"Fossies" - the Fresh Open Source Software Archive

Member "hitch-1.7.2/src/cfg_parser.y" (29 Nov 2021, 16015 Bytes) of package /linux/www/hitch-1.7.2.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bison source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "cfg_parser.y": 1.7.0_vs_1.7.2.

    1 %{
    2 #include "config.h"
    3 
    4 #include <stdio.h>
    5 #include <stdlib.h>
    6 
    7 #include "configuration.h"
    8 #include "foreign/vas.h"
    9 #include "foreign/miniobj.h"
   10 #include "foreign/uthash.h"
   11 
   12 extern int yylex (void);
   13 extern int yyparse(hitch_config *);
   14 extern FILE *yyin;
   15 int yyget_lineno(void);
   16 
   17 void config_error_set(char *, ...);
   18 int config_param_validate(char *k, char *v, hitch_config *cfg,
   19     char *file, int line);
   20 int front_arg_add(hitch_config *cfg, struct front_arg *fa);
   21 struct front_arg *front_arg_new(void);
   22 void front_arg_destroy(struct front_arg *fa);
   23 struct cfg_cert_file *
   24 cfg_cert_file_new(void);
   25 void cfg_cert_file_free(struct cfg_cert_file **cfptr);
   26 int cfg_cert_vfy(struct cfg_cert_file *cf);
   27 void yyerror(hitch_config *, const char *);
   28 void cfg_cert_add(struct cfg_cert_file *cf, struct cfg_cert_file **dst);
   29 
   30 static struct front_arg *cur_fa;
   31 static struct cfg_cert_file *cur_pem;
   32 extern char input_line[512];
   33 
   34 %}
   35 
   36 %union {
   37     int i;
   38     char    *s;
   39 }
   40 
   41 %token <i> INT
   42 %token <i> UINT
   43 %token <i> BOOL
   44 %token <s> STRING
   45 
   46 %token TOK_CIPHERS TOK_SSL_ENGINE TOK_PREFER_SERVER_CIPHERS TOK_BACKEND
   47 %token TOK_FRONTEND TOK_WORKERS TOK_BACKLOG TOK_KEEPALIVE TOK_CHROOT
   48 %token TOK_USER TOK_GROUP TOK_QUIET TOK_SYSLOG TOK_SYSLOG_FACILITY
   49 %token TOK_PARAM_SYSLOG_FACILITY TOK_DAEMON TOK_WRITE_IP TOK_WRITE_PROXY
   50 %token TOK_WRITE_PROXY_V1 TOK_WRITE_PROXY_V2 TOK_PEM_FILE TOK_PROXY_PROXY
   51 %token TOK_BACKEND_CONNECT_TIMEOUT TOK_SSL_HANDSHAKE_TIMEOUT TOK_RECV_BUFSIZE
   52 %token TOK_SEND_BUFSIZE TOK_LOG_FILENAME TOK_RING_SLOTS TOK_RING_DATA_LEN
   53 %token TOK_PIDFILE TOK_SNI_NOMATCH_ABORT TOK_SSL TOK_TLS TOK_HOST TOK_PORT
   54 %token TOK_MATCH_GLOBAL TOK_PB_CERT TOK_PB_OCSP_FILE TOK_OCSP_VERIFY
   55 %token TOK_OCSP_DIR TOK_OCSP_RESP_TMO TOK_OCSP_CONN_TMO TOK_ALPN_PROTOS
   56 %token TOK_TLS_PROTOS TOK_SSLv3 TOK_TLSv1_0 TOK_TLSv1_1 TOK_TLSv1_2
   57 %token TOK_TLSv1_3 TOK_CIPHERSUITES TOK_ECDH_CURVE
   58 %token TOK_SESSION_CACHE TOK_SHARED_CACHE_LISTEN TOK_SHARED_CACHE_PEER
   59 %token TOK_SHARED_CACHE_IF TOK_PRIVATE_KEY TOK_BACKEND_REFRESH
   60 %token TOK_OCSP_REFRESH_INTERVAL TOK_PEM_DIR TOK_PEM_DIR_GLOB
   61 %token TOK_LOG_LEVEL TOK_PROXY_TLV TOK_PROXY_AUTHORITY TOK_TFO
