diff --git a/.gitignore b/.gitignore index c1e2649db..7688fd758 100644 --- a/.gitignore +++ b/.gitignore @@ -37,6 +37,7 @@ /petal /pktview /streamtcp +/unbound-dnstap-socket /testbound /unittest /contrib/libunbound.pc diff --git a/Makefile.in b/Makefile.in index a20058cc2..4373dd66a 100644 --- a/Makefile.in +++ b/Makefile.in @@ -77,7 +77,7 @@ LINT=splint LINTFLAGS=+quiet -weak -warnposix -unrecog -Din_addr_t=uint32_t -Du_int=unsigned -Du_char=uint8_t -preproc -Drlimit=rlimit64 -D__gnuc_va_list=va_list -formatcode #-Dglob64=glob -Dglobfree64=globfree # compat with openssl linux edition. -LINTFLAGS+="-DBN_ULONG=unsigned long" -Dkrb5_int32=int "-Dkrb5_ui_4=unsigned int" -DPQ_64BIT=uint64_t -DRC4_INT=unsigned -fixedformalarray -D"ENGINE=unsigned" -D"RSA=unsigned" -D"DSA=unsigned" -D"EVP_PKEY=unsigned" -D"EVP_MD=unsigned" -D"SSL=unsigned" -D"SSL_CTX=unsigned" -D"X509=unsigned" -D"RC4_KEY=unsigned" -D"EVP_MD_CTX=unsigned" -D"ECDSA_SIG=DSA_SIG" -Dfstrm_res=int +LINTFLAGS+="-DBN_ULONG=unsigned long" -Dkrb5_int32=int "-Dkrb5_ui_4=unsigned int" -DPQ_64BIT=uint64_t -DRC4_INT=unsigned -fixedformalarray -D"ENGINE=unsigned" -D"RSA=unsigned" -D"DSA=unsigned" -D"EVP_PKEY=unsigned" -D"EVP_MD=unsigned" -D"SSL=unsigned" -D"SSL_CTX=unsigned" -D"X509=unsigned" -D"RC4_KEY=unsigned" -D"EVP_MD_CTX=unsigned" -D"ECDSA_SIG=DSA_SIG" # compat with NetBSD LINTFLAGS+=@NETBSD_LINTFLAGS@ # compat with OpenBSD @@ -219,7 +219,7 @@ MEMSTATS_OBJ_LINK=$(MEMSTATS_OBJ) worker_cb.lo $(COMMON_OBJ) $(COMPAT_OBJ) \ $(SLDNS_OBJ) ASYNCLOOK_SRC=testcode/asynclook.c ASYNCLOOK_OBJ=asynclook.lo -ASYNCLOOK_OBJ_LINK=$(ASYNCLOOK_OBJ) log.lo locks.lo $(COMPAT_OBJ) @ASYNCLOOK_ALLOCCHECK_EXTRA_OBJ@ +ASYNCLOOK_OBJ_LINK=$(ASYNCLOOK_OBJ) log.lo locks.lo $(CHECKLOCK_OBJ) $(COMPAT_OBJ) @ASYNCLOOK_ALLOCCHECK_EXTRA_OBJ@ STREAMTCP_SRC=testcode/streamtcp.c STREAMTCP_OBJ=streamtcp.lo STREAMTCP_OBJ_LINK=$(STREAMTCP_OBJ) worker_cb.lo $(COMMON_OBJ) $(COMPAT_OBJ) \ @@ -233,6 +233,10 @@ DELAYER_OBJ_LINK=$(DELAYER_OBJ) worker_cb.lo $(COMMON_OBJ) $(COMPAT_OBJ) \ $(SLDNS_OBJ) IPSET_SRC=@IPSET_SRC@ IPSET_OBJ=@IPSET_OBJ@ +DNSTAP_SOCKET_SRC=dnstap/unbound-dnstap-socket.c +DNSTAP_SOCKET_OBJ=unbound-dnstap-socket.lo +DNSTAP_SOCKET_OBJ_LINK=$(DNSTAP_SOCKET_OBJ) $(COMMON_OBJ) \ +$(COMPAT_OBJ) $(SLDNS_OBJ) LIBUNBOUND_SRC=libunbound/context.c libunbound/libunbound.c \ libunbound/libworker.c LIBUNBOUND_OBJ=context.lo libunbound.lo libworker.lo ub_event_pluggable.lo @@ -259,7 +263,7 @@ ALL_SRC=$(COMMON_SRC) $(UNITTEST_SRC) $(DAEMON_SRC) \ $(TESTBOUND_SRC) $(LOCKVERIFY_SRC) $(PKTVIEW_SRC) \ $(MEMSTATS_SRC) $(CHECKCONF_SRC) $(LIBUNBOUND_SRC) $(HOST_SRC) \ $(ASYNCLOOK_SRC) $(STREAMTCP_SRC) $(PERF_SRC) $(DELAYER_SRC) \ - $(CONTROL_SRC) $(UBANCHOR_SRC) $(PETAL_SRC) \ + $(CONTROL_SRC) $(UBANCHOR_SRC) $(PETAL_SRC) $(DNSTAP_SOCKET_SRC)\ $(PYTHONMOD_SRC) $(PYUNBOUND_SRC) $(WIN_DAEMON_THE_SRC) \ $(SVCINST_SRC) $(SVCUNINST_SRC) $(ANCHORUPD_SRC) $(SLDNS_SRC) @@ -267,7 +271,7 @@ ALL_OBJ=$(COMMON_OBJ) $(UNITTEST_OBJ) $(DAEMON_OBJ) \ $(TESTBOUND_OBJ) $(LOCKVERIFY_OBJ) $(PKTVIEW_OBJ) \ $(MEMSTATS_OBJ) $(CHECKCONF_OBJ) $(LIBUNBOUND_OBJ) $(HOST_OBJ) \ $(ASYNCLOOK_OBJ) $(STREAMTCP_OBJ) $(PERF_OBJ) $(DELAYER_OBJ) \ - $(CONTROL_OBJ) $(UBANCHOR_OBJ) $(PETAL_OBJ) \ + $(CONTROL_OBJ) $(UBANCHOR_OBJ) $(PETAL_OBJ) $(DNSTAP_SOCKET_OBJ)\ $(COMPAT_OBJ) $(PYUNBOUND_OBJ) \ $(SVCINST_OBJ) $(SVCUNINST_OBJ) $(ANCHORUPD_OBJ) $(SLDNS_OBJ) @@ -306,6 +310,7 @@ rsrc_unbound_checkconf.o: $(srcdir)/winrc/rsrc_unbound_checkconf.rc config.h TEST_BIN=asynclook$(EXEEXT) delayer$(EXEEXT) \ lock-verify$(EXEEXT) memstats$(EXEEXT) perf$(EXEEXT) \ petal$(EXEEXT) pktview$(EXEEXT) streamtcp$(EXEEXT) \ + unbound-dnstap-socket$(EXEEXT) \ testbound$(EXEEXT) unittest$(EXEEXT) tests: all $(TEST_BIN) @@ -401,7 +406,13 @@ dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h: $(srcdir)/dnstap/dnstap.proto @-if test ! -d dnstap; then $(INSTALL) -d dnstap; fi $(PROTOC_C) --c_out=. --proto_path=$(srcdir) $(srcdir)/dnstap/dnstap.proto +unbound-dnstap-socket$(EXEEXT): $(DNSTAP_SOCKET_OBJ_LINK) + $(LINK) -o $@ $(DNSTAP_SOCKET_OBJ_LINK) $(SSLLIB) $(LIBS) + dnstap.pb-c.lo dnstap.pb-c.o: dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h +dtstream.lo dtstream.o: $(srcdir)/dnstap/dtstream.c config.h $(srcdir)/dnstap/dtstream.h +dnstap_fstrm.lo dnstap_fstrm.o: $(srcdir)/dnstap/dnstap_fstrm.c config.h $(srcdir)/dnstap/dnstap_fstrm.h +unbound-dnstap-socket.lo unbound-dnstap-socket.o: $(srcdir)/dnstap/unbound-dnstap-socket.c config.h $(srcdir)/dnstap/dtstream.h # dnscrypt dnscrypt.lo dnscrypt.o: $(srcdir)/dnscrypt/dnscrypt.c config.h \ diff --git a/configure b/configure index bdec1f002..87f9799ae 100755 --- a/configure +++ b/configure @@ -649,6 +649,7 @@ ENABLE_DNSCRYPT ENABLE_DNSCRYPT_XCHACHA20 DNSTAP_OBJ DNSTAP_SRC +DNSTAP_SOCKET_PATH opt_dnstap_socket_path ENABLE_DNSTAP PROTOC_C @@ -883,7 +884,6 @@ enable_allsymbols enable_dnstap with_dnstap_socket_path with_protobuf_c -with_libfstrm enable_dnscrypt with_libsodium enable_cachedb @@ -1572,7 +1572,7 @@ Optional Features: --enable-allsymbols export all symbols from libunbound and link binaries to it, smaller install size but libunbound export table is polluted by internal symbols - --enable-dnstap Enable dnstap support (requires fstrm, protobuf-c) + --enable-dnstap Enable dnstap support (requires protobuf-c) --enable-dnscrypt Enable dnscrypt support (requires libsodium) --enable-cachedb enable cachedb module that can use external cache storage @@ -1634,7 +1634,6 @@ Optional Packages: --with-dnstap-socket-path=pathname set default dnstap socket path --with-protobuf-c=path Path where protobuf-c is installed, for dnstap - --with-libfstrm=path Path where libfstrm is installed, for dnstap --with-libsodium=path Path where libsodium is installed, for dnscrypt --with-libmnl=path specify explicit path for libmnl. --with-libunbound-only do not build daemon and tool programs @@ -20968,73 +20967,6 @@ else fi - -# Check whether --with-libfstrm was given. -if test "${with_libfstrm+set}" = set; then : - withval=$with_libfstrm; - CFLAGS="$CFLAGS -I$withval/include" - LDFLAGS="$LDFLAGS -L$withval/lib" - -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing fstrm_iothr_init" >&5 -$as_echo_n "checking for library containing fstrm_iothr_init... " >&6; } -if ${ac_cv_search_fstrm_iothr_init+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char fstrm_iothr_init (); -int -main () -{ -return fstrm_iothr_init (); - ; - return 0; -} -_ACEOF -for ac_lib in '' fstrm; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_fstrm_iothr_init=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_fstrm_iothr_init+:} false; then : - break -fi -done -if ${ac_cv_search_fstrm_iothr_init+:} false; then : - -else - ac_cv_search_fstrm_iothr_init=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_fstrm_iothr_init" >&5 -$as_echo "$ac_cv_search_fstrm_iothr_init" >&6; } -ac_res=$ac_cv_search_fstrm_iothr_init -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -else - as_fn_error $? "The fstrm library was not found. Please install fstrm!" "$LINENO" 5 -fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing protobuf_c_message_pack" >&5 $as_echo_n "checking for library containing protobuf_c_message_pack... " >&6; } if ${ac_cv_search_protobuf_c_message_pack+:} false; then : @@ -21108,10 +21040,12 @@ cat >>confdefs.h <<_ACEOF #define DNSTAP_SOCKET_PATH "$hdr_dnstap_socket_path" _ACEOF + DNSTAP_SOCKET_PATH="$hdr_dnstap_socket_path" - DNSTAP_SRC="dnstap/dnstap.c dnstap/dnstap.pb-c.c" - DNSTAP_OBJ="dnstap.lo dnstap.pb-c.lo" + DNSTAP_SRC="dnstap/dnstap.c dnstap/dnstap.pb-c.c dnstap/dnstap_fstrm.c dnstap/dtstream.c" + + DNSTAP_OBJ="dnstap.lo dnstap.pb-c.lo dnstap_fstrm.lo dtstream.lo" else diff --git a/configure.ac b/configure.ac index 3e00c999c..187966bf7 100644 --- a/configure.ac +++ b/configure.ac @@ -1688,9 +1688,10 @@ dt_DNSTAP([$UNBOUND_RUN_DIR/dnstap.sock], ACX_ESCAPE_BACKSLASH($opt_dnstap_socket_path, hdr_dnstap_socket_path) AC_DEFINE_UNQUOTED(DNSTAP_SOCKET_PATH, ["$hdr_dnstap_socket_path"], [default dnstap socket path]) + AC_SUBST(DNSTAP_SOCKET_PATH,["$hdr_dnstap_socket_path"]) - AC_SUBST([DNSTAP_SRC], ["dnstap/dnstap.c dnstap/dnstap.pb-c.c"]) - AC_SUBST([DNSTAP_OBJ], ["dnstap.lo dnstap.pb-c.lo"]) + AC_SUBST([DNSTAP_SRC], ["dnstap/dnstap.c dnstap/dnstap.pb-c.c dnstap/dnstap_fstrm.c dnstap/dtstream.c"]) + AC_SUBST([DNSTAP_OBJ], ["dnstap.lo dnstap.pb-c.lo dnstap_fstrm.lo dtstream.lo"]) ], [ AC_SUBST([ENABLE_DNSTAP], [0]) diff --git a/daemon/daemon.c b/daemon/daemon.c index 8b0fc3483..1e1dfd002 100644 --- a/daemon/daemon.c +++ b/daemon/daemon.c @@ -451,11 +451,9 @@ daemon_create_workers(struct daemon* daemon) fatal_exit("out of memory during daemon init"); if(daemon->cfg->dnstap) { #ifdef USE_DNSTAP - daemon->dtenv = dt_create(daemon->cfg->dnstap_socket_path, - (unsigned int)daemon->num); + daemon->dtenv = dt_create(daemon->cfg); if (!daemon->dtenv) fatal_exit("dt_create failed"); - dt_apply_cfg(daemon->dtenv, daemon->cfg); #else fatal_exit("dnstap enabled in config but not built with dnstap support"); #endif diff --git a/daemon/worker.c b/daemon/worker.c index eb7fdf2f5..cec6bcd66 100644 --- a/daemon/worker.c +++ b/daemon/worker.c @@ -79,6 +79,7 @@ #include "sldns/wire2str.h" #include "util/shm_side/shm_main.h" #include "dnscrypt/dnscrypt.h" +#include "dnstap/dtstream.h" #ifdef HAVE_SYS_TYPES_H # include @@ -1914,6 +1915,20 @@ worker_init(struct worker* worker, struct config_file *cfg, ) { auth_xfer_pickup_initial(worker->env.auth_zones, &worker->env); } +#ifdef USE_DNSTAP + if(worker->daemon->cfg->dnstap +#ifndef THREADS_DISABLED + && worker->thread_num == 0 +#endif + ) { + if(!dt_io_thread_start(dtenv->dtio, comm_base_internal( + worker->base), worker->daemon->num)) { + log_err("could not start dnstap io thread"); + worker_delete(worker); + return 0; + } + } +#endif /* USE_DNSTAP */ if(!worker->env.mesh || !worker->env.scratch_buffer) { worker_delete(worker); return 0; @@ -1961,6 +1976,16 @@ worker_delete(struct worker* worker) wsvc_desetup_worker(worker); #endif /* UB_ON_WINDOWS */ } +#ifdef USE_DNSTAP + if(worker->daemon->cfg->dnstap +#ifndef THREADS_DISABLED + && worker->thread_num == 0 +#endif + ) { + dt_io_thread_stop(worker->dtenv.dtio); + } + dt_deinit(&worker->dtenv); +#endif /* USE_DNSTAP */ comm_base_delete(worker->base); ub_randfree(worker->rndstate); alloc_clear(&worker->alloc); @@ -2099,3 +2124,18 @@ int codeline_cmp(const void* ATTR_UNUSED(a), const void* ATTR_UNUSED(b)) return 0; } +#ifdef USE_DNSTAP +void dtio_tap_callback(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev), + void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} +#endif + +#ifdef USE_DNSTAP +void dtio_mainfdcallback(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev), + void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} +#endif