 86, 1719, 1724, 1726, + 1709, 1725, 86, 1727, 86, 1728, 86, 1721, 86, 1729, + 86, 1730, 1731, 3252, 1733, 3252, 86, 1722, 1732, 1738, + 1734, 1735, 1736, 86, 3252, 1724, 1726, 1737, 1725, 86, + 86, 86, 86, 1743, 86, 86, 1729, 86, 1739, 1731, + 86, 86, 86, 86, 1740, 1732, 1738, 1734, 1735, 1736, + 1741, 86, 1745, 1742, 1737, 86, 1744, 86, 86, 86, + 1743, 1746, 1748, 1749, 86, 1739, 1750, 86, 1747, 1752, + 86, 1740, 1751, 86, 1753, 86, 86, 1741, 1755, 1745, + 1742, 1757, 86, 1744, 1754, 86, 1758, 1756, 1746, 1760, + + 1749, 86, 86, 1750, 86, 1747, 1752, 1759, 86, 1751, + 86, 86, 86, 1761, 1762, 1755, 1763, 86, 1757, 1764, + 86, 1754, 86, 1758, 1756, 1767, 1760, 1765, 86, 1770, + 1766, 86, 86, 1772, 1759, 1771, 86, 1768, 1773, 86, + 1761, 1762, 1769, 1763, 1775, 86, 1764, 3252, 1774, 86, + 1776, 1777, 1767, 86, 1765, 1783, 1770, 1766, 1778, 86, + 86, 1780, 1771, 86, 1768, 86, 86, 1781, 1779, 1769, + 1789, 1775, 86, 1782, 86, 1774, 86, 1776, 86, 1784, + 1788, 86, 1783, 86, 1785, 1778, 1790, 1786, 1780, 86, + 1787, 1794, 86, 3252, 1781, 1779, 1791, 86, 86, 1793, + + 1782, 1792, 86, 86, 86, 86, 1784, 1788, 86, 1795, + 1796, 1785, 1799, 86, 1786, 86, 1800, 1787, 1794, 1797, + 86, 86, 1798, 1791, 1801, 86, 1793, 86, 1792, 3252, + 1802, 86, 3252, 1803, 1807, 1808, 1795, 1796, 86, 1799, + 1813, 1810, 86, 1800, 86, 1805, 1797, 1804, 1806, 1798, + 86, 1801, 86, 86, 1814, 1816, 86, 1802, 1809, 86, + 1803, 1807, 1808, 86, 86, 1811, 86, 1813, 1810, 1817, + 1812, 1815, 1805, 1819, 1804, 1806, 86, 86, 1818, 1820, + 1821, 1814, 1816, 1822, 3252, 1809, 1824, 86, 1826, 1823, + 1825, 1830, 1827, 86, 3252, 1842, 3252, 86, 1815, 1831, + + 86, 86, 86, 86, 1832, 1818, 86, 1821, 1828, 1834, + 86, 86, 86, 1824, 1829, 86, 1823, 1825, 86, 1827, + 86, 1833, 1835, 86, 1836, 1837, 1831, 86, 86, 86, + 1838, 1832, 86, 1839, 1840, 1828, 1834, 1843, 86, 86, + 86, 1829, 3252, 86, 1844, 1845, 86, 1846, 1833, 1835, + 1847, 1836, 1837, 1849, 86, 1841, 1848, 1838, 86, 86, + 1839, 86, 1850, 1851, 86, 1852, 1853, 86, 86, 86, + 1854, 1844, 86, 1856, 1846, 86, 86, 1847, 1855, 1857, + 1849, 1858, 1841, 1848, 1860, 86, 1863, 1859, 1864, 1862, + 1851, 1861, 1852, 1853, 86, 86, 86, 86, 86, 1865, + + 1856, 86, 86, 86, 168, 1855, 1857, 86, 1858, 86, + 1866, 1860, 1867, 1863, 1859, 86, 1862, 1868, 1861, 1869, + 86, 1870, 1873, 1871, 1874, 86, 1865, 1872, 1875, 3252, + 86, 86, 86, 1884, 1877, 1878, 1879, 1866, 86, 1867, + 1876, 86, 86, 86, 86, 1880, 1869, 1881, 1870, 1873, + 1871, 1874, 1883, 1882, 1872, 86, 86, 1885, 1886, 1888, + 86, 1877, 1878, 86, 1887, 86, 1893, 1876, 1891, 86, + 86, 1889, 1880, 86, 86, 86, 1890, 86, 86, 1883, + 1882, 86, 1894, 86, 86, 1886, 1888, 1892, 86, 86, + 1895, 1887, 1896, 1893, 1897, 1891, 86, 1899, 1889, 1906, + + 1898, 1904, 1907, 1890, 86, 1901, 86, 86, 86, 1894, + 1900, 1902, 86, 1905, 1892, 86, 3252, 1895, 1903, 1896, + 1917, 1897, 86, 86, 1899, 86, 86, 1898, 1904, 1908, + 1911, 1909, 1901, 86, 86, 86, 1910, 1900, 1902, 86, + 1905, 86, 1912, 86, 1926, 1903, 1913, 86, 1914, 86, + 1915, 1928, 1916, 1918, 1920, 1919, 1908, 1911, 1909, 1921, + 1922, 86, 86, 1910, 1923, 1924, 86, 1925, 1930, 1912, + 86, 86, 1927, 1913, 1932, 1914, 86, 1915, 86, 1916, + 86, 86, 1919, 86, 1929, 86, 1921, 1922, 1933, 1936, + 86, 1923, 86, 86, 1925, 1931, 86, 86, 86, 1927, + + 86, 1932, 1934, 1935, 1937, 1938, 1941, 1939, 3252, 86, + 86, 1929, 1946, 1940, 1948, 86, 86, 1947, 1950, 86, + 3252, 3252, 1931, 1951, 86, 86, 1954, 86, 1957, 1934, + 1935, 1937, 1938, 86, 1939, 86, 1952, 3252, 86, 1946, + 1940, 1942, 1943, 1944, 1947, 1949, 86, 1953, 1945, 86, + 86, 86, 86, 1954, 1956, 1955, 86, 1959, 1958, 86, + 86, 1960, 1961, 1952, 86, 1963, 86, 86, 1942, 1943, + 1944, 86, 1949, 1964, 1953, 1945, 86, 1962, 86, 1966, + 86, 1956, 1955, 1967, 1959, 1958, 1968, 1969, 1960, 86, + 1965, 86, 1963, 86, 1970, 86, 86, 1971, 1972, 1974, + + 1964, 1973, 1975, 1976, 1962, 86, 1966, 86, 1977, 86, + 86, 1981, 1978, 1968, 86, 86, 86, 1965, 1979, 1984, + 86, 1970, 1980, 86, 1971, 1972, 1982, 86, 1973, 86, + 1976, 86, 86, 1983, 1985, 1977, 86, 86, 1981, 1978, + 1986, 86, 1987, 1988, 86, 1979, 1984, 86, 1989, 1980, + 1990, 1991, 1992, 1982, 1993, 1994, 1995, 1998, 86, 1997, + 1983, 86, 86, 86, 1996, 2000, 86, 1986, 86, 1987, + 86, 86, 1999, 86, 2001, 86, 3252, 86, 1991, 1992, + 86, 1993, 1994, 1995, 1998, 2002, 1997, 2004, 86, 2003, + 2007, 1996, 86, 2006, 2009, 86, 2008, 86, 86, 1999, + + 86, 86, 3252, 2005, 2013, 2010, 86, 2011, 2014, 2016, + 86, 3252, 2002, 86, 2004, 2017, 2003, 2007, 86, 86, + 2006, 86, 2015, 2008, 2020, 2012, 2027, 86, 3252, 86, + 2005, 2013, 2010, 86, 2011, 2014, 86, 2021, 86, 2018, + 86, 2022, 2017, 86, 2019, 2023, 2030, 2024, 2028, 2015, + 2025, 86, 2012, 86, 86, 86, 2026, 86, 86, 2029, + 86, 2031, 2032, 86, 2021, 2037, 2018, 2041, 2022, 86, + 2042, 2019, 2023, 86, 2024, 2028, 2033, 2025, 2038, 2034, + 2046, 86, 2044, 2026, 2035, 86, 2029, 86, 2031, 2032, + 2036, 2039, 86, 2045, 86, 86, 2040, 86, 2047, 86, + + 2043, 86, 86, 2033, 86, 86, 2034, 2048, 86, 2044, + 2051, 2035, 86, 86, 2049, 2053, 2050, 2036, 86, 2052, + 2045, 2055, 2054, 86, 86, 2047, 2061, 2043, 2059, 86, + 86, 2057, 2058, 2062, 2048, 2056, 86, 2060, 2063, 86, + 2064, 2049, 86, 2050, 168, 86, 2052, 86, 2055, 2054, + 86, 2066, 86, 86, 86, 2059, 2065, 2068, 2057, 2058, + 86, 2067, 2056, 86, 2060, 2063, 2070, 2069, 3252, 2072, + 2071, 2073, 86, 86, 3252, 86, 2074, 86, 2066, 2075, + 2076, 2077, 86, 2065, 2068, 86, 86, 2078, 2067, 86, + 86, 86, 2080, 2070, 2069, 86, 2072, 2071, 2073, 86, + + 2079, 86, 2081, 2074, 2082, 2083, 2075, 86, 2077, 86, + 2085, 86, 2084, 2086, 2078, 3252, 86, 2088, 86, 2080, + 2087, 86, 86, 86, 2089, 2090, 2091, 2079, 2092, 86, + 3252, 2082, 2083, 86, 2093, 86, 86, 2085, 2096, 2084, + 2086, 86, 86, 86, 2097, 2094, 2099, 2087, 2095, 86, + 2098, 2089, 2090, 2091, 2100, 2092, 86, 86, 2102, 2104, + 86, 2093, 2101, 2105, 86, 2096, 2110, 2106, 86, 86, + 86, 2097, 2094, 2099, 2103, 2095, 86, 2098, 86, 2108, + 86, 2100, 2107, 2109, 2114, 2102, 86, 86, 86, 2101, + 2105, 86, 2111, 86, 2106, 2112, 86, 3252, 86, 2113, + + 2116, 2103, 86, 2117, 2115, 2119, 2108, 2118, 2121, 2107, + 2109, 86, 2120, 86, 2123, 2124, 3252, 3252, 2122, 2111, + 2163, 86, 2112, 86, 86, 86, 2113, 86, 86, 86, + 2117, 2115, 86, 86, 2118, 2121, 2126, 86, 2125, 2120, + 86, 2123, 2124, 2127, 86, 2122, 2128, 2129, 86, 2133, + 2130, 86, 86, 2134, 2131, 2136, 86, 86, 86, 2137, + 2139, 86, 86, 2126, 2135, 2125, 2140, 2132, 86, 3252, + 2127, 2138, 2143, 2128, 2129, 86, 2133, 2130, 86, 86, + 2134, 2131, 86, 2141, 86, 2142, 2137, 2139, 86, 2145, + 86, 2135, 2144, 2140, 2132, 2146, 2147, 86, 2138, 2143, + + 2148, 86, 2149, 2150, 3252, 2152, 2151, 86, 2154, 86, + 2141, 86, 2142, 86, 86, 86, 2145, 2153, 86, 2144, + 86, 86, 2146, 2147, 2155, 2156, 86, 2148, 2157, 2149, + 2150, 86, 2152, 2151, 2158, 2154, 2159, 2161, 2160, 2165, + 2162, 3252, 86, 3252, 2153, 2169, 86, 86, 2164, 2166, + 86, 86, 2156, 86, 2167, 2157, 2168, 2173, 86, 86, + 86, 2158, 86, 2159, 2161, 2160, 2165, 2162, 86, 86, + 86, 2170, 86, 2171, 2174, 2164, 2166, 2172, 2175, 2176, + 2179, 2167, 2181, 2168, 86, 86, 2182, 2180, 86, 86, + 3252, 2177, 3252, 2183, 2184, 3252, 86, 86, 2170, 2178, + + 2171, 2174, 86, 86, 2172, 2175, 2176, 86, 86, 2181, + 86, 86, 86, 2182, 2180, 2185, 86, 2192, 2177, 2186, + 2183, 2184, 2187, 2188, 86, 2189, 2178, 2190, 2193, 2195, + 2194, 86, 2191, 2197, 2198, 86, 2196, 86, 2200, 3252, + 3252, 86, 2185, 86, 2192, 86, 2186, 86, 86, 2187, + 2188, 86, 2189, 2199, 3252, 2193, 2195, 2194, 86, 86, + 2197, 2198, 2205, 2196, 2201, 86, 2202, 2203, 2204, 2206, + 2207, 86, 2208, 86, 86, 86, 2209, 3252, 86, 86, + 2199, 86, 2210, 2211, 86, 86, 2214, 2212, 2215, 2205, + 2216, 2201, 86, 2202, 2203, 2204, 2206, 2207, 86, 2208, + + 2213, 86, 86, 2209, 86, 2219, 2220, 86, 86, 2210, + 2211, 2217, 2221, 2214, 2212, 2215, 2218, 2216, 86, 2222, + 86, 2223, 2224, 86, 2230, 2225, 2226, 2213, 2231, 86, + 86, 2227, 2219, 86, 2234, 2232, 168, 2228, 2217, 2221, + 86, 86, 2229, 2218, 2233, 86, 86, 86, 2223, 2224, + 2235, 2240, 2225, 2226, 2236, 2239, 86, 2241, 2227, 86, + 86, 2234, 2232, 86, 2244, 2243, 2245, 2247, 2237, 86, + 2242, 2233, 2246, 86, 86, 2249, 3252, 86, 86, 2238, + 86, 2236, 2239, 86, 2241, 86, 2248, 2250, 86, 2252, + 3252, 3252, 2243, 2245, 86, 2237, 86, 2242, 86, 2246, + + 2255, 2254, 2251, 86, 2253, 2257, 2238, 86, 86, 86, + 86, 86, 86, 2248, 2250, 2256, 2252, 86, 2258, 86, + 2263, 2259, 86, 2260, 2262, 86, 2261, 2255, 2254, 2251, + 86, 2253, 2257, 86, 86, 2264, 2265, 2266, 2267, 2270, + 86, 2269, 2256, 2268, 86, 2258, 86, 2263, 2259, 86, + 2260, 2262, 2272, 2261, 86, 2273, 2275, 2276, 3252, 86, + 86, 86, 86, 2265, 2266, 2267, 2270, 2271, 2269, 86, + 2268, 2274, 2282, 2277, 86, 86, 86, 2278, 86, 2272, + 86, 86, 2273, 86, 2276, 86, 2279, 2281, 2280, 2285, + 86, 86, 2283, 2288, 2271, 86, 2284, 2286, 2274, 2282, + + 2277, 86, 86, 2289, 2278, 2287, 2290, 86, 2292, 2296, + 2291, 86, 2293, 2279, 2281, 2280, 2285, 2294, 86, 2283, + 2288, 2295, 86, 2284, 2286, 86, 86, 2297, 86, 2298, + 86, 86, 2287, 2290, 86, 2292, 86, 2291, 2299, 2293, + 2300, 86, 2301, 2303, 2294, 2302, 2304, 86, 2295, 2305, + 2307, 2308, 86, 2306, 86, 2310, 2298, 86, 86, 2309, + 86, 2311, 2313, 3252, 2315, 2299, 86, 2300, 3252, 2301, + 86, 86, 2302, 86, 86, 86, 2305, 2307, 2308, 2312, + 2306, 2314, 86, 2316, 2318, 2317, 2309, 86, 86, 86, + 86, 86, 2319, 2323, 2324, 86, 2320, 2321, 2325, 2327, + + 2322, 86, 3252, 3252, 2333, 2330, 2312, 86, 2314, 86, + 2316, 86, 2317, 86, 2326, 86, 86, 2329, 3252, 86, + 2323, 2324, 86, 2320, 2321, 86, 86, 2322, 2328, 86, + 2331, 86, 2330, 2337, 2334, 2335, 2338, 86, 86, 2340, + 2336, 2326, 86, 86, 2329, 2332, 2339, 86, 86, 2342, + 86, 86, 2341, 3252, 2347, 2328, 86, 2331, 2344, 2345, + 86, 2334, 2335, 2338, 2349, 2350, 2340, 2336, 2354, 2343, + 2346, 86, 2332, 2339, 2398, 86, 86, 86, 86, 2341, + 86, 86, 86, 2348, 86, 2344, 2345, 2353, 86, 2351, + 86, 2349, 2350, 2352, 86, 2354, 2343, 2346, 86, 2355, + + 2356, 86, 86, 2360, 2357, 2367, 86, 2361, 2364, 3252, + 2348, 2362, 2371, 2363, 2353, 86, 2351, 86, 86, 2358, + 2352, 2359, 86, 2366, 2373, 86, 2355, 2356, 86, 86, + 2360, 2357, 2367, 86, 2361, 2364, 2365, 2368, 2362, 2369, + 2363, 2370, 86, 2372, 86, 86, 2358, 2374, 2359, 86, + 2366, 2375, 2376, 86, 86, 2384, 86, 2377, 2378, 86, + 3252, 86, 2379, 2365, 2368, 2380, 2369, 3252, 2370, 86, + 2372, 86, 2381, 86, 2374, 2382, 3252, 2385, 2375, 2376, + 86, 2383, 86, 86, 2377, 2378, 2388, 86, 2386, 2379, + 86, 2387, 2380, 86, 86, 2389, 2390, 2391, 86, 2381, + + 3252, 3252, 2382, 2393, 86, 2392, 2414, 2399, 2383, 86, + 2394, 86, 2395, 2388, 2401, 2386, 2396, 86, 2387, 86, + 2397, 86, 2389, 86, 2391, 168, 2400, 86, 86, 86, + 2393, 86, 2392, 2403, 2399, 2402, 2404, 2394, 86, 2395, + 2405, 2401, 2407, 2396, 86, 86, 86, 2397, 2406, 86, + 2408, 86, 2409, 2400, 2410, 2411, 3252, 2415, 2416, 2412, + 2403, 3252, 2402, 2404, 86, 86, 2413, 2405, 2417, 2407, + 86, 2418, 3252, 2419, 2424, 2406, 86, 2408, 2421, 86, + 86, 2410, 86, 86, 86, 2416, 2412, 2420, 86, 86, + 2423, 86, 3252, 2413, 2425, 86, 2422, 2426, 2418, 86, + + 2419, 2428, 86, 2427, 86, 2421, 86, 86, 2429, 2430, + 2431, 2433, 2436, 2434, 2420, 2432, 86, 2423, 2435, 86, + 86, 2425, 2438, 2422, 2426, 86, 86, 2439, 2428, 86, + 2427, 86, 2437, 2445, 86, 86, 2430, 3252, 2433, 86, + 2434, 86, 86, 2440, 86, 2435, 86, 2441, 2442, 2438, + 86, 2443, 2446, 2447, 2439, 2444, 2448, 2451, 86, 2437, + 86, 2450, 86, 2449, 86, 86, 2454, 86, 2456, 2453, + 2440, 86, 86, 86, 2441, 2442, 2452, 86, 2443, 2446, + 2447, 2455, 2444, 2448, 2451, 86, 2457, 86, 2450, 2458, + 2449, 86, 2464, 86, 2459, 2456, 2453, 2461, 86, 86, + + 86, 2460, 86, 2452, 2462, 2463, 2465, 86, 2455, 2467, + 3252, 2466, 2469, 2457, 2477, 86, 2458, 2468, 86, 2464, + 2471, 2459, 2475, 86, 2461, 86, 86, 86, 2460, 86, + 2470, 2462, 2473, 86, 2472, 86, 86, 86, 2466, 2469, + 2474, 86, 86, 2476, 2468, 2478, 86, 2471, 2480, 86, + 2482, 2481, 2479, 86, 86, 2484, 2485, 2470, 86, 2473, + 2487, 2472, 86, 86, 2486, 2483, 2489, 2474, 2494, 86, + 86, 86, 2478, 86, 86, 2480, 2488, 2482, 2481, 2479, + 86, 2490, 86, 2485, 2493, 2495, 2491, 2487, 86, 2492, + 2496, 2497, 2483, 86, 86, 86, 86, 2498, 86, 86, + + 2499, 2500, 2501, 2488, 2503, 86, 2502, 86, 2490, 86, + 86, 2493, 2495, 2491, 86, 86, 2492, 2496, 2497, 86, + 2505, 86, 2506, 2504, 2498, 86, 86, 2499, 2500, 2501, + 86, 2503, 2507, 2502, 2508, 2509, 2510, 2511, 2512, 3252, + 2513, 2515, 86, 2514, 3252, 3252, 86, 2505, 2517, 86, + 2504, 86, 2519, 2521, 3252, 86, 86, 2516, 2522, 86, + 86, 86, 86, 2510, 2511, 2512, 86, 2513, 2515, 86, + 2514, 2518, 86, 2520, 2523, 2517, 2524, 2525, 2526, 86, + 86, 86, 86, 2531, 2516, 86, 2528, 2527, 2529, 2530, + 86, 86, 3252, 86, 86, 86, 86, 86, 2518, 2532, + + 2520, 2523, 2534, 2524, 2525, 2526, 2533, 86, 86, 86, + 86, 2535, 2538, 2528, 2527, 2529, 2530, 86, 2536, 2537, + 2546, 86, 2539, 2540, 2541, 86, 2532, 168, 2542, 2534, + 2544, 2550, 86, 2533, 2543, 86, 86, 2548, 2535, 2538, + 86, 86, 2551, 86, 86, 2536, 2537, 2546, 86, 2539, + 2540, 2541, 2545, 2547, 2549, 2542, 86, 2544, 86, 86, + 2552, 2543, 2553, 2555, 2548, 2554, 86, 2556, 2559, 86, + 2557, 3252, 86, 2558, 3252, 86, 86, 2561, 86, 2545, + 2547, 2549, 86, 86, 2560, 86, 86, 2552, 86, 2553, + 2555, 86, 2554, 86, 2556, 2559, 2562, 2557, 2563, 2564, + + 2558, 2566, 2565, 86, 2561, 2567, 86, 2569, 86, 2568, + 2570, 2560, 2571, 2573, 86, 2572, 86, 2574, 86, 2576, + 86, 3252, 3252, 2562, 86, 2563, 2564, 86, 2566, 2565, + 2575, 86, 2567, 86, 2569, 2579, 2568, 86, 2577, 2571, + 2573, 2578, 2572, 2581, 86, 2582, 86, 86, 86, 2580, + 86, 2584, 86, 2583, 86, 86, 2585, 2575, 2586, 86, + 2587, 86, 2579, 2588, 86, 2577, 2589, 2590, 2578, 86, + 2581, 2591, 2582, 2592, 2593, 2595, 2580, 2598, 2584, 2600, + 2583, 2594, 86, 86, 86, 86, 86, 2587, 2596, 86, + 2588, 2597, 2599, 86, 86, 86, 2601, 86, 86, 86, + + 2592, 2593, 2595, 86, 2598, 2602, 86, 2604, 2594, 2606, + 3252, 3252, 2603, 2608, 2605, 2596, 2613, 86, 2597, 2599, + 86, 86, 86, 2601, 86, 86, 2607, 2612, 2616, 3252, + 2609, 2620, 86, 86, 2604, 86, 2606, 86, 2610, 2603, + 2608, 2605, 2611, 86, 2614, 2617, 86, 2619, 2618, 86, + 2615, 86, 2621, 2607, 2612, 86, 86, 2609, 86, 86, + 86, 2622, 2625, 2627, 2628, 2610, 86, 2626, 86, 2611, + 86, 2614, 2617, 86, 2619, 2618, 2623, 2615, 2624, 2621, + 2629, 86, 86, 86, 2630, 86, 2631, 86, 2622, 86, + 2627, 2628, 86, 2632, 2626, 2634, 2633, 2635, 2636, 3252, + + 2637, 2639, 2640, 2623, 2638, 2624, 86, 86, 3252, 86, + 3252, 2630, 86, 86, 86, 86, 86, 2642, 2641, 2643, + 2632, 2644, 2634, 2633, 2635, 86, 86, 2637, 86, 2640, + 2645, 2638, 86, 2646, 2647, 86, 2648, 86, 2649, 3252, + 2650, 2652, 86, 3252, 2642, 2641, 2643, 2651, 86, 86, + 2654, 86, 2653, 2656, 2657, 2659, 86, 2645, 86, 2655, + 86, 2647, 86, 2648, 2660, 2649, 86, 2650, 2652, 86, + 86, 86, 2658, 2661, 2651, 86, 86, 2654, 2662, 2653, + 2656, 2657, 86, 2664, 86, 2663, 2655, 2665, 2666, 2667, + 2669, 86, 86, 2681, 3252, 2668, 86, 2670, 86, 2658, + + 168, 2671, 86, 2672, 2673, 2662, 2674, 86, 2675, 3252, + 2664, 86, 2663, 2680, 2665, 2678, 2667, 2669, 86, 86, + 86, 86, 2668, 2679, 2670, 86, 86, 2683, 86, 2676, + 86, 2673, 86, 86, 2677, 2675, 2682, 86, 2684, 2685, + 2680, 2686, 2678, 2688, 2689, 86, 2687, 2690, 3252, 86, + 2679, 86, 86, 2692, 2683, 2691, 86, 2693, 2698, 86, + 86, 86, 2694, 2682, 86, 2684, 2685, 86, 2686, 86, + 86, 2696, 2695, 2687, 2690, 86, 86, 2699, 2697, 86, + 2692, 2702, 2691, 2700, 2693, 2698, 86, 86, 2701, 2694, + 2704, 86, 2705, 86, 2703, 3252, 2709, 3252, 2696, 2695, + + 86, 86, 2707, 2706, 2699, 2697, 86, 86, 2702, 86, + 2700, 86, 86, 86, 2711, 2701, 2708, 2710, 2713, 2705, + 2714, 2703, 86, 86, 86, 86, 2712, 2715, 86, 2707, + 2706, 2718, 86, 2716, 2717, 2719, 2720, 86, 86, 86, + 86, 2711, 2721, 2708, 2710, 86, 2722, 2714, 2723, 2725, + 2724, 3252, 2726, 2712, 2715, 2731, 2732, 86, 86, 2727, + 2716, 2717, 2719, 2733, 2728, 86, 2734, 2729, 86, 86, + 86, 86, 2730, 86, 86, 86, 2725, 2724, 86, 2726, + 86, 86, 2731, 2732, 86, 2735, 2727, 86, 2736, 2738, + 86, 2728, 2737, 86, 2729, 2739, 2740, 2744, 2741, 2730, + + 2742, 2745, 86, 2746, 86, 2743, 2747, 2748, 3252, 3252, + 2752, 86, 86, 86, 86, 2736, 86, 2750, 86, 2737, + 2753, 2749, 2739, 2740, 2744, 2741, 86, 86, 2745, 2751, + 86, 86, 86, 86, 2748, 86, 86, 86, 2754, 2755, + 2756, 2757, 2760, 2758, 2750, 2759, 86, 2753, 2749, 2761, + 2762, 86, 86, 2765, 2763, 86, 2751, 86, 86, 2764, + 2768, 2769, 2766, 2772, 2767, 86, 2755, 86, 2757, 86, + 2758, 86, 2759, 86, 86, 2771, 86, 2762, 2773, 2775, + 2765, 86, 2770, 2777, 86, 2774, 86, 2768, 2778, 2766, + 86, 2767, 2776, 86, 86, 2785, 2781, 3252, 86, 3252, + + 86, 2783, 2771, 86, 86, 2773, 2775, 86, 86, 2770, + 2777, 2782, 2774, 3252, 86, 2778, 2779, 2780, 86, 2776, + 86, 2784, 86, 2781, 2786, 2787, 86, 2789, 2783, 2792, + 2793, 2790, 2796, 2788, 86, 2794, 2791, 86, 2782, 86, + 86, 2797, 2795, 2779, 2780, 2798, 3252, 2799, 2784, 86, + 86, 2786, 2787, 86, 2789, 86, 2792, 2800, 2790, 86, + 2788, 3252, 86, 2791, 2801, 2802, 3252, 86, 2797, 2795, + 2803, 86, 2798, 86, 2799, 86, 2806, 86, 2804, 86, + 2805, 2807, 2808, 86, 2800, 2810, 2809, 86, 86, 86, + 2811, 2801, 2802, 86, 2813, 2812, 2814, 2803, 86, 86, + + 2815, 2817, 2816, 2806, 86, 2804, 3252, 2805, 2807, 2808, + 3252, 2821, 86, 2809, 86, 2818, 86, 2811, 2819, 2820, + 86, 86, 2812, 2814, 86, 2822, 2823, 86, 86, 2816, + 2824, 2825, 2829, 86, 2826, 2832, 86, 86, 2821, 2827, + 2828, 2830, 2818, 86, 2833, 2819, 2820, 2831, 86, 86, + 86, 3252, 86, 2823, 86, 2838, 2836, 2824, 2825, 2829, + 2834, 2835, 86, 86, 86, 86, 86, 2828, 2830, 86, + 86, 86, 2837, 86, 2831, 2839, 2840, 86, 2841, 2842, + 2843, 2852, 2838, 2836, 3252, 86, 2844, 2834, 2835, 2853, + 86, 3252, 86, 2845, 86, 86, 2846, 3252, 2847, 2837, + + 2849, 2848, 2839, 2840, 2854, 2841, 2850, 2843, 86, 2851, + 2856, 86, 2855, 2844, 2859, 86, 86, 86, 86, 86, + 2845, 2857, 86, 2846, 86, 2847, 2862, 2849, 2848, 86, + 86, 86, 86, 2850, 2858, 2860, 2851, 2856, 2861, 2855, + 2863, 2865, 2866, 2864, 2868, 2867, 86, 86, 2857, 86, + 2869, 2870, 86, 86, 86, 3252, 86, 86, 86, 2871, + 86, 2858, 2860, 2872, 86, 2861, 2873, 2863, 2865, 2866, + 2864, 2874, 2867, 2875, 2879, 2876, 86, 2869, 86, 2877, + 2880, 86, 86, 3252, 3252, 86, 2871, 86, 86, 2878, + 2872, 86, 2882, 2873, 86, 2881, 86, 86, 2874, 2883, + + 2875, 86, 2876, 2884, 2885, 2886, 2877, 2880, 2891, 86, + 2888, 2887, 86, 2893, 86, 86, 2878, 86, 2889, 2882, + 2890, 86, 2881, 2894, 86, 2896, 2883, 86, 86, 2900, + 2884, 2885, 2886, 86, 2892, 86, 2901, 2888, 2887, 2905, + 86, 3252, 86, 2895, 2897, 2889, 2898, 2890, 2899, 86, + 86, 86, 86, 2902, 2903, 86, 2900, 86, 86, 86, + 86, 2892, 2908, 86, 2904, 86, 2905, 2909, 2907, 2906, + 2895, 2897, 86, 2898, 86, 2899, 86, 2910, 2911, 2912, + 2902, 2903, 86, 2913, 86, 2914, 2915, 2918, 2916, 86, + 2919, 2904, 2920, 86, 2909, 2907, 2906, 2921, 3252, 86, + + 86, 2925, 3252, 86, 2927, 2911, 2912, 2917, 86, 86, + 86, 2923, 86, 2915, 2918, 86, 2922, 2919, 2924, 2920, + 2926, 2928, 2930, 2931, 86, 86, 86, 3252, 86, 86, + 86, 2927, 2929, 2932, 2917, 2933, 86, 2934, 2923, 86, + 2939, 2935, 2936, 2922, 86, 2924, 86, 2926, 2928, 2937, + 86, 2942, 3252, 2938, 86, 2940, 2941, 86, 2943, 2929, + 2932, 86, 2947, 86, 2934, 86, 2944, 86, 2935, 86, + 2946, 86, 86, 86, 2950, 86, 2937, 2945, 86, 86, + 2938, 2951, 2940, 2941, 86, 2943, 2948, 2949, 2952, 86, + 2953, 2956, 86, 2944, 86, 2957, 2954, 2946, 2955, 2958, + + 2960, 2950, 2959, 86, 2945, 3252, 2961, 2962, 86, 86, + 86, 2963, 86, 2948, 2949, 86, 2964, 2953, 86, 86, + 86, 86, 86, 2954, 2967, 2955, 86, 2968, 86, 2959, + 2965, 2966, 86, 2961, 86, 86, 86, 2970, 2963, 2969, + 2972, 2971, 2973, 2964, 86, 2974, 2975, 2976, 2977, 2978, + 86, 2967, 86, 86, 86, 86, 2979, 2965, 2966, 86, + 2980, 2982, 2984, 2985, 2970, 2981, 2969, 86, 2971, 86, + 86, 2983, 2986, 2975, 2976, 2977, 86, 86, 86, 2989, + 3252, 86, 86, 86, 2987, 2990, 86, 2980, 2988, 2984, + 86, 86, 2981, 86, 86, 86, 2991, 2992, 2983, 2986, + + 86, 86, 2993, 3001, 3016, 3017, 2989, 2994, 2997, 2996, + 86, 2987, 2990, 2995, 86, 2988, 86, 86, 86, 86, + 86, 2998, 2999, 2991, 2992, 86, 3000, 3004, 3002, 2993, + 3001, 86, 86, 86, 2994, 2997, 2996, 3003, 3005, 3006, + 2995, 3007, 3008, 3009, 86, 3010, 86, 3252, 2998, 2999, + 86, 3011, 3014, 3000, 3012, 3002, 86, 3015, 3023, 86, + 86, 3018, 3019, 86, 3003, 3005, 3006, 3013, 3007, 3008, + 86, 3024, 86, 3022, 86, 86, 86, 3252, 3011, 86, + 86, 3012, 3020, 3021, 86, 86, 3025, 3028, 3026, 3029, + 86, 3030, 3031, 86, 3013, 86, 86, 3027, 3024, 86, + + 3022, 3035, 3032, 3033, 86, 3034, 3046, 3037, 3036, 86, + 86, 86, 86, 3025, 3028, 3026, 86, 86, 3030, 3031, + 3038, 86, 3039, 3041, 3027, 86, 86, 3040, 3035, 3032, + 3033, 3044, 3034, 86, 3037, 3036, 3045, 3042, 86, 86, + 3043, 3047, 3049, 86, 3048, 86, 3252, 86, 86, 86, + 3041, 3050, 3051, 3052, 3040, 86, 86, 3053, 3054, 3056, + 3055, 86, 3057, 86, 3042, 3058, 3059, 3043, 3047, 3049, + 3060, 3048, 3061, 86, 86, 3063, 3062, 3064, 3050, 3051, + 3052, 86, 3065, 3066, 86, 3067, 86, 3055, 86, 86, + 86, 3068, 86, 3059, 86, 3069, 3070, 86, 3071, 86, + + 3073, 3072, 86, 3062, 86, 3076, 3074, 3078, 3075, 86, + 86, 3079, 86, 86, 86, 86, 86, 3077, 86, 86, + 3080, 86, 86, 3070, 3081, 86, 86, 3073, 3072, 86, + 3082, 3083, 86, 3074, 3078, 3075, 86, 3084, 3079, 3086, + 86, 3085, 86, 3087, 3077, 3088, 86, 3080, 3089, 3090, + 3252, 3081, 86, 3252, 3093, 3091, 3096, 86, 3083, 3092, + 3094, 86, 86, 86, 3084, 86, 3086, 86, 3085, 86, + 3087, 86, 3088, 3095, 86, 3099, 3090, 86, 3097, 3100, + 86, 3093, 3091, 3096, 3098, 86, 3092, 3094, 3101, 3102, + 86, 3103, 3104, 86, 86, 3105, 86, 3106, 3110, 86, + + 3095, 3107, 3099, 3109, 3108, 3097, 3100, 86, 86, 3112, + 3111, 3098, 3114, 86, 86, 86, 86, 86, 86, 3104, + 86, 3113, 3105, 3252, 3106, 3110, 3115, 3116, 3107, 3121, + 3109, 3108, 86, 86, 86, 86, 3112, 3111, 86, 3114, + 86, 3117, 3122, 3119, 3118, 86, 3120, 86, 3113, 3127, + 86, 3129, 3124, 3115, 3116, 86, 3121, 86, 86, 3123, + 3125, 3126, 86, 3130, 3131, 86, 3132, 86, 3117, 3122, + 3119, 3118, 3133, 3120, 86, 3128, 3127, 3134, 86, 3124, + 3252, 86, 86, 86, 3137, 3138, 3123, 3125, 3126, 3135, + 3130, 86, 86, 3132, 3136, 3139, 3140, 86, 86, 86, + + 3142, 86, 3128, 3141, 86, 3252, 3143, 86, 86, 3144, + 3147, 3137, 3138, 3145, 3148, 86, 3135, 86, 3146, 86, + 3150, 3136, 3139, 3140, 86, 86, 3149, 3151, 86, 3154, + 3141, 3152, 86, 3143, 3155, 86, 3144, 86, 86, 3153, + 3145, 86, 3157, 86, 3156, 3146, 3158, 3150, 86, 3159, + 86, 3252, 3160, 3149, 86, 3163, 86, 3164, 3152, 3161, + 86, 3155, 3162, 86, 3165, 86, 3153, 3168, 3166, 3157, + 86, 3156, 3252, 86, 86, 3169, 3167, 86, 86, 3160, + 86, 86, 3163, 86, 86, 3170, 3161, 3171, 3172, 3162, + 3173, 86, 86, 3174, 3168, 3166, 86, 3175, 86, 3176, + + 3177, 3178, 3169, 3167, 86, 86, 3179, 86, 3181, 86, + 3180, 3182, 3170, 86, 3171, 3172, 86, 3173, 3183, 86, + 3174, 86, 86, 3184, 3175, 3185, 3176, 3177, 86, 3252, + 3190, 3186, 3187, 3179, 3188, 3181, 3189, 3180, 86, 3191, + 86, 3193, 3192, 3252, 86, 3183, 3199, 3194, 3252, 3195, + 3252, 86, 3185, 86, 86, 86, 86, 86, 3186, 3187, + 3196, 3188, 86, 3189, 86, 3197, 86, 3198, 86, 3192, + 86, 3200, 3201, 86, 3194, 86, 3195, 3202, 86, 86, + 86, 3203, 3204, 3206, 3211, 3205, 86, 3196, 3207, 3208, + 3252, 3210, 3197, 3209, 3198, 3214, 86, 86, 3200, 3201, + + 86, 3213, 86, 86, 3202, 86, 86, 86, 86, 3204, + 3206, 3211, 3205, 3212, 3218, 3207, 3208, 86, 3210, 3216, + 3209, 86, 3214, 3215, 3252, 3217, 3220, 86, 3213, 3219, + 3221, 86, 3222, 3223, 86, 3224, 86, 3252, 3230, 3227, + 3212, 3218, 3252, 3225, 3226, 86, 3216, 86, 3252, 86, + 3215, 86, 3217, 3220, 86, 3228, 3219, 86, 86, 3222, + 3223, 3229, 86, 86, 86, 86, 3227, 3231, 3232, 86, + 3225, 3226, 3234, 3235, 3233, 86, 3236, 86, 3237, 3238, + 86, 86, 3228, 3239, 3252, 3240, 3241, 86, 3229, 3242, + 86, 86, 3243, 3244, 3231, 3232, 86, 3245, 3250, 3234, + + 3235, 3233, 86, 3236, 3246, 86, 3238, 3247, 3251, 86, + 3239, 86, 3240, 86, 3248, 3249, 3242, 86, 3252, 86, + 86, 3252, 86, 86, 3245, 86, 86, 3252, 3252, 86, + 3252, 3246, 3252, 3252, 3247, 86, 3252, 3252, 3252, 3252, + 3252, 3248, 3249, 47, 47, 47, 47, 47, 47, 47, + 52, 52, 52, 52, 52, 52, 52, 57, 57, 57, + 57, 57, 57, 57, 63, 63, 63, 63, 63, 63, + 63, 68, 68, 68, 68, 68, 68, 68, 74, 74, + 74, 74, 74, 74, 74, 80, 80, 80, 80, 80, + 80, 80, 89, 89, 3252, 89, 89, 89, 89, 158, + + 158, 3252, 3252, 3252, 158, 158, 160, 160, 3252, 3252, + 160, 3252, 160, 162, 3252, 3252, 3252, 3252, 3252, 162, + 165, 165, 3252, 3252, 3252, 165, 165, 167, 3252, 3252, + 3252, 3252, 3252, 167, 169, 169, 3252, 169, 169, 169, + 169, 172, 3252, 3252, 3252, 3252, 3252, 172, 175, 175, + 3252, 3252, 3252, 175, 175, 90, 90, 3252, 90, 90, + 90, 90, 17, 3252, 3252, 3252, 3252, 3252, 3252, 3252, + 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, + 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, + 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, + + 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, + 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, + 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252 } ; -static const flex_int16_t yy_chk[9004] = +static const flex_int16_t yy_chk[9330] = { 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, @@ -2465,986 +2537,1021 @@ static const flex_int16_t yy_chk[9004] = 7, 7, 7, 33, 7, 8, 8, 8, 8, 32, 8, 9, 9, 9, 10, 10, 10, 19, 51, 51, - 1032, 19, 3144, 3, 32, 33, 4, 67, 67, 5, - 33, 6, 2566, 13, 13, 13, 13, 7, 13, 14, + 1066, 19, 3260, 3, 32, 33, 4, 67, 67, 5, + 33, 6, 2661, 13, 13, 13, 13, 7, 13, 14, 14, 14, 14, 8, 14, 15, 15, 15, 9, 25, - 1032, 10, 11, 11, 11, 11, 11, 11, 12, 12, + 1066, 10, 11, 11, 11, 11, 11, 11, 12, 12, 12, 12, 12, 12, 16, 16, 16, 34, 28, 84, - 84, 13, 11, 45, 1041, 25, 25, 14, 12, 34, - 39, 23, 15, 23, 23, 45, 23, 174, 28, 173, - 11, 28, 23, 39, 34, 28, 12, 171, 37, 11, - 45, 16, 158, 158, 37, 12, 30, 39, 29, 56, - 165, 165, 56, 72, 30, 28, 26, 287, 100, 23, - - 24, 24, 29, 26, 24, 37, 72, 26, 160, 24, - 26, 160, 30, 30, 29, 29, 100, 95, 24, 166, - 72, 30, 26, 26, 24, 100, 287, 24, 24, 29, - 26, 24, 95, 164, 26, 87, 24, 26, 46, 87, - 46, 46, 163, 46, 95, 24, 27, 161, 31, 46, - 27, 31, 101, 27, 94, 27, 27, 142, 31, 62, - 31, 62, 62, 192, 62, 101, 27, 70, 27, 70, + 84, 13, 11, 45, 289, 25, 25, 14, 12, 34, + 39, 23, 15, 23, 23, 45, 23, 1075, 28, 175, + 11, 28, 23, 39, 34, 28, 12, 174, 87, 11, + 45, 16, 87, 289, 37, 12, 30, 39, 29, 56, + 37, 172, 56, 72, 30, 28, 26, 167, 100, 23, + + 24, 24, 29, 26, 24, 30, 72, 26, 99, 24, + 26, 37, 30, 30, 29, 29, 100, 99, 24, 165, + 72, 30, 26, 26, 24, 100, 164, 24, 24, 29, + 26, 24, 30, 162, 26, 99, 24, 26, 46, 161, + 46, 46, 161, 46, 160, 24, 27, 158, 31, 46, + 27, 31, 101, 27, 94, 27, 27, 143, 31, 62, + 31, 62, 62, 193, 62, 101, 27, 70, 27, 70, 70, 31, 70, 27, 94, 31, 35, 27, 31, 101, - 27, 94, 27, 27, 35, 31, 93, 31, 36, 142, - 35, 96, 36, 27, 35, 192, 44, 215, 96, 42, - - 44, 42, 35, 35, 44, 70, 92, 159, 36, 93, - 42, 35, 157, 93, 36, 36, 42, 35, 96, 36, - 85, 35, 44, 44, 43, 42, 42, 44, 42, 215, - 92, 44, 218, 92, 43, 36, 38, 42, 43, 43, - 38, 109, 80, 42, 175, 175, 38, 43, 109, 38, + 27, 94, 27, 27, 35, 31, 93, 31, 36, 143, + 35, 96, 36, 27, 35, 193, 44, 217, 96, 42, + + 44, 42, 35, 35, 44, 70, 92, 85, 36, 93, + 42, 35, 80, 93, 36, 36, 42, 35, 96, 36, + 75, 35, 44, 44, 43, 42, 42, 44, 42, 217, + 92, 44, 220, 92, 43, 36, 38, 42, 43, 43, + 38, 109, 74, 42, 159, 159, 38, 43, 109, 38, 73, 43, 73, 73, 97, 73, 38, 79, 38, 79, - 79, 43, 79, 38, 218, 43, 43, 38, 109, 86, - 99, 86, 86, 38, 86, 106, 38, 75, 97, 99, - 86, 97, 98, 38, 40, 74, 68, 111, 40, 89, - 137, 89, 89, 106, 89, 98, 111, 99, 40, 40, - - 89, 40, 137, 103, 103, 63, 98, 106, 105, 98, - 40, 40, 103, 102, 111, 40, 105, 137, 104, 102, - 106, 102, 98, 104, 58, 40, 40, 89, 40, 41, - 103, 103, 41, 57, 102, 105, 107, 108, 112, 41, - 102, 899, 115, 41, 41, 104, 102, 112, 102, 107, - 108, 41, 110, 110, 113, 115, 41, 52, 47, 41, - 110, 114, 117, 107, 108, 112, 41, 18, 110, 115, - 41, 41, 899, 116, 118, 17, 116, 113, 122, 110, - 110, 113, 118, 114, 119, 123, 117, 110, 114, 116, - 116, 122, 0, 0, 117, 120, 0, 116, 124, 120, - - 116, 118, 121, 116, 119, 122, 119, 121, 123, 125, - 121, 119, 123, 117, 127, 120, 116, 116, 124, 120, - 126, 130, 120, 125, 129, 124, 120, 134, 127, 121, - 128, 119, 133, 129, 121, 0, 125, 128, 0, 133, - 126, 127, 120, 131, 130, 132, 0, 126, 130, 132, - 139, 129, 131, 134, 134, 135, 136, 128, 139, 133, - 138, 138, 135, 0, 141, 136, 0, 132, 148, 140, - 131, 136, 132, 143, 148, 152, 132, 139, 141, 136, - 140, 147, 135, 136, 140, 0, 144, 138, 143, 147, - 145, 141, 136, 140, 146, 148, 140, 152, 136, 0, - - 143, 145, 152, 144, 149, 146, 144, 140, 147, 151, - 145, 140, 144, 144, 150, 149, 154, 145, 155, 153, - 170, 146, 0, 150, 151, 154, 176, 0, 145, 156, - 144, 149, 0, 144, 153, 150, 151, 0, 0, 150, - 155, 150, 156, 154, 170, 155, 153, 170, 176, 162, - 150, 162, 162, 176, 162, 167, 156, 167, 167, 177, - 167, 168, 150, 168, 168, 172, 168, 172, 172, 178, - 172, 179, 0, 177, 180, 182, 181, 183, 178, 0, - 188, 180, 186, 179, 185, 183, 188, 187, 189, 186, - 189, 177, 181, 180, 182, 184, 178, 190, 179, 168, - - 177, 180, 182, 181, 183, 187, 185, 184, 180, 186, - 191, 185, 188, 188, 187, 189, 195, 193, 0, 190, - 196, 193, 184, 197, 190, 200, 201, 198, 0, 199, - 202, 197, 203, 201, 206, 196, 191, 191, 193, 0, - 200, 204, 195, 195, 0, 193, 206, 196, 193, 198, - 197, 199, 200, 201, 198, 203, 199, 205, 202, 203, - 208, 206, 202, 204, 207, 193, 194, 207, 204, 208, - 205, 194, 0, 209, 210, 212, 194, 0, 0, 207, - 216, 213, 194, 194, 205, 202, 220, 208, 213, 194, - 223, 207, 219, 194, 207, 209, 210, 212, 194, 219, - - 209, 210, 212, 194, 214, 227, 216, 216, 213, 194, - 194, 211, 217, 221, 211, 214, 211, 225, 220, 219, - 222, 226, 223, 217, 224, 227, 222, 221, 211, 0, - 211, 214, 227, 230, 228, 229, 0, 211, 211, 233, - 230, 211, 231, 211, 217, 221, 224, 222, 228, 225, - 217, 224, 0, 226, 221, 211, 229, 211, 233, 232, - 230, 228, 229, 231, 232, 234, 233, 235, 237, 231, - 236, 238, 240, 0, 239, 242, 243, 240, 241, 234, - 237, 239, 238, 245, 242, 244, 232, 247, 236, 235, - 244, 0, 234, 253, 235, 237, 249, 236, 238, 243, - - 241, 239, 242, 243, 240, 241, 248, 246, 246, 0, - 252, 250, 244, 248, 251, 245, 246, 254, 249, 247, - 255, 256, 251, 249, 257, 253, 0, 258, 255, 259, - 252, 260, 262, 248, 246, 246, 250, 252, 250, 257, - 258, 251, 261, 263, 264, 265, 266, 255, 264, 254, - 272, 257, 269, 256, 258, 259, 259, 268, 260, 269, - 263, 266, 271, 270, 262, 261, 271, 265, 263, 267, - 263, 264, 265, 266, 261, 273, 268, 267, 274, 269, - 276, 275, 272, 277, 268, 270, 278, 263, 279, 271, - 270, 280, 261, 286, 283, 277, 267, 279, 281, 278, - - 274, 0, 285, 275, 280, 274, 284, 273, 275, 282, - 277, 282, 276, 278, 288, 279, 289, 281, 280, 286, - 286, 290, 292, 288, 291, 281, 283, 285, 293, 285, - 284, 294, 295, 284, 292, 291, 282, 297, 296, 299, - 298, 288, 289, 289, 301, 300, 304, 290, 290, 292, - 295, 291, 293, 298, 294, 293, 296, 302, 294, 295, - 303, 305, 0, 310, 309, 296, 0, 298, 304, 297, - 300, 299, 300, 304, 302, 306, 301, 308, 309, 307, - 302, 311, 306, 308, 302, 312, 303, 303, 307, 310, - 310, 309, 313, 305, 312, 314, 0, 316, 315, 319, - - 317, 302, 306, 314, 308, 311, 307, 315, 311, 317, - 320, 318, 312, 321, 319, 313, 322, 326, 324, 313, - 325, 0, 314, 316, 316, 315, 319, 317, 318, 325, - 328, 322, 0, 338, 329, 318, 324, 321, 318, 326, - 321, 344, 320, 322, 326, 324, 0, 325, 329, 344, - 0, 327, 361, 327, 328, 318, 323, 328, 330, 323, - 338, 329, 331, 331, 323, 323, 323, 323, 344, 327, - 335, 332, 0, 330, 323, 327, 332, 333, 327, 361, - 327, 336, 335, 323, 337, 330, 323, 331, 339, 331, - 331, 323, 323, 323, 323, 334, 327, 335, 334, 336, - - 340, 333, 337, 332, 333, 334, 341, 342, 336, 343, - 339, 337, 345, 347, 352, 339, 346, 358, 341, 345, - 360, 348, 334, 348, 343, 334, 340, 340, 346, 342, - 350, 351, 348, 341, 342, 358, 343, 350, 353, 345, - 355, 356, 355, 346, 358, 347, 352, 348, 348, 354, - 348, 362, 360, 351, 356, 354, 366, 350, 351, 348, - 353, 357, 366, 359, 355, 353, 383, 355, 356, 355, - 376, 354, 0, 362, 357, 376, 354, 357, 362, 357, - 367, 363, 354, 366, 368, 357, 365, 363, 357, 359, - 359, 363, 367, 365, 375, 408, 368, 369, 383, 363, - - 0, 357, 376, 372, 357, 363, 357, 367, 363, 371, - 369, 368, 375, 365, 363, 0, 372, 377, 363, 374, - 408, 375, 408, 380, 369, 371, 363, 364, 378, 364, - 372, 374, 379, 371, 378, 380, 371, 0, 377, 381, - 379, 385, 364, 382, 377, 364, 374, 364, 385, 364, - 380, 382, 371, 364, 364, 378, 364, 381, 386, 379, - 0, 384, 384, 0, 387, 0, 381, 0, 385, 364, - 382, 386, 364, 387, 364, 0, 364, 373, 373, 388, - 394, 392, 0, 388, 395, 386, 389, 373, 384, 373, - 373, 373, 390, 389, 373, 391, 387, 393, 432, 390, - - 387, 399, 373, 392, 373, 373, 388, 391, 392, 393, - 395, 395, 394, 389, 373, 397, 373, 373, 373, 390, - 396, 373, 391, 398, 393, 432, 400, 396, 400, 401, - 397, 404, 402, 399, 403, 403, 398, 405, 404, 410, - 401, 406, 397, 414, 407, 0, 411, 396, 405, 409, - 398, 412, 406, 400, 402, 414, 401, 407, 404, 402, - 454, 411, 410, 403, 405, 454, 410, 409, 406, 411, - 414, 407, 413, 411, 409, 415, 409, 412, 412, 417, - 413, 416, 418, 419, 423, 420, 415, 454, 411, 0, - 416, 421, 417, 418, 409, 418, 425, 422, 424, 413, - - 418, 419, 415, 426, 424, 427, 417, 420, 416, 418, - 419, 428, 420, 430, 421, 422, 423, 425, 421, 435, - 418, 429, 418, 425, 422, 424, 426, 431, 429, 427, - 426, 433, 427, 428, 436, 434, 437, 0, 428, 430, - 430, 431, 440, 438, 439, 435, 435, 445, 429, 434, - 439, 441, 443, 433, 431, 438, 445, 442, 433, 437, - 446, 444, 434, 437, 440, 442, 436, 443, 444, 440, - 438, 439, 447, 441, 445, 446, 449, 448, 441, 443, - 450, 0, 0, 442, 442, 453, 451, 446, 444, 452, - 0, 449, 442, 456, 460, 452, 447, 0, 458, 447, - - 448, 460, 466, 449, 448, 459, 450, 450, 451, 457, - 467, 453, 453, 451, 461, 457, 452, 458, 468, 456, - 456, 460, 463, 459, 463, 458, 464, 465, 467, 461, - 469, 463, 459, 464, 466, 470, 457, 467, 530, 471, - 465, 461, 471, 472, 474, 475, 473, 530, 470, 463, - 468, 463, 469, 464, 465, 477, 474, 469, 471, 473, - 478, 476, 470, 479, 480, 530, 471, 472, 476, 471, - 472, 474, 482, 473, 483, 481, 479, 475, 482, 477, - 481, 484, 477, 478, 485, 486, 480, 487, 476, 0, - 479, 480, 478, 492, 493, 489, 485, 483, 487, 482, - - 492, 483, 481, 484, 494, 488, 493, 486, 484, 489, - 478, 485, 486, 488, 487, 495, 497, 496, 0, 0, - 492, 493, 489, 495, 0, 0, 505, 494, 496, 0, - 0, 494, 488, 490, 500, 499, 0, 502, 490, 497, - 490, 498, 495, 497, 496, 498, 490, 499, 490, 514, - 505, 490, 490, 505, 0, 502, 500, 514, 490, 490, - 490, 500, 499, 498, 502, 490, 501, 490, 498, 501, - 503, 504, 498, 490, 507, 490, 514, 501, 490, 490, - 503, 507, 504, 506, 512, 490, 508, 506, 509, 518, - 509, 510, 511, 501, 513, 515, 501, 518, 504, 512, - - 515, 507, 503, 516, 511, 517, 513, 503, 519, 522, - 506, 512, 508, 508, 523, 509, 518, 510, 510, 511, - 519, 513, 515, 517, 520, 516, 524, 522, 525, 528, - 516, 0, 517, 534, 526, 519, 522, 523, 529, 527, - 531, 523, 528, 525, 533, 520, 526, 527, 532, 535, - 529, 520, 534, 536, 538, 525, 528, 537, 524, 0, - 534, 526, 532, 531, 539, 529, 527, 531, 540, 533, - 541, 533, 537, 549, 543, 532, 535, 542, 544, 539, - 545, 550, 546, 541, 537, 536, 538, 545, 552, 542, - 545, 539, 540, 546, 547, 540, 543, 541, 545, 547, - - 549, 543, 544, 551, 542, 544, 548, 545, 550, 546, - 553, 554, 557, 555, 545, 552, 0, 545, 555, 556, - 548, 559, 558, 560, 566, 556, 547, 561, 563, 559, - 562, 0, 563, 548, 571, 551, 557, 553, 568, 557, - 565, 567, 560, 554, 558, 555, 556, 568, 559, 558, - 560, 561, 562, 564, 561, 563, 566, 562, 573, 569, - 572, 564, 570, 565, 567, 568, 571, 565, 567, 570, - 574, 573, 576, 579, 575, 574, 0, 578, 581, 574, - 564, 569, 572, 575, 577, 573, 569, 572, 578, 570, - 580, 581, 584, 577, 574, 579, 582, 574, 576, 576, - - 579, 575, 574, 585, 578, 581, 574, 586, 582, 592, - 587, 577, 580, 588, 589, 0, 591, 580, 592, 593, - 590, 585, 596, 582, 584, 597, 595, 591, 603, 596, - 585, 586, 587, 587, 586, 588, 592, 587, 589, 593, - 588, 589, 590, 591, 594, 598, 593, 590, 595, 596, - 600, 601, 597, 595, 599, 602, 605, 608, 594, 587, - 603, 600, 599, 598, 604, 606, 606, 611, 607, 601, - 602, 594, 598, 610, 613, 612, 615, 600, 601, 608, - 605, 599, 602, 605, 608, 604, 610, 609, 614, 620, - 0, 604, 607, 617, 606, 607, 609, 612, 615, 611, - - 610, 625, 612, 615, 616, 618, 613, 617, 619, 616, - 621, 622, 614, 626, 609, 614, 628, 623, 621, 618, - 617, 620, 619, 619, 624, 630, 0, 625, 625, 622, - 619, 624, 618, 626, 632, 619, 616, 621, 622, 623, - 626, 627, 629, 633, 623, 633, 634, 630, 628, 619, - 619, 624, 630, 631, 635, 636, 627, 629, 631, 642, - 632, 632, 635, 637, 0, 627, 638, 639, 627, 629, - 633, 634, 637, 634, 643, 638, 639, 641, 640, 0, - 636, 635, 636, 627, 641, 631, 640, 645, 644, 647, - 637, 642, 648, 638, 639, 646, 649, 643, 647, 645, - - 648, 643, 651, 653, 641, 640, 644, 646, 650, 654, - 656, 649, 652, 655, 645, 644, 647, 654, 653, 648, - 650, 655, 646, 649, 662, 652, 0, 0, 664, 657, - 653, 658, 659, 656, 651, 650, 654, 656, 657, 652, - 655, 659, 658, 660, 660, 661, 662, 663, 667, 666, - 665, 662, 660, 661, 664, 664, 657, 666, 658, 659, - 663, 669, 0, 674, 667, 668, 672, 673, 670, 676, - 660, 660, 661, 665, 663, 667, 666, 665, 668, 670, - 672, 671, 675, 669, 677, 674, 680, 673, 669, 671, - 674, 676, 668, 672, 673, 670, 676, 679, 678, 681, - - 682, 683, 675, 688, 680, 0, 677, 678, 671, 675, - 684, 677, 681, 680, 685, 0, 683, 679, 682, 686, - 687, 688, 689, 690, 679, 678, 681, 682, 683, 691, - 688, 692, 684, 687, 689, 691, 690, 684, 685, 0, - 693, 685, 686, 694, 695, 697, 686, 687, 693, 689, - 690, 698, 699, 697, 700, 702, 691, 702, 692, 699, - 703, 701, 695, 704, 0, 705, 693, 693, 0, 703, - 694, 695, 697, 706, 712, 693, 701, 700, 709, 699, - 707, 700, 702, 698, 705, 709, 712, 703, 701, 707, - 718, 719, 705, 706, 708, 704, 708, 0, 0, 715, - - 706, 712, 0, 721, 722, 709, 0, 707, 718, 715, - 723, 727, 719, 0, 0, 722, 730, 718, 719, 724, - 727, 708, 710, 728, 721, 710, 715, 725, 726, 710, - 721, 722, 710, 723, 729, 732, 728, 723, 727, 710, - 710, 729, 710, 760, 726, 724, 724, 710, 730, 710, - 728, 734, 710, 725, 725, 726, 710, 732, 733, 710, - 734, 729, 732, 735, 733, 735, 710, 710, 736, 710, - 731, 731, 737, 731, 738, 760, 731, 737, 734, 739, - 742, 731, 0, 741, 0, 733, 0, 731, 731, 743, - 735, 745, 736, 0, 738, 736, 731, 731, 731, 740, - - 731, 738, 742, 731, 737, 739, 739, 742, 731, 741, - 741, 740, 744, 743, 731, 731, 743, 746, 745, 748, - 747, 750, 749, 751, 752, 754, 740, 748, 750, 753, - 766, 751, 756, 759, 744, 747, 0, 754, 759, 744, - 755, 762, 746, 752, 746, 749, 748, 747, 750, 749, - 751, 752, 754, 755, 757, 753, 753, 758, 756, 756, - 759, 761, 766, 757, 763, 765, 767, 755, 762, 763, - 769, 0, 758, 768, 0, 0, 771, 770, 773, 774, - 772, 757, 776, 761, 758, 0, 0, 765, 761, 775, - 777, 776, 765, 778, 780, 768, 763, 771, 767, 772, - - 768, 770, 769, 771, 770, 773, 774, 772, 775, 776, - 779, 781, 777, 778, 782, 783, 775, 777, 779, 784, - 778, 780, 786, 788, 787, 0, 788, 784, 0, 781, - 789, 791, 792, 782, 794, 790, 794, 779, 781, 797, - 786, 782, 787, 793, 797, 795, 784, 783, 819, 786, - 788, 787, 789, 790, 792, 791, 793, 789, 791, 792, - 796, 794, 790, 795, 798, 799, 801, 800, 806, 0, - 793, 797, 795, 802, 796, 800, 802, 799, 803, 805, - 819, 808, 807, 809, 801, 0, 803, 796, 807, 809, - 798, 798, 799, 801, 800, 806, 812, 814, 816, 0, - - 802, 812, 803, 808, 805, 803, 805, 810, 808, 807, - 809, 811, 813, 803, 810, 814, 815, 817, 811, 813, - 815, 816, 818, 812, 814, 816, 817, 820, 822, 823, - 818, 821, 824, 827, 810, 825, 822, 0, 811, 813, - 828, 826, 823, 815, 817, 820, 821, 828, 825, 818, - 830, 829, 831, 824, 820, 822, 823, 830, 821, 824, - 827, 833, 825, 826, 836, 832, 833, 828, 826, 829, - 838, 831, 832, 834, 837, 835, 839, 830, 829, 831, - 840, 834, 835, 838, 841, 842, 843, 840, 833, 849, - 0, 844, 832, 846, 0, 845, 836, 838, 847, 844, - - 834, 848, 835, 845, 847, 850, 837, 840, 839, 843, - 845, 853, 852, 843, 851, 846, 841, 842, 844, 855, - 846, 849, 845, 851, 854, 847, 852, 848, 848, 850, - 845, 854, 850, 856, 857, 858, 859, 0, 861, 852, - 858, 851, 856, 853, 862, 860, 855, 863, 859, 862, - 865, 854, 867, 864, 863, 867, 857, 868, 865, 870, - 856, 857, 873, 859, 861, 861, 870, 858, 860, 874, - 868, 862, 860, 875, 863, 864, 871, 865, 876, 867, - 864, 877, 871, 877, 868, 875, 870, 896, 873, 873, - 0, 878, 874, 881, 880, 0, 874, 879, 882, 0, - - 875, 0, 0, 871, 872, 876, 872, 880, 877, 879, - 872, 882, 872, 885, 878, 881, 884, 872, 878, 896, - 881, 880, 872, 886, 879, 882, 885, 883, 872, 887, - 889, 872, 883, 872, 884, 886, 890, 872, 888, 872, - 885, 887, 891, 884, 872, 889, 886, 892, 888, 872, - 886, 893, 894, 892, 897, 891, 887, 889, 890, 883, - 888, 895, 886, 890, 893, 888, 898, 900, 901, 891, - 894, 903, 0, 901, 892, 888, 902, 0, 893, 894, - 903, 905, 895, 906, 902, 910, 897, 907, 895, 909, - 0, 908, 0, 898, 911, 901, 905, 915, 903, 900, - - 907, 0, 0, 902, 904, 906, 908, 910, 905, 904, - 906, 904, 910, 911, 907, 909, 909, 904, 908, 912, - 913, 911, 904, 904, 915, 914, 919, 920, 913, 904, - 904, 904, 912, 914, 916, 917, 904, 921, 904, 922, - 923, 924, 917, 930, 904, 921, 912, 913, 942, 904, - 904, 920, 914, 922, 920, 927, 904, 916, 919, 925, - 928, 916, 917, 924, 921, 929, 922, 925, 924, 932, - 931, 933, 923, 927, 934, 930, 929, 932, 928, 937, - 942, 934, 927, 936, 940, 938, 925, 928, 931, 935, - 936, 939, 929, 933, 937, 0, 932, 931, 933, 948, - - 946, 934, 935, 938, 941, 940, 937, 948, 944, 939, - 936, 940, 938, 946, 941, 947, 935, 949, 939, 944, - 950, 951, 947, 952, 953, 957, 948, 946, 0, 950, - 949, 941, 956, 951, 958, 944, 959, 964, 962, 960, - 964, 0, 947, 957, 949, 952, 953, 950, 951, 962, - 952, 953, 957, 960, 956, 965, 966, 963, 970, 956, - 958, 958, 963, 964, 964, 962, 960, 964, 959, 966, - 967, 969, 970, 968, 971, 972, 0, 967, 974, 965, - 969, 973, 965, 966, 968, 970, 971, 975, 973, 963, - 976, 977, 979, 981, 983, 991, 980, 967, 969, 975, - - 968, 971, 980, 982, 977, 983, 984, 972, 973, 985, - 974, 986, 976, 988, 975, 981, 979, 976, 977, 979, - 981, 983, 990, 980, 989, 982, 986, 991, 984, 992, - 982, 985, 993, 984, 988, 989, 985, 994, 986, 995, - 988, 996, 0, 990, 997, 999, 994, 998, 1001, 990, - 993, 989, 999, 997, 1000, 998, 992, 1002, 1003, 993, - 1004, 1005, 1001, 995, 994, 1007, 995, 996, 996, 1006, - 1011, 997, 999, 1010, 998, 1001, 1009, 1012, 1000, 1013, - 1010, 1000, 1004, 1005, 0, 1009, 1016, 1004, 1005, 1002, - 1003, 1006, 1014, 1015, 1018, 1016, 1006, 1007, 1019, 1012, - - 1010, 1017, 1011, 1009, 1012, 1021, 1013, 1020, 1023, 1017, - 1014, 1015, 1022, 1016, 1021, 1024, 1023, 1025, 1018, 1014, - 1015, 1018, 1019, 1020, 1026, 1019, 1027, 1022, 1017, 1028, - 1029, 1030, 1021, 1033, 1020, 1023, 1026, 1031, 1029, 1022, - 1039, 1034, 1033, 1036, 1030, 1036, 1035, 1024, 1027, 1025, - 0, 1026, 1031, 1027, 1035, 1038, 1028, 1029, 1030, 1034, - 1033, 1042, 1040, 1038, 1031, 1043, 1044, 1039, 1034, 1040, - 1036, 1047, 1045, 1035, 1042, 1049, 1048, 1043, 1046, 1050, - 0, 1044, 1038, 1048, 0, 1052, 1051, 1053, 1042, 1040, - 0, 1054, 1043, 1044, 1045, 1056, 1046, 1063, 1047, 1045, - - 0, 0, 1055, 1048, 1054, 1046, 1059, 1049, 1051, 1053, - 1052, 1050, 1052, 1051, 1053, 1055, 1057, 1056, 1054, 1058, - 1060, 1064, 1056, 1061, 1063, 1066, 1059, 1058, 1057, 1055, - 1065, 1061, 1060, 1059, 1064, 1067, 1071, 1066, 1068, 1065, - 0, 1072, 1073, 1057, 1069, 1068, 1058, 1060, 1064, 1074, - 1061, 1077, 1066, 1069, 1075, 1069, 1067, 1065, 1069, 1071, - 1076, 1079, 1067, 1071, 1073, 1068, 1069, 1072, 1072, 1073, - 1079, 1069, 1080, 1076, 1075, 1077, 1074, 0, 1077, 1081, - 1069, 1075, 1069, 1078, 1082, 1069, 1084, 1076, 1079, 1083, - 1080, 1078, 1082, 1085, 1086, 1088, 1089, 1090, 1091, 1080, - - 1095, 1081, 1086, 1093, 1083, 1091, 1081, 1092, 1084, 1085, - 1078, 1082, 1095, 1084, 1094, 1176, 1083, 1100, 1089, 1090, - 1085, 1086, 1088, 1089, 1090, 1091, 1093, 1095, 1096, 1092, - 1093, 1097, 1094, 1098, 1092, 1099, 1101, 1100, 1102, 1097, - 1096, 1094, 1176, 1103, 1100, 1104, 1102, 1099, 1098, 1103, - 1105, 1101, 1106, 1111, 1104, 1096, 1109, 1112, 1097, 1107, - 1098, 1108, 1099, 1101, 1106, 1102, 1107, 1113, 1108, 1112, - 1103, 1105, 1104, 1114, 1109, 1115, 1116, 1105, 1117, 1106, - 1113, 1119, 1115, 1109, 1112, 1111, 1107, 1121, 1108, 1119, - 1118, 1120, 1114, 1117, 1113, 1118, 0, 1122, 1116, 1124, - - 1114, 1121, 1115, 1116, 1120, 1117, 1126, 1142, 1119, 1125, - 1128, 0, 0, 1124, 1121, 1127, 1130, 1129, 1120, 1133, - 1142, 0, 1118, 1122, 1122, 1123, 1124, 1125, 1123, 1123, - 0, 1131, 1128, 1123, 1142, 1129, 1125, 1128, 1126, 1123, - 1132, 1127, 1127, 1123, 1129, 1133, 1133, 1123, 1130, 1135, - 1139, 1134, 1123, 1131, 1138, 1123, 1123, 1134, 1131, 1136, - 1123, 1136, 1132, 1138, 1137, 1140, 1123, 1132, 1139, 1144, - 1123, 1137, 1140, 1141, 1145, 1135, 1135, 1139, 1134, 0, - 1143, 1138, 1146, 1136, 1149, 1147, 1136, 1151, 1136, 1143, - 0, 1137, 1140, 0, 1153, 1141, 1150, 1150, 0, 0, - - 1141, 1144, 0, 1151, 1146, 1156, 1145, 1143, 1147, 1146, - 1149, 1149, 1147, 1148, 1151, 1154, 1160, 1153, 1148, 1155, - 1148, 1153, 1148, 1156, 1148, 1150, 1158, 1154, 1155, 1157, - 1159, 1148, 1156, 1163, 1157, 1159, 1162, 1161, 1160, 1165, - 1148, 1163, 1154, 1160, 1158, 1148, 1155, 1148, 1164, 1148, - 1161, 1148, 1165, 1158, 1162, 1166, 1164, 1159, 1167, 1168, - 1163, 1157, 1173, 1162, 1161, 1172, 1165, 1169, 1170, 1171, - 1174, 1173, 1174, 1178, 1179, 1164, 1175, 0, 1168, 1177, - 1169, 1181, 1171, 1172, 1167, 1167, 1168, 1166, 1182, 1173, - 1170, 1177, 1172, 1184, 1169, 1170, 1171, 1174, 1175, 1179, - - 1178, 1179, 1185, 1175, 1183, 1181, 1177, 1186, 1181, 1187, - 1182, 1184, 1183, 1188, 1186, 1182, 1189, 1190, 1191, 1192, - 1184, 1193, 0, 1190, 1191, 1194, 1195, 0, 1193, 1185, - 0, 1183, 1196, 1195, 1186, 1198, 1187, 1197, 1189, 1188, - 1188, 1199, 1201, 1189, 1190, 1191, 1192, 1211, 1193, 1194, - 1199, 1202, 1194, 1195, 1196, 1197, 1211, 1203, 1204, 1196, - 1198, 1205, 1198, 1202, 1197, 1207, 1201, 1206, 1199, 1201, - 1209, 1204, 1212, 1208, 1211, 1214, 1210, 1216, 1202, 1203, - 1217, 1213, 1219, 1205, 1203, 1204, 1206, 1207, 1205, 1214, - 1222, 1218, 1207, 1212, 1206, 1208, 1209, 1209, 1210, 1212, - - 1208, 1213, 1214, 1210, 1220, 1223, 1222, 1221, 1213, 1216, - 1229, 0, 1217, 1218, 1219, 1221, 1224, 1222, 1218, 1227, - 1228, 1226, 1220, 1224, 1228, 1230, 1227, 1233, 1231, 1235, - 0, 1220, 1223, 1226, 1221, 1236, 1235, 1239, 1234, 1237, - 0, 0, 1229, 1224, 1234, 1238, 1227, 1228, 1226, 1231, - 1236, 1234, 1237, 1240, 1238, 1231, 1235, 1230, 1244, 1233, - 1240, 1242, 1236, 1239, 1239, 1234, 1237, 1241, 1243, 1241, - 1242, 1234, 1238, 1245, 1246, 1248, 1249, 1245, 1250, 1251, - 1240, 1249, 0, 1248, 1252, 1244, 1253, 1250, 1242, 0, - 1243, 1261, 1254, 1258, 1241, 1243, 1246, 1251, 1257, 1253, - - 1245, 1246, 1248, 1252, 1254, 1250, 1251, 1256, 1249, 1255, - 1256, 1252, 1255, 1253, 1259, 1262, 1257, 1263, 1258, 1254, - 1258, 1255, 1265, 1261, 0, 1257, 1264, 1259, 1268, 1256, - 1265, 1264, 1269, 1263, 1256, 1271, 1255, 1256, 1262, 1255, - 0, 1259, 1262, 1267, 1263, 1266, 1266, 1270, 1274, 1265, - 1268, 1277, 1267, 1272, 1269, 1268, 1270, 1271, 1264, 1269, - 1272, 1274, 1271, 1278, 1275, 1281, 0, 1276, 1282, 1284, - 1267, 0, 1266, 1275, 1270, 1274, 1276, 1277, 1277, 1279, - 1272, 1280, 1284, 1282, 1283, 1288, 1278, 1285, 1279, 1280, - 1278, 1275, 1283, 1286, 1276, 1282, 1284, 1281, 1289, 1285, - - 1290, 1287, 1299, 1292, 1291, 1286, 1279, 1288, 1280, 1287, - 1293, 1283, 1288, 1291, 1285, 1296, 1300, 1294, 1289, 1295, - 1286, 1292, 1290, 1298, 1304, 1289, 1296, 1290, 1287, 1294, - 1292, 1291, 1297, 1305, 1299, 1301, 1293, 1293, 1297, 1302, - 1295, 1308, 1296, 1307, 1294, 1298, 1295, 0, 1300, 1306, - 1298, 1304, 1307, 1310, 1308, 1311, 1305, 1309, 1313, 1297, - 1305, 1301, 1301, 0, 1312, 1302, 1302, 1306, 1308, 1309, - 1307, 1312, 1314, 1310, 1315, 1316, 1306, 1313, 1320, 1319, - 1310, 1311, 1311, 1316, 1309, 1313, 1319, 1315, 1317, 1321, - 1318, 1312, 1322, 1317, 1314, 1318, 1323, 1321, 0, 1314, - - 1322, 1315, 1316, 1324, 1320, 1320, 1319, 1325, 1328, 1327, - 1326, 1329, 1330, 1330, 1323, 1325, 1321, 1326, 1327, 1322, - 1317, 1331, 1318, 1323, 1332, 1324, 1334, 1333, 0, 0, - 1324, 0, 1332, 1329, 1325, 1335, 1327, 1326, 1329, 1330, - 1328, 1336, 1337, 1335, 1338, 1341, 1339, 1345, 1333, 1336, - 1337, 1332, 1338, 1331, 1333, 1340, 1343, 1341, 1334, 1339, - 1342, 1340, 1335, 1344, 1346, 1349, 1347, 1350, 1336, 1337, - 1351, 1338, 1341, 1339, 1345, 1348, 0, 1356, 1344, 1349, - 1343, 1355, 1340, 1343, 1351, 1350, 1342, 1342, 1347, 1356, - 1344, 1346, 1349, 1347, 1350, 1352, 1354, 1351, 1348, 1352, - - 1357, 1359, 1348, 1355, 1356, 1354, 1358, 1357, 1355, 1360, - 1361, 1365, 1352, 1362, 0, 0, 1363, 1358, 0, 1364, - 1352, 1366, 1352, 1354, 1371, 1362, 1352, 1357, 1359, 1370, - 1363, 1360, 0, 1358, 1365, 1378, 1360, 1377, 1365, 1352, - 1362, 1364, 1361, 1363, 1366, 1367, 1364, 1368, 1366, 1373, - 1369, 1371, 1367, 1375, 1381, 0, 1368, 1369, 1373, 1375, - 1376, 1370, 1379, 1377, 1377, 1384, 1383, 1378, 1385, 1379, - 1388, 1389, 1367, 1386, 1368, 0, 1373, 1369, 1389, 1385, - 1375, 1381, 1376, 1390, 1386, 1391, 1395, 1376, 1397, 1379, - 1383, 1392, 1384, 1383, 1388, 1385, 1393, 1388, 1389, 1394, - - 1386, 1390, 1393, 1392, 1396, 1407, 1398, 1394, 1395, 1400, - 1390, 1391, 1391, 1395, 1397, 1397, 1399, 1396, 1392, 1402, - 1401, 1400, 1401, 1393, 1398, 1399, 1394, 1403, 1404, 1405, - 1406, 1396, 1407, 1398, 1409, 1408, 1400, 1404, 1410, 1411, - 1403, 1409, 1406, 1399, 1411, 1402, 1402, 1401, 1413, 1417, - 1415, 1405, 1412, 0, 1403, 1404, 1405, 1406, 1408, 1414, - 1419, 1409, 1408, 1418, 1410, 1410, 1411, 1414, 1412, 1419, - 1420, 1413, 1415, 1424, 1418, 1413, 1417, 1415, 1422, 1412, - 1421, 1421, 1423, 1420, 1423, 1426, 1414, 1419, 1421, 1425, - 1418, 1422, 1426, 1429, 1427, 1428, 1430, 1420, 1433, 1424, - - 1424, 1427, 1431, 1430, 1432, 1422, 1435, 1421, 1421, 1423, - 1434, 1425, 1426, 1428, 1438, 1429, 1425, 1434, 1440, 1437, - 1429, 1427, 1428, 1430, 1455, 1439, 1432, 1431, 1442, 1431, - 1433, 1432, 1437, 1439, 1444, 0, 1445, 1434, 1435, 1440, - 1443, 1438, 1447, 1443, 1446, 1440, 1437, 1448, 1449, 1451, - 1442, 1447, 1439, 1450, 0, 1442, 1455, 1446, 1451, 1448, - 1444, 1444, 1445, 1445, 1459, 1456, 1452, 1443, 1460, 1447, - 1453, 1446, 1449, 1463, 1448, 1449, 1451, 1453, 1457, 1450, - 1450, 1452, 1459, 1454, 1462, 1464, 1454, 1456, 1466, 0, - 1460, 1459, 1456, 1452, 1457, 1460, 1465, 1453, 1454, 1461, - - 1463, 1461, 1457, 1467, 1468, 1457, 1469, 1454, 1462, 1475, - 1454, 1462, 1473, 1454, 1466, 1466, 1472, 1464, 1465, 1473, - 1470, 1457, 1471, 1465, 1472, 1454, 1461, 1474, 1469, 1467, - 1467, 1471, 1476, 1469, 1470, 1477, 1468, 1478, 1479, 1473, - 1481, 1475, 1479, 1472, 1480, 1484, 1482, 1470, 1485, 1471, - 1483, 1474, 1484, 0, 1474, 1485, 0, 1477, 0, 1483, - 1491, 1486, 1477, 1487, 1476, 1479, 1480, 1481, 1482, 1478, - 1488, 1480, 1484, 1482, 1486, 1485, 1487, 1483, 1489, 1492, - 1490, 1495, 1493, 1494, 1497, 1488, 1492, 1495, 1486, 1493, - 1487, 1498, 1491, 1489, 1490, 1499, 1494, 1488, 1498, 1500, - - 1501, 1502, 1505, 1507, 0, 1489, 1492, 1490, 1495, 1493, - 1494, 1497, 1501, 1503, 1502, 1504, 1503, 1499, 1498, 1506, - 1505, 0, 1499, 1507, 1504, 1500, 1500, 1501, 1502, 1505, - 1507, 1506, 1508, 1509, 1514, 1508, 1511, 1513, 1515, 1513, - 1503, 1511, 1504, 1516, 1509, 1518, 1506, 1519, 1511, 1520, - 1508, 1517, 0, 1521, 1518, 0, 1531, 1523, 1514, 1508, - 1509, 1514, 1508, 1511, 1513, 1515, 1517, 1521, 1511, 1522, - 1516, 1519, 1518, 1524, 1519, 1525, 1520, 1522, 1517, 1523, - 1521, 1526, 1528, 1525, 1523, 1527, 1529, 1530, 1531, 1529, - 1528, 1532, 1526, 1534, 1533, 1524, 1522, 1535, 1536, 1537, - - 1524, 1533, 1525, 1527, 1529, 1530, 1535, 1534, 1526, 1528, - 1537, 1536, 1527, 1529, 1530, 1538, 1529, 1541, 1532, 1541, - 1534, 1533, 1542, 1544, 1535, 1536, 1537, 1543, 1545, 1546, - 1538, 1542, 1553, 1547, 1544, 1549, 1550, 1553, 0, 1552, - 1548, 0, 1538, 1548, 1541, 1550, 1545, 1547, 1552, 1542, - 1544, 1546, 1559, 1543, 1543, 1545, 1546, 1549, 1548, 1547, - 1547, 1556, 1549, 1550, 1553, 1551, 1552, 1548, 1555, 1558, - 1548, 1551, 1557, 1556, 1547, 1561, 1560, 1557, 1562, 1563, - 1564, 1555, 1567, 1569, 1559, 1560, 1565, 1568, 1556, 1567, - 1570, 1558, 1551, 1572, 1580, 1555, 1558, 1574, 0, 1557, - - 1568, 1563, 1561, 1560, 1570, 1571, 1563, 1565, 1580, 1567, - 1562, 1571, 1564, 1565, 1568, 1569, 1574, 1570, 1576, 1577, - 1578, 1580, 1579, 1581, 1574, 1572, 1576, 1577, 1582, 1571, - 1583, 1584, 1571, 1585, 1586, 1588, 1593, 1581, 1571, 1578, - 1579, 1582, 1587, 1583, 1589, 1576, 1577, 1578, 0, 1579, - 1581, 1589, 1584, 1591, 1590, 1582, 1587, 1583, 1584, 1592, - 1598, 1591, 1588, 1590, 1595, 1585, 1586, 1594, 1593, 1587, - 1599, 1589, 1594, 1592, 1596, 1595, 1600, 1599, 1601, 1584, - 1591, 1590, 1602, 1596, 1603, 1609, 1592, 1598, 1605, 1604, - 1608, 1595, 1605, 1607, 1594, 0, 1613, 1599, 1611, 1600, - - 1601, 1596, 1608, 1600, 1602, 1601, 1603, 1604, 1607, 1602, - 1610, 1603, 1609, 1611, 1612, 1605, 1604, 1608, 1610, 1614, - 1607, 1616, 1612, 1613, 1615, 1611, 1618, 1617, 1619, 1620, - 1621, 1622, 1614, 1624, 1618, 1619, 1616, 1610, 1623, 1625, - 1622, 1612, 1617, 1626, 1615, 1621, 1614, 1628, 1616, 1629, - 1630, 1615, 1631, 1618, 1617, 1619, 1632, 1621, 1622, 1623, - 1624, 1620, 1633, 1625, 1634, 1623, 1625, 1629, 1635, 1628, - 1626, 1632, 1636, 0, 1628, 1635, 1629, 1636, 1639, 1631, - 1640, 1637, 1630, 1632, 1638, 1641, 1642, 1633, 1634, 1633, - 1637, 1634, 1643, 1638, 1644, 1635, 1645, 1650, 1651, 1636, - - 1639, 1642, 1640, 1641, 1643, 1639, 1648, 1640, 1637, 1645, - 1646, 1638, 1641, 1642, 1645, 1649, 1644, 1646, 1647, 1643, - 1652, 1644, 1656, 1645, 1650, 1647, 1652, 1649, 1648, 1656, - 1651, 1654, 1655, 1648, 1660, 1657, 1645, 1646, 1659, 1654, - 1647, 1661, 1649, 1655, 1658, 1647, 1658, 1652, 1662, 1656, - 1663, 1667, 1647, 1664, 1669, 1662, 1672, 1658, 1654, 1655, - 1657, 1660, 1657, 1665, 1659, 1659, 1666, 1670, 1661, 1665, - 1674, 1658, 1666, 1658, 1668, 1662, 1673, 1663, 1667, 1664, - 1664, 1675, 1676, 1675, 1677, 1673, 1669, 1678, 1672, 1680, - 1665, 1670, 1684, 1666, 1670, 1679, 0, 1668, 1692, 1687, - - 1682, 1668, 1674, 1673, 1687, 1683, 1676, 1682, 1675, 1676, - 1689, 1677, 1683, 1678, 1678, 1688, 1685, 1679, 1681, 1681, - 1681, 1680, 1679, 1685, 1684, 1681, 1691, 1682, 1688, 1696, - 1692, 1687, 1683, 1681, 1690, 1689, 1693, 1689, 1691, 1697, - 1697, 1694, 1688, 1685, 1698, 1681, 1681, 1681, 1694, 1695, - 1690, 1699, 1681, 1691, 1693, 1695, 1696, 1700, 1699, 1701, - 1702, 1690, 1700, 1693, 1706, 1703, 1697, 1707, 1694, 1707, - 1698, 1698, 1703, 1711, 1712, 1708, 1695, 1710, 1699, 1711, - 1713, 1717, 1714, 1716, 1700, 1701, 1701, 1702, 1714, 1715, - 1724, 1706, 1703, 1708, 1707, 1710, 1718, 1718, 1719, 1717, - - 1711, 1715, 1708, 1716, 1710, 1723, 1712, 1713, 1717, 1714, - 1716, 1720, 1720, 1725, 1726, 1721, 1715, 1727, 1728, 1729, - 1725, 1730, 1724, 1718, 1719, 1719, 1721, 1723, 1732, 1731, - 1734, 1733, 1723, 1739, 1726, 1732, 1735, 1740, 1720, 1733, - 1725, 1726, 1721, 1730, 1736, 1734, 1729, 1731, 1730, 1727, - 1728, 1737, 1737, 1736, 1738, 1732, 1731, 1734, 1733, 1741, - 1735, 1742, 1747, 1735, 1748, 1739, 1741, 1743, 1745, 1740, - 0, 1736, 1746, 1742, 1749, 1745, 1756, 1746, 1737, 1752, - 1738, 1738, 1749, 1743, 1747, 1750, 1741, 1752, 1742, 1747, - 1743, 1748, 1753, 1754, 1743, 1745, 1766, 1750, 1755, 1746, - - 1757, 1749, 1758, 1756, 1759, 1760, 1752, 1758, 1761, 1762, - 1743, 1760, 1750, 1769, 1754, 1753, 1755, 