   62 %token TOK_CLIENT_VERIFY TOK_VERIFY_NONE TOK_VERIFY_OPT TOK_VERIFY_REQ
   63 %token TOK_CLIENT_VERIFY_CA TOK_PROXY_CCERT
   64 
   65 %parse-param { hitch_config *cfg }
   66 
   67 %%
   68 CFG
   69     : CFG_RECORDS
   70     ;
   71 
   72 CFG_RECORDS
   73     : CFG_RECORD
   74     | CFG_RECORDS CFG_RECORD
   75     ;
   76 
   77 CFG_RECORD
   78     : FRONTEND_REC
   79     | BACKEND_REC
   80     | PEM_FILE_REC
   81     | CIPHERS_REC
   82     | CIPHERSUITES_REC
   83     | TLS_REC
   84     | SSL_REC
   85     | TLS_PROTOS_REC
   86     | PREFER_SERVER_CIPHERS_REC
   87     | SSL_ENGINE_REC
   88     | WORKERS_REC
   89     | BACKLOG_REC
   90     | KEEPALIVE_REC
   91     | CHROOT_REC
   92     | USER_REC
   93     | GROUP_REC
   94     | QUIET_REC
   95     | SYSLOG_REC
   96     | SYSLOG_FACILITY_REC
   97     | DAEMON_REC
   98     | WRITE_IP_REC
   99     | WRITE_PROXY_REC
  100     | WRITE_PROXY_V1_REC
  101     | WRITE_PROXY_V2_REC
  102     | PROXY_PROXY_REC
  103     | ALPN_PROTOS_REC
  104     | PROXY_TLV_REC
  105     | PROXY_CCRT_REC
  106     | SNI_NOMATCH_ABORT_REC
  107     | OCSP_VERIFY
  108     | OCSP_RESP_TMO
  109     | OCSP_CONN_TMO
  110     | OCSP_REFRESH_INTERVAL
  111     | OCSP_DIR
  112     | PEM_DIR
  113     | PEM_DIR_GLOB
  114     | SESSION_CACHE_REC
  115     | SHARED_CACHE_LISTEN_REC
  116     | SHARED_CACHE_PEER_REC
  117     | SHARED_CACHE_IF_REC
  118     | LOG_FILENAME_REC
  119     | LOG_LEVEL_REC
  120     | SEND_BUFSIZE_REC
  121     | RECV_BUFSIZE_REC
  122     | BACKEND_REFRESH_REC
  123     | TFO
  124     | ECDH_CURVE_REC
  125     | CLIENT_VERIFY_REC
  126     | CLIENT_VERIFY_CA_REC
  127     ;
  128 
  129 FRONTEND_REC
  130     : TOK_FRONTEND '=' STRING {
  131         /* XXX: passing an empty string for file */
  132         if ($3 && config_param_validate("frontend", $3, cfg, "",
  133             yyget_lineno()) != 0)
  134             YYABORT;
  135     }
  136     | TOK_FRONTEND '=' '{' {
  137         /* NB: Mid-rule action */
  138         AZ(cur_fa);
  139         cur_fa = front_arg_new();
  140     }
  141     FRONTEND_BLK '}' {
  142         if (front_arg_add(cfg, cur_fa) != 1)
  143             YYABORT;
  144         cur_fa = NULL;
  145     };
  146 
  147 FRONTEND_BLK: FB_RECS;
  148 FB_RECS
  149     : FB_REC
  150     | FB_RECS FB_REC
  151     ;
  152 
  153 FB_REC
  154     : FB_HOST
  155     | FB_PORT
  156     | FB_CERT
  157     | FB_CLIENT_VERIFY
  158     | FB_CLIENT_VERIFY_CA
  159     | FB_MATCH_GLOBAL
  160     | FB_SNI_NOMATCH_ABORT
  161     | FB_TLS
  162     | FB_SSL
  163     | FB_TLS_PROTOS
  164     | FB_CIPHERS
  165     | FB_CIPHERSUITES
  166     | FB_PREF_SRV_CIPH
  167     ;