diff --git a/dnstap/dnstap.c b/dnstap/dnstap.c index aabf8eec9..cc5449dff 100644 --- a/dnstap/dnstap.c +++ b/dnstap/dnstap.c @@ -49,13 +49,12 @@ #include "util/netevent.h" #include "util/log.h" -#include #include #include "dnstap/dnstap.h" +#include "dnstap/dtstream.h" #include "dnstap/dnstap.pb-c.h" -#define DNSTAP_CONTENT_TYPE "protobuf:dnstap.Dnstap" #define DNSTAP_INITIAL_BUF_SIZE 256 struct dt_msg { @@ -90,13 +89,7 @@ dt_pack(const Dnstap__Dnstap *d, void **buf, size_t *sz) static void dt_send(const struct dt_env *env, void *buf, size_t len_buf) { - fstrm_res res; - if (!buf) - return; - res = fstrm_iothr_submit(env->iothr, env->ioq, buf, len_buf, - fstrm_free_wrapper, NULL); - if (res != fstrm_res_success) - free(buf); + dt_msg_queue_submit(env->msgqueue, buf, len_buf); } static void @@ -135,56 +128,33 @@ check_socket_file(const char* socket_path) } struct dt_env * -dt_create(const char *socket_path, unsigned num_workers) +dt_create(struct config_file* cfg) { -#ifdef UNBOUND_DEBUG - fstrm_res res; -#endif struct dt_env *env; - struct fstrm_iothr_options *fopt; - struct fstrm_unix_writer_options *fuwopt; - struct fstrm_writer *fw; - struct fstrm_writer_options *fwopt; - verbose(VERB_OPS, "attempting to connect to dnstap socket %s", - socket_path); - log_assert(socket_path != NULL); - log_assert(num_workers > 0); - check_socket_file(socket_path); + if(cfg->dnstap && cfg->dnstap_socket_path && cfg->dnstap_socket_path[0] && + (cfg->dnstap_ip==NULL || cfg->dnstap_ip[0]==0)) { + verbose(VERB_OPS, "attempting to connect to dnstap socket %s", + cfg->dnstap_socket_path); + check_socket_file(cfg->dnstap_socket_path); + } env = (struct dt_env *) calloc(1, sizeof(struct dt_env)); if (!env) return NULL; - fwopt = fstrm_writer_options_init(); -#ifdef UNBOUND_DEBUG - res = -#else - (void) -#endif - fstrm_writer_options_add_content_type(fwopt, - DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1); - log_assert(res == fstrm_res_success); - - fuwopt = fstrm_unix_writer_options_init(); - fstrm_unix_writer_options_set_socket_path(fuwopt, socket_path); - - fw = fstrm_unix_writer_init(fuwopt, fwopt); - log_assert(fw != NULL); - - fopt = fstrm_iothr_options_init(); - fstrm_iothr_options_set_num_input_queues(fopt, num_workers); - env->iothr = fstrm_iothr_init(fopt, &fw); - if (env->iothr == NULL) { - verbose(VERB_DETAIL, "dt_create: fstrm_iothr_init() failed"); - fstrm_writer_destroy(&fw); + env->dtio = dt_io_thread_create(); + if(!env->dtio) { + log_err("malloc failure"); free(env); - env = NULL; + return NULL; } - fstrm_iothr_options_destroy(&fopt); - fstrm_unix_writer_options_destroy(&fuwopt); - fstrm_writer_options_destroy(&fwopt); - + if(!dt_io_thread_apply_cfg(env->dtio, cfg)) { + dt_io_thread_delete(env->dtio); + free(env); + return NULL; + } + dt_apply_cfg(env, cfg); return env; } @@ -272,19 +242,33 @@ dt_apply_cfg(struct dt_env *env, struct config_file *cfg) int dt_init(struct dt_env *env) { - env->ioq = fstrm_iothr_get_input_queue(env->iothr); - if (env->ioq == NULL) + env->msgqueue = dt_msg_queue_create(); + if(!env->msgqueue) { + log_err("malloc failure"); return 0; + } + if(!dt_io_thread_register_queue(env->dtio, env->msgqueue)) { + log_err("malloc failure"); + dt_msg_queue_delete(env->msgqueue); + env->msgqueue = NULL; + return 0; + } return 1; } +void +dt_deinit(struct dt_env* env) +{ + dt_io_thread_unregister_queue(env->dtio, env->msgqueue); + dt_msg_queue_delete(env->msgqueue); +} + void dt_delete(struct dt_env *env) { if (!env) return; - verbose(VERB_OPS, "closing dnstap socket"); - fstrm_iothr_destroy(&env->iothr); + dt_io_thread_delete(env->dtio); free(env->identity); free(env->version); free(env); diff --git a/dnstap/dnstap.h b/dnstap/dnstap.h index 0103c1c0e..cfef6fc42 100644 --- a/dnstap/dnstap.h +++ b/dnstap/dnstap.h @@ -40,16 +40,16 @@ #ifdef USE_DNSTAP struct config_file; -struct fstrm_io; -struct fstrm_queue; struct sldns_buffer; +struct dt_msg_queue; struct dt_env { - /** dnstap I/O thread */ - struct fstrm_iothr *iothr; + /** the io thread (made by the struct daemon) */ + struct dt_io_thread* dtio; - /** dnstap I/O thread input queue */ - struct fstrm_iothr_queue *ioq; + /** valid in worker struct, not in daemon struct, the per-worker + * message list */ + struct dt_msg_queue* msgqueue; /** dnstap "identity" field, NULL if disabled */ char *identity; @@ -84,12 +84,11 @@ struct dt_env { * of the structure) to ensure lock-free access to its own per-worker circular * queue. Duplicate the environment object if more than one worker needs to * share access to the dnstap I/O socket. - * @param socket_path: path to dnstap logging socket, must be non-NULL. - * @param num_workers: number of worker threads, must be > 0. + * @param cfg: with config settings. * @return dt_env object, NULL on failure. */ struct dt_env * -dt_create(const char *socket_path, unsigned num_workers); +dt_create(struct config_file* cfg); /** * Apply config settings. @@ -107,6 +106,11 @@ dt_apply_cfg(struct dt_env *env, struct config_file *cfg); int dt_init(struct dt_env *env); +/** + * Deletes the per-worker state created by dt_init + */ +void dt_deinit(struct dt_env *env); + /** * Delete dnstap environment object. Closes dnstap I/O socket and deletes all * per-worker I/O queues. diff --git a/dnstap/dnstap.m4 b/dnstap/dnstap.m4 index 5b78b3e26..ba723e0be 100644 --- a/dnstap/dnstap.m4 +++ b/dnstap/dnstap.m4 @@ -7,7 +7,7 @@ AC_DEFUN([dt_DNSTAP], [ AC_ARG_ENABLE([dnstap], AS_HELP_STRING([--enable-dnstap], - [Enable dnstap support (requires fstrm, protobuf-c)]), + [Enable dnstap support (requires protobuf-c)]), [opt_dnstap=$enableval], [opt_dnstap=no]) AC_ARG_WITH([dnstap-socket-path], @@ -40,13 +40,6 @@ AC_DEFUN([dt_DNSTAP], fi fi ]) - AC_ARG_WITH([libfstrm], AC_HELP_STRING([--with-libfstrm=path], - [Path where libfstrm is installed, for dnstap]), [ - CFLAGS="$CFLAGS -I$withval/include" - LDFLAGS="$LDFLAGS -L$withval/lib" - ]) - AC_SEARCH_LIBS([fstrm_iothr_init], [fstrm], [], - AC_MSG_ERROR([The fstrm library was not found. Please install fstrm!])) AC_SEARCH_LIBS([protobuf_c_message_pack], [protobuf-c], [], AC_MSG_ERROR([The protobuf-c library was not found. Please install protobuf-c!])) $2 diff --git a/dnstap/dnstap_fstrm.c b/dnstap/dnstap_fstrm.c new file mode 100644 index 000000000..cce16e2e4 --- /dev/null +++ b/dnstap/dnstap_fstrm.c @@ -0,0 +1,208 @@ +/* + * dnstap/dnstap_fstrm.c - Frame Streams protocol for dnstap + * + * Copyright (c) 2020, NLnet Labs. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +/** + * \file + * + * Definitions for the Frame Streams data transport protocol for + * dnstap message logs. + */ + +#include "config.h" +#include "dnstap/dnstap_fstrm.h" +#include "sldns/sbuffer.h" +#include "sldns/wire2str.h" + +void* fstrm_create_control_frame_start(char* contenttype, size_t* len) +{ + uint32_t* control; + size_t n; + /* start framestream message: + * 4byte 0: control indicator. + * 4byte bigendian: length of control frame + * 4byte bigendian: type START + * 4byte bigendian: option: content-type + * 4byte bigendian: length of string + * string of content type (dnstap) + */ + n = 4+4+4+4+4+strlen(contenttype); + control = malloc(n); + if(!control) + return NULL; + control[0] = 0; + control[1] = htonl(4+4+4+strlen(contenttype)); + control[2] = htonl(FSTRM_CONTROL_FRAME_START); + control[3] = htonl(FSTRM_CONTROL_FIELD_TYPE_CONTENT_TYPE); + control[4] = htonl(strlen(contenttype)); + memmove(&control[5], contenttype, strlen(contenttype)); + *len = n; + return control; +} + +void* fstrm_create_control_frame_stop(size_t* len) +{ + uint32_t* control; + size_t n; + /* stop framestream message: + * 4byte 0: control indicator. + * 4byte bigendian: length of control frame + * 4byte bigendian: type STOP + */ + n = 4+4+4; + control = malloc(n); + if(!control) + return NULL; + control[0] = 0; + control[1] = htonl(4); + control[2] = htonl(FSTRM_CONTROL_FRAME_STOP); + *len = n; + return control; +} + +void* fstrm_create_control_frame_accept(char* contenttype, size_t* len) +{ + uint32_t* control; + size_t n; + /* control frame on reply: + * 4 bytes 0 escape + * 4 bytes bigendian length of frame + * 4 bytes bigendian type ACCEPT + * 4 bytes bigendian frame option content type + * 4 bytes bigendian length of string + * string of content type. + */ + /* len includes the escape and framelength */ + n = 4+4+4+4+4+strlen(contenttype); + control = malloc(n); + if(!control) { + return NULL; + } + control[0] = 0; + control[1] = htonl(4+4+4+strlen(contenttype)); + control[2] = htonl(FSTRM_CONTROL_FRAME_ACCEPT); + control[3] = htonl(FSTRM_CONTROL_FIELD_TYPE_CONTENT_TYPE); + control[4] = htonl(strlen(contenttype)); + memmove(&control[5], contenttype, strlen(contenttype)); + *len = n; + return control; +} + +void* fstrm_create_control_frame_finish(size_t* len) +{ + uint32_t* control; + size_t n; + /* control frame on reply: + * 4 bytes 0 escape + * 4 bytes bigendian length of frame + * 4 bytes bigendian type FINISH + */ + /* len includes the escape and framelength */ + n = 4+4+4; + control = malloc(n); + if(!control) { + return NULL; + } + control[0] = 0; + control[1] = htonl(4); + control[2] = htonl(FSTRM_CONTROL_FRAME_FINISH); + *len = n; + return control; +} + +char* fstrm_describe_control(void* pkt, size_t len) +{ + uint32_t frametype = 0; + char buf[512]; + char* str = buf; + size_t remain, slen = sizeof(buf); + uint8_t* pos; + + buf[0]=0; + if(len < 4) { + snprintf(buf, sizeof(buf), "malformed control frame, " + "too short, len=%u", (unsigned int)len); + return strdup(buf); + } + frametype = sldns_read_uint32(pkt); + if(frametype == FSTRM_CONTROL_FRAME_ACCEPT) { + (void)sldns_str_print(&str, &slen, "accept"); + } else if(frametype == FSTRM_CONTROL_FRAME_START) { + (void)sldns_str_print(&str, &slen, "start"); + } else if(frametype == FSTRM_CONTROL_FRAME_STOP) { + (void)sldns_str_print(&str, &slen, "stop"); + } else if(frametype == FSTRM_CONTROL_FRAME_READY) { + (void)sldns_str_print(&str, &slen, "ready"); + } else if(frametype == FSTRM_CONTROL_FRAME_FINISH) { + (void)sldns_str_print(&str, &slen, "finish"); + } else { + (void)sldns_str_print(&str, &slen, "type%d", (int)frametype); + } + + /* show the content type options */ + pos = pkt + 4; + remain = len - 4; + while(remain >= 8) { + uint32_t field_type = sldns_read_uint32(pos); + uint32_t field_len = sldns_read_uint32(pos+4); + if(remain < field_len) { + (void)sldns_str_print(&str, &slen, "malformed_field"); + break; + } + if(field_type == FSTRM_CONTROL_FIELD_TYPE_CONTENT_TYPE) { + char tempf[512]; + (void)sldns_str_print(&str, &slen, " content-type("); + if(field_len < sizeof(tempf)-1) { + memmove(tempf, pos+8, field_len); + tempf[field_len] = 0; + (void)sldns_str_print(&str, &slen, "%s", tempf); + } else { + (void)sldns_str_print(&str, &slen, ""); + } + (void)sldns_str_print(&str, &slen, ")"); + } else { + (void)sldns_str_print(&str, &slen, + " field(type %u, length %u)", + (unsigned int)field_type, + (unsigned int)field_len); + } + pos += 8 + field_len; + remain -= (8 + field_len); + } + if(remain > 0) + (void)sldns_str_print(&str, &slen, " trailing-bytes" + "(length %u)", (unsigned int)remain); + return strdup(buf); +} diff --git a/dnstap/dnstap_fstrm.h b/dnstap/dnstap_fstrm.h new file mode 100644 index 000000000..f0cf93628 --- /dev/null +++ b/dnstap/dnstap_fstrm.h @@ -0,0 +1,179 @@ +/* + * dnstap/dnstap_fstrm.h - Frame Streams protocol for dnstap + * + * Copyright (c) 2020, NLnet Labs. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +/** + * \file + * + * Definitions for the Frame Streams data transport protocol for + * dnstap message logs. + */ + +#ifndef DNSTAP_FSTRM_H +#define DNSTAP_FSTRM_H + +/* Frame Streams data transfer protocol encode for DNSTAP messages. + * The protocol looks to be specified in the libfstrm library. + * + * Quick writeup for DNSTAP usage, from reading fstrm/control.h eloquent + * comments and fstrm/control.c for some bytesize details (the content type + * length). + * + * The Frame Streams can be unidirectional or bi-directional. + * bi-directional streams use control frame types READY, ACCEPT and FINISH. + * uni-directional streams use control frame types START and STOP. + * unknown control frame types should be ignored by the receiver, they + * do not change the data frame encoding. + * + * bi-directional control frames implement a simple handshake protocol + * between sender and receiver. + * + * The uni-directional control frames have one start and one stop frame, + * before and after the data. The start frame can have a content type. + * The start and stop frames are not optional. + * + * data frames are preceded by 4byte length, bigendian. + * zero length data frames are not possible, they are an escape that + * signals the presence of a control frame. + * + * a control frame consists of 0 value in 4byte bigendian, this is really + * the data frame length, with 0 the escape sequence that indicates one + * control frame follows. + * Then, 4byte bigendian, length of the control frame message. + * Then, the control frame payload (of that length). with in it: + * 4byte bigendian, control type (eg. START, STOP, READY, ACCEPT, FINISH). + * perhaps nothing more (STOP, FINISH), but for other types maybe + * control fields + * 4byte bigendian, the control-field-type, currently only content-type. + * 4byte bigendian, length of the string for this option. + * .. bytes of that string. + * + * The START type can have only one field. Field max len 256. + * control frame max frame length 512 (excludes the 0-escape and control + * frame length bytes). + * + * the bidirectional type of transmission is like this: + * client sends READY (with content type included), + * client waits for ACCEPT (with content type included), + * client sends START (with matched content type from ACCEPT) + * .. data frames + * client sends STOP. + * client waits for FINISH frame. + * + */ + +/** max length of Frame Streams content type field string */ +#define FSTRM_CONTENT_TYPE_LENGTH_MAX 256 +/** control frame value to denote the control frame ACCEPT */ +#define FSTRM_CONTROL_FRAME_ACCEPT 0x01 +/** control frame value to denote the control frame START */ +#define FSTRM_CONTROL_FRAME_START 0x02 +/** control frame value to denote the control frame STOP */ +#define FSTRM_CONTROL_FRAME_STOP 0x03 +/** control frame value to denote the control frame READY */ +#define FSTRM_CONTROL_FRAME_READY 0x04 +/** control frame value to denote the control frame FINISH */ +#define FSTRM_CONTROL_FRAME_FINISH 0x05 +/** the constant that denotes the control field type that is the + * string for the content type of the stream. */ +#define FSTRM_CONTROL_FIELD_TYPE_CONTENT_TYPE 0x01 +/** the content type for DNSTAP frame streams */ +#define DNSTAP_CONTENT_TYPE "protobuf:dnstap.Dnstap" + +/** + * This creates an FSTRM control frame of type START. + * @param contenttype: a zero delimited string with the content type. + * eg. use the constant DNSTAP_CONTENT_TYPE, which is defined as + * "protobuf:dnstap.Dnstap", for a dnstap frame stream. + * @param len: if a buffer is returned this is the length of that buffer. + * @return NULL on malloc failure. Returns a malloced buffer with the + * protocol message. The buffer starts with the 4 bytes of 0 that indicate + * a control frame. The buffer should be sent without preceding it with + * the 'len' variable (like data frames are), but straight the content of the + * buffer, because the lengths are included in the buffer. This is so that + * the zero control indicator can be included before the control frame length. + */ +void* fstrm_create_control_frame_start(char* contenttype, size_t* len); + +/** + * This creates an FSTRM control frame of type STOP. + * @param len: if a buffer is returned this is the length of that buffer. + * @return NULL on malloc failure. Returns a malloced buffer with the + * protocol message. The buffer starts with the 4 bytes of 0 that indicate + * a control frame. The buffer should be sent without preceding it with + * the 'len' variable (like data frames are), but straight the content of the + * buffer, because the lengths are included in the buffer. This is so that + * the zero control indicator can be included before the control frame length. + */ +void* fstrm_create_control_frame_stop(size_t* len); + +/** + * This creates an FSTRM control frame of type ACCEPT. + * @param contenttype: a zero delimited string with the content type. + * for dnstap streams use DNSTAP_CONTENT_TYPE. + * @param len: if a buffer is returned this is the length of that buffer. + * @return NULL on malloc failure. Returns a malloced buffer with the + * protocol message. The buffer starts with the 4 bytes of 0 that indicate + * a control frame. The buffer should be sent without preceding it with + * the 'len' variable (like data frames are), but straight the content of the + * buffer, because the lengths are included in the buffer. This is so that + * the zero control indicator can be included before the control frame length. + */ +void* fstrm_create_control_frame_accept(char* contenttype, size_t* len); + +/** + * This creates an FSTRM control frame of type FINISH. + * @param len: if a buffer is returned this is the length of that buffer. + * @return NULL on malloc failure. Returns a malloced buffer with the + * protocol message. The buffer starts with the 4 bytes of 0 that indicate + * a control frame. The buffer should be sent without preceding it with + * the 'len' variable (like data frames are), but straight the content of the + * buffer, because the lengths are included in the buffer. This is so that + * the zero control indicator can be included before the control frame length. + */ +void* fstrm_create_control_frame_finish(size_t* len); + +/** + * Return string that describes a control packet. For debug, logs. + * Like 'start content-type(protobuf:dnstap.Dnstap)' or 'stop'. + * @param pkt: the packet data, that is the data after the 4 zero start + * bytes and 4 length bytes. + * @param len: the length of the control packet data, in pkt. This is the + * ntohl of the 4 bytes length preceding the data. + * @return zero delimited string, malloced. Or NULL on malloc failure. + */ +char* fstrm_describe_control(void* pkt, size_t len); + +#endif /* DNSTAP_FSTRM_H */ diff --git a/dnstap/dtstream.c b/dnstap/dtstream.c new file mode 100644 index 000000000..2d55d197f --- /dev/null +++ b/dnstap/dtstream.c @@ -0,0 +1,1840 @@ +/* + * dnstap/dtstream.c - Frame Streams thread for unbound DNSTAP + * + * Copyright (c) 2020, NLnet Labs. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +/** + * \file + * + * An implementation of the Frame Streams data transport protocol for + * the Unbound DNSTAP message logging facility. + */ + +#include "config.h" +#include "dnstap/dtstream.h" +#include "dnstap/dnstap_fstrm.h" +#include "util/config_file.h" +#include "util/ub_event.h" +#include "util/net_help.h" +#include "services/outside_network.h" +#ifdef HAVE_SYS_UN_H +#include +#endif +#include +#ifdef HAVE_OPENSSL_SSL_H +#include +#endif +#ifdef HAVE_OPENSSL_ERR_H +#include +#endif + +/** number of messages to process in one output callback */ +#define DTIO_MESSAGES_PER_CALLBACK 100 +/** the msec to wait for reconnect (if not immediate, the first attempt) */ +#define DTIO_RECONNECT_TIMEOUT_MIN 10 +/** the msec to wait for reconnect max after backoff */ +#define DTIO_RECONNECT_TIMEOUT_MAX 1000 +/** the msec to wait for reconnect slow, to stop busy spinning on reconnect */ +#define DTIO_RECONNECT_TIMEOUT_SLOW 1000 + +struct stop_flush_info; +/** DTIO command channel commands */ +enum { + /** DTIO command channel stop */ + DTIO_COMMAND_STOP = 0, + /** DTIO command channel wakeup */ + DTIO_COMMAND_WAKEUP = 1 +} dtio_channel_command; + +/** open the output channel */ +static void dtio_open_output(struct dt_io_thread* dtio); +/** add output event for read and write */ +static int dtio_add_output_event_write(struct dt_io_thread* dtio); +/** start reconnection attempts */ +static void dtio_reconnect_enable(struct dt_io_thread* dtio); +/** stop from stop_flush event loop */ +static void dtio_stop_flush_exit(struct stop_flush_info* info); +#ifdef HAVE_SSL +/** enable briefly waiting for a read event, for SSL negotiation */ +static int dtio_enable_brief_read(struct dt_io_thread* dtio); +#endif + +struct dt_msg_queue* +dt_msg_queue_create(void) +{ + struct dt_msg_queue* mq = calloc(1, sizeof(*mq)); + if(!mq) return NULL; + mq->maxsize = 1*1024*1024; /* set max size of buffer, per worker, + about 1 M should contain 64K messages with some overhead, + or a whole bunch smaller ones */ + lock_basic_init(&mq->lock); + lock_protect(&mq->lock, mq, sizeof(*mq)); + return mq; +} + +/** clear the message list, caller must hold the lock */ +static void +dt_msg_queue_clear(struct dt_msg_queue* mq) +{ + struct dt_msg_entry* e = mq->first, *next=NULL; + while(e) { + next = e->next; + free(e->buf); + free(e); + e = next; + } + mq->first = NULL; + mq->last = NULL; + mq->cursize = 0; +} + +void +dt_msg_queue_delete(struct dt_msg_queue* mq) +{ + if(!mq) return; + lock_basic_destroy(&mq->lock); + dt_msg_queue_clear(mq); + free(mq); +} + +/** make the dtio wake up by sending a wakeup command */ +static void dtio_wakeup(struct dt_io_thread* dtio) +{ + uint8_t cmd = DTIO_COMMAND_WAKEUP; + if(!dtio) return; + if(!dtio->started) return; + + while(1) { + ssize_t r = write(dtio->commandpipe[1], &cmd, sizeof(cmd)); + if(r == -1) { +#ifndef USE_WINSOCK + if(errno == EINTR || errno == EAGAIN) + continue; + log_err("dnstap io wakeup: write: %s", strerror(errno)); +#else + if(WSAGetLastError() == WSAEINPROGRESS) + continue; + if(WSAGetLastError() == WSAEWOULDBLOCK) + continue; + log_err("dnstap io stop: write: %s", + wsa_strerror(WSAGetLastError())); +#endif + break; + } + break; + } +} + +void +dt_msg_queue_submit(struct dt_msg_queue* mq, void* buf, size_t len) +{ + int wakeup = 0; + struct dt_msg_entry* entry; + + /* check conditions */ + if(!buf) return; + if(len == 0) { + /* it is not possible to log entries with zero length, + * because the framestream protocol does not carry it. + * However the protobuf serialization does not create zero + * length datagrams for dnstap, so this should not happen. */ + free(buf); + return; + } + if(!mq) { + free(buf); + return; + } + + /* allocate memory for queue entry */ + entry = malloc(sizeof(*entry)); + if(!entry) { + log_err("out of memory logging dnstap"); + free(buf); + return; + } + entry->next = NULL; + entry->buf = buf; + entry->len = len; + + /* aqcuire lock */ + lock_basic_lock(&mq->lock); + /* list was empty, wakeup dtio */ + if(mq->first == NULL) + wakeup = 1; + /* see if it is going to fit */ + if(mq->cursize + len > mq->maxsize) { + /* buffer full, or congested. */ + /* drop */ + lock_basic_unlock(&mq->lock); + free(buf); + free(entry); + return; + } + mq->cursize += len; + /* append to list */ + if(mq->last) { + mq->last->next = entry; + } else { + mq->first = entry; + } + mq->last = entry; + /* release lock */ + lock_basic_unlock(&mq->lock); + + if(wakeup) + dtio_wakeup(mq->dtio); +} + +struct dt_io_thread* dt_io_thread_create(void) +{ + struct dt_io_thread* dtio = calloc(1, sizeof(*dtio)); + return dtio; +} + +void dt_io_thread_delete(struct dt_io_thread* dtio) +{ + struct dt_io_list_item* item, *nextitem; + if(!dtio) return; + item=dtio->io_list; + while(item) { + nextitem = item->next; + free(item); + item = nextitem; + } + free(dtio->socket_path); + free(dtio->ip_str); + free(dtio->tls_server_name); + free(dtio->client_key_file); + free(dtio->client_cert_file); + if(dtio->ssl_ctx) { +#ifdef HAVE_SSL + SSL_CTX_free(dtio->ssl_ctx); +#endif + } + free(dtio); +} + +int dt_io_thread_apply_cfg(struct dt_io_thread* dtio, struct config_file *cfg) +{ + if(!cfg->dnstap) { + log_warn("cannot setup dnstap because dnstap-enable is no"); + return 0; + } + + /* what type of connectivity do we have */ + if(cfg->dnstap_ip && cfg->dnstap_ip[0]) { + if(cfg->dnstap_tls) + dtio->upstream_is_tls = 1; + else dtio->upstream_is_tcp = 1; + } else { + dtio->upstream_is_unix = 1; + } + + if(dtio->upstream_is_unix) { + if(!cfg->dnstap_socket_path || + cfg->dnstap_socket_path[0]==0) { + log_err("dnstap setup: no dnstap-socket-path for " + "socket connect"); + return 0; + } + free(dtio->socket_path); + dtio->socket_path = strdup(cfg->dnstap_socket_path); + if(!dtio->socket_path) { + log_err("dnstap setup: malloc failure"); + return 0; + } + } + + if(dtio->upstream_is_tcp || dtio->upstream_is_tls) { + if(!cfg->dnstap_ip || cfg->dnstap_ip[0] == 0) { + log_err("dnstap setup: no dnstap-ip for TCP connect"); + return 0; + } + free(dtio->ip_str); + dtio->ip_str = strdup(cfg->dnstap_ip); + if(!dtio->ip_str) { + log_err("dnstap setup: malloc failure"); + return 0; + } + } + + if(dtio->upstream_is_tls) { +#ifdef HAVE_SSL + if(cfg->dnstap_tls_server_name && + cfg->dnstap_tls_server_name[0]) { + free(dtio->tls_server_name); + dtio->tls_server_name = strdup( + cfg->dnstap_tls_server_name); + if(!dtio->tls_server_name) { + log_err("dnstap setup: malloc failure"); + return 0; + } + if(!check_auth_name_for_ssl(dtio->tls_server_name)) + return 0; + } + if(cfg->dnstap_tls_client_key_file && + cfg->dnstap_tls_client_key_file[0]) { + dtio->use_client_certs = 1; + free(dtio->client_key_file); + dtio->client_key_file = strdup( + cfg->dnstap_tls_client_key_file); + if(!dtio->client_key_file) { + log_err("dnstap setup: malloc failure"); + return 0; + } + if(!cfg->dnstap_tls_client_cert_file || + cfg->dnstap_tls_client_cert_file[0]==0) { + log_err("dnstap setup: client key " + "authentication enabled with " + "dnstap-tls-client-key-file, but " + "no dnstap-tls-client-cert-file " + "is given"); + return 0; + } + free(dtio->client_cert_file); + dtio->client_cert_file = strdup( + cfg->dnstap_tls_client_cert_file); + if(!dtio->client_cert_file) { + log_err("dnstap setup: malloc failure"); + return 0; + } + } else { + dtio->use_client_certs = 0; + dtio->client_key_file = NULL; + dtio->client_cert_file = NULL; + } + + if(cfg->dnstap_tls_cert_bundle) { + dtio->ssl_ctx = connect_sslctx_create( + dtio->client_key_file, + dtio->client_cert_file, + cfg->dnstap_tls_cert_bundle, 0); + } else { + dtio->ssl_ctx = connect_sslctx_create( + dtio->client_key_file, + dtio->client_cert_file, + cfg->tls_cert_bundle, cfg->tls_win_cert); + } + if(!dtio->ssl_ctx) { + log_err("could not setup SSL CTX"); + return 0; + } +#endif /* HAVE_SSL */ + } + return 1; +} + +int dt_io_thread_register_queue(struct dt_io_thread* dtio, + struct dt_msg_queue* mq) +{ + struct dt_io_list_item* item = malloc(sizeof(*item)); + if(!item) return 0; + lock_basic_lock(&mq->lock); + mq->dtio = dtio; + lock_basic_unlock(&mq->lock); + item->queue = mq; + item->next = dtio->io_list; + dtio->io_list = item; + dtio->io_list_iter = NULL; + return 1; +} + +void dt_io_thread_unregister_queue(struct dt_io_thread* dtio, + struct dt_msg_queue* mq) +{ + struct dt_io_list_item* item, *prev=NULL; + if(!dtio) return; + item = dtio->io_list; + while(item) { + if(item->queue == mq) { + /* found it */ + if(prev) prev->next = item->next; + else dtio->io_list = item->next; + /* the queue itself only registered, not deleted */ + lock_basic_lock(&item->queue->lock); + item->queue->dtio = NULL; + lock_basic_unlock(&item->queue->lock); + free(item); + dtio->io_list_iter = NULL; + return; + } + prev = item; + item = item->next; + } +} + +/** pick a message from the queue, the routine locks and unlocks, + * returns true if there is a message */ +static int dt_msg_queue_pop(struct dt_msg_queue* mq, void** buf, + size_t* len) +{ + lock_basic_lock(&mq->lock); + if(mq->first) { + struct dt_msg_entry* entry = mq->first; + mq->first = entry->next; + if(!entry->next) mq->last = NULL; + mq->cursize -= entry->len; + lock_basic_unlock(&mq->lock); + + *buf = entry->buf; + *len = entry->len; + free(entry); + return 1; + } + lock_basic_unlock(&mq->lock); + return 0; +} + +/** find message in queue, false if no message, true if message to send */ +static int dtio_find_in_queue(struct dt_io_thread* dtio, + struct dt_msg_queue* mq) +{ + void* buf=NULL; + size_t len=0; + if(dt_msg_queue_pop(mq, &buf, &len)) { + dtio->cur_msg = buf; + dtio->cur_msg_len = len; + dtio->cur_msg_done = 0; + dtio->cur_msg_len_done = 0; + return 1; + } + return 0; +} + +/** find a new message to write, search message queues, false if none */ +static int dtio_find_msg(struct dt_io_thread* dtio) +{ + struct dt_io_list_item *spot, *item; + + spot = dtio->io_list_iter; + /* use the next queue for the next message lookup, + * if we hit the end(NULL) the NULL restarts the iter at start. */ + if(spot) + dtio->io_list_iter = spot->next; + else if(dtio->io_list) + dtio->io_list_iter = dtio->io_list->next; + + /* scan from spot to end-of-io_list */ + item = spot; + while(item) { + if(dtio_find_in_queue(dtio, item->queue)) + return 1; + item = item->next; + } + /* scan starting at the start-of-list (to wrap around the end) */ + item = dtio->io_list; + while(item) { + if(dtio_find_in_queue(dtio, item->queue)) + return 1; + item = item->next; + } + return 0; +} + +/** callback for the dnstap reconnect, to start reconnecting to output */ +void dtio_reconnect_timeout_cb(int ATTR_UNUSED(fd), + short ATTR_UNUSED(bits), void* arg) +{ + struct dt_io_thread* dtio = (struct dt_io_thread*)arg; + dtio->reconnect_is_added = 0; + verbose(VERB_ALGO, "dnstap io: reconnect timer"); + + dtio_open_output(dtio); + if(dtio->event) { + if(!dtio_add_output_event_write(dtio)) + return; + /* nothing wrong so far, wait on the output event */ + return; + } + /* exponential backoff and retry on timer */ + dtio_reconnect_enable(dtio); +} + +/** attempt to reconnect to the output, after a timeout */ +static void dtio_reconnect_enable(struct dt_io_thread* dtio) +{ + struct timeval tv; + int msec; + if(dtio->want_to_exit) return; + if(dtio->reconnect_is_added) + return; /* already done */ + + /* exponential backoff, store the value for next timeout */ + msec = dtio->reconnect_timeout; + if(msec == 0) { + dtio->reconnect_timeout = DTIO_RECONNECT_TIMEOUT_MIN; + } else { + dtio->reconnect_timeout = msec*2; + if(dtio->reconnect_timeout > DTIO_RECONNECT_TIMEOUT_MAX) + dtio->reconnect_timeout = DTIO_RECONNECT_TIMEOUT_MAX; + } + verbose(VERB_ALGO, "dnstap io: set reconnect attempt after %d msec", + msec); + + /* setup wait timer */ + memset(&tv, 0, sizeof(tv)); + tv.tv_sec = msec/1000; + tv.tv_usec = (msec%1000)*1000; + if(ub_timer_add(dtio->reconnect_timer, dtio->event_base, + &dtio_reconnect_timeout_cb, dtio, &tv) != 0) { + log_err("dnstap io: could not reconnect ev timer add"); + return; + } + dtio->reconnect_is_added = 1; +} + +/** remove dtio reconnect timer */ +static void dtio_reconnect_del(struct dt_io_thread* dtio) +{ + if(!dtio->reconnect_is_added) + return; + ub_timer_del(dtio->reconnect_timer); + dtio->reconnect_is_added = 0; +} + +/** clear the reconnect exponential backoff timer. + * We have successfully connected so we can try again with short timeouts. */ +static void dtio_reconnect_clear(struct dt_io_thread* dtio) +{ + dtio->reconnect_timeout = 0; + dtio_reconnect_del(dtio); +} + +/** reconnect slowly, because we already know we have to wait for a bit */ +static void dtio_reconnect_slow(struct dt_io_thread* dtio, int msec) +{ + dtio_reconnect_del(dtio); + dtio->reconnect_timeout = msec; + dtio_reconnect_enable(dtio); +} + +/** delete the current message in the dtio, and reset counters */ +static void dtio_cur_msg_free(struct dt_io_thread* dtio) +{ + free(dtio->cur_msg); + dtio->cur_msg = NULL; + dtio->cur_msg_len = 0; + dtio->cur_msg_done = 0; + dtio->cur_msg_len_done = 0; +} + +/** del the output file descriptor event for listening */ +static void dtio_del_output_event(struct dt_io_thread* dtio) +{ + if(!dtio->event_added) + return; + ub_event_del(dtio->event); + dtio->event_added = 0; + dtio->event_added_is_write = 0; +} + +/** close dtio socket and set it to -1 */ +static void dtio_close_fd(struct dt_io_thread* dtio) +{ +#ifndef USE_WINSOCK + close(dtio->fd); +#else + closesocket(dtio->fd); +#endif + dtio->fd = -1; +} + +/** close and stop the output file descriptor event */ +static void dtio_close_output(struct dt_io_thread* dtio) +{ + if(!dtio->event) + return; + ub_event_free(dtio->event); + dtio->event = NULL; + if(dtio->ssl) { +#ifdef HAVE_SSL + SSL_shutdown(dtio->ssl); + SSL_free(dtio->ssl); + dtio->ssl = NULL; +#endif + } + dtio_close_fd(dtio); + + /* if there is a (partial) message, discard it + * we cannot send (the remainder of) it, and a new + * connection needs to start with a control frame. */ + if(dtio->cur_msg) { + dtio_cur_msg_free(dtio); + } + dtio_reconnect_enable(dtio); +} + +/** check for pending nonblocking connect errors, + * returns 1 if it is okay. -1 on error (close it), 0 to try later */ +static int dtio_check_nb_connect(struct dt_io_thread* dtio) +{ + int error = 0; + socklen_t len = (socklen_t)sizeof(error); + if(!dtio->check_nb_connect) + return 1; /* everything okay */ + if(getsockopt(dtio->fd, SOL_SOCKET, SO_ERROR, (void*)&error, + &len) < 0) { +#ifndef USE_WINSOCK + error = errno; /* on solaris errno is error */ +#else + error = WSAGetLastError(); +#endif + } +#ifndef USE_WINSOCK +#if defined(EINPROGRESS) && defined(EWOULDBLOCK) + if(error == EINPROGRESS || error == EWOULDBLOCK) + return 0; /* try again later */ +#endif +#else + if(error == WSAEINPROGRESS) { + return 0; /* try again later */ + } else if(error == WSAEWOULDBLOCK) { + ub_winsock_tcp_wouldblock((dtio->stop_flush_event? + dtio->stop_flush_event:dtio->event), UB_EV_WRITE); + return 0; /* try again later */ + } +#endif + if(error != 0) { + char* to = dtio->socket_path; + if(!to) to = dtio->ip_str; + if(!to) to = ""; +#ifndef USE_WINSOCK + log_err("dnstap io: failed to connect to \"%s\": %s", + to, strerror(error)); +#else + log_err("dnstap io: failed to connect to \"%s\": %s", + to, wsa_strerror(error)); +#endif + return -1; /* error, close it */ + } + + if(dtio->ip_str) + verbose(VERB_DETAIL, "dnstap io: connected to %s", + dtio->ip_str); + else if(dtio->socket_path) + verbose(VERB_DETAIL, "dnstap io: connected to \"%s\"", + dtio->socket_path); + dtio_reconnect_clear(dtio); + dtio->check_nb_connect = 0; + return 1; /* everything okay */ +} + +#ifdef HAVE_SSL +/** write to ssl output + * returns number of bytes written, 0 if nothing happened, + * try again later, or -1 if the channel is to be closed. */ +static int dtio_write_ssl(struct dt_io_thread* dtio, uint8_t* buf, + size_t len) +{ + int r; + ERR_clear_error(); + r = SSL_write(dtio->ssl, buf, len); + if(r <= 0) { + int want = SSL_get_error(dtio->ssl, r); + if(want == SSL_ERROR_ZERO_RETURN) { + /* closed */ + return -1; + } else if(want == SSL_ERROR_WANT_READ) { + /* we want a brief read event */ + dtio_enable_brief_read(dtio); + return 0; + } else if(want == SSL_ERROR_WANT_WRITE) { + /* write again later */ + return 0; + } else if(want == SSL_ERROR_SYSCALL) { +#ifdef EPIPE + if(errno == EPIPE && verbosity < 2) + return -1; /* silence 'broken pipe' */ +#endif +#ifdef ECONNRESET + if(errno == ECONNRESET && verbosity < 2) + return -1; /* silence reset by peer */ +#endif + if(errno != 0) { + log_err("dnstap io, SSL_write syscall: %s", + strerror(errno)); + } + return -1; + } + log_crypto_err("dnstap io, could not SSL_write"); + return -1; + } + return r; +} +#endif /* HAVE_SSL */ + +/** write buffer to output. + * returns number of bytes written, 0 if nothing happened, + * try again later, or -1 if the channel is to be closed. */ +static int dtio_write_buf(struct dt_io_thread* dtio, uint8_t* buf, + size_t len) +{ + ssize_t ret; + if(dtio->fd == -1) + return -1; +#ifdef HAVE_SSL + if(dtio->ssl) + return dtio_write_ssl(dtio, buf, len); +#endif + ret = send(dtio->fd, (void*)buf, len, 0); + if(ret == -1) { +#ifndef USE_WINSOCK + if(errno == EINTR || errno == EAGAIN) + return 0; + log_err("dnstap io: failed send: %s", strerror(errno)); +#else + if(WSAGetLastError() == WSAEINPROGRESS) + return 0; + if(WSAGetLastError() == WSAEWOULDBLOCK) { + ub_winsock_tcp_wouldblock((dtio->stop_flush_event? + dtio->stop_flush_event:dtio->event), + UB_EV_WRITE); + return 0; + } + log_err("dnstap io: failed send: %s", + wsa_strerror(WSAGetLastError())); +#endif + return -1; + } + return ret; +} + +#ifdef HAVE_WRITEV +/** write with writev, len and message, in one write, if possible. + * return true if message is done, false if incomplete */ +static int dtio_write_with_writev(struct dt_io_thread* dtio) +{ + uint32_t sendlen = htonl(dtio->cur_msg_len); + struct iovec iov[2]; + ssize_t r; + iov[0].iov_base = ((uint8_t*)&sendlen)+dtio->cur_msg_len_done; + iov[0].iov_len = sizeof(sendlen)-dtio->cur_msg_len_done; + iov[1].iov_base = dtio->cur_msg; + iov[1].iov_len = dtio->cur_msg_len; + log_assert(iov[0].iov_len > 0); + r = writev(dtio->fd, iov, 2); + if(r == -1) { +#ifndef USE_WINSOCK + if(errno == EINTR || errno == EAGAIN) + return 0; + log_err("dnstap io: failed writev: %s", strerror(errno)); +#else + if(WSAGetLastError() == WSAEINPROGRESS) + return 0; + if(WSAGetLastError() == WSAEWOULDBLOCK) { + ub_winsock_tcp_wouldblock((dtio->stop_flush_event? + dtio->stop_flush_event:dtio->event), + UB_EV_WRITE); + return 0; + } + log_err("dnstap io: failed writev: %s", + wsa_strerror(WSAGetLastError())); +#endif + /* close the channel */ + dtio_del_output_event(dtio); + dtio_close_output(dtio); + return 0; + } + /* written r bytes */ + dtio->cur_msg_len_done += r; + if(dtio->cur_msg_len_done < 4) + return 0; + if(dtio->cur_msg_len_done > 4) { + dtio->cur_msg_done = dtio->cur_msg_len_done-4; + dtio->cur_msg_len_done = 4; + } + if(dtio->cur_msg_done < dtio->cur_msg_len) + return 0; + return 1; +} +#endif /* HAVE_WRITEV */ + +/** write more of the length, preceding the data frame. + * return true if message is done, false if incomplete. */ +static int dtio_write_more_of_len(struct dt_io_thread* dtio) +{ + uint32_t sendlen; + int r; + if(dtio->cur_msg_len_done >= 4) + return 1; +#ifdef HAVE_WRITEV + if(!dtio->ssl) { + /* we try writev for everything.*/ + return dtio_write_with_writev(dtio); + } +#endif /* HAVE_WRITEV */ + sendlen = htonl(dtio->cur_msg_len); + r = dtio_write_buf(dtio, + ((uint8_t*)&sendlen)+dtio->cur_msg_len_done, + sizeof(sendlen)-dtio->cur_msg_len_done); + if(r == -1) { + /* close the channel */ + dtio_del_output_event(dtio); + dtio_close_output(dtio); + return 0; + } else if(r == 0) { + /* try again later */ + return 0; + } + dtio->cur_msg_len_done += r; + if(dtio->cur_msg_len_done < 4) + return 0; + return 1; +} + +/** write more of the data frame. + * return true if message is done, false if incomplete. */ +static int dtio_write_more_of_data(struct dt_io_thread* dtio) +{ + int r; + if(dtio->cur_msg_done >= dtio->cur_msg_len) + return 1; + r = dtio_write_buf(dtio, + ((uint8_t*)dtio->cur_msg)+dtio->cur_msg_done, + dtio->cur_msg_len - dtio->cur_msg_done); + if(r == -1) { + /* close the channel */ + dtio_del_output_event(dtio); + dtio_close_output(dtio); + return 0; + } else if(r == 0) { + /* try again later */ + return 0; + } + dtio->cur_msg_done += r; + if(dtio->cur_msg_done < dtio->cur_msg_len) + return 0; + return 1; +} + +/** write more of the current messsage. false if incomplete, true if + * the message is done */ +static int dtio_write_more(struct dt_io_thread* dtio) +{ + if(dtio->cur_msg_len_done < 4) { + if(!dtio_write_more_of_len(dtio)) + return 0; + } + if(dtio->cur_msg_done < dtio->cur_msg_len) { + if(!dtio_write_more_of_data(dtio)) + return 0; + } + return 1; +} + +/** check if the output fd has been closed, + * it returns false if the stream is closed. */ +static int dtio_check_close(struct dt_io_thread* dtio) +{ + /* we don't want to read any packets, but if there are we can + * discard the input (ignore it). Ignore of unknown (control) + * packets is okay for the framestream protocol. And also, the + * read call can return that the stream has been closed by the + * other side. */ + ssize_t r; + uint8_t buf[1024]; + if(dtio->fd == -1) return 0; + while(1) { + r = recv(dtio->fd, (void*)buf, sizeof(buf), 0); + if(r == -1) { + char* to = dtio->socket_path; + if(!to) to = dtio->ip_str; + if(!to) to = ""; +#ifndef USE_WINSOCK + if(errno == EINTR || errno == EAGAIN) + return 1; /* try later */ +#else + if(WSAGetLastError() == WSAEINPROGRESS) { + return 1; /* try later */ + } else if(WSAGetLastError() == WSAEWOULDBLOCK) { + ub_winsock_tcp_wouldblock( + (dtio->stop_flush_event? + dtio->stop_flush_event:dtio->event), + UB_EV_READ); + return 1; /* try later */ + } +#endif + if(dtio->reconnect_timeout > DTIO_RECONNECT_TIMEOUT_MIN && verbosity < 4) + break; /* no log retries on low verbosity */ + log_err("dnstap io: output closed, recv %s: %s", to, + strerror(errno)); + /* and close below */ + break; + } + if(r == 0) { + if(dtio->reconnect_timeout > DTIO_RECONNECT_TIMEOUT_MIN && verbosity < 4) + break; /* no log retries on low verbosity */ + verbose(VERB_DETAIL, "dnstap io: output closed by the other side"); + /* and close below */ + break; + } + /* something was received, ignore it */ + } + /* the other end has been closed */ + /* close the channel */ + dtio_del_output_event(dtio); + dtio_close_output(dtio); + return 0; +} + +/** add the output file descriptor event for listening, read only */ +static int dtio_add_output_event_read(struct dt_io_thread* dtio) +{ + if(!dtio->event) + return 0; + if(dtio->event_added && !dtio->event_added_is_write) + return 1; + /* we have to (re-)register the event */ + if(dtio->event_added) + ub_event_del(dtio->event); + ub_event_del_bits(dtio->event, UB_EV_WRITE); + if(ub_event_add(dtio->event, NULL) != 0) { + log_err("dnstap io: out of memory (adding event)"); + dtio->event_added = 0; + dtio->event_added_is_write = 0; + /* close output and start reattempts to open it */ + dtio_close_output(dtio); + return 0; + } + dtio->event_added = 1; + dtio->event_added_is_write = 0; + return 1; +} + +/** add the output file descriptor event for listening, read and write */ +static int dtio_add_output_event_write(struct dt_io_thread* dtio) +{ + if(!dtio->event) + return 0; + if(dtio->event_added && dtio->event_added_is_write) + return 1; + /* we have to (re-)register the event */ + if(dtio->event_added) + ub_event_del(dtio->event); + ub_event_add_bits(dtio->event, UB_EV_WRITE); + if(ub_event_add(dtio->event, NULL) != 0) { + log_err("dnstap io: out of memory (adding event)"); + dtio->event_added = 0; + dtio->event_added_is_write = 0; + /* close output and start reattempts to open it */ + dtio_close_output(dtio); + return 0; + } + dtio->event_added = 1; + dtio->event_added_is_write = 1; + return 1; +} + +/** put the dtio thread to sleep */ +static void dtio_sleep(struct dt_io_thread* dtio) +{ + /* unregister the event polling for write, because there is + * nothing to be written */ + (void)dtio_add_output_event_read(dtio); +} + +#ifdef HAVE_SSL +/** enable the brief read condition */ +static int dtio_enable_brief_read(struct dt_io_thread* dtio) +{ + dtio->ssl_brief_read = 1; + if(dtio->stop_flush_event) { + ub_event_del(dtio->stop_flush_event); + ub_event_del_bits(dtio->stop_flush_event, UB_EV_WRITE); + if(ub_event_add(dtio->stop_flush_event, NULL) != 