1762, 1758, 1753, - 1754, 1761, 1763, 1757, 1768, 1755, 1764, 1757, 1766, 1758, - 1765, 1759, 1760, 1764, 1758, 1761, 1762, 1765, 1767, 1771, - 1769, 1770, 1773, 1774, 1763, 1775, 1768, 1776, 1774, 1763, - 1767, 1768, 1775, 1764, 1778, 1780, 1779, 1765, 1781, 1774, - 1773, 1779, 1771, 1785, 1783, 1767, 1771, 1770, 1770, 1773, - 1774, 0, 1775, 1788, 1776, 1774, 1782, 1782, 1784, 1787, - 1791, 1778, 1789, 1790, 1792, 1790, 1783, 1780, 1779, 1792, - 1781, 1783, 1793, 1784, 1787, 1785, 1788, 1789, 1794, 1795, - - 1788, 1797, 1803, 1782, 1804, 1784, 1787, 1798, 1799, 1789, - 1790, 1792, 1791, 1801, 1795, 1798, 1797, 1802, 1806, 1808, - 1794, 1807, 0, 0, 1793, 1794, 1795, 0, 1797, 1803, - 1799, 1804, 1805, 1809, 1798, 1799, 1812, 1801, 1810, 1805, - 1801, 1808, 1807, 1802, 1802, 1814, 1808, 1815, 1807, 1816, - 1806, 1818, 1819, 1821, 1809, 1820, 1810, 1825, 1812, 1805, - 1809, 1823, 1815, 1812, 1826, 1810, 1818, 1819, 1822, 1814, - 1824, 1828, 1814, 1831, 1815, 1816, 1816, 1820, 1818, 1819, - 1821, 1825, 1820, 1823, 1825, 1830, 1822, 1827, 1823, 1828, - 1829, 1826, 1824, 1830, 1827, 1822, 1831, 1824, 1828, 1829, - - 1831, 1832, 1833, 1835, 1834, 1837, 1836, 0, 0, 1839, - 1840, 1841, 1830, 1834, 1827, 1836, 1842, 1829, 1837, 1840, - 1839, 1835, 1843, 1832, 1844, 1850, 1846, 1847, 1832, 1841, - 1835, 1834, 1837, 1836, 1833, 1839, 1839, 1840, 1841, 1844, - 1843, 1847, 1842, 1842, 1845, 1852, 1853, 1839, 1846, 1843, - 1845, 1844, 1850, 1846, 1847, 1854, 1856, 1853, 1858, 1860, - 1859, 1857, 0, 0, 1861, 1862, 1854, 0, 1856, 1852, - 1859, 1845, 1852, 1853, 1857, 1863, 1865, 0, 1868, 1866, - 1869, 0, 1854, 1856, 1866, 1860, 1860, 1859, 1857, 1861, - 1858, 1861, 1862, 1867, 1863, 1870, 1865, 1871, 1869, 1872, - - 1867, 1870, 1863, 1865, 1868, 1868, 1866, 1869, 1873, 1874, - 1874, 1878, 1871, 1875, 1872, 1879, 1876, 1880, 1878, 1881, - 1867, 1883, 1870, 1873, 1871, 1875, 1872, 1882, 1881, 1876, - 1879, 1884, 1885, 1887, 1882, 1873, 1874, 1876, 1878, 1885, - 1875, 1888, 1879, 1876, 1880, 1883, 1881, 1890, 1883, 1893, - 1891, 0, 1889, 1884, 1882, 1887, 1876, 1896, 1884, 1885, - 1887, 1889, 1895, 1897, 1903, 1899, 1888, 1893, 1888, 1890, - 1891, 1895, 1898, 1899, 1890, 1896, 1893, 1891, 1897, 1889, - 1901, 1902, 1904, 1904, 1896, 0, 1906, 1913, 1905, 1895, - 1897, 1903, 1899, 1909, 1902, 1907, 1908, 1898, 1911, 1898, - - 1918, 1913, 1909, 0, 1912, 1901, 1914, 1901, 1902, 1904, - 1905, 1906, 1910, 1906, 1913, 1905, 1916, 1907, 1908, 1910, - 1909, 1917, 1907, 1908, 1916, 1914, 1912, 1918, 1919, 1920, - 1911, 1912, 1922, 1914, 1917, 1921, 1923, 0, 0, 1910, - 1924, 1920, 1921, 1916, 1925, 1927, 1928, 1932, 1917, 1926, - 0, 1929, 1931, 1925, 1919, 1919, 1920, 1926, 1923, 1930, - 0, 1928, 1921, 1923, 1922, 1924, 1933, 1924, 1926, 1932, - 1931, 1925, 1927, 1928, 1932, 1933, 1926, 1929, 1929, 1931, - 1935, 1936, 1937, 1935, 1926, 1930, 1930, 1938, 1937, 1940, - 1942, 1943, 1938, 1933, 1939, 0, 1947, 1946, 1935, 1949, - - 1944, 0, 1948, 1947, 1940, 1942, 1936, 1935, 1936, 1937, - 1935, 1946, 1939, 1943, 1981, 0, 1940, 1942, 1943, 1938, - 1948, 1939, 1944, 1947, 1946, 1950, 1949, 1944, 1951, 1948, - 1952, 1953, 1956, 1954, 1950, 1957, 1958, 1951, 1961, 1959, - 0, 1952, 1960, 1958, 1953, 1954, 1981, 1956, 0, 1966, - 1957, 1970, 1950, 1970, 1964, 1951, 1961, 1952, 1953, 1956, - 1954, 1959, 1957, 1958, 1960, 1961, 1959, 1964, 1967, 1960, - 1966, 1968, 1967, 1969, 1971, 1964, 1966, 1972, 1970, 1973, - 1974, 1964, 1969, 1968, 1983, 1975, 1976, 0, 1977, 1978, - 1982, 1979, 1971, 1975, 1964, 1967, 1979, 1973, 1968, 1988, - - 1969, 1971, 1984, 1978, 1972, 1991, 1973, 1974, 1983, 1976, - 1977, 1983, 1975, 1976, 1980, 1977, 1978, 1985, 1979, 1980, - 1990, 1984, 1982, 1989, 1985, 1992, 1988, 1993, 1995, 1984, - 1994, 1996, 1991, 0, 2000, 1997, 1998, 1989, 1990, 1994, - 0, 0, 1993, 1999, 1985, 2002, 1980, 1990, 1989, 1989, - 1989, 1992, 1992, 1996, 1993, 2004, 0, 1994, 1996, 2008, - 1995, 1997, 1997, 1998, 1989, 1999, 2000, 2003, 2002, 2005, - 1999, 2007, 2002, 2007, 2003, 1989, 2005, 2010, 2004, 2009, - 2011, 2008, 2004, 2009, 2012, 2014, 2008, 2015, 2013, 2010, - 2016, 2017, 2014, 2012, 2003, 2016, 2005, 2018, 2007, 2013, - - 2020, 2019, 2011, 0, 2010, 0, 2009, 2011, 2022, 2015, - 2024, 2012, 2014, 2019, 2015, 2013, 2025, 2016, 2017, 2027, - 2018, 2023, 2020, 2022, 2018, 2021, 2021, 2020, 2019, 2023, - 2025, 2026, 2024, 2030, 2029, 2022, 2031, 2024, 2032, 2035, - 2026, 2030, 2032, 2025, 2031, 2035, 2027, 2033, 2023, 2034, - 2033, 2040, 2021, 2029, 2036, 2039, 2037, 2034, 2026, 0, - 2030, 2029, 2037, 2031, 2041, 2032, 2035, 2039, 2042, 2036, - 2043, 2047, 2044, 2045, 2033, 2046, 2034, 2048, 2040, 0, - 2050, 2036, 2039, 2037, 2043, 2044, 2041, 2045, 2051, 2053, - 2054, 2041, 2042, 2049, 2050, 2042, 2056, 2043, 2047, 2044, - - 2045, 2046, 2046, 2052, 2048, 2049, 2052, 2050, 2060, 2059, - 2061, 2063, 2054, 2065, 2051, 2051, 2053, 2054, 2056, 2057, - 2049, 2052, 2058, 2056, 2059, 2064, 2057, 2068, 2067, 2058, - 2052, 2062, 2066, 2052, 2064, 2060, 2059, 2061, 2063, 2062, - 2065, 2069, 2071, 2070, 2066, 2073, 2057, 2076, 2072, 2058, - 2067, 2075, 2064, 2073, 2068, 2067, 2070, 2077, 2062, 2066, - 2071, 2072, 2078, 2081, 2080, 2077, 2082, 2079, 2069, 2071, - 2070, 2083, 2073, 2075, 2076, 2072, 2079, 0, 2075, 2087, - 2084, 2082, 0, 2085, 2077, 2080, 2093, 2081, 2084, 2078, - 2081, 2080, 2082, 2082, 2079, 2085, 2086, 2090, 2083, 2091, - - 2095, 2090, 2089, 2096, 2086, 2092, 2087, 2084, 2082, 2089, - 2085, 2091, 2094, 2093, 2099, 2096, 2101, 0, 2100, 2097, - 2094, 2102, 2095, 2086, 2090, 2100, 2091, 2095, 2092, 2089, - 2096, 2097, 2092, 2103, 2102, 2104, 2101, 2105, 2105, 2094, - 2106, 2099, 2103, 2101, 2104, 2100, 2097, 2107, 2102, 2114, - 2108, 2114, 0, 2111, 2109, 2118, 2118, 2112, 2115, 2123, - 2103, 2113, 2104, 0, 2105, 2107, 2106, 2106, 2111, 2109, - 0, 2109, 2115, 2117, 2107, 2108, 2114, 2108, 2109, 2112, - 2111, 2109, 2118, 2113, 2112, 2115, 2116, 2120, 2113, 2121, - 2122, 2123, 2116, 2124, 2125, 2117, 2109, 2126, 2109, 2124, - - 2117, 2127, 2122, 2128, 2129, 2128, 2136, 2131, 2130, 2120, - 0, 2121, 2137, 2116, 2120, 2132, 2121, 2122, 2129, 2126, - 2124, 2133, 2134, 2127, 2126, 2131, 2125, 2142, 2127, 2138, - 2128, 2129, 2130, 2132, 2131, 2130, 2140, 2135, 2136, 2133, - 2134, 2143, 2132, 2140, 2137, 2142, 2144, 2145, 2133, 2134, - 2135, 0, 2138, 2146, 2142, 2145, 2138, 2151, 2147, 2149, - 2147, 2150, 0, 2140, 2135, 2147, 2156, 2143, 2143, 2152, - 2149, 2153, 2150, 2145, 2145, 2146, 2155, 2156, 2144, 2158, - 2146, 2152, 2145, 2157, 2151, 2147, 2149, 2147, 2150, 2153, - 2160, 2155, 0, 2156, 2158, 2157, 2152, 2161, 2153, 2164, - - 2162, 2163, 2167, 2155, 2165, 2170, 2158, 2162, 2168, 2171, - 2157, 2169, 2173, 0, 2160, 0, 2163, 2160, 2172, 2161, - 2175, 2174, 2180, 2179, 2161, 2176, 2164, 2162, 2163, 2167, - 2165, 2165, 2168, 2169, 2174, 2168, 2172, 2170, 2169, 2173, - 2176, 2171, 2177, 2178, 2181, 2172, 2175, 2175, 2174, 2179, - 2179, 2178, 2176, 2182, 2180, 2177, 2184, 2181, 2185, 2186, - 2188, 2189, 2187, 0, 2191, 2195, 2196, 2190, 2189, 2177, - 2178, 2181, 2195, 2196, 2194, 2182, 2198, 2201, 2188, 2184, - 2182, 2192, 2185, 2184, 2187, 2185, 2186, 2188, 2189, 2187, - 2190, 2191, 2195, 2196, 2190, 2192, 2194, 2197, 2199, 2198, - - 2200, 2194, 2202, 2198, 2203, 2199, 2205, 2206, 2192, 2201, - 2197, 2208, 2210, 2203, 2207, 2213, 0, 0, 2206, 2209, - 2215, 2205, 2200, 2202, 2197, 2199, 2214, 2200, 2213, 2202, - 2217, 2203, 2219, 2205, 2206, 2220, 2207, 2210, 2209, 2210, - 0, 2207, 2213, 2208, 2215, 2221, 2209, 2215, 2216, 2216, - 2222, 2223, 2214, 2214, 2226, 2219, 2217, 2217, 2230, 2219, - 2221, 2228, 2231, 0, 2234, 2235, 2235, 2220, 2236, 2223, - 2228, 2230, 2221, 2231, 2237, 2216, 2238, 2222, 2223, 2240, - 2242, 2226, 2243, 2244, 2250, 2230, 2234, 2249, 2228, 2231, - 2236, 2234, 2235, 2245, 2244, 2236, 2237, 2246, 2245, 2248, - - 2252, 2237, 2249, 2238, 2253, 2255, 2240, 2248, 2243, 2243, - 2244, 2250, 2242, 2254, 2249, 2257, 2260, 2255, 2252, 2246, - 2245, 2258, 2254, 2259, 2246, 2260, 2248, 2252, 2262, 2263, - 2264, 2259, 2255, 2266, 2269, 2265, 2253, 2267, 2268, 0, - 2254, 0, 2257, 2260, 2265, 2258, 0, 2269, 2258, 2272, - 2259, 2266, 2264, 2270, 2262, 2262, 2263, 2264, 2271, 2267, - 2266, 2269, 2265, 2268, 2267, 2268, 2270, 2273, 2274, 2275, - 2276, 2272, 2277, 2271, 2273, 2278, 2272, 2279, 2280, 2281, - 2270, 2282, 0, 2283, 2286, 2271, 0, 2280, 2284, 2287, - 2274, 2286, 2279, 2288, 2273, 2274, 2275, 2276, 2285, 2277, - - 2287, 2281, 2278, 2284, 2279, 2280, 2281, 2282, 2282, 2283, - 2283, 2286, 2290, 2285, 2289, 2284, 2287, 2291, 2292, 2296, - 2288, 2293, 2289, 2294, 0, 2285, 2296, 2295, 2298, 2297, - 2299, 2300, 2302, 2302, 2292, 2298, 2293, 2299, 0, 2290, - 0, 2289, 2295, 2294, 2291, 2292, 2296, 2301, 2293, 2304, - 2294, 2297, 2307, 2303, 2295, 2298, 2297, 2299, 2300, 2302, - 2303, 2305, 2306, 2304, 2305, 2301, 2308, 2307, 2309, 2310, - 2311, 2317, 2314, 0, 2301, 2306, 2304, 2314, 2313, 2307, - 2303, 2310, 2311, 2316, 2317, 2320, 2309, 2313, 2305, 2306, - 2315, 2318, 2308, 2308, 2315, 2309, 2310, 2311, 2317, 2314, - - 2319, 2321, 0, 2322, 2330, 2313, 2324, 2316, 2326, 2328, - 2316, 2327, 2320, 2318, 2332, 2329, 2330, 2315, 2318, 0, - 2327, 2332, 2319, 2329, 2338, 2328, 0, 2319, 2321, 2322, - 2322, 2330, 2324, 2324, 2326, 2326, 2328, 2333, 2327, 2334, - 2335, 2332, 2329, 2336, 2334, 2337, 2333, 2335, 2339, 2338, - 2340, 2338, 2337, 2341, 2344, 2339, 2342, 2347, 2345, 2340, - 2346, 2336, 2341, 2345, 2333, 2350, 2334, 2335, 2349, 0, - 2336, 0, 2337, 2353, 2359, 2339, 0, 2340, 2346, 2351, - 2341, 2344, 2342, 2342, 2347, 2345, 2349, 2346, 2351, 2352, - 2354, 2358, 2350, 2353, 2355, 2349, 2356, 2357, 2352, 2358, - - 2353, 2359, 2354, 2355, 2360, 2356, 2351, 2361, 2357, 2362, - 2363, 2366, 2365, 2364, 2452, 2367, 2352, 2354, 2358, 2363, - 2365, 2355, 2367, 2356, 2357, 2364, 2369, 2370, 2368, 2371, - 0, 2360, 2372, 2366, 2361, 2368, 2373, 2363, 2366, 2365, - 2364, 2362, 2367, 2375, 2377, 2379, 2452, 2381, 2369, 0, - 2378, 2375, 2370, 2369, 2370, 2368, 2371, 2372, 2378, 2372, - 2379, 2380, 2377, 2373, 2388, 2387, 2382, 2383, 2380, 2381, - 2375, 2377, 2379, 2382, 2381, 2383, 2386, 2378, 2389, 2391, - 2396, 2392, 0, 2386, 2394, 2397, 2390, 2395, 2380, 2387, - 2389, 2388, 2387, 2382, 2383, 2390, 2394, 2399, 2402, 2397, - - 2405, 2407, 2404, 2386, 2392, 2389, 2391, 2396, 2392, 2399, - 2395, 2394, 2397, 2390, 2395, 2400, 2401, 2404, 2405, 2409, - 2411, 2406, 2400, 2401, 2399, 2402, 2408, 2405, 2407, 2404, - 2410, 2414, 0, 2419, 2408, 2420, 2413, 2421, 2411, 2412, - 2420, 2422, 2400, 2401, 2406, 0, 2409, 2411, 2406, 2424, - 2412, 2413, 2410, 2408, 2425, 2422, 2423, 2410, 2414, 2419, - 2419, 2426, 2420, 2413, 2421, 2427, 2412, 2424, 2422, 2429, - 2423, 2432, 2425, 2433, 2434, 2435, 2424, 2427, 2437, 2441, - 2436, 2425, 2442, 2423, 0, 2438, 2437, 2434, 2426, 2439, - 2445, 2441, 2427, 2432, 2446, 2433, 2429, 2435, 2432, 2436, - - 2433, 2434, 2435, 2438, 2442, 2437, 2441, 2436, 2439, 2442, - 2443, 2444, 2438, 2447, 2448, 0, 2439, 2445, 2450, 2451, - 2449, 2446, 2453, 2444, 2454, 2457, 2456, 2450, 2451, 2458, - 2462, 2455, 2443, 2468, 2448, 2463, 0, 2443, 2444, 2465, - 2447, 2448, 2449, 2455, 2453, 2450, 2451, 2449, 2456, 2453, - 2454, 2454, 2457, 2456, 2461, 2464, 2458, 2462, 2455, 2463, - 2464, 2465, 2463, 2466, 2467, 2468, 2465, 2470, 2461, 2469, - 2471, 2472, 2474, 2475, 2473, 2476, 2481, 2467, 2474, 0, - 0, 2461, 2477, 2472, 2480, 2466, 2485, 2464, 2471, 2470, - 2466, 2467, 2469, 2473, 2470, 2478, 2469, 2471, 2472, 2474, - - 2481, 2473, 2483, 2481, 2477, 2475, 2480, 2476, 2485, 2477, - 2478, 2480, 2486, 2485, 2487, 2489, 2488, 2483, 2490, 0, - 2491, 2497, 2478, 2487, 2496, 2499, 2492, 2498, 2497, 2483, - 2488, 2503, 2496, 2489, 2486, 2498, 2490, 2501, 2502, 2486, - 0, 2487, 2489, 2488, 2492, 2490, 2491, 2491, 2497, 2500, - 2502, 2496, 2499, 2492, 2498, 2501, 2506, 2500, 2503, 2504, - 2510, 2509, 2508, 2512, 2501, 2502, 2513, 2504, 2506, 2508, - 2511, 2514, 2511, 2515, 2516, 0, 2500, 2517, 2519, 2522, - 2520, 0, 2527, 2506, 2509, 2526, 2504, 2510, 2509, 2508, - 2528, 2527, 2529, 2516, 2520, 2512, 2519, 2511, 2513, 2517, - - 2515, 2516, 2522, 2514, 2517, 2519, 2522, 2520, 2523, 2527, - 2524, 2526, 2526, 2531, 2533, 2532, 2535, 2528, 2537, 2529, - 2542, 2523, 2524, 2540, 2538, 2537, 2543, 2542, 2540, 2539, - 2545, 2546, 0, 0, 2548, 2523, 2533, 2524, 2532, 2547, - 2531, 2533, 2532, 2535, 2539, 2537, 2538, 2542, 2548, 2553, - 2550, 2538, 2543, 2543, 2554, 2540, 2539, 2545, 2546, 2550, - 2552, 2548, 2555, 2547, 2557, 2558, 2547, 2552, 2561, 2559, - 2556, 2560, 2562, 0, 0, 2572, 2553, 2550, 2559, 2558, - 2554, 2554, 2556, 2563, 2560, 2567, 2569, 2552, 2570, 2555, - 2567, 2557, 2558, 2569, 2575, 2570, 2559, 2556, 2560, 2562, - - 2561, 2568, 2571, 2574, 0, 2568, 2563, 2572, 2580, 2573, - 2563, 2573, 2578, 2569, 2581, 2570, 2583, 2567, 2583, 2585, - 2584, 2575, 0, 2571, 2590, 2591, 2574, 2580, 2568, 2571, - 2574, 2587, 2586, 2586, 2578, 2580, 2573, 2590, 2581, 2578, - 2588, 2581, 2586, 2583, 2584, 2585, 2585, 2584, 2589, 2588, - 2592, 2590, 2591, 2587, 2593, 2589, 2594, 2595, 2587, 2586, - 2586, 2596, 2593, 2592, 2598, 2595, 2597, 2588, 2599, 2594, - 2600, 2597, 2598, 2601, 2604, 2589, 2602, 2592, 2593, 2603, - 2596, 2593, 2605, 2594, 2595, 2604, 2606, 2609, 2596, 2593, - 2612, 2598, 2608, 2606, 2609, 2599, 2600, 2600, 2597, 2601, - - 2601, 2604, 2602, 2602, 2605, 2603, 2603, 2607, 2607, 2605, - 2608, 2610, 2613, 2606, 2609, 2614, 2616, 2612, 2610, 2608, - 2617, 2618, 2619, 2621, 2614, 2627, 2626, 2622, 2623, 0, - 0, 0, 0, 2624, 2607, 2626, 2613, 0, 2610, 2613, - 2617, 2628, 2614, 2616, 2619, 2622, 2623, 2617, 2618, 2619, - 2621, 2624, 2627, 2626, 2622, 2623, 2629, 2630, 2631, 2632, - 2624, 2633, 2634, 2631, 2628, 2638, 2639, 2641, 2628, 2630, - 2643, 2644, 2643, 2632, 2629, 2653, 0, 2646, 2642, 2633, - 2644, 2647, 2651, 2629, 2630, 2634, 2632, 2638, 2633, 2634, - 2631, 2642, 2638, 2639, 2641, 2646, 2647, 2643, 2644, 2650, - - 2651, 2650, 2655, 2652, 2646, 2642, 2657, 2653, 2647, 2651, - 2652, 2661, 2657, 2659, 2660, 0, 2662, 2655, 2665, 2667, - 2664, 2665, 2668, 2669, 2671, 0, 2650, 0, 0, 2655, - 2652, 2671, 2673, 2657, 2662, 2659, 2660, 2661, 2661, 2670, - 2659, 2660, 2664, 2662, 2665, 2665, 2667, 2664, 2665, 2668, - 2669, 2671, 2672, 2675, 2673, 2676, 2677, 2670, 0, 2673, - 2672, 2678, 2679, 2681, 2682, 2680, 2670, 2683, 2684, 2681, - 2685, 2679, 2685, 0, 2686, 2688, 2683, 2676, 2677, 2672, - 2680, 2689, 2676, 2677, 2690, 2675, 2682, 2691, 2678, 2679, - 2681, 2682, 2680, 2693, 2683, 2696, 2692, 2685, 2688, 2701, - - 2684, 2686, 2688, 2689, 2692, 2693, 2690, 2698, 2689, 2694, - 2699, 2690, 2700, 2691, 2691, 2707, 2694, 2701, 2702, 2703, - 2693, 2698, 2696, 2692, 2699, 2704, 2701, 2703, 2705, 2702, - 2706, 2706, 2708, 2710, 2698, 2700, 2694, 2699, 2711, 2700, - 2708, 2713, 2707, 2715, 2704, 2702, 2703, 2713, 2722, 2720, - 2705, 2717, 2704, 2718, 2723, 2705, 2719, 2706, 2725, 2708, - 2710, 2723, 2717, 2727, 2718, 2711, 2725, 2719, 2713, 2724, - 2715, 2720, 2730, 2724, 2728, 2722, 2720, 2734, 2717, 2733, - 2718, 2723, 2744, 2719, 2729, 2725, 2733, 2728, 2735, 2727, - 2727, 2737, 2729, 2736, 2738, 2739, 2724, 2740, 2736, 2730, - - 2743, 2728, 2739, 2741, 2745, 2742, 2733, 2743, 2748, 2734, - 2735, 2729, 2745, 2746, 2744, 2735, 2740, 2749, 2737, 2741, - 2736, 2738, 2739, 2742, 2740, 2750, 2747, 2743, 2746, 2755, - 2741, 2745, 2742, 2747, 2754, 2748, 2755, 2756, 2757, 2758, - 2746, 2749, 2759, 2740, 2749, 2760, 2762, 2766, 2763, 2754, - 0, 2750, 2750, 2747, 2760, 2764, 2755, 2768, 2772, 2765, - 2772, 2754, 2774, 2758, 0, 2757, 2758, 2765, 2762, 2756, - 2767, 2767, 2760, 2762, 2759, 2763, 2770, 2764, 2771, 2766, - 2767, 2773, 2764, 2776, 2768, 2772, 2765, 2771, 2775, 2774, - 2778, 2770, 2779, 2781, 2780, 2773, 2775, 2767, 2767, 2783, - - 2782, 2776, 2784, 2770, 2785, 2771, 2781, 2788, 2773, 2793, - 2776, 2786, 2798, 2794, 2793, 2775, 2780, 2778, 2794, 2779, - 2781, 2780, 2782, 2795, 2791, 2801, 2783, 2782, 2795, 2784, - 2796, 2785, 2791, 2786, 2788, 2799, 2793, 2800, 2786, 2798, - 2794, 2802, 2803, 2801, 2800, 2805, 2806, 2807, 2799, 2808, - 2795, 2791, 2801, 2806, 2811, 2807, 2796, 2796, 2813, 2815, - 2814, 2816, 2799, 2817, 2800, 2818, 0, 2819, 2802, 2803, - 0, 2808, 2815, 2806, 2807, 2820, 2808, 2805, 2817, 2824, - 2828, 2811, 2814, 2825, 2818, 2813, 2815, 2814, 2822, 2823, - 2817, 2826, 2818, 2816, 2819, 2822, 2823, 2820, 2825, 2828, - - 2829, 2824, 2820, 2836, 2830, 2833, 2824, 2828, 2829, 2836, - 2825, 2830, 2826, 2831, 2833, 2822, 2823, 2834, 2826, 2837, - 2831, 2839, 2840, 2835, 2835, 2841, 2848, 2829, 2834, 2840, - 2836, 2830, 2833, 2835, 2842, 2844, 2849, 2850, 2845, 2854, - 2831, 2837, 2844, 2839, 2834, 2856, 2837, 2860, 2839, 2840, - 2835, 2835, 2845, 2848, 2857, 2857, 2842, 2841, 2858, 2858, - 2850, 2842, 2844, 2849, 2850, 2845, 2854, 2859, 2859, 0, - 2860, 2862, 2856, 2863, 2860, 2864, 2870, 2867, 2868, 2869, - 2877, 2876, 2863, 2857, 2867, 2868, 2875, 2858, 2864, 2873, - 2874, 2873, 2877, 0, 2880, 2882, 2859, 2881, 2862, 2876, - - 2863, 2869, 2864, 2870, 2867, 2868, 2869, 2877, 2876, 2875, - 2874, 2879, 2880, 2875, 2883, 2884, 2873, 2874, 2885, 2888, - 2879, 2880, 2882, 2881, 2881, 2886, 2887, 2884, 2886, 2891, - 2889, 2887, 2889, 2895, 2890, 2891, 2896, 2892, 2879, 0, - 2885, 2883, 2884, 2886, 2893, 2885, 2890, 2898, 2897, 2899, - 2900, 2888, 2886, 2903, 2894, 2886, 2891, 2889, 2887, 2892, - 2895, 2890, 2894, 2906, 2892, 2907, 2893, 2908, 2896, 2897, - 2909, 2893, 2900, 2910, 2898, 2897, 2899, 2900, 2911, 2912, - 2903, 2894, 2915, 2914, 2916, 2921, 2918, 2920, 2917, 0, - 2906, 0, 2907, 2918, 2908, 2920, 2922, 2909, 2925, 2927, - - 2910, 2914, 2916, 2917, 2923, 2911, 2912, 2924, 2922, 2915, - 2914, 2916, 2921, 2918, 2920, 2917, 2926, 2931, 2923, 2933, - 2930, 2934, 2924, 2922, 2925, 2925, 2927, 2936, 2926, 2930, - 2934, 2923, 2932, 2932, 2924, 2937, 2938, 0, 2939, 2945, - 0, 2931, 2940, 2926, 2931, 2933, 2933, 2930, 2934, 2938, - 2940, 2936, 2941, 2942, 2936, 2944, 2948, 2945, 2959, 2932, - 2939, 2941, 2957, 2938, 2942, 2939, 2945, 2937, 2948, 2940, - 2960, 2961, 2959, 2962, 2964, 2965, 2944, 0, 2964, 2941, - 2942, 2966, 2944, 2948, 2967, 2959, 2957, 2972, 2970, 2957, - 2968, 2967, 2970, 2965, 2971, 2973, 2979, 2960, 2961, 2975, - - 2962, 2964, 2965, 2968, 2966, 2976, 2974, 2979, 2966, 2972, - 2971, 2967, 0, 2982, 2972, 2970, 2977, 2968, 2974, 2976, - 2973, 2971, 2973, 2979, 2977, 2975, 2975, 2978, 2980, 2981, - 2980, 2982, 2976, 2974, 2983, 2985, 2978, 2986, 2984, 2990, - 2982, 2981, 2985, 2977, 2984, 2992, 2991, 2994, 2996, 2983, - 2993, 2997, 2990, 2991, 2978, 2980, 2981, 2995, 3000, 2986, - 2999, 2983, 2985, 2998, 2986, 2984, 2990, 2999, 2993, 3001, - 3002, 2998, 2992, 2991, 2994, 2996, 3004, 2993, 2997, 3003, - 3005, 3003, 3000, 2995, 2995, 3000, 3006, 2999, 3004, 3007, - 2998, 3001, 3002, 3008, 3009, 3010, 3001, 3002, 3011, 3006, - - 3012, 3009, 3013, 3004, 3007, 3015, 3003, 3020, 3012, 3017, - 3011, 3021, 3005, 3006, 3022, 3008, 3007, 3015, 3017, 3024, - 3008, 3009, 3010, 3023, 3025, 3011, 3026, 3012, 3027, 3013, - 3029, 3023, 3015, 3022, 3020, 3028, 3017, 3021, 3021, 3026, - 3030, 3022, 3027, 3028, 3031, 3037, 3036, 3040, 3033, 0, - 3023, 3024, 3029, 3026, 3033, 3027, 3025, 3029, 3034, 3036, - 0, 3045, 3028, 3039, 3042, 3034, 3043, 3030, 3037, 3040, - 3039, 3031, 3037, 3036, 3040, 3033, 3041, 3046, 3042, 3044, - 3043, 3047, 3050, 3045, 3041, 3034, 3051, 3044, 3045, 3050, - 3039, 3042, 3052, 3043, 3053, 3051, 3054, 3055, 3056, 3046, - - 3052, 3063, 0, 3041, 3046, 3057, 3044, 0, 3047, 3050, - 3061, 3058, 3059, 3051, 3060, 0, 3065, 3067, 3054, 3052, - 3072, 3053, 3060, 3054, 3056, 3056, 3064, 3057, 3063, 3055, - 3069, 3078, 3057, 3058, 3059, 3074, 0, 3068, 3058, 3059, - 3067, 3060, 3061, 3065, 3067, 3068, 3070, 3071, 3064, 3074, - 3069, 3073, 3072, 3064, 3070, 3071, 3076, 3069, 3078, 3073, - 0, 3081, 3074, 3079, 3068, 3080, 3079, 3082, 0, 3081, - 3083, 0, 3084, 3070, 3071, 3082, 3089, 3086, 3073, 3085, - 3096, 3079, 3076, 3076, 3083, 3088, 3088, 3080, 3081, 3091, - 3079, 3086, 3080, 3079, 3082, 3092, 3093, 3083, 3084, 3084, - - 3090, 3085, 3089, 3089, 3086, 3094, 3085, 3096, 3090, 3095, - 3098, 3097, 3088, 3099, 3100, 3091, 3091, 3095, 3093, 3101, - 3102, 3092, 3092, 3093, 3106, 3094, 3103, 3090, 3102, 3113, - 0, 3115, 3094, 3097, 3100, 3098, 3095, 3098, 3097, 3101, - 3099, 3100, 3104, 3109, 3107, 3110, 3101, 3102, 3103, 3111, - 3104, 3106, 3107, 3103, 3112, 3113, 3113, 3111, 3115, 3118, - 3116, 3119, 3112, 3120, 3122, 3109, 3117, 3110, 3116, 3104, - 3109, 3107, 3110, 3123, 3117, 3124, 3111, 3126, 3132, 3129, - 3133, 3112, 0, 3120, 3130, 3118, 3118, 3116, 3119, 3131, - 3120, 3122, 3130, 3117, 0, 3124, 0, 3131, 0, 3126, - - 3123, 3129, 3124, 0, 3126, 3132, 3129, 3133, 0, 0, - 0, 3130, 0, 0, 0, 0, 3131, 3137, 3137, 3137, - 3137, 3137, 3137, 3137, 3138, 3138, 3138, 3138, 3138, 3138, - 3138, 3139, 3139, 3139, 3139, 3139, 3139, 3139, 3140, 3140, - 3140, 3140, 3140, 3140, 3140, 3141, 3141, 3141, 3141, 3141, - 3141, 3141, 3142, 3142, 3142, 3142, 3142, 3142, 3142, 3143, - 3143, 3143, 3143, 3143, 3143, 3143, 3145, 3145, 0, 3145, - 3145, 3145, 3145, 3146, 3146, 0, 0, 0, 3146, 3146, - 3147, 3147, 0, 0, 3147, 0, 3147, 3148, 0, 0, - 0, 0, 0, 3148, 3149, 3149, 0, 0, 0, 3149, - - 3149, 3150, 0, 0, 0, 0, 0, 3150, 3151, 3151, - 0, 3151, 3151, 3151, 3151, 3152, 0, 0, 0, 0, - 0, 3152, 3153, 3153, 0, 0, 0, 3153, 3153, 3154, - 3154, 0, 3154, 3154, 3154, 3154, 3136, 3136, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, - 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, 3136, - - 3136, 3136, 3136 + 79, 43, 79, 38, 220, 43, 43, 38, 109, 86, + 95, 86, 86, 38, 86, 106, 38, 68, 97, 63, + 86, 97, 98, 38, 40, 95, 58, 111, 40, 89, + 138, 89, 89, 106, 89, 98, 111, 95, 40, 40, + + 89, 40, 138, 103, 103, 57, 98, 106, 105, 98, + 40, 40, 103, 102, 111, 40, 105, 138, 104, 102, + 106, 102, 98, 104, 52, 40, 40, 89, 40, 41, + 103, 103, 41, 47, 102, 105, 107, 108, 112, 41, + 102, 166, 166, 41, 41, 104, 102, 112, 102, 107, + 108, 41, 110, 110, 113, 114, 41, 176, 176, 41, + 110, 115, 114, 107, 108, 112, 41, 119, 110, 118, + 41, 41, 116, 117, 18, 119, 117, 113, 17, 110, + 110, 113, 114, 115, 120, 116, 0, 110, 115, 117, + 117, 0, 124, 118, 119, 0, 123, 117, 121, 116, + + 117, 118, 121, 117, 120, 122, 120, 125, 127, 123, + 122, 120, 126, 122, 129, 124, 117, 117, 121, 124, + 118, 129, 121, 123, 128, 121, 126, 125, 127, 121, + 131, 120, 122, 130, 125, 127, 135, 122, 128, 126, + 132, 129, 130, 133, 0, 121, 140, 133, 134, 132, + 0, 128, 136, 131, 140, 134, 0, 131, 148, 136, + 130, 145, 135, 135, 0, 133, 148, 132, 137, 141, + 133, 139, 139, 140, 133, 134, 142, 137, 145, 136, + 141, 145, 144, 137, 141, 148, 149, 145, 145, 147, + 142, 137, 149, 141, 0, 137, 141, 144, 139, 152, + + 147, 146, 0, 142, 137, 145, 150, 141, 145, 144, + 137, 141, 146, 149, 152, 151, 147, 150, 155, 153, + 154, 146, 156, 926, 151, 157, 152, 155, 146, 163, + 0, 163, 163, 150, 163, 154, 151, 171, 157, 146, + 151, 153, 151, 0, 156, 155, 153, 154, 0, 156, + 177, 151, 157, 168, 926, 168, 168, 169, 168, 169, + 169, 171, 169, 151, 171, 173, 178, 173, 173, 179, + 173, 0, 177, 180, 181, 182, 0, 177, 179, 184, + 178, 181, 185, 186, 183, 180, 188, 184, 0, 0, + 187, 182, 262, 181, 185, 169, 179, 187, 178, 191, + + 180, 181, 182, 183, 188, 186, 184, 178, 181, 185, + 186, 183, 189, 188, 190, 197, 190, 187, 189, 262, + 192, 191, 222, 196, 198, 201, 191, 194, 0, 0, + 197, 194, 198, 225, 199, 200, 202, 204, 0, 203, + 201, 190, 197, 202, 189, 189, 192, 192, 194, 196, + 196, 198, 201, 0, 222, 194, 199, 200, 194, 0, + 204, 199, 200, 202, 204, 225, 0, 203, 205, 206, + 207, 203, 0, 208, 209, 194, 195, 209, 210, 0, + 206, 195, 0, 207, 211, 208, 195, 210, 212, 209, + 205, 215, 195, 195, 203, 205, 206, 207, 215, 195, + + 208, 209, 0, 195, 209, 210, 211, 214, 195, 218, + 212, 211, 216, 195, 219, 212, 224, 223, 215, 195, + 195, 213, 224, 216, 213, 219, 213, 227, 226, 214, + 221, 223, 228, 231, 214, 218, 218, 221, 213, 216, + 213, 229, 230, 224, 0, 233, 219, 213, 213, 223, + 226, 213, 219, 213, 231, 226, 230, 221, 223, 227, + 231, 229, 234, 232, 228, 213, 233, 213, 229, 230, + 232, 234, 233, 235, 236, 237, 234, 238, 241, 239, + 245, 242, 240, 0, 0, 241, 242, 244, 236, 234, + 232, 239, 235, 240, 243, 238, 244, 237, 234, 247, + + 235, 236, 237, 245, 238, 241, 239, 245, 249, 240, + 246, 248, 248, 242, 244, 246, 243, 250, 252, 251, + 248, 243, 253, 255, 250, 256, 257, 254, 258, 260, + 253, 247, 261, 264, 257, 259, 0, 246, 248, 248, + 249, 251, 260, 252, 250, 252, 251, 254, 263, 253, + 259, 265, 267, 257, 254, 255, 260, 256, 261, 261, + 258, 269, 259, 266, 270, 264, 268, 266, 265, 269, + 271, 263, 272, 274, 267, 275, 265, 271, 265, 267, + 263, 268, 273, 270, 276, 278, 273, 0, 269, 279, + 266, 270, 277, 268, 272, 265, 285, 271, 263, 272, + + 280, 279, 282, 281, 283, 274, 276, 275, 284, 273, + 284, 276, 281, 280, 277, 282, 279, 278, 286, 277, + 295, 287, 293, 283, 288, 290, 294, 280, 285, 282, + 281, 283, 291, 293, 290, 284, 292, 296, 294, 297, + 299, 300, 286, 298, 295, 286, 287, 295, 287, 293, + 288, 288, 290, 294, 300, 301, 302, 297, 291, 291, + 296, 298, 292, 292, 296, 303, 297, 304, 300, 305, + 298, 306, 299, 307, 311, 308, 310, 312, 0, 309, + 311, 302, 313, 302, 304, 310, 309, 301, 314, 0, + 304, 312, 323, 306, 304, 305, 305, 303, 306, 308, + + 316, 311, 319, 310, 312, 307, 309, 308, 313, 313, + 315, 304, 314, 317, 351, 314, 318, 321, 322, 315, + 325, 317, 320, 316, 323, 318, 308, 316, 319, 319, + 324, 320, 327, 322, 321, 325, 329, 315, 0, 328, + 317, 321, 0, 318, 321, 322, 351, 325, 328, 320, + 327, 331, 0, 0, 324, 341, 356, 324, 329, 327, + 332, 321, 326, 329, 0, 326, 328, 330, 333, 330, + 326, 326, 326, 326, 332, 331, 334, 334, 331, 335, + 326, 336, 341, 333, 335, 330, 0, 332, 356, 326, + 338, 330, 326, 342, 330, 333, 330, 326, 326, 326, + + 326, 334, 338, 334, 334, 336, 337, 339, 336, 337, + 340, 335, 330, 343, 345, 342, 337, 338, 344, 348, + 342, 346, 349, 347, 364, 339, 345, 348, 340, 349, + 350, 387, 0, 337, 339, 0, 337, 340, 347, 343, + 343, 345, 350, 346, 344, 344, 348, 354, 346, 349, + 347, 352, 360, 352, 354, 0, 364, 350, 362, 355, + 357, 358, 352, 387, 365, 360, 359, 358, 359, 398, + 0, 0, 363, 0, 354, 0, 362, 352, 352, 360, + 352, 355, 357, 358, 361, 362, 355, 357, 358, 352, + 359, 365, 366, 359, 358, 359, 369, 361, 363, 363, + + 361, 398, 361, 369, 0, 373, 370, 367, 361, 371, + 372, 361, 370, 367, 366, 376, 438, 367, 373, 366, + 381, 371, 372, 369, 361, 367, 0, 361, 376, 361, + 379, 367, 373, 370, 367, 375, 371, 372, 378, 382, + 367, 381, 376, 438, 367, 382, 0, 381, 379, 380, + 378, 375, 367, 368, 380, 368, 383, 379, 384, 375, + 0, 403, 375, 390, 383, 378, 382, 389, 368, 385, + 384, 368, 0, 368, 389, 368, 390, 0, 375, 368, + 368, 380, 368, 383, 386, 384, 0, 385, 0, 0, + 390, 417, 386, 403, 389, 368, 385, 395, 368, 417, + + 368, 391, 368, 377, 377, 388, 388, 392, 0, 395, + 391, 386, 393, 377, 394, 377, 377, 377, 417, 393, + 377, 394, 399, 396, 395, 392, 397, 0, 377, 392, + 377, 377, 388, 391, 392, 407, 407, 391, 397, 393, + 377, 394, 377, 377, 377, 396, 401, 377, 399, 399, + 396, 400, 392, 397, 402, 404, 408, 404, 400, 405, + 409, 401, 406, 408, 407, 410, 411, 402, 0, 412, + 405, 409, 414, 401, 416, 424, 410, 419, 400, 411, + 0, 402, 404, 408, 406, 0, 405, 409, 419, 406, + 413, 413, 410, 411, 412, 414, 412, 415, 418, 414, + + 416, 416, 420, 421, 419, 426, 429, 424, 413, 0, + 418, 420, 415, 425, 0, 413, 421, 413, 413, 427, + 415, 433, 430, 422, 415, 418, 428, 426, 430, 420, + 421, 425, 426, 431, 422, 413, 422, 0, 429, 415, + 425, 422, 427, 432, 428, 433, 427, 434, 433, 430, + 422, 435, 450, 428, 431, 436, 442, 437, 435, 450, + 431, 422, 0, 422, 423, 439, 432, 441, 444, 434, + 432, 437, 423, 423, 434, 440, 423, 423, 435, 450, + 444, 436, 436, 443, 437, 446, 423, 439, 442, 440, + 445, 423, 439, 441, 441, 444, 445, 447, 449, 423, + + 423, 448, 440, 423, 423, 451, 443, 446, 452, 448, + 443, 454, 446, 449, 451, 453, 455, 445, 456, 447, + 0, 0, 464, 452, 447, 449, 457, 448, 448, 459, + 0, 455, 451, 462, 454, 452, 448, 0, 454, 453, + 458, 464, 453, 455, 456, 456, 458, 460, 457, 464, + 465, 463, 460, 457, 466, 459, 459, 463, 467, 462, + 462, 466, 469, 470, 469, 473, 472, 458, 465, 471, + 475, 469, 470, 467, 460, 0, 471, 465, 463, 472, + 474, 466, 476, 481, 478, 467, 477, 478, 479, 469, + 470, 469, 480, 472, 482, 481, 471, 473, 474, 477, + + 484, 483, 475, 478, 476, 480, 485, 474, 483, 476, + 481, 478, 479, 477, 478, 479, 488, 486, 487, 480, + 491, 488, 492, 490, 484, 489, 482, 484, 483, 485, + 486, 489, 493, 495, 492, 0, 0, 494, 485, 496, + 487, 495, 491, 488, 486, 487, 490, 491, 494, 492, + 490, 499, 489, 496, 493, 0, 485, 500, 499, 493, + 495, 0, 502, 509, 494, 0, 496, 497, 501, 500, + 502, 506, 497, 504, 497, 505, 503, 0, 499, 505, + 497, 509, 497, 506, 500, 497, 497, 503, 507, 502, + 509, 501, 497, 497, 497, 501, 504, 505, 506, 497, + + 504, 497, 505, 503, 510, 508, 505, 497, 508, 497, + 507, 511, 497, 497, 510, 507, 508, 513, 512, 497, + 514, 513, 511, 515, 516, 518, 516, 514, 517, 522, + 0, 519, 508, 0, 522, 508, 510, 518, 511, 524, + 523, 510, 512, 0, 513, 512, 519, 514, 520, 515, + 515, 516, 518, 521, 517, 517, 522, 524, 519, 0, + 520, 521, 523, 525, 526, 527, 524, 523, 531, 529, + 530, 525, 533, 0, 532, 520, 526, 534, 0, 537, + 521, 535, 538, 536, 533, 534, 527, 529, 537, 532, + 525, 526, 527, 530, 535, 536, 529, 530, 539, 533, + + 531, 532, 540, 542, 534, 538, 537, 543, 535, 538, + 536, 541, 539, 544, 541, 546, 545, 547, 0, 551, + 0, 0, 542, 549, 548, 539, 554, 540, 550, 540, + 542, 545, 547, 552, 543, 557, 549, 554, 541, 559, + 550, 551, 558, 545, 547, 544, 551, 546, 548, 553, + 549, 548, 556, 554, 560, 550, 553, 552, 555, 553, + 552, 561, 557, 555, 562, 563, 556, 553, 564, 558, + 563, 559, 565, 0, 564, 569, 553, 566, 567, 556, + 0, 560, 570, 553, 568, 571, 553, 565, 561, 572, + 555, 575, 568, 572, 569, 564, 562, 563, 574, 565, + + 567, 566, 569, 576, 566, 567, 570, 571, 577, 570, + 573, 568, 571, 580, 578, 579, 572, 577, 573, 581, + 586, 574, 583, 575, 0, 574, 576, 582, 579, 587, + 576, 581, 584, 582, 588, 577, 578, 573, 585, 580, + 580, 578, 579, 584, 583, 585, 581, 588, 589, 583, + 591, 587, 586, 589, 582, 590, 587, 589, 592, 584, + 593, 588, 597, 0, 590, 585, 594, 592, 595, 599, + 596, 593, 589, 600, 597, 589, 591, 591, 601, 0, + 589, 602, 590, 596, 589, 592, 604, 593, 594, 597, + 595, 600, 603, 594, 605, 595, 606, 596, 608, 0, + + 600, 599, 601, 602, 602, 601, 607, 606, 602, 610, + 604, 612, 609, 604, 603, 607, 605, 611, 608, 603, + 614, 605, 613, 606, 611, 608, 609, 616, 614, 618, + 602, 610, 615, 607, 0, 617, 610, 619, 612, 609, + 613, 620, 622, 615, 611, 616, 624, 614, 623, 613, + 617, 621, 621, 626, 616, 624, 627, 628, 619, 615, + 629, 618, 617, 625, 619, 620, 622, 633, 620, 622, + 623, 631, 630, 624, 630, 623, 625, 632, 627, 636, + 621, 633, 632, 627, 629, 626, 634, 629, 635, 628, + 625, 645, 644, 631, 633, 639, 637, 0, 631, 630, + + 634, 638, 635, 635, 637, 640, 645, 641, 0, 632, + 635, 636, 640, 634, 648, 635, 642, 639, 645, 638, + 643, 0, 639, 637, 644, 649, 646, 649, 638, 635, + 635, 650, 640, 641, 641, 643, 642, 647, 651, 652, + 648, 648, 647, 642, 643, 653, 651, 643, 646, 656, + 654, 655, 649, 646, 653, 658, 650, 656, 650, 654, + 655, 657, 643, 659, 652, 651, 652, 660, 657, 647, + 661, 662, 653, 664, 665, 663, 656, 654, 655, 666, + 667, 664, 661, 662, 663, 660, 659, 658, 657, 665, + 659, 666, 668, 669, 660, 670, 671, 661, 662, 674, + + 664, 665, 663, 670, 671, 668, 666, 672, 669, 673, + 674, 678, 667, 677, 679, 675, 676, 676, 673, 668, + 669, 677, 670, 671, 675, 676, 674, 679, 680, 681, + 672, 682, 683, 678, 672, 685, 673, 684, 678, 682, + 677, 679, 675, 676, 676, 687, 689, 688, 683, 686, + 684, 691, 681, 687, 680, 680, 681, 685, 682, 683, + 686, 688, 685, 690, 684, 692, 689, 693, 694, 697, + 696, 691, 687, 689, 688, 698, 686, 694, 691, 695, + 701, 700, 697, 699, 0, 690, 702, 692, 696, 693, + 690, 0, 692, 698, 693, 694, 697, 696, 699, 695, + + 704, 703, 698, 700, 701, 705, 695, 701, 700, 702, + 699, 706, 708, 702, 703, 707, 710, 705, 704, 711, + 715, 707, 709, 714, 706, 0, 712, 704, 703, 716, + 709, 714, 705, 721, 0, 717, 716, 748, 706, 708, + 718, 711, 707, 710, 712, 719, 711, 719, 709, 709, + 714, 720, 715, 712, 722, 718, 716, 709, 717, 723, + 720, 724, 717, 0, 725, 721, 725, 718, 726, 748, + 724, 729, 719, 722, 732, 726, 0, 0, 720, 723, + 745, 722, 735, 729, 732, 741, 723, 0, 724, 745, + 736, 725, 739, 740, 0, 726, 727, 738, 729, 727, + + 735, 732, 742, 727, 740, 743, 727, 745, 741, 735, + 739, 736, 741, 727, 727, 0, 727, 736, 738, 739, + 740, 727, 744, 727, 738, 753, 727, 752, 742, 742, + 727, 743, 743, 727, 746, 747, 752, 0, 744, 0, + 727, 727, 747, 727, 751, 750, 756, 746, 753, 744, + 751, 757, 753, 0, 752, 754, 755, 0, 754, 757, + 0, 746, 747, 749, 749, 758, 749, 750, 756, 749, + 760, 751, 750, 756, 749, 0, 763, 758, 757, 755, + 749, 749, 754, 755, 759, 762, 759, 764, 766, 749, + 749, 749, 758, 749, 760, 761, 749, 760, 765, 764, + + 761, 749, 763, 763, 767, 762, 769, 749, 749, 770, + 766, 759, 762, 768, 764, 766, 773, 771, 772, 0, + 777, 0, 774, 776, 765, 765, 772, 761, 767, 774, + 775, 767, 771, 769, 770, 768, 770, 780, 775, 773, + 768, 778, 776, 773, 771, 772, 777, 777, 779, 774, + 776, 781, 782, 778, 783, 784, 786, 775, 785, 783, + 781, 779, 789, 780, 780, 787, 790, 782, 778, 791, + 787, 793, 792, 796, 0, 779, 0, 797, 781, 782, + 785, 783, 794, 786, 789, 785, 795, 784, 798, 789, + 801, 799, 796, 800, 792, 804, 802, 787, 790, 792, + + 796, 791, 800, 793, 797, 806, 794, 795, 805, 794, + 799, 803, 801, 795, 807, 798, 802, 801, 799, 803, + 800, 808, 804, 802, 806, 809, 805, 811, 812, 814, + 815, 813, 806, 809, 813, 805, 816, 817, 803, 822, + 819, 807, 819, 820, 822, 811, 812, 823, 815, 818, + 0, 814, 809, 808, 811, 812, 814, 815, 813, 817, + 816, 820, 818, 816, 817, 821, 824, 819, 826, 825, + 820, 822, 827, 823, 823, 827, 818, 825, 824, 821, + 828, 830, 831, 832, 0, 0, 826, 835, 828, 832, + 833, 834, 821, 824, 835, 826, 825, 834, 836, 827, + + 841, 839, 844, 0, 828, 836, 830, 828, 830, 831, + 832, 837, 833, 838, 835, 828, 837, 833, 834, 839, + 838, 842, 840, 841, 843, 836, 840, 841, 839, 845, + 842, 846, 843, 847, 844, 852, 849, 848, 837, 850, + 838, 847, 0, 851, 0, 0, 846, 845, 842, 840, + 848, 843, 850, 854, 853, 861, 845, 849, 846, 856, + 847, 853, 852, 849, 848, 851, 850, 855, 857, 862, + 851, 854, 858, 864, 855, 857, 859, 858, 856, 863, + 854, 853, 860, 865, 859, 866, 856, 861, 867, 860, + 865, 868, 863, 874, 855, 857, 869, 871, 0, 858, + + 870, 862, 873, 859, 869, 864, 863, 872, 870, 860, + 865, 878, 875, 872, 868, 870, 0, 866, 868, 871, + 867, 876, 880, 869, 871, 874, 877, 870, 873, 873, + 876, 879, 881, 882, 872, 870, 875, 883, 879, 875, + 877, 881, 883, 878, 884, 885, 0, 886, 876, 880, + 0, 893, 887, 877, 888, 882, 884, 887, 879, 881, + 882, 888, 889, 892, 893, 900, 892, 890, 885, 883, + 899, 884, 885, 886, 886, 890, 896, 895, 893, 887, + 897, 888, 902, 896, 889, 903, 897, 903, 900, 889, + 892, 895, 900, 901, 890, 904, 899, 899, 906, 0, + + 0, 905, 907, 896, 895, 901, 908, 897, 898, 902, + 898, 906, 903, 905, 898, 0, 898, 911, 904, 908, + 901, 898, 904, 0, 907, 906, 898, 910, 905, 907, + 911, 909, 898, 908, 912, 898, 909, 898, 913, 0, + 915, 898, 914, 898, 911, 910, 912, 917, 898, 916, + 913, 925, 914, 898, 910, 915, 918, 912, 922, 919, + 917, 912, 918, 909, 914, 913, 920, 915, 921, 914, + 923, 916, 919, 912, 917, 924, 916, 927, 925, 914, + 922, 930, 0, 918, 920, 922, 919, 928, 929, 921, + 930, 932, 928, 920, 0, 921, 929, 933, 934, 0, + + 936, 0, 923, 938, 940, 935, 932, 924, 930, 927, + 0, 934, 940, 943, 928, 929, 931, 937, 932, 933, + 935, 931, 938, 931, 933, 934, 936, 936, 941, 931, + 938, 940, 935, 939, 931, 931, 941, 944, 942, 937, + 946, 931, 931, 931, 937, 943, 939, 948, 931, 942, + 931, 946, 949, 952, 945, 941, 931, 947, 956, 944, + 939, 931, 931, 945, 944, 942, 947, 946, 931, 950, + 953, 957, 954, 955, 948, 949, 950, 960, 958, 949, + 954, 945, 963, 961, 947, 952, 958, 955, 964, 0, + 956, 962, 975, 957, 953, 960, 950, 953, 957, 954, + + 955, 961, 962, 965, 960, 958, 964, 966, 968, 967, + 961, 965, 969, 970, 963, 964, 967, 974, 962, 969, + 971, 968, 973, 972, 975, 981, 977, 974, 970, 966, + 965, 0, 979, 981, 966, 968, 967, 977, 971, 969, + 970, 972, 991, 973, 974, 979, 984, 971, 980, 973, + 972, 982, 981, 977, 983, 980, 0, 985, 984, 979, + 986, 989, 990, 983, 982, 992, 995, 996, 991, 991, + 0, 993, 996, 984, 0, 980, 999, 995, 982, 985, + 990, 983, 986, 989, 985, 993, 1026, 986, 989, 990, + 0, 998, 1000, 995, 998, 1001, 1002, 992, 993, 996, + + 999, 1003, 1001, 999, 1005, 1000, 1004, 1002, 1006, 1008, + 1003, 1013, 1009, 1026, 0, 1010, 1005, 998, 998, 1000, + 1004, 998, 1001, 1002, 1009, 1007, 1015, 1016, 1003, 1018, + 1011, 1005, 1007, 1004, 1017, 1013, 1019, 1010, 1013, 1009, + 1006, 1008, 1010, 1011, 1014, 1017, 1022, 1020, 1015, 1016, + 1014, 1018, 1007, 1015, 1016, 1023, 1018, 1011, 1019, 1024, + 1025, 1017, 1020, 1019, 1029, 0, 1023, 1022, 1028, 1027, + 1031, 1014, 1030, 1022, 1020, 1032, 1034, 1028, 1033, 1031, + 1024, 1036, 1023, 1032, 1037, 1033, 1024, 1027, 1029, 1041, + 1035, 1029, 1025, 1038, 1045, 1028, 1027, 1031, 1030, 1030, + + 1034, 1039, 1032, 1034, 1035, 1033, 1047, 1040, 1046, 1043, + 0, 1054, 1044, 1036, 1048, 1038, 1037, 1035, 1043, 1044, + 1038, 1041, 1049, 1039, 1052, 1058, 1045, 1054, 1039, 1040, + 1046, 1053, 1048, 1047, 1040, 1046, 1043, 1050, 1054, 1044, + 1049, 1048, 1051, 1055, 1056, 1057, 1050, 1059, 1052, 1049, + 1051, 1052, 1055, 1057, 1060, 1053, 1061, 1058, 1053, 1056, + 1062, 1064, 1065, 0, 1050, 1063, 1060, 1067, 1068, 1051, + 1055, 1056, 1057, 1063, 1064, 1073, 1067, 1065, 1061, 1059, + 1081, 1060, 1069, 1061, 1076, 1083, 1068, 1062, 1064, 1065, + 1069, 1070, 1063, 1070, 1067, 1068, 1072, 1076, 1074, 1078, + + 1077, 0, 1073, 1080, 1072, 1074, 1079, 1081, 1082, 1069, + 1084, 1076, 1077, 1085, 1078, 1082, 1086, 1083, 1070, 1087, + 0, 1080, 0, 1072, 1085, 1074, 1078, 1077, 1079, 1088, + 1080, 1091, 1089, 1079, 1090, 1082, 1092, 1094, 1086, 1098, + 1085, 1093, 1084, 1086, 1087, 1089, 1087, 1090, 1092, 1093, + 1095, 1088, 1096, 1091, 1099, 1153, 1088, 1094, 1091, 1089, + 1096, 1090, 1095, 1092, 1094, 1100, 1098, 1099, 1093, 1102, + 1101, 1103, 1106, 1109, 1100, 0, 0, 1095, 1103, 1096, + 1104, 1099, 1101, 1107, 1108, 1110, 0, 1153, 1111, 1104, + 1102, 1104, 1100, 1112, 1104, 1106, 1102, 1101, 1103, 1106, + + 1109, 1111, 1104, 1116, 1114, 1110, 1108, 1104, 1115, 1107, + 1107, 1108, 1110, 1114, 1113, 1111, 1104, 1112, 1104, 1117, + 1112, 1104, 1113, 1118, 0, 1116, 1115, 1117, 1121, 1119, + 1116, 1114, 1120, 1124, 1122, 1115, 1125, 1131, 1118, 1130, + 1126, 1113, 1122, 1128, 1121, 1120, 1117, 1127, 1129, 1131, + 1118, 1119, 1168, 0, 1127, 1121, 1119, 1130, 1125, 1120, + 1124, 1122, 1126, 1125, 1131, 1128, 1130, 1126, 1132, 1133, + 1128, 1129, 1134, 1135, 1127, 1129, 1137, 1133, 1136, 0, + 1132, 1138, 1139, 1140, 1168, 1135, 1141, 1134, 1139, 1138, + 1142, 1137, 1140, 1145, 1143, 1132, 1133, 1144, 1136, 1134, + + 1135, 1143, 1142, 1137, 1144, 1136, 1146, 1141, 1138, 1139, + 1140, 1145, 1148, 1141, 1147, 0, 1150, 1142, 1146, 1151, + 1145, 1143, 1147, 1149, 1144, 1149, 1151, 1148, 1150, 1156, + 1154, 1155, 1158, 1146, 1159, 1160, 1164, 1172, 1157, 1148, + 1160, 1147, 1154, 1150, 1155, 1157, 1151, 1161, 1156, 1159, + 1149, 1162, 1163, 1186, 1158, 1161, 1156, 1154, 1155, 1158, + 0, 1159, 1164, 1164, 1162, 1157, 1163, 1160, 1166, 1172, + 1169, 0, 1167, 1171, 1161, 1192, 1192, 1187, 1162, 1163, + 1165, 1170, 1166, 1173, 1165, 1186, 1175, 1165, 1165, 0, + 1167, 1171, 1165, 0, 1174, 1166, 1169, 1169, 1165, 1167, + + 1171, 1177, 1165, 1170, 1192, 1173, 1165, 1165, 1170, 1187, + 1173, 1165, 1175, 1175, 1165, 1165, 1174, 1176, 1178, 1165, + 1178, 1174, 1181, 1176, 1179, 1165, 1180, 1177, 1177, 1165, + 1182, 1179, 1183, 1184, 1185, 1180, 1188, 1182, 1191, 1189, + 1181, 0, 1178, 1185, 1176, 1178, 1184, 1178, 1195, 1181, + 0, 1179, 1193, 1180, 1183, 1208, 1218, 1182, 1188, 1183, + 1184, 1185, 1189, 1188, 1191, 1191, 1189, 1190, 1193, 1196, + 1198, 1195, 1190, 1197, 1190, 1195, 1190, 1200, 1190, 1193, + 1202, 1196, 1197, 1218, 1199, 1190, 1201, 1208, 1198, 1199, + 1204, 1201, 0, 1203, 1190, 1200, 1196, 1198, 1209, 1190, + + 1197, 1190, 1202, 1190, 1200, 1190, 1203, 1202, 1204, 1207, + 1205, 1206, 1210, 1201, 1211, 1213, 1199, 1204, 1205, 1206, + 1203, 1212, 1207, 1215, 1209, 1209, 1214, 1211, 1213, 1217, + 1220, 1210, 1215, 1216, 1219, 1216, 1207, 1205, 1206, 1210, + 1221, 1211, 1213, 1212, 1214, 1223, 1219, 1225, 1212, 1224, + 1215, 1217, 1226, 1214, 1227, 1225, 1217, 1220, 1229, 1228, + 1216, 1219, 1230, 0, 1234, 1221, 1228, 1221, 1231, 1223, + 1226, 1224, 1223, 1235, 1225, 1236, 1224, 1232, 1233, 1226, + 1235, 1227, 1240, 1232, 1233, 1229, 1228, 1237, 1230, 1230, + 1231, 1234, 1239, 1238, 1237, 1231, 1244, 1241, 1243, 1236, + + 1235, 0, 1236, 1246, 1232, 1233, 1241, 1240, 1244, 1240, + 1239, 1245, 1247, 1248, 1237, 1238, 1246, 0, 1251, 1239, + 1238, 1249, 1243, 1244, 1241, 1243, 1253, 1250, 1252, 1258, + 1246, 1254, 1248, 1245, 1247, 1253, 1255, 1256, 1245, 1247, + 1248, 1259, 0, 1249, 1251, 1251, 1261, 1260, 1249, 1250, + 1252, 1256, 1254, 1253, 1250, 1252, 1255, 1262, 1254, 1263, + 1264, 1258, 1265, 1255, 1256, 1266, 1271, 1263, 1268, 1260, + 1269, 1272, 1266, 1259, 1260, 1262, 1264, 1269, 1261, 1270, + 1268, 1273, 1275, 1270, 1262, 0, 1263, 1264, 1276, 1265, + 1279, 0, 1266, 1277, 1276, 1268, 1280, 1269, 1271, 1282, + + 1277, 1276, 1273, 1272, 1278, 1279, 1270, 1281, 1273, 1280, + 1286, 1278, 1283, 1287, 1275, 1276, 1281, 1279, 1285, 1283, + 1277, 1276, 1284, 1280, 1284, 1282, 1282, 1285, 1289, 1288, + 1291, 1278, 1286, 1288, 1281, 1293, 1292, 1286, 1291, 1283, + 1287, 1292, 1294, 0, 1293, 1285, 1295, 1297, 1296, 1284, + 1289, 1298, 1300, 1302, 1298, 1289, 1288, 1291, 1301, 1297, + 1294, 1296, 1293, 1298, 1299, 1295, 1302, 1299, 1292, 1294, + 1300, 1304, 1305, 1295, 1297, 1296, 0, 1306, 1298, 1300, + 1302, 1298, 1307, 1301, 1308, 1301, 1299, 1307, 1309, 1309, + 1311, 1299, 1308, 1306, 1299, 1305, 1310, 1312, 1313, 1305, + + 1315, 1314, 1316, 1304, 1306, 1310, 0, 1313, 1314, 1316, + 1321, 1308, 1311, 1318, 1307, 1309, 1322, 1311, 1325, 1312, + 1326, 1319, 1315, 1310, 1312, 1313, 1318, 1315, 1314, 1316, + 1319, 0, 1320, 1323, 0, 1326, 1321, 1321, 1324, 1322, + 1318, 1320, 1323, 1322, 1327, 1328, 1324, 1326, 1319, 1329, + 1325, 1330, 1327, 1332, 1331, 1336, 1338, 1333, 1328, 1320, + 1323, 1329, 1331, 1330, 1334, 1324, 1337, 1339, 1338, 1344, + 1335, 1327, 1328, 1336, 1341, 1332, 1329, 1333, 1330, 1335, + 1332, 1331, 1336, 1338, 1333, 1339, 1334, 1342, 1340, 1343, + 1345, 1334, 1337, 1337, 1339, 1340, 1344, 1335, 1346, 1347, + + 1341, 1341, 1343, 1349, 1350, 1347, 1348, 1354, 0, 1346, + 0, 1345, 1351, 0, 1352, 1340, 1343, 1345, 1357, 1342, + 1355, 0, 1358, 0, 1356, 1346, 1347, 1357, 1348, 1362, + 1361, 1359, 1365, 1348, 1354, 1349, 1350, 1358, 1351, 1351, + 1352, 1352, 1356, 1355, 1359, 1357, 1363, 1355, 1360, 1358, + 1361, 1356, 1364, 1363, 1365, 1362, 1362, 1361, 1359, 1365, + 1360, 1366, 1367, 1368, 1369, 1370, 0, 1371, 1368, 1369, + 1367, 1364, 1370, 1363, 1366, 1360, 1372, 1373, 1375, 1364, + 1374, 1379, 1376, 1382, 1372, 1373, 1385, 0, 1366, 1367, + 1376, 0, 1370, 1371, 1371, 1368, 1369, 1380, 1374, 1377, + + 1375, 1378, 1384, 1372, 1373, 1375, 1377, 1374, 1383, 1376, + 1378, 1381, 1381, 1379, 1386, 1382, 1383, 1387, 1385, 1380, + 1390, 1391, 1386, 1384, 1380, 1387, 1377, 1391, 1378, 1384, + 1392, 1388, 1389, 1390, 1393, 1383, 1395, 1396, 1381, 1388, + 1389, 1386, 1392, 1394, 1387, 1397, 1398, 1390, 1391, 0, + 1410, 1395, 1399, 1401, 0, 1400, 1405, 1392, 1388, 1389, + 1393, 1393, 1402, 1395, 1396, 1405, 1406, 1394, 1398, 1400, + 1394, 1401, 1397, 1398, 1403, 1399, 1402, 1410, 1403, 1399, + 1401, 1411, 1400, 1405, 1407, 1408, 1409, 1412, 1406, 1402, + 1413, 1403, 1408, 1406, 1415, 1414, 1407, 1409, 1421, 1403, + + 1416, 1403, 1413, 1411, 1422, 1403, 1417, 1418, 1411, 1414, + 0, 1407, 1408, 1409, 1418, 1419, 1415, 1413, 1403, 1412, + 1428, 1415, 1414, 1416, 1419, 1420, 1424, 1416, 1427, 1417, + 1421, 1422, 1420, 1417, 1418, 1424, 1429, 1426, 1430, 1432, + 1435, 0, 1419, 1426, 1442, 1430, 1428, 1428, 1434, 1436, + 1427, 1437, 1420, 1424, 1440, 1427, 1439, 1443, 0, 1441, + 1436, 1440, 1437, 1446, 1426, 1430, 1432, 1435, 1429, 1443, + 1442, 1442, 1434, 1444, 1445, 1434, 1436, 1441, 1437, 1444, + 1439, 1440, 1445, 1439, 1443, 1446, 1441, 1448, 1449, 1447, + 1446, 1452, 1451, 1452, 1450, 0, 1453, 1454, 1455, 1457, + + 1444, 1445, 1447, 1450, 1451, 1456, 1449, 1455, 1458, 0, + 1454, 1457, 1461, 1448, 1448, 1449, 1447, 1459, 1452, 1451, + 1464, 1450, 1453, 1453, 1454, 1455, 1457, 1456, 1462, 1460, + 1463, 1466, 1456, 1462, 1465, 1458, 1460, 1468, 1461, 1461, + 1459, 1469, 1465, 1464, 1459, 1470, 1463, 1464, 1475, 1471, + 1473, 1476, 1469, 1466, 1470, 1462, 1460, 1463, 1466, 1472, + 1472, 1465, 1471, 1473, 1468, 1479, 1480, 1472, 1469, 1474, + 1483, 1474, 1470, 1476, 1475, 1475, 1471, 1473, 1476, 1481, + 1484, 1477, 1478, 1482, 1480, 1485, 1472, 1472, 1477, 1478, + 1482, 1486, 1479, 1480, 1487, 1483, 1474, 1483, 1486, 0, + + 1489, 1481, 1484, 1490, 1491, 0, 1481, 1484, 1477, 1478, + 1482, 1492, 1491, 1489, 1494, 1498, 1495, 1485, 1486, 1495, + 1496, 0, 1497, 1500, 1499, 1504, 1487, 1489, 1498, 1501, + 1490, 1491, 1492, 1499, 1502, 1500, 1494, 1505, 1492, 1507, + 1504, 1494, 1498, 1495, 1505, 1503, 1496, 1496, 1497, 1497, + 1500, 1499, 1504, 1501, 1503, 1506, 1501, 1511, 1506, 1508, + 1502, 1502, 1515, 1516, 1505, 1512, 1513, 1509, 1513, 1524, + 1506, 1507, 1503, 1517, 1514, 1511, 1519, 1518, 1524, 1506, + 1520, 1508, 1506, 1509, 1511, 1506, 1508, 1512, 1521, 1515, + 1522, 1509, 1512, 1513, 1509, 1516, 1524, 1506, 1514, 1518, + + 1523, 1514, 1519, 1519, 1518, 1517, 1520, 1520, 1525, 1527, + 1509, 1526, 1522, 1528, 1523, 1529, 1525, 1522, 1526, 1530, + 1521, 1531, 1532, 0, 1534, 0, 1532, 1523, 1533, 1539, + 1535, 1536, 1537, 1527, 0, 1525, 1527, 1538, 1526, 1537, + 1536, 1530, 1539, 1544, 1538, 1528, 1530, 1529, 1540, 1532, + 1533, 1534, 1535, 1531, 1541, 1533, 1539, 1535, 1536, 1537, + 1542, 1540, 1547, 1543, 1538, 1543, 1545, 1541, 1544, 1542, + 1544, 1548, 1550, 1551, 1545, 1540, 1552, 1547, 1549, 1554, + 1551, 1541, 1553, 1552, 1556, 1554, 1548, 1542, 1558, 1547, + 1543, 1560, 1549, 1545, 1557, 1553, 1561, 1559, 1548, 1563, + + 1551, 1557, 1563, 1552, 1550, 1549, 1554, 1562, 1561, 1553, + 1558, 1556, 1559, 1564, 1565, 1558, 1566, 1560, 1560, 1567, + 1562, 1557, 1564, 1561, 1559, 1569, 1563, 1568, 1566, 1573, + 1568, 1573, 1565, 1575, 1562, 1574, 1569, 1571, 1576, 1567, + 1564, 1565, 1571, 1566, 1578, 1568, 1567, 0, 1577, 1571, + 1579, 1580, 1569, 1578, 1568, 1586, 1573, 1568, 1581, 1574, + 1575, 1583, 1574, 1577, 1571, 1576, 1586, 1584, 1582, 1571, + 1591, 1578, 1581, 1585, 1579, 1577, 1582, 1579, 1580, 1587, + 1590, 1585, 1586, 1583, 1588, 1581, 1592, 1589, 1583, 1584, + 1589, 1596, 1588, 0, 1584, 1582, 1593, 1587, 1590, 1595, + + 1585, 1594, 1591, 1593, 1596, 1589, 1587, 1590, 1595, 1597, + 1598, 1588, 1603, 1592, 1589, 1594, 1604, 1589, 1596, 1601, + 1597, 1601, 1602, 1593, 1605, 1598, 1595, 1604, 1594, 0, + 1606, 1602, 0, 1607, 1609, 1610, 1597, 1598, 1603, 1603, + 1615, 1612, 1605, 1604, 1610, 1608, 1601, 1607, 1608, 1602, + 1612, 1605, 1606, 1615, 1616, 1618, 1609, 1606, 1611, 1607, + 1607, 1609, 1610, 1608, 1611, 1613, 1616, 1615, 1612, 1619, + 1613, 1617, 1608, 1621, 1607, 1608, 1617, 1618, 1620, 1622, + 1623, 1616, 1618, 1624, 0, 1611, 1627, 1620, 1629, 1625, + 1628, 1632, 1630, 1627, 0, 1645, 0, 1613, 1617, 1634, + + 1621, 1619, 1623, 1628, 1636, 1620, 1630, 1623, 1631, 1638, + 1625, 1622, 1636, 1627, 1631, 1624, 1625, 1628, 1634, 1630, + 1629, 1637, 1639, 1632, 1640, 1641, 1634, 1645, 1638, 1637, + 1642, 1636, 1631, 1643, 1644, 1631, 1638, 1646, 1640, 1641, + 1639, 1631, 0, 1642, 1647, 1648, 1643, 1649, 1637, 1639, + 1650, 1640, 1641, 1652, 1649, 1644, 1651, 1642, 1647, 1650, + 1643, 1644, 1653, 1654, 1651, 1655, 1656, 1652, 1654, 1646, + 1658, 1647, 1648, 1660, 1649, 1656, 1655, 1650, 1659, 1661, + 1652, 1662, 1644, 1651, 1664, 1659, 1668, 1663, 1669, 1667, + 1654, 1665, 1655, 1656, 1653, 1665, 1660, 1658, 1668, 1670, + + 1660, 1661, 1664, 1662, 1667, 1659, 1661, 1670, 1662, 1663, + 1671, 1664, 1672, 1668, 1663, 1669, 1667, 1673, 1665, 1674, + 1672, 1675, 1679, 1676, 1680, 1671, 1670, 1677, 1681, 0, + 1679, 1680, 1674, 1691, 1683, 1684, 1685, 1671, 1676, 1672, + 1682, 1675, 1677, 1683, 1673, 1686, 1674, 1687, 1675, 1679, + 1676, 1680, 1690, 1689, 1677, 1682, 1684, 1692, 1693, 1695, + 1681, 1683, 1684, 1685, 1694, 1691, 1700, 1682, 1698, 1686, + 1690, 1696, 1686, 1693, 1687, 1689, 1697, 1698, 1696, 1690, + 1689, 1697, 1701, 1695, 1692, 1693, 1695, 1699, 1700, 1694, + 1702, 1694, 1703, 1700, 1704, 1698, 1699, 1706, 1696, 1711, + + 1705, 1709, 1712, 1697, 1701, 1707, 1704, 1703, 1702, 1701, + 1706, 1708, 1707, 1710, 1699, 1706, 0, 1702, 1708, 1703, + 1722, 1704, 1705, 1709, 1706, 1710, 1711, 1705, 1709, 1713, + 1717, 1715, 1707, 1708, 1712, 1713, 1716, 1706, 1708, 1715, + 1710, 1717, 1718, 1716, 1731, 1708, 1719, 1722, 1720, 1718, + 1720, 1734, 1721, 1723, 1725, 1724, 1713, 1717, 1715, 1726, + 1727, 1720, 1724, 1716, 1728, 1729, 1727, 1730, 1736, 1718, + 1728, 1719, 1732, 1719, 1738, 1720, 1731, 1720, 1721, 1721, + 1723, 1725, 1724, 1734, 1735, 1726, 1726, 1727, 1739, 1742, + 1730, 1728, 1729, 1735, 1730, 1737, 1732, 1737, 1738, 1732, + + 1736, 1738, 1740, 1741, 1743, 1744, 1747, 1745, 0, 1740, + 1743, 1735, 1749, 1746, 1751, 1739, 1742, 1750, 1754, 1749, + 0, 0, 1737, 1754, 1750, 1741, 1757, 1744, 1760, 1740, + 1741, 1743, 1744, 1745, 1745, 1746, 1755, 0, 1747, 1749, + 1746, 1748, 1748, 1748, 1750, 1752, 1751, 1756, 1748, 1755, + 1754, 1757, 1752, 1757, 1759, 1758, 1748, 1762, 1761, 1756, + 1760, 1763, 1764, 1755, 1762, 1766, 1759, 1763, 1748, 1748, + 1748, 1758, 1752, 1767, 1756, 1748, 1761, 1765, 1765, 1769, + 1767, 1759, 1758, 1770, 1762, 1761, 1771, 1774, 1763, 1764, + 1768, 1766, 1766, 1771, 1775, 1768, 1775, 1776, 1778, 1780, + + 1767, 1779, 1781, 1782, 1765, 1769, 1769, 1779, 1783, 1782, + 1770, 1787, 1784, 1771, 1774, 1776, 1778, 1768, 1785, 1791, + 1783, 1775, 1786, 1786, 1776, 1778, 1788, 1788, 1779, 1781, + 1782, 1780, 1784, 1789, 1792, 1783, 1785, 1787, 1787, 1784, + 1793, 1791, 1794, 1795, 1789, 1785, 1791, 1793, 1796, 1786, + 1797, 1798, 1799, 1788, 1800, 1801, 1802, 1805, 1805, 1804, + 1789, 1800, 1794, 1801, 1803, 1807, 1792, 1793, 1804, 1794, + 1799, 1802, 1806, 1798, 1808, 1795, 0, 1797, 1798, 1799, + 1796, 1800, 1801, 1802, 1805, 1809, 1804, 1811, 1803, 1810, + 1814, 1803, 1809, 1813, 1816, 1814, 1815, 1807, 1806, 1806, + + 1813, 1810, 0, 1811, 1821, 1817, 1808, 1818, 1822, 1824, + 1811, 0, 1809, 1817, 1811, 1825, 1810, 1814, 1815, 1818, + 1813, 1816, 1823, 1815, 1827, 1820, 1834, 1821, 0, 1822, + 1811, 1821, 1817, 1820, 1818, 1822, 1824, 1828, 1825, 1826, + 1823, 1829, 1825, 1828, 1826, 1830, 1837, 1831, 1835, 1823, + 1832, 1827, 1820, 1830, 1829, 1826, 1833, 1832, 1834, 1836, + 1835, 1838, 1839, 1833, 1828, 1844, 1826, 1848, 1829, 1831, + 1849, 1826, 1830, 1837, 1831, 1835, 1841, 1832, 1846, 1842, + 1853, 1836, 1851, 1833, 1842, 1839, 1836, 1838, 1838, 1839, + 1843, 1847, 1844, 1852, 1841, 1842, 1847, 1843, 1855, 1848, + + 1850, 1850, 1849, 1841, 1851, 1846, 1842, 1856, 1852, 1851, + 1859, 1842, 1853, 1855, 1857, 1861, 1858, 1843, 1858, 1860, + 1852, 1863, 1862, 1847, 1860, 1855, 1871, 1850, 1869, 1857, + 1856, 1866, 1867, 1872, 1856, 1865, 1863, 1870, 1873, 1866, + 1874, 1857, 1859, 1858, 1862, 1873, 1860, 1861, 1863, 1862, + 1865, 1876, 1869, 1871, 1867, 1869, 1875, 1878, 1866, 1867, + 1872, 1877, 1865, 1870, 1870, 1873, 1882, 1880, 0, 1884, + 1883, 1886, 1874, 1876, 0, 1878, 1887, 1875, 1876, 1888, + 1889, 1890, 1877, 1875, 1878, 1883, 1886, 1891, 1877, 1880, + 1882, 1887, 1893, 1882, 1880, 1884, 1884, 1883, 1886, 1890, + + 1892, 1888, 1894, 1887, 1895, 1896, 1888, 1889, 1890, 1891, + 1898, 1895, 1897, 1899, 1891, 0, 1893, 1901, 1898, 1893, + 1900, 1897, 1892, 1896, 1902, 1903, 1904, 1892, 1905, 1894, + 0, 1895, 1896, 1902, 1907, 1904, 1899, 1898, 1909, 1897, + 1899, 1905, 1900, 1903, 1910, 1907, 1912, 1900, 1908, 1901, + 1911, 1902, 1903, 1904, 1913, 1905, 1909, 1908, 1915, 1919, + 1907, 1907, 1914, 1921, 1912, 1909, 1927, 1922, 1914, 1913, + 1910, 1910, 1907, 1912, 1916, 1908, 1911, 1911, 1922, 1925, + 1915, 1913, 1923, 1926, 1931, 1915, 1919, 1921, 1916, 1914, + 1921, 1925, 1928, 1923, 1922, 1929, 1926, 0, 1927, 1930, + + 1934, 1916, 1928, 1935, 1932, 1938, 1925, 1937, 1940, 1923, + 1926, 1931, 1939, 1940, 1942, 1943, 0, 0, 1941, 1928, + 1986, 1929, 1929, 1932, 1930, 1941, 1930, 1934, 1937, 1935, + 1935, 1932, 1939, 1943, 1937, 1940, 1945, 1938, 1944, 1939, + 1942, 1942, 1943, 1946, 1944, 1941, 1947, 1948, 1948, 1952, + 1949, 1945, 1986, 1953, 1950, 1955, 1952, 1953, 1946, 1956, + 1958, 1947, 1949, 1945, 1954, 1944, 1959, 1950, 1956, 0, + 1946, 1957, 1963, 1947, 1948, 1950, 1952, 1949, 1957, 1954, + 1953, 1950, 1955, 1960, 1958, 1962, 1956, 1958, 1959, 1965, + 1960, 1954, 1964, 1959, 1950, 1966, 1968, 1963, 1957, 1963, + + 1970, 1964, 1971, 1972, 0, 1974, 1973, 1962, 1977, 1970, + 1960, 1965, 1962, 1974, 1968, 1966, 1965, 1976, 1972, 1964, + 1971, 1977, 1966, 1968, 1978, 1979, 1979, 1970, 1980, 1971, + 1972, 1973, 1974, 1973, 1981, 1977, 1982, 1984, 1983, 1988, + 1985, 0, 1976, 0, 1976, 1993, 1984, 1985, 1987, 1989, + 1980, 1978, 1979, 1988, 1991, 1980, 1992, 1997, 1982, 1981, + 1983, 1981, 1991, 1982, 1984, 1983, 1988, 1985, 1989, 1992, + 1987, 1994, 1993, 1995, 1998, 1987, 1989, 1996, 1999, 2000, + 2002, 1991, 2004, 1992, 1996, 1995, 2005, 2003, 2000, 1997, + 0, 2001, 0, 2006, 2007, 0, 1998, 1994, 1994, 2001, + + 1995, 1998, 2003, 1999, 1996, 1999, 2000, 2002, 2004, 2004, + 2001, 2006, 2005, 2005, 2003, 2008, 2007, 2014, 2001, 2010, + 2006, 2007, 2010, 2011, 2008, 2012, 2001, 2013, 2015, 2018, + 2017, 2012, 2013, 2021, 2022, 2014, 2019, 2010, 2024, 0, + 0, 2022, 2008, 2015, 2014, 2017, 2010, 2021, 2011, 2010, + 2011, 2018, 2012, 2023, 0, 2015, 2018, 2017, 2019, 2013, + 2021, 2022, 2029, 2019, 2025, 2024, 2026, 2027, 2028, 2031, + 2032, 2023, 2033, 2025, 2029, 2026, 2034, 0, 2027, 2033, + 2023, 2028, 2035, 2036, 2031, 2032, 2041, 2039, 2042, 2029, + 2043, 2025, 2042, 2026, 2027, 2028, 2031, 2032, 2034, 2033, + + 2039, 2036, 2043, 2034, 2035, 2046, 2047, 2041, 2039, 2035, + 2036, 2044, 2048, 2041, 2039, 2042, 2045, 2043, 2045, 2049, + 2044, 2050, 2051, 2046, 2056, 2052, 2053, 2039, 2057, 2050, + 2048, 2054, 2046, 2047, 2060, 2058, 2054, 2055, 2044, 2048, + 2053, 2060, 2055, 2045, 2059, 2051, 2049, 2052, 2050, 2051, + 2063, 2066, 2052, 2053, 2064, 2065, 2056, 2067, 2054, 2058, + 2057, 2060, 2058, 2059, 2070, 2069, 2071, 2073, 2064, 2055, + 2068, 2059, 2072, 2065, 2069, 2075, 0, 2063, 2066, 2064, + 2064, 2064, 2065, 2067, 2067, 2068, 2074, 2077, 2071, 2079, + 0, 0, 2069, 2071, 2073, 2064, 2070, 2068, 2072, 2072, + + 2083, 2082, 2078, 2082, 2080, 2085, 2064, 2075, 2074, 2078, + 2077, 2080, 2079, 2074, 2077, 2084, 2079, 2085, 2086, 2084, + 2091, 2087, 2083, 2088, 2090, 2091, 2089, 2083, 2082, 2078, + 2087, 2080, 2085, 2089, 2088, 2092, 2093, 2094, 2095, 2098, + 2086, 2097, 2084, 2096, 2096, 2086, 2090, 2091, 2087, 2094, + 2088, 2090, 2100, 2089, 2098, 2101, 2103, 2105, 0, 2093, + 2095, 2097, 2092, 2093, 2094, 2095, 2098, 2099, 2097, 2101, + 2096, 2102, 2111, 2106, 2100, 2099, 2105, 