  168 
  169 FB_HOST: TOK_HOST '=' STRING {
  170     if ($3) {
  171         if (strcmp($3, "*") == 0)
  172             cur_fa->ip = NULL;
  173         else
  174             cur_fa->ip = strdup($3);
  175     }
  176 };
  177 
  178 FB_PORT: TOK_PORT '=' STRING { if ($3) cur_fa->port = strdup($3); };
  179 
  180 PEM_BLK: PB_RECS;
  181 
  182 PB_RECS
  183     : PB_REC
  184     | PB_RECS PB_REC
  185     ;
  186 
  187 PB_REC
  188     : PB_CERT
  189     | PB_OCSP_RESP_FILE;
  190     | OCSP_VERIFY
  191     | PRIVATE_KEY
  192     ;
  193 
  194 PB_CERT: TOK_PB_CERT '=' STRING { if ($3) cur_pem->filename = strdup($3); };
  195 
  196 PB_OCSP_RESP_FILE: TOK_PB_OCSP_FILE '=' STRING {
  197     if ($3)
  198         cur_pem->ocspfn = strdup($3);
  199 };
  200 
  201 OCSP_VERIFY: TOK_OCSP_VERIFY '=' BOOL {
  202     if (cur_pem != NULL)
  203         cur_pem->ocsp_vfy = $3;
  204     else
  205         cfg->OCSP_VFY = $3;
  206 };
  207 
  208 PRIVATE_KEY: TOK_PRIVATE_KEY '=' STRING {
  209     if ($3) cur_pem->priv_key_filename = strdup($3);
  210 };
  211 
  212 PEM_DIR: TOK_PEM_DIR '=' STRING {
  213     if ($3) {
  214         size_t l;
  215         l = strlen($3);
  216         cfg->PEM_DIR = malloc(l + 2);
  217         strcpy(cfg->PEM_DIR, $3);
  218         if (cfg->PEM_DIR[l-1] != '/')
  219             strcat(cfg->PEM_DIR, "/");
  220     }
  221     else
  222         cfg->PEM_DIR = NULL;
  223 };
  224 
  225 PEM_DIR_GLOB: TOK_PEM_DIR_GLOB '=' STRING {
  226     if ($3)
  227         cfg->PEM_DIR_GLOB = strdup($3);
  228     else
  229         cfg->PEM_DIR_GLOB = NULL;
  230 
  231 };
  232 
  233 OCSP_DIR: TOK_OCSP_DIR '=' STRING {
  234     free(cfg->OCSP_DIR);
  235     if ($3)
  236         cfg->OCSP_DIR = strdup($3);
  237     else
  238         cfg->OCSP_DIR = NULL;
  239 };
  240 
  241 OCSP_RESP_TMO: TOK_OCSP_RESP_TMO '=' UINT {
  242     cfg->OCSP_RESP_TMO = $3;
  243 };
  244 
  245 OCSP_CONN_TMO: TOK_OCSP_CONN_TMO '=' UINT {
  246     cfg->OCSP_CONN_TMO = $3;
  247 };
  248 
  249 OCSP_REFRESH_INTERVAL: TOK_OCSP_REFRESH_INTERVAL '=' UINT {
  250     cfg->OCSP_REFRESH_INTERVAL = $3;
  251 }
  252 
  253 FB_CERT
  254     : TOK_PEM_FILE '=' STRING {
  255         if ($3 != NULL) {
  256             int r;
  257             struct cfg_cert_file *cert;
  258             cert = cfg_cert_file_new();
  259             cert->filename = strdup($3);
  260             r = cfg_cert_vfy(cert);
  261             if (r == 0) {
  262                 cfg_cert_file_free(&cert);
  263                 YYABORT;
  264             }
  265             cfg_cert_add(cert, &cur_fa->certs);
  266         }
  267     }
  268     | TOK_PEM_FILE '=' '{' {
  269         /* NB: Mid-rule action */
  270         AZ(cur_pem);