0) { + log_err("dnstap io, stop flush, could not ub_event_add"); + return 0; + } + return 1; + } + return dtio_add_output_event_read(dtio); +} +#endif /* HAVE_SSL */ + +#ifdef HAVE_SSL +/** disable the brief read condition */ +static int dtio_disable_brief_read(struct dt_io_thread* dtio) +{ + dtio->ssl_brief_read = 0; + if(dtio->stop_flush_event) { + ub_event_del(dtio->stop_flush_event); + ub_event_add_bits(dtio->stop_flush_event, UB_EV_WRITE); + if(ub_event_add(dtio->stop_flush_event, NULL) != 0) { + log_err("dnstap io, stop flush, could not ub_event_add"); + return 0; + } + return 1; + } + return dtio_add_output_event_write(dtio); +} +#endif /* HAVE_SSL */ + +#ifdef HAVE_SSL +/** check peer verification after ssl handshake connection, false if closed*/ +static int dtio_ssl_check_peer(struct dt_io_thread* dtio) +{ + if((SSL_get_verify_mode(dtio->ssl)&SSL_VERIFY_PEER)) { + /* verification */ + if(SSL_get_verify_result(dtio->ssl) == X509_V_OK) { + X509* x = SSL_get_peer_certificate(dtio->ssl); + if(!x) { + verbose(VERB_ALGO, "dnstap io, %s, SSL " + "connection failed no certificate", + dtio->ip_str); + return 0; + } + log_cert(VERB_ALGO, "dnstap io, peer certificate", + x); +#ifdef HAVE_SSL_GET0_PEERNAME + if(SSL_get0_peername(dtio->ssl)) { + verbose(VERB_ALGO, "dnstap io, %s, SSL " + "connection to %s authenticated", + dtio->ip_str, + SSL_get0_peername(dtio->ssl)); + } else { +#endif + verbose(VERB_ALGO, "dnstap io, %s, SSL " + "connection authenticated", + dtio->ip_str); +#ifdef HAVE_SSL_GET0_PEERNAME + } +#endif + X509_free(x); + } else { + X509* x = SSL_get_peer_certificate(dtio->ssl); + if(x) { + log_cert(VERB_ALGO, "dnstap io, peer " + "certificate", x); + X509_free(x); + } + verbose(VERB_ALGO, "dnstap io, %s, SSL connection " + "failed: failed to authenticate", + dtio->ip_str); + return 0; + } + } else { + /* unauthenticated, the verify peer flag was not set + * in ssl when the ssl object was created from ssl_ctx */ + verbose(VERB_ALGO, "dnstap io, %s, SSL connection", + dtio->ip_str); + } + return 1; +} +#endif /* HAVE_SSL */ + +#ifdef HAVE_SSL +/** perform ssl handshake, returns 1 if okay, 0 to stop */ +static int dtio_ssl_handshake(struct dt_io_thread* dtio, + struct stop_flush_info* info) +{ + int r; + if(dtio->ssl_brief_read) { + /* assume the brief read condition is satisfied, + * if we need more or again, we can set it again */ + if(!dtio_disable_brief_read(dtio)) { + if(info) dtio_stop_flush_exit(info); + return 0; + } + } + if(dtio->ssl_handshake_done) + return 1; + + ERR_clear_error(); + r = SSL_do_handshake(dtio->ssl); + if(r != 1) { + int want = SSL_get_error(dtio->ssl, r); + if(want == SSL_ERROR_WANT_READ) { + /* we want to read on the connection */ + if(!dtio_enable_brief_read(dtio)) { + if(info) dtio_stop_flush_exit(info); + return 0; + } + return 0; + } else if(want == SSL_ERROR_WANT_WRITE) { + /* we want to write on the connection */ + return 0; + } else if(r == 0) { + /* closed */ + if(info) dtio_stop_flush_exit(info); + dtio_del_output_event(dtio); + dtio_reconnect_slow(dtio, DTIO_RECONNECT_TIMEOUT_SLOW); + dtio_close_output(dtio); + return 0; + } else if(want == SSL_ERROR_SYSCALL) { + /* SYSCALL and errno==0 means closed uncleanly */ + int silent = 0; +#ifdef EPIPE + if(errno == EPIPE && verbosity < 2) + silent = 1; /* silence 'broken pipe' */ +#endif +#ifdef ECONNRESET + if(errno == ECONNRESET && verbosity < 2) + silent = 1; /* silence reset by peer */ +#endif + if(errno == 0) + silent = 1; + if(!silent) + log_err("dnstap io, SSL_handshake syscall: %s", + strerror(errno)); + /* closed */ + if(info) dtio_stop_flush_exit(info); + dtio_del_output_event(dtio); + dtio_reconnect_slow(dtio, DTIO_RECONNECT_TIMEOUT_SLOW); + dtio_close_output(dtio); + return 0; + } else { + unsigned long err = ERR_get_error(); + if(!squelch_err_ssl_handshake(err)) { + log_crypto_err_code("dnstap io, ssl handshake failed", + err); + verbose(VERB_OPS, "dnstap io, ssl handshake failed " + "from %s", dtio->ip_str); + } + /* closed */ + if(info) dtio_stop_flush_exit(info); + dtio_del_output_event(dtio); + dtio_reconnect_slow(dtio, DTIO_RECONNECT_TIMEOUT_SLOW); + dtio_close_output(dtio); + return 0; + } + + } + /* check peer verification */ + dtio->ssl_handshake_done = 1; + + if(!dtio_ssl_check_peer(dtio)) { + /* closed */ + if(info) dtio_stop_flush_exit(info); + dtio_del_output_event(dtio); + dtio_reconnect_slow(dtio, DTIO_RECONNECT_TIMEOUT_SLOW); + dtio_close_output(dtio); + return 0; + } + return 1; +} +#endif /* HAVE_SSL */ + +/** callback for the dnstap events, to write to the output */ +void dtio_output_cb(int ATTR_UNUSED(fd), short bits, void* arg) +{ + struct dt_io_thread* dtio = (struct dt_io_thread*)arg; + int i; + + if(dtio->check_nb_connect) { + int connect_err = dtio_check_nb_connect(dtio); + if(connect_err == -1) { + /* close the channel */ + dtio_del_output_event(dtio); + dtio_close_output(dtio); + return; + } else if(connect_err == 0) { + /* try again later */ + return; + } + /* nonblocking connect check passed, continue */ + } + +#ifdef HAVE_SSL + if(dtio->ssl && + (!dtio->ssl_handshake_done || dtio->ssl_brief_read)) { + if(!dtio_ssl_handshake(dtio, NULL)) + return; + } +#endif + + if((bits&UB_EV_READ)) { + if(!dtio_check_close(dtio)) + return; + } + + /* loop to process a number of messages. This improves throughput, + * because selecting on write-event if not needed for busy messages + * (dnstap log) generation and if they need to all be written back. + * The write event is usually not blocked up. But not forever, + * because the event loop needs to stay responsive for other events. + * If there are no (more) messages, or if the output buffers get + * full, it returns out of the loop. */ + for(i=0; icur_msg) { + if(!dtio_find_msg(dtio)) { + if(i == 0) { + /* no messages on the first iteration, + * the queues are all empty */ + dtio_sleep(dtio); + } + return; /* nothing to do */ + } + } + + /* write it */ + if(dtio->cur_msg_done < dtio->cur_msg_len) { + if(!dtio_write_more(dtio)) + return; + } + + /* done with the current message */ + dtio_cur_msg_free(dtio); + } +} + +/** callback for the dnstap commandpipe, to stop the dnstap IO */ +void dtio_cmd_cb(int fd, short ATTR_UNUSED(bits), void* arg) +{ + struct dt_io_thread* dtio = (struct dt_io_thread*)arg; + uint8_t cmd; + ssize_t r; + if(dtio->want_to_exit) + return; + r = read(fd, &cmd, sizeof(cmd)); + if(r == -1) { +#ifndef USE_WINSOCK + if(errno == EINTR || errno == EAGAIN) + return; /* ignore this */ + log_err("dnstap io: failed to read: %s", strerror(errno)); +#else + if(WSAGetLastError() == WSAEINPROGRESS) + return; + if(WSAGetLastError() == WSAEWOULDBLOCK) + return; + log_err("dnstap io: failed to read: %s", + wsa_strerror(WSAGetLastError())); +#endif + /* and then fall through to quit the thread */ + } else if(r == 0) { + verbose(VERB_ALGO, "dnstap io: cmd channel closed"); + } else if(r == 1 && cmd == DTIO_COMMAND_STOP) { + verbose(VERB_ALGO, "dnstap io: cmd channel cmd quit"); + } else if(r == 1 && cmd == DTIO_COMMAND_WAKEUP) { + verbose(VERB_ALGO, "dnstap io: cmd channel cmd wakeup"); + /* reregister event */ + if(!dtio_add_output_event_write(dtio)) + return; + return; + } else if(r == 1) { + verbose(VERB_ALGO, "dnstap io: cmd channel unknown command"); + } + dtio->want_to_exit = 1; + if(ub_event_base_loopexit((struct ub_event_base*)dtio->event_base) + != 0) { + log_err("dnstap io: could not loopexit"); + } +} + +#ifndef THREADS_DISABLED +/** setup the event base for the dnstap io thread */ +static void dtio_setup_base(struct dt_io_thread* dtio, time_t* secs, + struct timeval* now) +{ + memset(now, 0, sizeof(*now)); + dtio->event_base = ub_default_event_base(0, secs, now); + if(!dtio->event_base) { + fatal_exit("dnstap io: could not create event_base"); + } +} +#endif /* THREADS_DISABLED */ + +/** setup the cmd event for dnstap io */ +static void dtio_setup_cmd(struct dt_io_thread* dtio) +{ + struct ub_event* cmdev; + fd_set_nonblock(dtio->commandpipe[0]); + cmdev = ub_event_new(dtio->event_base, dtio->commandpipe[0], + UB_EV_READ | UB_EV_PERSIST, &dtio_cmd_cb, dtio); + if(!cmdev) { + fatal_exit("dnstap io: out of memory"); + } + dtio->command_event = cmdev; + if(ub_event_add(cmdev, NULL) != 0) { + fatal_exit("dnstap io: out of memory (adding event)"); + } +} + +/** setup the reconnect event for dnstap io */ +static void dtio_setup_reconnect(struct dt_io_thread* dtio) +{ + dtio_reconnect_clear(dtio); + dtio->reconnect_timer = ub_event_new(dtio->event_base, -1, + UB_EV_TIMEOUT, &dtio_reconnect_timeout_cb, dtio); + if(!dtio->reconnect_timer) { + fatal_exit("dnstap io: out of memory"); + } +} + +/** + * structure to keep track of information during stop flush + */ +struct stop_flush_info { + /** the event base during stop flush */ + struct ub_event_base* base; + /** did we already want to exit this stop-flush event base */ + int want_to_exit_flush; + /** has the timer fired */ + int timer_done; + /** the dtio */ + struct dt_io_thread* dtio; + /** the stop control frame */ + void* stop_frame; + /** length of the stop frame */ + size_t stop_frame_len; + /** how much we have done of the stop frame */ + size_t stop_frame_done; +}; + +/** exit the stop flush base */ +static void dtio_stop_flush_exit(struct stop_flush_info* info) +{ + if(info->want_to_exit_flush) + return; + info->want_to_exit_flush = 1; + if(ub_event_base_loopexit(info->base) != 0) { + log_err("dnstap io: could not loopexit"); + } +} + +/** send the stop control, + * return true if completed the frame. */ +static int dtio_control_stop_send(struct stop_flush_info* info) +{ + struct dt_io_thread* dtio = info->dtio; + int r; + if(info->stop_frame_done >= info->stop_frame_len) + return 1; + r = dtio_write_buf(dtio, ((uint8_t*)info->stop_frame) + + info->stop_frame_done, info->stop_frame_len - + info->stop_frame_done); + if(r == -1) { + verbose(VERB_ALGO, "dnstap io: stop flush: output closed"); + dtio_stop_flush_exit(info); + return 0; + } + if(r == 0) { + /* try again later, or timeout */ + return 0; + } + info->stop_frame_done += r; + if(info->stop_frame_done < info->stop_frame_len) + return 0; /* not done yet */ + return 1; +} + +void dtio_stop_timer_cb(int ATTR_UNUSED(fd), short ATTR_UNUSED(bits), + void* arg) +{ + struct stop_flush_info* info = (struct stop_flush_info*)arg; + if(info->want_to_exit_flush) + return; + verbose(VERB_ALGO, "dnstap io: stop flush timer expired, stop flush"); + info->timer_done = 1; + dtio_stop_flush_exit(info); +} + +void dtio_stop_ev_cb(int ATTR_UNUSED(fd), short bits, void* arg) +{ + struct stop_flush_info* info = (struct stop_flush_info*)arg; + struct dt_io_thread* dtio = info->dtio; + if(info->want_to_exit_flush) + return; + if(dtio->check_nb_connect) { + /* we don't start the