2107, 2111, 2100, + 2102, 2106, 2101, 2103, 2105, 2107, 2108, 2110, 2109, 2115, + 2108, 2109, 2112, 2119, 2099, 2110, 2113, 2117, 2102, 2111, + + 2106, 2115, 2113, 2120, 2107, 2118, 2121, 2112, 2123, 2127, + 2122, 2117, 2124, 2108, 2110, 2109, 2115, 2125, 2119, 2112, + 2119, 2126, 2123, 2113, 2117, 2124, 2118, 2128, 2121, 2129, + 2120, 2125, 2118, 2121, 2122, 2123, 2127, 2122, 2130, 2124, + 2131, 2129, 2132, 2133, 2125, 2132, 2134, 2126, 2126, 2135, + 2138, 2139, 2130, 2137, 2128, 2141, 2129, 2138, 2139, 2140, + 2132, 2142, 2144, 0, 2146, 2130, 2131, 2131, 0, 2132, + 2133, 2135, 2132, 2134, 2140, 2137, 2135, 2138, 2139, 2143, + 2137, 2145, 2141, 2147, 2149, 2148, 2140, 2143, 2142, 2144, + 2145, 2146, 2150, 2154, 2156, 2147, 2151, 2152, 2157, 2159, + + 2153, 2154, 0, 0, 2164, 2162, 2143, 2148, 2145, 2151, + 2147, 2149, 2148, 2153, 2158, 2152, 2156, 2161, 0, 2150, + 2154, 2156, 2158, 2151, 2152, 2157, 2159, 2153, 2160, 2162, + 2163, 2164, 2162, 2168, 2165, 2166, 2170, 2160, 2161, 2172, + 2167, 2158, 2165, 2170, 2161, 2163, 2171, 2166, 2167, 2174, + 2171, 2172, 2173, 0, 2180, 2160, 2163, 2163, 2176, 2177, + 2168, 2165, 2166, 2170, 2182, 2183, 2172, 2167, 2187, 2175, + 2178, 2177, 2163, 2171, 2232, 2173, 2174, 2175, 2183, 2173, + 2176, 2180, 2178, 2181, 2182, 2176, 2177, 2186, 2186, 2184, + 2181, 2182, 2183, 2185, 2187, 2187, 2175, 2178, 2184, 2188, + + 2189, 2232, 2185, 2192, 2190, 2199, 2199, 2193, 2196, 0, + 2181, 2194, 2204, 2195, 2186, 2195, 2184, 2188, 2192, 2190, + 2185, 2190, 2196, 2198, 2206, 2189, 2188, 2189, 2190, 2193, + 2192, 2190, 2199, 2194, 2193, 2196, 2197, 2201, 2194, 2202, + 2195, 2203, 2197, 2205, 2204, 2198, 2190, 2207, 2190, 2205, + 2198, 2208, 2209, 2203, 2209, 2217, 2206, 2210, 2211, 2201, + 0, 2202, 2212, 2197, 2201, 2213, 2202, 0, 2203, 2207, + 2205, 2210, 2214, 2208, 2207, 2215, 0, 2218, 2208, 2209, + 2212, 2216, 2211, 2213, 2210, 2211, 2223, 2217, 2219, 2212, + 2214, 2221, 2213, 2215, 2216, 2224, 2225, 2226, 2221, 2214, + + 0, 0, 2215, 2227, 2223, 2226, 2251, 2233, 2216, 2218, + 2228, 2219, 2228, 2223, 2236, 2219, 2230, 2228, 2221, 2233, + 2231, 2224, 2224, 2226, 2226, 2227, 2234, 2230, 2225, 2236, + 2227, 2231, 2226, 2238, 2233, 2237, 2239, 2228, 2251, 2228, + 2241, 2236, 2243, 2230, 2234, 2238, 2237, 2231, 2242, 2243, + 2244, 2239, 2245, 2234, 2246, 2248, 0, 2252, 2253, 2249, + 2238, 0, 2237, 2239, 2241, 2244, 2250, 2241, 2254, 2243, + 2242, 2255, 0, 2256, 2261, 2242, 2253, 2244, 2258, 2245, + 2246, 2246, 2248, 2249, 2255, 2253, 2249, 2257, 2250, 2252, + 2260, 2258, 0, 2250, 2262, 2254, 2259, 2263, 2255, 2256, + + 2256, 2266, 2257, 2265, 2259, 2258, 2261, 2262, 2267, 2268, + 2269, 2270, 2273, 2271, 2257, 2269, 2260, 2260, 2272, 2263, + 2271, 2262, 2276, 2259, 2263, 2266, 2265, 2277, 2266, 2270, + 2265, 2268, 2274, 2283, 2277, 2267, 2268, 0, 2270, 2273, + 2271, 2272, 2269, 2278, 2276, 2272, 2274, 2279, 2280, 2276, + 2278, 2281, 2284, 2285, 2277, 2282, 2286, 2290, 2281, 2274, + 2279, 2288, 2285, 2287, 2286, 2283, 2293, 2288, 2295, 2292, + 2278, 2280, 2290, 2284, 2279, 2280, 2291, 2282, 2281, 2284, + 2285, 2294, 2282, 2286, 2290, 2287, 2298, 2291, 2288, 2299, + 2287, 2292, 2307, 2295, 2300, 2295, 2292, 2302, 2293, 2298, + + 2294, 2301, 2301, 2291, 2305, 2306, 2308, 2307, 2294, 2312, + 0, 2309, 2316, 2298, 2328, 2299, 2299, 2314, 2300, 2307, + 2320, 2300, 2324, 2302, 2302, 2316, 2314, 2305, 2301, 2309, + 2317, 2305, 2322, 2308, 2321, 2321, 2312, 2306, 2309, 2316, + 2323, 2317, 2320, 2326, 2314, 2329, 2328, 2320, 2331, 2324, + 2334, 2332, 2330, 2331, 2322, 2336, 2338, 2317, 2334, 2322, + 2340, 2321, 2323, 2330, 2339, 2335, 2343, 2323, 2349, 2340, + 2326, 2329, 2329, 2332, 2338, 2331, 2341, 2334, 2332, 2330, + 2335, 2344, 2336, 2338, 2348, 2350, 2345, 2340, 2341, 2346, + 2351, 2352, 2335, 2343, 2345, 2349, 2339, 2353, 2346, 2351, + + 2354, 2355, 2356, 2341, 2358, 2344, 2357, 2350, 2344, 2352, + 2348, 2348, 2350, 2345, 2355, 2356, 2346, 2351, 2352, 2353, + 2360, 2357, 2361, 2359, 2353, 2354, 2358, 2354, 2355, 2356, + 2359, 2358, 2362, 2357, 2363, 2364, 2365, 2366, 2367, 0, + 2368, 2370, 2360, 2369, 0, 0, 2366, 2360, 2372, 2361, + 2359, 2365, 2374, 2376, 0, 2372, 2370, 2371, 2377, 2362, + 2367, 2363, 2364, 2365, 2366, 2367, 2368, 2368, 2370, 2369, + 2369, 2373, 2371, 2375, 2378, 2372, 2379, 2380, 2381, 2374, + 2376, 2375, 2373, 2386, 2371, 2377, 2383, 2382, 2384, 2385, + 2378, 2379, 0, 2381, 2382, 2384, 2385, 2380, 2373, 2387, + + 2375, 2378, 2389, 2379, 2380, 2381, 2388, 2388, 2383, 2389, + 2386, 2390, 2393, 2383, 2382, 2384, 2385, 2387, 2391, 2392, + 2402, 2391, 2394, 2395, 2396, 2390, 2387, 2393, 2397, 2389, + 2400, 2406, 2392, 2388, 2399, 2400, 2396, 2404, 2390, 2393, + 2397, 2395, 2407, 2399, 2402, 2391, 2392, 2402, 2394, 2394, + 2395, 2396, 2401, 2403, 2405, 2397, 2401, 2400, 2406, 2404, + 2408, 2399, 2410, 2413, 2404, 2412, 2403, 2414, 2418, 2407, + 2415, 0, 2413, 2416, 0, 2418, 2405, 2420, 2415, 2401, + 2403, 2405, 2420, 2414, 2419, 2416, 2408, 2408, 2410, 2410, + 2413, 2412, 2412, 2419, 2414, 2418, 2421, 2415, 2422, 2423, + + 2416, 2425, 2424, 2421, 2420, 2426, 2423, 2428, 2425, 2427, + 2430, 2419, 2431, 2434, 2426, 2433, 2422, 2435, 2427, 2438, + 2433, 0, 0, 2421, 2431, 2422, 2423, 2424, 2425, 2424, + 2437, 2434, 2426, 2428, 2428, 2441, 2427, 2430, 2439, 2431, + 2434, 2440, 2433, 2443, 2435, 2444, 2438, 2439, 2437, 2442, + 2440, 2446, 2443, 2445, 2444, 2441, 2447, 2437, 2448, 2446, + 2449, 2442, 2441, 2450, 2445, 2439, 2451, 2452, 2440, 2449, + 2443, 2453, 2444, 2454, 2455, 2457, 2442, 2460, 2446, 2462, + 2445, 2456, 2454, 2447, 2450, 2448, 2455, 2449, 2458, 2456, + 2450, 2459, 2461, 2451, 2452, 2458, 2463, 2457, 2459, 2460, + + 2454, 2455, 2457, 2453, 2460, 2464, 2462, 2468, 2456, 2470, + 0, 0, 2466, 2472, 2469, 2458, 2479, 2461, 2459, 2461, + 2466, 2463, 2469, 2463, 2470, 2468, 2471, 2478, 2482, 0, + 2473, 2487, 2464, 2471, 2468, 2472, 2470, 2473, 2474, 2466, + 2472, 2469, 2477, 2479, 2480, 2483, 2474, 2486, 2485, 2477, + 2481, 2478, 2488, 2471, 2478, 2482, 2480, 2473, 2487, 2481, + 2485, 2490, 2493, 2496, 2497, 2474, 2488, 2495, 2483, 2477, + 2486, 2480, 2483, 2490, 2486, 2485, 2491, 2481, 2492, 2488, + 2498, 2496, 2495, 2491, 2499, 2492, 2500, 2497, 2490, 2493, + 2496, 2497, 2499, 2501, 2495, 2503, 2502, 2504, 2505, 0, + + 2510, 2512, 2513, 2491, 2511, 2492, 2503, 2498, 0, 2511, + 0, 2499, 2504, 2500, 2502, 2501, 2513, 2515, 2514, 2516, + 2501, 2517, 2503, 2502, 2504, 2505, 2510, 2510, 2512, 2513, + 2518, 2511, 2514, 2520, 2523, 2515, 2524, 2516, 2525, 0, + 2526, 2528, 2518, 0, 2515, 2514, 2516, 2527, 2517, 2528, + 2530, 2525, 2529, 2533, 2534, 2536, 2523, 2518, 2524, 2532, + 2520, 2523, 2526, 2524, 2537, 2525, 2527, 2526, 2528, 2530, + 2529, 2532, 2535, 2538, 2527, 2533, 2534, 2530, 2539, 2529, + 2533, 2534, 2536, 2541, 2535, 2540, 2532, 2542, 2543, 2544, + 2546, 2537, 2541, 2559, 0, 2545, 2542, 2547, 2539, 2535, + + 2538, 2548, 2546, 2549, 2552, 2539, 2553, 2540, 2554, 0, + 2541, 2544, 2540, 2558, 2542, 2556, 2544, 2546, 2552, 2547, + 2543, 2545, 2545, 2557, 2547, 2559, 2558, 2561, 2548, 2555, + 2549, 2552, 2554, 2553, 2555, 2554, 2560, 2556, 2562, 2563, + 2558, 2564, 2556, 2566, 2567, 2557, 2565, 2568, 0, 2561, + 2557, 2563, 2565, 2571, 2561, 2569, 2562, 2572, 2579, 2560, + 2564, 2555, 2573, 2560, 2571, 2562, 2563, 2579, 2564, 2568, + 2569, 2577, 2575, 2565, 2568, 2566, 2567, 2580, 2578, 2572, + 2571, 2583, 2569, 2581, 2572, 2579, 2573, 2575, 2582, 2573, + 2587, 2580, 2588, 2577, 2584, 0, 2594, 0, 2577, 2575, + + 2578, 2581, 2592, 2591, 2580, 2578, 2582, 2583, 2583, 2592, + 2581, 2591, 2584, 2588, 2596, 2582, 2593, 2595, 2598, 2588, + 2599, 2584, 2587, 2594, 2593, 2595, 2597, 2601, 2599, 2592, + 2591, 2605, 2596, 2603, 2604, 2606, 2607, 2606, 2597, 2601, + 2603, 2596, 2608, 2593, 2595, 2598, 2609, 2599, 2610, 2612, + 2611, 0, 2614, 2597, 2601, 2621, 2622, 2604, 2605, 2615, + 2603, 2604, 2606, 2623, 2617, 2622, 2624, 2618, 2607, 2611, + 2614, 2612, 2619, 2615, 2608, 2610, 2612, 2611, 2609, 2614, + 2618, 2621, 2621, 2622, 2619, 2626, 2615, 2617, 2627, 2630, + 2623, 2617, 2628, 2624, 2618, 2632, 2633, 2637, 2634, 2619, + + 2635, 2638, 2632, 2640, 2637, 2635, 2641, 2642, 0, 0, + 2648, 2627, 2626, 2634, 2628, 2627, 2630, 2645, 2633, 2628, + 2649, 2643, 2632, 2633, 2637, 2634, 2645, 2638, 2638, 2647, + 2640, 2642, 2635, 2641, 2642, 2643, 2647, 2648, 2650, 2651, + 2652, 2653, 2656, 2654, 2645, 2655, 2649, 2649, 2643, 2657, + 2658, 2651, 2654, 2663, 2662, 2653, 2647, 2663, 2655, 2662, + 2666, 2667, 2664, 2670, 2665, 2650, 2651, 2652, 2653, 2664, + 2654, 2665, 2655, 2658, 2656, 2669, 2657, 2658, 2673, 2676, + 2663, 2666, 2668, 2679, 2668, 2675, 2662, 2666, 2680, 2664, + 2670, 2665, 2678, 2667, 2678, 2686, 2682, 0, 2669, 0, + + 2673, 2684, 2669, 2676, 2675, 2673, 2676, 2679, 2684, 2668, + 2679, 2683, 2675, 0, 2680, 2680, 2681, 2681, 2682, 2678, + 2683, 2685, 2686, 2682, 2687, 2688, 2681, 2689, 2684, 2692, + 2693, 2690, 2695, 2688, 2685, 2693, 2691, 2687, 2683, 2690, + 2689, 2696, 2694, 2681, 2681, 2697, 0, 2698, 2685, 2688, + 2694, 2687, 2688, 2692, 2689, 2691, 2692, 2699, 2690, 2695, + 2688, 0, 2693, 2691, 2700, 2701, 0, 2696, 2696, 2694, + 2702, 2697, 2697, 2698, 2698, 2700, 2705, 2702, 2703, 2703, + 2704, 2706, 2707, 2699, 2699, 2710, 2708, 2701, 2704, 2707, + 2711, 2700, 2701, 2708, 2714, 2712, 2715, 2702, 2705, 2706, + + 2716, 2719, 2717, 2705, 2712, 2703, 0, 2704, 2706, 2707, + 0, 2724, 2710, 2708, 2711, 2720, 2715, 2711, 2721, 2722, + 2724, 2714, 2712, 2715, 2717, 2725, 2726, 2716, 2719, 2717, + 2727, 2728, 2731, 2720, 2729, 2737, 2721, 2722, 2724, 2729, + 2730, 2732, 2720, 2728, 2739, 2721, 2722, 2736, 2727, 2726, + 2731, 0, 2725, 2726, 2730, 2745, 2742, 2727, 2728, 2731, + 2740, 2741, 2737, 2741, 2732, 2742, 2729, 2730, 2732, 2736, + 2745, 2739, 2744, 2740, 2736, 2748, 2749, 2748, 2750, 2751, + 2753, 2765, 2745, 2742, 0, 2750, 2755, 2740, 2741, 2766, + 2744, 0, 2755, 2757, 2749, 2753, 2758, 0, 2759, 2744, + + 2762, 2760, 2748, 2749, 2767, 2750, 2763, 2753, 2765, 2763, + 2769, 2751, 2768, 2755, 2773, 2757, 2766, 2769, 2758, 2760, + 2757, 2770, 2762, 2758, 2759, 2759, 2776, 2762, 2760, 2770, + 2768, 2767, 2763, 2763, 2771, 2774, 2763, 2769, 2775, 2768, + 2777, 2779, 2780, 2778, 2782, 2781, 2773, 2779, 2770, 2777, + 2783, 2784, 2783, 2776, 2781, 0, 2771, 2774, 2778, 2786, + 2775, 2771, 2774, 2787, 2780, 2775, 2788, 2777, 2779, 2780, + 2778, 2789, 2781, 2790, 2795, 2791, 2782, 2783, 2784, 2792, + 2797, 2790, 2786, 0, 0, 2787, 2786, 2791, 2788, 2793, + 2787, 2792, 2799, 2788, 2797, 2798, 2793, 2789, 2789, 2800, + + 2790, 2795, 2791, 2801, 2802, 2803, 2792, 2797, 2808, 2798, + 2805, 2804, 2802, 2811, 2801, 2799, 2793, 2800, 2806, 2799, + 2807, 2807, 2798, 2812, 2803, 2816, 2800, 2806, 2805, 2821, + 2801, 2802, 2803, 2804, 2809, 2808, 2823, 2805, 2804, 2828, + 2811, 0, 2809, 2814, 2818, 2806, 2819, 2807, 2820, 2814, + 2812, 2821, 2816, 2824, 2825, 2818, 2821, 2819, 2825, 2820, + 2824, 2809, 2831, 2823, 2826, 2828, 2828, 2834, 2830, 2829, + 2814, 2818, 2826, 2819, 2834, 2820, 2830, 2835, 2836, 2837, + 2824, 2825, 2829, 2838, 2837, 2839, 2840, 2842, 2841, 2831, + 2843, 2826, 2844, 2840, 2834, 2830, 2829, 2845, 0, 2844, + + 2836, 2849, 0, 2842, 2851, 2836, 2837, 2841, 2843, 2835, + 2838, 2847, 2839, 2840, 2842, 2841, 2846, 2843, 2848, 2844, + 2850, 2855, 2857, 2858, 2846, 2848, 2847, 0, 2849, 2845, + 2851, 2851, 2856, 2859, 2841, 2860, 2855, 2861, 2847, 2856, + 2867, 2863, 2864, 2846, 2850, 2848, 2861, 2850, 2855, 2865, + 2858, 2869, 0, 2866, 2857, 2868, 2868, 2859, 2871, 2856, + 2859, 2866, 2875, 2863, 2861, 2868, 2872, 2860, 2863, 2864, + 2874, 2865, 2867, 2871, 2878, 2872, 2865, 2873, 2869, 2873, + 2866, 2880, 2868, 2868, 2874, 2871, 2876, 2877, 2881, 2875, + 2882, 2885, 2878, 2872, 2876, 2886, 2883, 2874, 2884, 2887, + + 2889, 2878, 2888, 2888, 2873, 0, 2890, 2892, 2880, 2883, + 2877, 2895, 2882, 2876, 2877, 2881, 2897, 2882, 2885, 2895, + 2884, 2897, 2886, 2883, 2900, 2884, 2887, 2902, 2890, 2888, + 2898, 2899, 2889, 2890, 2892, 2898, 2899, 2904, 2895, 2903, + 2906, 2905, 2907, 2897, 2904, 2909, 2910, 2911, 2912, 2915, + 2900, 2900, 2903, 2910, 2902, 2911, 2917, 2898, 2899, 2905, + 2918, 2920, 2922, 2923, 2904, 2919, 2903, 2906, 2905, 2907, + 2912, 2921, 2924, 2910, 2911, 2912, 2915, 2909, 2919, 2928, + 0, 2922, 2918, 2917, 2926, 2929, 2921, 2918, 2927, 2922, + 2923, 2926, 2919, 2920, 2924, 2927, 2930, 2932, 2921, 2924, + + 2929, 2928, 2933, 2941, 2964, 2964, 2928, 2934, 2938, 2937, + 2933, 2926, 2929, 2935, 2934, 2927, 2932, 2930, 2937, 2938, + 2935, 2939, 2939, 2930, 2932, 2941, 2940, 2945, 2943, 2933, + 2941, 2939, 2940, 2964, 2934, 2938, 2937, 2944, 2946, 2948, + 2935, 2949, 2950, 2953, 2944, 2954, 2948, 0, 2939, 2939, + 2943, 2955, 2961, 2940, 2959, 2943, 2950, 2963, 2969, 2945, + 2946, 2965, 2965, 2949, 2944, 2946, 2948, 2960, 2949, 2950, + 2953, 2970, 2954, 2967, 2955, 2960, 2959, 0, 2955, 2961, + 2970, 2959, 2966, 2966, 2963, 2969, 2971, 2976, 2974, 2977, + 2965, 2980, 2981, 2980, 2960, 2974, 2967, 2975, 2970, 2971, + + 2967, 2986, 2982, 2983, 2975, 2984, 2995, 2988, 2987, 2976, + 2986, 2966, 2981, 2971, 2976, 2974, 2977, 2984, 2980, 2981, + 2989, 2983, 2990, 2992, 2975, 2982, 2987, 2991, 2986, 2982, + 2983, 2994, 2984, 2988, 2988, 2987, 2994, 2993, 2995, 2991, + 2993, 2996, 2998, 2996, 2997, 2992, 0, 2989, 2998, 2990, + 2992, 2999, 3000, 3001, 2991, 2993, 2997, 3002, 3003, 3005, + 3004, 3001, 3006, 2994, 2993, 3007, 3008, 2993, 2996, 2998, + 3011, 2997, 3012, 2999, 3000, 3016, 3013, 3017, 2999, 3000, + 3001, 3004, 3018, 3019, 3002, 3020, 3005, 3004, 3008, 3006, + 3003, 3021, 3007, 3008, 3013, 3022, 3024, 3011, 3025, 3012, + + 3027, 3026, 3016, 3013, 3017, 3031, 3028, 3033, 3030, 3018, + 3019, 3034, 3020, 3028, 3024, 3027, 3030, 3032, 3021, 3026, + 3035, 3033, 3022, 3024, 3036, 3025, 3034, 3027, 3026, 3032, + 3037, 3040, 3031, 3028, 3033, 3030, 3036, 3041, 3034, 3043, + 3040, 3042, 3042, 3044, 3032, 3046, 3035, 3035, 3047, 3048, + 0, 3036, 3044, 0, 3051, 3049, 3055, 3037, 3040, 3050, + 3052, 3041, 3048, 3051, 3041, 3043, 3043, 3050, 3042, 3046, + 3044, 3052, 3046, 3054, 3055, 3070, 3048, 3049, 3059, 3072, + 3047, 3051, 3049, 3055, 3062, 3062, 3050, 3052, 3073, 3074, + 3059, 3075, 3077, 3072, 3054, 3078, 3077, 3079, 3084, 3070, + + 3054, 3080, 3070, 3083, 3081, 3059, 3072, 3083, 3080, 3086, + 3085, 3062, 3088, 3078, 3084, 3073, 3074, 3081, 3075, 3077, + 3079, 3087, 3078, 0, 3079, 3084, 3089, 3090, 3080, 3095, + 3083, 3081, 3085, 3087, 3086, 3090, 3086, 3085, 3088, 3088, + 3089, 3091, 3096, 3093, 3092, 3093, 3094, 3095, 3087, 3104, + 3091, 3106, 3098, 3089, 3090, 3092, 3095, 3096, 3094, 3097, + 3099, 3100, 3104, 3107, 3108, 3097, 3109, 3099, 3091, 3096, + 3093, 3092, 3110, 3094, 3098, 3105, 3104, 3111, 3106, 3098, + 0, 3107, 3105, 3100, 3114, 3115, 3097, 3099, 3100, 3112, + 3107, 3108, 3109, 3109, 3113, 3116, 3117, 3112, 3117, 3110, + + 3119, 3113, 3105, 3118, 3111, 0, 3120, 3115, 3114, 3121, + 3124, 3114, 3115, 3122, 3125, 3118, 3112, 3116, 3123, 3120, + 3127, 3113, 3116, 3117, 3121, 3123, 3126, 3128, 3127, 3135, + 3118, 3130, 3119, 3120, 3136, 3122, 3121, 3124, 3126, 3132, + 3122, 3125, 3138, 3130, 3137, 3123, 3139, 3127, 3132, 3140, + 3138, 0, 3141, 3126, 3128, 3144, 3135, 3145, 3130, 3142, + 3136, 3136, 3143, 3137, 3146, 3141, 3132, 3152, 3149, 3138, + 3143, 3137, 0, 3142, 3149, 3153, 3150, 3144, 3139, 3141, + 3152, 3140, 3144, 3150, 3145, 3155, 3142, 3156, 3157, 3143, + 3158, 3146, 3155, 3159, 3152, 3149, 3157, 3160, 3153, 3161, + + 3162, 3163, 3153, 3150, 3158, 3160, 3166, 3159, 3168, 3156, + 3167, 3169, 3155, 3166, 3156, 3157, 3168, 3158, 3170, 3167, + 3159, 3161, 3162, 3171, 3160, 3172, 3161, 3162, 3163, 0, + 3177, 3173, 3174, 3166, 3175, 3168, 3176, 3167, 3169, 3179, + 3170, 3181, 3180, 0, 3176, 3170, 3188, 3183, 0, 3184, + 0, 3172, 3172, 3173, 3174, 3171, 3175, 3184, 3173, 3174, + 3185, 3175, 3177, 3176, 3180, 3186, 3179, 3187, 3181, 3180, + 3183, 3189, 3190, 3186, 3183, 3187, 3184, 3192, 3188, 3189, + 3185, 3194, 3195, 3196, 3201, 3195, 3190, 3185, 3197, 3198, + 0, 3200, 3186, 3199, 3187, 3205, 3197, 3198, 3189, 3190, + + 3195, 3204, 3204, 3192, 3192, 3196, 3201, 3199, 3194, 3195, + 3196, 3201, 3195, 3202, 3209, 3197, 3198, 3200, 3200, 3207, + 3199, 3205, 3205, 3206, 0, 3208, 3211, 3202, 3204, 3210, + 3212, 3206, 3213, 3214, 3211, 3215, 3209, 0, 3222, 3218, + 3202, 3209, 0, 3216, 3217, 3207, 3207, 3218, 0, 3210, + 3206, 3208, 3208, 3211, 3213, 3219, 3210, 3212, 3214, 3213, + 3214, 3220, 3215, 3216, 3217, 3222, 3218, 3223, 3225, 3220, + 3216, 3217, 3227, 3228, 3226, 3223, 3229, 3219, 3231, 3232, + 3227, 3228, 3219, 3233, 0, 3234, 3235, 3232, 3220, 3236, + 3225, 3233, 3238, 3239, 3223, 3225, 3226, 3240, 3248, 3227, + + 3228, 3226, 3229, 3229, 3242, 3231, 3232, 3245, 3249, 3236, + 3233, 3234, 3234, 3235, 3246, 3247, 3236, 3240, 0, 3238, + 3239, 0, 3246, 3247, 3240, 3248, 3242, 0, 0, 3245, + 0, 3242, 0, 0, 3245, 3249, 0, 0, 0, 0, + 0, 3246, 3247, 3253, 3253, 3253, 3253, 3253, 3253, 3253, + 3254, 3254, 3254, 3254, 3254, 3254, 3254, 3255, 3255, 3255, + 3255, 3255, 3255, 3255, 3256, 3256, 3256, 3256, 3256, 3256, + 3256, 3257, 3257, 3257, 3257, 3257, 3257, 3257, 3258, 3258, + 3258, 3258, 3258, 3258, 3258, 3259, 3259, 3259, 3259, 3259, + 3259, 3259, 3261, 3261, 0, 3261, 3261, 3261, 3261, 3262, + + 3262, 0, 0, 0, 3262, 3262, 3263, 3263, 0, 0, + 3263, 0, 3263, 3264, 0, 0, 0, 0, 0, 3264, + 3265, 3265, 0, 0, 0, 3265, 3265, 3266, 0, 0, + 0, 0, 0, 3266, 3267, 3267, 0, 3267, 3267, 3267, + 3267, 3268, 0, 0, 0, 0, 0, 3268, 3269, 3269, + 0, 0, 0, 3269, 3269, 3270, 3270, 0, 3270, 3270, + 3270, 3270, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, + 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, + 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, + 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, + + 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, + 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, + 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252, 3252 } ; static yy_state_type yy_last_accepting_state; @@ -3650,7 +3757,7 @@ static void config_end_include(void) } #endif -#line 3651 "<stdout>" +#line 3758 "<stdout>" #define YY_NO_INPUT 1 #line 191 "util/configlexer.lex" #ifndef YY_NO_UNPUT @@ -3659,9 +3766,9 @@ static void config_end_include(void) #ifndef YY_NO_INPUT #define YY_NO_INPUT 1 #endif -#line 3660 "<stdout>" +#line 3767 "<stdout>" -#line 3662 "<stdout>" +#line 3769 "<stdout>" #define INITIAL 0 #define quotedstring 1 @@ -3885,7 +3992,7 @@ YY_DECL { #line 211 "util/configlexer.lex" -#line 3886 "<stdout>" +#line 3993 "<stdout>" while ( /*CONSTCOND*/1 ) /* loops until end-of-file is reached */ { @@ -3918,13 +4025,13 @@ yy_match: while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 3137 ) + if ( yy_current_state >= 3253 ) yy_c = yy_meta[yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + yy_c]; ++yy_cp; } - while ( yy_base[yy_current_state] != 8937 ); + while ( yy_base[yy_current_state] != 9263 ); yy_find_action: yy_act = yy_accept[yy_current_state]; @@ -4174,1299 +4281,1354 @@ YY_RULE_SETUP case 45: YY_RULE_SETUP #line 259 "util/configlexer.lex" -{ YDVAR(1, VAR_USE_SYSTEMD) } +{ YDVAR(1, VAR_HTTPS_PORT) } YY_BREAK case 46: YY_RULE_SETUP #line 260 "util/configlexer.lex" -{ YDVAR(1, VAR_DO_DAEMONIZE) } +{ YDVAR(1, VAR_HTTP_ENDPOINT) } YY_BREAK case 47: YY_RULE_SETUP #line 261 "util/configlexer.lex" -{ YDVAR(1, VAR_INTERFACE) } +{ YDVAR(1, VAR_HTTP_MAX_STREAMS) } YY_BREAK case 48: YY_RULE_SETUP #line 262 "util/configlexer.lex" -{ YDVAR(1, VAR_INTERFACE) } +{ YDVAR(1, VAR_HTTP_QUERY_BUFFER_SIZE) } YY_BREAK case 49: YY_RULE_SETUP #line 263 "util/configlexer.lex" -{ YDVAR(1, VAR_OUTGOING_INTERFACE) } +{ YDVAR(1, VAR_HTTP_RESPONSE_BUFFER_SIZE) } YY_BREAK case 50: YY_RULE_SETUP #line 264 "util/configlexer.lex" -{ YDVAR(1, VAR_INTERFACE_AUTOMATIC) } +{ YDVAR(1, VAR_HTTP_NODELAY) } YY_BREAK case 51: YY_RULE_SETUP #line 265 "util/configlexer.lex" -{ YDVAR(1, VAR_SO_RCVBUF) } +{ YDVAR(1, VAR_USE_SYSTEMD) } YY_BREAK case 52: YY_RULE_SETUP #line 266 "util/configlexer.lex" -{ YDVAR(1, VAR_SO_SNDBUF) } +{ YDVAR(1, VAR_DO_DAEMONIZE) } YY_BREAK case 53: YY_RULE_SETUP #line 267 "util/configlexer.lex" -{ YDVAR(1, VAR_SO_REUSEPORT) } +{ YDVAR(1, VAR_INTERFACE) } YY_BREAK case 54: YY_RULE_SETUP #line 268 "util/configlexer.lex" -{ YDVAR(1, VAR_IP_TRANSPARENT) } +{ YDVAR(1, VAR_INTERFACE) } YY_BREAK case 55: YY_RULE_SETUP #line 269 "util/configlexer.lex" -{ YDVAR(1, VAR_IP_FREEBIND) } +{ YDVAR(1, VAR_OUTGOING_INTERFACE) } YY_BREAK case 56: YY_RULE_SETUP #line 270 "util/configlexer.lex" -{ YDVAR(1, VAR_IP_DSCP) } +{ YDVAR(1, VAR_INTERFACE_AUTOMATIC) } YY_BREAK case 57: YY_RULE_SETUP #line 271 "util/configlexer.lex" -{ YDVAR(1, VAR_CHROOT) } +{ YDVAR(1, VAR_SO_RCVBUF) } YY_BREAK case 58: YY_RULE_SETUP #line 272 "util/configlexer.lex" -{ YDVAR(1, VAR_USERNAME) } +{ YDVAR(1, VAR_SO_SNDBUF) } YY_BREAK case 59: YY_RULE_SETUP #line 273 "util/configlexer.lex" -{ YDVAR(1, VAR_DIRECTORY) } +{ YDVAR(1, VAR_SO_REUSEPORT) } YY_BREAK case 60: YY_RULE_SETUP #line 274 "util/configlexer.lex" -{ YDVAR(1, VAR_LOGFILE) } +{ YDVAR(1, VAR_IP_TRANSPARENT) } YY_BREAK case 61: YY_RULE_SETUP #line 275 "util/configlexer.lex" -{ YDVAR(1, VAR_PIDFILE) } +{ YDVAR(1, VAR_IP_FREEBIND) } YY_BREAK case 62: YY_RULE_SETUP #line 276 "util/configlexer.lex" -{ YDVAR(1, VAR_ROOT_HINTS) } +{ YDVAR(1, VAR_IP_DSCP) } YY_BREAK case 63: YY_RULE_SETUP #line 277 "util/configlexer.lex" -{ YDVAR(1, VAR_STREAM_WAIT_SIZE) } +{ YDVAR(1, VAR_CHROOT) } YY_BREAK case 64: YY_RULE_SETUP #line 278 "util/configlexer.lex" -{ YDVAR(1, VAR_EDNS_BUFFER_SIZE) } +{ YDVAR(1, VAR_USERNAME) } YY_BREAK case 65: YY_RULE_SETUP #line 279 "util/configlexer.lex" -{ YDVAR(1, VAR_MSG_BUFFER_SIZE) } +{ YDVAR(1, VAR_DIRECTORY) } YY_BREAK case 66: YY_RULE_SETUP #line 280 "util/configlexer.lex" -{ YDVAR(1, VAR_MSG_CACHE_SIZE) } +{ YDVAR(1, VAR_LOGFILE) } YY_BREAK case 67: YY_RULE_SETUP #line 281 "util/configlexer.lex" -{ YDVAR(1, VAR_MSG_CACHE_SLABS) } +{ YDVAR(1, VAR_PIDFILE) } YY_BREAK case 68: YY_RULE_SETUP #line 282 "util/configlexer.lex" -{ YDVAR(1, VAR_RRSET_CACHE_SIZE) } +{ YDVAR(1, VAR_ROOT_HINTS) } YY_BREAK case 69: YY_RULE_SETUP #line 283 "util/configlexer.lex" -{ YDVAR(1, VAR_RRSET_CACHE_SLABS) } +{ YDVAR(1, VAR_STREAM_WAIT_SIZE) } YY_BREAK case 70: YY_RULE_SETUP #line 284 "util/configlexer.lex" -{ YDVAR(1, VAR_CACHE_MAX_TTL) } +{ YDVAR(1, VAR_EDNS_BUFFER_SIZE) } YY_BREAK case 71: YY_RULE_SETUP #line 285 "util/configlexer.lex" -{ YDVAR(1, VAR_CACHE_MAX_NEGATIVE_TTL) } +{ YDVAR(1, VAR_MSG_BUFFER_SIZE) } YY_BREAK case 72: YY_RULE_SETUP #line 286 "util/configlexer.lex" -{ YDVAR(1, VAR_CACHE_MIN_TTL) } +{ YDVAR(1, VAR_MSG_CACHE_SIZE) } YY_BREAK case 73: YY_RULE_SETUP #line 287 "util/configlexer.lex" -{ YDVAR(1, VAR_INFRA_HOST_TTL) } +{ YDVAR(1, VAR_MSG_CACHE_SLABS) } YY_BREAK case 74: YY_RULE_SETUP #line 288 "util/configlexer.lex" -{ YDVAR(1, VAR_INFRA_LAME_TTL) } +{ YDVAR(1, VAR_RRSET_CACHE_SIZE) } YY_BREAK case 75: YY_RULE_SETUP #line 289 "util/configlexer.lex" -{ YDVAR(1, VAR_INFRA_CACHE_SLABS) } +{ YDVAR(1, VAR_RRSET_CACHE_SLABS) } YY_BREAK case 76: YY_RULE_SETUP #line 290 "util/configlexer.lex" -{ YDVAR(1, VAR_INFRA_CACHE_NUMHOSTS) } +{ YDVAR(1, VAR_CACHE_MAX_TTL) } YY_BREAK case 77: YY_RULE_SETUP #line 291 "util/configlexer.lex" -{ YDVAR(1, VAR_INFRA_CACHE_LAME_SIZE) } +{ YDVAR(1, VAR_CACHE_MAX_NEGATIVE_TTL) } YY_BREAK case 78: YY_RULE_SETUP #line 292 "util/configlexer.lex" -{ YDVAR(1, VAR_INFRA_CACHE_MIN_RTT) } +{ YDVAR(1, VAR_CACHE_MIN_TTL) } YY_BREAK case 79: YY_RULE_SETUP #line 293 "util/configlexer.lex" -{ YDVAR(1, VAR_NUM_QUERIES_PER_THREAD) } +{ YDVAR(1, VAR_INFRA_HOST_TTL) } YY_BREAK case 80: YY_RULE_SETUP #line 294 "util/configlexer.lex" -{ YDVAR(1, VAR_JOSTLE_TIMEOUT) } +{ YDVAR(1, VAR_INFRA_LAME_TTL) } YY_BREAK case 81: YY_RULE_SETUP #line 295 "util/configlexer.lex" -{ YDVAR(1, VAR_DELAY_CLOSE) } +{ YDVAR(1, VAR_INFRA_CACHE_SLABS) } YY_BREAK case 82: YY_RULE_SETUP #line 296 "util/configlexer.lex" -{ YDVAR(1, VAR_TARGET_FETCH_POLICY) } +{ YDVAR(1, VAR_INFRA_CACHE_NUMHOSTS) } YY_BREAK case 83: YY_RULE_SETUP #line 297 "util/configlexer.lex" -{ YDVAR(1, VAR_HARDEN_SHORT_BUFSIZE) } +{ YDVAR(1, VAR_INFRA_CACHE_LAME_SIZE) } YY_BREAK case 84: YY_RULE_SETUP #line 298 "util/configlexer.lex" -{ YDVAR(1, VAR_HARDEN_LARGE_QUERIES) } +{ YDVAR(1, VAR_INFRA_CACHE_MIN_RTT) } YY_BREAK case 85: YY_RULE_SETUP #line 299 "util/configlexer.lex" -{ YDVAR(1, VAR_HARDEN_GLUE) } +{ YDVAR(1, VAR_NUM_QUERIES_PER_THREAD) } YY_BREAK case 86: YY_RULE_SETUP #line 300 "util/configlexer.lex" -{ YDVAR(1, VAR_HARDEN_DNSSEC_STRIPPED) } +{ YDVAR(1, VAR_JOSTLE_TIMEOUT) } YY_BREAK case 87: YY_RULE_SETUP #line 301 "util/configlexer.lex" -{ YDVAR(1, VAR_HARDEN_BELOW_NXDOMAIN) } +{ YDVAR(1, VAR_DELAY_CLOSE) } YY_BREAK case 88: YY_RULE_SETUP #line 302 "util/configlexer.lex" -{ YDVAR(1, VAR_HARDEN_REFERRAL_PATH) } +{ YDVAR(1, VAR_TARGET_FETCH_POLICY) } YY_BREAK case 89: YY_RULE_SETUP #line 303 "util/configlexer.lex" -{ YDVAR(1, VAR_HARDEN_ALGO_DOWNGRADE) } +{ YDVAR(1, VAR_HARDEN_SHORT_BUFSIZE) } YY_BREAK case 90: YY_RULE_SETUP #line 304 "util/configlexer.lex" -{ YDVAR(1, VAR_USE_CAPS_FOR_ID) } +{ YDVAR(1, VAR_HARDEN_LARGE_QUERIES) } YY_BREAK case 91: YY_RULE_SETUP #line 305 "util/configlexer.lex" -{ YDVAR(1, VAR_CAPS_WHITELIST) } +{ YDVAR(1, VAR_HARDEN_GLUE) } YY_BREAK case 92: YY_RULE_SETUP #line 306 "util/configlexer.lex" -{ YDVAR(1, VAR_UNWANTED_REPLY_THRESHOLD) } +{ YDVAR(1, VAR_HARDEN_DNSSEC_STRIPPED) } YY_BREAK case 93: YY_RULE_SETUP #line 307 "util/configlexer.lex" -{ YDVAR(1, VAR_PRIVATE_ADDRESS) } +{ YDVAR(1, VAR_HARDEN_BELOW_NXDOMAIN) } YY_BREAK case 94: YY_RULE_SETUP #line 308 "util/configlexer.lex" -{ YDVAR(1, VAR_PRIVATE_DOMAIN) } +{ YDVAR(1, VAR_HARDEN_REFERRAL_PATH) } YY_BREAK case 95: YY_RULE_SETUP #line 309 "util/configlexer.lex" -{ YDVAR(1, VAR_PREFETCH_KEY) } +{ YDVAR(1, VAR_HARDEN_ALGO_DOWNGRADE) } YY_BREAK case 96: YY_RULE_SETUP #line 310 "util/configlexer.lex" -{ YDVAR(1, VAR_PREFETCH) } +{ YDVAR(1, VAR_USE_CAPS_FOR_ID) } YY_BREAK case 97: YY_RULE_SETUP #line 311 "util/configlexer.lex" -{ YDVAR(1, VAR_DENY_ANY) } +{ YDVAR(1, VAR_CAPS_WHITELIST) } YY_BREAK case 98: YY_RULE_SETUP #line 312 "util/configlexer.lex" -{ YDVAR(0, VAR_STUB_ZONE) } +{ YDVAR(1, VAR_CAPS_WHITELIST) } YY_BREAK case 99: YY_RULE_SETUP #line 313 "util/configlexer.lex" -{ YDVAR(1, VAR_NAME) } +{ YDVAR(1, VAR_UNWANTED_REPLY_THRESHOLD) } YY_BREAK case 100: YY_RULE_SETUP #line 314 "util/configlexer.lex" -{ YDVAR(1, VAR_STUB_ADDR) } +{ YDVAR(1, VAR_PRIVATE_ADDRESS) } YY_BREAK case 101: YY_RULE_SETUP #line 315 "util/configlexer.lex" -{ YDVAR(1, VAR_STUB_HOST) } +{ YDVAR(1, VAR_PRIVATE_DOMAIN) } YY_BREAK case 102: YY_RULE_SETUP #line 316 "util/configlexer.lex" -{ YDVAR(1, VAR_STUB_PRIME) } +{ YDVAR(1, VAR_PREFETCH_KEY) } YY_BREAK case 103: YY_RULE_SETUP #line 317 "util/configlexer.lex" -{ YDVAR(1, VAR_STUB_FIRST) } +{ YDVAR(1, VAR_PREFETCH) } YY_BREAK case 104: YY_RULE_SETUP #line 318 "util/configlexer.lex" -{ YDVAR(1, VAR_STUB_NO_CACHE) } +{ YDVAR(1, VAR_DENY_ANY) } YY_BREAK case 105: YY_RULE_SETUP #line 319 "util/configlexer.lex" -{ YDVAR(1, VAR_STUB_SSL_UPSTREAM) } +{ YDVAR(0, VAR_STUB_ZONE) } YY_BREAK case 106: YY_RULE_SETUP #line 320 "util/configlexer.lex" -{ YDVAR(1, VAR_STUB_SSL_UPSTREAM) } +{ YDVAR(1, VAR_NAME) } YY_BREAK case 107: YY_RULE_SETUP #line 321 "util/configlexer.lex" -{ YDVAR(0, VAR_FORWARD_ZONE) } +{ YDVAR(1, VAR_STUB_ADDR) } YY_BREAK case 108: YY_RULE_SETUP #line 322 "util/configlexer.lex" -{ YDVAR(1, VAR_FORWARD_ADDR) } +{ YDVAR(1, VAR_STUB_HOST) } YY_BREAK case 109: YY_RULE_SETUP #line 323 "util/configlexer.lex" -{ YDVAR(1, VAR_FORWARD_HOST) } +{ YDVAR(1, VAR_STUB_PRIME) } YY_BREAK case 110: YY_RULE_SETUP #line 324 "util/configlexer.lex" -{ YDVAR(1, VAR_FORWARD_FIRST) } +{ YDVAR(1, VAR_STUB_FIRST) } YY_BREAK case 111: YY_RULE_SETUP #line 325 "util/configlexer.lex" -{ YDVAR(1, VAR_FORWARD_NO_CACHE) } +{ YDVAR(1, VAR_STUB_NO_CACHE) } YY_BREAK case 112: YY_RULE_SETUP #line 326 "util/configlexer.lex" -{ YDVAR(1, VAR_FORWARD_SSL_UPSTREAM) } +{ YDVAR(1, VAR_STUB_SSL_UPSTREAM) } YY_BREAK case 113: YY_RULE_SETUP #line 327 "util/configlexer.lex" -{ YDVAR(1, VAR_FORWARD_SSL_UPSTREAM) } +{ YDVAR(1, VAR_STUB_SSL_UPSTREAM) } YY_BREAK case 114: YY_RULE_SETUP #line 328 "util/configlexer.lex" -{ YDVAR(0, VAR_AUTH_ZONE) } +{ YDVAR(0, VAR_FORWARD_ZONE) } YY_BREAK case 115: YY_RULE_SETUP #line 329 "util/configlexer.lex" -{ YDVAR(0, VAR_RPZ) } +{ YDVAR(1, VAR_FORWARD_ADDR) } YY_BREAK case 116: YY_RULE_SETUP #line 330 "util/configlexer.lex" -{ YDVAR(1, VAR_TAGS) } +{ YDVAR(1, VAR_FORWARD_HOST) } YY_BREAK case 117: YY_RULE_SETUP #line 331 "util/configlexer.lex" -{ YDVAR(1, VAR_RPZ_ACTION_OVERRIDE) } +{ YDVAR(1, VAR_FORWARD_FIRST) } YY_BREAK case 118: YY_RULE_SETUP #line 332 "util/configlexer.lex" -{ YDVAR(1, VAR_RPZ_CNAME_OVERRIDE) } +{ YDVAR(1, VAR_FORWARD_NO_CACHE) } YY_BREAK case 119: YY_RULE_SETUP #line 333 "util/configlexer.lex" -{ YDVAR(1, VAR_RPZ_LOG) } +{ YDVAR(1, VAR_FORWARD_SSL_UPSTREAM) } YY_BREAK case 120: YY_RULE_SETUP #line 334 "util/configlexer.lex" -{ YDVAR(1, VAR_RPZ_LOG_NAME) } +{ YDVAR(1, VAR_FORWARD_SSL_UPSTREAM) } YY_BREAK case 121: YY_RULE_SETUP #line 335 "util/configlexer.lex" -{ YDVAR(1, VAR_ZONEFILE) } +{ YDVAR(0, VAR_AUTH_ZONE) } YY_BREAK case 122: YY_RULE_SETUP #line 336 "util/configlexer.lex" -{ YDVAR(1, VAR_MASTER) } +{ YDVAR(0, VAR_RPZ) } YY_BREAK case 123: YY_RULE_SETUP #line 337 "util/configlexer.lex" -{ YDVAR(1, VAR_URL) } +{ YDVAR(1, VAR_TAGS) } YY_BREAK case 124: YY_RULE_SETUP #line 338 "util/configlexer.lex" -{ YDVAR(1, VAR_ALLOW_NOTIFY) } +{ YDVAR(1, VAR_RPZ_ACTION_OVERRIDE) } YY_BREAK case 125: YY_RULE_SETUP #line 339 "util/configlexer.lex" -{ YDVAR(1, VAR_FOR_DOWNSTREAM) } +{ YDVAR(1, VAR_RPZ_CNAME_OVERRIDE) } YY_BREAK case 126: YY_RULE_SETUP #line 340 "util/configlexer.lex" -{ YDVAR(1, VAR_FOR_UPSTREAM) } +{ YDVAR(1, VAR_RPZ_LOG) } YY_BREAK case 127: YY_RULE_SETUP #line 341 "util/configlexer.lex" -{ YDVAR(1, VAR_FALLBACK_ENABLED) } +{ YDVAR(1, VAR_RPZ_LOG_NAME) } YY_BREAK case 128: YY_RULE_SETUP #line 342 "util/configlexer.lex" -{ YDVAR(0, VAR_VIEW) } +{ YDVAR(1, VAR_ZONEFILE) } YY_BREAK case 129: YY_RULE_SETUP #line 343 "util/configlexer.lex" -{ YDVAR(1, VAR_VIEW_FIRST) } +{ YDVAR(1, VAR_MASTER) } YY_BREAK case 130: YY_RULE_SETUP #line 344 "util/configlexer.lex" -{ YDVAR(1, VAR_DO_NOT_QUERY_ADDRESS) } +{ YDVAR(1, VAR_MASTER) } YY_BREAK case 131: YY_RULE_SETUP #line 345 "util/configlexer.lex" -{ YDVAR(1, VAR_DO_NOT_QUERY_LOCALHOST) } +{ YDVAR(1, VAR_URL) } YY_BREAK case 132: YY_RULE_SETUP #line 346 "util/configlexer.lex" -{ YDVAR(2, VAR_ACCESS_CONTROL) } +{ YDVAR(1, VAR_ALLOW_NOTIFY) } YY_BREAK case 133: YY_RULE_SETUP #line 347 "util/configlexer.lex" -{ YDVAR(1, VAR_SEND_CLIENT_SUBNET) } +{ YDVAR(1, VAR_FOR_DOWNSTREAM) } YY_BREAK case 134: YY_RULE_SETUP #line 348 "util/configlexer.lex" -{ YDVAR(1, VAR_CLIENT_SUBNET_ZONE) } +{ YDVAR(1, VAR_FOR_UPSTREAM) } YY_BREAK case 135: YY_RULE_SETUP #line 349 "util/configlexer.lex" -{ YDVAR(1, VAR_CLIENT_SUBNET_ALWAYS_FORWARD) } +{ YDVAR(1, VAR_FALLBACK_ENABLED) } YY_BREAK case 136: YY_RULE_SETUP #line 350 "util/configlexer.lex" -{ YDVAR(1, VAR_CLIENT_SUBNET_OPCODE) } +{ YDVAR(0, VAR_VIEW) } YY_BREAK case 137: YY_RULE_SETUP #line 351 "util/configlexer.lex" -{ YDVAR(1, VAR_MAX_CLIENT_SUBNET_IPV4) } +{ YDVAR(1, VAR_VIEW_FIRST) } YY_BREAK case 138: YY_RULE_SETUP #line 352 "util/configlexer.lex" -{ YDVAR(1, VAR_MAX_CLIENT_SUBNET_IPV6) } +{ YDVAR(1, VAR_DO_NOT_QUERY_ADDRESS) } YY_BREAK case 139: YY_RULE_SETUP #line 353 "util/configlexer.lex" -{ YDVAR(1, VAR_MIN_CLIENT_SUBNET_IPV4) } +{ YDVAR(1, VAR_DO_NOT_QUERY_LOCALHOST) } YY_BREAK case 140: YY_RULE_SETUP #line 354 "util/configlexer.lex" -{ YDVAR(1, VAR_MIN_CLIENT_SUBNET_IPV6) } +{ YDVAR(2, VAR_ACCESS_CONTROL) } YY_BREAK case 141: YY_RULE_SETUP #line 355 "util/configlexer.lex" -{ YDVAR(1, VAR_MAX_ECS_TREE_SIZE_IPV4) } +{ YDVAR(1, VAR_SEND_CLIENT_SUBNET) } YY_BREAK case 142: YY_RULE_SETUP #line 356 "util/configlexer.lex" -{ YDVAR(1, VAR_MAX_ECS_TREE_SIZE_IPV6) } +{ YDVAR(1, VAR_CLIENT_SUBNET_ZONE) } YY_BREAK case 143: YY_RULE_SETUP #line 357 "util/configlexer.lex" -{ YDVAR(1, VAR_HIDE_IDENTITY) } +{ YDVAR(1, VAR_CLIENT_SUBNET_ALWAYS_FORWARD) } YY_BREAK case 144: YY_RULE_SETUP #line 358 "util/configlexer.lex" -{ YDVAR(1, VAR_HIDE_VERSION) } +{ YDVAR(1, VAR_CLIENT_SUBNET_OPCODE) } YY_BREAK case 145: YY_RULE_SETUP #line 359 "util/configlexer.lex" -{ YDVAR(1, VAR_HIDE_TRUSTANCHOR) } +{ YDVAR(1, VAR_MAX_CLIENT_SUBNET_IPV4) } YY_BREAK case 146: YY_RULE_SETUP #line 360 "util/configlexer.lex" -{ YDVAR(1, VAR_IDENTITY) } +{ YDVAR(1, VAR_MAX_CLIENT_SUBNET_IPV6) } YY_BREAK case 147: YY_RULE_SETUP #line 361 "util/configlexer.lex" -{ YDVAR(1, VAR_VERSION) } +{ YDVAR(1, VAR_MIN_CLIENT_SUBNET_IPV4) } YY_BREAK case 148: YY_RULE_SETUP #line 362 "util/configlexer.lex" -{ YDVAR(1, VAR_MODULE_CONF) } +{ YDVAR(1, VAR_MIN_CLIENT_SUBNET_IPV6) } YY_BREAK case 149: YY_RULE_SETUP #line 363 "util/configlexer.lex" -{ YDVAR(1, VAR_DLV_ANCHOR) } +{ YDVAR(1, VAR_MAX_ECS_TREE_SIZE_IPV4) } YY_BREAK case 150: YY_RULE_SETUP #line 364 "util/configlexer.lex" -{ YDVAR(1, VAR_DLV_ANCHOR_FILE) } +{ YDVAR(1, VAR_MAX_ECS_TREE_SIZE_IPV6) } YY_BREAK case 151: YY_RULE_SETUP #line 365 "util/configlexer.lex" -{ YDVAR(1, VAR_TRUST_ANCHOR_FILE) } +{ YDVAR(1, VAR_HIDE_IDENTITY) } YY_BREAK case 152: YY_RULE_SETUP #line 366 "util/configlexer.lex" -{ YDVAR(1, VAR_AUTO_TRUST_ANCHOR_FILE) } +{ YDVAR(1, VAR_HIDE_VERSION) } YY_BREAK case 153: YY_RULE_SETUP #line 367 "util/configlexer.lex" -{ YDVAR(1, VAR_TRUSTED_KEYS_FILE) } +{ YDVAR(1, VAR_HIDE_TRUSTANCHOR) } YY_BREAK case 154: YY_RULE_SETUP #line 368 "util/configlexer.lex" -{ YDVAR(1, VAR_TRUST_ANCHOR) } +{ YDVAR(1, VAR_IDENTITY) } YY_BREAK case 155: YY_RULE_SETUP #line 369 "util/configlexer.lex" -{ YDVAR(1, VAR_TRUST_ANCHOR_SIGNALING) } +{ YDVAR(1, VAR_VERSION) } YY_BREAK case 156: YY_RULE_SETUP #line 370 "util/configlexer.lex" -{ YDVAR(1, VAR_ROOT_KEY_SENTINEL) } +{ YDVAR(1, VAR_MODULE_CONF) } YY_BREAK case 157: YY_RULE_SETUP #line 371 "util/configlexer.lex" -{ YDVAR(1, VAR_VAL_OVERRIDE_DATE) } +{ YDVAR(1, VAR_DLV_ANCHOR) } YY_BREAK case 158: YY_RULE_SETUP #line 372 "util/configlexer.lex" -{ YDVAR(1, VAR_VAL_SIG_SKEW_MIN) } +{ YDVAR(1, VAR_DLV_ANCHOR_FILE) } YY_BREAK case 159: YY_RULE_SETUP #line 373 "util/configlexer.lex" -{ YDVAR(1, VAR_VAL_SIG_SKEW_MAX) } +{ YDVAR(1, VAR_TRUST_ANCHOR_FILE) } YY_BREAK case 160: YY_RULE_SETUP #line 374 "util/configlexer.lex" -{ YDVAR(1, VAR_BOGUS_TTL) } +{ YDVAR(1, VAR_AUTO_TRUST_ANCHOR_FILE) } YY_BREAK case 161: YY_RULE_SETUP #line 375 "util/configlexer.lex" -{ YDVAR(1, VAR_VAL_CLEAN_ADDITIONAL) } +{ YDVAR(1, VAR_TRUSTED_KEYS_FILE) } YY_BREAK case 162: YY_RULE_SETUP #line 376 "util/configlexer.lex" -{ YDVAR(1, VAR_VAL_PERMISSIVE_MODE) } +{ YDVAR(1, VAR_TRUST_ANCHOR) } YY_BREAK case 163: YY_RULE_SETUP #line 377 "util/configlexer.lex" -{ YDVAR(1, VAR_AGGRESSIVE_NSEC) } +{ YDVAR(1, VAR_TRUST_ANCHOR_SIGNALING) } YY_BREAK case 164: YY_RULE_SETUP #line 378 "util/configlexer.lex" -{ YDVAR(1, VAR_IGNORE_CD_FLAG) } +{ YDVAR(1, VAR_ROOT_KEY_SENTINEL) } YY_BREAK case 165: YY_RULE_SETUP #line 379 "util/configlexer.lex" -{ YDVAR(1, VAR_SERVE_EXPIRED) } +{ YDVAR(1, VAR_VAL_OVERRIDE_DATE) } YY_BREAK case 166: YY_RULE_SETUP #line 380 "util/configlexer.lex" -{ YDVAR(1, VAR_SERVE_EXPIRED_TTL) } +{ YDVAR(1, VAR_VAL_SIG_SKEW_MIN) } YY_BREAK case 167: YY_RULE_SETUP #line 381 "util/configlexer.lex" -{ YDVAR(1, VAR_SERVE_EXPIRED_TTL_RESET) } +{ YDVAR(1, VAR_VAL_SIG_SKEW_MAX) } YY_BREAK case 168: YY_RULE_SETUP #line 382 "util/configlexer.lex" -{ YDVAR(1, VAR_SERVE_EXPIRED_REPLY_TTL) } +{ YDVAR(1, VAR_BOGUS_TTL) } YY_BREAK case 169: YY_RULE_SETUP #line 383 "util/configlexer.lex" -{ YDVAR(1, VAR_SERVE_EXPIRED_CLIENT_TIMEOUT) } +{ YDVAR(1, VAR_VAL_CLEAN_ADDITIONAL) } YY_BREAK case 170: YY_RULE_SETUP #line 384 "util/configlexer.lex" -{ YDVAR(1, VAR_FAKE_DSA) } +{ YDVAR(1, VAR_VAL_PERMISSIVE_MODE) } YY_BREAK case 171: YY_RULE_SETUP #line 385 "util/configlexer.lex" -{ YDVAR(1, VAR_FAKE_SHA1) } +{ YDVAR(1, VAR_AGGRESSIVE_NSEC) } YY_BREAK case 172: YY_RULE_SETUP #line 386 "util/configlexer.lex" -{ YDVAR(1, VAR_VAL_LOG_LEVEL) } +{ YDVAR(1, VAR_IGNORE_CD_FLAG) } YY_BREAK case 173: YY_RULE_SETUP #line 387 "util/configlexer.lex" -{ YDVAR(1, VAR_KEY_CACHE_SIZE) } +{ YDVAR(1, VAR_SERVE_EXPIRED) } YY_BREAK case 174: YY_RULE_SETUP #line 388 "util/configlexer.lex" -{ YDVAR(1, VAR_KEY_CACHE_SLABS) } +{ YDVAR(1, VAR_SERVE_EXPIRED_TTL) } YY_BREAK case 175: YY_RULE_SETUP #line 389 "util/configlexer.lex" -{ YDVAR(1, VAR_NEG_CACHE_SIZE) } +{ YDVAR(1, VAR_SERVE_EXPIRED_TTL_RESET) } YY_BREAK case 176: YY_RULE_SETUP #line 390 "util/configlexer.lex" -{ - YDVAR(1, VAR_VAL_NSEC3_KEYSIZE_ITERATIONS) } +{ YDVAR(1, VAR_SERVE_EXPIRED_REPLY_TTL) } YY_BREAK case 177: YY_RULE_SETUP -#line 392 "util/configlexer.lex" -{ YDVAR(1, VAR_ADD_HOLDDOWN) } +#line 391 "util/configlexer.lex" +{ YDVAR(1, VAR_SERVE_EXPIRED_CLIENT_TIMEOUT) } YY_BREAK case 178: YY_RULE_SETUP -#line 393 "util/configlexer.lex" -{ YDVAR(1, VAR_DEL_HOLDDOWN) } +#line 392 "util/configlexer.lex" +{ YDVAR(1, VAR_FAKE_DSA) } YY_BREAK case 179: YY_RULE_SETUP -#line 394 "util/configlexer.lex" -{ YDVAR(1, VAR_KEEP_MISSING) } +#line 393 "util/configlexer.lex" +{ YDVAR(1, VAR_FAKE_SHA1) } YY_BREAK case 180: YY_RULE_SETUP -#line 395 "util/configlexer.lex" -{ YDVAR(1, VAR_PERMIT_SMALL_HOLDDOWN) } +#line 394 "util/configlexer.lex" +{ YDVAR(1, VAR_VAL_LOG_LEVEL) } YY_BREAK case 181: YY_RULE_SETUP -#line 396 "util/configlexer.lex" -{ YDVAR(1, VAR_USE_SYSLOG) } +#line 395 "util/configlexer.lex" +{ YDVAR(1, VAR_KEY_CACHE_SIZE) } YY_BREAK case 182: YY_RULE_SETUP -#line 397 "util/configlexer.lex" -{ YDVAR(1, VAR_LOG_IDENTITY) } +#line 396 "util/configlexer.lex" +{ YDVAR(1, VAR_KEY_CACHE_SLABS) } YY_BREAK case 183: YY_RULE_SETUP -#line 398 "util/configlexer.lex" -{ YDVAR(1, VAR_LOG_TIME_ASCII) } +#line 397 "util/configlexer.lex" +{ YDVAR(1, VAR_NEG_CACHE_SIZE) } YY_BREAK case 184: YY_RULE_SETUP -#line 399 "util/configlexer.lex" -{ YDVAR(1, VAR_LOG_QUERIES) } +#line 398 "util/configlexer.lex" +{ + YDVAR(1, VAR_VAL_NSEC3_KEYSIZE_ITERATIONS) } YY_BREAK case 185: YY_RULE_SETUP #line 400 "util/configlexer.lex" -{ YDVAR(1, VAR_LOG_REPLIES) } +{ YDVAR(1, VAR_ADD_HOLDDOWN) } YY_BREAK case 186: YY_RULE_SETUP #line 401 "util/configlexer.lex" -{ YDVAR(1, VAR_LOG_TAG_QUERYREPLY) } +{ YDVAR(1, VAR_DEL_HOLDDOWN) } YY_BREAK case 187: YY_RULE_SETUP #line 402 "util/configlexer.lex" -{ YDVAR(1, VAR_LOG_LOCAL_ACTIONS) } +{ YDVAR(1, VAR_KEEP_MISSING) } YY_BREAK case 188: YY_RULE_SETUP #line 403 "util/configlexer.lex" -{ YDVAR(1, VAR_LOG_SERVFAIL) } +{ YDVAR(1, VAR_PERMIT_SMALL_HOLDDOWN) } YY_BREAK case 189: YY_RULE_SETUP #line 404 "util/configlexer.lex" -{ YDVAR(2, VAR_LOCAL_ZONE) } +{ YDVAR(1, VAR_USE_SYSLOG) } YY_BREAK case 190: YY_RULE_SETUP #line 405 "util/configlexer.lex" -{ YDVAR(1, VAR_LOCAL_DATA) } +{ YDVAR(1, VAR_LOG_IDENTITY) } YY_BREAK case 191: YY_RULE_SETUP #line 406 "util/configlexer.lex" -{ YDVAR(1, VAR_LOCAL_DATA_PTR) } +{ YDVAR(1, VAR_LOG_TIME_ASCII) } YY_BREAK case 192: YY_RULE_SETUP #line 407 "util/configlexer.lex" -{ YDVAR(1, VAR_UNBLOCK_LAN_ZONES) } +{ YDVAR(1, VAR_LOG_QUERIES) } YY_BREAK case 193: YY_RULE_SETUP #line 408 "util/configlexer.lex" -{ YDVAR(1, VAR_INSECURE_LAN_ZONES) } +{ YDVAR(1, VAR_LOG_REPLIES) } YY_BREAK case 194: YY_RULE_SETUP #line 409 "util/configlexer.lex" -{ YDVAR(1, VAR_STATISTICS_INTERVAL) } +{ YDVAR(1, VAR_LOG_TAG_QUERYREPLY) } YY_BREAK case 195: YY_RULE_SETUP #line 410 "util/configlexer.lex" -{ YDVAR(1, VAR_STATISTICS_CUMULATIVE) } +{ YDVAR(1, VAR_LOG_LOCAL_ACTIONS) } YY_BREAK case 196: YY_RULE_SETUP #line 411 "util/configlexer.lex" -{ YDVAR(1, VAR_EXTENDED_STATISTICS) } +{ YDVAR(1, VAR_LOG_SERVFAIL) } YY_BREAK case 197: YY_RULE_SETUP #line 412 "util/configlexer.lex" -{ YDVAR(1, VAR_SHM_ENABLE) } +{ YDVAR(2, VAR_LOCAL_ZONE) } YY_BREAK case 198: YY_RULE_SETUP #line 413 "util/configlexer.lex" -{ YDVAR(1, VAR_SHM_KEY) } +{ YDVAR(1, VAR_LOCAL_DATA) } YY_BREAK case 199: YY_RULE_SETUP #line 414 "util/configlexer.lex" -{ YDVAR(0, VAR_REMOTE_CONTROL) } +{ YDVAR(1, VAR_LOCAL_DATA_PTR) } YY_BREAK case 200: YY_RULE_SETUP #line 415 "util/configlexer.lex" -{ YDVAR(1, VAR_CONTROL_ENABLE) } +{ YDVAR(1, VAR_UNBLOCK_LAN_ZONES) } YY_BREAK case 201: YY_RULE_SETUP #line 416 "util/configlexer.lex" -{ YDVAR(1, VAR_CONTROL_INTERFACE) } +{ YDVAR(1, VAR_INSECURE_LAN_ZONES) } YY_BREAK case 202: YY_RULE_SETUP #line 417 "util/configlexer.lex" -{ YDVAR(1, VAR_CONTROL_PORT) } +{ YDVAR(1, VAR_STATISTICS_INTERVAL) } YY_BREAK case 203: YY_RULE_SETUP #line 418 "util/configlexer.lex" -{ YDVAR(1, VAR_CONTROL_USE_CERT) } +{ YDVAR(1, VAR_STATISTICS_CUMULATIVE) } YY_BREAK case 204: YY_RULE_SETUP #line 419 "util/configlexer.lex" -{ YDVAR(1, VAR_SERVER_KEY_FILE) } +{ YDVAR(1, VAR_EXTENDED_STATISTICS) } YY_BREAK case 205: YY_RULE_SETUP #line 420 "util/configlexer.lex" -{ YDVAR(1, VAR_SERVER_CERT_FILE) } +{ YDVAR(1, VAR_SHM_ENABLE) } YY_BREAK case 206: YY_RULE_SETUP #line 421 "util/configlexer.lex" -{ YDVAR(1, VAR_CONTROL_KEY_FILE) } +{ YDVAR(1, VAR_SHM_KEY) } YY_BREAK case 207: YY_RULE_SETUP #line 422 "util/configlexer.lex" -{ YDVAR(1, VAR_CONTROL_CERT_FILE) } +{ YDVAR(0, VAR_REMOTE_CONTROL) } YY_BREAK case 208: YY_RULE_SETUP #line 423 "util/configlexer.lex" -{ YDVAR(1, VAR_PYTHON_SCRIPT) } +{ YDVAR(1, VAR_CONTROL_ENABLE) } YY_BREAK case 209: YY_RULE_SETUP #line 424 "util/configlexer.lex" -{ YDVAR(0, VAR_PYTHON) } +{ YDVAR(1, VAR_CONTROL_INTERFACE) } YY_BREAK case 210: YY_RULE_SETUP #line 425 "util/configlexer.lex" -{ YDVAR(1, VAR_DYNLIB_FILE) } +{ YDVAR(1, VAR_CONTROL_PORT) } YY_BREAK case 211: YY_RULE_SETUP #line 426 "util/configlexer.lex" -{ YDVAR(0, VAR_DYNLIB) } +{ YDVAR(1, VAR_CONTROL_USE_CERT) } YY_BREAK case 212: YY_RULE_SETUP #line 427 "util/configlexer.lex" -{ YDVAR(1, VAR_DOMAIN_INSECURE) } +{ YDVAR(1, VAR_SERVER_KEY_FILE) } YY_BREAK case 213: YY_RULE_SETUP #line 428 "util/configlexer.lex" -{ YDVAR(1, VAR_MINIMAL_RESPONSES) } +{ YDVAR(1, VAR_SERVER_CERT_FILE) } YY_BREAK case 214: YY_RULE_SETUP #line 429 "util/configlexer.lex" -{ YDVAR(1, VAR_RRSET_ROUNDROBIN) } +{ YDVAR(1, VAR_CONTROL_KEY_FILE) } YY_BREAK case 215: YY_RULE_SETUP #line 430 "util/configlexer.lex" -{ YDVAR(1, VAR_UNKNOWN_SERVER_TIME_LIMIT) } +{ YDVAR(1, VAR_CONTROL_CERT_FILE) } YY_BREAK case 216: YY_RULE_SETUP #line 431 "util/configlexer.lex" -{ YDVAR(1, VAR_MAX_UDP_SIZE) } +{ YDVAR(1, VAR_PYTHON_SCRIPT) } YY_BREAK case 217: YY_RULE_SETUP #line 432 "util/configlexer.lex" -{ YDVAR(1, VAR_DNS64_PREFIX) } +{ YDVAR(0, VAR_PYTHON) } YY_BREAK case 218: YY_RULE_SETUP #line 433 "util/configlexer.lex" -{ YDVAR(1, VAR_DNS64_SYNTHALL) } +{ YDVAR(1, VAR_DYNLIB_FILE) } YY_BREAK case 219: YY_RULE_SETUP #line 434 "util/configlexer.lex" -{ YDVAR(1, VAR_DNS64_IGNORE_AAAA) } +{ YDVAR(0, VAR_DYNLIB) } YY_BREAK case 220: YY_RULE_SETUP #line 435 "util/configlexer.lex" -{ YDVAR(1, VAR_DEFINE_TAG) } +{ YDVAR(1, VAR_DOMAIN_INSECURE) } YY_BREAK case 221: YY_RULE_SETUP #line 436 "util/configlexer.lex" -{ YDVAR(2, VAR_LOCAL_ZONE_TAG) } +{ YDVAR(1, VAR_MINIMAL_RESPONSES) } YY_BREAK case 222: YY_RULE_SETUP #line 437 "util/configlexer.lex" -{ YDVAR(2, VAR_ACCESS_CONTROL_TAG) } +{ YDVAR(1, VAR_RRSET_ROUNDROBIN) } YY_BREAK case 223: YY_RULE_SETUP #line 438 "util/configlexer.lex" -{ YDVAR(3, VAR_ACCESS_CONTROL_TAG_ACTION) } +{ YDVAR(1, VAR_UNKNOWN_SERVER_TIME_LIMIT) } YY_BREAK case 224: YY_RULE_SETUP #line 439 "util/configlexer.lex" -{ YDVAR(3, VAR_ACCESS_CONTROL_TAG_DATA) } +{ YDVAR(1, VAR_MAX_UDP_SIZE) } YY_BREAK case 225: YY_RULE_SETUP #line 440 "util/configlexer.lex" -{ YDVAR(2, VAR_ACCESS_CONTROL_VIEW) } +{ YDVAR(1, VAR_DNS64_PREFIX) } YY_BREAK case 226: YY_RULE_SETUP #line 441 "util/configlexer.lex" -{ YDVAR(3, VAR_LOCAL_ZONE_OVERRIDE) } +{ YDVAR(1, VAR_DNS64_SYNTHALL) } YY_BREAK case 227: YY_RULE_SETUP #line 442 "util/configlexer.lex" -{ YDVAR(0, VAR_DNSTAP) } +{ YDVAR(1, VAR_DNS64_IGNORE_AAAA) } YY_BREAK case 228: YY_RULE_SETUP #line 443 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_ENABLE) } +{ YDVAR(1, VAR_DEFINE_TAG) } YY_BREAK case 229: YY_RULE_SETUP #line 444 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_BIDIRECTIONAL) } +{ YDVAR(2, VAR_LOCAL_ZONE_TAG) } YY_BREAK case 230: YY_RULE_SETUP #line 445 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_SOCKET_PATH) } +{ YDVAR(2, VAR_ACCESS_CONTROL_TAG) } YY_BREAK case 231: YY_RULE_SETUP #line 446 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_IP) } +{ YDVAR(3, VAR_ACCESS_CONTROL_TAG_ACTION) } YY_BREAK case 232: YY_RULE_SETUP #line 447 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_TLS) } +{ YDVAR(3, VAR_ACCESS_CONTROL_TAG_DATA) } YY_BREAK case 233: YY_RULE_SETUP #line 448 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_TLS_SERVER_NAME) } +{ YDVAR(2, VAR_ACCESS_CONTROL_VIEW) } YY_BREAK case 234: YY_RULE_SETUP #line 449 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_TLS_CERT_BUNDLE) } +{ YDVAR(3, VAR_LOCAL_ZONE_OVERRIDE) } YY_BREAK case 235: YY_RULE_SETUP #line 450 "util/configlexer.lex" -{ - YDVAR(1, VAR_DNSTAP_TLS_CLIENT_KEY_FILE) } +{ YDVAR(0, VAR_DNSTAP) } YY_BREAK case 236: YY_RULE_SETUP -#line 452 "util/configlexer.lex" -{ - YDVAR(1, VAR_DNSTAP_TLS_CLIENT_CERT_FILE) } +#line 451 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_ENABLE) } YY_BREAK case 237: YY_RULE_SETUP -#line 454 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_SEND_IDENTITY) } +#line 452 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_BIDIRECTIONAL) } YY_BREAK case 238: YY_RULE_SETUP -#line 455 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_SEND_VERSION) } +#line 453 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_SOCKET_PATH) } YY_BREAK case 239: YY_RULE_SETUP -#line 456 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_IDENTITY) } +#line 454 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_IP) } YY_BREAK case 240: YY_RULE_SETUP -#line 457 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_VERSION) } +#line 455 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_TLS) } YY_BREAK case 241: YY_RULE_SETUP -#line 458 "util/configlexer.lex" -{ - YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES) } +#line 456 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_TLS_SERVER_NAME) } YY_BREAK case 242: YY_RULE_SETUP -#line 460 "util/configlexer.lex" -{ - YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES) } +#line 457 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_TLS_CERT_BUNDLE) } YY_BREAK case 243: YY_RULE_SETUP -#line 462 "util/configlexer.lex" +#line 458 "util/configlexer.lex" { - YDVAR(1, VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES) } + YDVAR(1, VAR_DNSTAP_TLS_CLIENT_KEY_FILE) } YY_BREAK case 244: YY_RULE_SETUP -#line 464 "util/configlexer.lex" +#line 460 "util/configlexer.lex" { - YDVAR(1, VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES) } + YDVAR(1, VAR_DNSTAP_TLS_CLIENT_CERT_FILE) } YY_BREAK case 245: YY_RULE_SETUP -#line 466 "util/configlexer.lex" -{ - YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES) } +#line 462 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_SEND_IDENTITY) } YY_BREAK case 246: YY_RULE_SETUP -#line 468 "util/configlexer.lex" -{ - YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES) } +#line 463 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_SEND_VERSION) } YY_BREAK case 247: YY_RULE_SETUP -#line 470 "util/configlexer.lex" -{ YDVAR(1, VAR_DISABLE_DNSSEC_LAME_CHECK) } +#line 464 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_IDENTITY) } YY_BREAK case 248: YY_RULE_SETUP -#line 471 "util/configlexer.lex" -{ YDVAR(1, VAR_IP_RATELIMIT) } +#line 465 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_VERSION) } YY_BREAK case 249: YY_RULE_SETUP -#line 472 "util/configlexer.lex" -{ YDVAR(1, VAR_RATELIMIT) } +#line 466 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES) } YY_BREAK case 250: YY_RULE_SETUP -#line 473 "util/configlexer.lex" -{ YDVAR(1, VAR_IP_RATELIMIT_SLABS) } +#line 468 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES) } YY_BREAK case 251: YY_RULE_SETUP -#line 474 "util/configlexer.lex" -{ YDVAR(1, VAR_RATELIMIT_SLABS) } +#line 470 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES) } YY_BREAK case 252: YY_RULE_SETUP -#line 475 "util/configlexer.lex" -{ YDVAR(1, VAR_IP_RATELIMIT_SIZE) } +#line 472 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES) } YY_BREAK case 253: YY_RULE_SETUP -#line 476 "util/configlexer.lex" -{ YDVAR(1, VAR_RATELIMIT_SIZE) } +#line 474 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES) } YY_BREAK case 254: YY_RULE_SETUP -#line 477 "util/configlexer.lex" -{ YDVAR(2, VAR_RATELIMIT_FOR_DOMAIN) } +#line 476 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES) } YY_BREAK case 255: YY_RULE_SETUP #line 478 "util/configlexer.lex" -{ YDVAR(2, VAR_RATELIMIT_BELOW_DOMAIN) } +{ YDVAR(1, VAR_DISABLE_DNSSEC_LAME_CHECK) } YY_BREAK case 256: YY_RULE_SETUP #line 479 "util/configlexer.lex" -{ YDVAR(1, VAR_IP_RATELIMIT_FACTOR) } +{ YDVAR(1, VAR_IP_RATELIMIT) } YY_BREAK case 257: YY_RULE_SETUP #line 480 "util/configlexer.lex" -{ YDVAR(1, VAR_RATELIMIT_FACTOR) } +{ YDVAR(1, VAR_RATELIMIT) } YY_BREAK case 258: YY_RULE_SETUP #line 481 "util/configlexer.lex" -{ YDVAR(1, VAR_LOW_RTT) } +{ YDVAR(1, VAR_IP_RATELIMIT_SLABS) } YY_BREAK case 259: YY_RULE_SETUP #line 482 "util/configlexer.lex" -{ YDVAR(1, VAR_FAST_SERVER_NUM) } +{ YDVAR(1, VAR_RATELIMIT_SLABS) } YY_BREAK case 260: YY_RULE_SETUP #line 483 "util/configlexer.lex" -{ YDVAR(1, VAR_FAST_SERVER_PERMIL) } +{ YDVAR(1, VAR_IP_RATELIMIT_SIZE) } YY_BREAK case 261: YY_RULE_SETUP #line 484 "util/configlexer.lex" -{ YDVAR(1, VAR_FAST_SERVER_PERMIL) } +{ YDVAR(1, VAR_RATELIMIT_SIZE) } YY_BREAK case 262: YY_RULE_SETUP #line 485 "util/configlexer.lex" -{ YDVAR(1, VAR_FAST_SERVER_PERMIL) } +{ YDVAR(2, VAR_RATELIMIT_FOR_DOMAIN) } YY_BREAK case 263: YY_RULE_SETUP #line 486 "util/configlexer.lex" -{ YDVAR(2, VAR_RESPONSE_IP_TAG) } +{ YDVAR(2, VAR_RATELIMIT_BELOW_DOMAIN) } YY_BREAK case 264: YY_RULE_SETUP #line 487 "util/configlexer.lex" -{ YDVAR(2, VAR_RESPONSE_IP) } +{ YDVAR(1, VAR_IP_RATELIMIT_FACTOR) } YY_BREAK case 265: YY_RULE_SETUP #line 488 "util/configlexer.lex" -{ YDVAR(2, VAR_RESPONSE_IP_DATA) } +{ YDVAR(1, VAR_RATELIMIT_FACTOR) } YY_BREAK case 266: YY_RULE_SETUP #line 489 "util/configlexer.lex" -{ YDVAR(0, VAR_DNSCRYPT) } +{ YDVAR(1, VAR_LOW_RTT) } YY_BREAK case 267: YY_RULE_SETUP #line 490 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_ENABLE) } +{ YDVAR(1, VAR_FAST_SERVER_NUM) } YY_BREAK case 268: YY_RULE_SETUP #line 491 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_PORT) } +{ YDVAR(1, VAR_FAST_SERVER_PERMIL) } YY_BREAK case 269: YY_RULE_SETUP #line 492 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_PROVIDER) } +{ YDVAR(1, VAR_FAST_SERVER_PERMIL) } YY_BREAK case 270: YY_RULE_SETUP #line 493 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_SECRET_KEY) } +{ YDVAR(1, VAR_FAST_SERVER_PERMIL) } YY_BREAK case 271: YY_RULE_SETUP #line 494 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_PROVIDER_CERT) } +{ YDVAR(2, VAR_RESPONSE_IP_TAG) } YY_BREAK case 272: YY_RULE_SETUP #line 495 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_PROVIDER_CERT_ROTATED) } +{ YDVAR(2, VAR_RESPONSE_IP) } YY_BREAK case 273: YY_RULE_SETUP #line 496 "util/configlexer.lex" -{ - YDVAR(1, VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE) } +{ YDVAR(2, VAR_RESPONSE_IP_DATA) } YY_BREAK case 274: YY_RULE_SETUP -#line 498 "util/configlexer.lex" -{ - YDVAR(1, VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS) } +#line 497 "util/configlexer.lex" +{ YDVAR(0, VAR_DNSCRYPT) } YY_BREAK case 275: YY_RULE_SETUP -#line 500 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_NONCE_CACHE_SIZE) } +#line 498 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSCRYPT_ENABLE) } YY_BREAK case 276: YY_RULE_SETUP -#line 501 "util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_NONCE_CACHE_SLABS) } +#line 499 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSCRYPT_PORT) } YY_BREAK case 277: YY_RULE_SETUP -#line 502 "util/configlexer.lex" -{ YDVAR(1, VAR_IPSECMOD_ENABLED) } +#line 500 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSCRYPT_PROVIDER) } YY_BREAK case 278: YY_RULE_SETUP -#line 503 "util/configlexer.lex" -{ YDVAR(1, VAR_IPSECMOD_IGNORE_BOGUS) } +#line 501 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSCRYPT_SECRET_KEY) } YY_BREAK case 279: YY_RULE_SETUP -#line 504 "util/configlexer.lex" -{ YDVAR(1, VAR_IPSECMOD_HOOK) } +#line 502 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSCRYPT_PROVIDER_CERT) } YY_BREAK case 280: YY_RULE_SETUP -#line 505 "util/configlexer.lex" -{ YDVAR(1, VAR_IPSECMOD_MAX_TTL) } +#line 503 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSCRYPT_PROVIDER_CERT_ROTATED) } YY_BREAK case 281: YY_RULE_SETUP -#line 506 "util/configlexer.lex" -{ YDVAR(1, VAR_IPSECMOD_WHITELIST) } +#line 504 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE) } YY_BREAK case 282: YY_RULE_SETUP -#line 507 "util/configlexer.lex" -{ YDVAR(1, VAR_IPSECMOD_STRICT) } +#line 506 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS) } YY_BREAK case 283: YY_RULE_SETUP #line 508 "util/configlexer.lex" -{ YDVAR(0, VAR_CACHEDB) } +{ YDVAR(1, VAR_DNSCRYPT_NONCE_CACHE_SIZE) } YY_BREAK case 284: YY_RULE_SETUP #line 509 "util/configlexer.lex" -{ YDVAR(1, VAR_CACHEDB_BACKEND) } +{ YDVAR(1, VAR_DNSCRYPT_NONCE_CACHE_SLABS) } YY_BREAK case 285: YY_RULE_SETUP #line 510 "util/configlexer.lex" -{ YDVAR(1, VAR_CACHEDB_SECRETSEED) } +{ YDVAR(1, VAR_IPSECMOD_ENABLED) } YY_BREAK case 286: YY_RULE_SETUP #line 511 "util/configlexer.lex" -{ YDVAR(1, VAR_CACHEDB_REDISHOST) } +{ YDVAR(1, VAR_IPSECMOD_IGNORE_BOGUS) } YY_BREAK case 287: YY_RULE_SETUP #line 512 "util/configlexer.lex" -{ YDVAR(1, VAR_CACHEDB_REDISPORT) } +{ YDVAR(1, VAR_IPSECMOD_HOOK) } YY_BREAK case 288: YY_RULE_SETUP #line 513 "util/configlexer.lex" -{ YDVAR(1, VAR_CACHEDB_REDISTIMEOUT) } +{ YDVAR(1, VAR_IPSECMOD_MAX_TTL) } YY_BREAK case 289: YY_RULE_SETUP #line 514 "util/configlexer.lex" -{ YDVAR(1, VAR_CACHEDB_REDISEXPIRERECORDS) } +{ YDVAR(1, VAR_IPSECMOD_WHITELIST) } YY_BREAK case 290: YY_RULE_SETUP #line 515 "util/configlexer.lex" -{ YDVAR(0, VAR_IPSET) } +{ YDVAR(1, VAR_IPSECMOD_WHITELIST) } YY_BREAK case 291: YY_RULE_SETUP #line 516 "util/configlexer.lex" -{ YDVAR(1, VAR_IPSET_NAME_V4) } +{ YDVAR(1, VAR_IPSECMOD_STRICT) } YY_BREAK case 292: YY_RULE_SETUP #line 517 "util/configlexer.lex" -{ YDVAR(1, VAR_IPSET_NAME_V6) } +{ YDVAR(0, VAR_CACHEDB) } YY_BREAK case 293: YY_RULE_SETUP #line 518 "util/configlexer.lex" -{ YDVAR(1, VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM) } +{ YDVAR(1, VAR_CACHEDB_BACKEND) } YY_BREAK case 294: YY_RULE_SETUP #line 519 "util/configlexer.lex" -{ YDVAR(2, VAR_TCP_CONNECTION_LIMIT) } +{ YDVAR(1, VAR_CACHEDB_SECRETSEED) } YY_BREAK case 295: -/* rule 295 can match eol */ YY_RULE_SETUP #line 520 "util/configlexer.lex" -{ LEXOUT(("NL\n")); cfg_parser->line++; } +{ YDVAR(1, VAR_CACHEDB_REDISHOST) } YY_BREAK -/* Quoted strings. Strip leading and ending quotes */ case 296: YY_RULE_SETUP +#line 521 "util/configlexer.lex" +{ YDVAR(1, VAR_CACHEDB_REDISPORT) } + YY_BREAK +case 297: +YY_RULE_SETUP +#line 522 "util/configlexer.lex" +{ YDVAR(1, VAR_CACHEDB_REDISTIMEOUT) } + YY_BREAK +case 298: +YY_RULE_SETUP #line 523 "util/configlexer.lex" +{ YDVAR(1, VAR_CACHEDB_REDISEXPIRERECORDS) } + YY_BREAK +case 299: +YY_RULE_SETUP +#line 524 "util/configlexer.lex" +{ YDVAR(0, VAR_IPSET) } + YY_BREAK +case 300: +YY_RULE_SETUP +#line 525 "util/configlexer.lex" +{ YDVAR(1, VAR_IPSET_NAME_V4) } + YY_BREAK +case 301: +YY_RULE_SETUP +#line 526 "util/configlexer.lex" +{ YDVAR(1, VAR_IPSET_NAME_V6) } + YY_BREAK +case 302: +YY_RULE_SETUP +#line 527 "util/configlexer.lex" +{ YDVAR(1, VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM) } + YY_BREAK +case 303: +YY_RULE_SETUP +#line 528 "util/configlexer.lex" +{ YDVAR(2, VAR_TCP_CONNECTION_LIMIT) } + YY_BREAK +case 304: +YY_RULE_SETUP +#line 529 "util/configlexer.lex" +{ YDVAR(2, VAR_EDNS_CLIENT_TAG) } + YY_BREAK +case 305: +YY_RULE_SETUP +#line 530 "util/configlexer.lex" +{ YDVAR(1, VAR_EDNS_CLIENT_TAG_OPCODE) } + YY_BREAK +case 306: +/* rule 306 can match eol */ +YY_RULE_SETUP +#line 531 "util/configlexer.lex" +{ LEXOUT(("NL\n")); cfg_parser->line++; } + YY_BREAK +/* Quoted strings. Strip leading and ending quotes */ +case 307: +YY_RULE_SETUP +#line 534 "util/configlexer.lex" { BEGIN(quotedstring); LEXOUT(("QS ")); } YY_BREAK case YY_STATE_EOF(quotedstring): -#line 524 "util/configlexer.lex" +#line 535 "util/configlexer.lex" { yyerror("EOF inside quoted string"); if(--num_args == 0) { BEGIN(INITIAL); } else { BEGIN(val); } } YY_BREAK -case 297: +case 308: YY_RULE_SETUP -#line 529 "util/configlexer.lex" +#line 540 "util/configlexer.lex" { LEXOUT(("STR(%s) ", yytext)); yymore(); } YY_BREAK -case 298: -/* rule 298 can match eol */ +case 309: +/* rule 309 can match eol */ YY_RULE_SETUP -#line 530 "util/configlexer.lex" +#line 541 "util/configlexer.lex" { yyerror("newline inside quoted string, no end \""); cfg_parser->line++; BEGIN(INITIAL); } YY_BREAK -case 299: +case 310: YY_RULE_SETUP -#line 532 "util/configlexer.lex" +#line 543 "util/configlexer.lex" { LEXOUT(("QE ")); if(--num_args == 0) { BEGIN(INITIAL); } @@ -5479,34 +5641,34 @@ YY_RULE_SETUP } YY_BREAK /* Single Quoted strings. Strip leading and ending quotes */ -case 300: +case 311: YY_RULE_SETUP -#line 544 "util/configlexer.lex" +#line 555 "util/configlexer.lex" { BEGIN(singlequotedstr); LEXOUT(("SQS ")); } YY_BREAK case YY_STATE_EOF(singlequotedstr): -#line 545 "util/configlexer.lex" +#line 556 "util/configlexer.lex" { yyerror("EOF inside quoted string"); if(--num_args == 0) { BEGIN(INITIAL); } else { BEGIN(val); } } YY_BREAK -case 301: +case 312: YY_RULE_SETUP -#line 550 "util/configlexer.lex" +#line 561 "util/configlexer.lex" { LEXOUT(("STR(%s) ", yytext)); yymore(); } YY_BREAK -case 302: -/* rule 302 can match eol */ +case 313: +/* rule 313 can match eol */ YY_RULE_SETUP -#line 551 "util/configlexer.lex" +#line 562 "util/configlexer.lex" { yyerror("newline inside quoted string, no end '"); cfg_parser->line++; BEGIN(INITIAL); } YY_BREAK -case 303: +case 314: YY_RULE_SETUP -#line 553 "util/configlexer.lex" +#line 564 "util/configlexer.lex" { LEXOUT(("SQE ")); if(--num_args == 0) { BEGIN(INITIAL); } @@ -5519,38 +5681,38 @@ YY_RULE_SETUP } YY_BREAK /* include: directive */ -case 304: +case 315: YY_RULE_SETUP -#line 565 "util/configlexer.lex" +#line 576 "util/configlexer.lex" { LEXOUT(("v(%s) ", yytext)); inc_prev = YYSTATE; BEGIN(include); } YY_BREAK case YY_STATE_EOF(include): -#line 567 "util/configlexer.lex" +#line 578 "util/configlexer.lex" { yyerror("EOF inside include directive"); BEGIN(inc_prev); } YY_BREAK -case 305: +case 316: YY_RULE_SETUP -#line 571 "util/configlexer.lex" +#line 582 "util/configlexer.lex" { LEXOUT(("ISP ")); /* ignore */ } YY_BREAK -case 306: -/* rule 306 can match eol */ +case 317: +/* rule 317 can match eol */ YY_RULE_SETUP -#line 572 "util/configlexer.lex" +#line 583 "util/configlexer.lex" { LEXOUT(("NL\n")); cfg_parser->line++;} YY_BREAK -case 307: +case 318: YY_RULE_SETUP -#line 573 "util/configlexer.lex" +#line 584 "util/configlexer.lex" { LEXOUT(("IQS ")); BEGIN(include_quoted); } YY_BREAK -case 308: +case 319: YY_RULE_SETUP -#line 574 "util/configlexer.lex" +#line 585 "util/configlexer.lex" { LEXOUT(("Iunquotedstr(%s) ", yytext)); config_start_include_glob(yytext, 0); @@ -5558,27 +5720,27 @@ YY_RULE_SETUP } YY_BREAK case YY_STATE_EOF(include_quoted): -#line 579 "util/configlexer.lex" +#line 590 "util/configlexer.lex" { yyerror("EOF inside quoted string"); BEGIN(inc_prev); } YY_BREAK -case 309: +case 320: YY_RULE_SETUP -#line 583 "util/configlexer.lex" +#line 594 "util/configlexer.lex" { LEXOUT(("ISTR(%s) ", yytext)); yymore(); } YY_BREAK -case 310: -/* rule 310 can match eol */ +case 321: +/* rule 321 can match eol */ YY_RULE_SETUP -#line 584 "util/configlexer.lex" +#line 595 "util/configlexer.lex" { yyerror("newline before \" in include name"); cfg_parser->line++; BEGIN(inc_prev); } YY_BREAK -case 311: +case 322: YY_RULE_SETUP -#line 586 "util/configlexer.lex" +#line 597 "util/configlexer.lex" { LEXOUT(("IQE ")); yytext[yyleng - 1] = '\0'; @@ -5588,7 +5750,7 @@ YY_RULE_SETUP YY_BREAK case YY_STATE_EOF(INITIAL): case YY_STATE_EOF(val): -#line 592 "util/configlexer.lex" +#line 603 "util/configlexer.lex" { LEXOUT(("LEXEOF ")); yy_set_bol(1); /* Set beginning of line, so "^" rules match. */ @@ -5603,39 +5765,39 @@ case YY_STATE_EOF(val): } YY_BREAK /* include-toplevel: directive */ -case 312: +case 323: YY_RULE_SETUP -#line 606 "util/configlexer.lex" +#line 617 "util/configlexer.lex" { LEXOUT(("v(%s) ", yytext)); inc_prev = YYSTATE; BEGIN(include_toplevel); } YY_BREAK case YY_STATE_EOF(include_toplevel): -#line 609 "util/configlexer.lex" +#line 620 "util/configlexer.lex" { yyerror("EOF inside include_toplevel directive"); BEGIN(inc_prev); } YY_BREAK -case 313: +case 324: YY_RULE_SETUP -#line 613 "util/configlexer.lex" +#line 624 "util/configlexer.lex" { LEXOUT(("ITSP ")); /* ignore */ } YY_BREAK -case 314: -/* rule 314 can match eol */ +case 325: +/* rule 325 can match eol */ YY_RULE_SETUP -#line 614 "util/configlexer.lex" +#line 625 "util/configlexer.lex" { LEXOUT(("NL\n")); cfg_parser->line++; } YY_BREAK -case 315: +case 326: YY_RULE_SETUP -#line 615 "util/configlexer.lex" +#line 626 "util/configlexer.lex" { LEXOUT(("ITQS ")); BEGIN(include_toplevel_quoted); } YY_BREAK -case 316: +case 327: YY_RULE_SETUP -#line 616 "util/configlexer.lex" +#line 627 "util/configlexer.lex" { LEXOUT(("ITunquotedstr(%s) ", yytext)); config_start_include_glob(yytext, 1); @@ -5644,29 +5806,29 @@ YY_RULE_SETUP } YY_BREAK case YY_STATE_EOF(include_toplevel_quoted): -#line 622 "util/configlexer.lex" +#line 633 "util/configlexer.lex" { yyerror("EOF inside quoted string"); BEGIN(inc_prev); } YY_BREAK -case 317: +case 328: YY_RULE_SETUP -#line 626 "util/configlexer.lex" +#line 637 "util/configlexer.lex" { LEXOUT(("ITSTR(%s) ", yytext)); yymore(); } YY_BREAK -case 318: -/* rule 318 can match eol */ +case 329: +/* rule 329 can match eol */ YY_RULE_SETUP -#line 627 "util/configlexer.lex" +#line 638 "util/configlexer.lex" { yyerror("newline before \" in include name"); cfg_parser->line++; BEGIN(inc_prev); } YY_BREAK -case 319: +case 330: YY_RULE_SETUP -#line 631 "util/configlexer.lex" +#line 642 "util/configlexer.lex" { LEXOUT(("ITQE ")); yytext[yyleng - 1] = '\0'; @@ -5675,33 +5837,33 @@ YY_RULE_SETUP return (VAR_FORCE_TOPLEVEL); } YY_BREAK -case 320: +case 331: YY_RULE_SETUP -#line 639 "util/configlexer.lex" +#line 650 "util/configlexer.lex" { LEXOUT(("unquotedstr(%s) ", yytext)); if(--num_args == 0) { BEGIN(INITIAL); } yylval.str = strdup(yytext); return STRING_ARG; } YY_BREAK -case 321: +case 332: YY_RULE_SETUP -#line 643 "util/configlexer.lex" +#line 654 "util/configlexer.lex" { ub_c_error_msg("unknown keyword '%s'", yytext); } YY_BREAK -case 322: +case 333: YY_RULE_SETUP -#line 647 "util/configlexer.lex" +#line 658 "util/configlexer.lex" { ub_c_error_msg("stray '%s'", yytext); } YY_BREAK -case 323: +case 334: YY_RULE_SETUP -#line 651 "util/configlexer.lex" +#line 662 "util/configlexer.lex" ECHO; YY_BREAK -#line 5702 "<stdout>" +#line 5864 "<stdout>" case YY_END_OF_BUFFER: { @@ -5996,7 +6158,7 @@ static int yy_get_next_buffer (void) while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 3137 ) + if ( yy_current_state >= 3253 ) yy_c = yy_meta[yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + yy_c]; @@ -6024,11 +6186,11 @@ static int yy_get_next_buffer (void) while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 3137 ) + if ( yy_current_state >= 3253 ) yy_c = yy_meta[yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + yy_c]; - yy_is_jam = (yy_current_state == 3136); + yy_is_jam = (yy_current_state == 3252); return yy_is_jam ? 0 : yy_current_state; } @@ -6667,6 +6829,6 @@ void yyfree (void * ptr ) #define YYTABLES_NAME "yytables" -#line 651 "util/configlexer.lex" +#line 662 "util/configlexer.lex" diff --git a/util/configlexer.lex b/util/configlexer.lex index 83cea4b992fd..ea7c1cf72734 100644 --- a/util/configlexer.lex +++ b/util/configlexer.lex @@ -256,6 +256,12 @@ tls-session-ticket-keys{COLON} { YDVAR(1, VAR_TLS_SESSION_TICKET_KEYS) } tls-ciphers{COLON} { YDVAR(1, VAR_TLS_CIPHERS) } tls-ciphersuites{COLON} { YDVAR(1, VAR_TLS_CIPHERSUITES) } tls-use-sni{COLON} { YDVAR(1, VAR_TLS_USE_SNI) } +https-port{COLON} { YDVAR(1, VAR_HTTPS_PORT) } +http-endpoint{COLON} { YDVAR(1, VAR_HTTP_ENDPOINT) } +http-max-streams{COLON} { YDVAR(1, VAR_HTTP_MAX_STREAMS) } +http-query-buffer-size{COLON} { YDVAR(1, VAR_HTTP_QUERY_BUFFER_SIZE) } +http-response-buffer-size{COLON} { YDVAR(1, VAR_HTTP_RESPONSE_BUFFER_SIZE) } +http-nodelay{COLON} { YDVAR(1, VAR_HTTP_NODELAY) } use-systemd{COLON} { YDVAR(1, VAR_USE_SYSTEMD) } do-daemonize{COLON} { YDVAR(1, VAR_DO_DAEMONIZE) } interface{COLON} { YDVAR(1, VAR_INTERFACE) } @@ -303,6 +309,7 @@ harden-referral-path{COLON} { YDVAR(1, VAR_HARDEN_REFERRAL_PATH) } harden-algo-downgrade{COLON} { YDVAR(1, VAR_HARDEN_ALGO_DOWNGRADE) } use-caps-for-id{COLON} { YDVAR(1, VAR_USE_CAPS_FOR_ID) } caps-whitelist{COLON} { YDVAR(1, VAR_CAPS_WHITELIST) } +caps-exempt{COLON} { YDVAR(1, VAR_CAPS_WHITELIST) } unwanted-reply-threshold{COLON} { YDVAR(1, VAR_UNWANTED_REPLY_THRESHOLD) } private-address{COLON} { YDVAR(1, VAR_PRIVATE_ADDRESS) } private-domain{COLON} { YDVAR(1, VAR_PRIVATE_DOMAIN) } @@ -334,6 +341,7 @@ rpz-log{COLON} { YDVAR(1, VAR_RPZ_LOG) } rpz-log-name{COLON} { YDVAR(1, VAR_RPZ_LOG_NAME) } zonefile{COLON} { YDVAR(1, VAR_ZONEFILE) } master{COLON} { YDVAR(1, VAR_MASTER) } +primary{COLON} { YDVAR(1, VAR_MASTER) } url{COLON} { YDVAR(1, VAR_URL) } allow-notify{COLON} { YDVAR(1, VAR_ALLOW_NOTIFY) } for-downstream{COLON} { YDVAR(1, VAR_FOR_DOWNSTREAM) } @@ -504,6 +512,7 @@ ipsecmod-ignore-bogus{COLON} { YDVAR(1, VAR_IPSECMOD_IGNORE_BOGUS) } ipsecmod-hook{COLON} { YDVAR(1, VAR_IPSECMOD_HOOK) } ipsecmod-max-ttl{COLON} { YDVAR(1, VAR_IPSECMOD_MAX_TTL) } ipsecmod-whitelist{COLON} { YDVAR(1, VAR_IPSECMOD_WHITELIST) } +ipsecmod-allow{COLON} { YDVAR(1, VAR_IPSECMOD_WHITELIST) } ipsecmod-strict{COLON} { YDVAR(1, VAR_IPSECMOD_STRICT) } cachedb{COLON} { YDVAR(0, VAR_CACHEDB) } backend{COLON} { YDVAR(1, VAR_CACHEDB_BACKEND) } @@ -517,6 +526,8 @@ name-v4{COLON} { YDVAR(1, VAR_IPSET_NAME_V4) } name-v6{COLON} { YDVAR(1, VAR_IPSET_NAME_V6) } udp-upstream-without-downstream{COLON} { YDVAR(1, VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM) } tcp-connection-limit{COLON} { YDVAR(2, VAR_TCP_CONNECTION_LIMIT) } +edns-client-tag{COLON} { YDVAR(2, VAR_EDNS_CLIENT_TAG) } +edns-client-tag-opcode{COLON} { YDVAR(1, VAR_EDNS_CLIENT_TAG_OPCODE) } <INITIAL,val>{NEWLINE} { LEXOUT(("NL\n")); cfg_parser->line++; } /* Quoted strings. Strip leading and ending quotes */ diff --git a/util/configparser.c b/util/configparser.c index fbb9b532bcd4..d9dcbf9a56b4 100644 --- a/util/configparser.c +++ b/util/configparser.c @@ -273,156 +273,164 @@ extern int yydebug; VAR_STUB_SSL_UPSTREAM = 394, VAR_FORWARD_SSL_UPSTREAM = 395, VAR_TLS_CERT_BUNDLE = 396, - VAR_STUB_FIRST = 397, - VAR_MINIMAL_RESPONSES = 398, - VAR_RRSET_ROUNDROBIN = 399, - VAR_MAX_UDP_SIZE = 400, - VAR_DELAY_CLOSE = 401, - VAR_UNBLOCK_LAN_ZONES = 402, - VAR_INSECURE_LAN_ZONES = 403, - VAR_INFRA_CACHE_MIN_RTT = 404, - VAR_DNS64_PREFIX = 405, - VAR_DNS64_SYNTHALL = 406, - VAR_DNS64_IGNORE_AAAA = 407, - VAR_DNSTAP = 408, - VAR_DNSTAP_ENABLE = 409, - VAR_DNSTAP_SOCKET_PATH = 410, - VAR_DNSTAP_IP = 411, - VAR_DNSTAP_TLS = 412, - VAR_DNSTAP_TLS_SERVER_NAME = 413, - VAR_DNSTAP_TLS_CERT_BUNDLE = 414, - VAR_DNSTAP_TLS_CLIENT_KEY_FILE = 415, - VAR_DNSTAP_TLS_CLIENT_CERT_FILE = 416, - VAR_DNSTAP_SEND_IDENTITY = 417, - VAR_DNSTAP_SEND_VERSION = 418, - VAR_DNSTAP_BIDIRECTIONAL = 419, - VAR_DNSTAP_IDENTITY = 420, - VAR_DNSTAP_VERSION = 421, - VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES = 422, - VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES = 423, - VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES = 424, - VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES = 425, - VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES = 426, - VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES = 427, - VAR_RESPONSE_IP_TAG = 428, - VAR_RESPONSE_IP = 429, - VAR_RESPONSE_IP_DATA = 430, - VAR_HARDEN_ALGO_DOWNGRADE = 431, - VAR_IP_TRANSPARENT = 432, - VAR_IP_DSCP = 433, - VAR_DISABLE_DNSSEC_LAME_CHECK = 434, - VAR_IP_RATELIMIT = 435, - VAR_IP_RATELIMIT_SLABS = 436, - VAR_IP_RATELIMIT_SIZE = 437, - VAR_RATELIMIT = 438, - VAR_RATELIMIT_SLABS = 439, - VAR_RATELIMIT_SIZE = 440, - VAR_RATELIMIT_FOR_DOMAIN = 441, - VAR_RATELIMIT_BELOW_DOMAIN = 442, - VAR_IP_RATELIMIT_FACTOR = 443, - VAR_RATELIMIT_FACTOR = 444, - VAR_SEND_CLIENT_SUBNET = 445, - VAR_CLIENT_SUBNET_ZONE = 446, - VAR_CLIENT_SUBNET_ALWAYS_FORWARD = 447, - VAR_CLIENT_SUBNET_OPCODE = 448, - VAR_MAX_CLIENT_SUBNET_IPV4 = 449, - VAR_MAX_CLIENT_SUBNET_IPV6 = 450, - VAR_MIN_CLIENT_SUBNET_IPV4 = 451, - VAR_MIN_CLIENT_SUBNET_IPV6 = 452, - VAR_MAX_ECS_TREE_SIZE_IPV4 = 453, - VAR_MAX_ECS_TREE_SIZE_IPV6 = 454, - VAR_CAPS_WHITELIST = 455, - VAR_CACHE_MAX_NEGATIVE_TTL = 456, - VAR_PERMIT_SMALL_HOLDDOWN = 457, - VAR_QNAME_MINIMISATION = 458, - VAR_QNAME_MINIMISATION_STRICT = 459, - VAR_IP_FREEBIND = 460, - VAR_DEFINE_TAG = 461, - VAR_LOCAL_ZONE_TAG = 462, - VAR_ACCESS_CONTROL_TAG = 463, - VAR_LOCAL_ZONE_OVERRIDE = 464, - VAR_ACCESS_CONTROL_TAG_ACTION = 465, - VAR_ACCESS_CONTROL_TAG_DATA = 466, - VAR_VIEW = 467, - VAR_ACCESS_CONTROL_VIEW = 468, - VAR_VIEW_FIRST = 469, - VAR_SERVE_EXPIRED = 470, - VAR_SERVE_EXPIRED_TTL = 471, - VAR_SERVE_EXPIRED_TTL_RESET = 472, - VAR_SERVE_EXPIRED_REPLY_TTL = 473, - VAR_SERVE_EXPIRED_CLIENT_TIMEOUT = 474, - VAR_FAKE_DSA = 475, - VAR_FAKE_SHA1 = 476, - VAR_LOG_IDENTITY = 477, - VAR_HIDE_TRUSTANCHOR = 478, - VAR_TRUST_ANCHOR_SIGNALING = 479, - VAR_AGGRESSIVE_NSEC = 480, - VAR_USE_SYSTEMD = 481, - VAR_SHM_ENABLE = 482, - VAR_SHM_KEY = 483, - VAR_ROOT_KEY_SENTINEL = 484, - VAR_DNSCRYPT = 485, - VAR_DNSCRYPT_ENABLE = 486, - VAR_DNSCRYPT_PORT = 487, - VAR_DNSCRYPT_PROVIDER = 488, - VAR_DNSCRYPT_SECRET_KEY = 489, - VAR_DNSCRYPT_PROVIDER_CERT = 490, - VAR_DNSCRYPT_PROVIDER_CERT_ROTATED = 491, - VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE = 492, - VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS = 493, - VAR_DNSCRYPT_NONCE_CACHE_SIZE = 494, - VAR_DNSCRYPT_NONCE_CACHE_SLABS = 495, - VAR_IPSECMOD_ENABLED = 496, - VAR_IPSECMOD_HOOK = 497, - VAR_IPSECMOD_IGNORE_BOGUS = 498, - VAR_IPSECMOD_MAX_TTL = 499, - VAR_IPSECMOD_WHITELIST = 500, - VAR_IPSECMOD_STRICT = 501, - VAR_CACHEDB = 502, - VAR_CACHEDB_BACKEND = 503, - VAR_CACHEDB_SECRETSEED = 504, - VAR_CACHEDB_REDISHOST = 505, - VAR_CACHEDB_REDISPORT = 506, - VAR_CACHEDB_REDISTIMEOUT = 507, - VAR_CACHEDB_REDISEXPIRERECORDS = 508, - VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM = 509, - VAR_FOR_UPSTREAM = 510, - VAR_AUTH_ZONE = 511, - VAR_ZONEFILE = 512, - VAR_MASTER = 513, - VAR_URL = 514, - VAR_FOR_DOWNSTREAM = 515, - VAR_FALLBACK_ENABLED = 516, - VAR_TLS_ADDITIONAL_PORT = 517, - VAR_LOW_RTT = 518, - VAR_LOW_RTT_PERMIL = 519, - VAR_FAST_SERVER_PERMIL = 520, - VAR_FAST_SERVER_NUM = 521, - VAR_ALLOW_NOTIFY = 522, - VAR_TLS_WIN_CERT = 523, - VAR_TCP_CONNECTION_LIMIT = 524, - VAR_FORWARD_NO_CACHE = 525, - VAR_STUB_NO_CACHE = 526, - VAR_LOG_SERVFAIL = 527, - VAR_DENY_ANY = 528, - VAR_UNKNOWN_SERVER_TIME_LIMIT = 529, - VAR_LOG_TAG_QUERYREPLY = 530, - VAR_STREAM_WAIT_SIZE = 531, - VAR_TLS_CIPHERS = 532, - VAR_TLS_CIPHERSUITES = 533, - VAR_TLS_USE_SNI = 534, - VAR_IPSET = 535, - VAR_IPSET_NAME_V4 = 536, - VAR_IPSET_NAME_V6 = 537, - VAR_TLS_SESSION_TICKET_KEYS = 538, - VAR_RPZ = 539, - VAR_TAGS = 540, - VAR_RPZ_ACTION_OVERRIDE = 541, - VAR_RPZ_CNAME_OVERRIDE = 542, - VAR_RPZ_LOG = 543, - VAR_RPZ_LOG_NAME = 544, - VAR_DYNLIB = 545, - VAR_DYNLIB_FILE = 546 + VAR_HTTPS_PORT = 397, + VAR_HTTP_ENDPOINT = 398, + VAR_HTTP_MAX_STREAMS = 399, + VAR_HTTP_QUERY_BUFFER_SIZE = 400, + VAR_HTTP_RESPONSE_BUFFER_SIZE = 401, + VAR_HTTP_NODELAY = 402, + VAR_STUB_FIRST = 403, + VAR_MINIMAL_RESPONSES = 404, + VAR_RRSET_ROUNDROBIN = 405, + VAR_MAX_UDP_SIZE = 406, + VAR_DELAY_CLOSE = 407, + VAR_UNBLOCK_LAN_ZONES = 408, + VAR_INSECURE_LAN_ZONES = 409, + VAR_INFRA_CACHE_MIN_RTT = 410, + VAR_DNS64_PREFIX = 411, + VAR_DNS64_SYNTHALL = 412, + VAR_DNS64_IGNORE_AAAA = 413, + VAR_DNSTAP = 414, + VAR_DNSTAP_ENABLE = 415, + VAR_DNSTAP_SOCKET_PATH = 416, + VAR_DNSTAP_IP = 417, + VAR_DNSTAP_TLS = 418, + VAR_DNSTAP_TLS_SERVER_NAME = 419, + VAR_DNSTAP_TLS_CERT_BUNDLE = 420, + VAR_DNSTAP_TLS_CLIENT_KEY_FILE = 421, + VAR_DNSTAP_TLS_CLIENT_CERT_FILE = 422, + VAR_DNSTAP_SEND_IDENTITY = 423, + VAR_DNSTAP_SEND_VERSION = 424, + VAR_DNSTAP_BIDIRECTIONAL = 425, + VAR_DNSTAP_IDENTITY = 426, + VAR_DNSTAP_VERSION = 427, + VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES = 428, + VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES = 429, + VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES = 430, + VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES = 431, + VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES = 432, + VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES = 433, + VAR_RESPONSE_IP_TAG = 434, + VAR_RESPONSE_IP = 435, + VAR_RESPONSE_IP_DATA = 436, + VAR_HARDEN_ALGO_DOWNGRADE = 437, + VAR_IP_TRANSPARENT = 438, + VAR_IP_DSCP = 439, + VAR_DISABLE_DNSSEC_LAME_CHECK = 440, + VAR_IP_RATELIMIT = 441, + VAR_IP_RATELIMIT_SLABS = 442, + VAR_IP_RATELIMIT_SIZE = 443, + VAR_RATELIMIT = 444, + VAR_RATELIMIT_SLABS = 445, + VAR_RATELIMIT_SIZE = 446, + VAR_RATELIMIT_FOR_DOMAIN = 447, + VAR_RATELIMIT_BELOW_DOMAIN = 448, + VAR_IP_RATELIMIT_FACTOR = 449, + VAR_RATELIMIT_FACTOR = 450, + VAR_SEND_CLIENT_SUBNET = 451, + VAR_CLIENT_SUBNET_ZONE = 452, + VAR_CLIENT_SUBNET_ALWAYS_FORWARD = 453, + VAR_CLIENT_SUBNET_OPCODE = 454, + VAR_MAX_CLIENT_SUBNET_IPV4 = 455, + VAR_MAX_CLIENT_SUBNET_IPV6 = 456, + VAR_MIN_CLIENT_SUBNET_IPV4 = 457, + VAR_MIN_CLIENT_SUBNET_IPV6 = 458, + VAR_MAX_ECS_TREE_SIZE_IPV4 = 459, + VAR_MAX_ECS_TREE_SIZE_IPV6 = 460, + VAR_CAPS_WHITELIST = 461, + VAR_CACHE_MAX_NEGATIVE_TTL = 462, + VAR_PERMIT_SMALL_HOLDDOWN = 463, + VAR_QNAME_MINIMISATION = 464, + VAR_QNAME_MINIMISATION_STRICT = 465, + VAR_IP_FREEBIND = 466, + VAR_DEFINE_TAG = 467, + VAR_LOCAL_ZONE_TAG = 468, + VAR_ACCESS_CONTROL_TAG = 469, + VAR_LOCAL_ZONE_OVERRIDE = 470, + VAR_ACCESS_CONTROL_TAG_ACTION = 471, + VAR_ACCESS_CONTROL_TAG_DATA = 472, + VAR_VIEW = 473, + VAR_ACCESS_CONTROL_VIEW = 474, + VAR_VIEW_FIRST = 475, + VAR_SERVE_EXPIRED = 476, + VAR_SERVE_EXPIRED_TTL = 477, + VAR_SERVE_EXPIRED_TTL_RESET = 478, + VAR_SERVE_EXPIRED_REPLY_TTL = 479, + VAR_SERVE_EXPIRED_CLIENT_TIMEOUT = 480, + VAR_FAKE_DSA = 481, + VAR_FAKE_SHA1 = 482, + VAR_LOG_IDENTITY = 483, + VAR_HIDE_TRUSTANCHOR = 484, + VAR_TRUST_ANCHOR_SIGNALING = 485, + VAR_AGGRESSIVE_NSEC = 486, + VAR_USE_SYSTEMD = 487, + VAR_SHM_ENABLE = 488, + VAR_SHM_KEY = 489, + VAR_ROOT_KEY_SENTINEL = 490, + VAR_DNSCRYPT = 491, + VAR_DNSCRYPT_ENABLE = 492, + VAR_DNSCRYPT_PORT = 493, + VAR_DNSCRYPT_PROVIDER = 494, + VAR_DNSCRYPT_SECRET_KEY = 495, + VAR_DNSCRYPT_PROVIDER_CERT = 496, + VAR_DNSCRYPT_PROVIDER_CERT_ROTATED = 497, + VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE = 498, + VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS = 499, + VAR_DNSCRYPT_NONCE_CACHE_SIZE = 500, + VAR_DNSCRYPT_NONCE_CACHE_SLABS = 501, + VAR_IPSECMOD_ENABLED = 502, + VAR_IPSECMOD_HOOK = 503, + VAR_IPSECMOD_IGNORE_BOGUS = 504, + VAR_IPSECMOD_MAX_TTL = 505, + VAR_IPSECMOD_WHITELIST = 506, + VAR_IPSECMOD_STRICT = 507, + VAR_CACHEDB = 508, + VAR_CACHEDB_BACKEND = 509, + VAR_CACHEDB_SECRETSEED = 510, + VAR_CACHEDB_REDISHOST = 511, + VAR_CACHEDB_REDISPORT = 512, + VAR_CACHEDB_REDISTIMEOUT = 513, + VAR_CACHEDB_REDISEXPIRERECORDS = 514, + VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM = 515, + VAR_FOR_UPSTREAM = 516, + VAR_AUTH_ZONE = 517, + VAR_ZONEFILE = 518, + VAR_MASTER = 519, + VAR_URL = 520, + VAR_FOR_DOWNSTREAM = 521, + VAR_FALLBACK_ENABLED = 522, + VAR_TLS_ADDITIONAL_PORT = 523, + VAR_LOW_RTT = 524, + VAR_LOW_RTT_PERMIL = 525, + VAR_FAST_SERVER_PERMIL = 526, + VAR_FAST_SERVER_NUM = 527, + VAR_ALLOW_NOTIFY = 528, + VAR_TLS_WIN_CERT = 529, + VAR_TCP_CONNECTION_LIMIT = 530, + VAR_FORWARD_NO_CACHE = 531, + VAR_STUB_NO_CACHE = 532, + VAR_LOG_SERVFAIL = 533, + VAR_DENY_ANY = 534, + VAR_UNKNOWN_SERVER_TIME_LIMIT = 535, + VAR_LOG_TAG_QUERYREPLY = 536, + VAR_STREAM_WAIT_SIZE = 537, + VAR_TLS_CIPHERS = 538, + VAR_TLS_CIPHERSUITES = 539, + VAR_TLS_USE_SNI = 540, + VAR_IPSET = 541, + VAR_IPSET_NAME_V4 = 542, + VAR_IPSET_NAME_V6 = 543, + VAR_TLS_SESSION_TICKET_KEYS = 544, + VAR_RPZ = 545, + VAR_TAGS = 546, + VAR_RPZ_ACTION_OVERRIDE = 547, + VAR_RPZ_CNAME_OVERRIDE = 548, + VAR_RPZ_LOG = 549, + VAR_RPZ_LOG_NAME = 550, + VAR_DYNLIB = 551, + VAR_DYNLIB_FILE = 552, + VAR_EDNS_CLIENT_TAG = 553, + VAR_EDNS_CLIENT_TAG_OPCODE = 554 }; #endif /* Tokens. */ @@ -565,156 +573,164 @@ extern int yydebug; #define VAR_STUB_SSL_UPSTREAM 394 #define VAR_FORWARD_SSL_UPSTREAM 395 #define VAR_TLS_CERT_BUNDLE 396 -#define VAR_STUB_FIRST 397 -#define VAR_MINIMAL_RESPONSES 398 -#define VAR_RRSET_ROUNDROBIN 399 -#define VAR_MAX_UDP_SIZE 400 -#define VAR_DELAY_CLOSE 401 -#define VAR_UNBLOCK_LAN_ZONES 402 -#define VAR_INSECURE_LAN_ZONES 403 -#define VAR_INFRA_CACHE_MIN_RTT 404 -#define VAR_DNS64_PREFIX 405 -#define VAR_DNS64_SYNTHALL 406 -#define VAR_DNS64_IGNORE_AAAA 407 -#define VAR_DNSTAP 408 -#define VAR_DNSTAP_ENABLE 409 -#define VAR_DNSTAP_SOCKET_PATH 410 -#define VAR_DNSTAP_IP 411 -#define VAR_DNSTAP_TLS 412 -#define VAR_DNSTAP_TLS_SERVER_NAME 413 -#define VAR_DNSTAP_TLS_CERT_BUNDLE 414 -#define VAR_DNSTAP_TLS_CLIENT_KEY_FILE 415 -#define VAR_DNSTAP_TLS_CLIENT_CERT_FILE 416 -#define VAR_DNSTAP_SEND_IDENTITY 417 -#define VAR_DNSTAP_SEND_VERSION 418 -#define VAR_DNSTAP_BIDIRECTIONAL 419 -#define VAR_DNSTAP_IDENTITY 420 -#define VAR_DNSTAP_VERSION 421 -#define VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 422 -#define VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 423 -#define VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 424 -#define VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 425 -#define VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 426 -#define VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 427 -#define VAR_RESPONSE_IP_TAG 428 -#define VAR_RESPONSE_IP 429 -#define VAR_RESPONSE_IP_DATA 430 -#define VAR_HARDEN_ALGO_DOWNGRADE 431 -#define VAR_IP_TRANSPARENT 432 -#define VAR_IP_DSCP 433 -#define VAR_DISABLE_DNSSEC_LAME_CHECK 434 -#define VAR_IP_RATELIMIT 435 -#define VAR_IP_RATELIMIT_SLABS 436 -#define VAR_IP_RATELIMIT_SIZE 437 -#define VAR_RATELIMIT 438 -#define VAR_RATELIMIT_SLABS 439 -#define VAR_RATELIMIT_SIZE 440 -#define VAR_RATELIMIT_FOR_DOMAIN 441 -#define VAR_RATELIMIT_BELOW_DOMAIN 442 -#define VAR_IP_RATELIMIT_FACTOR 443 -#define VAR_RATELIMIT_FACTOR 444 -#define VAR_SEND_CLIENT_SUBNET 445 -#define VAR_CLIENT_SUBNET_ZONE 446 -#define VAR_CLIENT_SUBNET_ALWAYS_FORWARD 447 -#define VAR_CLIENT_SUBNET_OPCODE 448 -#define VAR_MAX_CLIENT_SUBNET_IPV4 449 -#define VAR_MAX_CLIENT_SUBNET_IPV6 450 -#define VAR_MIN_CLIENT_SUBNET_IPV4 451 -#define VAR_MIN_CLIENT_SUBNET_IPV6 452 -#define VAR_MAX_ECS_TREE_SIZE_IPV4 453 -#define VAR_MAX_ECS_TREE_SIZE_IPV6 454 -#define VAR_CAPS_WHITELIST 455 -#define VAR_CACHE_MAX_NEGATIVE_TTL 456 -#define VAR_PERMIT_SMALL_HOLDDOWN 457 -#define VAR_QNAME_MINIMISATION 458 -#define VAR_QNAME_MINIMISATION_STRICT 459 -#define VAR_IP_FREEBIND 460 -#define VAR_DEFINE_TAG 461 -#define VAR_LOCAL_ZONE_TAG 462 -#define VAR_ACCESS_CONTROL_TAG 463 -#define VAR_LOCAL_ZONE_OVERRIDE 464 -#define VAR_ACCESS_CONTROL_TAG_ACTION 465 -#define VAR_ACCESS_CONTROL_TAG_DATA 466 -#define VAR_VIEW 467 -#define VAR_ACCESS_CONTROL_VIEW 468 -#define VAR_VIEW_FIRST 469 -#define VAR_SERVE_EXPIRED 470 -#define VAR_SERVE_EXPIRED_TTL 471 -#define VAR_SERVE_EXPIRED_TTL_RESET 472 -#define VAR_SERVE_EXPIRED_REPLY_TTL 473 -#define VAR_SERVE_EXPIRED_CLIENT_TIMEOUT 474 -#define VAR_FAKE_DSA 475 -#define VAR_FAKE_SHA1 476 -#define VAR_LOG_IDENTITY 477 -#define VAR_HIDE_TRUSTANCHOR 478 -#define VAR_TRUST_ANCHOR_SIGNALING 479 -#define VAR_AGGRESSIVE_NSEC 480 -#define VAR_USE_SYSTEMD 481 -#define VAR_SHM_ENABLE 482 -#define VAR_SHM_KEY 483 -#define VAR_ROOT_KEY_SENTINEL 484 -#define VAR_DNSCRYPT 485 -#define VAR_DNSCRYPT_ENABLE 486 -#define VAR_DNSCRYPT_PORT 487 -#define VAR_DNSCRYPT_PROVIDER 488 -#define VAR_DNSCRYPT_SECRET_KEY 489 -#define VAR_DNSCRYPT_PROVIDER_CERT 490 -#define VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 491 -#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 492 -#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 493 -#define VAR_DNSCRYPT_NONCE_CACHE_SIZE 494 -#define VAR_DNSCRYPT_NONCE_CACHE_SLABS 495 -#define VAR_IPSECMOD_ENABLED 496 -#define VAR_IPSECMOD_HOOK 497 -#define VAR_IPSECMOD_IGNORE_BOGUS 498 -#define VAR_IPSECMOD_MAX_TTL 499 -#define VAR_IPSECMOD_WHITELIST 500 -#define VAR_IPSECMOD_STRICT 501 -#define VAR_CACHEDB 502 -#define VAR_CACHEDB_BACKEND 503 -#define VAR_CACHEDB_SECRETSEED 504 -#define VAR_CACHEDB_REDISHOST 505 -#define VAR_CACHEDB_REDISPORT 506 -#define VAR_CACHEDB_REDISTIMEOUT 507 -#define VAR_CACHEDB_REDISEXPIRERECORDS 508 -#define VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM 509 -#define VAR_FOR_UPSTREAM 510 -#define VAR_AUTH_ZONE 511 -#define VAR_ZONEFILE 512 -#define VAR_MASTER 513 -#define VAR_URL 514 -#define VAR_FOR_DOWNSTREAM 515 -#define VAR_FALLBACK_ENABLED 516 -#define VAR_TLS_ADDITIONAL_PORT 517 -#define VAR_LOW_RTT 518 -#define VAR_LOW_RTT_PERMIL 519 -#define VAR_FAST_SERVER_PERMIL 520 -#define VAR_FAST_SERVER_NUM 521 -#define VAR_ALLOW_NOTIFY 522 -#define VAR_TLS_WIN_CERT 523 -#define VAR_TCP_CONNECTION_LIMIT 524 -#define VAR_FORWARD_NO_CACHE 525 -#define VAR_STUB_NO_CACHE 526 -#define VAR_LOG_SERVFAIL 527 -#define VAR_DENY_ANY 528 -#define VAR_UNKNOWN_SERVER_TIME_LIMIT 529 -#define VAR_LOG_TAG_QUERYREPLY 530 -#define VAR_STREAM_WAIT_SIZE 531 -#define VAR_TLS_CIPHERS 532 -#define VAR_TLS_CIPHERSUITES 533 -#define VAR_TLS_USE_SNI 534 -#define VAR_IPSET 535 -#define VAR_IPSET_NAME_V4 536 -#define VAR_IPSET_NAME_V6 537 -#define VAR_TLS_SESSION_TICKET_KEYS 538 -#define VAR_RPZ 539 -#define VAR_TAGS 540 -#define VAR_RPZ_ACTION_OVERRIDE 541 -#define VAR_RPZ_CNAME_OVERRIDE 542 -#define VAR_RPZ_LOG 543 -#define VAR_RPZ_LOG_NAME 544 -#define VAR_DYNLIB 545 -#define VAR_DYNLIB_FILE 546 +#define VAR_HTTPS_PORT 397 +#define VAR_HTTP_ENDPOINT 398 +#define VAR_HTTP_MAX_STREAMS 399 +#define VAR_HTTP_QUERY_BUFFER_SIZE 400 +#define VAR_HTTP_RESPONSE_BUFFER_SIZE 401 +#define VAR_HTTP_NODELAY 402 +#define VAR_STUB_FIRST 403 +#define VAR_MINIMAL_RESPONSES 404 +#define VAR_RRSET_ROUNDROBIN 405 +#define VAR_MAX_UDP_SIZE 406 +#define VAR_DELAY_CLOSE 407 +#define VAR_UNBLOCK_LAN_ZONES 408 +#define VAR_INSECURE_LAN_ZONES 409 +#define VAR_INFRA_CACHE_MIN_RTT 410 +#define VAR_DNS64_PREFIX 411 +#define VAR_DNS64_SYNTHALL 412 +#define VAR_DNS64_IGNORE_AAAA 413 +#define VAR_DNSTAP 414 +#define VAR_DNSTAP_ENABLE 415 +#define VAR_DNSTAP_SOCKET_PATH 416 +#define VAR_DNSTAP_IP 417 +#define VAR_DNSTAP_TLS 418 +#define VAR_DNSTAP_TLS_SERVER_NAME 419 +#define VAR_DNSTAP_TLS_CERT_BUNDLE 420 +#define VAR_DNSTAP_TLS_CLIENT_KEY_FILE 421 +#define VAR_DNSTAP_TLS_CLIENT_CERT_FILE 422 +#define VAR_DNSTAP_SEND_IDENTITY 423 +#define VAR_DNSTAP_SEND_VERSION 424 +#define VAR_DNSTAP_BIDIRECTIONAL 425 +#define VAR_DNSTAP_IDENTITY 426 +#define VAR_DNSTAP_VERSION 427 +#define VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 428 +#define VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 429 +#define VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 430 +#define VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 431 +#define VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 432 +#define VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 433 +#define VAR_RESPONSE_IP_TAG 434 +#define VAR_RESPONSE_IP 435 +#define VAR_RESPONSE_IP_DATA 436 +#define VAR_HARDEN_ALGO_DOWNGRADE 437 +#define VAR_IP_TRANSPARENT 438 +#define VAR_IP_DSCP 439 +#define VAR_DISABLE_DNSSEC_LAME_CHECK 440 +#define VAR_IP_RATELIMIT 441 +#define VAR_IP_RATELIMIT_SLABS 442 +#define VAR_IP_RATELIMIT_SIZE 443 +#define VAR_RATELIMIT 444 +#define VAR_RATELIMIT_SLABS 445 +#define VAR_RATELIMIT_SIZE 446 +#define VAR_RATELIMIT_FOR_DOMAIN 447 +#define VAR_RATELIMIT_BELOW_DOMAIN 448 +#define VAR_IP_RATELIMIT_FACTOR 449 +#define VAR_RATELIMIT_FACTOR 450 +#define VAR_SEND_CLIENT_SUBNET 451 +#define VAR_CLIENT_SUBNET_ZONE 452 +#define VAR_CLIENT_SUBNET_ALWAYS_FORWARD 453 +#define VAR_CLIENT_SUBNET_OPCODE 454 +#define VAR_MAX_CLIENT_SUBNET_IPV4 455 +#define VAR_MAX_CLIENT_SUBNET_IPV6 456 +#define VAR_MIN_CLIENT_SUBNET_IPV4 457 +#define VAR_MIN_CLIENT_SUBNET_IPV6 458 +#define VAR_MAX_ECS_TREE_SIZE_IPV4 459 +#define VAR_MAX_ECS_TREE_SIZE_IPV6 460 +#define VAR_CAPS_WHITELIST 461 +#define VAR_CACHE_MAX_NEGATIVE_TTL 462 +#define VAR_PERMIT_SMALL_HOLDDOWN 463 +#define VAR_QNAME_MINIMISATION 464 +#define VAR_QNAME_MINIMISATION_STRICT 465 +#define VAR_IP_FREEBIND 466 +#define VAR_DEFINE_TAG 467 +#define VAR_LOCAL_ZONE_TAG 468 +#define VAR_ACCESS_CONTROL_TAG 469 +#define VAR_LOCAL_ZONE_OVERRIDE 470 +#define VAR_ACCESS_CONTROL_TAG_ACTION 471 +#define VAR_ACCESS_CONTROL_TAG_DATA 472 +#define VAR_VIEW 473 +#define VAR_ACCESS_CONTROL_VIEW 474 +#define VAR_VIEW_FIRST 475 +#define VAR_SERVE_EXPIRED 476 +#define VAR_SERVE_EXPIRED_TTL 477 +#define VAR_SERVE_EXPIRED_TTL_RESET 478 +#define VAR_SERVE_EXPIRED_REPLY_TTL 479 +#define VAR_SERVE_EXPIRED_CLIENT_TIMEOUT 480 +#define VAR_FAKE_DSA 481 +#define VAR_FAKE_SHA1 482 +#define VAR_LOG_IDENTITY 483 +#define VAR_HIDE_TRUSTANCHOR 484 +#define VAR_TRUST_ANCHOR_SIGNALING 485 +#define VAR_AGGRESSIVE_NSEC 486 +#define VAR_USE_SYSTEMD 487 +#define VAR_SHM_ENABLE 488 +#define VAR_SHM_KEY 489 +#define VAR_ROOT_KEY_SENTINEL 490 +#define VAR_DNSCRYPT 491 +#define VAR_DNSCRYPT_ENABLE 492 +#define VAR_DNSCRYPT_PORT 493 +#define VAR_DNSCRYPT_PROVIDER 494 +#define VAR_DNSCRYPT_SECRET_KEY 495 +#define VAR_DNSCRYPT_PROVIDER_CERT 496 +#define VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 497 +#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 498 +#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 499 +#define VAR_DNSCRYPT_NONCE_CACHE_SIZE 500 +#define VAR_DNSCRYPT_NONCE_CACHE_SLABS 501 +#define VAR_IPSECMOD_ENABLED 502 +#define VAR_IPSECMOD_HOOK 503 +#define VAR_IPSECMOD_IGNORE_BOGUS 504 +#define VAR_IPSECMOD_MAX_TTL 505 +#define VAR_IPSECMOD_WHITELIST 506 +#define VAR_IPSECMOD_STRICT 507 +#define VAR_CACHEDB 508 +#define VAR_CACHEDB_BACKEND 509 +#define VAR_CACHEDB_SECRETSEED 510 +#define VAR_CACHEDB_REDISHOST 511 +#define VAR_CACHEDB_REDISPORT 512 +#define VAR_CACHEDB_REDISTIMEOUT 513 +#define VAR_CACHEDB_REDISEXPIRERECORDS 514 +#define VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM 515 +#define VAR_FOR_UPSTREAM 516 +#define VAR_AUTH_ZONE 517 +#define VAR_ZONEFILE 518 +#define VAR_MASTER 519 +#define VAR_URL 520 +#define VAR_FOR_DOWNSTREAM 521 +#define VAR_FALLBACK_ENABLED 522 +#define VAR_TLS_ADDITIONAL_PORT 523 +#define VAR_LOW_RTT 524 +#define VAR_LOW_RTT_PERMIL 525 +#define VAR_FAST_SERVER_PERMIL 526 +#define VAR_FAST_SERVER_NUM 527 +#define VAR_ALLOW_NOTIFY 528 +#define VAR_TLS_WIN_CERT 529 +#define VAR_TCP_CONNECTION_LIMIT 530 +#define VAR_FORWARD_NO_CACHE 531 +#define VAR_STUB_NO_CACHE 532 +#define VAR_LOG_SERVFAIL 533 +#define VAR_DENY_ANY 534 +#define VAR_UNKNOWN_SERVER_TIME_LIMIT 535 +#define VAR_LOG_TAG_QUERYREPLY 536 +#define VAR_STREAM_WAIT_SIZE 537 +#define VAR_TLS_CIPHERS 538 +#define VAR_TLS_CIPHERSUITES 539 +#define VAR_TLS_USE_SNI 540 +#define VAR_IPSET 541 +#define VAR_IPSET_NAME_V4 542 +#define VAR_IPSET_NAME_V6 543 +#define VAR_TLS_SESSION_TICKET_KEYS 544 +#define VAR_RPZ 545 +#define VAR_TAGS 546 +#define VAR_RPZ_ACTION_OVERRIDE 547 +#define VAR_RPZ_CNAME_OVERRIDE 548 +#define VAR_RPZ_LOG 549 +#define VAR_RPZ_LOG_NAME 550 +#define VAR_DYNLIB 551 +#define VAR_DYNLIB_FILE 552 +#define VAR_EDNS_CLIENT_TAG 553 +#define VAR_EDNS_CLIENT_TAG_OPCODE 554 /* Value type. */ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED @@ -724,7 +740,7 @@ union YYSTYPE char* str; -#line 728 "util/configparser.c" +#line 744 "util/configparser.c" }; typedef union YYSTYPE YYSTYPE; @@ -974,19 +990,19 @@ union yyalloc /* YYFINAL -- State number of the termination state. */ #define YYFINAL 2 /* YYLAST -- Last index in YYTABLE. */ -#define YYLAST 620 +#define YYLAST 635 /* YYNTOKENS -- Number of terminals. */ -#define YYNTOKENS 292 +#define YYNTOKENS 300 /* YYNNTS -- Number of nonterminals. */ -#define YYNNTS 317 +#define YYNNTS 325 /* YYNRULES -- Number of rules. */ -#define YYNRULES 610 +#define YYNRULES 626 /* YYNSTATES -- Number of states. */ -#define YYNSTATES 905 +#define YYNSTATES 930 #define YYUNDEFTOK 2 -#define YYMAXUTOK 546 +#define YYMAXUTOK 554 /* YYTRANSLATE(TOKEN-NUM) -- Symbol number corresponding to TOKEN-NUM as returned by yylex, with out-of-bounds checking. */ @@ -1051,75 +1067,77 @@ static const yytype_uint16 yytranslate[] = 255, 256, 257, 258, 259, 260, 261, 262, 263, 264, 265, 266, 267, 268, 269, 270, 271, 272, 273, 274, 275, 276, 277, 278, 279, 280, 281, 282, 283, 284, - 285, 286, 287, 288, 289, 290, 291 + 285, 286, 287, 288, 289, 290, 291, 292, 293, 294, + 295, 296, 297, 298, 299 }; #if YYDEBUG /* YYRLINE[YYN] -- Source line where rule number YYN was defined. */ static const yytype_uint16 yyrline[] = { - 0, 181, 181, 181, 182, 182, 183, 183, 184, 184, - 184, 185, 185, 186, 186, 187, 187, 188, 190, 196, - 201, 202, 203, 203, 203, 204, 204, 205, 205, 205, - 206, 206, 207, 207, 207, 208, 208, 209, 209, 209, - 210, 210, 210, 211, 211, 212, 212, 213, 213, 214, - 214, 215, 215, 216, 216, 217, 217, 218, 218, 219, - 219, 219, 220, 220, 220, 221, 221, 221, 222, 222, - 223, 223, 224, 224, 225, 225, 226, 226, 226, 227, - 227, 228, 228, 229, 229, 229, 230, 230, 231, 231, - 232, 232, 233, 233, 233, 234, 234, 235, 235, 236, - 236, 237, 237, 238, 238, 239, 239, 239, 240, 240, - 241, 241, 241, 242, 242, 242, 243, 243, 243, 244, - 244, 244, 244, 245, 246, 246, 246, 247, 247, 247, - 248, 248, 249, 249, 250, 250, 250, 251, 251, 252, - 252, 252, 253, 254, 254, 255, 255, 256, 257, 257, - 258, 258, 259, 259, 260, 261, 261, 262, 262, 263, - 263, 264, 264, 265, 265, 266, 266, 266, 267, 267, - 268, 268, 269, 269, 270, 270, 271, 271, 272, 272, - 273, 273, 273, 274, 274, 274, 275, 275, 275, 276, - 276, 277, 278, 278, 279, 279, 280, 280, 281, 281, - 282, 282, 282, 283, 283, 283, 284, 284, 284, 285, - 285, 286, 286, 287, 287, 288, 290, 302, 303, 304, - 304, 304, 304, 304, 305, 305, 307, 319, 320, 321, - 321, 321, 321, 322, 322, 324, 338, 339, 340, 340, - 340, 340, 341, 341, 341, 343, 360, 361, 362, 362, - 362, 362, 363, 363, 363, 364, 367, 386, 403, 411, - 421, 429, 446, 447, 448, 448, 448, 448, 448, 449, - 449, 449, 450, 450, 452, 461, 470, 481, 490, 499, - 508, 519, 528, 540, 554, 569, 580, 597, 614, 631, - 648, 663, 678, 691, 706, 715, 724, 733, 742, 751, - 760, 769, 778, 787, 796, 805, 814, 823, 832, 845, - 854, 867, 876, 885, 894, 901, 908, 917, 924, 933, - 941, 948, 955, 963, 972, 981, 990, 1004, 1013, 1022, - 1031, 1040, 1049, 1058, 1065, 1072, 1098, 1106, 1113, 1120, - 1127, 1134, 1142, 1150, 1158, 1165, 1176, 1187, 1194, 1203, - 1212, 1221, 1228, 1235, 1243, 1251, 1261, 1271, 1281, 1295, - 1303, 1316, 1327, 1335, 1348, 1357, 1366, 1375, 1385, 1395, - 1403, 1416, 1425, 1433, 1442, 1450, 1463, 1472, 1479, 1489, - 1499, 1509, 1519, 1529, 1539, 1549, 1559, 1566, 1573, 1580, - 1589, 1598, 1607, 1616, 1623, 1633, 1653, 1660, 1678, 1691, - 1704, 1713, 1722, 1731, 1740, 1750, 1760, 1771, 1780, 1789, - 1798, 1807, 1816, 1825, 1838, 1851, 1860, 1867, 1876, 1885, - 1894, 1903, 1911, 1924, 1932, 1973, 1980, 1995, 2005, 2015, - 2022, 2029, 2036, 2045, 2053, 2067, 2088, 2109, 2121, 2133, - 2145, 2154, 2175, 2185, 2194, 2202, 2210, 2223, 2236, 2251, - 2266, 2275, 2284, 2290, 2299, 2308, 2318, 2328, 2341, 2354, - 2366, 2380, 2392, 2406, 2416, 2423, 2430, 2439, 2448, 2458, - 2468, 2478, 2485, 2492, 2501, 2510, 2520, 2530, 2537, 2544, - 2551, 2559, 2569, 2579, 2589, 2599, 2638, 2648, 2656, 2664, - 2679, 2688, 2693, 2694, 2695, 2695, 2695, 2696, 2696, 2696, - 2697, 2697, 2699, 2709, 2718, 2725, 2732, 2739, 2746, 2753, - 2760, 2765, 2766, 2767, 2767, 2767, 2768, 2768, 2768, 2769, - 2770, 2770, 2771, 2771, 2772, 2772, 2773, 2774, 2775, 2776, - 2777, 2778, 2780, 2789, 2799, 2806, 2813, 2822, 2829, 2836, - 2843, 2850, 2859, 2868, 2875, 2882, 2892, 2902, 2912, 2922, - 2932, 2942, 2947, 2948, 2949, 2951, 2957, 2962, 2963, 2964, - 2966, 2972, 2982, 2989, 2998, 3006, 3011, 3012, 3014, 3014, - 3014, 3015, 3015, 3016, 3017, 3018, 3019, 3020, 3022, 3032, - 3041, 3048, 3057, 3064, 3073, 3081, 3094, 3102, 3115, 3120, - 3121, 3122, 3122, 3123, 3123, 3123, 3124, 3126, 3138, 3150, - 3162, 3177, 3190, 3203, 3214, 3219, 3220, 3221, 3221, 3223, - 3238 + 0, 184, 184, 184, 185, 185, 186, 186, 187, 187, + 187, 188, 188, 189, 189, 190, 190, 191, 193, 199, + 204, 205, 206, 206, 206, 207, 207, 208, 208, 208, + 209, 209, 210, 210, 210, 211, 211, 212, 212, 212, + 213, 213, 213, 214, 214, 215, 215, 216, 216, 217, + 217, 218, 218, 219, 219, 220, 220, 221, 221, 222, + 222, 222, 223, 223, 223, 224, 224, 224, 225, 225, + 226, 226, 227, 227, 228, 228, 229, 229, 229, 230, + 230, 231, 231, 232, 232, 232, 233, 233, 234, 234, + 235, 235, 236, 236, 236, 237, 237, 238, 238, 239, + 239, 240, 240, 241, 241, 242, 242, 242, 243, 243, + 244, 244, 244, 245, 245, 245, 246, 246, 246, 247, + 247, 247, 247, 248, 249, 249, 249, 250, 250, 250, + 251, 251, 252, 253, 253, 253, 254, 254, 255, 255, + 256, 256, 256, 257, 257, 258, 258, 258, 259, 260, + 260, 261, 261, 262, 263, 263, 264, 264, 265, 265, + 266, 267, 267, 268, 268, 269, 269, 270, 270, 271, + 271, 272, 272, 272, 273, 273, 274, 274, 275, 275, + 276, 276, 277, 277, 278, 278, 279, 279, 279, 280, + 280, 280, 281, 281, 281, 282, 282, 283, 284, 284, + 285, 285, 286, 286, 287, 287, 288, 288, 288, 289, + 289, 289, 290, 290, 290, 291, 291, 292, 292, 293, + 293, 294, 294, 295, 297, 309, 310, 311, 311, 311, + 311, 311, 312, 312, 314, 326, 327, 328, 328, 328, + 328, 329, 329, 331, 345, 346, 347, 347, 347, 347, + 348, 348, 348, 350, 367, 368, 369, 369, 369, 369, + 370, 370, 370, 371, 374, 393, 410, 418, 428, 436, + 453, 454, 455, 455, 455, 455, 455, 456, 456, 456, + 457, 457, 459, 468, 477, 488, 497, 506, 515, 526, + 535, 547, 561, 576, 587, 604, 621, 638, 655, 670, + 685, 698, 713, 722, 731, 740, 749, 758, 767, 776, + 785, 794, 803, 812, 821, 830, 839, 852, 861, 874, + 883, 892, 901, 908, 915, 924, 931, 940, 948, 955, + 962, 970, 979, 986, 1002, 1010, 1018, 1026, 1034, 1043, + 1052, 1066, 1075, 1084, 1093, 1102, 1111, 1120, 1127, 1134, + 1160, 1168, 1175, 1182, 1189, 1196, 1204, 1212, 1220, 1227, + 1238, 1249, 1256, 1265, 1274, 1283, 1290, 1297, 1305, 1313, + 1323, 1333, 1343, 1357, 1365, 1378, 1389, 1397, 1410, 1419, + 1428, 1437, 1447, 1457, 1465, 1478, 1487, 1495, 1504, 1512, + 1525, 1534, 1541, 1551, 1561, 1571, 1581, 1591, 1601, 1611, + 1621, 1628, 1635, 1642, 1651, 1660, 1669, 1678, 1685, 1695, + 1715, 1722, 1740, 1753, 1766, 1775, 1784, 1793, 1802, 1812, + 1822, 1833, 1842, 1851, 1860, 1869, 1878, 1887, 1900, 1913, + 1922, 1929, 1938, 1947, 1956, 1965, 1973, 1986, 1994, 2035, + 2042, 2057, 2067, 2077, 2084, 2091, 2098, 2107, 2115, 2129, + 2150, 2171, 2183, 2195, 2207, 2216, 2237, 2247, 2256, 2264, + 2272, 2285, 2298, 2313, 2328, 2337, 2346, 2352, 2361, 2370, + 2380, 2390, 2403, 2416, 2428, 2442, 2454, 2468, 2483, 2494, + 2504, 2511, 2518, 2527, 2536, 2546, 2556, 2566, 2573, 2580, + 2589, 2598, 2608, 2618, 2625, 2632, 2639, 2647, 2657, 2667, + 2677, 2687, 2726, 2736, 2744, 2752, 2767, 2776, 2781, 2782, + 2783, 2783, 2783, 2784, 2784, 2784, 2785, 2785, 2787, 2797, + 2806, 2813, 2820, 2827, 2834, 2841, 2848, 2853, 2854, 2855, + 2855, 2855, 2856, 2856, 2856, 2857, 2858, 2858, 2859, 2859, + 2860, 2860, 2861, 2862, 2863, 2864, 2865, 2866, 2868, 2877, + 2887, 2894, 2901, 2910, 2917, 2924, 2931, 2938, 2947, 2956, + 2963, 2970, 2980, 2990, 3000, 3010, 3020, 3030, 3035, 3036, + 3037, 3039, 3045, 3050, 3051, 3052, 3054, 3060, 3070, 3077, + 3086, 3094, 3099, 3100, 3102, 3102, 3102, 3103, 3103, 3104, + 3105, 3106, 3107, 3108, 3110, 3120, 3129, 3136, 3145, 3152, + 3161, 3169, 3182, 3190, 3203, 3208, 3209, 3210, 3210, 3211, + 3211, 3211, 3212, 3214, 3226, 3238, 3250, 3265, 3278, 3291, + 3302, 3307, 3308, 3309, 3309, 3311, 3326 }; #endif @@ -1173,9 +1191,12 @@ static const char *const yytname[] = "VAR_LOG_REPLIES", "VAR_LOG_LOCAL_ACTIONS", "VAR_TCP_UPSTREAM", "VAR_SSL_UPSTREAM", "VAR_SSL_SERVICE_KEY", "VAR_SSL_SERVICE_PEM", "VAR_SSL_PORT", "VAR_FORWARD_FIRST", "VAR_STUB_SSL_UPSTREAM", - "VAR_FORWARD_SSL_UPSTREAM", "VAR_TLS_CERT_BUNDLE", "VAR_STUB_FIRST", - "VAR_MINIMAL_RESPONSES", "VAR_RRSET_ROUNDROBIN", "VAR_MAX_UDP_SIZE", - "VAR_DELAY_CLOSE", "VAR_UNBLOCK_LAN_ZONES", "VAR_INSECURE_LAN_ZONES", + "VAR_FORWARD_SSL_UPSTREAM", "VAR_TLS_CERT_BUNDLE", "VAR_HTTPS_PORT", + "VAR_HTTP_ENDPOINT", "VAR_HTTP_MAX_STREAMS", + "VAR_HTTP_QUERY_BUFFER_SIZE", "VAR_HTTP_RESPONSE_BUFFER_SIZE", + "VAR_HTTP_NODELAY", "VAR_STUB_FIRST", "VAR_MINIMAL_RESPONSES", + "VAR_RRSET_ROUNDROBIN", "VAR_MAX_UDP_SIZE", "VAR_DELAY_CLOSE", + "VAR_UNBLOCK_LAN_ZONES", "VAR_INSECURE_LAN_ZONES", "VAR_INFRA_CACHE_MIN_RTT", "VAR_DNS64_PREFIX", "VAR_DNS64_SYNTHALL", "VAR_DNS64_IGNORE_AAAA", "VAR_DNSTAP", "VAR_DNSTAP_ENABLE", "VAR_DNSTAP_SOCKET_PATH", "VAR_DNSTAP_IP", "VAR_DNSTAP_TLS", @@ -1235,14 +1256,15 @@ static const char *const yytname[] = "VAR_IPSET_NAME_V4", "VAR_IPSET_NAME_V6", "VAR_TLS_SESSION_TICKET_KEYS", "VAR_RPZ", "VAR_TAGS", "VAR_RPZ_ACTION_OVERRIDE", "VAR_RPZ_CNAME_OVERRIDE", "VAR_RPZ_LOG", "VAR_RPZ_LOG_NAME", - "VAR_DYNLIB", "VAR_DYNLIB_FILE", "$accept", "toplevelvars", - "toplevelvar", "force_toplevel", "serverstart", "contents_server", - "content_server", "stubstart", "contents_stub", "content_stub", - "forwardstart", "contents_forward", "content_forward", "viewstart", - "contents_view", "content_view", "authstart", "contents_auth", - "content_auth", "rpz_tag", "rpz_action_override", "rpz_cname_override", - "rpz_log", "rpz_log_name", "rpzstart", "contents_rpz", "content_rpz", - "server_num_threads", "server_verbosity", "server_statistics_interval", + "VAR_DYNLIB", "VAR_DYNLIB_FILE", "VAR_EDNS_CLIENT_TAG", + "VAR_EDNS_CLIENT_TAG_OPCODE", "$accept", "toplevelvars", "toplevelvar", + "force_toplevel", "serverstart", "contents_server", "content_server", + "stubstart", "contents_stub", "content_stub", "forwardstart", + "contents_forward", "content_forward", "viewstart", "contents_view", + "content_view", "authstart", "contents_auth", "content_auth", "rpz_tag", + "rpz_action_override", "rpz_cname_override", "rpz_log", "rpz_log_name", + "rpzstart", "contents_rpz", "content_rpz", "server_num_threads", + "server_verbosity", "server_statistics_interval", "server_statistics_cumulative", "server_extended_statistics", "server_shm_enable", "server_shm_key", "server_port", "server_send_client_subnet", "server_client_subnet_zone", @@ -1263,9 +1285,12 @@ static const char *const yytname[] = "server_tls_cert_bundle", "server_tls_win_cert", "server_tls_additional_port", "server_tls_ciphers", "server_tls_ciphersuites", "server_tls_session_ticket_keys", - "server_tls_use_sni", "server_use_systemd", "server_do_daemonize", - "server_use_syslog", "server_log_time_ascii", "server_log_queries", - "server_log_replies", "server_log_tag_queryreply", "server_log_servfail", + "server_tls_use_sni", "server_https_port", "server_http_endpoint", + "server_http_max_streams", "server_http_query_buffer_size", + "server_http_response_buffer_size", "server_http_nodelay", + "server_use_systemd", "server_do_daemonize", "server_use_syslog", + "server_log_time_ascii", "server_log_queries", "server_log_replies", + "server_log_tag_queryreply", "server_log_servfail", "server_log_local_actions", "server_chroot", "server_username", "server_directory", "server_logfile", "server_pidfile", "server_root_hints", "server_dlv_anchor_file", "server_dlv_anchor", @@ -1324,7 +1349,8 @@ static const char *const yytname[] = "server_qname_minimisation_strict", "server_ipsecmod_enabled", "server_ipsecmod_ignore_bogus", "server_ipsecmod_hook", "server_ipsecmod_max_ttl", "server_ipsecmod_whitelist", - "server_ipsecmod_strict", "stub_name", "stub_host", "stub_addr", + "server_ipsecmod_strict", "server_edns_client_tag", + "server_edns_client_tag_opcode", "stub_name", "stub_host", "stub_addr", "stub_first", "stub_no_cache", "stub_ssl_upstream", "stub_prime", "forward_name", "forward_host", "forward_addr", "forward_first", "forward_no_cache", "forward_ssl_upstream", "auth_name", "auth_zonefile", @@ -1398,14 +1424,14 @@ static const yytype_uint16 yytoknum[] = 515, 516, 517, 518, 519, 520, 521, 522, 523, 524, 525, 526, 527, 528, 529, 530, 531, 532, 533, 534, 535, 536, 537, 538, 539, 540, 541, 542, 543, 544, - 545, 546 + 545, 546, 547, 548, 549, 550, 551, 552, 553, 554 }; # endif -#define YYPACT_NINF -285 +#define YYPACT_NINF -288 #define yypact_value_is_default(Yystate) \ - (!!((Yystate) == (-285))) + (!!((Yystate) == (-288))) #define YYTABLE_NINF -1 @@ -1416,97 +1442,99 @@ static const yytype_uint16 yytoknum[] = STATE-NUM. */ static const yytype_int16 yypact[] = { - -285, 0, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, 278, -42, -37, -43, -21, -44, -11, -87, - -109, -284, -206, -230, -272, 3, 4, 5, 25, 26, + -288, 0, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, 284, -42, -38, -43, -21, -44, -11, -93, + -109, -287, -212, -237, -279, 3, 4, 13, 25, 26, 27, 30, 31, 32, 33, 34, 35, 37, 38, 39, 40, 41, 43, 44, 45, 46, 47, 48, 49, 50, - 51, 52, 54, 55, 84, 85, 88, 89, 92, 94, - 95, 96, 97, 98, 99, 100, 101, 103, 104, 105, + 51, 52, 54, 55, 84, 85, 88, 89, 91, 93, + 94, 95, 97, 98, 99, 100, 101, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, - 116, 117, 118, 119, 120, 123, 124, 125, 126, 127, - 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, - 138, 139, 140, 141, 142, 144, 145, 146, 147, 148, - 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, - 159, 160, 162, 163, 164, 165, 166, 167, 168, 169, + 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, + 126, 129, 130, 131, 132, 133, 134, 135, 136, 137, + 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, + 148, 150, 151, 152, 153, 154, 155, 156, 157, 158, + 159, 160, 161, 162, 163, 164, 165, 166, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, 195, 196, 197, 198, 199, - 200, 201, 206, 207, 208, 209, 210, 211, 212, 214, - 215, 216, 217, 218, 221, 222, 225, 238, 239, 240, - 241, 242, 243, 244, 245, 247, 248, 249, 250, 251, - 252, 253, 254, 255, 256, 257, 258, 259, 260, 261, - 262, 263, 264, 265, 266, 267, 268, 269, 271, 272, - 273, 275, 276, 277, 279, 313, 314, 315, 316, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, 320, 321, 322, 364, 365, 366, - 367, -285, -285, -285, -285, -285, -285, -285, -285, 368, - 369, 370, 371, 372, 376, -285, -285, -285, -285, -285, - -285, -285, 380, 381, 406, 407, 408, 410, 421, -285, - -285, -285, -285, -285, -285, -285, -285, 422, 423, 424, - 425, 426, 427, 428, 429, -285, -285, -285, -285, -285, - -285, -285, -285, -285, 430, 431, 432, 433, 434, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - 435, 436, 437, 438, 439, 440, 480, 482, -285, -285, - -285, -285, -285, -285, -285, -285, -285, 498, 499, 500, - 501, 502, 503, 504, 505, 506, 507, 508, 515, 516, - 517, 518, 519, 520, 521, 523, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, 524, -285, -285, 525, - -285, -285, 526, 527, 528, 529, 532, 535, 538, 539, - 548, 549, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, 550, 552, 553, 554, 555, 556, -285, - -285, -285, -285, -285, -285, -285, 557, 558, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, 559, 560, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, 561, 562, - 563, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, 564, 565, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, 566, 567, 568, 569, 570, 571, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, 572, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, 573, - -285, -285, 574, 575, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, 576, 577, 578, -285, -285, -285, - -285, -285, -285, -285, -285 + 200, 201, 202, 203, 204, 205, 206, 207, 212, 213, + 214, 215, 216, 217, 218, 220, 221, 222, 223, 224, + 227, 229, 231, 244, 245, 246, 247, 248, 249, 250, + 251, 253, 254, 255, 256, 257, 258, 259, 260, 261, + 262, 263, 264, 265, 266, 267, 268, 269, 270, 271, + 272, 273, 274, 275, 277, 278, 279, 281, 282, 283, + 285, 319, 320, 321, 322, 326, 327, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + 328, 370, 371, 372, 373, 374, 375, -288, -288, -288, + -288, -288, -288, -288, -288, 376, 377, 378, 382, 386, + 387, -288, -288, -288, -288, -288, -288, -288, 412, 413, + 414, 422, 433, 434, 435, -288, -288, -288, -288, -288, + -288, -288, -288, 436, 437, 438, 439, 440, 441, 442, + 443, -288, -288, -288, -288, -288, -288, -288, -288, -288, + 444, 445, 446, 447, 448, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, 449, 450, 451, 452, + 492, 494, 510, 511, -288, -288, -288, -288, -288, -288, + -288, -288, -288, 512, 513, 514, 515, 516, 517, 518, + 519, 520, 527, 528, 529, 530, 531, 532, 533, 535, + 536, 537, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, 538, -288, -288, 539, -288, -288, 540, 541, + 544, 547, 550, 551, 560, 561, 562, 564, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, 565, + 566, 567, 568, 569, 570, -288, -288, -288, -288, -288, + -288, -288, 571, 574, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, 575, 576, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + 577, 578, 579, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, 580, 581, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, 582, 583, 584, 585, 586, 587, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, 588, -288, -288, + -288, -288, -288, -288, -288, -288, -288, 589, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, 590, -288, -288, 591, 592, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, 593, 594, + 595, -288, -288, -288, -288, -288, -288, -288, -288, -288 }; /* YYDEFACT[STATE-NUM] -- Default reduction number in state STATE-NUM. @@ -1514,10 +1542,10 @@ static const yytype_int16 yypact[] = means the default is an error. */ static const yytype_uint16 yydefact[] = { - 2, 0, 1, 18, 19, 216, 226, 491, 551, 510, - 235, 565, 588, 245, 604, 261, 556, 3, 17, 21, - 218, 228, 237, 247, 263, 493, 512, 553, 558, 567, - 590, 606, 4, 5, 6, 10, 14, 15, 8, 9, + 2, 0, 1, 18, 19, 224, 234, 507, 567, 526, + 243, 581, 604, 253, 620, 269, 572, 3, 17, 21, + 226, 236, 245, 255, 271, 509, 528, 569, 574, 583, + 606, 622, 4, 5, 6, 10, 14, 15, 8, 9, 7, 16, 11, 12, 13, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, @@ -1537,148 +1565,152 @@ static const yytype_uint16 yydefact[] = 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 20, - 22, 23, 86, 89, 98, 186, 187, 24, 151, 152, - 153, 154, 155, 156, 157, 158, 159, 160, 37, 77, - 25, 90, 91, 48, 70, 85, 26, 27, 30, 31, - 28, 29, 32, 33, 34, 35, 36, 121, 198, 122, - 124, 125, 126, 200, 205, 201, 212, 213, 214, 215, - 182, 87, 76, 102, 119, 120, 210, 207, 123, 38, - 39, 40, 41, 42, 78, 92, 93, 108, 64, 74, - 65, 190, 191, 103, 58, 59, 189, 60, 61, 112, - 116, 130, 139, 165, 142, 211, 113, 71, 43, 44, - 45, 100, 131, 132, 133, 46, 47, 49, 50, 52, - 53, 51, 137, 54, 55, 56, 62, 81, 117, 95, - 138, 88, 161, 96, 97, 114, 115, 208, 101, 57, - 79, 82, 63, 66, 104, 105, 80, 162, 106, 67, - 68, 69, 199, 118, 175, 176, 177, 178, 179, 180, - 188, 107, 75, 109, 110, 111, 163, 72, 73, 94, - 83, 84, 99, 127, 128, 209, 129, 134, 135, 136, - 166, 167, 169, 171, 172, 170, 173, 183, 140, 141, - 145, 146, 143, 144, 147, 148, 150, 149, 202, 204, - 203, 164, 174, 192, 194, 193, 195, 196, 197, 168, - 181, 184, 185, 206, 0, 0, 0, 0, 0, 0, - 0, 217, 219, 220, 221, 223, 224, 225, 222, 0, - 0, 0, 0, 0, 0, 227, 229, 230, 231, 232, - 233, 234, 0, 0, 0, 0, 0, 0, 0, 236, - 238, 239, 242, 243, 240, 244, 241, 0, 0, 0, - 0, 0, 0, 0, 0, 246, 248, 249, 250, 251, - 255, 252, 253, 254, 0, 0, 0, 0, 0, 266, - 270, 271, 272, 273, 262, 264, 265, 267, 268, 269, - 0, 0, 0, 0, 0, 0, 0, 0, 492, 494, - 496, 495, 501, 497, 498, 499, 500, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 511, 513, 515, 514, - 516, 517, 518, 519, 520, 521, 522, 523, 524, 525, - 526, 527, 528, 529, 530, 531, 0, 552, 554, 0, - 557, 559, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 566, 568, 569, 570, 572, 573, 571, 574, - 575, 576, 577, 0, 0, 0, 0, 0, 0, 589, - 591, 592, 593, 594, 595, 596, 0, 0, 605, 607, - 608, 275, 274, 281, 294, 292, 304, 300, 301, 305, - 302, 303, 306, 307, 308, 309, 310, 333, 334, 335, - 336, 337, 362, 363, 364, 369, 370, 297, 371, 372, - 375, 373, 374, 377, 378, 379, 393, 348, 349, 351, - 352, 380, 396, 342, 344, 397, 403, 404, 405, 298, - 361, 421, 422, 343, 416, 326, 293, 338, 394, 400, - 381, 0, 0, 425, 299, 276, 325, 385, 277, 295, - 296, 339, 340, 423, 383, 387, 388, 278, 426, 365, - 392, 327, 347, 398, 399, 402, 415, 341, 419, 417, - 418, 353, 360, 389, 390, 354, 355, 382, 407, 328, - 329, 332, 311, 313, 314, 315, 316, 317, 427, 428, - 430, 366, 367, 368, 376, 431, 432, 433, 0, 0, - 0, 384, 356, 358, 561, 442, 446, 444, 443, 447, - 445, 0, 0, 450, 451, 282, 283, 284, 285, 286, - 287, 288, 289, 290, 291, 386, 401, 420, 455, 456, - 357, 434, 0, 0, 0, 0, 0, 0, 408, 409, - 410, 411, 412, 413, 414, 562, 350, 345, 406, 324, - 279, 280, 346, 457, 459, 458, 460, 461, 462, 312, - 319, 452, 454, 453, 318, 0, 331, 391, 429, 330, - 359, 320, 321, 323, 322, 463, 464, 465, 469, 468, - 466, 467, 470, 471, 472, 473, 475, 474, 484, 0, - 488, 489, 0, 0, 490, 476, 482, 477, 478, 479, - 481, 483, 480, 256, 257, 258, 259, 260, 502, 504, - 503, 506, 507, 508, 509, 505, 532, 534, 535, 536, - 537, 538, 539, 540, 541, 542, 533, 543, 544, 545, - 546, 547, 548, 549, 550, 555, 560, 578, 579, 580, - 583, 581, 582, 584, 585, 586, 587, 597, 598, 599, - 600, 601, 602, 609, 610, 395, 424, 441, 563, 564, - 448, 449, 435, 436, 0, 0, 0, 440, 603, 485, - 486, 487, 439, 437, 438 + 0, 0, 0, 0, 0, 0, 0, 20, 22, 23, + 86, 89, 98, 192, 193, 24, 157, 158, 159, 160, + 161, 162, 163, 164, 165, 166, 37, 77, 25, 90, + 91, 48, 70, 85, 26, 27, 30, 31, 28, 29, + 32, 33, 34, 35, 36, 121, 204, 122, 124, 125, + 126, 206, 211, 207, 218, 219, 220, 221, 127, 128, + 129, 130, 131, 132, 188, 87, 76, 102, 119, 120, + 216, 213, 123, 38, 39, 40, 41, 42, 78, 92, + 93, 108, 64, 