  271         cur_pem = cfg_cert_file_new();
  272     }
  273     PEM_BLK '}' {
  274         if (cfg_cert_vfy(cur_pem) != 0)
  275             cfg_cert_add(cur_pem, &cur_fa->certs);
  276         else {
  277             cfg_cert_file_free(&cur_pem);
  278             YYABORT;
  279         }
  280         cur_pem = NULL;
  281     };
  282 
  283 FB_CLIENT_VERIFY: TOK_CLIENT_VERIFY '=' CLIENT_VERIFY_OPT;
  284 
  285 FB_CLIENT_VERIFY_CA: TOK_CLIENT_VERIFY_CA '=' STRING {
  286     cur_fa->client_verify_ca = strdup($3);
  287 };
  288 
  289 
  290 FB_MATCH_GLOBAL: TOK_MATCH_GLOBAL '=' BOOL { cur_fa->match_global_certs = $3; };
  291 
  292 FB_SNI_NOMATCH_ABORT:TOK_SNI_NOMATCH_ABORT '=' BOOL {
  293         cur_fa->sni_nomatch_abort = $3;
  294 };
  295 
  296 // this is not optimal, but it was not before, either.
  297 FB_TLS: TOK_TLS '=' BOOL {
  298     if (cur_fa->selected_protos != 0) {
  299         fprintf(stderr, "%s (%s, line %d):"
  300             " It is illegal to specify tls after ssl,"
  301             " tls or tls-protos.\n",
  302             __func__, __FILE__, __LINE__);
  303         front_arg_destroy(cur_fa);
  304         cur_fa = NULL;
  305         YYABORT;
  306     }
  307     if ($3)
  308         cur_fa->selected_protos = TLS_OPTION_PROTOS;
  309     else
  310         fprintf(stderr,
  311             "Warning: tls = off is deprecated and has no effect.\n");
  312 }
  313 
  314 FB_SSL: TOK_SSL '=' BOOL {
  315     if (cur_fa->selected_protos != 0) {
  316         fprintf(stderr, "%s (%s, line %d):"
  317             " It is illegal to specify ssl after ssl,"
  318             " tls or tls-protos.\n",
  319             __func__, __FILE__, __LINE__);
  320         front_arg_destroy(cur_fa);
  321         cur_fa = NULL;
  322         YYABORT;
  323     }
  324     if ($3)
  325         cur_fa->selected_protos = SSL_OPTION_PROTOS;
  326     else
  327         fprintf(stderr,
  328             "Warning: ssl = off is deprecated and has no effect.\n");
  329 }
  330 
  331 FB_TLS_PROTOS: TOK_TLS_PROTOS {
  332     if (cur_fa->selected_protos != 0) {
  333         fprintf(stderr, "%s (%s, line %d):"
  334             " It is illegal to specify tls-protos after"
  335             " ssl, tls or tls-protos\nSelected before was %d\n",
  336             __func__, __FILE__, __LINE__, cur_fa->selected_protos);
  337         front_arg_destroy(cur_fa);
  338         cur_fa = NULL;
  339         YYABORT;
  340     }
  341 } '=' FB_TLS_PROTOS_LIST;
  342 
  343 FB_TLS_PROTOS_LIST: FB_TLS_PROTO | FB_TLS_PROTOS_LIST FB_TLS_PROTO;
  344 FB_TLS_PROTO
  345     : TOK_SSLv3 { cur_fa->selected_protos |= SSLv3_PROTO; }
  346     | TOK_TLSv1_0 { cur_fa->selected_protos |= TLSv1_0_PROTO; }
  347     | TOK_TLSv1_1 { cur_fa->selected_protos |= TLSv1_1_PROTO; }
  348     | TOK_TLSv1_2 { cur_fa->selected_protos |= TLSv1_2_PROTO; }
  349     | TOK_TLSv1_3 { cur_fa->selected_protos |= TLSv1_3_PROTO; };
  350 
  351 FB_CIPHERS: TOK_CIPHERS '=' STRING {
  352     if ($3) cur_fa->ciphers_tlsv12 = strdup($3);
  353 };
  354 
  355 FB_CIPHERSUITES: TOK_CIPHERSUITES '=' STRING {
  356     if ($3) {
  357         CHECK_OBJ_NOTNULL(cur_fa, FRONT_ARG_MAGIC);
  358         cur_fa->ciphersuites_tlsv13 = strdup($3);
  359     }
  360 };
  361 
  362 FB_PREF_SRV_CIPH: TOK_PREFER_SERVER_CIPHERS '=' BOOL {
  363     cur_fa->prefer_server_ciphers = $3;
  364 };
  365 
  366 QUIET_REC: TOK_QUIET '=' BOOL {
  367     if ($3)
  368         cfg->LOG_LEVEL = 0;
  369     else
  370         cfg->LOG_LEVEL = 1;
  371 };
  372 
  373 WORKERS_REC: TOK_WORKERS '=' UINT { cfg->NCORES = $3; };
  374 
  375 BACKLOG_REC: TOK_BACKLOG '=' UINT { cfg->BACKLOG = $3; };
  376 
  377 KEEPALIVE_REC: TOK_KEEPALIVE '=' UINT { cfg->TCP_KEEPALIVE_TIME = $3; };
  378 
  379 TLS_REC: TOK_TLS '=' BOOL {
  380     if (cfg->SELECTED_TLS_PROTOS != 0) {
  381         fprintf(stderr, "%s (%s, line %d):"
  382             " It is illegal to specify tls after ssl,"
  383             " tls or tls-protos\n",
  384             __func__, __FILE__, __LINE__);
  385         YYABORT;
  386     }
  387     if ($3)
  388         cfg->SELECTED_TLS_PROTOS = TLS_OPTION_PROTOS;
  389     else
  390         fprintf(stderr,
  391             "Warning: tls = off is deprecated and has no effect.\n");
  392 };
  393 
  394 SSL_REC: TOK_SSL '=' BOOL {
  395     if (cfg->SELECTED_TLS_PROTOS != 0) {
  396         fprintf(stderr, "%s (%s, line %d):"
  397             " It is illegal to specify ssl after ssl,"
  398             " tls or tls-protos.\n",
  399             __func__, __FILE__, __LINE__);
  400         YYABORT;
  401     }
  402     if ($3)
  403         cfg->SELECTED_TLS_PROTOS = SSL_OPTION_PROTOS;
  404     else
  405         fprintf(stderr,
  406             "Warning: ssl = off is deprecated and has no effect.\n");
  407 };
  408 
  409 TLS_PROTOS_REC: TOK_TLS_PROTOS {
  410     if (cfg->SELECTED_TLS_PROTOS != 0) {
  411         fprintf(stderr, "%s (%s, line %d):"
  412             " It is illegal to specify tls-protos after"
  413             " ssl, tls or tls-protos\n",
  414             __func__, __FILE__, __LINE__);
  415         YYABORT;
  416     }
  417 } '=' TLS_PROTOS_LIST;
  418 
  419 TLS_PROTOS_LIST: TLS_PROTO | TLS_PROTOS_LIST TLS_PROTO;
  420 TLS_PROTO
  421     : TOK_SSLv3 { cfg->SELECTED_TLS_PROTOS |= SSLv3_PROTO; }
  422     | TOK_TLSv1_0 { cfg->SELECTED_TLS_PROTOS |= TLSv1_0_PROTO; }
  423     | TOK_TLSv1_1 { cfg->SELECTED_TLS_PROTOS |= TLSv1_1_PROTO; }