74, 65, 196, 197, 103, 58, 59, + 195, 60, 61, 112, 116, 136, 145, 171, 148, 217, + 113, 71, 43, 44, 45, 100, 137, 138, 139, 46, + 47, 49, 50, 52, 53, 51, 143, 54, 55, 56, + 62, 81, 117, 95, 144, 88, 167, 96, 97, 114, + 115, 214, 101, 57, 79, 82, 63, 66, 104, 105, + 80, 168, 106, 67, 68, 69, 205, 118, 181, 182, + 183, 184, 185, 186, 194, 107, 75, 109, 110, 111, + 169, 72, 73, 94, 83, 84, 99, 133, 134, 215, + 135, 140, 141, 142, 172, 173, 175, 177, 178, 176, + 179, 189, 146, 147, 151, 152, 149, 150, 153, 154, + 156, 155, 208, 210, 209, 170, 180, 198, 200, 199, + 201, 202, 203, 222, 223, 174, 187, 190, 191, 212, + 0, 0, 0, 0, 0, 0, 0, 225, 227, 228, + 229, 231, 232, 233, 230, 0, 0, 0, 0, 0, + 0, 235, 237, 238, 239, 240, 241, 242, 0, 0, + 0, 0, 0, 0, 0, 244, 246, 247, 250, 251, + 248, 252, 249, 0, 0, 0, 0, 0, 0, 0, + 0, 254, 256, 257, 258, 259, 263, 260, 261, 262, + 0, 0, 0, 0, 0, 274, 278, 279, 280, 281, + 270, 272, 273, 275, 276, 277, 0, 0, 0, 0, + 0, 0, 0, 0, 508, 510, 512, 511, 517, 513, + 514, 515, 516, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 527, 529, 531, 530, 532, 533, 534, 535, + 536, 537, 538, 539, 540, 541, 542, 543, 544, 545, + 546, 547, 0, 568, 570, 0, 573, 575, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 582, 584, + 585, 586, 588, 589, 587, 590, 591, 592, 593, 0, + 0, 0, 0, 0, 0, 605, 607, 608, 609, 610, + 611, 612, 0, 0, 621, 623, 624, 283, 282, 289, + 302, 300, 312, 308, 309, 313, 310, 311, 314, 315, + 316, 317, 318, 347, 348, 349, 350, 351, 376, 377, + 378, 383, 384, 305, 385, 386, 389, 387, 388, 391, + 392, 393, 407, 362, 363, 365, 366, 394, 410, 356, + 358, 411, 417, 418, 419, 306, 375, 435, 436, 357, + 430, 340, 301, 352, 408, 414, 395, 0, 0, 439, + 307, 284, 339, 399, 285, 303, 304, 353, 354, 437, + 397, 401, 402, 286, 440, 379, 406, 341, 361, 412, + 413, 416, 429, 355, 433, 431, 432, 367, 374, 403, + 404, 368, 369, 396, 421, 342, 343, 346, 319, 321, + 322, 323, 324, 325, 332, 333, 334, 335, 336, 337, + 441, 442, 444, 380, 381, 382, 390, 445, 446, 447, + 0, 0, 0, 398, 370, 372, 577, 456, 460, 458, + 457, 461, 459, 0, 0, 464, 465, 290, 291, 292, + 293, 294, 295, 296, 297, 298, 299, 400, 415, 434, + 469, 470, 371, 448, 0, 0, 0, 0, 0, 0, + 422, 423, 424, 425, 426, 427, 428, 578, 364, 359, + 420, 338, 287, 288, 360, 471, 473, 472, 474, 475, + 476, 320, 327, 466, 468, 467, 326, 0, 345, 405, + 443, 344, 373, 328, 329, 331, 330, 0, 478, 479, + 480, 481, 485, 484, 482, 483, 486, 487, 488, 489, + 491, 490, 500, 0, 504, 505, 0, 0, 506, 492, + 498, 493, 494, 495, 497, 499, 496, 264, 265, 266, + 267, 268, 518, 520, 519, 522, 523, 524, 525, 521, + 548, 550, 551, 552, 553, 554, 555, 556, 557, 558, + 549, 559, 560, 561, 562, 563, 564, 565, 566, 571, + 576, 594, 595, 596, 599, 597, 598, 600, 601, 602, + 603, 613, 614, 615, 616, 617, 618, 625, 626, 409, + 438, 455, 579, 580, 462, 463, 449, 450, 0, 0, + 0, 454, 619, 477, 501, 502, 503, 453, 451, 452 }; /* YYPGOTO[NTERM-NUM]. */ static const yytype_int16 yypgoto[] = { - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, 579, - 580, 581, 582, 583, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285, -285, -285, -285, - -285, -285, -285, -285, -285, -285, -285 + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, 572, 573, 596, + 597, 598, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288, -288, -288, -288, -288, -288, + -288, -288, -288, -288, -288 }; /* YYDEFGOTO[NTERM-NUM]. */ static const yytype_int16 yydefgoto[] = { - -1, 1, 17, 18, 19, 32, 239, 20, 33, 441, - 21, 34, 455, 22, 35, 469, 23, 36, 485, 499, - 500, 501, 502, 503, 24, 37, 504, 240, 241, 242, - 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, - 253, 254, 255, 256, 257, 258, 259, 260, 261, 262, - 263, 264, 265, 266, 267, 268, 269, 270, 271, 272, - 273, 274, 275, 276, 277, 278, 279, 280, 281, 282, - 283, 284, 285, 286, 287, 288, 289, 290, 291, 292, - 293, 294, 295, 296, 297, 298, 299, 300, 301, 302, - 303, 304, 305, 306, 307, 308, 309, 310, 311, 312, - 313, 314, 315, 316, 317, 318, 319, 320, 321, 322, - 323, 324, 325, 326, 327, 328, 329, 330, 331, 332, - 333, 334, 335, 336, 337, 338, 339, 340, 341, 342, - 343, 344, 345, 346, 347, 348, 349, 350, 351, 352, - 353, 354, 355, 356, 357, 358, 359, 360, 361, 362, - 363, 364, 365, 366, 367, 368, 369, 370, 371, 372, - 373, 374, 375, 376, 377, 378, 379, 380, 381, 382, - 383, 384, 385, 386, 387, 388, 389, 390, 391, 392, - 393, 394, 395, 396, 397, 398, 399, 400, 401, 402, - 403, 404, 405, 406, 407, 408, 409, 410, 411, 412, - 413, 414, 415, 416, 417, 418, 419, 420, 421, 422, - 423, 424, 425, 426, 427, 428, 442, 443, 444, 445, - 446, 447, 448, 456, 457, 458, 459, 460, 461, 486, - 487, 488, 489, 490, 491, 492, 493, 470, 471, 472, - 473, 474, 475, 476, 25, 38, 518, 519, 520, 521, - 522, 523, 524, 525, 526, 26, 39, 546, 547, 548, - 549, 550, 551, 552, 553, 554, 555, 556, 557, 558, - 559, 560, 561, 562, 563, 564, 565, 27, 40, 567, - 568, 28, 41, 570, 571, 429, 430, 431, 432, 29, - 42, 582, 583, 584, 585, 586, 587, 588, 589, 590, - 591, 592, 30, 43, 599, 600, 601, 602, 603, 604, - 605, 433, 31, 44, 608, 609, 610 + -1, 1, 17, 18, 19, 32, 247, 20, 33, 457, + 21, 34, 471, 22, 35, 485, 23, 36, 501, 515, + 516, 517, 518, 519, 24, 37, 520, 248, 249, 250, + 251, 252, 253, 254, 255, 256, 257, 258, 259, 260, + 261, 262, 263, 264, 265, 266, 267, 268, 269, 270, + 271, 272, 273, 274, 275, 276, 277, 278, 279, 280, + 281, 282, 283, 284, 285, 286, 287, 288, 289, 290, + 291, 292, 293, 294, 295, 296, 297, 298, 299, 300, + 301, 302, 303, 304, 305, 306, 307, 308, 309, 310, + 311, 312, 313, 314, 315, 316, 317, 318, 319, 320, + 321, 322, 323, 324, 325, 326, 327, 328, 329, 330, + 331, 332, 333, 334, 335, 336, 337, 338, 339, 340, + 341, 342, 343, 344, 345, 346, 347, 348, 349, 350, + 351, 352, 353, 354, 355, 356, 357, 358, 359, 360, + 361, 362, 363, 364, 365, 366, 367, 368, 369, 370, + 371, 372, 373, 374, 375, 376, 377, 378, 379, 380, + 381, 382, 383, 384, 385, 386, 387, 388, 389, 390, + 391, 392, 393, 394, 395, 396, 397, 398, 399, 400, + 401, 402, 403, 404, 405, 406, 407, 408, 409, 410, + 411, 412, 413, 414, 415, 416, 417, 418, 419, 420, + 421, 422, 423, 424, 425, 426, 427, 428, 429, 430, + 431, 432, 433, 434, 435, 436, 437, 438, 439, 440, + 441, 442, 443, 444, 458, 459, 460, 461, 462, 463, + 464, 472, 473, 474, 475, 476, 477, 502, 503, 504, + 505, 506, 507, 508, 509, 486, 487, 488, 489, 490, + 491, 492, 25, 38, 534, 535, 536, 537, 538, 539, + 540, 541, 542, 26, 39, 562, 563, 564, 565, 566, + 567, 568, 569, 570, 571, 572, 573, 574, 575, 576, + 577, 578, 579, 580, 581, 27, 40, 583, 584, 28, + 41, 586, 587, 445, 446, 447, 448, 29, 42, 598, + 599, 600, 601, 602, 603, 604, 605, 606, 607, 608, + 30, 43, 615, 616, 617, 618, 619, 620, 621, 449, + 31, 44, 624, 625, 626 }; /* YYTABLE[YYPACT[STATE-NUM]] -- What to do in state STATE-NUM. If @@ -1686,147 +1718,149 @@ static const yytype_int16 yydefgoto[] = number is the opposite. If YYTABLE_NINF, syntax error. */ static const yytype_uint16 yytable[] = { - 2, 477, 462, 434, 566, 435, 436, 569, 449, 606, - 607, 3, 4, 611, 612, 613, 450, 451, 593, 594, - 595, 596, 597, 598, 477, 572, 573, 574, 575, 576, - 577, 578, 579, 580, 581, 614, 615, 616, 463, 464, - 617, 618, 619, 620, 621, 622, 5, 623, 624, 625, - 626, 627, 6, 628, 629, 630, 631, 632, 633, 634, - 635, 636, 637, 465, 638, 639, 437, 527, 528, 529, - 530, 531, 532, 533, 534, 535, 536, 537, 538, 539, - 540, 541, 542, 543, 544, 545, 510, 511, 512, 513, - 514, 515, 516, 517, 640, 641, 7, 438, 642, 643, - 439, 452, 644, 453, 645, 646, 647, 648, 649, 650, - 651, 652, 8, 653, 654, 655, 656, 657, 658, 659, - 660, 661, 662, 663, 664, 665, 666, 667, 668, 669, - 670, 466, 467, 671, 672, 673, 674, 675, 676, 677, - 678, 679, 680, 681, 682, 683, 684, 685, 686, 687, - 688, 689, 690, 9, 691, 692, 693, 694, 695, 696, - 697, 698, 699, 700, 701, 702, 703, 704, 705, 706, - 707, 468, 708, 709, 710, 711, 712, 713, 714, 715, - 716, 717, 718, 719, 720, 721, 722, 723, 724, 725, - 726, 727, 728, 729, 730, 731, 732, 733, 734, 735, - 736, 737, 738, 739, 740, 741, 742, 743, 744, 745, - 746, 747, 10, 479, 480, 481, 748, 749, 750, 751, - 752, 753, 754, 484, 755, 756, 757, 758, 759, 440, - 11, 760, 761, 454, 478, 762, 479, 480, 481, 482, - 483, 494, 495, 496, 497, 498, 484, 12, 763, 764, - 765, 766, 767, 768, 769, 770, 13, 771, 772, 773, - 774, 775, 776, 777, 778, 779, 780, 781, 782, 783, - 784, 785, 786, 787, 788, 789, 790, 791, 792, 793, - 14, 794, 795, 796, 15, 797, 798, 799, 0, 800, - 16, 45, 46, 47, 48, 49, 50, 51, 52, 53, - 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, - 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, - 74, 75, 76, 801, 802, 803, 804, 77, 78, 79, - 805, 806, 807, 80, 81, 82, 83, 84, 85, 86, - 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, - 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, - 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, - 117, 118, 119, 120, 808, 809, 810, 811, 812, 813, - 814, 815, 816, 121, 122, 123, 817, 124, 125, 126, - 818, 819, 127, 128, 129, 130, 131, 132, 133, 134, - 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, - 145, 146, 147, 148, 149, 150, 820, 821, 822, 151, - 823, 152, 153, 154, 155, 156, 157, 158, 159, 160, - 161, 824, 825, 826, 827, 828, 829, 830, 831, 832, - 833, 834, 835, 836, 837, 838, 839, 840, 841, 842, - 843, 162, 163, 164, 165, 166, 167, 168, 169, 170, - 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, - 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, - 191, 192, 193, 194, 195, 196, 197, 198, 199, 200, - 844, 201, 845, 202, 203, 204, 205, 206, 207, 208, - 209, 210, 211, 212, 213, 214, 215, 216, 846, 847, - 848, 849, 850, 851, 852, 853, 854, 855, 856, 217, - 218, 219, 220, 221, 222, 857, 858, 859, 860, 861, - 862, 863, 223, 864, 865, 866, 867, 868, 869, 870, - 224, 225, 871, 226, 227, 872, 228, 229, 873, 874, - 230, 231, 232, 233, 234, 235, 236, 237, 875, 876, - 877, 238, 878, 879, 880, 881, 882, 883, 884, 885, - 886, 887, 888, 889, 890, 891, 892, 893, 894, 895, - 896, 897, 898, 899, 900, 901, 902, 903, 904, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 2, 493, 478, 450, 582, 451, 452, 465, 622, 623, + 585, 3, 4, 627, 628, 466, 467, 609, 610, 611, + 612, 613, 614, 629, 493, 588, 589, 590, 591, 592, + 593, 594, 595, 596, 597, 630, 631, 632, 479, 480, + 633, 634, 635, 636, 637, 638, 5, 639, 640, 641, + 642, 643, 6, 644, 645, 646, 647, 648, 649, 650, + 651, 652, 653, 481, 654, 655, 453, 543, 544, 545, + 546, 547, 548, 549, 550, 551, 552, 553, 554, 555, + 556, 557, 558, 559, 560, 561, 526, 527, 528, 529, + 530, 531, 532, 533, 656, 657, 7, 454, 658, 659, + 468, 660, 469, 661, 662, 663, 455, 664, 665, 666, + 667, 668, 8, 669, 670, 671, 672, 673, 674, 675, + 676, 677, 678, 679, 680, 681, 682, 683, 684, 685, + 686, 687, 688, 689, 690, 691, 692, 482, 483, 693, + 694, 695, 696, 697, 698, 699, 700, 701, 702, 703, + 704, 705, 706, 707, 708, 709, 710, 711, 712, 9, + 713, 714, 715, 716, 717, 718, 719, 720, 721, 722, + 723, 724, 725, 726, 727, 728, 729, 484, 730, 731, + 732, 733, 734, 735, 736, 737, 738, 739, 740, 741, + 742, 743, 744, 745, 746, 747, 748, 749, 750, 751, + 752, 753, 754, 755, 756, 757, 758, 759, 760, 761, + 762, 763, 764, 765, 766, 767, 768, 769, 10, 495, + 496, 497, 770, 771, 772, 773, 774, 775, 776, 500, + 777, 778, 779, 780, 781, 456, 11, 782, 470, 783, + 494, 784, 495, 496, 497, 498, 499, 510, 511, 512, + 513, 514, 500, 12, 785, 786, 787, 788, 789, 790, + 791, 792, 13, 793, 794, 795, 796, 797, 798, 799, + 800, 801, 802, 803, 804, 805, 806, 807, 808, 809, + 810, 811, 812, 813, 814, 815, 14, 816, 817, 818, + 15, 819, 820, 821, 0, 822, 16, 45, 46, 47, + 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, + 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, + 68, 69, 70, 71, 72, 73, 74, 75, 76, 823, + 824, 825, 826, 77, 78, 79, 827, 828, 829, 80, + 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, + 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, + 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, + 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, + 830, 831, 832, 833, 834, 835, 836, 837, 838, 121, + 122, 123, 839, 124, 125, 126, 840, 841, 127, 128, + 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, + 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, + 149, 150, 842, 843, 844, 151, 152, 153, 154, 155, + 156, 157, 845, 158, 159, 160, 161, 162, 163, 164, + 165, 166, 167, 846, 847, 848, 849, 850, 851, 852, + 853, 854, 855, 856, 857, 858, 859, 860, 861, 862, + 863, 864, 865, 168, 169, 170, 171, 172, 173, 174, + 175, 176, 177, 178, 179, 180, 181, 182, 183, 184, + 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, + 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, + 205, 206, 866, 207, 867, 208, 209, 210, 211, 212, + 213, 214, 215, 216, 217, 218, 219, 220, 221, 222, + 868, 869, 870, 871, 872, 873, 874, 875, 876, 877, + 878, 223, 224, 225, 226, 227, 228, 879, 880, 881, + 882, 883, 884, 885, 229, 886, 887, 888, 889, 890, + 891, 892, 230, 231, 893, 232, 233, 894, 234, 235, + 895, 896, 236, 237, 238, 239, 240, 241, 242, 243, + 897, 898, 899, 244, 900, 901, 902, 903, 904, 905, + 906, 907, 245, 246, 908, 909, 910, 911, 912, 913, + 914, 915, 916, 917, 918, 919, 920, 921, 922, 923, + 924, 925, 926, 927, 928, 929, 0, 0, 0, 521, + 522, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 505, 506, 507, 508, - 509 + 0, 0, 0, 523, 524, 525 }; static const yytype_int16 yycheck[] = { - 0, 45, 45, 45, 113, 47, 48, 291, 45, 281, - 282, 11, 12, 10, 10, 10, 53, 54, 248, 249, - 250, 251, 252, 253, 45, 231, 232, 233, 234, 235, - 236, 237, 238, 239, 240, 10, 10, 10, 81, 82, + 0, 45, 45, 45, 113, 47, 48, 45, 287, 288, + 297, 11, 12, 10, 10, 53, 54, 254, 255, 256, + 257, 258, 259, 10, 45, 237, 238, 239, 240, 241, + 242, 243, 244, 245, 246, 10, 10, 10, 81, 82, 10, 10, 10, 10, 10, 10, 46, 10, 10, 10, 10, 10, 52, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 106, 10, 10, 108, 154, 155, 156, - 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, - 167, 168, 169, 170, 171, 172, 97, 98, 99, 100, + 10, 10, 10, 106, 10, 10, 108, 160, 161, 162, + 163, 164, 165, 166, 167, 168, 169, 170, 171, 172, + 173, 174, 175, 176, 177, 178, 97, 98, 99, 100, 101, 102, 103, 104, 10, 10, 96, 139, 10, 10, - 142, 138, 10, 140, 10, 10, 10, 10, 10, 10, + 138, 10, 140, 10, 10, 10, 148, 10, 10, 10, 10, 10, 112, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 174, 175, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 180, 181, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 153, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 159, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 214, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 220, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 212, 257, 258, 259, 10, 10, 10, 10, - 10, 10, 10, 267, 10, 10, 10, 10, 10, 271, - 230, 10, 10, 270, 255, 10, 257, 258, 259, 260, - 261, 285, 286, 287, 288, 289, 267, 247, 10, 10, - 10, 10, 10, 10, 10, 10, 256, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 218, 263, + 264, 265, 10, 10, 10, 10, 10, 10, 10, 273, + 10, 10, 10, 10, 10, 277, 236, 10, 276, 10, + 261, 10, 263, 264, 265, 266, 267, 291, 292, 293, + 294, 295, 273, 253, 10, 10, 10, 10, 10, 10, + 10, 10, 262, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 286, 10, 10, 10, + 290, 10, 10, 10, -1, 10, 296, 13, 14, 15, + 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, + 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, + 36, 37, 38, 39, 40, 41, 42, 43, 44, 10, + 10, 10, 10, 49, 50, 51, 10, 10, 10, 55, + 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, + 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, + 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, + 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 105, + 106, 107, 10, 109, 110, 111, 10, 10, 114, 115, + 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, + 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, + 136, 137, 10, 10, 10, 141, 142, 143, 144, 145, + 146, 147, 10, 149, 150, 151, 152, 153, 154, 155, + 156, 157, 158, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 280, 10, 10, 10, 284, 10, 10, 10, -1, 10, - 290, 13, 14, 15, 16, 17, 18, 19, 20, 21, - 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, - 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, - 42, 43, 44, 10, 10, 10, 10, 49, 50, 51, - 10, 10, 10, 55, 56, 57, 58, 59, 60, 61, - 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, - 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, - 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, - 92, 93, 94, 95, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 105, 106, 107, 10, 109, 110, 111, - 10, 10, 114, 115, 116, 117, 118, 119, 120, 121, - 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, - 132, 133, 134, 135, 136, 137, 10, 10, 10, 141, - 10, 143, 144, 145, 146, 147, 148, 149, 150, 151, - 152, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 179, 180, 181, 182, 183, 184, 185, + 186, 187, 188, 189, 190, 191, 192, 193, 194, 195, + 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, + 206, 207, 208, 209, 210, 211, 212, 213, 214, 215, + 216, 217, 10, 219, 10, 221, 222, 223, 224, 225, + 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 173, 174, 175, 176, 177, 178, 179, 180, 181, - 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, - 192, 193, 194, 195, 196, 197, 198, 199, 200, 201, - 202, 203, 204, 205, 206, 207, 208, 209, 210, 211, - 10, 213, 10, 215, 216, 217, 218, 219, 220, 221, - 222, 223, 224, 225, 226, 227, 228, 229, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 241, - 242, 243, 244, 245, 246, 10, 10, 10, 10, 10, - 10, 10, 254, 10, 10, 10, 10, 10, 10, 10, - 262, 263, 10, 265, 266, 10, 268, 269, 10, 10, - 272, 273, 274, 275, 276, 277, 278, 279, 10, 10, - 10, 283, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 247, 248, 249, 250, 251, 252, 10, 10, 10, + 10, 10, 10, 10, 260, 10, 10, 10, 10, 10, + 10, 10, 268, 269, 10, 271, 272, 10, 274, 275, + 10, 10, 278, 279, 280, 281, 282, 283, 284, 285, + 10, 10, 10, 289, 10, 10, 10, 10, 10, 10, + 10, 10, 298, 299, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, -1, + 10, 10, 10, 10, 10, 10, -1, -1, -1, 37, + 37, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, 37, 37, 37, 37, - 37 + -1, -1, -1, 37, 37, 37 }; /* YYSTOS[STATE-NUM] -- The (internal number of the) accessing symbol of state STATE-NUM. */ static const yytype_uint16 yystos[] = { - 0, 293, 0, 11, 12, 46, 52, 96, 112, 153, - 212, 230, 247, 256, 280, 284, 290, 294, 295, 296, - 299, 302, 305, 308, 316, 536, 547, 569, 573, 581, - 594, 604, 297, 300, 303, 306, 309, 317, 537, 548, - 570, 574, 582, 595, 605, 13, 14, 15, 16, 17, + 0, 301, 0, 11, 12, 46, 52, 96, 112, 159, + 218, 236, 253, 262, 286, 290, 296, 302, 303, 304, + 307, 310, 313, 316, 324, 552, 563, 585, 589, 597, + 610, 620, 305, 308, 311, 314, 317, 325, 553, 564, + 586, 590, 598, 611, 621, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 49, 50, 51, @@ -1837,16 +1871,16 @@ static const yytype_uint16 yystos[] = 95, 105, 106, 107, 109, 110, 111, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, - 137, 141, 143, 144, 145, 146, 147, 148, 149, 150, - 151, 152, 173, 174, 175, 176, 177, 178, 179, 180, + 137, 141, 142, 143, 144, 145, 146, 147, 149, 150, + 151, 152, 153, 154, 155, 156, 157, 158, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207, 208, 209, 210, - 211, 213, 215, 216, 217, 218, 219, 220, 221, 222, - 223, 224, 225, 226, 227, 228, 229, 241, 242, 243, - 244, 245, 246, 254, 262, 263, 265, 266, 268, 269, - 272, 273, 274, 275, 276, 277, 278, 279, 283, 298, - 319, 320, 321, 322, 323, 324, 325, 326, 327, 328, + 211, 212, 213, 214, 215, 216, 217, 219, 221, 222, + 223, 224, 225, 226, 227, 228, 229, 230, 231, 232, + 233, 234, 235, 247, 248, 249, 250, 251, 252, 260, + 268, 269, 271, 272, 274, 275, 278, 279, 280, 281, + 282, 283, 284, 285, 289, 298, 299, 306, 327, 328, 329, 330, 331, 332, 333, 334, 335, 336, 337, 338, 339, 340, 341, 342, 343, 344, 345, 346, 347, 348, 349, 350, 351, 352, 353, 354, 355, 356, 357, 358, @@ -1864,26 +1898,28 @@ static const yytype_uint16 yystos[] = 469, 470, 471, 472, 473, 474, 475, 476, 477, 478, 479, 480, 481, 482, 483, 484, 485, 486, 487, 488, 489, 490, 491, 492, 493, 494, 495, 496, 497, 498, - 499, 500, 501, 502, 503, 504, 505, 506, 507, 577, - 578, 579, 580, 603, 45, 47, 48, 108, 139, 142, - 271, 301, 508, 509, 510, 511, 512, 513, 514, 45, - 53, 54, 138, 140, 270, 304, 515, 516, 517, 518, - 519, 520, 45, 81, 82, 106, 174, 175, 214, 307, - 529, 530, 531, 532, 533, 534, 535, 45, 255, 257, - 258, 259, 260, 261, 267, 310, 521, 522, 523, 524, - 525, 526, 527, 528, 285, 286, 287, 288, 289, 311, - 312, 313, 314, 315, 318, 521, 522, 523, 524, 525, - 97, 98, 99, 100, 101, 102, 103, 104, 538, 539, - 540, 541, 542, 543, 544, 545, 546, 154, 155, 156, - 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, - 167, 168, 169, 170, 171, 172, 549, 550, 551, 552, - 553, 554, 555, 556, 557, 558, 559, 560, 561, 562, - 563, 564, 565, 566, 567, 568, 113, 571, 572, 291, - 575, 576, 231, 232, 233, 234, 235, 236, 237, 238, - 239, 240, 583, 584, 585, 586, 587, 588, 589, 590, - 591, 592, 593, 248, 249, 250, 251, 252, 253, 596, - 597, 598, 599, 600, 601, 602, 281, 282, 606, 607, - 608, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 499, 500, 501, 502, 503, 504, 505, 506, 507, 508, + 509, 510, 511, 512, 513, 514, 515, 516, 517, 518, + 519, 520, 521, 522, 523, 593, 594, 595, 596, 619, + 45, 47, 48, 108, 139, 148, 277, 309, 524, 525, + 526, 527, 528, 529, 530, 45, 53, 54, 138, 140, + 276, 312, 531, 532, 533, 534, 535, 536, 45, 81, + 82, 106, 180, 181, 220, 315, 545, 546, 547, 548, + 549, 550, 551, 45, 261, 263, 264, 265, 266, 267, + 273, 318, 537, 538, 539, 540, 541, 542, 543, 544, + 291, 292, 293, 294, 295, 319, 320, 321, 322, 323, + 326, 537, 538, 539, 540, 541, 97, 98, 99, 100, + 101, 102, 103, 104, 554, 555, 556, 557, 558, 559, + 560, 561, 562, 160, 161, 162, 163, 164, 165, 166, + 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, + 177, 178, 565, 566, 567, 568, 569, 570, 571, 572, + 573, 574, 575, 576, 577, 578, 579, 580, 581, 582, + 583, 584, 113, 587, 588, 297, 591, 592, 237, 238, + 239, 240, 241, 242, 243, 244, 245, 246, 599, 600, + 601, 602, 603, 604, 605, 606, 607, 608, 609, 254, + 255, 256, 257, 258, 259, 612, 613, 614, 615, 616, + 617, 618, 287, 288, 622, 623, 624, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, @@ -1912,41 +1948,41 @@ static const yytype_uint16 yystos[] = 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10 + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10 }; /* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ static const yytype_uint16 yyr1[] = { - 0, 292, 293, 293, 294, 294, 294, 294, 294, 294, - 294, 294, 294, 294, 294, 294, 294, 294, 295, 296, - 297, 297, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 298, 298, 298, 298, - 298, 298, 298, 298, 298, 298, 299, 300, 300, 301, - 301, 301, 301, 301, 301, 301, 302, 303, 303, 304, - 304, 304, 304, 304, 304, 305, 306, 306, 307, 307, - 307, 307, 307, 307, 307, 308, 309, 309, 310, 310, - 310, 310, 310, 310, 310, 310, 311, 312, 313, 314, - 315, 316, 317, 317, 318, 318, 318, 318, 318, 318, + 0, 300, 301, 301, 302, 302, 302, 302, 302, 302, + 302, 302, 302, 302, 302, 302, 302, 302, 303, 304, + 305, 305, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 306, 306, 306, 306, 306, 306, + 306, 306, 306, 306, 307, 308, 308, 309, 309, 309, + 309, 309, 309, 309, 310, 311, 311, 312, 312, 312, + 312, 312, 312, 313, 314, 314, 315, 315, 315, 315, + 315, 315, 315, 316, 317, 317, 318, 318, 318, 318, 318, 318, 318, 318, 319, 320, 321, 322, 323, 324, - 325, 326, 327, 328, 329, 330, 331, 332, 333, 334, + 325, 325, 326, 326, 326, 326, 326, 326, 326, 326, + 326, 326, 327, 328, 329, 330, 331, 332, 333, 334, 335, 336, 337, 338, 339, 340, 341, 342, 343, 344, 345, 346, 347, 348, 349, 350, 351, 352, 353, 354, 355, 356, 357, 358, 359, 360, 361, 362, 363, 364, @@ -1967,19 +2003,20 @@ static const yytype_uint16 yyr1[] = 505, 506, 507, 508, 509, 510, 511, 512, 513, 514, 515, 516, 517, 518, 519, 520, 521, 522, 523, 524, 525, 526, 527, 528, 529, 530, 531, 532, 533, 534, - 535, 536, 537, 537, 538, 538, 538, 538, 538, 538, - 538, 538, 539, 540, 541, 542, 543, 544, 545, 546, - 547, 548, 548, 549, 549, 549, 549, 549, 549, 549, - 549, 549, 549, 549, 549, 549, 549, 549, 549, 549, - 549, 549, 550, 551, 552, 553, 554, 555, 556, 557, - 558, 559, 560, 561, 562, 563, 564, 565, 566, 567, - 568, 569, 570, 570, 571, 572, 573, 574, 574, 575, - 576, 577, 578, 579, 580, 581, 582, 582, 583, 583, - 583, 583, 583, 583, 583, 583, 583, 583, 584, 585, - 586, 587, 588, 589, 590, 591, 592, 593, 594, 595, - 595, 596, 596, 596, 596, 596, 596, 597, 598, 599, - 600, 601, 602, 603, 604, 605, 605, 606, 606, 607, - 608 + 535, 536, 537, 538, 539, 540, 541, 542, 543, 544, + 545, 546, 547, 548, 549, 550, 551, 552, 553, 553, + 554, 554, 554, 554, 554, 554, 554, 554, 555, 556, + 557, 558, 559, 560, 561, 562, 563, 564, 564, 565, + 565, 565, 565, 565, 565, 565, 565, 565, 565, 565, + 565, 565, 565, 565, 565, 565, 565, 565, 566, 567, + 568, 569, 570, 571, 572, 573, 574, 575, 576, 577, + 578, 579, 580, 581, 582, 583, 584, 585, 586, 586, + 587, 588, 589, 590, 590, 591, 592, 593, 594, 595, + 596, 597, 598, 598, 599, 599, 599, 599, 599, 599, + 599, 599, 599, 599, 600, 601, 602, 603, 604, 605, + 606, 607, 608, 609, 610, 611, 611, 612, 612, 612, + 612, 612, 612, 613, 614, 615, 616, 617, 618, 619, + 620, 621, 621, 622, 622, 623, 624 }; /* YYR2[YYN] -- Number of symbols on the right hand side of rule YYN. */ @@ -2006,14 +2043,14 @@ static const yytype_uint8 yyr2[] = 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 2, 0, 1, - 1, 1, 1, 1, 1, 1, 1, 2, 0, 1, - 1, 1, 1, 1, 1, 1, 2, 0, 1, 1, - 1, 1, 1, 1, 1, 1, 2, 0, 1, 1, - 1, 1, 1, 1, 1, 1, 2, 2, 2, 2, - 2, 1, 2, 0, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 2, 0, 1, 1, 1, + 1, 1, 1, 1, 1, 2, 0, 1, 1, 1, + 1, 1, 1, 1, 2, 0, 1, 1, 1, 1, + 1, 1, 1, 1, 2, 0, 1, 1, 1, 1, + 1, 1, 1, 1, 2, 2, 2, 2, 2, 1, + 2, 0, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, @@ -2024,29 +2061,30 @@ static const yytype_uint8 yyr2[] = 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 3, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 3, 3, 4, 4, 4, - 3, 3, 2, 2, 2, 2, 2, 2, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 3, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 3, + 3, 4, 4, 4, 3, 3, 2, 2, 2, 2, + 2, 2, 3, 3, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 3, 3, 3, 2, 2, - 2, 1, 2, 0, 1, 1, 1, 1, 1, 1, - 1, 1, 2, 2, 2, 2, 2, 2, 2, 2, - 1, 2, 0, 1, 1, 1, 1, 1, 1, 1, + 2, 3, 3, 3, 2, 2, 2, 1, 2, 0, + 1, 1, 1, 1, 1, 1, 1, 1, 2, 2, + 2, 2, 2, 2, 2, 2, 1, 2, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 1, 2, 0, 1, 2, 1, 2, 0, 1, - 2, 2, 2, 3, 3, 1, 2, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 1, 2, - 0, 1, 1, 1, 1, 1, 1, 2, 2, 2, - 2, 2, 2, 3, 1, 2, 0, 1, 1, 2, - 2 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 1, 2, 0, + 1, 2, 1, 2, 0, 1, 2, 2, 2, 3, + 3, 1, 2, 0, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 1, 2, 0, 1, 1, 1, + 1, 1, 1, 2, 2, 2, 2, 2, 2, 3, + 1, 2, 0, 1, 1, 2, 2 }; @@ -2731,23 +2769,23 @@ yyreduce: switch (yyn) { case 18: -#line 191 "util/configparser.y" +#line 194 "util/configparser.y" { OUTYY(("\nP(force-toplevel)\n")); } -#line 2739 "util/configparser.c" +#line 2777 "util/configparser.c" break; case 19: -#line 197 "util/configparser.y" +#line 200 "util/configparser.y" { OUTYY(("\nP(server:)\n")); } -#line 2747 "util/configparser.c" +#line 2785 "util/configparser.c" break; - case 216: -#line 291 "util/configparser.y" + case 224: +#line 298 "util/configparser.y" { struct config_stub* s; OUTYY(("\nP(stub_zone:)\n")); @@ -2758,11 +2796,11 @@ yyreduce: } else yyerror("out of memory"); } -#line 2762 "util/configparser.c" +#line 2800 "util/configparser.c" break; - case 226: -#line 308 "util/configparser.y" + case 234: +#line 315 "util/configparser.y" { struct config_stub* s; OUTYY(("\nP(forward_zone:)\n")); @@ -2773,11 +2811,11 @@ yyreduce: } else yyerror("out of memory"); } -#line 2777 "util/configparser.c" +#line 2815 "util/configparser.c" break; - case 235: -#line 325 "util/configparser.y" + case 243: +#line 332 "util/configparser.y" { struct config_view* s; OUTYY(("\nP(view:)\n")); @@ -2790,11 +2828,11 @@ yyreduce: } else yyerror("out of memory"); } -#line 2794 "util/configparser.c" +#line 2832 "util/configparser.c" break; - case 245: -#line 344 "util/configparser.y" + case 253: +#line 351 "util/configparser.y" { struct config_auth* s; OUTYY(("\nP(auth_zone:)\n")); @@ -2810,11 +2848,11 @@ yyreduce: } else yyerror("out of memory"); } -#line 2814 "util/configparser.c" +#line 2852 "util/configparser.c" break; - case 256: -#line 368 "util/configparser.y" + case 264: +#line 375 "util/configparser.y" { uint8_t* bitlist; size_t len = 0; @@ -2831,11 +2869,11 @@ yyreduce: } } -#line 2835 "util/configparser.c" +#line 2873 "util/configparser.c" break; - case 257: -#line 387 "util/configparser.y" + case 265: +#line 394 "util/configparser.y" { OUTYY(("P(rpz_action_override:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "nxdomain")!=0 && strcmp((yyvsp[0].str), "nodata")!=0 && @@ -2850,21 +2888,21 @@ yyreduce: cfg_parser->cfg->auths->rpz_action_override = (yyvsp[0].str); } } -#line 2854 "util/configparser.c" +#line 2892 "util/configparser.c" break; - case 258: -#line 404 "util/configparser.y" + case 266: +#line 411 "util/configparser.y" { OUTYY(("P(rpz_cname_override:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->auths->rpz_cname); cfg_parser->cfg->auths->rpz_cname = (yyvsp[0].str); } -#line 2864 "util/configparser.c" +#line 2902 "util/configparser.c" break; - case 259: -#line 412 "util/configparser.y" + case 267: +#line 419 "util/configparser.y" { OUTYY(("P(rpz_log:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -2872,21 +2910,21 @@ yyreduce: else cfg_parser->cfg->auths->rpz_log = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 2876 "util/configparser.c" +#line 2914 "util/configparser.c" break; - case 260: -#line 422 "util/configparser.y" + case 268: +#line 429 "util/configparser.y" { OUTYY(("P(rpz_log_name:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->auths->rpz_log_name); cfg_parser->cfg->auths->rpz_log_name = (yyvsp[0].str); } -#line 2886 "util/configparser.c" +#line 2924 "util/configparser.c" break; - case 261: -#line 430 "util/configparser.y" + case 269: +#line 437 "util/configparser.y" { struct config_auth* s; OUTYY(("\nP(rpz:)\n")); @@ -2902,11 +2940,11 @@ yyreduce: } else yyerror("out of memory"); } -#line 2906 "util/configparser.c" +#line 2944 "util/configparser.c" break; - case 274: -#line 453 "util/configparser.y" + case 282: +#line 460 "util/configparser.y" { OUTYY(("P(server_num_threads:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -2914,11 +2952,11 @@ yyreduce: else cfg_parser->cfg->num_threads = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 2918 "util/configparser.c" +#line 2956 "util/configparser.c" break; - case 275: -#line 462 "util/configparser.y" + case 283: +#line 469 "util/configparser.y" { OUTYY(("P(server_verbosity:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -2926,11 +2964,11 @@ yyreduce: else cfg_parser->cfg->verbosity = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 2930 "util/configparser.c" +#line 2968 "util/configparser.c" break; - case 276: -#line 471 "util/configparser.y" + case 284: +#line 478 "util/configparser.y" { OUTYY(("P(server_statistics_interval:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "") == 0 || strcmp((yyvsp[0].str), "0") == 0) @@ -2940,11 +2978,11 @@ yyreduce: else cfg_parser->cfg->stat_interval = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 2944 "util/configparser.c" +#line 2982 "util/configparser.c" break; - case 277: -#line 482 "util/configparser.y" + case 285: +#line 489 "util/configparser.y" { OUTYY(("P(server_statistics_cumulative:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -2952,11 +2990,11 @@ yyreduce: else cfg_parser->cfg->stat_cumulative = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 2956 "util/configparser.c" +#line 2994 "util/configparser.c" break; - case 278: -#line 491 "util/configparser.y" + case 286: +#line 498 "util/configparser.y" { OUTYY(("P(server_extended_statistics:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -2964,11 +3002,11 @@ yyreduce: else cfg_parser->cfg->stat_extended = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 2968 "util/configparser.c" +#line 3006 "util/configparser.c" break; - case 279: -#line 500 "util/configparser.y" + case 287: +#line 507 "util/configparser.y" { OUTYY(("P(server_shm_enable:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -2976,11 +3014,11 @@ yyreduce: else cfg_parser->cfg->shm_enable = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 2980 "util/configparser.c" +#line 3018 "util/configparser.c" break; - case 280: -#line 509 "util/configparser.y" + case 288: +#line 516 "util/configparser.y" { OUTYY(("P(server_shm_key:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "") == 0 || strcmp((yyvsp[0].str), "0") == 0) @@ -2990,11 +3028,11 @@ yyreduce: else cfg_parser->cfg->shm_key = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 2994 "util/configparser.c" +#line 3032 "util/configparser.c" break; - case 281: -#line 520 "util/configparser.y" + case 289: +#line 527 "util/configparser.y" { OUTYY(("P(server_port:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -3002,11 +3040,11 @@ yyreduce: else cfg_parser->cfg->port = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3006 "util/configparser.c" +#line 3044 "util/configparser.c" break; - case 282: -#line 529 "util/configparser.y" + case 290: +#line 536 "util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(server_send_client_subnet:%s)\n", (yyvsp[0].str))); @@ -3017,11 +3055,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 3021 "util/configparser.c" +#line 3059 "util/configparser.c" break; - case 283: -#line 541 "util/configparser.y" + case 291: +#line 548 "util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(server_client_subnet_zone:%s)\n", (yyvsp[0].str))); @@ -3033,11 +3071,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 3037 "util/configparser.c" +#line 3075 "util/configparser.c" break; - case 284: -#line 555 "util/configparser.y" + case 292: +#line 562 "util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(server_client_subnet_always_forward:%s)\n", (yyvsp[0].str))); @@ -3051,11 +3089,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3055 "util/configparser.c" +#line 3093 "util/configparser.c" break; - case 285: -#line 570 "util/configparser.y" + case 293: +#line 577 "util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(client_subnet_opcode:%s)\n", (yyvsp[0].str))); @@ -3065,11 +3103,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3069 "util/configparser.c" +#line 3107 "util/configparser.c" break; - case 286: -#line 581 "util/configparser.y" + case 294: +#line 588 "util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(max_client_subnet_ipv4:%s)\n", (yyvsp[0].str))); @@ -3085,11 +3123,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3089 "util/configparser.c" +#line 3127 "util/configparser.c" break; - case 287: -#line 598 "util/configparser.y" + case 295: +#line 605 "util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(max_client_subnet_ipv6:%s)\n", (yyvsp[0].str))); @@ -3105,11 +3143,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3109 "util/configparser.c" +#line 3147 "util/configparser.c" break; - case 288: -#line 615 "util/configparser.y" + case 296: +#line 622 "util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(min_client_subnet_ipv4:%s)\n", (yyvsp[0].str))); @@ -3125,11 +3163,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3129 "util/configparser.c" +#line 3167 "util/configparser.c" break; - case 289: -#line 632 "util/configparser.y" + case 297: +#line 639 "util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(min_client_subnet_ipv6:%s)\n", (yyvsp[0].str))); @@ -3145,11 +3183,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3149 "util/configparser.c" +#line 3187 "util/configparser.c" break; - case 290: -#line 649 "util/configparser.y" + case 298: +#line 656 "util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", (yyvsp[0].str))); @@ -3163,11 +3201,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3167 "util/configparser.c" +#line 3205 "util/configparser.c" break; - case 291: -#line 664 "util/configparser.y" + case 299: +#line 671 "util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", (yyvsp[0].str))); @@ -3181,11 +3219,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3185 "util/configparser.c" +#line 3223 "util/configparser.c" break; - case 292: -#line 679 "util/configparser.y" + case 300: +#line 686 "util/configparser.y" { OUTYY(("P(server_interface:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->num_ifs == 0) @@ -3197,11 +3235,11 @@ yyreduce: else cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = (yyvsp[0].str); } -#line 3201 "util/configparser.c" +#line 3239 "util/configparser.c" break; - case 293: -#line 692 "util/configparser.y" + case 301: +#line 699 "util/configparser.y" { OUTYY(("P(server_outgoing_interface:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->num_out_ifs == 0) @@ -3215,11 +3253,11 @@ yyreduce: cfg_parser->cfg->out_ifs[ cfg_parser->cfg->num_out_ifs++] = (yyvsp[0].str); } -#line 3219 "util/configparser.c" +#line 3257 "util/configparser.c" break; - case 294: -#line 707 "util/configparser.y" + case 302: +#line 714 "util/configparser.y" { OUTYY(("P(server_outgoing_range:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -3227,11 +3265,11 @@ yyreduce: else cfg_parser->cfg->outgoing_num_ports = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3231 "util/configparser.c" +#line 3269 "util/configparser.c" break; - case 295: -#line 716 "util/configparser.y" + case 303: +#line 723 "util/configparser.y" { OUTYY(("P(server_outgoing_port_permit:%s)\n", (yyvsp[0].str))); if(!cfg_mark_ports((yyvsp[0].str), 1, @@ -3239,11 +3277,11 @@ yyreduce: yyerror("port number or range (\"low-high\") expected"); free((yyvsp[0].str)); } -#line 3243 "util/configparser.c" +#line 3281 "util/configparser.c" break; - case 296: -#line 725 "util/configparser.y" + case 304: +#line 732 "util/configparser.y" { OUTYY(("P(server_outgoing_port_avoid:%s)\n", (yyvsp[0].str))); if(!cfg_mark_ports((yyvsp[0].str), 0, @@ -3251,11 +3289,11 @@ yyreduce: yyerror("port number or range (\"low-high\") expected"); free((yyvsp[0].str)); } -#line 3255 "util/configparser.c" +#line 3293 "util/configparser.c" break; - case 297: -#line 734 "util/configparser.y" + case 305: +#line 741 "util/configparser.y" { OUTYY(("P(server_outgoing_num_tcp:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3263,11 +3301,11 @@ yyreduce: else cfg_parser->cfg->outgoing_num_tcp = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3267 "util/configparser.c" +#line 3305 "util/configparser.c" break; - case 298: -#line 743 "util/configparser.y" + case 306: +#line 750 "util/configparser.y" { OUTYY(("P(server_incoming_num_tcp:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3275,11 +3313,11 @@ yyreduce: else cfg_parser->cfg->incoming_num_tcp = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3279 "util/configparser.c" +#line 3317 "util/configparser.c" break; - case 299: -#line 752 "util/configparser.y" + case 307: +#line 759 "util/configparser.y" { OUTYY(("P(server_interface_automatic:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3287,11 +3325,11 @@ yyreduce: else cfg_parser->cfg->if_automatic = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3291 "util/configparser.c" +#line 3329 "util/configparser.c" break; - case 300: -#line 761 "util/configparser.y" + case 308: +#line 768 "util/configparser.y" { OUTYY(("P(server_do_ip4:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3299,11 +3337,11 @@ yyreduce: else cfg_parser->cfg->do_ip4 = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3303 "util/configparser.c" +#line 3341 "util/configparser.c" break; - case 301: -#line 770 "util/configparser.y" + case 309: +#line 777 "util/configparser.y" { OUTYY(("P(server_do_ip6:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3311,11 +3349,11 @@ yyreduce: else cfg_parser->cfg->do_ip6 = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3315 "util/configparser.c" +#line 3353 "util/configparser.c" break; - case 302: -#line 779 "util/configparser.y" + case 310: +#line 786 "util/configparser.y" { OUTYY(("P(server_do_udp:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3323,11 +3361,11 @@ yyreduce: else cfg_parser->cfg->do_udp = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3327 "util/configparser.c" +#line 3365 "util/configparser.c" break; - case 303: -#line 788 "util/configparser.y" + case 311: +#line 795 "util/configparser.y" { OUTYY(("P(server_do_tcp:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3335,11 +3373,11 @@ yyreduce: else cfg_parser->cfg->do_tcp = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3339 "util/configparser.c" +#line 3377 "util/configparser.c" break; - case 304: -#line 797 "util/configparser.y" + case 312: +#line 804 "util/configparser.y" { OUTYY(("P(server_prefer_ip4:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3347,11 +3385,11 @@ yyreduce: else cfg_parser->cfg->prefer_ip4 = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3351 "util/configparser.c" +#line 3389 "util/configparser.c" break; - case 305: -#line 806 "util/configparser.y" + case 313: +#line 813 "util/configparser.y" { OUTYY(("P(server_prefer_ip6:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3359,11 +3397,11 @@ yyreduce: else cfg_parser->cfg->prefer_ip6 = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3363 "util/configparser.c" +#line 3401 "util/configparser.c" break; - case 306: -#line 815 "util/configparser.y" + case 314: +#line 822 "util/configparser.y" { OUTYY(("P(server_tcp_mss:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3371,11 +3409,11 @@ yyreduce: else cfg_parser->cfg->tcp_mss = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3375 "util/configparser.c" +#line 3413 "util/configparser.c" break; - case 307: -#line 824 "util/configparser.y" + case 315: +#line 831 "util/configparser.y" { OUTYY(("P(server_outgoing_tcp_mss:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3383,11 +3421,11 @@ yyreduce: else cfg_parser->cfg->outgoing_tcp_mss = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3387 "util/configparser.c" +#line 3425 "util/configparser.c" break; - case 308: -#line 833 "util/configparser.y" + case 316: +#line 840 "util/configparser.y" { OUTYY(("P(server_tcp_idle_timeout:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3399,11 +3437,11 @@ yyreduce: else cfg_parser->cfg->tcp_idle_timeout = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3403 "util/configparser.c" +#line 3441 "util/configparser.c" break; - case 309: -#line 846 "util/configparser.y" + case 317: +#line 853 "util/configparser.y" { OUTYY(("P(server_tcp_keepalive:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3411,11 +3449,11 @@ yyreduce: else cfg_parser->cfg->do_tcp_keepalive = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3415 "util/configparser.c" +#line 3453 "util/configparser.c" break; - case 310: -#line 855 "util/configparser.y" + case 318: +#line 862 "util/configparser.y" { OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3427,11 +3465,11 @@ yyreduce: else cfg_parser->cfg->tcp_keepalive_timeout = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3431 "util/configparser.c" +#line 3469 "util/configparser.c" break; - case 311: -#line 868 "util/configparser.y" + case 319: +#line 875 "util/configparser.y" { OUTYY(("P(server_tcp_upstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3439,11 +3477,11 @@ yyreduce: else cfg_parser->cfg->tcp_upstream = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3443 "util/configparser.c" +#line 3481 "util/configparser.c" break; - case 312: -#line 877 "util/configparser.y" + case 320: +#line 884 "util/configparser.y" { OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3451,11 +3489,11 @@ yyreduce: else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3455 "util/configparser.c" +#line 3493 "util/configparser.c" break; - case 313: -#line 886 "util/configparser.y" + case 321: +#line 893 "util/configparser.y" { OUTYY(("P(server_ssl_upstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3463,31 +3501,31 @@ yyreduce: else cfg_parser->cfg->ssl_upstream = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3467 "util/configparser.c" +#line 3505 "util/configparser.c" break; - case 314: -#line 895 "util/configparser.y" + case 322: +#line 902 "util/configparser.y" { OUTYY(("P(server_ssl_service_key:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->ssl_service_key); cfg_parser->cfg->ssl_service_key = (yyvsp[0].str); } -#line 3477 "util/configparser.c" +#line 3515 "util/configparser.c" break; - case 315: -#line 902 "util/configparser.y" + case 323: +#line 909 "util/configparser.y" { OUTYY(("P(server_ssl_service_pem:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->ssl_service_pem); cfg_parser->cfg->ssl_service_pem = (yyvsp[0].str); } -#line 3487 "util/configparser.c" +#line 3525 "util/configparser.c" break; - case 316: -#line 909 "util/configparser.y" + case 324: +#line 916 "util/configparser.y" { OUTYY(("P(server_ssl_port:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -3495,21 +3533,21 @@ yyreduce: else cfg_parser->cfg->ssl_port = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3499 "util/configparser.c" +#line 3537 "util/configparser.c" break; - case 317: -#line 918 "util/configparser.y" + case 325: +#line 925 "util/configparser.y" { OUTYY(("P(server_tls_cert_bundle:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->tls_cert_bundle); cfg_parser->cfg->tls_cert_bundle = (yyvsp[0].str); } -#line 3509 "util/configparser.c" +#line 3547 "util/configparser.c" break; - case 318: -#line 925 "util/configparser.y" + case 326: +#line 932 "util/configparser.y" { OUTYY(("P(server_tls_win_cert:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3517,53 +3555,53 @@ yyreduce: else cfg_parser->cfg->tls_win_cert = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3521 "util/configparser.c" +#line 3559 "util/configparser.c" break; - case 319: -#line 934 "util/configparser.y" + case 327: +#line 941 "util/configparser.y" { OUTYY(("P(server_tls_additional_port:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3532 "util/configparser.c" +#line 3570 "util/configparser.c" break; - case 320: -#line 942 "util/configparser.y" + case 328: +#line 949 "util/configparser.y" { OUTYY(("P(server_tls_ciphers:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->tls_ciphers); cfg_parser->cfg->tls_ciphers = (yyvsp[0].str); } -#line 3542 "util/configparser.c" +#line 3580 "util/configparser.c" break; - case 321: -#line 949 "util/configparser.y" + case 329: +#line 956 "util/configparser.y" { OUTYY(("P(server_tls_ciphersuites:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->tls_ciphersuites); cfg_parser->cfg->tls_ciphersuites = (yyvsp[0].str); } -#line 3552 "util/configparser.c" +#line 3590 "util/configparser.c" break; - case 322: -#line 956 "util/configparser.y" + case 330: +#line 963 "util/configparser.y" { OUTYY(("P(server_tls_session_ticket_keys:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3563 "util/configparser.c" +#line 3601 "util/configparser.c" break; - case 323: -#line 964 "util/configparser.y" + case 331: +#line 971 "util/configparser.y" { OUTYY(("P(server_tls_use_sni:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3571,11 +3609,90 @@ yyreduce: else cfg_parser->cfg->tls_use_sni = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3575 "util/configparser.c" +#line 3613 "util/configparser.c" break; - case 324: -#line 973 "util/configparser.y" + case 332: +#line 980 "util/configparser.y" + { + OUTYY(("P(server_https_port:%s)\n", (yyvsp[0].str))); + if(atoi((yyvsp[0].str)) == 0) + yyerror("port number expected"); + else cfg_parser->cfg->https_port = atoi((yyvsp[0].str)); + } +#line 3624 "util/configparser.c" + break; + + case 333: +#line 987 "util/configparser.y" + { + OUTYY(("P(server_http_endpoint:%s)\n", (yyvsp[0].str))); + free(cfg_parser->cfg->http_endpoint); + if((yyvsp[0].str) && (yyvsp[0].str)[0] != '/') { + cfg_parser->cfg->http_endpoint = malloc(strlen((yyvsp[0].str))+2); + if(!cfg_parser->cfg->http_endpoint) + yyerror("out of memory"); + cfg_parser->cfg->http_endpoint[0] = '/'; + memmove(cfg_parser->cfg->http_endpoint+1, (yyvsp[0].str), + strlen((yyvsp[0].str))+1); + free((yyvsp[0].str)); + } else { + cfg_parser->cfg->http_endpoint = (yyvsp[0].str); + } + } +#line 3644 "util/configparser.c" + break; + + case 334: +#line 1003 "util/configparser.y" + { + OUTYY(("P(server_http_max_streams:%s)\n", (yyvsp[0].str))); + if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) + yyerror("number expected"); + else cfg_parser->cfg->http_max_streams = atoi((yyvsp[0].str)); + free((yyvsp[0].str)); + } +#line 3656 "util/configparser.c" + break; + + case 335: +#line 1011 "util/configparser.y" + { + OUTYY(("P(server_http_query_buffer_size:%s)\n", (yyvsp[0].str))); + if(!cfg_parse_memsize((yyvsp[0].str), + &cfg_parser->cfg->http_query_buffer_size)) + yyerror("memory size expected"); + free((yyvsp[0].str)); + } +#line 3668 "util/configparser.c" + break; + + case 336: +#line 1019 "util/configparser.y" + { + OUTYY(("P(server_http_response_buffer_size:%s)\n", (yyvsp[0].str))); + if(!cfg_parse_memsize((yyvsp[0].str), + &cfg_parser->cfg->http_response_buffer_size)) + yyerror("memory size expected"); + free((yyvsp[0].str)); + } +#line 3680 "util/configparser.c" + break; + + case 337: +#line 1027 "util/configparser.y" + { + OUTYY(("P(server_http_nodelay:%s)\n", (yyvsp[0].str))); + if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->http_nodelay = (strcmp((yyvsp[0].str), "yes")==0); + free((yyvsp[0].str)); + } +#line 3692 "util/configparser.c" + break; + + case 338: +#line 1035 "util/configparser.y" { OUTYY(("P(server_use_systemd:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3583,11 +3700,11 @@ yyreduce: else cfg_parser->cfg->use_systemd = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3587 "util/configparser.c" +#line 3704 "util/configparser.c" break; - case 325: -#line 982 "util/configparser.y" + case 339: +#line 1044 "util/configparser.y" { OUTYY(("P(server_do_daemonize:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3595,11 +3712,11 @@ yyreduce: else cfg_parser->cfg->do_daemonize = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3599 "util/configparser.c" +#line 3716 "util/configparser.c" break; - case 326: -#line 991 "util/configparser.y" + case 340: +#line 1053 "util/configparser.y" { OUTYY(("P(server_use_syslog:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3612,11 +3729,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3616 "util/configparser.c" +#line 3733 "util/configparser.c" break; - case 327: -#line 1005 "util/configparser.y" + case 341: +#line 1067 "util/configparser.y" { OUTYY(("P(server_log_time_ascii:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3624,11 +3741,11 @@ yyreduce: else cfg_parser->cfg->log_time_ascii = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3628 "util/configparser.c" +#line 3745 "util/configparser.c" break; - case 328: -#line 1014 "util/configparser.y" + case 342: +#line 1076 "util/configparser.y" { OUTYY(("P(server_log_queries:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3636,11 +3753,11 @@ yyreduce: else cfg_parser->cfg->log_queries = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3640 "util/configparser.c" +#line 3757 "util/configparser.c" break; - case 329: -#line 1023 "util/configparser.y" + case 343: +#line 1085 "util/configparser.y" { OUTYY(("P(server_log_replies:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3648,11 +3765,11 @@ yyreduce: else cfg_parser->cfg->log_replies = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3652 "util/configparser.c" +#line 3769 "util/configparser.c" break; - case 330: -#line 1032 "util/configparser.y" + case 344: +#line 1094 "util/configparser.y" { OUTYY(("P(server_log_tag_queryreply:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3660,11 +3777,11 @@ yyreduce: else cfg_parser->cfg->log_tag_queryreply = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3664 "util/configparser.c" +#line 3781 "util/configparser.c" break; - case 331: -#line 1041 "util/configparser.y" + case 345: +#line 1103 "util/configparser.y" { OUTYY(("P(server_log_servfail:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3672,11 +3789,11 @@ yyreduce: else cfg_parser->cfg->log_servfail = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3676 "util/configparser.c" +#line 3793 "util/configparser.c" break; - case 332: -#line 1050 "util/configparser.y" + case 346: +#line 1112 "util/configparser.y" { OUTYY(("P(server_log_local_actions:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3684,31 +3801,31 @@ yyreduce: else cfg_parser->cfg->log_local_actions = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3688 "util/configparser.c" +#line 3805 "util/configparser.c" break; - case 333: -#line 1059 "util/configparser.y" + case 347: +#line 1121 "util/configparser.y" { OUTYY(("P(server_chroot:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->chrootdir); cfg_parser->cfg->chrootdir = (yyvsp[0].str); } -#line 3698 "util/configparser.c" +#line 3815 "util/configparser.c" break; - case 334: -#line 1066 "util/configparser.y" + case 348: +#line 1128 "util/configparser.y" { OUTYY(("P(server_username:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->username); cfg_parser->cfg->username = (yyvsp[0].str); } -#line 3708 "util/configparser.c" +#line 3825 "util/configparser.c" break; - case 335: -#line 1073 "util/configparser.y" + case 349: +#line 1135 "util/configparser.y" { OUTYY(("P(server_directory:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->directory); @@ -3733,105 +3850,105 @@ yyreduce: } } } -#line 3737 "util/configparser.c" +#line 3854 "util/configparser.c" break; - case 336: -#line 1099 "util/configparser.y" + case 350: +#line 1161 "util/configparser.y" { OUTYY(("P(server_logfile:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->logfile); cfg_parser->cfg->logfile = (yyvsp[0].str); cfg_parser->cfg->use_syslog = 0; } -#line 3748 "util/configparser.c" +#line 3865 "util/configparser.c" break; - case 337: -#line 1107 "util/configparser.y" + case 351: +#line 1169 "util/configparser.y" { OUTYY(("P(server_pidfile:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->pidfile); cfg_parser->cfg->pidfile = (yyvsp[0].str); } -#line 3758 "util/configparser.c" +#line 3875 "util/configparser.c" break; - case 338: -#line 1114 "util/configparser.y" + case 352: +#line 1176 "util/configparser.y" { OUTYY(("P(server_root_hints:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3768 "util/configparser.c" +#line 3885 "util/configparser.c" break; - case 339: -#line 1121 "util/configparser.y" + case 353: +#line 1183 "util/configparser.y" { OUTYY(("P(server_dlv_anchor_file:%s)\n", (yyvsp[0].str))); - free(cfg_parser->cfg->dlv_anchor_file); - cfg_parser->cfg->dlv_anchor_file = (yyvsp[0].str); + log_warn("option dlv-anchor-file