  424     | TOK_TLSv1_2 { cfg->SELECTED_TLS_PROTOS |= TLSv1_2_PROTO; }
  425     | TOK_TLSv1_3 { cfg->SELECTED_TLS_PROTOS |= TLSv1_3_PROTO; };
  426 
  427 SSL_ENGINE_REC: TOK_SSL_ENGINE '=' STRING { if ($3) cfg->ENGINE = strdup($3); };
  428 
  429 PREFER_SERVER_CIPHERS_REC: TOK_PREFER_SERVER_CIPHERS '=' BOOL {
  430     cfg->PREFER_SERVER_CIPHERS = $3;
  431 };
  432 
  433 CHROOT_REC: TOK_CHROOT '=' STRING {
  434     /* XXX: passing an empty string for file */
  435     if ($3 && config_param_validate("chroot", $3, cfg, "",
  436         yyget_lineno()) != 0)
  437         YYABORT;
  438 };
  439 
  440 BACKEND_REC: TOK_BACKEND '=' STRING {
  441     /* XXX: passing an empty string for file */
  442     if ($3 && config_param_validate("backend", $3, cfg, "",
  443         yyget_lineno()) != 0)
  444         YYABORT;
  445 };
  446 
  447 PEM_FILE_REC
  448     : TOK_PEM_FILE '=' STRING {
  449         /* XXX: passing an empty string for file */
  450         if ($3 && config_param_validate("pem-file", $3, cfg, "",
  451             yyget_lineno()) != 0)
  452             YYABORT;
  453     }
  454     | TOK_PEM_FILE '=' '{' {
  455         /* NB: Mid-rule action */
  456         AZ(cur_pem);
  457         cur_pem = cfg_cert_file_new();
  458     }
  459     PEM_BLK '}' {
  460         if (cfg_cert_vfy(cur_pem) != 0) {
  461             if (cfg->CERT_DEFAULT != NULL) {
  462                 struct cfg_cert_file *tmp = cfg->CERT_DEFAULT;
  463                 cfg_cert_add(tmp, &cfg->CERT_FILES);
  464             }
  465             cfg->CERT_DEFAULT = cur_pem;
  466         } else {
  467             cfg_cert_file_free(&cur_pem);
  468             YYABORT;
  469         }
  470         cur_pem = NULL;
  471     };
  472 
  473 SYSLOG_REC: TOK_SYSLOG '=' BOOL { cfg->SYSLOG = $3; };
  474 DAEMON_REC: TOK_DAEMON '=' BOOL { cfg->DAEMONIZE = $3; };
  475 SNI_NOMATCH_ABORT_REC : TOK_SNI_NOMATCH_ABORT '=' BOOL {
  476     cfg->SNI_NOMATCH_ABORT = $3;
  477 };
  478 
  479 CIPHERS_REC: TOK_CIPHERS '=' STRING {
  480     if ($3) {
  481         free(cfg->CIPHERS_TLSv12);
  482         cfg->CIPHERS_TLSv12 = strdup($3);
  483     }
  484 };
  485 
  486 CIPHERSUITES_REC: TOK_CIPHERSUITES '=' STRING {
  487     if ($3) {
  488         free(cfg->CIPHERSUITES_TLSv13);
  489         cfg->CIPHERSUITES_TLSv13 = strdup($3);
  490     }
  491 };
  492 
  493 
  494 USER_REC: TOK_USER '=' STRING {
  495     /* XXX: passing an empty string for file */
  496     if ($3 && config_param_validate("user", $3, cfg, "",
  497         yyget_lineno()) != 0)
  498         YYABORT;
  499 };
  500 
  501 GROUP_REC: TOK_GROUP '=' STRING {
  502     /* XXX: passing an empty string for file */
  503     if ($3 && config_param_validate("group", $3, cfg, "",