ignored: DLV is decommissioned"); + free((yyvsp[0].str)); } -#line 3778 "util/configparser.c" +#line 3895 "util/configparser.c" break; - case 340: -#line 1128 "util/configparser.y" + case 354: +#line 1190 "util/configparser.y" { OUTYY(("P(server_dlv_anchor:%s)\n", (yyvsp[0].str))); - if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, (yyvsp[0].str))) - yyerror("out of memory"); + log_warn("option dlv-anchor ignored: DLV is decommissioned"); + free((yyvsp[0].str)); } -#line 3788 "util/configparser.c" +#line 3905 "util/configparser.c" break; - case 341: -#line 1135 "util/configparser.y" + case 355: +#line 1197 "util/configparser.y" { OUTYY(("P(server_auto_trust_anchor_file:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg-> auto_trust_anchor_file_list, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3799 "util/configparser.c" +#line 3916 "util/configparser.c" break; - case 342: -#line 1143 "util/configparser.y" + case 356: +#line 1205 "util/configparser.y" { OUTYY(("P(server_trust_anchor_file:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg-> trust_anchor_file_list, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3810 "util/configparser.c" +#line 3927 "util/configparser.c" break; - case 343: -#line 1151 "util/configparser.y" + case 357: +#line 1213 "util/configparser.y" { OUTYY(("P(server_trusted_keys_file:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg-> trusted_keys_file_list, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3821 "util/configparser.c" +#line 3938 "util/configparser.c" break; - case 344: -#line 1159 "util/configparser.y" + case 358: +#line 1221 "util/configparser.y" { OUTYY(("P(server_trust_anchor:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3831 "util/configparser.c" +#line 3948 "util/configparser.c" break; - case 345: -#line 1166 "util/configparser.y" + case 359: +#line 1228 "util/configparser.y" { OUTYY(("P(server_trust_anchor_signaling:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3841,11 +3958,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3845 "util/configparser.c" +#line 3962 "util/configparser.c" break; - case 346: -#line 1177 "util/configparser.y" + case 360: +#line 1239 "util/configparser.y" { OUTYY(("P(server_root_key_sentinel:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3855,21 +3972,21 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3859 "util/configparser.c" +#line 3976 "util/configparser.c" break; - case 347: -#line 1188 "util/configparser.y" + case 361: +#line 1250 "util/configparser.y" { OUTYY(("P(server_domain_insecure:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3869 "util/configparser.c" +#line 3986 "util/configparser.c" break; - case 348: -#line 1195 "util/configparser.y" + case 362: +#line 1257 "util/configparser.y" { OUTYY(("P(server_hide_identity:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3877,11 +3994,11 @@ yyreduce: else cfg_parser->cfg->hide_identity = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3881 "util/configparser.c" +#line 3998 "util/configparser.c" break; - case 349: -#line 1204 "util/configparser.y" + case 363: +#line 1266 "util/configparser.y" { OUTYY(("P(server_hide_version:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3889,11 +4006,11 @@ yyreduce: else cfg_parser->cfg->hide_version = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3893 "util/configparser.c" +#line 4010 "util/configparser.c" break; - case 350: -#line 1213 "util/configparser.y" + case 364: +#line 1275 "util/configparser.y" { OUTYY(("P(server_hide_trustanchor:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3901,53 +4018,53 @@ yyreduce: else cfg_parser->cfg->hide_trustanchor = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3905 "util/configparser.c" +#line 4022 "util/configparser.c" break; - case 351: -#line 1222 "util/configparser.y" + case 365: +#line 1284 "util/configparser.y" { OUTYY(("P(server_identity:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->identity); cfg_parser->cfg->identity = (yyvsp[0].str); } -#line 3915 "util/configparser.c" +#line 4032 "util/configparser.c" break; - case 352: -#line 1229 "util/configparser.y" + case 366: +#line 1291 "util/configparser.y" { OUTYY(("P(server_version:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->version); cfg_parser->cfg->version = (yyvsp[0].str); } -#line 3925 "util/configparser.c" +#line 4042 "util/configparser.c" break; - case 353: -#line 1236 "util/configparser.y" + case 367: +#line 1298 "util/configparser.y" { OUTYY(("P(server_so_rcvbuf:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->so_rcvbuf)) yyerror("buffer size expected"); free((yyvsp[0].str)); } -#line 3936 "util/configparser.c" +#line 4053 "util/configparser.c" break; - case 354: -#line 1244 "util/configparser.y" + case 368: +#line 1306 "util/configparser.y" { OUTYY(("P(server_so_sndbuf:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->so_sndbuf)) yyerror("buffer size expected"); free((yyvsp[0].str)); } -#line 3947 "util/configparser.c" +#line 4064 "util/configparser.c" break; - case 355: -#line 1252 "util/configparser.y" + case 369: +#line 1314 "util/configparser.y" { OUTYY(("P(server_so_reuseport:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3956,11 +4073,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3960 "util/configparser.c" +#line 4077 "util/configparser.c" break; - case 356: -#line 1262 "util/configparser.y" + case 370: +#line 1324 "util/configparser.y" { OUTYY(("P(server_ip_transparent:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3969,11 +4086,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3973 "util/configparser.c" +#line 4090 "util/configparser.c" break; - case 357: -#line 1272 "util/configparser.y" + case 371: +#line 1334 "util/configparser.y" { OUTYY(("P(server_ip_freebind:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3982,11 +4099,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3986 "util/configparser.c" +#line 4103 "util/configparser.c" break; - case 358: -#line 1282 "util/configparser.y" + case 372: +#line 1344 "util/configparser.y" { OUTYY(("P(server_ip_dscp:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3999,22 +4116,22 @@ yyreduce: cfg_parser->cfg->ip_dscp = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4003 "util/configparser.c" +#line 4120 "util/configparser.c" break; - case 359: -#line 1296 "util/configparser.y" + case 373: +#line 1358 "util/configparser.y" { OUTYY(("P(server_stream_wait_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->stream_wait_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 4014 "util/configparser.c" +#line 4131 "util/configparser.c" break; - case 360: -#line 1304 "util/configparser.y" + case 374: +#line 1366 "util/configparser.y" { OUTYY(("P(server_edns_buffer_size:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -4026,11 +4143,11 @@ yyreduce: else cfg_parser->cfg->edns_buffer_size = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4030 "util/configparser.c" +#line 4147 "util/configparser.c" break; - case 361: -#line 1317 "util/configparser.y" + case 375: +#line 1379 "util/configparser.y" { OUTYY(("P(server_msg_buffer_size:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -4040,22 +4157,22 @@ yyreduce: else cfg_parser->cfg->msg_buffer_size = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4044 "util/configparser.c" +#line 4161 "util/configparser.c" break; - case 362: -#line 1328 "util/configparser.y" + case 376: +#line 1390 "util/configparser.y" { OUTYY(("P(server_msg_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->msg_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 4055 "util/configparser.c" +#line 4172 "util/configparser.c" break; - case 363: -#line 1336 "util/configparser.y" + case 377: +#line 1398 "util/configparser.y" { OUTYY(("P(server_msg_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -4067,11 +4184,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4071 "util/configparser.c" +#line 4188 "util/configparser.c" break; - case 364: -#line 1349 "util/configparser.y" + case 378: +#line 1411 "util/configparser.y" { OUTYY(("P(server_num_queries_per_thread:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -4079,11 +4196,11 @@ yyreduce: else cfg_parser->cfg->num_queries_per_thread = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4083 "util/configparser.c" +#line 4200 "util/configparser.c" break; - case 365: -#line 1358 "util/configparser.y" + case 379: +#line 1420 "util/configparser.y" { OUTYY(("P(server_jostle_timeout:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4091,11 +4208,11 @@ yyreduce: else cfg_parser->cfg->jostle_time = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4095 "util/configparser.c" +#line 4212 "util/configparser.c" break; - case 366: -#line 1367 "util/configparser.y" + case 380: +#line 1429 "util/configparser.y" { OUTYY(("P(server_delay_close:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4103,11 +4220,11 @@ yyreduce: else cfg_parser->cfg->delay_close = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4107 "util/configparser.c" +#line 4224 "util/configparser.c" break; - case 367: -#line 1376 "util/configparser.y" + case 381: +#line 1438 "util/configparser.y" { OUTYY(("P(server_unblock_lan_zones:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4116,11 +4233,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4120 "util/configparser.c" +#line 4237 "util/configparser.c" break; - case 368: -#line 1386 "util/configparser.y" + case 382: +#line 1448 "util/configparser.y" { OUTYY(("P(server_insecure_lan_zones:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4129,22 +4246,22 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4133 "util/configparser.c" +#line 4250 "util/configparser.c" break; - case 369: -#line 1396 "util/configparser.y" + case 383: +#line 1458 "util/configparser.y" { OUTYY(("P(server_rrset_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->rrset_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 4144 "util/configparser.c" +#line 4261 "util/configparser.c" break; - case 370: -#line 1404 "util/configparser.y" + case 384: +#line 1466 "util/configparser.y" { OUTYY(("P(server_rrset_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -4156,11 +4273,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4160 "util/configparser.c" +#line 4277 "util/configparser.c" break; - case 371: -#line 1417 "util/configparser.y" + case 385: +#line 1479 "util/configparser.y" { OUTYY(("P(server_infra_host_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4168,22 +4285,22 @@ yyreduce: else cfg_parser->cfg->host_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4172 "util/configparser.c" +#line 4289 "util/configparser.c" break; - case 372: -#line 1426 "util/configparser.y" + case 386: +#line 1488 "util/configparser.y" { OUTYY(("P(server_infra_lame_ttl:%s)\n", (yyvsp[0].str))); verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option " "removed, use infra-host-ttl)", (yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4183 "util/configparser.c" +#line 4300 "util/configparser.c" break; - case 373: -#line 1434 "util/configparser.y" + case 387: +#line 1496 "util/configparser.y" { OUTYY(("P(server_infra_cache_numhosts:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -4191,22 +4308,22 @@ yyreduce: else cfg_parser->cfg->infra_cache_numhosts = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4195 "util/configparser.c" +#line 4312 "util/configparser.c" break; - case 374: -#line 1443 "util/configparser.y" + case 388: +#line 1505 "util/configparser.y" { OUTYY(("P(server_infra_cache_lame_size:%s)\n", (yyvsp[0].str))); verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s " "(option removed, use infra-cache-numhosts)", (yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4206 "util/configparser.c" +#line 4323 "util/configparser.c" break; - case 375: -#line 1451 "util/configparser.y" + case 389: +#line 1513 "util/configparser.y" { OUTYY(("P(server_infra_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -4218,11 +4335,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4222 "util/configparser.c" +#line 4339 "util/configparser.c" break; - case 376: -#line 1464 "util/configparser.y" + case 390: +#line 1526 "util/configparser.y" { OUTYY(("P(server_infra_cache_min_rtt:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4230,21 +4347,21 @@ yyreduce: else cfg_parser->cfg->infra_cache_min_rtt = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4234 "util/configparser.c" +#line 4351 "util/configparser.c" break; - case 377: -#line 1473 "util/configparser.y" + case 391: +#line 1535 "util/configparser.y" { OUTYY(("P(server_target_fetch_policy:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->target_fetch_policy); cfg_parser->cfg->target_fetch_policy = (yyvsp[0].str); } -#line 4244 "util/configparser.c" +#line 4361 "util/configparser.c" break; - case 378: -#line 1480 "util/configparser.y" + case 392: +#line 1542 "util/configparser.y" { OUTYY(("P(server_harden_short_bufsize:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4253,11 +4370,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4257 "util/configparser.c" +#line 4374 "util/configparser.c" break; - case 379: -#line 1490 "util/configparser.y" + case 393: +#line 1552 "util/configparser.y" { OUTYY(("P(server_harden_large_queries:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4266,11 +4383,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4270 "util/configparser.c" +#line 4387 "util/configparser.c" break; - case 380: -#line 1500 "util/configparser.y" + case 394: +#line 1562 "util/configparser.y" { OUTYY(("P(server_harden_glue:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4279,11 +4396,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4283 "util/configparser.c" +#line 4400 "util/configparser.c" break; - case 381: -#line 1510 "util/configparser.y" + case 395: +#line 1572 "util/configparser.y" { OUTYY(("P(server_harden_dnssec_stripped:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4292,11 +4409,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4296 "util/configparser.c" +#line 4413 "util/configparser.c" break; - case 382: -#line 1520 "util/configparser.y" + case 396: +#line 1582 "util/configparser.y" { OUTYY(("P(server_harden_below_nxdomain:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4305,11 +4422,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4309 "util/configparser.c" +#line 4426 "util/configparser.c" break; - case 383: -#line 1530 "util/configparser.y" + case 397: +#line 1592 "util/configparser.y" { OUTYY(("P(server_harden_referral_path:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4318,11 +4435,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4322 "util/configparser.c" +#line 4439 "util/configparser.c" break; - case 384: -#line 1540 "util/configparser.y" + case 398: +#line 1602 "util/configparser.y" { OUTYY(("P(server_harden_algo_downgrade:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4331,11 +4448,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4335 "util/configparser.c" +#line 4452 "util/configparser.c" break; - case 385: -#line 1550 "util/configparser.y" + case 399: +#line 1612 "util/configparser.y" { OUTYY(("P(server_use_caps_for_id:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4344,41 +4461,41 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4348 "util/configparser.c" +#line 4465 "util/configparser.c" break; - case 386: -#line 1560 "util/configparser.y" + case 400: +#line 1622 "util/configparser.y" { OUTYY(("P(server_caps_whitelist:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, (yyvsp[0].str))) yyerror("out of memory"); } -#line 4358 "util/configparser.c" +#line 4475 "util/configparser.c" break; - case 387: -#line 1567 "util/configparser.y" + case 401: +#line 1629 "util/configparser.y" { OUTYY(("P(server_private_address:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, (yyvsp[0].str))) yyerror("out of memory"); } -#line 4368 "util/configparser.c" +#line 4485 "util/configparser.c" break; - case 388: -#line 1574 "util/configparser.y" + case 402: +#line 1636 "util/configparser.y" { OUTYY(("P(server_private_domain:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, (yyvsp[0].str))) yyerror("out of memory"); } -#line 4378 "util/configparser.c" +#line 4495 "util/configparser.c" break; - case 389: -#line 1581 "util/configparser.y" + case 403: +#line 1643 "util/configparser.y" { OUTYY(("P(server_prefetch:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4386,11 +4503,11 @@ yyreduce: else cfg_parser->cfg->prefetch = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4390 "util/configparser.c" +#line 4507 "util/configparser.c" break; - case 390: -#line 1590 "util/configparser.y" + case 404: +#line 1652 "util/configparser.y" { OUTYY(("P(server_prefetch_key:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4398,11 +4515,11 @@ yyreduce: else cfg_parser->cfg->prefetch_key = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4402 "util/configparser.c" +#line 4519 "util/configparser.c" break; - case 391: -#line 1599 "util/configparser.y" + case 405: +#line 1661 "util/configparser.y" { OUTYY(("P(server_deny_any:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4410,11 +4527,11 @@ yyreduce: else cfg_parser->cfg->deny_any = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4414 "util/configparser.c" +#line 4531 "util/configparser.c" break; - case 392: -#line 1608 "util/configparser.y" + case 406: +#line 1670 "util/configparser.y" { OUTYY(("P(server_unwanted_reply_threshold:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4422,21 +4539,21 @@ yyreduce: else cfg_parser->cfg->unwanted_threshold = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4426 "util/configparser.c" +#line 4543 "util/configparser.c" break; - case 393: -#line 1617 "util/configparser.y" + case 407: +#line 1679 "util/configparser.y" { OUTYY(("P(server_do_not_query_address:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, (yyvsp[0].str))) yyerror("out of memory"); } -#line 4436 "util/configparser.c" +#line 4553 "util/configparser.c" break; - case 394: -#line 1624 "util/configparser.y" + case 408: +#line 1686 "util/configparser.y" { OUTYY(("P(server_do_not_query_localhost:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4445,11 +4562,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4449 "util/configparser.c" +#line 4566 "util/configparser.c" break; - case 395: -#line 1634 "util/configparser.y" + case 409: +#line 1696 "util/configparser.y" { OUTYY(("P(server_access_control:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "deny")!=0 && strcmp((yyvsp[0].str), "refuse")!=0 && @@ -4468,21 +4585,21 @@ yyreduce: fatal_exit("out of memory adding acl"); } } -#line 4472 "util/configparser.c" +#line 4589 "util/configparser.c" break; - case 396: -#line 1654 "util/configparser.y" + case 410: +#line 1716 "util/configparser.y" { OUTYY(("P(server_module_conf:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->module_conf); cfg_parser->cfg->module_conf = (yyvsp[0].str); } -#line 4482 "util/configparser.c" +#line 4599 "util/configparser.c" break; - case 397: -#line 1661 "util/configparser.y" + case 411: +#line 1723 "util/configparser.y" { OUTYY(("P(server_val_override_date:%s)\n", (yyvsp[0].str))); if(*(yyvsp[0].str) == '\0' || strcmp((yyvsp[0].str), "0") == 0) { @@ -4499,11 +4616,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4503 "util/configparser.c" +#line 4620 "util/configparser.c" break; - case 398: -#line 1679 "util/configparser.y" + case 412: +#line 1741 "util/configparser.y" { OUTYY(("P(server_val_sig_skew_min:%s)\n", (yyvsp[0].str))); if(*(yyvsp[0].str) == '\0' || strcmp((yyvsp[0].str), "0") == 0) { @@ -4515,11 +4632,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4519 "util/configparser.c" +#line 4636 "util/configparser.c" break; - case 399: -#line 1692 "util/configparser.y" + case 413: +#line 1754 "util/configparser.y" { OUTYY(("P(server_val_sig_skew_max:%s)\n", (yyvsp[0].str))); if(*(yyvsp[0].str) == '\0' || strcmp((yyvsp[0].str), "0") == 0) { @@ -4531,11 +4648,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4535 "util/configparser.c" +#line 4652 "util/configparser.c" break; - case 400: -#line 1705 "util/configparser.y" + case 414: +#line 1767 "util/configparser.y" { OUTYY(("P(server_cache_max_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4543,11 +4660,11 @@ yyreduce: else cfg_parser->cfg->max_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4547 "util/configparser.c" +#line 4664 "util/configparser.c" break; - case 401: -#line 1714 "util/configparser.y" + case 415: +#line 1776 "util/configparser.y" { OUTYY(("P(server_cache_max_negative_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4555,11 +4672,11 @@ yyreduce: else cfg_parser->cfg->max_negative_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4559 "util/configparser.c" +#line 4676 "util/configparser.c" break; - case 402: -#line 1723 "util/configparser.y" + case 416: +#line 1785 "util/configparser.y" { OUTYY(("P(server_cache_min_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4567,11 +4684,11 @@ yyreduce: else cfg_parser->cfg->min_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4571 "util/configparser.c" +#line 4688 "util/configparser.c" break; - case 403: -#line 1732 "util/configparser.y" + case 417: +#line 1794 "util/configparser.y" { OUTYY(("P(server_bogus_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4579,11 +4696,11 @@ yyreduce: else cfg_parser->cfg->bogus_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4583 "util/configparser.c" +#line 4700 "util/configparser.c" break; - case 404: -#line 1741 "util/configparser.y" + case 418: +#line 1803 "util/configparser.y" { OUTYY(("P(server_val_clean_additional:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4592,11 +4709,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4596 "util/configparser.c" +#line 4713 "util/configparser.c" break; - case 405: -#line 1751 "util/configparser.y" + case 419: +#line 1813 "util/configparser.y" { OUTYY(("P(server_val_permissive_mode:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4605,11 +4722,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4609 "util/configparser.c" +#line 4726 "util/configparser.c" break; - case 406: -#line 1761 "util/configparser.y" + case 420: +#line 1823 "util/configparser.y" { OUTYY(("P(server_aggressive_nsec:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4619,11 +4736,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4623 "util/configparser.c" +#line 4740 "util/configparser.c" break; - case 407: -#line 1772 "util/configparser.y" + case 421: +#line 1834 "util/configparser.y" { OUTYY(("P(server_ignore_cd_flag:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4631,11 +4748,11 @@ yyreduce: else cfg_parser->cfg->ignore_cd = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4635 "util/configparser.c" +#line 4752 "util/configparser.c" break; - case 408: -#line 1781 "util/configparser.y" + case 422: +#line 1843 "util/configparser.y" { OUTYY(("P(server_serve_expired:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4643,11 +4760,11 @@ yyreduce: else cfg_parser->cfg->serve_expired = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4647 "util/configparser.c" +#line 4764 "util/configparser.c" break; - case 409: -#line 1790 "util/configparser.y" + case 423: +#line 1852 "util/configparser.y" { OUTYY(("P(server_serve_expired_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4655,11 +4772,11 @@ yyreduce: else cfg_parser->cfg->serve_expired_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4659 "util/configparser.c" +#line 4776 "util/configparser.c" break; - case 410: -#line 1799 "util/configparser.y" + case 424: +#line 1861 "util/configparser.y" { OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4667,11 +4784,11 @@ yyreduce: else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4671 "util/configparser.c" +#line 4788 "util/configparser.c" break; - case 411: -#line 1808 "util/configparser.y" + case 425: +#line 1870 "util/configparser.y" { OUTYY(("P(server_serve_expired_reply_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4679,11 +4796,11 @@ yyreduce: else cfg_parser->cfg->serve_expired_reply_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4683 "util/configparser.c" +#line 4800 "util/configparser.c" break; - case 412: -#line 1817 "util/configparser.y" + case 426: +#line 1879 "util/configparser.y" { OUTYY(("P(server_serve_expired_client_timeout:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4691,11 +4808,11 @@ yyreduce: else cfg_parser->cfg->serve_expired_client_timeout = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4695 "util/configparser.c" +#line 4812 "util/configparser.c" break; - case 413: -#line 1826 "util/configparser.y" + case 427: +#line 1888 "util/configparser.y" { OUTYY(("P(server_fake_dsa:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4707,11 +4824,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 4711 "util/configparser.c" +#line 4828 "util/configparser.c" break; - case 414: -#line 1839 "util/configparser.y" + case 428: +#line 1901 "util/configparser.y" { OUTYY(("P(server_fake_sha1:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4723,11 +4840,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 4727 "util/configparser.c" +#line 4844 "util/configparser.c" break; - case 415: -#line 1852 "util/configparser.y" + case 429: +#line 1914 "util/configparser.y" { OUTYY(("P(server_val_log_level:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4735,21 +4852,21 @@ yyreduce: else cfg_parser->cfg->val_log_level = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4739 "util/configparser.c" +#line 4856 "util/configparser.c" break; - case 416: -#line 1861 "util/configparser.y" + case 430: +#line 1923 "util/configparser.y" { OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->val_nsec3_key_iterations); cfg_parser->cfg->val_nsec3_key_iterations = (yyvsp[0].str); } -#line 4749 "util/configparser.c" +#line 4866 "util/configparser.c" break; - case 417: -#line 1868 "util/configparser.y" + case 431: +#line 1930 "util/configparser.y" { OUTYY(("P(server_add_holddown:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4757,11 +4874,11 @@ yyreduce: else cfg_parser->cfg->add_holddown = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4761 "util/configparser.c" +#line 4878 "util/configparser.c" break; - case 418: -#line 1877 "util/configparser.y" + case 432: +#line 1939 "util/configparser.y" { OUTYY(("P(server_del_holddown:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4769,11 +4886,11 @@ yyreduce: else cfg_parser->cfg->del_holddown = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4773 "util/configparser.c" +#line 4890 "util/configparser.c" break; - case 419: -#line 1886 "util/configparser.y" + case 433: +#line 1948 "util/configparser.y" { OUTYY(("P(server_keep_missing:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4781,11 +4898,11 @@ yyreduce: else cfg_parser->cfg->keep_missing = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4785 "util/configparser.c" +#line 4902 "util/configparser.c" break; - case 420: -#line 1895 "util/configparser.y" + case 434: +#line 1957 "util/configparser.y" { OUTYY(("P(server_permit_small_holddown:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4794,22 +4911,22 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4798 "util/configparser.c" +#line 4915 "util/configparser.c" break; - case 421: -#line 1904 "util/configparser.y" + case 435: +#line 1966 "util/configparser.y" { OUTYY(("P(server_key_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->key_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 4809 "util/configparser.c" +#line 4926 "util/configparser.c" break; - case 422: -#line 1912 "util/configparser.y" + case 436: +#line 1974 "util/configparser.y" { OUTYY(("P(server_key_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -4821,22 +4938,22 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4825 "util/configparser.c" +#line 4942 "util/configparser.c" break; - case 423: -#line 1925 "util/configparser.y" + case 437: +#line 1987 "util/configparser.y" { OUTYY(("P(server_neg_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->neg_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 4836 "util/configparser.c" +#line 4953 "util/configparser.c" break; - case 424: -#line 1933 "util/configparser.y" + case 438: +#line 1995 "util/configparser.y" { OUTYY(("P(server_local_zone:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "static")!=0 && strcmp((yyvsp[0].str), "deny")!=0 && @@ -4876,21 +4993,21 @@ yyreduce: fatal_exit("out of memory adding local-zone"); } } -#line 4880 "util/configparser.c" +#line 4997 "util/configparser.c" break; - case 425: -#line 1974 "util/configparser.y" + case 439: +#line 2036 "util/configparser.y" { OUTYY(("P(server_local_data:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, (yyvsp[0].str))) fatal_exit("out of memory adding local-data"); } -#line 4890 "util/configparser.c" +#line 5007 "util/configparser.c" break; - case 426: -#line 1981 "util/configparser.y" + case 440: +#line 2043 "util/configparser.y" { char* ptr; OUTYY(("P(server_local_data_ptr:%s)\n", (yyvsp[0].str))); @@ -4904,11 +5021,11 @@ yyreduce: yyerror("local-data-ptr could not be reversed"); } } -#line 4908 "util/configparser.c" +#line 5025 "util/configparser.c" break; - case 427: -#line 1996 "util/configparser.y" + case 441: +#line 2058 "util/configparser.y" { OUTYY(("P(server_minimal_responses:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4917,11 +5034,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4921 "util/configparser.c" +#line 5038 "util/configparser.c" break; - case 428: -#line 2006 "util/configparser.y" + case 442: +#line 2068 "util/configparser.y" { OUTYY(("P(server_rrset_roundrobin:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4930,41 +5047,41 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4934 "util/configparser.c" +#line 5051 "util/configparser.c" break; - case 429: -#line 2016 "util/configparser.y" + case 443: +#line 2078 "util/configparser.y" { OUTYY(("P(server_unknown_server_time_limit:%s)\n", (yyvsp[0].str))); cfg_parser->cfg->unknown_server_time_limit = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4944 "util/configparser.c" +#line 5061 "util/configparser.c" break; - case 430: -#line 2023 "util/configparser.y" + case 444: +#line 2085 "util/configparser.y" { OUTYY(("P(server_max_udp_size:%s)\n", (yyvsp[0].str))); cfg_parser->cfg->max_udp_size = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4954 "util/configparser.c" +#line 5071 "util/configparser.c" break; - case 431: -#line 2030 "util/configparser.y" + case 445: +#line 2092 "util/configparser.y" { OUTYY(("P(dns64_prefix:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dns64_prefix); cfg_parser->cfg->dns64_prefix = (yyvsp[0].str); } -#line 4964 "util/configparser.c" +#line 5081 "util/configparser.c" break; - case 432: -#line 2037 "util/configparser.y" + case 446: +#line 2099 "util/configparser.y" { OUTYY(("P(server_dns64_synthall:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4972,22 +5089,22 @@ yyreduce: else cfg_parser->cfg->dns64_synthall = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4976 "util/configparser.c" +#line 5093 "util/configparser.c" break; - case 433: -#line 2046 "util/configparser.y" + case 447: +#line 2108 "util/configparser.y" { OUTYY(("P(dns64_ignore_aaaa:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa, (yyvsp[0].str))) fatal_exit("out of memory adding dns64-ignore-aaaa"); } -#line 4987 "util/configparser.c" +#line 5104 "util/configparser.c" break; - case 434: -#line 2054 "util/configparser.y" + case 448: +#line 2116 "util/configparser.y" { char* p, *s = (yyvsp[0].str); OUTYY(("P(server_define_tag:%s)\n", (yyvsp[0].str))); @@ -5000,11 +5117,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 5004 "util/configparser.c" +#line 5121 "util/configparser.c" break; - case 435: -#line 2068 "util/configparser.y" + case 449: +#line 2130 "util/configparser.y" { size_t len = 0; uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, (yyvsp[0].str), @@ -5024,11 +5141,11 @@ yyreduce: } } } -#line 5028 "util/configparser.c" +#line 5145 "util/configparser.c" break; - case 436: -#line 2089 "util/configparser.y" + case 450: +#line 2151 "util/configparser.y" { size_t len = 0; uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, (yyvsp[0].str), @@ -5048,11 +5165,11 @@ yyreduce: } } } -#line 5052 "util/configparser.c" +#line 5169 "util/configparser.c" break; - case 437: -#line 2110 "util/configparser.y" + case 451: +#line 2172 "util/configparser.y" { OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", (yyvsp[-2].str), (yyvsp[-1].str), (yyvsp[0].str))); if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions, @@ -5063,11 +5180,11 @@ yyreduce: free((yyvsp[0].str)); } } -#line 5067 "util/configparser.c" +#line 5184 "util/configparser.c" break; - case 438: -#line 2122 "util/configparser.y" + case 452: +#line 2184 "util/configparser.y" { OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", (yyvsp[-2].str), (yyvsp[-1].str), (yyvsp[0].str))); if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas, @@ -5078,11 +5195,11 @@ yyreduce: free((yyvsp[0].str)); } } -#line 5082 "util/configparser.c" +#line 5199 "util/configparser.c" break; - case 439: -#line 2134 "util/configparser.y" + case 453: +#line 2196 "util/configparser.y" { OUTYY(("P(server_local_zone_override:%s %s %s)\n", (yyvsp[-2].str), (yyvsp[-1].str), (yyvsp[0].str))); if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides, @@ -5093,11 +5210,11 @@ yyreduce: free((yyvsp[0].str)); } } -#line 5097 "util/configparser.c" +#line 5214 "util/configparser.c" break; - case 440: -#line 2146 "util/configparser.y" + case 454: +#line 2208 "util/configparser.y" { OUTYY(("P(server_access_control_view:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view, @@ -5105,11 +5222,11 @@ yyreduce: yyerror("out of memory"); } } -#line 5109 "util/configparser.c" +#line 5226 "util/configparser.c" break; - case 441: -#line 2155 "util/configparser.y" + case 455: +#line 2217 "util/configparser.y" { size_t len = 0; uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, (yyvsp[0].str), @@ -5129,11 +5246,11 @@ yyreduce: } } } -#line 5133 "util/configparser.c" +#line 5250 "util/configparser.c" break; - case 442: -#line 2176 "util/configparser.y" + case 456: +#line 2238 "util/configparser.y" { OUTYY(("P(server_ip_ratelimit:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5141,11 +5258,11 @@ yyreduce: else cfg_parser->cfg->ip_ratelimit = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5145 "util/configparser.c" +#line 5262 "util/configparser.c" break; - case 443: -#line 2186 "util/configparser.y" + case 457: +#line 2248 "util/configparser.y" { OUTYY(("P(server_ratelimit:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5153,33 +5270,33 @@ yyreduce: else cfg_parser->cfg->ratelimit = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5157 "util/configparser.c" +#line 5274 "util/configparser.c" break; - case 444: -#line 2195 "util/configparser.y" + case 458: +#line 2257 "util/configparser.y" { OUTYY(("P(server_ip_ratelimit_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->ip_ratelimit_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 5168 "util/configparser.c" +#line 5285 "util/configparser.c" break; - case 445: -#line 2203 "util/configparser.y" + case 459: +#line 2265 "util/configparser.y" { OUTYY(("P(server_ratelimit_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->ratelimit_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 5179 "util/configparser.c" +#line 5296 "util/configparser.c" break; - case 446: -#line 2211 "util/configparser.y" + case 460: +#line 2273 "util/configparser.y" { OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -5191,11 +5308,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 5195 "util/configparser.c" +#line 5312 "util/configparser.c" break; - case 447: -#line 2224 "util/configparser.y" + case 461: +#line 2286 "util/configparser.y" { OUTYY(("P(server_ratelimit_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -5207,11 +5324,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 5211 "util/configparser.c" +#line 5328 "util/configparser.c" break; - case 448: -#line 2237 "util/configparser.y" + case 462: +#line 2299 "util/configparser.y" { OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) { @@ -5225,11 +5342,11 @@ yyreduce: "ratelimit-for-domain"); } } -#line 5229 "util/configparser.c" +#line 5346 "util/configparser.c" break; - case 449: -#line 2252 "util/configparser.y" + case 463: +#line 2314 "util/configparser.y" { OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) { @@ -5243,11 +5360,11 @@ yyreduce: "ratelimit-below-domain"); } } -#line 5247 "util/configparser.c" +#line 5364 "util/configparser.c" break; - case 450: -#line 2267 "util/configparser.y" + case 464: +#line 2329 "util/configparser.y" { OUTYY(("P(server_ip_ratelimit_factor:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5255,11 +5372,11 @@ yyreduce: else cfg_parser->cfg->ip_ratelimit_factor = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5259 "util/configparser.c" +#line 5376 "util/configparser.c" break; - case 451: -#line 2276 "util/configparser.y" + case 465: +#line 2338 "util/configparser.y" { OUTYY(("P(server_ratelimit_factor:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5267,20 +5384,20 @@ yyreduce: else cfg_parser->cfg->ratelimit_factor = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5271 "util/configparser.c" +#line 5388 "util/configparser.c" break; - case 452: -#line 2285 "util/configparser.y" + case 466: +#line 2347 "util/configparser.y" { OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n")); free((yyvsp[0].str)); } -#line 5280 "util/configparser.c" +#line 5397 "util/configparser.c" break; - case 453: -#line 2291 "util/configparser.y" + case 467: +#line 2353 "util/configparser.y" { OUTYY(("P(server_fast_server_num:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) <= 0) @@ -5288,11 +5405,11 @@ yyreduce: else cfg_parser->cfg->fast_server_num = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5292 "util/configparser.c" +#line 5409 "util/configparser.c" break; - case 454: -#line 2300 "util/configparser.y" + case 468: +#line 2362 "util/configparser.y" { OUTYY(("P(server_fast_server_permil:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5300,11 +5417,11 @@ yyreduce: else cfg_parser->cfg->fast_server_permil = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5304 "util/configparser.c" +#line 5421 "util/configparser.c" break; - case 455: -#line 2309 "util/configparser.y" + case 469: +#line 2371 "util/configparser.y" { OUTYY(("P(server_qname_minimisation:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5313,11 +5430,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5317 "util/configparser.c" +#line 5434 "util/configparser.c" break; - case 456: -#line 2319 "util/configparser.y" + case 470: +#line 2381 "util/configparser.y" { OUTYY(("P(server_qname_minimisation_strict:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5326,11 +5443,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5330 "util/configparser.c" +#line 5447 "util/configparser.c" break; - case 457: -#line 2329 "util/configparser.y" + case 471: +#line 2391 "util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_enabled:%s)\n", (yyvsp[0].str))); @@ -5342,11 +5459,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 5346 "util/configparser.c" +#line 5463 "util/configparser.c" break; - case 458: -#line 2342 "util/configparser.y" + case 472: +#line 2404 "util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", (yyvsp[0].str))); @@ -5358,11 +5475,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 5362 "util/configparser.c" +#line 5479 "util/configparser.c" break; - case 459: -#line 2355 "util/configparser.y" + case 473: +#line 2417 "util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_hook:%s)\n", (yyvsp[0].str))); @@ -5373,11 +5490,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 5377 "util/configparser.c" +#line 5494 "util/configparser.c" break; - case 460: -#line 2367 "util/configparser.y" + case 474: +#line 2429 "util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", (yyvsp[0].str))); @@ -5390,11 +5507,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 5394 "util/configparser.c" +#line 5511 "util/configparser.c" break; - case 461: -#line 2381 "util/configparser.y" + case 475: +#line 2443 "util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_whitelist:%s)\n", (yyvsp[0].str))); @@ -5405,11 +5522,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 5409 "util/configparser.c" +#line 5526 "util/configparser.c" break; - case 462: -#line 2393 "util/configparser.y" + case 476: +#line 2455 "util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_strict:%s)\n", (yyvsp[0].str))); @@ -5422,11 +5539,43 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 5426 "util/configparser.c" +#line 5543 "util/configparser.c" break; - case 463: -#line 2407 "util/configparser.y" + case 477: +#line 2469 "util/configparser.y" + { + int tag_data; + OUTYY(("P(server_edns_client_tag:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); + tag_data = atoi((yyvsp[0].str)); + if(tag_data > 65535 || tag_data < 0 || + (tag_data == 0 && (strlen((yyvsp[0].str)) != 1 || (yyvsp[0].str)[0] != '0'))) + yyerror("edns-client-tag data invalid, needs to be a " + "number from 0 to 65535"); + if(!cfg_str2list_insert( + &cfg_parser->cfg->edns_client_tags, (yyvsp[-1].str), (yyvsp[0].str))) + fatal_exit("out of memory adding " + "edns-client-tag"); + } +#line 5561 "util/configparser.c" + break; + + case 478: +#line 2484 "util/configparser.y" + { + OUTYY(("P(edns_client_tag_opcode:%s)\n", (yyvsp[0].str))); + if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) + yyerror("option code expected"); + else if(atoi((yyvsp[0].str)) > 65535 || atoi((yyvsp[0].str)) < 0) + yyerror("option code must be in interval [0, 65535]"); + else cfg_parser->cfg->edns_client_tag_opcode = atoi((yyvsp[0].str)); + + } +#line 5575 "util/configparser.c" + break; + + case 479: +#line 2495 "util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->stubs->name) @@ -5435,31 +5584,31 @@ yyreduce: free(cfg_parser->cfg->stubs->name); cfg_parser->cfg->stubs->name = (yyvsp[0].str); } -#line 5439 "util/configparser.c" +#line 5588 "util/configparser.c" break; - case 464: -#line 2417 "util/configparser.y" + case 480: +#line 2505 "util/configparser.y" { OUTYY(("P(stub-host:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5449 "util/configparser.c" +#line 5598 "util/configparser.c" break; - case 465: -#line 2424 "util/configparser.y" + case 481: +#line 2512 "util/configparser.y" { OUTYY(("P(stub-addr:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5459 "util/configparser.c" +#line 5608 "util/configparser.c" break; - case 466: -#line 2431 "util/configparser.y" + case 482: +#line 2519 "util/configparser.y" { OUTYY(("P(stub-first:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5467,11 +5616,11 @@ yyreduce: else cfg_parser->cfg->stubs->isfirst=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5471 "util/configparser.c" +#line 5620 "util/configparser.c" break; - case 467: -#line 2440 "util/configparser.y" + case 483: +#line 2528 "util/configparser.y" { OUTYY(("P(stub-no-cache:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5479,11 +5628,11 @@ yyreduce: else cfg_parser->cfg->stubs->no_cache=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5483 "util/configparser.c" +#line 5632 "util/configparser.c" break; - case 468: -#line 2449 "util/configparser.y" + case 484: +#line 2537 "util/configparser.y" { OUTYY(("P(stub-ssl-upstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5492,11 +5641,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5496 "util/configparser.c" +#line 5645 "util/configparser.c" break; - case 469: -#line 2459 "util/configparser.y" + case 485: +#line 2547 "util/configparser.y" { OUTYY(("P(stub-prime:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5505,11 +5654,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5509 "util/configparser.c" +#line 5658 "util/configparser.c" break; - case 470: -#line 2469 "util/configparser.y" + case 486: +#line 2557 "util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->forwards->name) @@ -5518,31 +5667,31 @@ yyreduce: free(cfg_parser->cfg->forwards->name); cfg_parser->cfg->forwards->name = (yyvsp[0].str); } -#line 5522 "util/configparser.c" +#line 5671 "util/configparser.c" break; - case 471: -#line 2479 "util/configparser.y" + case 487: +#line 2567 "util/configparser.y" { OUTYY(("P(forward-host:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5532 "util/configparser.c" +#line 5681 "util/configparser.c" break; - case 472: -#line 2486 "util/configparser.y" + case 488: +#line 2574 "util/configparser.y" { OUTYY(("P(forward-addr:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5542 "util/configparser.c" +#line 5691 "util/configparser.c" break; - case 473: -#line 2493 "util/configparser.y" + case 489: +#line 2581 "util/configparser.y" { OUTYY(("P(forward-first:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5550,11 +5699,11 @@ yyreduce: else cfg_parser->cfg->forwards->isfirst=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5554 "util/configparser.c" +#line 5703 "util/configparser.c" break; - case 474: -#line 2502 "util/configparser.y" + case 490: +#line 2590 "util/configparser.y" { OUTYY(("P(forward-no-cache:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5562,11 +5711,11 @@ yyreduce: else cfg_parser->cfg->forwards->no_cache=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5566 "util/configparser.c" +#line 5715 "util/configparser.c" break; - case 475: -#line 2511 "util/configparser.y" + case 491: +#line 2599 "util/configparser.y" { OUTYY(("P(forward-ssl-upstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5575,11 +5724,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5579 "util/configparser.c" +#line 5728 "util/configparser.c" break; - case 476: -#line 2521 "util/configparser.y" + case 492: +#line 2609 "util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->auths->name) @@ -5588,52 +5737,52 @@ yyreduce: free(cfg_parser->cfg->auths->name); cfg_parser->cfg->auths->name = (yyvsp[0].str); } -#line 5592 "util/configparser.c" +#line 5741 "util/configparser.c" break; - case 477: -#line 2531 "util/configparser.y" + case 493: +#line 2619 "util/configparser.y" { OUTYY(("P(zonefile:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->auths->zonefile); cfg_parser->cfg->auths->zonefile = (yyvsp[0].str); } -#line 5602 "util/configparser.c" +#line 5751 "util/configparser.c" break; - case 478: -#line 2538 "util/configparser.y" + case 494: +#line 2626 "util/configparser.y" { OUTYY(("P(master:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5612 "util/configparser.c" +#line 5761 "util/configparser.c" break; - case 479: -#line 2545 "util/configparser.y" + case 495: +#line 2633 "util/configparser.y" { OUTYY(("P(url:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5622 "util/configparser.c" +#line 5771 "util/configparser.c" break; - case 480: -#line 2552 "util/configparser.y" + case 496: +#line 2640 "util/configparser.y" { OUTYY(("P(allow-notify:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5633 "util/configparser.c" +#line 5782 "util/configparser.c" break; - case 481: -#line 2560 "util/configparser.y" + case 497: +#line 2648 "util/configparser.y" { OUTYY(("P(for-downstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5642,11 +5791,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5646 "util/configparser.c" +#line 5795 "util/configparser.c" break; - case 482: -#line 2570 "util/configparser.y" + case 498: +#line 2658 "util/configparser.y" { OUTYY(("P(for-upstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5655,11 +5804,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5659 "util/configparser.c" +#line 5808 "util/configparser.c" break; - case 483: -#line 2580 "util/configparser.y" + case 499: +#line 2668 "util/configparser.y" { OUTYY(("P(fallback-enabled:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5668,11 +5817,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5672 "util/configparser.c" +#line 5821 "util/configparser.c" break; - case 484: -#line 2590 "util/configparser.y" + case 500: +#line 2678 "util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->views->name) @@ -5681,11 +5830,11 @@ yyreduce: free(cfg_parser->cfg->views->name); cfg_parser->cfg->views->name = (yyvsp[0].str); } -#line 5685 "util/configparser.c" +#line 5834 "util/configparser.c" break; - case 485: -#line 2600 "util/configparser.y" + case 501: +#line 2688 "util/configparser.y" { OUTYY(("P(view_local_zone:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "static")!=0 && strcmp((yyvsp[0].str), "deny")!=0 && @@ -5723,11 +5872,11 @@ yyreduce: fatal_exit("out of memory adding local-zone"); } } -#line 5727 "util/configparser.c" +#line 5876 "util/configparser.c" break; - case 486: -#line 2639 "util/configparser.y" + case 502: +#line 2727 "util/configparser.y" { OUTYY(("P(view_response_ip:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); validate_respip_action((yyvsp[0].str)); @@ -5736,33 +5885,33 @@ yyreduce: fatal_exit("out of memory adding per-view " "response-ip action"); } -#line 5740 "util/configparser.c" +#line 5889 "util/configparser.c" break; - case 487: -#line 2649 "util/configparser.y" + case 503: +#line 2737 "util/configparser.y" { OUTYY(("P(view_response_ip_data:%s)\n", (yyvsp[-1].str))); if(!cfg_str2list_insert( &cfg_parser->cfg->views->respip_data, (yyvsp[-1].str), (yyvsp[0].str))) fatal_exit("out of memory adding response-ip-data"); } -#line 5751 "util/configparser.c" +#line 5900 "util/configparser.c" break; - case 488: -#line 2657 "util/configparser.y" + case 504: +#line 2745 "util/configparser.y" { OUTYY(("P(view_local_data:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, (yyvsp[0].str))) { fatal_exit("out of memory adding local-data"); } } -#line 5762 "util/configparser.c" +#line 5911 "util/configparser.c" break; - case 489: -#line 2665 "util/configparser.y" + case 505: +#line 2753 "util/configparser.y" { char* ptr; OUTYY(("P(view_local_data_ptr:%s)\n", (yyvsp[0].str))); @@ -5776,11 +5925,11 @@ yyreduce: yyerror("local-data-ptr could not be reversed"); } } -#line 5780 "util/configparser.c" +#line 5929 "util/configparser.c" break; - case 490: -#line 2680 "util/configparser.y" + case 506: +#line 2768 "util/configparser.y" { OUTYY(("P(view-first:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5788,19 +5937,19 @@ yyreduce: else cfg_parser->cfg->views->isfirst=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5792 "util/configparser.c" +#line 5941 "util/configparser.c" break; - case 491: -#line 2689 "util/configparser.y" + case 507: +#line 2777 "util/configparser.y" { OUTYY(("\nP(remote-control:)\n")); } -#line 5800 "util/configparser.c" +#line 5949 "util/configparser.c" break; - case 502: -#line 2700 "util/configparser.y" + case 518: +#line 2788 "util/configparser.y" { OUTYY(("P(control_enable:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5809,11 +5958,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5813 "util/configparser.c" +#line 5962 "util/configparser.c" break; - case 503: -#line 2710 "util/configparser.y" + case 519: +#line 2798 "util/configparser.y" { OUTYY(("P(control_port:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -5821,79 +5970,79 @@ yyreduce: else cfg_parser->cfg->control_port = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5825 "util/configparser.c" +#line 5974 "util/configparser.c" break; - case 504: -#line 2719 "util/configparser.y" + case 520: +#line 2807 "util/configparser.y" { OUTYY(("P(control_interface:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5835 "util/configparser.c" +#line 5984 "util/configparser.c" break; - case 505: -#line 2726 "util/configparser.y" + case 521: +#line 2814 "util/configparser.y" { OUTYY(("P(control_use_cert:%s)\n", (yyvsp[0].str))); cfg_parser->cfg->control_use_cert = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5845 "util/configparser.c" +#line 5994 "util/configparser.c" break; - case 506: -#line 2733 "util/configparser.y" + case 522: +#line 2821 "util/configparser.y" { OUTYY(("P(rc_server_key_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->server_key_file); cfg_parser->cfg->server_key_file = (yyvsp[0].str); } -#line 5855 "util/configparser.c" +#line 6004 "util/configparser.c" break; - case 507: -#line 2740 "util/configparser.y" + case 523: +#line 2828 "util/configparser.y" { OUTYY(("P(rc_server_cert_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->server_cert_file); cfg_parser->cfg->server_cert_file = (yyvsp[0].str); } -#line 5865 "util/configparser.c" +#line 6014 "util/configparser.c" break; - case 508: -#line 2747 "util/configparser.y" + case 524: +#line 2835 "util/configparser.y" { OUTYY(("P(rc_control_key_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->control_key_file); cfg_parser->cfg->control_key_file = (yyvsp[0].str); } -#line 5875 "util/configparser.c" +#line 6024 "util/configparser.c" break; - case 509: -#line 2754 "util/configparser.y" + case 525: +#line 2842 "util/configparser.y" { OUTYY(("P(rc_control_cert_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->control_cert_file); cfg_parser->cfg->control_cert_file = (yyvsp[0].str); } -#line 5885 "util/configparser.c" +#line 6034 "util/configparser.c" break; - case 510: -#line 2761 "util/configparser.y" + case 526: +#line 2849 "util/configparser.y" { OUTYY(("\nP(dnstap:)\n")); } -#line 5893 "util/configparser.c" +#line 6042 "util/configparser.c" break; - case 532: -#line 2781 "util/configparser.y" + case 548: +#line 2869 "util/configparser.y" { OUTYY(("P(dt_dnstap_enable:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5901,11 +6050,11 @@ yyreduce: else cfg_parser->cfg->dnstap = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5905 "util/configparser.c" +#line 6054 "util/configparser.c" break; - case 533: -#line 2790 "util/configparser.y" + case 549: +#line 2878 "util/configparser.y" { OUTYY(("P(dt_dnstap_bidirectional:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5914,31 +6063,31 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5918 "util/configparser.c" +#line 6067 "util/configparser.c" break; - case 534: -#line 2800 "util/configparser.y" + case 550: +#line 2888 "util/configparser.y" { OUTYY(("P(dt_dnstap_socket_path:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_socket_path); cfg_parser->cfg->dnstap_socket_path = (yyvsp[0].str); } -#line 5928 "util/configparser.c" +#line 6077 "util/configparser.c" break; - case 535: -#line 2807 "util/configparser.y" + case 551: +#line 2895 "util/configparser.y" { OUTYY(("P(dt_dnstap_ip:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_ip); cfg_parser->cfg->dnstap_ip = (yyvsp[0].str); } -#line 5938 "util/configparser.c" +#line 6087 "util/configparser.c" break; - case 536: -#line 2814 "util/configparser.y" + case 552: +#line 2902 "util/configparser.y" { OUTYY(("P(dt_dnstap_tls:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5946,51 +6095,51 @@ yyreduce: else cfg_parser->cfg->dnstap_tls = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5950 "util/configparser.c" +#line 6099 "util/configparser.c" break; - case 537: -#line 2823 "util/configparser.y" + case 553: +#line 2911 "util/configparser.y" { OUTYY(("P(dt_dnstap_tls_server_name:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_tls_server_name); cfg_parser->cfg->dnstap_tls_server_name = (yyvsp[0].str); } -#line 5960 "util/configparser.c" +#line 6109 "util/configparser.c" break; - case 538: -#line 2830 "util/configparser.y" + case 554: +#line 2918 "util/configparser.y" { OUTYY(("P(dt_dnstap_tls_cert_bundle:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_tls_cert_bundle); cfg_parser->cfg->dnstap_tls_cert_bundle = (yyvsp[0].str); } -#line 5970 "util/configparser.c" +#line 6119 "util/configparser.c" break; - case 539: -#line 2837 "util/configparser.y" + case 555: +#line 2925 "util/configparser.y" { OUTYY(("P(dt_dnstap_tls_client_key_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_tls_client_key_file); cfg_parser->cfg->dnstap_tls_client_key_file = (yyvsp[0].str); } -#line 5980 "util/configparser.c" +#line 6129 "util/configparser.c" break; - case 540: -#line 2844 "util/configparser.y" + case 556: +#line 2932 "util/configparser.y" { OUTYY(("P(dt_dnstap_tls_client_cert_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_tls_client_cert_file); cfg_parser->cfg->dnstap_tls_client_cert_file = (yyvsp[0].str); } -#line 5990 "util/configparser.c" +#line 6139 "util/configparser.c" break; - case 541: -#line 2851 "util/configparser.y" + case 557: +#line 2939 "util/configparser.y" { OUTYY(("P(dt_dnstap_send_identity:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5998,11 +6147,11 @@ yyreduce: else cfg_parser->cfg->dnstap_send_identity = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6002 "util/configparser.c" +#line 6151 "util/configparser.c" break; - case 542: -#line 2860 "util/configparser.y" + case 558: +#line 2948 "util/configparser.y" { OUTYY(("P(dt_dnstap_send_version:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6010,31 +6159,31 @@ yyreduce: else cfg_parser->cfg->dnstap_send_version = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6014 "util/configparser.c" +#line 6163 "util/configparser.c" break; - case 543: -#line 2869 "util/configparser.y" + case 559: +#line 2957 "util/configparser.y" { OUTYY(("P(dt_dnstap_identity:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_identity); cfg_parser->cfg->dnstap_identity = (yyvsp[0].str); } -#line 6024 "util/configparser.c" +#line 6173 "util/configparser.c" break; - case 544: -#line 2876 "util/configparser.y" + case 560: +#line 2964 "util/configparser.y" { OUTYY(("P(dt_dnstap_version:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_version); cfg_parser->cfg->dnstap_version = (yyvsp[0].str); } -#line 6034 "util/configparser.c" +#line 6183 "util/configparser.c" break; - case 545: -#line 2883 "util/configparser.y" + case 561: +#line 2971 "util/configparser.y" { OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6043,11 +6192,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6047 "util/configparser.c" +#line 6196 "util/configparser.c" break; - case 546: -#line 2893 "util/configparser.y" + case 562: +#line 2981 "util/configparser.y" { OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6056,11 +6205,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6060 "util/configparser.c" +#line 6209 "util/configparser.c" break; - case 547: -#line 2903 "util/configparser.y" + case 563: +#line 2991 "util/configparser.y" { OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6069,11 +6218,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6073 "util/configparser.c" +#line 6222 "util/configparser.c" break; - case 548: -#line 2913 "util/configparser.y" + case 564: +#line 3001 "util/configparser.y" { OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6082,11 +6231,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6086 "util/configparser.c" +#line 6235 "util/configparser.c" break; - case 549: -#line 2923 "util/configparser.y" + case 565: +#line 3011 "util/configparser.y" { OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6095,11 +6244,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6099 "util/configparser.c" +#line 6248 "util/configparser.c" break; - case 550: -#line 2933 "util/configparser.y" + case 566: +#line 3021 "util/configparser.y" { OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6108,47 +6257,47 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6112 "util/configparser.c" +#line 6261 "util/configparser.c" break; - case 551: -#line 2943 "util/configparser.y" + case 567: +#line 3031 "util/configparser.y" { OUTYY(("\nP(python:)\n")); } -#line 6120 "util/configparser.c" +#line 6269 "util/configparser.c" break; - case 555: -#line 2952 "util/configparser.y" + case 571: +#line 3040 "util/configparser.y" { OUTYY(("P(python-script:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, (yyvsp[0].str))) yyerror("out of memory"); } -#line 6130 "util/configparser.c" +#line 6279 "util/configparser.c" break; - case 556: -#line 2958 "util/configparser.y" + case 572: +#line 3046 "util/configparser.y" { OUTYY(("\nP(dynlib:)\n")); } -#line 6138 "util/configparser.c" +#line 6287 "util/configparser.c" break; - case 560: -#line 2967 "util/configparser.y" + case 576: +#line 3055 "util/configparser.y" { OUTYY(("P(dynlib-file:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_append_ex(&cfg_parser->cfg->dynlib_file, (yyvsp[0].str))) yyerror("out of memory"); } -#line 6148 "util/configparser.c" +#line 6297 "util/configparser.c" break; - case 561: -#line 2973 "util/configparser.y" + case 577: +#line 3061 "util/configparser.y" { OUTYY(("P(disable_dnssec_lame_check:%s)\n", (yyvsp[0].str))); if (strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6157,21 +6306,21 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6161 "util/configparser.c" +#line 6310 "util/configparser.c" break; - case 562: -#line 2983 "util/configparser.y" + case 578: +#line 3071 "util/configparser.y" { OUTYY(("P(server_log_identity:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->log_identity); cfg_parser->cfg->log_identity = (yyvsp[0].str); } -#line 6171 "util/configparser.c" +#line 6320 "util/configparser.c" break; - case 563: -#line 2990 "util/configparser.y" + case 579: +#line 3078 "util/configparser.y" { OUTYY(("P(server_response_ip:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); validate_respip_action((yyvsp[0].str)); @@ -6179,30 +6328,30 @@ yyreduce: (yyvsp[-1].str), (yyvsp[0].str))) fatal_exit("out of memory adding response-ip"); } -#line 6183 "util/configparser.c" +#line 6332 "util/configparser.c" break; - case 564: -#line 2999 "util/configparser.y" + case 580: +#line 3087 "util/configparser.y" { OUTYY(("P(server_response_ip_data:%s)\n", (yyvsp[-1].str))); if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data, (yyvsp[-1].str), (yyvsp[0].str))) fatal_exit("out of memory adding response-ip-data"); } -#line 6194 "util/configparser.c" +#line 6343 "util/configparser.c" break; - case 565: -#line 3007 "util/configparser.y" + case 581: +#line 3095 "util/configparser.y" { OUTYY(("\nP(dnscrypt:)\n")); } -#line 6202 "util/configparser.c" +#line 6351 "util/configparser.c" break; - case 578: -#line 3023 "util/configparser.y" + case 594: +#line 3111 "util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6210,11 +6359,11 @@ yyreduce: else cfg_parser->cfg->dnscrypt = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6214 "util/configparser.c" +#line 6363 "util/configparser.c" break; - case 579: -#line 3033 "util/configparser.y" + case 595: +#line 3121 "util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_port:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -6222,21 +6371,21 @@ yyreduce: else cfg_parser->cfg->dnscrypt_port = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 6226 "util/configparser.c" +#line 6375 "util/configparser.c" break; - case 580: -#line 3042 "util/configparser.y" + case 596: +#line 3130 "util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnscrypt_provider); cfg_parser->cfg->dnscrypt_provider = (yyvsp[0].str); } -#line 6236 "util/configparser.c" +#line 6385 "util/configparser.c" break; - case 581: -#line 3049 "util/configparser.y" + case 597: +#line 3137 "util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", (yyvsp[0].str))); if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, (yyvsp[0].str))) @@ -6244,21 +6393,21 @@ yyreduce: if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, (yyvsp[0].str))) fatal_exit("out of memory adding dnscrypt-provider-cert"); } -#line 6248 "util/configparser.c" +#line 6397 "util/configparser.c" break; - case 582: -#line 3058 "util/configparser.y" + case 598: +#line 3146 "util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, (yyvsp[0].str))) fatal_exit("out of memory adding dnscrypt-provider-cert-rotated"); } -#line 6258 "util/configparser.c" +#line 6407 "util/configparser.c" break; - case 583: -#line 3065 "util/configparser.y" + case 599: +#line 3153 "util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", (yyvsp[0].str))); if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, (yyvsp[0].str))) @@ -6266,22 +6415,22 @@ yyreduce: if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, (yyvsp[0].str))) fatal_exit("out of memory adding dnscrypt-secret-key"); } -#line 6270 "util/configparser.c" +#line 6419 "util/configparser.c" break; - case 584: -#line 3074 "util/configparser.y" + case 600: +#line 3162 "util/configparser.y" { OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->dnscrypt_shared_secret_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 6281 "util/configparser.c" +#line 6430 "util/configparser.c" break; - case 585: -#line 3082 "util/configparser.y" + case 601: +#line 3170 "util/configparser.y" { OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -6293,22 +6442,22 @@ yyreduce: } free((yyvsp[0].str)); } -#line 6297 "util/configparser.c" +#line 6446 "util/configparser.c" break; - case 586: -#line 3095 "util/configparser.y" + case 602: +#line 3183 "util/configparser.y" { OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->dnscrypt_nonce_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 6308 "util/configparser.c" +#line 6457 "util/configparser.c" break; - case 587: -#line 3103 "util/configparser.y" + case 603: +#line 3191 "util/configparser.y" { OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -6320,19 +6469,19 @@ yyreduce: } free((yyvsp[0].str)); } -#line 6324 "util/configparser.c" +#line 6473 "util/configparser.c" break; - case 588: -#line 3116 "util/configparser.y" + case 604: +#line 3204 "util/configparser.y" { OUTYY(("\nP(cachedb:)\n")); } -#line 6332 "util/configparser.c" +#line 6481 "util/configparser.c" break; - case 597: -#line 3127 "util/configparser.y" + case 613: +#line 3215 "util/configparser.y" { #ifdef USE_CACHEDB OUTYY(("P(backend:%s)\n", (yyvsp[0].str))); @@ -6343,11 +6492,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6347 "util/configparser.c" +#line 6496 "util/configparser.c" break; - case 598: -#line 3139 "util/configparser.y" + case 614: +#line 3227 "util/configparser.y" { #ifdef USE_CACHEDB OUTYY(("P(secret-seed:%s)\n", (yyvsp[0].str))); @@ -6358,11 +6507,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6362 "util/configparser.c" +#line 6511 "util/configparser.c" break; - case 599: -#line 3151 "util/configparser.y" + case 615: +#line 3239 "util/configparser.y" { #if defined(USE_CACHEDB) && defined(USE_REDIS) OUTYY(("P(redis_server_host:%s)\n", (yyvsp[0].str))); @@ -6373,11 +6522,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6377 "util/configparser.c" +#line 6526 "util/configparser.c" break; - case 600: -#line 3163 "util/configparser.y" + case 616: +#line 3251 "util/configparser.y" { #if defined(USE_CACHEDB) && defined(USE_REDIS) int port; @@ -6391,11 +6540,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 6395 "util/configparser.c" +#line 6544 "util/configparser.c" break; - case 601: -#line 3178 "util/configparser.y" + case 617: +#line 3266 "util/configparser.y" { #if defined(USE_CACHEDB) && defined(USE_REDIS) OUTYY(("P(redis_timeout:%s)\n", (yyvsp[0].str))); @@ -6407,11 +6556,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 6411 "util/configparser.c" +#line 6560 "util/configparser.c" break; - case 602: -#line 3191 "util/configparser.y" + case 618: +#line 3279 "util/configparser.y" { #if defined(USE_CACHEDB) && defined(USE_REDIS) OUTYY(("P(redis_expire_records:%s)\n", (yyvsp[0].str))); @@ -6423,11 +6572,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 6427 "util/configparser.c" +#line 6576 "util/configparser.c" break; - case 603: -#line 3204 "util/configparser.y" + case 619: +#line 3292 "util/configparser.y" { OUTYY(("P(server_tcp_connection_limit:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if (atoi((yyvsp[0].str)) < 0) @@ -6437,19 +6586,19 @@ yyreduce: fatal_exit("out of memory adding tcp connection limit"); } } -#line 6441 "util/configparser.c" +#line 6590 "util/configparser.c" break; - case 604: -#line 3215 "util/configparser.y" + case 620: +#line 3303 "util/configparser.y" { OUTYY(("\nP(ipset:)\n")); } -#line 6449 "util/configparser.c" +#line 6598 "util/configparser.c" break; - case 609: -#line 3224 "util/configparser.y" + case 625: +#line 3312 "util/configparser.y" { #ifdef USE_IPSET OUTYY(("P(name-v4:%s)\n", (yyvsp[0].str))); @@ -6463,11 +6612,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6467 "util/configparser.c" +#line 6616 "util/configparser.c" break; - case 610: -#line 3239 "util/configparser.y" + case 626: +#line 3327 "util/configparser.y" { #ifdef USE_IPSET OUTYY(("P(name-v6:%s)\n", (yyvsp[0].str))); @@ -6481,11 +6630,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6485 "util/configparser.c" +#line 6634 "util/configparser.c" break; -#line 6489 "util/configparser.c" +#line 6638 "util/configparser.c" default: break; } @@ -6717,7 +6866,7 @@ yyreturn: #endif return yyresult; } -#line 3253 "util/configparser.y" +#line 3341 "util/configparser.y" /* parse helper routines could be here */ diff --git a/util/configparser.h b/util/configparser.h index 2f56c42a6ad2..539377e8e747 100644 --- a/util/configparser.h +++ b/util/configparser.h @@ -188,156 +188,164 @@ extern int yydebug; VAR_STUB_SSL_UPSTREAM = 394, VAR_FORWARD_SSL_UPSTREAM = 395, VAR_TLS_CERT_BUNDLE = 396, - VAR_STUB_FIRST = 397, - VAR_MINIMAL_RESPONSES = 398, - VAR_RRSET_ROUNDROBIN = 399, - VAR_MAX_UDP_SIZE = 400, - VAR_DELAY_CLOSE = 401, - VAR_UNBLOCK_LAN_ZONES = 402, - VAR_INSECURE_LAN_ZONES = 403, - VAR_INFRA_CACHE_MIN_RTT = 404, - VAR_DNS64_PREFIX = 405, - VAR_DNS64_SYNTHALL = 406, - VAR_DNS64_IGNORE_AAAA = 407, - VAR_DNSTAP = 408, - VAR_DNSTAP_ENABLE = 409, - VAR_DNSTAP_SOCKET_PATH = 410, - VAR_DNSTAP_IP = 411, - VAR_DNSTAP_TLS = 412, - VAR_DNSTAP_TLS_SERVER_NAME = 413, - VAR_DNSTAP_TLS_CERT_BUNDLE = 414, - VAR_DNSTAP_TLS_CLIENT_KEY_FILE = 415, - VAR_DNSTAP_TLS_CLIENT_CERT_FILE = 416, - VAR_DNSTAP_SEND_IDENTITY = 417, - VAR_DNSTAP_SEND_VERSION = 418, - VAR_DNSTAP_BIDIRECTIONAL = 419, - VAR_DNSTAP_IDENTITY = 420, - VAR_DNSTAP_VERSION = 421, - VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES = 422, - VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES = 423, - VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES = 424, - VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES = 425, - VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES = 426, - VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES = 427, - VAR_RESPONSE_IP_TAG = 428, - VAR_RESPONSE_IP = 429, - VAR_RESPONSE_IP_DATA = 430, - VAR_HARDEN_ALGO_DOWNGRADE = 431, - VAR_IP_TRANSPARENT = 432, - VAR_IP_DSCP = 433, - VAR_DISABLE_DNSSEC_LAME_CHECK = 434, - VAR_IP_RATELIMIT = 435, - VAR_IP_RATELIMIT_SLABS = 436, - VAR_IP_RATELIMIT_SIZE = 437, - VAR_RATELIMIT = 438, - VAR_RATELIMIT_SLABS = 439, - VAR_RATELIMIT_SIZE = 440, - VAR_RATELIMIT_FOR_DOMAIN = 441, - VAR_RATELIMIT_BELOW_DOMAIN = 442, - VAR_IP_RATELIMIT_FACTOR = 443, - VAR_RATELIMIT_FACTOR = 444, - VAR_SEND_CLIENT_SUBNET = 445, - VAR_CLIENT_SUBNET_ZONE = 446, - VAR_CLIENT_SUBNET_ALWAYS_FORWARD = 447, - VAR_CLIENT_SUBNET_OPCODE = 448, - VAR_MAX_CLIENT_SUBNET_IPV4 = 449, - VAR_MAX_CLIENT_SUBNET_IPV6 = 450, - VAR_MIN_CLIENT_SUBNET_IPV4 = 451, - VAR_MIN_CLIENT_SUBNET_IPV6 = 452, - VAR_MAX_ECS_TREE_SIZE_IPV4 = 453, - VAR_MAX_ECS_TREE_SIZE_IPV6 = 454, - VAR_CAPS_WHITELIST = 455, - VAR_CACHE_MAX_NEGATIVE_TTL = 456, - VAR_PERMIT_SMALL_HOLDDOWN = 457, - VAR_QNAME_MINIMISATION = 458, - VAR_QNAME_MINIMISATION_STRICT = 459, - VAR_IP_FREEBIND = 460, - VAR_DEFINE_TAG = 461, - VAR_LOCAL_ZONE_TAG = 462, - VAR_ACCESS_CONTROL_TAG = 463, - VAR_LOCAL_ZONE_OVERRIDE = 464, - VAR_ACCESS_CONTROL_TAG_ACTION = 465, - VAR_ACCESS_CONTROL_TAG_DATA = 466, - VAR_VIEW = 467, - VAR_ACCESS_CONTROL_VIEW = 468, - VAR_VIEW_FIRST = 469, - VAR_SERVE_EXPIRED = 470, - VAR_SERVE_EXPIRED_TTL = 471, - VAR_SERVE_EXPIRED_TTL_RESET = 472, - VAR_SERVE_EXPIRED_REPLY_TTL = 473, - VAR_SERVE_EXPIRED_CLIENT_TIMEOUT = 474, - VAR_FAKE_DSA = 475, - VAR_FAKE_SHA1 = 476, - VAR_LOG_IDENTITY = 477, - VAR_HIDE_TRUSTANCHOR = 478, - VAR_TRUST_ANCHOR_SIGNALING = 479, - VAR_AGGRESSIVE_NSEC = 480, - VAR_USE_SYSTEMD = 481, - VAR_SHM_ENABLE = 482, - VAR_SHM_KEY = 483, - VAR_ROOT_KEY_SENTINEL = 484, - VAR_DNSCRYPT = 485, - VAR_DNSCRYPT_ENABLE = 486, - VAR_DNSCRYPT_PORT = 487, - VAR_DNSCRYPT_PROVIDER = 488, - VAR_DNSCRYPT_SECRET_KEY = 489, - VAR_DNSCRYPT_PROVIDER_CERT = 490, - VAR_DNSCRYPT_PROVIDER_CERT_ROTATED = 491, - VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE = 492, - VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS = 493, - VAR_DNSCRYPT_NONCE_CACHE_SIZE = 494, - VAR_DNSCRYPT_NONCE_CACHE_SLABS = 495, - VAR_IPSECMOD_ENABLED = 496, - VAR_IPSECMOD_HOOK = 497, - VAR_IPSECMOD_IGNORE_BOGUS = 498, - VAR_IPSECMOD_MAX_TTL = 499, - VAR_IPSECMOD_WHITELIST = 500, - VAR_IPSECMOD_STRICT = 501, - VAR_CACHEDB = 502, - VAR_CACHEDB_BACKEND = 503, - VAR_CACHEDB_SECRETSEED = 504, - VAR_CACHEDB_REDISHOST = 505, - VAR_CACHEDB_REDISPORT = 506, - VAR_CACHEDB_REDISTIMEOUT = 507, - VAR_CACHEDB_REDISEXPIRERECORDS = 508, - VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM = 509, - VAR_FOR_UPSTREAM = 510, - VAR_AUTH_ZONE = 511, - VAR_ZONEFILE = 512, - VAR_MASTER = 513, - VAR_URL = 514, - VAR_FOR_DOWNSTREAM = 515, - VAR_FALLBACK_ENABLED = 516, - VAR_TLS_ADDITIONAL_PORT = 517, - VAR_LOW_RTT = 518, - VAR_LOW_RTT_PERMIL = 519, - VAR_FAST_SERVER_PERMIL = 520, - VAR_FAST_SERVER_NUM = 521, - VAR_ALLOW_NOTIFY = 522, - VAR_TLS_WIN_CERT = 523, - VAR_TCP_CONNECTION_LIMIT = 524, - VAR_FORWARD_NO_CACHE = 525, - VAR_STUB_NO_CACHE = 526, - VAR_LOG_SERVFAIL = 527, - VAR_DENY_ANY = 528, - VAR_UNKNOWN_SERVER_TIME_LIMIT = 529, - VAR_LOG_TAG_QUERYREPLY = 530, - VAR_STREAM_WAIT_SIZE = 531, - VAR_TLS_CIPHERS = 532, - VAR_TLS_CIPHERSUITES = 533, - VAR_TLS_USE_SNI = 534, - VAR_IPSET = 535, - VAR_IPSET_NAME_V4 = 536, - VAR_IPSET_NAME_V6 = 537, - VAR_TLS_SESSION_TICKET_KEYS = 538, - VAR_RPZ = 539, - VAR_TAGS = 540, - VAR_RPZ_ACTION_OVERRIDE = 541, - VAR_RPZ_CNAME_OVERRIDE = 542, - VAR_RPZ_LOG = 543, - VAR_RPZ_LOG_NAME = 544, - VAR_DYNLIB = 545, - VAR_DYNLIB_FILE = 546 + VAR_HTTPS_PORT = 397, + VAR_HTTP_ENDPOINT = 398, + VAR_HTTP_MAX_STREAMS = 399, + VAR_HTTP_QUERY_BUFFER_SIZE = 400, + VAR_HTTP_RESPONSE_BUFFER_SIZE = 401, + VAR_HTTP_NODELAY = 402, + VAR_STUB_FIRST = 403, + VAR_MINIMAL_RESPONSES = 404, + VAR_RRSET_ROUNDROBIN = 405, + VAR_MAX_UDP_SIZE = 406, + VAR_DELAY_CLOSE = 407, + VAR_UNBLOCK_LAN_ZONES = 408, + VAR_INSECURE_LAN_ZONES = 409, + VAR_INFRA_CACHE_MIN_RTT = 410, + VAR_DNS64_PREFIX = 411, + VAR_DNS64_SYNTHALL = 412, + VAR_DNS64_IGNORE_AAAA = 413, + VAR_DNSTAP = 414, + VAR_DNSTAP_ENABLE = 415, + VAR_DNSTAP_SOCKET_PATH = 416, + VAR_DNSTAP_IP = 417, + VAR_DNSTAP_TLS = 418, + VAR_DNSTAP_TLS_SERVER_NAME = 419, + VAR_DNSTAP_TLS_CERT_BUNDLE = 420, + VAR_DNSTAP_TLS_CLIENT_KEY_FILE = 421, + VAR_DNSTAP_TLS_CLIENT_CERT_FILE = 422, + VAR_DNSTAP_SEND_IDENTITY = 423, + VAR_DNSTAP_SEND_VERSION = 424, + VAR_DNSTAP_BIDIRECTIONAL = 425, + VAR_DNSTAP_IDENTITY = 426, + VAR_DNSTAP_VERSION = 427, + VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES = 428, + VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES = 429, + VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES = 430, + VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES = 431, + VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES = 432, + VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES = 433, + VAR_RESPONSE_IP_TAG = 434, + VAR_RESPONSE_IP = 435, + VAR_RESPONSE_IP_DATA = 436, + VAR_HARDEN_ALGO_DOWNGRADE = 437, + VAR_IP_TRANSPARENT = 438, + VAR_IP_DSCP = 439, + VAR_DISABLE_DNSSEC_LAME_CHECK = 440, + VAR_IP_RATELIMIT = 441, + VAR_IP_RATELIMIT_SLABS = 442, + VAR_IP_RATELIMIT_SIZE = 443, + VAR_RATELIMIT = 444, + VAR_RATELIMIT_SLABS = 445, + VAR_RATELIMIT_SIZE = 446, + VAR_RATELIMIT_FOR_DOMAIN = 447, + VAR_RATELIMIT_BELOW_DOMAIN = 448, + VAR_IP_RATELIMIT_FACTOR = 449, + VAR_RATELIMIT_FACTOR = 450, + VAR_SEND_CLIENT_SUBNET = 451, + VAR_CLIENT_SUBNET_ZONE = 452, + VAR_CLIENT_SUBNET_ALWAYS_FORWARD = 453, + VAR_CLIENT_SUBNET_OPCODE = 454, + VAR_MAX_CLIENT_SUBNET_IPV4 = 455, + VAR_MAX_CLIENT_SUBNET_IPV6 = 456, + VAR_MIN_CLIENT_SUBNET_IPV4 = 457, + VAR_MIN_CLIENT_SUBNET_IPV6 = 458, + VAR_MAX_ECS_TREE_SIZE_IPV4 = 459, + VAR_MAX_ECS_TREE_SIZE_IPV6 = 460, + VAR_CAPS_WHITELIST = 461, + VAR_CACHE_MAX_NEGATIVE_TTL = 462, + VAR_PERMIT_SMALL_HOLDDOWN = 463, + VAR_QNAME_MINIMISATION = 464, + VAR_QNAME_MINIMISATION_STRICT = 465, + VAR_IP_FREEBIND = 466, + VAR_DEFINE_TAG = 467, + VAR_LOCAL_ZONE_TAG = 468, + VAR_ACCESS_CONTROL_TAG = 469, + VAR_LOCAL_ZONE_OVERRIDE = 470, + VAR_ACCESS_CONTROL_TAG_ACTION = 471, + VAR_ACCESS_CONTROL_TAG_DATA = 472, + VAR_VIEW = 473, + VAR_ACCESS_CONTROL_VIEW = 474, + VAR_VIEW_FIRST = 475, + VAR_SERVE_EXPIRED = 476, + VAR_SERVE_EXPIRED_TTL = 477, + VAR_SERVE_EXPIRED_TTL_RESET = 478, + VAR_SERVE_EXPIRED_REPLY_TTL = 479, + VAR_SERVE_EXPIRED_CLIENT_TIMEOUT = 480, + VAR_FAKE_DSA = 481, + VAR_FAKE_SHA1 = 482, + VAR_LOG_IDENTITY = 483, + VAR_HIDE_TRUSTANCHOR = 484, + VAR_TRUST_ANCHOR_SIGNALING = 485, + VAR_AGGRESSIVE_NSEC = 486, + VAR_USE_SYSTEMD = 487, + VAR_SHM_ENABLE = 488, + VAR_SHM_KEY = 489, + VAR_ROOT_KEY_SENTINEL = 490, + VAR_DNSCRYPT = 491, + VAR_DNSCRYPT_ENABLE = 492, + VAR_DNSCRYPT_PORT = 493, + VAR_DNSCRYPT_PROVIDER = 494, + VAR_DNSCRYPT_SECRET_KEY = 495, + VAR_DNSCRYPT_PROVIDER_CERT = 496, + VAR_DNSCRYPT_PROVIDER_CERT_ROTATED = 497, + VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE = 498, + VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS = 499, + VAR_DNSCRYPT_NONCE_CACHE_SIZE = 500, + VAR_DNSCRYPT_NONCE_CACHE_SLABS = 501, + VAR_IPSECMOD_ENABLED = 502, + VAR_IPSECMOD_HOOK = 503, + VAR_IPSECMOD_IGNORE_BOGUS = 504, + VAR_IPSECMOD_MAX_TTL = 505, + VAR_IPSECMOD_WHITELIST = 506, + VAR_IPSECMOD_STRICT = 507, + VAR_CACHEDB = 508, + VAR_CACHEDB_BACKEND = 509, + VAR_CACHEDB_SECRETSEED = 510, + VAR_CACHEDB_REDISHOST = 511, + VAR_CACHEDB_REDISPORT = 512, + VAR_CACHEDB_REDISTIMEOUT = 513, + VAR_CACHEDB_REDISEXPIRERECORDS = 514, + VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM = 515, + VAR_FOR_UPSTREAM = 516, + VAR_AUTH_ZONE = 517, + VAR_ZONEFILE = 518, + VAR_MASTER = 519, + VAR_URL = 520, + VAR_FOR_DOWNSTREAM = 521, + VAR_FALLBACK_ENABLED = 522, + VAR_TLS_ADDITIONAL_PORT = 523, + VAR_LOW_RTT = 524, + VAR_LOW_RTT_PERMIL = 525, + VAR_FAST_SERVER_PERMIL = 526, + VAR_FAST_SERVER_NUM = 527, + VAR_ALLOW_NOTIFY = 528, + VAR_TLS_WIN_CERT = 529, + VAR_TCP_CONNECTION_LIMIT = 530, + VAR_FORWARD_NO_CACHE = 531, + VAR_STUB_NO_CACHE = 532, + VAR_LOG_SERVFAIL = 533, + VAR_DENY_ANY = 534, + VAR_UNKNOWN_SERVER_TIME_LIMIT = 535, + VAR_LOG_TAG_QUERYREPLY = 536, + VAR_STREAM_WAIT_SIZE = 537, + VAR_TLS_CIPHERS = 538, + VAR_TLS_CIPHERSUITES = 539, + VAR_TLS_USE_SNI = 540, + VAR_IPSET = 541, + VAR_IPSET_NAME_V4 = 542, + VAR_IPSET_NAME_V6 = 543, + VAR_TLS_SESSION_TICKET_KEYS = 544, + VAR_RPZ = 545, + VAR_TAGS = 546, + VAR_RPZ_ACTION_OVERRIDE = 547, + VAR_RPZ_CNAME_OVERRIDE = 548, + VAR_RPZ_LOG = 549, + VAR_RPZ_LOG_NAME = 550, + VAR_DYNLIB = 551, + VAR_DYNLIB_FILE = 552, + VAR_EDNS_CLIENT_TAG = 553, + VAR_EDNS_CLIENT_TAG_OPCODE = 554 }; #endif /* Tokens. */ @@ -480,156 +488,164 @@ extern int yydebug; #define VAR_STUB_SSL_UPSTREAM 394 #define VAR_FORWARD_SSL_UPSTREAM 395 #define VAR_TLS_CERT_BUNDLE 396 -#define VAR_STUB_FIRST 397 -#define VAR_MINIMAL_RESPONSES 398 -#define VAR_RRSET_ROUNDROBIN 399 -#define VAR_MAX_UDP_SIZE 400 -#define VAR_DELAY_CLOSE 401 -#define VAR_UNBLOCK_LAN_ZONES 402 -#define VAR_INSECURE_LAN_ZONES 403 -#define VAR_INFRA_CACHE_MIN_RTT 404 -#define VAR_DNS64_PREFIX 405 -#define VAR_DNS64_SYNTHALL 406 -#define VAR_DNS64_IGNORE_AAAA 407 -#define VAR_DNSTAP 408 -#define VAR_DNSTAP_ENABLE 409 -#define VAR_DNSTAP_SOCKET_PATH 410 -#define VAR_DNSTAP_IP 411 -#define VAR_DNSTAP_TLS 412 -#define VAR_DNSTAP_TLS_SERVER_NAME 413 -#define VAR_DNSTAP_TLS_CERT_BUNDLE 414 -#define VAR_DNSTAP_TLS_CLIENT_KEY_FILE 415 -#define VAR_DNSTAP_TLS_CLIENT_CERT_FILE 416 -#define VAR_DNSTAP_SEND_IDENTITY 417 -#define VAR_DNSTAP_SEND_VERSION 418 -#define VAR_DNSTAP_BIDIRECTIONAL 419 -#define VAR_DNSTAP_IDENTITY 420 -#define VAR_DNSTAP_VERSION 421 -#define VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 422 -#define VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 423 -#define VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 424 -#define VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 425 -#define VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 426 -#define VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 427 -#define VAR_RESPONSE_IP_TAG 428 -#define VAR_RESPONSE_IP 429 -#define VAR_RESPONSE_IP_DATA 430 -#define VAR_HARDEN_ALGO_DOWNGRADE 431 -#define VAR_IP_TRANSPARENT 432 -#define VAR_IP_DSCP 433 -#define VAR_DISABLE_DNSSEC_LAME_CHECK 434 -#define VAR_IP_RATELIMIT 435 -#define VAR_IP_RATELIMIT_SLABS 436 -#define VAR_IP_RATELIMIT_SIZE 437 -#define VAR_RATELIMIT 438 -#define VAR_RATELIMIT_SLABS 439 -#define VAR_RATELIMIT_SIZE 440 -#define VAR_RATELIMIT_FOR_DOMAIN 441 -#define VAR_RATELIMIT_BELOW_DOMAIN 442 -#define VAR_IP_RATELIMIT_FACTOR 443 -#define VAR_RATELIMIT_FACTOR 444 -#define VAR_SEND_CLIENT_SUBNET 445 -#define VAR_CLIENT_SUBNET_ZONE 446 -#define VAR_CLIENT_SUBNET_ALWAYS_FORWARD 447 -#define VAR_CLIENT_SUBNET_OPCODE 448 -#define VAR_MAX_CLIENT_SUBNET_IPV4 449 -#define VAR_MAX_CLIENT_SUBNET_IPV6 450 -#define VAR_MIN_CLIENT_SUBNET_IPV4 451 -#define VAR_MIN_CLIENT_SUBNET_IPV6 452 -#define VAR_MAX_ECS_TREE_SIZE_IPV4 453 -#define VAR_MAX_ECS_TREE_SIZE_IPV6 454 -#define VAR_CAPS_WHITELIST 455 -#define VAR_CACHE_MAX_NEGATIVE_TTL 456 -#define VAR_PERMIT_SMALL_HOLDDOWN 457 -#define VAR_QNAME_MINIMISATION 458 -#define VAR_QNAME_MINIMISATION_STRICT 459 -#define VAR_IP_FREEBIND 460 -#define VAR_DEFINE_TAG 461 -#define VAR_LOCAL_ZONE_TAG 462 -#define VAR_ACCESS_CONTROL_TAG 463 -#define VAR_LOCAL_ZONE_OVERRIDE 464 -#define VAR_ACCESS_CONTROL_TAG_ACTION 465 -#define VAR_ACCESS_CONTROL_TAG_DATA 466 -#define VAR_VIEW 467 -#define VAR_ACCESS_CONTROL_VIEW 468 -#define VAR_VIEW_FIRST 469 -#define VAR_SERVE_EXPIRED 470 -#define VAR_SERVE_EXPIRED_TTL 471 -#define VAR_SERVE_EXPIRED_TTL_RESET 472 -#define VAR_SERVE_EXPIRED_REPLY_TTL 473 -#define VAR_SERVE_EXPIRED_CLIENT_TIMEOUT 474 -#define VAR_FAKE_DSA 475 -#define VAR_FAKE_SHA1 476 -#define VAR_LOG_IDENTITY 477 -#define VAR_HIDE_TRUSTANCHOR 478 -#define VAR_TRUST_ANCHOR_SIGNALING 479 -#define VAR_AGGRESSIVE_NSEC 480 -#define VAR_USE_SYSTEMD 481 -#define VAR_SHM_ENABLE 482 -#define VAR_SHM_KEY 483 -#define VAR_ROOT_KEY_SENTINEL 484 -#define VAR_DNSCRYPT 485 -#define VAR_DNSCRYPT_ENABLE 486 -#define VAR_DNSCRYPT_PORT 487 -#define VAR_DNSCRYPT_PROVIDER 488 -#define VAR_DNSCRYPT_SECRET_KEY 489 -#define VAR_DNSCRYPT_PROVIDER_CERT 490 -#define VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 491 -#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 492 -#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 493 -#define VAR_DNSCRYPT_NONCE_CACHE_SIZE 494 -#define VAR_DNSCRYPT_NONCE_CACHE_SLABS 495 -#define VAR_IPSECMOD_ENABLED 496 -#define VAR_IPSECMOD_HOOK 497 -#define VAR_IPSECMOD_IGNORE_BOGUS 498 -#define VAR_IPSECMOD_MAX_TTL 499 -#define VAR_IPSECMOD_WHITELIST 500 -#define VAR_IPSECMOD_STRICT 501 -#define VAR_CACHEDB 502 -#define VAR_CACHEDB_BACKEND 503 -#define VAR_CACHEDB_SECRETSEED 504 -#define VAR_CACHEDB_REDISHOST 505 -#define VAR_CACHEDB_REDISPORT 506 -#define VAR_CACHEDB_REDISTIMEOUT 507 -#define VAR_CACHEDB_REDISEXPIRERECORDS 508 -#define VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM 509 -#define VAR_FOR_UPSTREAM 510 -#define VAR_AUTH_ZONE 511 -#define VAR_ZONEFILE 512 -#define VAR_MASTER 513 -#define VAR_URL 514 -#define VAR_FOR_DOWNSTREAM 515 -#define VAR_FALLBACK_ENABLED 516 -#define VAR_TLS_ADDITIONAL_PORT 517 -#define VAR_LOW_RTT 518 -#define VAR_LOW_RTT_PERMIL 519 -#define VAR_FAST_SERVER_PERMIL 520 -#define VAR_FAST_SERVER_NUM 521 -#define VAR_ALLOW_NOTIFY 522 -#define VAR_TLS_WIN_CERT 523 -#define VAR_TCP_CONNECTION_LIMIT 524 -#define VAR_FORWARD_NO_CACHE 525 -#define VAR_STUB_NO_CACHE 526 -#define VAR_LOG_SERVFAIL 527 -#define VAR_DENY_ANY 528 -#define VAR_UNKNOWN_SERVER_TIME_LIMIT 529 -#define VAR_LOG_TAG_QUERYREPLY 530 -#define VAR_STREAM_WAIT_SIZE 531 -#define VAR_TLS_CIPHERS 532 -#define VAR_TLS_CIPHERSUITES 533 -#define VAR_TLS_USE_SNI 534 -#define VAR_IPSET 535 -#define VAR_IPSET_NAME_V4 536 -#define VAR_IPSET_NAME_V6 537 -#define VAR_TLS_SESSION_TICKET_KEYS 538 -#define VAR_RPZ 539 -#define VAR_TAGS 540 -#define VAR_RPZ_ACTION_OVERRIDE 541 -#define VAR_RPZ_CNAME_OVERRIDE 542 -#define VAR_RPZ_LOG 543 -#define VAR_RPZ_LOG_NAME 544 -#define VAR_DYNLIB 545 -#define VAR_DYNLIB_FILE 546 +#define VAR_HTTPS_PORT 397 +#define VAR_HTTP_ENDPOINT 398 +#define VAR_HTTP_MAX_STREAMS 399 +#define VAR_HTTP_QUERY_BUFFER_SIZE 400 +#define VAR_HTTP_RESPONSE_BUFFER_SIZE 401 +#define VAR_HTTP_NODELAY 402 +#define VAR_STUB_FIRST 403 +#define VAR_MINIMAL_RESPONSES 404 +#define VAR_RRSET_ROUNDROBIN 405 +#define VAR_MAX_UDP_SIZE 406 +#define VAR_DELAY_CLOSE 407 +#define VAR_UNBLOCK_LAN_ZONES 408 +#define VAR_INSECURE_LAN_ZONES 409 +#define VAR_INFRA_CACHE_MIN_RTT 410 +#define VAR_DNS64_PREFIX 411 +#define VAR_DNS64_SYNTHALL 412 +#define VAR_DNS64_IGNORE_AAAA 413 +#define VAR_DNSTAP 414 +#define VAR_DNSTAP_ENABLE 415 +#define VAR_DNSTAP_SOCKET_PATH 416 +#define VAR_DNSTAP_IP 417 +#define VAR_DNSTAP_TLS 418 +#define VAR_DNSTAP_TLS_SERVER_NAME 419 +#define VAR_DNSTAP_TLS_CERT_BUNDLE 420 +#define VAR_DNSTAP_TLS_CLIENT_KEY_FILE 421 +#define VAR_DNSTAP_TLS_CLIENT_CERT_FILE 422 +#define VAR_DNSTAP_SEND_IDENTITY 423 +#define VAR_DNSTAP_SEND_VERSION 424 +#define VAR_DNSTAP_BIDIRECTIONAL 425 +#define VAR_DNSTAP_IDENTITY 426 +#define VAR_DNSTAP_VERSION 427 +#define VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 428 +#define VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 429 +#define VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 430 +#define VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 431 +#define VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 432 +#define VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 433 +#define VAR_RESPONSE_IP_TAG 434 +#define VAR_RESPONSE_IP 435 +#define VAR_RESPONSE_IP_DATA 436 +#define VAR_HARDEN_ALGO_DOWNGRADE 437 +#define VAR_IP_TRANSPARENT 438 +#define VAR_IP_DSCP 439 +#define VAR_DISABLE_DNSSEC_LAME_CHECK 440 +#define VAR_IP_RATELIMIT 441 +#define VAR_IP_RATELIMIT_SLABS 442 +#define VAR_IP_RATELIMIT_SIZE 443 +#define VAR_RATELIMIT 444 +#define VAR_RATELIMIT_SLABS 445 +#define VAR_RATELIMIT_SIZE 446 +#define VAR_RATELIMIT_FOR_DOMAIN 447 +#define VAR_RATELIMIT_BELOW_DOMAIN 448 +#define VAR_IP_RATELIMIT_FACTOR 449 +#define VAR_RATELIMIT_FACTOR 450 +#define VAR_SEND_CLIENT_SUBNET 451 +#define VAR_CLIENT_SUBNET_ZONE 452 +#define VAR_CLIENT_SUBNET_ALWAYS_FORWARD 453 +#define VAR_CLIENT_SUBNET_OPCODE 454 +#define VAR_MAX_CLIENT_SUBNET_IPV4 455 +#define VAR_MAX_CLIENT_SUBNET_IPV6 456 +#define VAR_MIN_CLIENT_SUBNET_IPV4 457 +#define VAR_MIN_CLIENT_SUBNET_IPV6 458 +#define VAR_MAX_ECS_TREE_SIZE_IPV4 459 +#define VAR_MAX_ECS_TREE_SIZE_IPV6 460 +#define VAR_CAPS_WHITELIST 461 +#define VAR_CACHE_MAX_NEGATIVE_TTL 462 +#define VAR_PERMIT_SMALL_HOLDDOWN 463 +#define VAR_QNAME_MINIMISATION 464 +#define VAR_QNAME_MINIMISATION_STRICT 465 +#define VAR_IP_FREEBIND 466 +#define VAR_DEFINE_TAG 467 +#define VAR_LOCAL_ZONE_TAG 468 +#define VAR_ACCESS_CONTROL_TAG 469 +#define VAR_LOCAL_ZONE_OVERRIDE 470 +#define VAR_ACCESS_CONTROL_TAG_ACTION 471 +#define VAR_ACCESS_CONTROL_TAG_DATA 472 +#define VAR_VIEW 473 +#define VAR_ACCESS_CONTROL_VIEW 474 +#define VAR_VIEW_FIRST 475 +#define VAR_SERVE_EXPIRED 476 +#define VAR_SERVE_EXPIRED_TTL 477 +#define VAR_SERVE_EXPIRED_TTL_RESET 478 +#define VAR_SERVE_EXPIRED_REPLY_TTL 479 +#define VAR_SERVE_EXPIRED_CLIENT_TIMEOUT 480 +#define VAR_FAKE_DSA 481 +#define VAR_FAKE_SHA1 482 +#define VAR_LOG_IDENTITY 483 +#define VAR_HIDE_TRUSTANCHOR 484 +#define VAR_TRUST_ANCHOR_SIGNALING 485 +#define VAR_AGGRESSIVE_NSEC 486 +#define VAR_USE_SYSTEMD 487 +#define VAR_SHM_ENABLE 488 +#define VAR_SHM_KEY 489 +#define VAR_ROOT_KEY_SENTINEL 490 +#define VAR_DNSCRYPT 491 +#define VAR_DNSCRYPT_ENABLE 492 +#define VAR_DNSCRYPT_PORT 493 +#define VAR_DNSCRYPT_PROVIDER 494 +#define VAR_DNSCRYPT_SECRET_KEY 495 +#define VAR_DNSCRYPT_PROVIDER_CERT 496 +#define VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 497 +#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 498 +#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 499 +#define VAR_DNSCRYPT_NONCE_CACHE_SIZE 500 +#define VAR_DNSCRYPT_NONCE_CACHE_SLABS 501 +#define VAR_IPSECMOD_ENABLED 502 +#define VAR_IPSECMOD_HOOK 503 +#define VAR_IPSECMOD_IGNORE_BOGUS 504 +#define VAR_IPSECMOD_MAX_TTL 505 +#define VAR_IPSECMOD_WHITELIST 506 +#define VAR_IPSECMOD_STRICT 507 +#define VAR_CACHEDB 508 +#define VAR_CACHEDB_BACKEND 509 +#define VAR_CACHEDB_SECRETSEED 510 +#define VAR_CACHEDB_REDISHOST 511 +#define VAR_CACHEDB_REDISPORT 512 +#define VAR_CACHEDB_REDISTIMEOUT 513 +#define VAR_CACHEDB_REDISEXPIRERECORDS 514 +#define VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM 515 +#define VAR_FOR_UPSTREAM 516 +#define VAR_AUTH_ZONE 517 +#define VAR_ZONEFILE 518 +#define VAR_MASTER 519 +#define VAR_URL 520 +#define VAR_FOR_DOWNSTREAM 521 +#define VAR_FALLBACK_ENABLED 522 +#define VAR_TLS_ADDITIONAL_PORT 523 +#define VAR_LOW_RTT 524 +#define VAR_LOW_RTT_PERMIL 525 +#define VAR_FAST_SERVER_PERMIL 526 +#define VAR_FAST_SERVER_NUM 527 +#define VAR_ALLOW_NOTIFY 528 +#define VAR_TLS_WIN_CERT 529 +#define VAR_TCP_CONNECTION_LIMIT 530 +#define VAR_FORWARD_NO_CACHE 531 +#define VAR_STUB_NO_CACHE 532 +#define VAR_LOG_SERVFAIL 533 +#define VAR_DENY_ANY 534 +#define VAR_UNKNOWN_SERVER_TIME_LIMIT 535 +#define VAR_LOG_TAG_QUERYREPLY 536 +#define VAR_STREAM_WAIT_SIZE 537 +#define VAR_TLS_CIPHERS 538 +#define VAR_TLS_CIPHERSUITES 539 +#define VAR_TLS_USE_SNI 540 +#define VAR_IPSET 541 +#define VAR_IPSET_NAME_V4 542 +#define VAR_IPSET_NAME_V6 543 +#define VAR_TLS_SESSION_TICKET_KEYS 544 +#define VAR_RPZ 545 +#define VAR_TAGS 546 +#define VAR_RPZ_ACTION_OVERRIDE 547 +#define VAR_RPZ_CNAME_OVERRIDE 548 +#define VAR_RPZ_LOG 549 +#define VAR_RPZ_LOG_NAME 550 +#define VAR_DYNLIB 551 +#define VAR_DYNLIB_FILE 552 +#define VAR_EDNS_CLIENT_TAG 553 +#define VAR_EDNS_CLIENT_TAG_OPCODE 554 /* Value type. */ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED @@ -639,7 +655,7 @@ union YYSTYPE char* str; -#line 643 "util/configparser.h" +#line 659 "util/configparser.h" }; typedef union YYSTYPE YYSTYPE; diff --git a/util/configparser.y b/util/configparser.y index fe600a999d45..43a886f2403a 100644 --- a/util/configparser.y +++ b/util/configparser.y @@ -112,6 +112,9 @@ extern struct config_parser_state* cfg_parser; %token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE +%token VAR_HTTPS_PORT VAR_HTTP_ENDPOINT VAR_HTTP_MAX_STREAMS +%token VAR_HTTP_QUERY_BUFFER_SIZE VAR_HTTP_RESPONSE_BUFFER_SIZE +%token VAR_HTTP_NODELAY %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES @@ -175,7 +178,7 @@ extern struct config_parser_state* cfg_parser; %token VAR_IPSET VAR_IPSET_NAME_V4 VAR_IPSET_NAME_V6 %token VAR_TLS_SESSION_TICKET_KEYS VAR_RPZ VAR_TAGS VAR_RPZ_ACTION_OVERRIDE %token VAR_RPZ_CNAME_OVERRIDE VAR_RPZ_LOG VAR_RPZ_LOG_NAME -%token VAR_DYNLIB VAR_DYNLIB_FILE +%token VAR_DYNLIB VAR_DYNLIB_FILE VAR_EDNS_CLIENT_TAG VAR_EDNS_CLIENT_TAG_OPCODE %% toplevelvars: /* empty */ | toplevelvars toplevelvar ; @@ -244,6 +247,9 @@ content_server: server_num_threads | server_verbosity | server_port | server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream | server_log_local_actions | server_ssl_service_key | server_ssl_service_pem | server_ssl_port | + server_https_port | server_http_endpoint | server_http_max_streams | + server_http_query_buffer_size | server_http_response_buffer_size | + server_http_nodelay | server_minimal_responses | server_rrset_roundrobin | server_max_udp_size | server_so_reuseport | server_delay_close | server_unblock_lan_zones | server_insecure_lan_zones | @@ -285,7 +291,8 @@ content_server: server_num_threads | server_verbosity | server_port | server_unknown_server_time_limit | server_log_tag_queryreply | server_stream_wait_size | server_tls_ciphers | server_tls_ciphersuites | server_tls_session_ticket_keys | - server_tls_use_sni + server_tls_use_sni | server_edns_client_tag | + server_edns_client_tag_opcode ; stubstart: VAR_STUB_ZONE { @@ -969,6 +976,61 @@ server_tls_use_sni: VAR_TLS_USE_SNI STRING_ARG free($2); } ; +server_https_port: VAR_HTTPS_PORT STRING_ARG + { + OUTYY(("P(server_https_port:%s)\n", $2)); + if(atoi($2) == 0) + yyerror("port number expected"); + else cfg_parser->cfg->https_port = atoi($2); + }; +server_http_endpoint: VAR_HTTP_ENDPOINT STRING_ARG + { + OUTYY(("P(server_http_endpoint:%s)\n", $2)); + free(cfg_parser->cfg->http_endpoint); + if($2 && $2[0] != '/') { + cfg_parser->cfg->http_endpoint = malloc(strlen($2)+2); + if(!cfg_parser->cfg->http_endpoint) + yyerror("out of memory"); + cfg_parser->cfg->http_endpoint[0] = '/'; + memmove(cfg_parser->cfg->http_endpoint+1, $2, + strlen($2)+1); + free($2); + } else { + cfg_parser->cfg->http_endpoint = $2; + } + }; +server_http_max_streams: VAR_HTTP_MAX_STREAMS STRING_ARG + { + OUTYY(("P(server_http_max_streams:%s)\n", $2)); + if(atoi($2) == 0 && strcmp($2, "0") != 0) + yyerror("number expected"); + else cfg_parser->cfg->http_max_streams = atoi($2); + free($2); + }; +server_http_query_buffer_size: VAR_HTTP_QUERY_BUFFER_SIZE STRING_ARG + { + OUTYY(("P(server_http_query_buffer_size:%s)\n", $2)); + if(!cfg_parse_memsize($2, + &cfg_parser->cfg->http_query_buffer_size)) + yyerror("memory size expected"); + free($2); + }; +server_http_response_buffer_size: VAR_HTTP_RESPONSE_BUFFER_SIZE STRING_ARG + { + OUTYY(("P(server_http_response_buffer_size:%s)\n", $2)); + if(!cfg_parse_memsize($2, + &cfg_parser->cfg->http_response_buffer_size)) + yyerror("memory size expected"); + free($2); + }; +server_http_nodelay: VAR_HTTP_NODELAY STRING_ARG + { + OUTYY(("P(server_http_nodelay:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->http_nodelay = (strcmp($2, "yes")==0); + free($2); + }; server_use_systemd: VAR_USE_SYSTEMD STRING_ARG { OUTYY(("P(server_use_systemd:%s)\n", $2)); @@ -1120,15 +1182,15 @@ server_root_hints: VAR_ROOT_HINTS STRING_ARG server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG { OUTYY(("P(server_dlv_anchor_file:%s)\n", $2)); - free(cfg_parser->cfg->dlv_anchor_file); - cfg_parser->cfg->dlv_anchor_file = $2; + log_warn("option dlv-anchor-file ignored: DLV is decommissioned"); + free($2); } ; server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG { OUTYY(("P(server_dlv_anchor:%s)\n", $2)); - if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, $2)) - yyerror("out of memory"); + log_warn("option dlv-anchor ignored: DLV is decommissioned"); + free($2); } ; server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG @@ -2403,6 +2465,32 @@ server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG #endif } ; +server_edns_client_tag: VAR_EDNS_CLIENT_TAG STRING_ARG STRING_ARG + { + int tag_data; + OUTYY(("P(server_edns_client_tag:%s %s)\n", $2, $3)); + tag_data = atoi($3); + if(tag_data > 65535 || tag_data < 0 || + (tag_data == 0 && (strlen($3) != 1 || $3[0] != '0'))) + yyerror("edns-client-tag data invalid, needs to be a " + "number from 0 to 65535"); + if(!cfg_str2list_insert( + &cfg_parser->cfg->edns_client_tags, $2, $3)) + fatal_exit("out of memory adding " + "edns-client-tag"); + } + ; +server_edns_client_tag_opcode: VAR_EDNS_CLIENT_TAG_OPCODE STRING_ARG + { + OUTYY(("P(edns_client_tag_opcode:%s)\n", $2)); + if(atoi($2) == 0 && strcmp($2, "0") != 0) + yyerror("option code expected"); + else if(atoi($2) > 65535 || atoi($2) < 0) + yyerror("option code must be in interval [0, 65535]"); + else cfg_parser->cfg->edns_client_tag_opcode = atoi($2); + + } + ; stub_name: VAR_NAME STRING_ARG { OUTYY(("P(name:%s)\n", $2)); diff --git a/util/edns.c b/util/edns.c index d19952df0946..c83a4a545fe3 100644 --- a/util/edns.c +++ b/util/edns.c @@ -43,10 +43,88 @@ #include "util/edns.h" #include "util/config_file.h" #include "util/netevent.h" +#include "util/net_help.h" #include "util/regional.h" #include "util/data/msgparse.h" #include "util/data/msgreply.h" +struct edns_tags* edns_tags_create(void) +{ + struct edns_tags* edns_tags = calloc(1, sizeof(struct edns_tags)); + if(!edns_tags) + return NULL; + if(!(edns_tags->region = regional_create())) { + edns_tags_delete(edns_tags); + return NULL; + } + return edns_tags; +} + +void edns_tags_delete(struct edns_tags* edns_tags) +{ + if(!edns_tags) + return; + regional_destroy(edns_tags->region); + free(edns_tags); +} + +static int +edns_tags_client_insert(struct edns_tags* edns_tags, + struct sockaddr_storage* addr, socklen_t addrlen, int net, + uint16_t tag_data) +{ + struct edns_tag_addr* eta = regional_alloc_zero(edns_tags->region, + sizeof(struct edns_tag_addr)); + if(!eta) + return 0; + eta->tag_data = tag_data; + if(!addr_tree_insert(&edns_tags->client_tags, &eta->node, addr, addrlen, + net)) { + verbose(VERB_QUERY, "duplicate EDNS client tag ignored."); + } + return 1; +} + +int edns_tags_apply_cfg(struct edns_tags* edns_tags, + struct config_file* config) +{ + struct config_str2list* c; + regional_free_all(edns_tags->region); + addr_tree_init(&edns_tags->client_tags); + + for(c=config->edns_client_tags; c; c=c->next) { + struct sockaddr_storage addr; + socklen_t addrlen; + int net; + uint16_t tag_data; + log_assert(c->str && c->str2); + + if(!netblockstrtoaddr(c->str, UNBOUND_DNS_PORT, &addr, &addrlen, + &net)) { + log_err("cannot parse EDNS client tag IP netblock: %s", + c->str); + return 0; + } + tag_data = atoi(c->str2); /* validated in config parser */ + if(!edns_tags_client_insert(edns_tags, &addr, addrlen, net, + tag_data)) { + log_err("out of memory while adding EDNS tags"); + return 0; + } + } + edns_tags->client_tag_opcode = config->edns_client_tag_opcode; + + addr_tree_init_parents(&edns_tags->client_tags); + return 1; +} + +struct edns_tag_addr* +edns_tag_addr_lookup(rbtree_type* tree, struct sockaddr_storage* addr, + socklen_t addrlen) +{ + return (struct edns_tag_addr*)addr_tree_lookup(tree, addr, addrlen); +} + static int edns_keepalive(struct edns_data* edns_out, struct edns_data* edns_in, struct comm_point* c, struct regional* region) { diff --git a/util/edns.h b/util/edns.h index a4ee7def634c..cf9f8707e808 100644 --- a/util/edns.h +++ b/util/edns.h @@ -42,12 +42,69 @@ #ifndef UTIL_EDNS_H #define UTIL_EDNS_H +#include "util/storage/dnstree.h" + struct edns_data; struct config_file; struct comm_point; struct regional; /** + * Structure containing all EDNS tags. + */ +struct edns_tags { + /** Tree of EDNS client tags to use in upstream queries, per address + * prefix. Contains nodes of type edns_tag_addr. */ + rbtree_type client_tags; + /** EDNS opcode to use for client tags */ + uint16_t client_tag_opcode; + /** region to allocate tree nodes in */ + struct regional* region; +}; + +/** + * EDNS tag. Node of rbtree, containing tag and prefix. + */ +struct edns_tag_addr { + /** node in address tree, used for tree lookups. Need to be the first + * member of this struct. */ + struct addr_tree_node node; + /** tag data, in host byte ordering */ + uint16_t tag_data; +}; + +/** + * Create structure to hold EDNS tags + * @return: newly created edns_tags, NULL on alloc failure. + */ +struct edns_tags* edns_tags_create(void); + +/** Delete EDNS tags structure + * @param edns_tags: struct to delete + */ +void edns_tags_delete(struct edns_tags* edns_tags); + +/** + * Add configured EDNS tags + * @param edns_tags: edns tags to apply config to + * @param config: struct containing EDNS tags configuration + * @return 0 on error + */ +int edns_tags_apply_cfg(struct edns_tags* edns_tags, + struct config_file* config); + +/** + * Find tag for address. + * @param tree: tree containing EDNS tags per address prefix. + * @param addr: address to use for tree lookup + * @param addrlen: length of address + * @return: matching tree node, NULL otherwise + */ +struct edns_tag_addr* +edns_tag_addr_lookup(rbtree_type* tree, struct sockaddr_storage* addr, + socklen_t addrlen); + +/** * Apply common EDNS options. * * @param edns_out: initialised edns information with outbound edns. diff --git a/util/fptr_wlist.c b/util/fptr_wlist.c index aa275ed534b7..7d15d107561a 100644 --- a/util/fptr_wlist.c +++ b/util/fptr_wlist.c @@ -138,6 +138,9 @@ fptr_whitelist_comm_timer(void (*fptr)(void*)) else if(fptr == &auth_xfer_probe_timer_callback) return 1; else if(fptr == &auth_xfer_transfer_timer_callback) return 1; else if(fptr == &mesh_serve_expired_callback) return 1; +#ifdef USE_DNSTAP + else if(fptr == &mq_wakeup_cb) return 1; +#endif return 0; } diff --git a/util/iana_ports.inc b/util/iana_ports.inc index 79488f49a2c9..fa25869d3b56 100644 --- a/util/iana_ports.inc +++ b/util/iana_ports.inc @@ -4516,6 +4516,7 @@ 6679, 6689, 6696, +6699, 6701, 6702, 6703, @@ -4744,6 +4745,7 @@ 8023, 8025, 8026, +8027, 8032, 8033, 8034, diff --git a/util/mini_event.h b/util/mini_event.h index 1734ca574c60..fa71ca3d123e 100644 --- a/util/mini_event.h +++ b/util/mini_event.h @@ -54,6 +54,10 @@ #if defined(USE_MINI_EVENT) && !defined(USE_WINSOCK) +#ifdef HAVE_SYS_SELECT_H +/* for fd_set on OpenBSD */ +#include <sys/select.h> +#endif #include <sys/time.h> #ifndef HAVE_EVENT_BASE_FREE diff --git a/util/module.h b/util/module.h index fa89c647e370..1eed213008c2 100644 --- a/util/module.h +++ b/util/module.h @@ -520,6 +520,8 @@ struct module_env { struct edns_known_option* edns_known_options; /* Number of known edns options */ size_t edns_known_options_num; + /** EDNS client tag information */ + struct edns_tags* edns_tags; /* Make every mesh state unique, do not aggregate mesh states. */ int unique_mesh; diff --git a/util/net_help.c b/util/net_help.c index f59a4d65370d..c5216bc2d8c6 100644 --- a/util/net_help.c +++ b/util/net_help.c @@ -61,6 +61,9 @@ #ifdef USE_WINSOCK #include <wincrypt.h> #endif +#ifdef HAVE_NGHTTP2_NGHTTP2_H +#include <nghttp2/nghttp2.h> +#endif /** max length of an IP address (the address portion) that we allow */ #define MAX_ADDR_STRLEN 128 /* characters */ @@ -82,6 +85,7 @@ static struct tls_session_ticket_key { unsigned char *hmac_key; } *ticket_keys; +#ifdef HAVE_SSL /** * callback TLS session ticket encrypt and decrypt * For use with SSL_CTX_set_tlsext_ticket_key_cb or @@ -97,7 +101,6 @@ static struct tls_session_ticket_key { * @return 0 on no ticket, 1 for okay, and 2 for okay but renew the ticket * (the ticket is decrypt only). and <0 for failures. */ -#ifdef HAVE_SSL int tls_session_ticket_key_cb(SSL *s, unsigned char* key_name, unsigned char* iv, EVP_CIPHER_CTX *evp_ctx, #ifdef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEY_EVP_CB @@ -884,6 +887,21 @@ log_cert(unsigned level, const char* str, void* cert) } #endif /* HAVE_SSL */ +#if defined(HAVE_SSL) && defined(HAVE_NGHTTP2) +static int alpn_select_cb(SSL* ATTR_UNUSED(ssl), const unsigned char** out, + unsigned char* outlen, const unsigned char* in, unsigned int inlen, + void* ATTR_UNUSED(arg)) +{ + int rv = nghttp2_select_next_protocol((unsigned char **)out, outlen, in, + inlen); + if(rv == -1) { + return SSL_TLSEXT_ERR_NOACK; + } + /* either http/1.1 or h2 selected */ + return SSL_TLSEXT_ERR_OK; +} +#endif + int listen_sslctx_setup(void* ctxt) { @@ -942,6 +960,9 @@ listen_sslctx_setup(void* ctxt) #ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL SSL_CTX_set_security_level(ctx, 0); #endif +#if defined(HAVE_SSL_CTX_SET_ALPN_SELECT_CB) && defined(HAVE_NGHTTP2) + SSL_CTX_set_alpn_select_cb(ctx, alpn_select_cb, NULL); +#endif #else (void)ctxt; #endif /* HAVE_SSL */ @@ -1478,7 +1499,11 @@ int tls_session_ticket_key_cb(SSL *ATTR_UNUSED(sslctx), unsigned char* key_name, params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, "sha256", 0); params[2] = OSSL_PARAM_construct_end(); +#ifdef HAVE_EVP_MAC_CTX_SET_PARAMS + EVP_MAC_CTX_set_params(hmac_ctx, params); +#else EVP_MAC_set_ctx_params(hmac_ctx, params); +#endif #elif !defined(HMAC_INIT_EX_RETURNS_VOID) if (HMAC_Init_ex(hmac_ctx, ticket_keys->hmac_key, 32, digest, NULL) != 1) { verbose(VERB_CLIENT, "HMAC_Init_ex failed"); @@ -1509,7 +1534,11 @@ int tls_session_ticket_key_cb(SSL *ATTR_UNUSED(sslctx), unsigned char* key_name, params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, "sha256", 0); params[2] = OSSL_PARAM_construct_end(); +#ifdef HAVE_EVP_MAC_CTX_SET_PARAMS + EVP_MAC_CTX_set_params(hmac_ctx, params); +#else EVP_MAC_set_ctx_params(hmac_ctx, params); +#endif #elif !defined(HMAC_INIT_EX_RETURNS_VOID) if (HMAC_Init_ex(hmac_ctx, key->hmac_key, 32, digest, NULL) != 1) { verbose(VERB_CLIENT, "HMAC_Init_ex failed"); @@ -1554,3 +1583,31 @@ listen_sslctx_delete_ticket_keys(void) free(ticket_keys); ticket_keys = NULL; } + +# ifndef USE_WINSOCK +char* +sock_strerror(int errn) +{ + return strerror(errn); +} + +void +sock_close(int socket) +{ + close(socket); +} + +# else +char* +sock_strerror(int ATTR_UNUSED(errn)) +{ + return wsa_strerror(WSAGetLastError()); +} + +void +sock_close(int socket) +{ + closesocket(socket); +} + +# endif /* USE_WINSOCK */ diff --git a/util/net_help.h b/util/net_help.h index 29943ada090f..45b607a430d5 100644 --- a/util/net_help.h +++ b/util/net_help.h @@ -496,4 +496,10 @@ void listen_sslctx_delete_ticket_keys(void); */ int netblockdnametoaddr(uint8_t* dname, size_t dnamelen, struct sockaddr_storage* addr, socklen_t* addrlen, int* net, int* af); + +/** Return strerror or wsastrerror for socket error printout */ +char* sock_strerror(int errn); +/** close the socket with close, or wsa closesocket */ +void sock_close(int socket); + #endif /* NET_HELP_H */ diff --git a/util/netevent.c b/util/netevent.c index 3e7a433e5021..545f09742c7c 100644 --- a/util/netevent.c +++ b/util/netevent.c @@ -373,12 +373,7 @@ comm_point_send_udp_msg(struct comm_point *c, sldns_buffer* packet, if(sent == -1) { if(!udp_send_errno_needs_log(addr, addrlen)) return 0; -#ifndef USE_WINSOCK - verbose(VERB_OPS, "sendto failed: %s", strerror(errno)); -#else - verbose(VERB_OPS, "sendto failed: %s", - wsa_strerror(WSAGetLastError())); -#endif + verbose(VERB_OPS, "sendto failed: %s", sock_strerror(errno)); log_addr(VERB_OPS, "remote address is", (struct sockaddr_storage*)addr, addrlen); return 0; @@ -739,7 +734,7 @@ static void setup_tcp_handler(struct comm_point* c, int fd, int cur, int max) { int handler_usage; - log_assert(c->type == comm_tcp); + log_assert(c->type == comm_tcp || c->type == comm_http); log_assert(c->fd == -1); sldns_buffer_clear(c->buffer); #ifdef USE_DNSCRYPT @@ -845,7 +840,6 @@ int comm_point_perform_accept(struct comm_point* c, return -1; } #endif - log_err_addr("accept failed", strerror(errno), addr, *addrlen); #else /* USE_WINSOCK */ if(WSAGetLastError() == WSAEINPROGRESS || WSAGetLastError() == WSAECONNRESET) @@ -854,9 +848,9 @@ int comm_point_perform_accept(struct comm_point* c, ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); return -1; } - log_err_addr("accept failed", wsa_strerror(WSAGetLastError()), - addr, *addrlen); #endif + log_err_addr("accept failed", sock_strerror(errno), addr, + *addrlen); return -1; } if(c->tcp_conn_limit && c->type == comm_tcp_accept) { @@ -914,6 +908,42 @@ comm_point_tcp_win_bio_cb(struct comm_point* c, void* thessl) } #endif +#ifdef HAVE_NGHTTP2 +/** Create http2 session server. Per connection, after TCP accepted.