  504         yyget_lineno()) != 0)
  505         YYABORT;
  506 };
  507 
  508 WRITE_IP_REC: TOK_WRITE_IP '=' BOOL { cfg->WRITE_IP_OCTET = $3; };
  509 
  510 WRITE_PROXY_REC: TOK_WRITE_PROXY '=' BOOL { cfg->WRITE_PROXY_LINE_V2 = $3; };
  511 
  512 WRITE_PROXY_V1_REC: TOK_WRITE_PROXY_V1 '=' BOOL {
  513     cfg->WRITE_PROXY_LINE_V1 = $3;
  514 };
  515 
  516 WRITE_PROXY_V2_REC: TOK_WRITE_PROXY_V2 '=' BOOL {
  517     cfg->WRITE_PROXY_LINE_V2 = $3;
  518 };
  519 
  520 PROXY_TLV_REC: TOK_PROXY_TLV '=' BOOL { cfg->PROXY_TLV = $3; };
  521 
  522 PROXY_TLV_REC: TOK_PROXY_AUTHORITY '=' BOOL { cfg->PROXY_AUTHORITY = $3; };
  523 
  524 PROXY_CCRT_REC: TOK_PROXY_CCERT '=' BOOL { cfg->PROXY_CLIENT_CERT = $3; };
  525 
  526 PROXY_PROXY_REC: TOK_PROXY_PROXY '=' BOOL { cfg->PROXY_PROXY_LINE = $3; };
  527 
  528 ALPN_PROTOS_REC: TOK_ALPN_PROTOS '=' STRING {
  529     /* XXX: passing an empty string for file */
  530     if ($3 && config_param_validate("alpn-protos", $3, cfg, "",
  531         yyget_lineno()) != 0)
  532         YYABORT;
  533 };
  534 
  535 SYSLOG_FACILITY_REC: TOK_SYSLOG_FACILITY '=' STRING {
  536     /* XXX: passing an empty string for file */
  537     if ($3 &&
  538         config_param_validate("syslog-facility", $3, cfg, "",
  539         yyget_lineno()) != 0)
  540         YYABORT;
  541 };
  542 
  543 SEND_BUFSIZE_REC: TOK_SEND_BUFSIZE '=' UINT { cfg->SEND_BUFSIZE = $3; };
  544 
  545 RECV_BUFSIZE_REC: TOK_RECV_BUFSIZE '=' UINT { cfg->RECV_BUFSIZE = $3; };
  546 
  547 LOG_FILENAME_REC: TOK_LOG_FILENAME '=' STRING {
  548     /* XXX: passing an empty string for file */
  549     if ($3 &&
  550         config_param_validate("log-filename", $3, cfg, "",
  551         yyget_lineno()) != 0)
  552         YYABORT;
  553 };
  554 
  555 LOG_LEVEL_REC: TOK_LOG_LEVEL '=' UINT { cfg->LOG_LEVEL = $3; };
  556 
  557 SESSION_CACHE_REC: TOK_SESSION_CACHE '=' UINT {
  558 #ifdef USE_SHARED_CACHE
  559     cfg->SHARED_CACHE = $3;
  560 #else
  561     fprintf(stderr, "Hitch needs to be compiled with --enable-sessioncache "
  562             "for '%s'", input_line);
  563     YYABORT;
  564 #endif
  565 };
  566 
  567 SHARED_CACHE_LISTEN_REC: TOK_SHARED_CACHE_LISTEN '=' STRING {
  568 #ifdef USE_SHARED_CACHE
  569     /* XXX: passing an empty string for file */
  570     if ($3 && config_param_validate("shared-cache-listen", $3, cfg,
  571         "", yyget_lineno()) != 0)
  572         YYABORT;
  573 #else
  574     fprintf(stderr, "Hitch needs to be compiled with --enable-sessioncache "
  575             "for '%s'", input_line);
  576     YYABORT;
  577 #endif
  578 };
  579 
  580 SHARED_CACHE_PEER_REC: TOK_SHARED_CACHE_PEER  '=' STRING {
  581 #ifdef USE_SHARED_CACHE
  582     /* XXX: passing an empty string for file */
  583     if ($3 && config_param_validate("shared-cache-peer", $3, cfg,
  584         "", yyget_lineno()) != 0)
  585         YYABORT;
  586 #else
  587     fprintf(stderr, "Hitch needs to be compiled with --enable-sessioncache "
  588             "for '%s'", input_line);
  589     YYABORT;
  590 #endif
  591 };
  592 
  593 SHARED_CACHE_IF_REC: TOK_SHARED_CACHE_IF '=' STRING {
  594 #ifdef USE_SHARED_CACHE
  595     /* XXX: passing an empty string for file */
  596     if ($3 && config_param_validate("shared-cache-if", $3, cfg,
  597         "", yyget_lineno()) != 0)
  598         YYABORT;
  599 #else
  600     fprintf(stderr, "Hitch needs to be compiled with --enable-sessioncache "
  601             "for '%s'", input_line);
  602     YYABORT;
  603 #endif
  604 };
  605 
  606 TFO: TOK_TFO '=' BOOL {
  607 #ifdef TCP_FASTOPEN_WORKS
  608     { cfg->TFO = $3; };
  609 #else
  610     fprintf(stderr, "Hitch needs to be compiled with --enable-tfo"
  611             "for '%s'", input_line);
  612     YYABORT;
  613 #endif
  614 };
  615 
  616 BACKEND_REFRESH_REC: TOK_BACKEND_REFRESH '=' UINT {
  617     cfg->BACKEND_REFRESH_TIME = $3;
  618 };
  619 
  620 ECDH_CURVE_REC: TOK_ECDH_CURVE '=' STRING {
  621     if ($3) {
  622         free(cfg->ECDH_CURVE);
  623         cfg->ECDH_CURVE = strdup($3);
  624     }
  625 };
  626 
  627 CLIENT_VERIFY_REC: TOK_CLIENT_VERIFY '=' CLIENT_VERIFY_OPT;
  628 
  629 CLIENT_VERIFY_OPT
  630     : TOK_VERIFY_NONE {
  631         if (cur_fa)
  632             cur_fa->client_verify = SSL_VERIFY_NONE;
  633         else
  634             cfg->CLIENT_VERIFY = SSL_VERIFY_NONE;
  635     }
  636     | TOK_VERIFY_OPT {
  637         if (cur_fa)
  638             cur_fa->client_verify = SSL_VERIFY_PEER;
  639         else
  640             cfg->CLIENT_VERIFY = SSL_VERIFY_PEER;
  641     }
  642     | TOK_VERIFY_REQ {
  643         if (cur_fa)
  644             cur_fa->client_verify =
  645                 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
  646         else
  647             cfg->CLIENT_VERIFY =
  648                 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
  649     };
  650 
  651 CLIENT_VERIFY_CA_REC: TOK_CLIENT_VERIFY_CA '=' STRING {
  652     free(cfg->CLIENT_VERIFY_CA);
  653     cfg->CLIENT_VERIFY_CA = strdup($3);
  654 };
  655 
  656 %%
  657 
  658 void
  659 yyerror(hitch_config *cfg, const char *s)
  660 {
  661     (void) cfg;
  662 
  663     /* Clean up if FRONTEND_BLK parsing failed */
  664     if (cur_fa != NULL)
  665         FREE_OBJ(cur_fa);
  666 
  667     config_error_set("Parsing error in line %d: %s: '%s'",
  668         yyget_lineno(), s, strlen(input_line) > 0 ? input_line : "");
  669 }