*/ +static int http2_session_server_create(struct http2_session* h2_session) +{ + log_assert(h2_session->callbacks); + h2_session->is_drop = 0; + if(nghttp2_session_server_new(&h2_session->session, + h2_session->callbacks, + h2_session) == NGHTTP2_ERR_NOMEM) { + log_err("failed to create nghttp2 session server"); + return 0; + } + + return 1; +} + +/** Submit http2 setting to session. Once per session. */ +static int http2_submit_settings(struct http2_session* h2_session) +{ + int ret; + nghttp2_settings_entry settings[1] = { + {NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, + h2_session->c->http2_max_streams}}; + + ret = nghttp2_submit_settings(h2_session->session, NGHTTP2_FLAG_NONE, + settings, 1); + if(ret) { + verbose(VERB_QUERY, "http2: submit_settings failed, " + "error: %s", nghttp2_strerror(ret)); + return 0; + } + return 1; +} +#endif /* HAVE_NGHTTP2 */ + + void comm_point_tcp_accept_callback(int fd, short event, void* arg) { @@ -935,7 +965,28 @@ comm_point_tcp_accept_callback(int fd, short event, void* arg) /* clear leftover flags from previous use, and then set the * correct event base for the event structure for libevent */ ub_event_free(c_hdl->ev->ev); - c_hdl->ev->ev = ub_event_new(c_hdl->ev->base->eb->base, -1, UB_EV_PERSIST | UB_EV_READ | UB_EV_TIMEOUT, comm_point_tcp_handle_callback, c_hdl); + + if(c_hdl->type == comm_http) { +#ifdef HAVE_NGHTTP2 + if(!c_hdl->h2_session || + !http2_session_server_create(c_hdl->h2_session)) { + log_warn("failed to create nghttp2"); + return; + } + if(!c_hdl->h2_session || + !http2_submit_settings(c_hdl->h2_session)) { + log_warn("failed to submit http2 settings"); + return; + } +#endif + c_hdl->ev->ev = ub_event_new(c_hdl->ev->base->eb->base, -1, + UB_EV_PERSIST | UB_EV_READ | UB_EV_TIMEOUT, + comm_point_http_handle_callback, c_hdl); + } else { + c_hdl->ev->ev = ub_event_new(c_hdl->ev->base->eb->base, -1, + UB_EV_PERSIST | UB_EV_READ | UB_EV_TIMEOUT, + comm_point_tcp_handle_callback, c_hdl); + } if(!c_hdl->ev->ev) { log_warn("could not ub_event_new, dropped tcp"); return; @@ -1169,6 +1220,18 @@ ssl_handshake(struct comm_point* c) c->repinfo.addrlen); } + /* check if http2 use is negotiated */ + if(c->type == comm_http && c->h2_session) { + const unsigned char *alpn; + unsigned int alpnlen = 0; + SSL_get0_alpn_selected(c->ssl, &alpn, &alpnlen); + if(alpnlen == 2 && memcmp("h2", alpn, 2) == 0) { + /* connection upgraded to HTTP2 */ + c->tcp_do_toggle_rw = 0; + c->use_h2 = 1; + } + } + /* setup listen rw correctly */ if(c->tcp_is_reading) { if(c->ssl_shake_state != comm_ssl_shake_read) @@ -1435,8 +1498,6 @@ comm_point_tcp_handle_read(int fd, struct comm_point* c, int short_ok) if(errno == ECONNRESET && verbosity < 2) return 0; /* silence reset by peer */ #endif - log_err_addr("read (in tcp s)", strerror(errno), - &c->repinfo.addr, c->repinfo.addrlen); #else /* USE_WINSOCK */ if(WSAGetLastError() == WSAECONNRESET) return 0; @@ -1447,10 +1508,9 @@ comm_point_tcp_handle_read(int fd, struct comm_point* c, int short_ok) UB_EV_READ); return 1; } - log_err_addr("read (in tcp s)", - wsa_strerror(WSAGetLastError()), - &c->repinfo.addr, c->repinfo.addrlen); #endif + log_err_addr("read (in tcp s)", sock_strerror(errno), + &c->repinfo.addr, c->repinfo.addrlen); return 0; } c->tcp_byte_count += r; @@ -1483,8 +1543,6 @@ comm_point_tcp_handle_read(int fd, struct comm_point* c, int short_ok) #ifndef USE_WINSOCK if(errno == EINTR || errno == EAGAIN) return 1; - log_err_addr("read (in tcp r)", strerror(errno), - &c->repinfo.addr, c->repinfo.addrlen); #else /* USE_WINSOCK */ if(WSAGetLastError() == WSAECONNRESET) return 0; @@ -1494,10 +1552,9 @@ comm_point_tcp_handle_read(int fd, struct comm_point* c, int short_ok) ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); return 1; } - log_err_addr("read (in tcp r)", - wsa_strerror(WSAGetLastError()), - &c->repinfo.addr, c->repinfo.addrlen); #endif + log_err_addr("read (in tcp r)", sock_strerror(errno), + &c->repinfo.addr, c->repinfo.addrlen); return 0; } sldns_buffer_skip(c->buffer, r); @@ -1716,8 +1773,6 @@ comm_point_tcp_handle_write(int fd, struct comm_point* c) if(errno == ECONNRESET && verbosity < 2) return 0; /* silence reset by peer */ #endif - log_err_addr("tcp send r", strerror(errno), - &c->repinfo.addr, c->repinfo.addrlen); #else if(WSAGetLastError() == WSAEINPROGRESS) return 1; @@ -1727,9 +1782,9 @@ comm_point_tcp_handle_write(int fd, struct comm_point* c) } if(WSAGetLastError() == WSAECONNRESET && verbosity < 2) return 0; /* silence reset by peer */ - log_err_addr("tcp send r", wsa_strerror(WSAGetLastError()), - &c->repinfo.addr, c->repinfo.addrlen); #endif + log_err_addr("tcp send r", sock_strerror(errno), + &c->repinfo.addr, c->repinfo.addrlen); return 0; } sldns_buffer_skip(buffer, r); @@ -1914,8 +1969,6 @@ http_read_more(int fd, struct comm_point* c) #ifndef USE_WINSOCK if(errno == EINTR || errno == EAGAIN) return 1; - log_err_addr("read (in http r)", strerror(errno), - &c->repinfo.addr, c->repinfo.addrlen); #else /* USE_WINSOCK */ if(WSAGetLastError() == WSAECONNRESET) return 0; @@ -1925,10 +1978,9 @@ http_read_more(int fd, struct comm_point* c) ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_READ); return 1; } - log_err_addr("read (in http r)", - wsa_strerror(WSAGetLastError()), - &c->repinfo.addr, c->repinfo.addrlen); #endif + log_err_addr("read (in http r)", sock_strerror(errno), + &c->repinfo.addr, c->repinfo.addrlen); return 0; } sldns_buffer_skip(c->buffer, r); @@ -2186,11 +2238,209 @@ http_chunked_segment(struct comm_point* c) return 1; } +#ifdef HAVE_NGHTTP2 +/** Create new http2 session. Called when creating handling comm point. */ +struct http2_session* http2_session_create(struct comm_point* c) +{ + struct http2_session* session = calloc(1, sizeof(*session)); + if(!session) { + log_err("malloc failure while creating http2 session"); + return NULL; + } + session->c = c; + + return session; +} +#endif + +/** Delete http2 session. After closing connection or on error */ +void http2_session_delete(struct http2_session* h2_session) +{ +#ifdef HAVE_NGHTTP2 + if(h2_session->callbacks) + nghttp2_session_callbacks_del(h2_session->callbacks); + free(h2_session); +#else + (void)h2_session; +#endif +} + +#ifdef HAVE_NGHTTP2 +struct http2_stream* http2_stream_create(int32_t stream_id) +{ + struct http2_stream* h2_stream = calloc(1, sizeof(*h2_stream)); + if(!h2_stream) { + log_err("malloc failure while creating http2 stream"); + return NULL; + } + h2_stream->stream_id = stream_id; + return h2_stream; +} + +/** Delete http2 stream. After session delete or stream close callback */ +static void http2_stream_delete(struct http2_session* h2_session, + struct http2_stream* h2_stream) +{ + if(h2_stream->mesh_state) { + mesh_state_remove_reply(h2_stream->mesh, h2_stream->mesh_state, + h2_session->c); + h2_stream->mesh_state = NULL; + } + http2_req_stream_clear(h2_stream); + free(h2_stream); +} +#endif + +void http2_stream_add_meshstate(struct http2_stream* h2_stream, + struct mesh_area* mesh, struct mesh_state* m) +{ + h2_stream->mesh = mesh; + h2_stream->mesh_state = m; +} + +/** delete http2 session server. After closing connection. */ +static void http2_session_server_delete(struct http2_session* h2_session) +{ +#ifdef HAVE_NGHTTP2 + struct http2_stream* h2_stream, *next; + nghttp2_session_del(h2_session->session); /* NULL input is fine */ + h2_session->session = NULL; + for(h2_stream = h2_session->first_stream; h2_stream;) { + next = h2_stream->next; + http2_stream_delete(h2_session, h2_stream); + h2_stream = next; + } + h2_session->first_stream = NULL; + h2_session->is_drop = 0; + h2_session->postpone_drop = 0; + h2_session->c->h2_stream = NULL; +#endif + (void)h2_session; +} + +#ifdef HAVE_NGHTTP2 +void http2_session_add_stream(struct http2_session* h2_session, + struct http2_stream* h2_stream) +{ + if(h2_session->first_stream) + h2_session->first_stream->prev = h2_stream; + h2_stream->next = h2_session->first_stream; + h2_session->first_stream = h2_stream; +} + +/** remove stream from session linked list. After stream close callback or + * closing connection */ +void http2_session_remove_stream(struct http2_session* h2_session, + struct http2_stream* h2_stream) +{ + if(h2_stream->prev) + h2_stream->prev->next = h2_stream->next; + else + h2_session->first_stream = h2_stream->next; + if(h2_stream->next) + h2_stream->next->prev = h2_stream->prev; + +} + +int http2_stream_close_cb(nghttp2_session* ATTR_UNUSED(session), + int32_t stream_id, uint32_t ATTR_UNUSED(error_code), void* cb_arg) +{ + struct http2_stream* h2_stream; + struct http2_session* h2_session = (struct http2_session*)cb_arg; + if(!(h2_stream = nghttp2_session_get_stream_user_data( + h2_session->session, stream_id))) { + return 0; + } + http2_session_remove_stream(h2_session, h2_stream); + http2_stream_delete(h2_session, h2_stream); + return 0; +} + +ssize_t http2_recv_cb(nghttp2_session* ATTR_UNUSED(session), uint8_t* buf, + size_t len, int ATTR_UNUSED(flags), void* cb_arg) +{ +#ifdef HAVE_SSL + struct http2_session* h2_session = (struct http2_session*)cb_arg; + int r; + + log_assert(h2_session->c->type == comm_http); + log_assert(h2_session->c->h2_session); + + if(!h2_session->c->ssl) + return 0; + + ERR_clear_error(); + r = SSL_read(h2_session->c->ssl, buf, len); + if(r <= 0) { + int want = SSL_get_error(h2_session->c->ssl, r); + if(want == SSL_ERROR_ZERO_RETURN) { + return NGHTTP2_ERR_EOF; + } else if(want == SSL_ERROR_WANT_READ) { + return NGHTTP2_ERR_WOULDBLOCK; + } else if(want == SSL_ERROR_WANT_WRITE) { + h2_session->c->ssl_shake_state = comm_ssl_shake_hs_write; + comm_point_listen_for_rw(h2_session->c, 0, 1); + return NGHTTP2_ERR_WOULDBLOCK; + } else if(want == SSL_ERROR_SYSCALL) { +#ifdef ECONNRESET + if(errno == ECONNRESET && verbosity < 2) + return NGHTTP2_ERR_CALLBACK_FAILURE; +#endif + if(errno != 0) + log_err("SSL_read syscall: %s", + strerror(errno)); + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + log_crypto_err("could not SSL_read"); + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + return r; +#else + (void)buf; + (void)len; + (void)cb_arg; + return -1; +#endif +} +#endif /* HAVE_NGHTTP2 */ + +/** Handle http2 read */ +static int +comm_point_http2_handle_read(int ATTR_UNUSED(fd), struct comm_point* c) +{ +#ifdef HAVE_NGHTTP2 + int ret; + log_assert(c->h2_session); + log_assert(c->ssl); + + /* reading until recv cb returns NGHTTP2_ERR_WOULDBLOCK */ + ret = nghttp2_session_recv(c->h2_session->session); + if(ret) { + if(ret != NGHTTP2_ERR_EOF && + ret != NGHTTP2_ERR_CALLBACK_FAILURE) { + verbose(VERB_QUERY, "http2: session_recv failed, " + "error: %s", nghttp2_strerror(ret)); + } + return 0; + } + if(nghttp2_session_want_write(c->h2_session->session)) { + c->tcp_is_reading = 0; + comm_point_stop_listening(c); + comm_point_start_listening(c, -1, c->tcp_timeout_msec); + } else if(!nghttp2_session_want_read(c->h2_session->session)) + return 0; /* connection can be closed */ + return 1; +#else + (void)c; + return 0; +#endif +} + /** - * Handle http reading callback. + * Handle http reading callback. * @param fd: file descriptor of socket. * @param c: comm point to read from into buffer. - * @return: 0 on error + * @return: 0 on error */ static int comm_point_http_handle_read(int fd, struct comm_point* c) @@ -2210,6 +2460,18 @@ comm_point_http_handle_read(int fd, struct comm_point* c) if(!c->tcp_is_reading) return 1; + + if(c->use_h2) { + return comm_point_http2_handle_read(fd, c); + } + + /* http version is <= http/1.1 */ + + if(c->http_min_version >= http_version_2) { + /* HTTP/2 failed, not allowed to use lower version. */ + return 0; + } + /* read more data */ if(c->ssl) { if(!ssl_http_read_more(c)) @@ -2220,7 +2482,9 @@ comm_point_http_handle_read(int fd, struct comm_point* c) } sldns_buffer_flip(c->buffer); + while(sldns_buffer_remaining(c->buffer) > 0) { + /* Handle HTTP/1.x data */ /* if we are reading headers, read more headers */ if(c->http_in_headers || c->http_in_chunk_headers) { /* if header is done, process the header */ @@ -2364,8 +2628,6 @@ http_write_more(int fd, struct comm_point* c) #ifndef USE_WINSOCK if(errno == EINTR || errno == EAGAIN) return 1; - log_err_addr("http send r", strerror(errno), - &c->repinfo.addr, c->repinfo.addrlen); #else if(WSAGetLastError() == WSAEINPROGRESS) return 1; @@ -2373,15 +2635,92 @@ http_write_more(int fd, struct comm_point* c) ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); return 1; } - log_err_addr("http send r", wsa_strerror(WSAGetLastError()), - &c->repinfo.addr, c->repinfo.addrlen); #endif + log_err_addr("http send r", sock_strerror(errno), + &c->repinfo.addr, c->repinfo.addrlen); return 0; } sldns_buffer_skip(c->buffer, r); return 1; } +#ifdef HAVE_NGHTTP2 +ssize_t http2_send_cb(nghttp2_session* ATTR_UNUSED(session), const uint8_t* buf, + size_t len, int ATTR_UNUSED(flags), void* cb_arg) +{ +#ifdef HAVE_SSL + int r; + struct http2_session* h2_session = (struct http2_session*)cb_arg; + log_assert(h2_session->c->type == comm_http); + log_assert(h2_session->c->h2_session); + + if(!h2_session->c->ssl) + return 0; + + ERR_clear_error(); + r = SSL_write(h2_session->c->ssl, buf, len); + if(r <= 0) { + int want = SSL_get_error(h2_session->c->ssl, r); + if(want == SSL_ERROR_ZERO_RETURN) { + return NGHTTP2_ERR_CALLBACK_FAILURE; + } else if(want == SSL_ERROR_WANT_READ) { + h2_session->c->ssl_shake_state = comm_ssl_shake_hs_read; + comm_point_listen_for_rw(h2_session->c, 1, 0); + return NGHTTP2_ERR_WOULDBLOCK; + } else if(want == SSL_ERROR_WANT_WRITE) { + return NGHTTP2_ERR_WOULDBLOCK; + } else if(want == SSL_ERROR_SYSCALL) { +#ifdef EPIPE + if(errno == EPIPE && verbosity < 2) + return NGHTTP2_ERR_CALLBACK_FAILURE; +#endif + if(errno != 0) + log_err("SSL_write syscall: %s", + strerror(errno)); + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + log_crypto_err("could not SSL_write"); + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + return r; +#else + (void)buf; + (void)len; + (void)cb_arg; + return -1; +#endif +} +#endif /* HAVE_NGHTTP2 */ + +/** Handle http2 writing */ +static int +comm_point_http2_handle_write(int ATTR_UNUSED(fd), struct comm_point* c) +{ +#ifdef HAVE_NGHTTP2 + int ret; + log_assert(c->h2_session); + log_assert(c->ssl); + + ret = nghttp2_session_send(c->h2_session->session); + if(ret) { + verbose(VERB_QUERY, "http2: session_send failed, " + "error: %s", nghttp2_strerror(ret)); + return 0; + } + + if(nghttp2_session_want_read(c->h2_session->session)) { + c->tcp_is_reading = 1; + comm_point_stop_listening(c); + comm_point_start_listening(c, -1, c->tcp_timeout_msec); + } else if(!nghttp2_session_want_write(c->h2_session->session)) + return 0; /* connection can be closed */ + return 1; +#else + (void)c; + return 0; +#endif +} + /** * Handle http writing callback. * @param fd: file descriptor of socket. @@ -2413,6 +2752,18 @@ comm_point_http_handle_write(int fd, struct comm_point* c) #endif /* HAVE_SSL */ if(c->tcp_is_reading) return 1; + + if(c->use_h2) { + return comm_point_http2_handle_write(fd, c); + } + + /* http version is <= http/1.1 */ + + if(c->http_min_version >= http_version_2) { + /* HTTP/2 failed, not allowed to use lower version. */ + return 0; + } + /* if we are writing, write more */ if(c->ssl) { if(!ssl_http_write_more(c)) @@ -2724,11 +3075,129 @@ comm_point_create_tcp_handler(struct comm_base *base, return c; } +static struct comm_point* +comm_point_create_http_handler(struct comm_base *base, + struct comm_point* parent, size_t bufsize, int harden_large_queries, + uint32_t http_max_streams, char* http_endpoint, + comm_point_callback_type* callback, void* callback_arg) +{ + struct comm_point* c = (struct comm_point*)calloc(1, + sizeof(struct comm_point)); + short evbits; + if(!c) + return NULL; + c->ev = (struct internal_event*)calloc(1, + sizeof(struct internal_event)); + if(!c->ev) { + free(c); + return NULL; + } + c->ev->base = base; + c->fd = -1; + c->buffer = sldns_buffer_new(bufsize); + if(!c->buffer) { + free(c->ev); + free(c); + return NULL; + } + c->timeout = (struct timeval*)malloc(sizeof(struct timeval)); + if(!c->timeout) { + sldns_buffer_free(c->buffer); + free(c->ev); + free(c); + return NULL; + } + c->tcp_is_reading = 0; + c->tcp_byte_count = 0; + c->tcp_parent = parent; + c->tcp_timeout_msec = parent->tcp_timeout_msec; + c->tcp_conn_limit = parent->tcp_conn_limit; + c->tcl_addr = NULL; + c->tcp_keepalive = 0; + c->max_tcp_count = 0; + c->cur_tcp_count = 0; + c->tcp_handlers = NULL; + c->tcp_free = NULL; + c->type = comm_http; + c->tcp_do_close = 1; + c->do_not_close = 0; + c->tcp_do_toggle_rw = 1; /* will be set to 0 after http2 upgrade */ + c->tcp_check_nb_connect = 0; +#ifdef USE_MSG_FASTOPEN + c->tcp_do_fastopen = 0; +#endif +#ifdef USE_DNSCRYPT + c->dnscrypt = 0; + c->dnscrypt_buffer = NULL; +#endif + c->repinfo.c = c; + c->callback = callback; + c->cb_arg = callback_arg; + + c->http_min_version = http_version_2; + c->http2_stream_max_qbuffer_size = bufsize; + if(harden_large_queries && bufsize > 512) + c->http2_stream_max_qbuffer_size = 512; + c->http2_max_streams = http_max_streams; + if(!(c->http_endpoint = strdup(http_endpoint))) { + log_err("could not strdup http_endpoint"); + sldns_buffer_free(c->buffer); + free(c->timeout); + free(c->ev); + free(c); + return NULL; + } + c->use_h2 = 0; +#ifdef HAVE_NGHTTP2 + if(!(c->h2_session = http2_session_create(c))) { + log_err("could not create http2 session"); + free(c->http_endpoint); + sldns_buffer_free(c->buffer); + free(c->timeout); + free(c->ev); + free(c); + return NULL; + } + if(!(c->h2_session->callbacks = http2_req_callbacks_create())) { + log_err("could not create http2 callbacks"); + http2_session_delete(c->h2_session); + free(c->http_endpoint); + sldns_buffer_free(c->buffer); + free(c->timeout); + free(c->ev); + free(c); + return NULL; + } +#endif + + /* add to parent free list */ + c->tcp_free = parent->tcp_free; + parent->tcp_free = c; + /* ub_event stuff */ + evbits = UB_EV_PERSIST | UB_EV_READ | UB_EV_TIMEOUT; + c->ev->ev = ub_event_new(base->eb->base, c->fd, evbits, + comm_point_http_handle_callback, c); + if(c->ev->ev == NULL) + { + log_err("could not set http handler event"); + parent->tcp_free = c->tcp_free; + http2_session_delete(c->h2_session); + sldns_buffer_free(c->buffer); + free(c->timeout); + free(c->ev); + free(c); + return NULL; + } + return c; +} + struct comm_point* comm_point_create_tcp(struct comm_base *base, int fd, int num, - int idle_timeout, struct tcl_list* tcp_conn_limit, size_t bufsize, - struct sldns_buffer* spoolbuf, comm_point_callback_type* callback, - void* callback_arg) + int idle_timeout, int harden_large_queries, + uint32_t http_max_streams, char* http_endpoint, + struct tcl_list* tcp_conn_limit, size_t bufsize, + struct sldns_buffer* spoolbuf, enum listen_type port_type, + comm_point_callback_type* callback, void* callback_arg) { struct comm_point* c = (struct comm_point*)calloc(1, sizeof(struct comm_point)); @@ -2792,10 +3261,24 @@ comm_point_create_tcp(struct comm_base *base, int fd, int num, comm_point_delete(c); return NULL; } - /* now prealloc the tcp handlers */ + /* now prealloc the handlers */ for(i=0; i<num; i++) { - c->tcp_handlers[i] = comm_point_create_tcp_handler(base, - c, bufsize, spoolbuf, callback, callback_arg); + if(port_type == listen_type_tcp || + port_type == listen_type_ssl || + port_type == listen_type_tcp_dnscrypt) { + c->tcp_handlers[i] = comm_point_create_tcp_handler(base, + c, bufsize, spoolbuf, callback, callback_arg); + } else if(port_type == listen_type_http) { + c->tcp_handlers[i] = comm_point_create_http_handler( + base, c, bufsize, harden_large_queries, + http_max_streams, http_endpoint, + callback, callback_arg); + } + else { + log_err("could not create tcp handler, unknown listen " + "type"); + return NULL; + } if(!c->tcp_handlers[i]) { comm_point_delete(c); return NULL; @@ -3079,6 +3562,9 @@ comm_point_close(struct comm_point* c) tcl_close_connection(c->tcl_addr); if(c->tcp_req_info) tcp_req_info_clear(c->tcp_req_info); + if(c->h2_session) + http2_session_server_delete(c->h2_session); + /* close fd after removing from event lists, or epoll.. is messed up */ if(c->fd != -1 && !c->do_not_close) { if(c->type == comm_tcp || c->type == comm_http) { @@ -3087,11 +3573,7 @@ comm_point_close(struct comm_point* c) ub_winsock_tcp_wouldblock(c->ev->ev, UB_EV_WRITE); } verbose(VERB_ALGO, "close fd %d", c->fd); -#ifndef USE_WINSOCK - close(c->fd); -#else - closesocket(c->fd); -#endif + sock_close(c->fd); } c->fd = -1; } @@ -3107,6 +3589,10 @@ comm_point_delete(struct comm_point* c) SSL_free(c->ssl); #endif } + if(c->type == comm_http && c->http_endpoint) { + free(c->http_endpoint); + c->http_endpoint = NULL; + } comm_point_close(c); if(c->tcp_handlers) { int i; @@ -3125,6 +3611,9 @@ comm_point_delete(struct comm_point* c) if(c->tcp_req_info) { tcp_req_info_delete(c->tcp_req_info); } + if(c->h2_session) { + http2_session_delete(c->h2_session); + } } ub_event_free(c->ev->ev); free(c->ev); @@ -3170,6 +3659,17 @@ comm_point_send_reply(struct comm_reply *repinfo) #endif if(repinfo->c->tcp_req_info) { tcp_req_info_send_reply(repinfo->c->tcp_req_info); + } else if(repinfo->c->use_h2) { + if(!http2_submit_dns_response(repinfo->c->h2_session)) { + comm_point_drop_reply(repinfo); + return; + } + repinfo->c->h2_stream = NULL; + repinfo->c->tcp_is_reading = 0; + comm_point_stop_listening(repinfo->c); + comm_point_start_listening(repinfo->c, -1, + repinfo->c->tcp_timeout_msec); + return; } else { comm_point_start_listening(repinfo->c, -1, repinfo->c->tcp_timeout_msec); @@ -3188,6 +3688,16 @@ comm_point_drop_reply(struct comm_reply* repinfo) return; if(repinfo->c->tcp_req_info) repinfo->c->tcp_req_info->is_drop = 1; + if(repinfo->c->type == comm_http) { + if(repinfo->c->h2_session) { + repinfo->c->h2_session->is_drop = 1; + if(!repinfo->c->h2_session->postpone_drop) + reclaim_http_handler(repinfo->c); + return; + } + reclaim_http_handler(repinfo->c); + return; + } reclaim_tcp_handler(repinfo->c); } @@ -3232,11 +3742,7 @@ comm_point_start_listening(struct comm_point* c, int newfd, int msec) } if(newfd != -1) { if(c->fd != -1) { -#ifndef USE_WINSOCK - close(c->fd); -#else - closesocket(c->fd); -#endif + sock_close(c->fd); } c->fd = newfd; ub_event_set_fd(c->ev->ev, c->fd); diff --git a/util/netevent.h b/util/netevent.h index bb2cd1e53732..6986f881b38a 100644 --- a/util/netevent.h +++ b/util/netevent.h @@ -61,6 +61,9 @@ #define NET_EVENT_H #include "dnscrypt/dnscrypt.h" +#ifdef HAVE_NGHTTP2_NGHTTP2_H +#include <nghttp2/nghttp2.h> +#endif struct sldns_buffer; struct comm_point; @@ -68,11 +71,16 @@ struct comm_reply; struct tcl_list; struct ub_event_base; +struct mesh_state; +struct mesh_area; + /* internal event notification data storage structure. */ struct internal_event; struct internal_base; struct internal_timer; /* A sub struct of the comm_timer super struct */ +enum listen_type; + /** callback from communication point function type */ typedef int comm_point_callback_type(struct comm_point*, void*, int, struct comm_reply*); @@ -205,6 +213,15 @@ struct comm_point { } ssl_shake_state; /* -------- HTTP ------- */ + /** Do not allow connection to use HTTP version lower than this. 0=no + * minimum. */ + enum { + http_version_none = 0, + http_version_2 = 2 + } http_min_version; + /** http endpoint */ + char* http_endpoint; + /* -------- HTTP/1.1 ------- */ /** Currently reading in http headers */ int http_in_headers; /** Currently reading in chunk headers, 0=not, 1=firstline, 2=unused @@ -216,6 +233,18 @@ struct comm_point { struct sldns_buffer* http_temp; /** http stored content in buffer */ size_t http_stored; + /* -------- HTTP/2 ------- */ + /** http2 session */ + struct http2_session* h2_session; + /** set to 1 if h2 is negotiated to be used (using alpn) */ + int use_h2; + /** stream currently being handled */ + struct http2_stream* h2_stream; + /** maximum allowed query buffer size, per stream */ + size_t http2_stream_max_qbuffer_size; + /** maximum number of HTTP/2 streams per connection. Send in HTTP/2 + * SETTINGS frame. */ + uint32_t http2_max_streams; /* -------- dnstap ------- */ /** the dnstap environment */ @@ -456,10 +485,15 @@ struct comm_point* comm_point_create_udp_ancil(struct comm_base* base, * @param num: becomes max_tcp_count, the routine allocates that * many tcp handler commpoints. * @param idle_timeout: TCP idle timeout in ms. + * @param harden_large_queries: whether query size should be limited. + * @param http_max_streams: maximum number of HTTP/2 streams per connection. + * @param http_endpoint: HTTP endpoint to service queries on * @param tcp_conn_limit: TCP connection limit info. * @param bufsize: size of buffer to create for handlers. * @param spoolbuf: shared spool buffer for tcp_req_info structures. * or NULL to not create those structures in the tcp handlers. + * @param port_type: the type of port we are creating a TCP listener for. Used + * to select handler type to use. * @param callback: callback function pointer for TCP handlers. * @param callback_arg: will be passed to your callback function. * @return: returns the TCP listener commpoint. You can find the @@ -468,8 +502,11 @@ struct comm_point* comm_point_create_udp_ancil(struct comm_base* base, * Inits timeout to NULL. All handlers are on the free list. */ struct comm_point* comm_point_create_tcp(struct comm_base* base, - int fd, int num, int idle_timeout, struct tcl_list* tcp_conn_limit, + int fd, int num, int idle_timeout, int harden_large_queries, + uint32_t http_max_streams, char* http_endpoint, + struct tcl_list* tcp_conn_limit, size_t bufsize, struct sldns_buffer* spoolbuf, + enum listen_type port_type, comm_point_callback_type* callback, void* callback_arg); /** @@ -724,6 +761,110 @@ void comm_point_tcp_handle_callback(int fd, short event, void* arg); void comm_point_http_handle_callback(int fd, short event, void* arg); /** + * HTTP2 session. HTTP2 related info per comm point. + */ +struct http2_session { + /** first item in list of streams */ + struct http2_stream* first_stream; +#ifdef HAVE_NGHTTP2 + /** nghttp2 session */ + nghttp2_session *session; + /** store nghttp2 callbacks for easy reuse */ + nghttp2_session_callbacks* callbacks; +#endif + /** comm point containing buffer used to build answer in worker or + * module */ + struct comm_point* c; + /** session is instructed to get dropped (comm port will be closed) */ + int is_drop; + /** postpone dropping the session, can be used to prevent dropping + * while being in a callback */ + int postpone_drop; +}; + +/** enum of HTTP status */ +enum http_status { + HTTP_STATUS_OK = 200, + HTTP_STATUS_BAD_REQUEST = 400, + HTTP_STATUS_NOT_FOUND = 404, + HTTP_STATUS_PAYLOAD_TOO_LARGE = 413, + HTTP_STATUS_URI_TOO_LONG = 414, + HTTP_STATUS_UNSUPPORTED_MEDIA_TYPE = 415, + HTTP_STATUS_NOT_IMPLEMENTED = 501 +}; + +/** + * HTTP stream. Part of list of HTTP2 streams per session. + */ +struct http2_stream { + /** next stream in list per session */ + struct http2_stream* next; + /** previous stream in list per session */ + struct http2_stream* prev; + /** HTTP2 stream ID is an unsigned 31-bit integer */ + int32_t stream_id; + /** HTTP method used for this stream */ + enum { + HTTP_METHOD_POST = 1, + HTTP_METHOD_GET, + HTTP_METHOD_UNSUPPORTED + } http_method; + /** message contains invalid content type */ + int invalid_content_type; + /** message body content type */ + size_t content_length; + /** HTTP response status */ + enum http_status status; + /** request for non existing endpoint */ + int invalid_endpoint; + /** query in request is too large */ + int query_too_large; + /** buffer to store query into. Can't use session shared buffer as query + * can arrive in parts, intertwined with frames for other queries. */ + struct sldns_buffer* qbuffer; + /** buffer to store response into. Can't use shared buffer as a next + * query read callback can overwrite it before it is send out. */ + struct sldns_buffer* rbuffer; + /** mesh area containing mesh state */ + struct mesh_area* mesh; + /** mesh state for query. Used to remove mesh reply before closing + * stream. */ + struct mesh_state* mesh_state; +}; + +#ifdef HAVE_NGHTTP2 +/** nghttp2 receive cb. Read from SSL connection into nghttp2 buffer */ +ssize_t http2_recv_cb(nghttp2_session* session, uint8_t* buf, + size_t len, int flags, void* cb_arg); +/** nghttp2 send callback. Send from nghttp2 buffer to ssl socket */ +ssize_t http2_send_cb(nghttp2_session* session, const uint8_t* buf, + size_t len, int flags, void* cb_arg); +/** nghttp2 callback on closing stream */ +int http2_stream_close_cb(nghttp2_session* session, int32_t stream_id, + uint32_t error_code, void* cb_arg); +#endif + +/** + * Create new http2 stream + * @param stream_id: ID for stream to create. + * @return malloc'ed stream, NULL on error + */ +struct http2_stream* http2_stream_create(int32_t stream_id); + +/** + * Add new stream to session linked list + * @param h2_session: http2 session to add stream to + * @param h2_stream: stream to add to session list + */ +void http2_session_add_stream(struct http2_session* h2_session, + struct http2_stream* h2_stream); + +/** Add mesh state to stream. To be able to remove mesh reply on stream closure + */ +void http2_stream_add_meshstate(struct http2_stream* h2_stream, + struct mesh_area* mesh, struct mesh_state* m); + +/** * This routine is published for checks and tests, and is only used internally. * handle libevent callback for timer comm. * @param fd: file descriptor (always -1). diff --git a/validator/val_anchor.c b/validator/val_anchor.c index 7224f00a21b6..9b6574c5d24a 100644 --- a/validator/val_anchor.c +++ b/validator/val_anchor.c @@ -1030,8 +1030,6 @@ anchors_assemble_rrsets(struct val_anchors* anchors) ")", b); (void)rbtree_delete(anchors->tree, &ta->node); lock_basic_unlock(&ta->lock); - if(anchors->dlv_anchor == ta) - anchors->dlv_anchor = NULL; anchors_delfunc(&ta->node, NULL); ta = next; continue; @@ -1103,37 +1101,6 @@ anchors_apply_cfg(struct val_anchors* anchors, struct config_file* cfg) return 0; } } - if(cfg->dlv_anchor_file && cfg->dlv_anchor_file[0] != 0) { - struct trust_anchor* dlva; - nm = cfg->dlv_anchor_file; - if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(nm, - cfg->chrootdir, strlen(cfg->chrootdir)) == 0) - nm += strlen(cfg->chrootdir); - if(!(dlva = anchor_read_file(anchors, parsebuf, - nm, 1))) { - log_err("error reading dlv-anchor-file: %s", - cfg->dlv_anchor_file); - sldns_buffer_free(parsebuf); - return 0; - } - lock_basic_lock(&anchors->lock); - anchors->dlv_anchor = dlva; - lock_basic_unlock(&anchors->lock); - } - for(f = cfg->dlv_anchor_list; f; f = f->next) { - struct trust_anchor* dlva; - if(!f->str || f->str[0] == 0) /* empty "" */ - continue; - if(!(dlva = anchor_store_str( - anchors, parsebuf, f->str))) { - log_err("error in dlv-anchor: \"%s\"", f->str); - sldns_buffer_free(parsebuf); - return 0; - } - lock_basic_lock(&anchors->lock); - anchors->dlv_anchor = dlva; - lock_basic_unlock(&anchors->lock); - } /* do autr last, so that it sees what anchors are filled by other * means can can print errors about double config for the name */ for(f = cfg->auto_trust_anchor_file_list; f; f = f->next) { diff --git a/validator/val_anchor.h b/validator/val_anchor.h index a2a795d093d2..1597a7d62fbe 100644 --- a/validator/val_anchor.h +++ b/validator/val_anchor.h @@ -67,8 +67,6 @@ struct val_anchors { * contents of type trust_anchor. */ rbtree_type* tree; - /** The DLV trust anchor (if one is configured, else NULL) */ - struct trust_anchor* dlv_anchor; /** Autotrust global data, anchors sorted by next probe time */ struct autr_global_data* autr; }; diff --git a/validator/val_neg.c b/validator/val_neg.c index 4c08e6bbc92f..67699b1f7c1e 100644 --- a/validator/val_neg.c +++ b/validator/val_neg.c @@ -965,108 +965,6 @@ static int neg_closest_data(struct val_neg_zone* zone, } } -int val_neg_dlvlookup(struct val_neg_cache* neg, uint8_t* qname, size_t len, - uint16_t qclass, struct rrset_cache* rrset_cache, time_t now) -{ - /* lookup closest zone */ - struct val_neg_zone* zone; - struct val_neg_data* data; - int labs; - struct ub_packed_rrset_key* nsec; - struct packed_rrset_data* d; - uint32_t flags; - uint8_t* wc; - struct query_info qinfo; - if(!neg) return 0; - - log_nametypeclass(VERB_ALGO, "negcache dlvlookup", qname, - LDNS_RR_TYPE_DLV, qclass); - - labs = dname_count_labels(qname); - lock_basic_lock(&neg->lock); - zone = neg_closest_zone_parent(neg, qname, len, labs, qclass); - while(zone && !zone->in_use) - zone = zone->parent; - if(!zone) { - lock_basic_unlock(&neg->lock); - return 0; - } - log_nametypeclass(VERB_ALGO, "negcache zone", zone->name, 0, - zone->dclass); - - /* DLV is defined to use NSEC only */ - if(zone->nsec3_hash) { - lock_basic_unlock(&neg->lock); - return 0; - } - - /* lookup closest data record */ - (void)neg_closest_data(zone, qname, len, labs, &data); - while(data && !data->in_use) - data = data->parent; - if(!data) { - lock_basic_unlock(&neg->lock); - return 0; - } - log_nametypeclass(VERB_ALGO, "negcache rr", data->name, - LDNS_RR_TYPE_NSEC, zone->dclass); - - /* lookup rrset in rrset cache */ - flags = 0; - if(query_dname_compare(data->name, zone->name) == 0) - flags = PACKED_RRSET_NSEC_AT_APEX; - nsec = rrset_cache_lookup(rrset_cache, data->name, data->len, - LDNS_RR_TYPE_NSEC, zone->dclass, flags, now, 0); - - /* check if secure and TTL ok */ - if(!nsec) { - lock_basic_unlock(&neg->lock); - return 0; - } - d = (struct packed_rrset_data*)nsec->entry.data; - if(!d || now > d->ttl) { - lock_rw_unlock(&nsec->entry.lock); - /* delete data record if expired */ - neg_delete_data(neg, data); - lock_basic_unlock(&neg->lock); - return 0; - } - if(d->security != sec_status_secure) { - lock_rw_unlock(&nsec->entry.lock); - neg_delete_data(neg, data); - lock_basic_unlock(&neg->lock); - return 0; - } - verbose(VERB_ALGO, "negcache got secure rrset"); - - /* check NSEC security */ - /* check if NSEC proves no DLV type exists */ - /* check if NSEC proves NXDOMAIN for qname */ - qinfo.qname = qname; - qinfo.qtype = LDNS_RR_TYPE_DLV; - qinfo.qclass = qclass; - qinfo.local_alias = NULL; - if(!nsec_proves_nodata(nsec, &qinfo, &wc) && - !val_nsec_proves_name_error(nsec, qname)) { - /* the NSEC is not a denial for the DLV */ - lock_rw_unlock(&nsec->entry.lock); - lock_basic_unlock(&neg->lock); - verbose(VERB_ALGO, "negcache not proven"); - return 0; - } - /* so the NSEC was a NODATA proof, or NXDOMAIN proof. */ - - /* no need to check for wildcard NSEC; no wildcards in DLV repos */ - /* no need to lookup SOA record for client; no response message */ - - lock_rw_unlock(&nsec->entry.lock); - /* if OK touch the LRU for neg_data element */ - neg_lru_touch(neg, data); - lock_basic_unlock(&neg->lock); - verbose(VERB_ALGO, "negcache DLV denial proven"); - return 1; -} - void val_neg_addreferral(struct val_neg_cache* neg, struct reply_info* rep, uint8_t* zone_name) { diff --git a/validator/val_neg.h b/validator/val_neg.h index 877f5c944747..5643ca3314a7 100644 --- a/validator/val_neg.h +++ b/validator/val_neg.h @@ -219,26 +219,6 @@ void val_neg_addreferral(struct val_neg_cache* neg, struct reply_info* rep, uint8_t* zone); /** - * Perform a DLV style lookup - * During the lookup, we could find out that data has expired. In that - * case the neg_cache entries are removed, and lookup fails. - * - * @param neg: negative cache. - * @param qname: name to look for - * @param len: length of qname. - * @param qclass: class to look in. - * @param rrset_cache: the rrset cache, for NSEC lookups. - * @param now: current time for ttl checks. - * @return - * 0 on error - * 0 if no proof of negative - * 1 if indeed negative was proven - * thus, qname DLV qclass does not exist. - */ -int val_neg_dlvlookup(struct val_neg_cache* neg, uint8_t* qname, size_t len, - uint16_t qclass, struct rrset_cache* rrset_cache, time_t now); - -/** * For the given query, try to get a reply out of the negative cache. * The reply still needs to be validated. * @param neg: negative cache. diff --git a/validator/val_nsec.c b/validator/val_nsec.c index a795e77339d3..032d2ae03a42 100644 --- a/validator/val_nsec.c +++ b/validator/val_nsec.c @@ -541,86 +541,3 @@ val_nsec_proves_no_wc(struct ub_packed_rrset_key* nsec, uint8_t* qname, } return 0; } - -/** - * Find shared topdomain that exists - */ -static void -dlv_topdomain(struct ub_packed_rrset_key* nsec, uint8_t* qname, - uint8_t** nm, size_t* nm_len) -{ - /* make sure reply is part of nm */ - /* take shared topdomain with left of NSEC. */ - - /* because, if empty nonterminal, then right is subdomain of qname. - * and any shared topdomain would be empty nonterminals. - * - * If nxdomain, then the right is bigger, and could have an - * interesting shared topdomain, but if it does have one, it is - * an empty nonterminal. An empty nonterminal shared with the left - * one. */ - int n; - uint8_t* common = dname_get_shared_topdomain(qname, nsec->rk.dname); - n = dname_count_labels(*nm) - dname_count_labels(common); - dname_remove_labels(nm, nm_len, n); -} - -int val_nsec_check_dlv(struct query_info* qinfo, - struct reply_info* rep, uint8_t** nm, size_t* nm_len) -{ - uint8_t* next; - size_t i, nlen; - int c; - /* we should now have a NOERROR/NODATA or NXDOMAIN message */ - if(rep->an_numrrsets != 0) { - return 0; - } - /* is this NOERROR ? */ - if(FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) { - /* it can be a plain NSEC match - go up one more level. */ - /* or its an empty nonterminal - go up to nonempty level */ - for(i=0; i<rep->ns_numrrsets; i++) { - if(htons(rep->rrsets[i]->rk.type)!=LDNS_RR_TYPE_NSEC || - !nsec_get_next(rep->rrsets[i], &next, &nlen)) - continue; - c = dname_canonical_compare( - rep->rrsets[i]->rk.dname, qinfo->qname); - if(c == 0) { - /* plain match */ - if(nsec_has_type(rep->rrsets[i], - LDNS_RR_TYPE_DLV)) - return 0; - dname_remove_label(nm, nm_len); - return 1; - } else if(c < 0 && - dname_strict_subdomain_c(next, qinfo->qname)) { - /* ENT */ - dlv_topdomain(rep->rrsets[i], qinfo->qname, - nm, nm_len); - return 1; - } - } - return 0; - } - - /* is this NXDOMAIN ? */ - if(FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN) { - /* find the qname denial NSEC record. It can tell us - * a closest encloser name; or that we not need bother */ - for(i=0; i<rep->ns_numrrsets; i++) { - if(htons(rep->rrsets[i]->rk.type) != LDNS_RR_TYPE_NSEC) - continue; - if(val_nsec_proves_name_error(rep->rrsets[i], - qinfo->qname)) { - log_nametypeclass(VERB_ALGO, "topdomain on", - rep->rrsets[i]->rk.dname, - ntohs(rep->rrsets[i]->rk.type), 0); - dlv_topdomain(rep->rrsets[i], qinfo->qname, - nm, nm_len); - return 1; - } - } - return 0; - } - return 0; -} diff --git a/validator/val_nsec.h b/validator/val_nsec.h index 4e71257bc35a..7117809d60ae 100644 --- a/validator/val_nsec.h +++ b/validator/val_nsec.h @@ -159,19 +159,6 @@ int val_nsec_proves_no_wc(struct ub_packed_rrset_key* nsec, uint8_t* qname, size_t qnamelen); /** - * Determine the DLV result, what to do with NSEC DLV reply. - * @param qinfo: what was queried for. - * @param rep: the nonpositive reply. - * @param nm: dlv lookup name, to adjust for new lookup name (if needed). - * @param nm_len: length of lookup name. - * @return 0 on error, 1 if a higher point is found. - * If the higher point is above the dlv repo anchor, the qname does - * not exist. - */ -int val_nsec_check_dlv(struct query_info* qinfo, - struct reply_info* rep, uint8_t** nm, size_t* nm_len); - -/** * Determine if an nsec proves an insecure delegation towards the qname. * @param nsec: nsec rrset. * @param qinfo: what was queries for. diff --git a/validator/validator.c b/validator/validator.c index c3ca0a27da83..e12180b4bbda 100644 --- a/validator/validator.c +++ b/validator/validator.c @@ -390,10 +390,8 @@ generate_request(struct module_qstate* qstate, int id, uint8_t* name, ask.local_alias = NULL; log_query_info(VERB_ALGO, "generate request", &ask); /* enable valrec flag to avoid recursion to the same validation - * routine, this lookup is simply a lookup. DLVs need validation */ - if(qtype == LDNS_RR_TYPE_DLV) - valrec = 0; - else valrec = 1; + * routine, this lookup is simply a lookup. */ + valrec = 1; fptr_ok(fptr_whitelist_modenv_detect_cycle(qstate->env->detect_cycle)); if((*qstate->env->detect_cycle)(qstate, &ask, @@ -1585,7 +1583,7 @@ processInit(struct module_qstate* qstate, struct val_qstate* vq, vq->key_entry = key_cache_obtain(ve->kcache, lookup_name, lookup_len, vq->qchase.qclass, qstate->region, *qstate->env->now); - /* there is no key(from DLV) and no trust anchor */ + /* there is no key and no trust anchor */ if(vq->key_entry == NULL && anchor == NULL) { /*response isn't under a trust anchor, so we cannot validate.*/ vq->chase_reply->security = sec_status_indeterminate; @@ -1603,7 +1601,6 @@ processInit(struct module_qstate* qstate, struct val_qstate* vq, val_mark_insecure(vq->chase_reply, anchor->name, qstate->env->rrset_cache, qstate->env); lock_basic_unlock(&anchor->lock); - vq->dlv_checked=1; /* skip DLV check */ /* go to finished state to cache this result */ vq->state = VAL_FINISHED_STATE; return 1; @@ -1679,9 +1676,8 @@ processFindKey(struct module_qstate* qstate, struct val_qstate* vq, int id) /* We know that state.key_entry is not 0 or bad key -- if it were, * then previous processing should have directed this event to * a different state. - * It could be an isnull key, which signals that a DLV was just - * done and the DNSKEY after the DLV failed with dnssec-retry state - * and the DNSKEY has to be performed again. */ + * It could be an isnull key, which signals the DNSKEY failed + * with retry and has to be looked up again. */ log_assert(vq->key_entry && !key_entry_isbad(vq->key_entry)); if(key_entry_isnull(vq->key_entry)) { if(!generate_request(qstate, id, vq->ds_rrset->rk.dname, @@ -1986,148 +1982,6 @@ processValidate(struct module_qstate* qstate, struct val_qstate* vq, } /** - * Init DLV check. - * DLV is going to be decommissioned, but the code is still here for some time. - * - * Called when a query is determined by other trust anchors to be insecure - * (or indeterminate). Then we look if there is a key in the DLV. - * Performs aggressive negative cache check to see if there is no key. - * Otherwise, spawns a DLV query, and changes to the DLV wait state. - * - * @param qstate: query state. - * @param vq: validator query state. - * @param ve: validator shared global environment. - * @param id: module id. - * @return true if there is no DLV. - * false: processing is finished for the validator operate(). - * This function may exit in three ways: - * o no DLV (aggressive cache), so insecure. (true) - * o error - stop processing (false) - * o DLV lookup was started, stop processing (false) - */ -static int -val_dlv_init(struct module_qstate* qstate, struct val_qstate* vq, - struct val_env* ve, int id) -{ - uint8_t* nm; - size_t nm_len; - struct module_qstate* newq = NULL; - /* there must be a DLV configured */ - log_assert(qstate->env->anchors->dlv_anchor); - /* this bool is true to avoid looping in the DLV checks */ - log_assert(vq->dlv_checked); - - /* init the DLV lookup variables */ - vq->dlv_lookup_name = NULL; - vq->dlv_lookup_name_len = 0; - vq->dlv_insecure_at = NULL; - vq->dlv_insecure_at_len = 0; - - /* Determine the name for which we want to lookup DLV. - * This name is for the current message, or - * for the current RRset for CNAME, referral subtypes. - * If there is a signer, use that, otherwise the domain name */ - if(vq->signer_name) { - nm = vq->signer_name; - nm_len = vq->signer_len; - } else { - /* use qchase */ - nm = vq->qchase.qname; - nm_len = vq->qchase.qname_len; - if(vq->qchase.qtype == LDNS_RR_TYPE_DS) - dname_remove_label(&nm, &nm_len); - } - log_nametypeclass(VERB_ALGO, "DLV init look", nm, LDNS_RR_TYPE_DS, - vq->qchase.qclass); - log_assert(nm && nm_len); - /* sanity check: no DLV lookups below the DLV anchor itself. - * Like, an securely insecure delegation there makes no sense. */ - if(dname_subdomain_c(nm, qstate->env->anchors->dlv_anchor->name)) { - verbose(VERB_ALGO, "DLV lookup within DLV repository denied"); - return 1; - } - /* concat name (minus root label) + dlv name */ - vq->dlv_lookup_name_len = nm_len - 1 + - qstate->env->anchors->dlv_anchor->namelen; - vq->dlv_lookup_name = regional_alloc(qstate->region, - vq->dlv_lookup_name_len); - if(!vq->dlv_lookup_name) { - log_err("Out of memory preparing DLV lookup"); - return val_error(qstate, id); - } - memmove(vq->dlv_lookup_name, nm, nm_len-1); - memmove(vq->dlv_lookup_name+nm_len-1, - qstate->env->anchors->dlv_anchor->name, - qstate->env->anchors->dlv_anchor->namelen); - log_nametypeclass(VERB_ALGO, "DLV name", vq->dlv_lookup_name, - LDNS_RR_TYPE_DLV, vq->qchase.qclass); - - /* determine where the insecure point was determined, the DLV must - * be equal or below that to continue building the trust chain - * down. May be NULL if no trust chain was built yet */ - nm = NULL; - if(vq->key_entry && key_entry_isnull(vq->key_entry)) { - nm = vq->key_entry->name; - nm_len = vq->key_entry->namelen; - } - if(nm) { - vq->dlv_insecure_at_len = nm_len - 1 + - qstate->env->anchors->dlv_anchor->namelen; - vq->dlv_insecure_at = regional_alloc(qstate->region, - vq->dlv_insecure_at_len); - if(!vq->dlv_insecure_at) { - log_err("Out of memory preparing DLV lookup"); - return val_error(qstate, id); - } - memmove(vq->dlv_insecure_at, nm, nm_len-1); - memmove(vq->dlv_insecure_at+nm_len-1, - qstate->env->anchors->dlv_anchor->name, - qstate->env->anchors->dlv_anchor->namelen); - log_nametypeclass(VERB_ALGO, "insecure_at", - vq->dlv_insecure_at, 0, vq->qchase.qclass); - } - - /* If we can find the name in the aggressive negative cache, - * give up; insecure is the answer */ - while(val_neg_dlvlookup(ve->neg_cache, vq->dlv_lookup_name, - vq->dlv_lookup_name_len, vq->qchase.qclass, - qstate->env->rrset_cache, *qstate->env->now)) { - /* go up */ - dname_remove_label(&vq->dlv_lookup_name, - &vq->dlv_lookup_name_len); - /* too high? */ - if(!dname_subdomain_c(vq->dlv_lookup_name, - qstate->env->anchors->dlv_anchor->name)) { - verbose(VERB_ALGO, "ask above dlv repo"); - return 1; /* Above the repo is insecure */ - } - /* above chain of trust? */ - if(vq->dlv_insecure_at && !dname_subdomain_c( - vq->dlv_lookup_name, vq->dlv_insecure_at)) { - verbose(VERB_ALGO, "ask above insecure endpoint"); - return 1; - } - } - - /* perform a lookup for the DLV; with validation */ - vq->state = VAL_DLVLOOKUP_STATE; - if(!generate_request(qstate, id, vq->dlv_lookup_name, - vq->dlv_lookup_name_len, LDNS_RR_TYPE_DLV, - vq->qchase.qclass, 0, &newq, 0)) { - return val_error(qstate, id); - } - - /* Find the closest encloser DLV from the repository. - * then that is used to build another chain of trust - * This may first require a query 'too low' that has NSECs in - * the answer, from which we determine the closest encloser DLV. - * When determine the closest encloser, skip empty nonterminals, - * since we want a nonempty node in the DLV repository. */ - - return 0; -} - -/** * The Finished state. The validation status (good or bad) has been determined. * * @param qstate: query state. @@ -2145,16 +1999,6 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq, qstate->query_flags, &qstate->qinfo, &vq->qchase, vq->orig_msg->rep, vq->rrset_skip); - /* if the result is insecure or indeterminate and we have not - * checked the DLV yet, check the DLV */ - if((vq->chase_reply->security == sec_status_insecure || - vq->chase_reply->security == sec_status_indeterminate) && - qstate->env->anchors->dlv_anchor && !vq->dlv_checked) { - vq->dlv_checked = 1; - if(!val_dlv_init(qstate, vq, ve, id)) - return 0; - } - /* store overall validation result in orig_msg */ if(vq->rrset_skip == 0) vq->orig_msg->rep->security = vq->chase_reply->security; @@ -2177,7 +2021,6 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq, /* and restart for this rrset */ verbose(VERB_ALGO, "validator: go to next rrset"); vq->chase_reply->security = sec_status_unchecked; - vq->dlv_checked = 0; /* can do DLV for this RR */ vq->state = VAL_INIT_STATE; return 1; } @@ -2195,7 +2038,6 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq, log_query_info(VERB_ALGO, "validator: chased to", &vq->qchase); vq->chase_reply->security = sec_status_unchecked; - vq->dlv_checked = 0; /* can do DLV for this RR */ vq->state = VAL_INIT_STATE; return 1; } @@ -2321,119 +2163,6 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq, return 0; } -/** - * The DLVLookup state. Process DLV lookups. - * - * @param qstate: query state. - * @param vq: validator query state. - * @param ve: validator shared global environment. - * @param id: module id. - * @return true if the event should be processed further on return, false if - * not. - */ -static int -processDLVLookup(struct module_qstate* qstate, struct val_qstate* vq, - struct val_env* ve, int id) -{ - struct module_qstate* newq = NULL; - /* see if this we are ready to continue normal resolution */ - /* we may need more DLV lookups */ - if(vq->dlv_status==dlv_error) - verbose(VERB_ALGO, "DLV woke up with status dlv_error"); - else if(vq->dlv_status==dlv_success) - verbose(VERB_ALGO, "DLV woke up with status dlv_success"); - else if(vq->dlv_status==dlv_ask_higher) - verbose(VERB_ALGO, "DLV woke up with status dlv_ask_higher"); - else if(vq->dlv_status==dlv_there_is_no_dlv) - verbose(VERB_ALGO, "DLV woke up with status dlv_there_is_no_dlv"); - else verbose(VERB_ALGO, "DLV woke up with status unknown"); - - if(vq->dlv_status == dlv_error) { - verbose(VERB_QUERY, "failed DLV lookup"); - errinf(qstate, "failed DLV lookup"); - return val_error(qstate, id); - } else if(vq->dlv_status == dlv_success) { - uint8_t* nm; - size_t nmlen; - /* chain continues with DNSKEY, continue in FINDKEY */ - vq->state = VAL_FINDKEY_STATE; - - /* strip off the DLV suffix from the name; could result in . */ - log_assert(dname_subdomain_c(vq->ds_rrset->rk.dname, - qstate->env->anchors->dlv_anchor->name)); - nmlen = vq->ds_rrset->rk.dname_len - - qstate->env->anchors->dlv_anchor->namelen + 1; - nm = regional_alloc_init(qstate->region, - vq->ds_rrset->rk.dname, nmlen); - if(!nm) { - log_err("Out of memory in DLVLook"); - return val_error(qstate, id); - } - nm[nmlen-1] = 0; - - vq->ds_rrset->rk.dname = nm; - vq->ds_rrset->rk.dname_len = nmlen; - - /* create a nullentry for the key so the dnskey lookup - * can be retried after a validation failure for it */ - vq->key_entry = key_entry_create_null(qstate->region, - nm, nmlen, vq->qchase.qclass, 0, 0); - if(!vq->key_entry) { - log_err("Out of memory in DLVLook"); - return val_error(qstate, id); - } - - if(!generate_request(qstate, id, vq->ds_rrset->rk.dname, - vq->ds_rrset->rk.dname_len, LDNS_RR_TYPE_DNSKEY, - vq->qchase.qclass, BIT_CD, &newq, 0)) { - verbose(VERB_ALGO, "error generating DNSKEY request"); - return val_error(qstate, id); - } - return 0; - } else if(vq->dlv_status == dlv_there_is_no_dlv) { - /* continue with the insecure result we got */ - vq->state = VAL_FINISHED_STATE; - return 1; - } - log_assert(vq->dlv_status == dlv_ask_higher); - - /* ask higher, make sure we stay in DLV repo, below dlv_at */ - if(!dname_subdomain_c(vq->dlv_lookup_name, - qstate->env->anchors->dlv_anchor->name)) { - /* just like, there is no DLV */ - verbose(VERB_ALGO, "ask above dlv repo"); - vq->state = VAL_FINISHED_STATE; - return 1; - } - if(vq->dlv_insecure_at && !dname_subdomain_c(vq->dlv_lookup_name, - vq->dlv_insecure_at)) { - /* already checked a chain lower than dlv_lookup_name */ - verbose(VERB_ALGO, "ask above insecure endpoint"); - log_nametypeclass(VERB_ALGO, "enpt", vq->dlv_insecure_at, 0, 0); - vq->state = VAL_FINISHED_STATE; - return 1; - } - - /* check negative cache before making new request */ - if(val_neg_dlvlookup(ve->neg_cache, vq->dlv_lookup_name, - vq->dlv_lookup_name_len, vq->qchase.qclass, - qstate->env->rrset_cache, *qstate->env->now)) { - /* does not exist, go up one (go higher). */ - dname_remove_label(&vq->dlv_lookup_name, - &vq->dlv_lookup_name_len); - /* limit number of labels, limited number of recursion */ - return processDLVLookup(qstate, vq, ve, id); - } - - if(!generate_request(qstate, id, vq->dlv_lookup_name, - vq->dlv_lookup_name_len, LDNS_RR_TYPE_DLV, - vq->qchase.qclass, 0, &newq, 0)) { - return val_error(qstate, id); - } - - return 0; -} - /** * Handle validator state. * If a method returns true, the next state is started. If false, then @@ -2464,9 +2193,6 @@ val_handle(struct module_qstate* qstate, struct val_qstate* vq, case VAL_FINISHED_STATE: cont = processFinished(qstate, vq, ve, id); break; - case VAL_DLVLOOKUP_STATE: - cont = processDLVLookup(qstate, vq, ve, id); - break; default: log_warn("validator: invalid state %d", vq->state); @@ -3105,99 +2831,6 @@ process_prime_response(struct module_qstate* qstate, struct val_qstate* vq, /* the qstate will be reactivated after inform_super is done */ } -/** - * Process DLV response. Called from inform_supers. - * Because it is in inform_supers, the mesh itself is busy doing callbacks - * for a state that is to be deleted soon; don't touch the mesh; instead - * set a state in the super, as the super will be reactivated soon. - * Perform processing to determine what state to set in the super. - * - * @param qstate: query state that is validating and asked for a DLV. - * @param vq: validator query state - * @param id: module id. - * @param rcode: rcode result value. - * @param msg: result message (if rcode is OK). - * @param qinfo: from the sub query state, query info. - */ -static void -process_dlv_response(struct module_qstate* qstate, struct val_qstate* vq, - int id, int rcode, struct dns_msg* msg, struct query_info* qinfo) -{ - struct val_env* ve = (struct val_env*)qstate->env->modinfo[id]; - - verbose(VERB_ALGO, "process dlv response to super"); - if(rcode != LDNS_RCODE_NOERROR) { - /* lookup failed, set in vq to give up */ - vq->dlv_status = dlv_error; - verbose(VERB_ALGO, "response is error"); - return; - } - if(msg->rep->security != sec_status_secure) { - vq->dlv_status = dlv_error; - verbose(VERB_ALGO, "response is not secure, %s", - sec_status_to_string(msg->rep->security)); - return; - } - /* was the lookup a success? validated DLV? */ - if(FLAGS_GET_RCODE(msg->rep->flags) == LDNS_RCODE_NOERROR && - msg->rep->an_numrrsets == 1 && - msg->rep->security == sec_status_secure && - ntohs(msg->rep->rrsets[0]->rk.type) == LDNS_RR_TYPE_DLV && - ntohs(msg->rep->rrsets[0]->rk.rrset_class) == qinfo->qclass && - query_dname_compare(msg->rep->rrsets[0]->rk.dname, - vq->dlv_lookup_name) == 0) { - /* yay! it is just like a DS */ - vq->ds_rrset = (struct ub_packed_rrset_key*) - regional_alloc_init(qstate->region, - msg->rep->rrsets[0], sizeof(*vq->ds_rrset)); - if(!vq->ds_rrset) { - log_err("out of memory in process_dlv"); - return; - } - vq->ds_rrset->entry.key = vq->ds_rrset; - vq->ds_rrset->rk.dname = (uint8_t*)regional_alloc_init( - qstate->region, vq->ds_rrset->rk.dname, - vq->ds_rrset->rk.dname_len); - if(!vq->ds_rrset->rk.dname) { - log_err("out of memory in process_dlv"); - vq->dlv_status = dlv_error; - return; - } - vq->ds_rrset->entry.data = regional_alloc_init(qstate->region, - vq->ds_rrset->entry.data, - packed_rrset_sizeof(vq->ds_rrset->entry.data)); - if(!vq->ds_rrset->entry.data) { - log_err("out of memory in process_dlv"); - vq->dlv_status = dlv_error; - return; - } - packed_rrset_ptr_fixup(vq->ds_rrset->entry.data); - /* make vq do a DNSKEY query next up */ - vq->dlv_status = dlv_success; - return; - } - /* store NSECs into negative cache */ - val_neg_addreply(ve->neg_cache, msg->rep); - - /* was the lookup a failure? - * if we have to go up into the DLV for a higher DLV anchor - * then set this in the vq, so it can make queries when activated. - * See if the NSECs indicate that we should look for higher DLV - * or, that there is no DLV securely */ - if(!val_nsec_check_dlv(qinfo, msg->rep, &vq->dlv_lookup_name, - &vq->dlv_lookup_name_len)) { - vq->dlv_status = dlv_error; - verbose(VERB_ALGO, "nsec error"); - return; - } - if(!dname_subdomain_c(vq->dlv_lookup_name, - qstate->env->anchors->dlv_anchor->name)) { - vq->dlv_status = dlv_there_is_no_dlv; - return; - } - vq->dlv_status = dlv_ask_higher; -} - /* * inform validator super. * @@ -3233,10 +2866,6 @@ val_inform_super(struct module_qstate* qstate, int id, qstate->return_msg, &qstate->qinfo, qstate->reply_origin); return; - } else if(qstate->qinfo.qtype == LDNS_RR_TYPE_DLV) { - process_dlv_response(super, vq, id, qstate->return_rcode, - qstate->return_msg, &qstate->qinfo); - return; } log_err("internal error in validator: no inform_supers possible"); } @@ -3284,7 +2913,6 @@ val_state_to_string(enum val_state state) case VAL_FINDKEY_STATE: return "VAL_FINDKEY_STATE"; case VAL_VALIDATE_STATE: return "VAL_VALIDATE_STATE"; case VAL_FINISHED_STATE: return "VAL_FINISHED_STATE"; - case VAL_DLVLOOKUP_STATE: return "VAL_DLVLOOKUP_STATE"; } return "UNKNOWN VALIDATOR STATE"; } diff --git a/validator/validator.h b/validator/validator.h index 9e4c8a9414a1..35da1920aa39 100644 --- a/validator/validator.h +++ b/validator/validator.h @@ -137,8 +137,6 @@ enum val_state { VAL_VALIDATE_STATE, /** finish up */ VAL_FINISHED_STATE, - /** DLV lookup state, processing DLV queries */ - VAL_DLVLOOKUP_STATE }; /** @@ -217,27 +215,6 @@ struct val_qstate { /** true if this state is waiting to prime a trust anchor */ int wait_prime_ta; - - /** have we already checked the DLV? */ - int dlv_checked; - /** The name for which the DLV is looked up. For the current message - * or for the current RRset (for CNAME, REFERRAL types). - * If there is signer name, that may be it, else a domain name */ - uint8_t* dlv_lookup_name; - /** length of dlv lookup name */ - size_t dlv_lookup_name_len; - /** Name at which chain of trust stopped with insecure, starting DLV - * DLV must result in chain going further down */ - uint8_t* dlv_insecure_at; - /** length of dlv insecure point name */ - size_t dlv_insecure_at_len; - /** status of DLV lookup. Indication to VAL_DLV_STATE what to do */ - enum dlv_status { - dlv_error, /* server failure */ - dlv_success, /* got a DLV */ - dlv_ask_higher, /* ask again */ - dlv_there_is_no_dlv /* got no DLV, sure of it */ - } dlv_status; }; /** |