stop_flush if connect still + * in progress, but the check code is here, just in case */ + int connect_err = dtio_check_nb_connect(dtio); + if(connect_err == -1) { + /* close the channel, exit the stop flush */ + dtio_stop_flush_exit(info); + dtio_del_output_event(dtio); + dtio_close_output(dtio); + return; + } else if(connect_err == 0) { + /* try again later */ + return; + } + /* nonblocking connect check passed, continue */ + } +#ifdef HAVE_SSL + if(dtio->ssl && + (!dtio->ssl_handshake_done || dtio->ssl_brief_read)) { + if(!dtio_ssl_handshake(dtio, info)) + return; + } +#endif + + if((bits&UB_EV_READ)) { + if(!dtio_check_close(dtio)) { + if(dtio->fd == -1) { + verbose(VERB_ALGO, "dnstap io: " + "stop flush: output closed"); + dtio_stop_flush_exit(info); + } + return; + } + } + /* write remainder of last frame */ + if(dtio->cur_msg) { + if(dtio->cur_msg_done < dtio->cur_msg_len) { + if(!dtio_write_more(dtio)) { + if(dtio->fd == -1) { + verbose(VERB_ALGO, "dnstap io: " + "stop flush: output closed"); + dtio_stop_flush_exit(info); + } + return; + } + } + verbose(VERB_ALGO, "dnstap io: stop flush completed " + "last frame"); + dtio_cur_msg_free(dtio); + } + /* write stop frame */ + if(info->stop_frame_done < info->stop_frame_len) { + if(!dtio_control_stop_send(info)) + return; + verbose(VERB_ALGO, "dnstap io: stop flush completed " + "stop control frame"); + } + /* when last frame and stop frame are sent, exit */ + dtio_stop_flush_exit(info); +} + +/** flush at end, last packet and stop control */ +static void dtio_control_stop_flush(struct dt_io_thread* dtio) +{ + /* briefly attempt to flush the previous packet to the output, + * this could be a partial packet, or even the start control frame */ + time_t secs = 0; + struct timeval now; + struct stop_flush_info info; + struct timeval tv; + struct ub_event* timer, *stopev; + + if(dtio->fd == -1 || dtio->check_nb_connect) { + /* no connection or we have just connected, so nothing is + * sent yet, so nothing to stop or flush */ + return; + } + if(dtio->ssl && !dtio->ssl_handshake_done) { + /* no SSL connection has been established yet */ + return; + } + + memset(&info, 0, sizeof(info)); + memset(&now, 0, sizeof(now)); + info.dtio = dtio; + info.base = ub_default_event_base(0, &secs, &now); + if(!info.base) { + log_err("dnstap io: malloc failure"); + return; + } + timer = ub_event_new(info.base, -1, UB_EV_TIMEOUT, + &dtio_stop_timer_cb, &info); + if(!timer) { + log_err("dnstap io: malloc failure"); + ub_event_base_free(info.base); + return; + } + memset(&tv, 0, sizeof(tv)); + tv.tv_sec = 2; + if(ub_timer_add(timer, info.base, &dtio_stop_timer_cb, &info, + &tv) != 0) { + log_err("dnstap io: cannot event_timer_add"); + ub_event_free(timer); + ub_event_base_free(info.base); + return; + } + stopev = ub_event_new(info.base, dtio->fd, UB_EV_READ | + UB_EV_WRITE | UB_EV_PERSIST, &dtio_stop_ev_cb, &info); + if(!stopev) { + log_err("dnstap io: malloc failure"); + ub_timer_del(timer); + ub_event_free(timer); + ub_event_base_free(info.base); + return; + } + if(ub_event_add(stopev, NULL) != 0) { + log_err("dnstap io: cannot event_add"); + ub_event_free(stopev); + ub_timer_del(timer); + ub_event_free(timer); + ub_event_base_free(info.base); + return; + } + info.stop_frame = fstrm_create_control_frame_stop( + &info.stop_frame_len); + if(!info.stop_frame) { + log_err("dnstap io: malloc failure"); + ub_event_del(stopev); + ub_event_free(stopev); + ub_timer_del(timer); + ub_event_free(timer); + ub_event_base_free(info.base); + return; + } + dtio->stop_flush_event = stopev; + + /* wait briefly, or until finished */ + verbose(VERB_ALGO, "dnstap io: stop flush started"); + if(ub_event_base_dispatch(info.base) < 0) { + log_err("dnstap io: dispatch flush failed, errno is %s", + strerror(errno)); + } + verbose(VERB_ALGO, "dnstap io: stop flush ended"); + free(info.stop_frame); + dtio->stop_flush_event = NULL; + ub_event_del(stopev); + ub_event_free(stopev); + ub_timer_del(timer); + ub_event_free(timer); + ub_event_base_free(info.base); +} + +/** perform desetup and free stuff when the dnstap io thread exits */ +static void dtio_desetup(struct dt_io_thread* dtio) +{ + dtio_control_stop_flush(dtio); + dtio_del_output_event(dtio); + dtio_close_output(dtio); + ub_event_del(dtio->command_event); + ub_event_free(dtio->command_event); +#ifndef USE_WINSOCK + close(dtio->commandpipe[0]); +#else + _close(dtio->commandpipe[0]); +#endif + dtio->commandpipe[0] = -1; + dtio_reconnect_del(dtio); + ub_event_free(dtio->reconnect_timer); + dtio_cur_msg_free(dtio); +#ifndef THREADS_DISABLED + ub_event_base_free(dtio->event_base); +#endif +} + +/** setup a start control message */ +static int dtio_control_start_send(struct dt_io_thread* dtio) +{ + log_assert(dtio->cur_msg == NULL && dtio->cur_msg_len == 0); + dtio->cur_msg = fstrm_create_control_frame_start(DNSTAP_CONTENT_TYPE, + &dtio->cur_msg_len); + if(!dtio->cur_msg) { + return 0; + } + /* setup to send the control message */ + /* set that the buffer needs to be sent, but the length + * of that buffer is already written, that way the buffer can + * start with 0 length and then the length of the control frame + * in it */ + dtio->cur_msg_done = 0; + dtio->cur_msg_len_done = 4; + return 1; +} + +/** open the output file descriptor for af_local */ +static int dtio_open_output_local(struct dt_io_thread* dtio) +{ +#ifdef HAVE_SYS_UN_H + struct sockaddr_un s; + dtio->fd = socket(AF_LOCAL, SOCK_STREAM, 0); + if(dtio->fd == -1) { +#ifndef USE_WINSOCK + log_err("dnstap io: failed to create socket: %s", + strerror(errno)); +#else + log_err("dnstap io: failed to create socket: %s", + wsa_strerror(WSAGetLastError())); +#endif + return 0; + } + memset(&s, 0, sizeof(s)); +#ifdef HAVE_STRUCT_SOCKADDR_UN_SUN_LEN + /* this member exists on BSDs, not Linux */ + s.sun_len = (unsigned)sizeof(usock); +#endif + s.sun_family = AF_LOCAL; + /* length is 92-108, 104 on FreeBSD */ + (void)strlcpy(s.sun_path, dtio->socket_path, sizeof(s.sun_path)); + fd_set_nonblock(dtio->fd); + if(connect(dtio->fd, (struct sockaddr*)&s, (socklen_t)sizeof(s)) + == -1) { + char* to = dtio->socket_path; +#ifndef USE_WINSOCK + log_err("dnstap io: failed to connect to \"%s\": %s", + to, strerror(errno)); +#else + log_err("dnstap io: failed to connect to \"%s\": %s", + to, wsa_strerror(WSAGetLastError())); +#endif + dtio_close_fd(dtio); + return 0; + } + return 1; +#else + log_err("cannot create af_local socket"); + return 0; +#endif /* HAVE_SYS_UN_H */ +} + +/** open the output file descriptor for af_inet and af_inet6 */ +static int dtio_open_output_tcp(struct dt_io_thread* dtio) +{ + struct sockaddr_storage addr; + socklen_t addrlen; + memset(&addr, 0, sizeof(addr)); + addrlen = (socklen_t)sizeof(addr); + + if(!extstrtoaddr(dtio->ip_str, &addr, &addrlen)) { + log_err("could not parse IP '%s'", dtio->ip_str); + return 0; + } + dtio->fd = socket(addr.ss_family, SOCK_STREAM, 0); + if(dtio->fd == -1) { +#ifndef USE_WINSOCK + log_err("can't create socket: %s", strerror(errno)); +#else + log_err("can't create socket: %s", + wsa_strerror(WSAGetLastError())); +#endif + return 0; + } + fd_set_nonblock(dtio->fd); + if(connect(dtio->fd, (struct sockaddr*)&addr, addrlen) == -1) { + if(errno == EINPROGRESS) + return 1; /* wait until connect done*/ +#ifndef USE_WINSOCK + if(tcp_connect_errno_needs_log( + (struct sockaddr *)&addr, addrlen)) { + log_err("dnstap io: failed to connect to %s: %s", + dtio->ip_str, strerror(errno)); + } +#else + if(WSAGetLastError() == WSAEINPROGRESS || + WSAGetLastError() == WSAEWOULDBLOCK) + return 1; /* wait until connect done*/ + if(tcp_connect_errno_needs_log( + (struct sockaddr *)&addr, addrlen)) { + log_err("dnstap io: failed to connect to %s: %s", + dtio->ip_str, wsa_strerror(WSAGetLastError())); + } +#endif + dtio_close_fd(dtio); + return 0; + } + return 1; +} + +/** setup the SSL structure for new connection */ +static int dtio_setup_ssl(struct dt_io_thread* dtio) +{ + dtio->ssl = outgoing_ssl_fd(dtio->ssl_ctx, dtio->fd); + if(!dtio->ssl) return 0; + dtio->ssl_handshake_done = 0; + dtio->ssl_brief_read = 0; + + if(!set_auth_name_on_ssl(dtio->ssl, dtio->tls_server_name)) { + return 0; + } + return 1; +} + +/** open the output file descriptor */ +static void dtio_open_output(struct dt_io_thread* dtio) +{ + struct ub_event* ev; + if(dtio->upstream_is_unix) { + if(!dtio_open_output_local(dtio)) { + dtio_reconnect_enable(dtio); + return; + } + } else if(dtio->upstream_is_tcp || dtio->upstream_is_tls) { + if(!dtio_open_output_tcp(dtio)) { + dtio_reconnect_enable(dtio); + return; + } + if(dtio->upstream_is_tls) { + if(!dtio_setup_ssl(dtio)) { + dtio_close_fd(dtio); + dtio_reconnect_enable(dtio); + return; + } + } + } + dtio->check_nb_connect = 1; + + /* the EV_READ is to catch channel close, write to write packets */ + ev = ub_event_new(dtio->event_base, dtio->fd, + UB_EV_READ | UB_EV_WRITE | UB_EV_PERSIST, &dtio_output_cb, + dtio); + if(!ev) { + log_err("dnstap io: out of memory"); + if(dtio->ssl) { +#ifdef HAVE_SSL + SSL_free(dtio->ssl); + dtio->ssl = NULL; +#endif + } + dtio_close_fd(dtio); + dtio_reconnect_enable(dtio); + return; + } + dtio->event = ev; + + /* setup protocol control message to start */ + if(!dtio_control_start_send(dtio)) { + log_err("dnstap io: out of memory"); + ub_event_free(dtio->event); + dtio->event = NULL; + if(dtio->ssl) { +#ifdef HAVE_SSL + SSL_free(dtio->ssl); + dtio->ssl = NULL; +#endif + } + dtio_close_fd(dtio); + dtio_reconnect_enable(dtio); + return; + } +} + +/** perform the setup of the writer thread on the established event_base */ +static void dtio_setup_on_base(struct dt_io_thread* dtio) +{ + dtio_setup_cmd(dtio); + dtio_setup_reconnect(dtio); + dtio_open_output(dtio); + if(!dtio_add_output_event_write(dtio)) + return; +} + +#ifndef THREADS_DISABLED +/** the IO thread function for the DNSTAP IO */ +static void* dnstap_io(void* arg) +{ + struct dt_io_thread* dtio = (struct dt_io_thread*)arg; + time_t secs = 0; + struct timeval now; + log_thread_set(&dtio->threadnum); + + /* setup */ + verbose(VERB_ALGO, "start dnstap io thread"); + dtio_setup_base(dtio, &secs, &now); + dtio_setup_on_base(dtio); + + /* run */ + if(ub_event_base_dispatch(dtio->event_base) < 0) { + log_err("dnstap io: dispatch failed, errno is %s", + strerror(errno)); + } + + /* cleanup */ + verbose(VERB_ALGO, "stop dnstap io thread"); + dtio_desetup(dtio); + return NULL; +} +#endif /* THREADS_DISABLED */ + +int dt_io_thread_start(struct dt_io_thread* dtio, void* event_base_nothr, + int numworkers) +{ + /* set up the thread, can fail */ +#ifndef USE_WINSOCK + if(pipe(dtio->commandpipe) == -1) { + log_err("failed to create pipe: %s", strerror(errno)); + return 0; + } +#else + if(_pipe(dtio->commandpipe, 4096, _O_BINARY) == -1) { + log_err("failed to create _pipe: %s", + wsa_strerror(WSAGetLastError())); + return 0; + } +#endif + + /* start the thread */ + dtio->threadnum = numworkers+1; + dtio->started = 1; +#ifndef THREADS_DISABLED + ub_thread_create(&dtio->tid, dnstap_io, dtio); + (void)event_base_nothr; +#else + dtio->event_base = event_base_nothr; + dtio_setup_on_base(dtio); +#endif + return 1; +} + +void dt_io_thread_stop(struct dt_io_thread* dtio) +{ +#ifndef THREADS_DISABLED + uint8_t cmd = DTIO_COMMAND_STOP; +#endif + if(!dtio) return; + if(!dtio->started) return; + verbose(VERB_ALGO, "dnstap io: send stop cmd"); + +#ifndef THREADS_DISABLED + while(1) { + ssize_t r = write(dtio->commandpipe[1], &cmd, sizeof(cmd)); + if(r == -1) { +#ifndef USE_WINSOCK + if(errno == EINTR || errno == EAGAIN) + continue; + log_err("dnstap io stop: write: %s", strerror(errno)); +#else + if(WSAGetLastError() == WSAEINPROGRESS) + continue; + if(WSAGetLastError() == WSAEWOULDBLOCK) + continue; + log_err("dnstap io stop: write: %s", + wsa_strerror(WSAGetLastError())); +#endif + break; + } + break; + } + dtio->started = 0; +#endif /* THREADS_DISABLED */ + +#ifndef USE_WINSOCK + close(dtio->commandpipe[1]); +#else + _close(dtio->commandpipe[1]); +#endif + dtio->commandpipe[1] = -1; +#ifndef THREADS_DISABLED + ub_thread_join(dtio->tid); +#else + dtio->want_to_exit = 1; + dtio_desetup(dtio); +#endif +} diff --git a/dnstap/dtstream.h b/dnstap/dtstream.h new file mode 100644 index 000000000..4bb027d5b --- /dev/null +++ b/dnstap/dtstream.h @@ -0,0 +1,305 @@ +/* + * dnstap/dtstream.h - Frame Streams thread for unbound DNSTAP + * + * Copyright (c) 2020, NLnet Labs. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +/** + * \file + * + * An implementation of the Frame Streams data transport protocol for + * the Unbound DNSTAP message logging facility. + */ + +#ifndef DTSTREAM_H +#define DTSTREAM_H + +#include "util/locks.h" +struct dt_msg_entry; +struct dt_io_list_item; +struct dt_io_thread; +struct config_file; + +/** + * A message buffer with dnstap messages queued up. It is per-worker. + * It has locks to synchronize. If the buffer is full, a new message + * cannot be added and is discarded. A thread reads the messages and sends + * them. + */ +struct dt_msg_queue { + /** lock of the buffer structure. Hold this lock to add or remove + * entries to the buffer. Release it so that other threads can also + * put messages to log, or a message can be taken out to send away + * by the writer thread. + */ + lock_basic_type lock; + /** the maximum size of the buffer, in bytes */ + size_t maxsize; + /** current size of the buffer, in bytes. data bytes of messages. + * If a new message make it more than maxsize, the buffer is full */ + size_t cursize; + /** list of messages. The messages are added to the back and taken + * out from the front. */ + struct dt_msg_entry* first, *last; + /** reference to the io thread to wakeup */ + struct dt_io_thread* dtio; +}; + +/** + * An entry in the dt_msg_queue. contains one DNSTAP message. + * It is malloced. + */ +struct dt_msg_entry { + /** next in the list. */ + struct dt_msg_entry* next; + /** the buffer with the data to send, an encoded DNSTAP message */ + void* buf; + /** the length to send. */ + size_t len; +}; + +/** + * IO thread that reads from the queues and writes them. + */ +struct dt_io_thread { + /** the thread number for the dtio thread, + * must be first to cast thread arg to int* in checklock code. */ + int threadnum; + /** event base, for event handling */ + void* event_base; + /** list of queues that is registered to get written */ + struct dt_io_list_item* io_list; + /** iterator point in the io_list, to pick from them in a + * round-robin fashion, instead of only from the first when busy. + * if NULL it means start at the start of the list. */ + struct dt_io_list_item* io_list_iter; + /** thread id, of the io thread */ + ub_thread_type tid; + /** if the io processing has started */ + int started; + /** ssl context for the io thread, for tls connections. type SSL_CTX* */ + void* ssl_ctx; + + /** file descriptor that the thread writes to */ + int fd; + /** event structure that the thread uses */ + void* event; + /** the event is added */ + int event_added; + /** event added is a write event */ + int event_added_is_write; + /** check for nonblocking connect errors on fd */ + int check_nb_connect; + /** ssl for current connection, type SSL* */ + void* ssl; + /** true if the handshake for SSL is done, 0 if not */ + int ssl_handshake_done; + /** true if briefly the SSL wants a read event, 0 if not. + * This happens during negotiation, we then do not want to write, + * but wait for a read event. */ + int ssl_brief_read; + + /** the buffer that currently getting written, or NULL if no + * (partial) message written now */ + void* cur_msg; + /** length of the current message */ + size_t cur_msg_len; + /** number of bytes written for the current message */ + size_t cur_msg_done; + /** number of bytes of the length that have been written, + * for the current message length that precedes the frame */ + size_t cur_msg_len_done; + + /** command pipe that stops the pipe if closed. Used to quit + * the program. [0] is read, [1] is written to. */ + int commandpipe[2]; + /** the event to listen to the commandpipe */ + void* command_event; + /** the io thread wants to exit */ + int want_to_exit; + + /** in stop flush, this is nonNULL and references the stop_ev */ + void* stop_flush_event; + + /** the timer event for connection retries */ + void* reconnect_timer; + /** if the reconnect timer is added to the event base */ + int reconnect_is_added; + /** the current reconnection timeout, it is increased with + * exponential backoff, in msec */ + int reconnect_timeout; + + /** If the log server is connected to over unix domain sockets, + * eg. a file is named that is created to log onto. */ + int upstream_is_unix; + /** if the log server is connected to over TCP. The ip address and + * port are used */ + int upstream_is_tcp; + /** if the log server is connected to over TLS. ip address, port, + * and client certificates can be used for authentication. */ + int upstream_is_tls; + + /** the file path for unix socket (or NULL) */ + char* socket_path; + /** the ip address and port number (or NULL) */ + char* ip_str; + /** is the TLS upstream authenticated by name, if nonNULL, + * we use the same cert bundle as used by other TLS streams. */ + char* tls_server_name; + /** are client certificates in use */ + int use_client_certs; + /** client cert files: the .key file */ + char* client_key_file; + /** client cert files: the .pem file */ + char* client_cert_file; +}; + +/** + * IO thread list of queues list item + * lists a worker queue that should be looked at and sent to the log server. + */ +struct dt_io_list_item { + /** next in the list of buffers to inspect */ + struct dt_io_list_item* next; + /** buffer of this worker */ + struct dt_msg_queue* queue; +}; + +/** + * Create new (empty) worker message queue. Limit set to default on max. + * @return NULL on malloc failure or a new queue (not locked). + */ +struct dt_msg_queue* dt_msg_queue_create(void); + +/** + * Delete a worker message queue. It has to be unlinked from access, + * so it can be deleted without lock worries. The queue is emptied (deleted). + * @param mq: message queue. + */ +void dt_msg_queue_delete(struct dt_msg_queue* mq); + +/** + * Submit a message to the queue. The queue is locked by the routine, + * the message is inserted, and then the queue is unlocked so the + * message can be picked up by the writer thread. + * @param mq: message queue. + * @param buf: buffer with message (dnstap contents). + * The buffer must have been malloced by caller. It is linked in + * the queue, and is free()d after use. If the routine fails + * the buffer is freed as well (and nothing happens, the item + * could not be logged). + * @param len: length of buffer. + */ +void dt_msg_queue_submit(struct dt_msg_queue* mq, void* buf, size_t len); + +/** + * Create IO thread. + * @return new io thread object. not yet started. or NULL malloc failure. + */ +struct dt_io_thread* dt_io_thread_create(void); + +/** + * Delete the IO thread structure. + * @param dtio: the io thread that is deleted. It must not be running. + */ +void dt_io_thread_delete(struct dt_io_thread* dtio); + +/** + * Apply config to the dtio thread + * @param dtio: io thread, not yet started. + * @param cfg: config file struct. + * @return false on malloc failure. + */ +int dt_io_thread_apply_cfg(struct dt_io_thread* dtio, + struct config_file *cfg); + +/** + * Register a msg queue to the io thread. It will be polled to see if + * there are messages and those then get removed and sent, when the thread + * is running. + * @param dtio: the io thread. + * @param mq: message queue to register. + * @return false on failure (malloc failure). + */ +int dt_io_thread_register_queue(struct dt_io_thread* dtio, + struct dt_msg_queue* mq); + +/** + * Unregister queue from io thread. + * @param dtio: the io thread. + * @param mq: message queue. + */ +void dt_io_thread_unregister_queue(struct dt_io_thread* dtio, + struct dt_msg_queue* mq); + +/** + * Start the io thread + * @param dtio: the io thread. + * @param event_base_nothr: the event base to attach the events to, in case + * we are running without threads. With threads, this is ignored + * and a thread is started to process the dnstap log messages. + * @param numworkers: number of worker threads. The dnstap io thread is + * that number +1 as the threadnumber (in logs). + * @return false on failure. + */ +int dt_io_thread_start(struct dt_io_thread* dtio, void* event_base_nothr, + int numworkers); + +/** + * Stop the io thread + * @param dtio: the io thread. + */ +void dt_io_thread_stop(struct dt_io_thread* dtio); + +/** callback for the dnstap reconnect, to start reconnecting to output */ +void dtio_reconnect_timeout_cb(int fd, short bits, void* arg); + +/** callback for the dnstap events, to write to the output */ +void dtio_output_cb(int fd, short bits, void* arg); + +/** callback for the dnstap commandpipe, to stop the dnstap IO */ +void dtio_cmd_cb(int fd, short bits, void* arg); + +/** callback for the timer when the thread stops and wants to finish up */ +void dtio_stop_timer_cb(int fd, short bits, void* arg); + +/** callback for the output when the thread stops and wants to finish up */ +void dtio_stop_ev_cb(int fd, short bits, void* arg); + +/** callback for unbound-dnstap-socket */ +void dtio_tap_callback(int fd, short bits, void* arg); + +/** callback for unbound-dnstap-socket */ +void dtio_mainfdcallback(int fd, short bits, void* arg); + +#endif /* DTSTREAM_H */ diff --git a/dnstap/unbound-dnstap-socket.c b/dnstap/unbound-dnstap-socket.c new file mode 100644 index 000000000..f7d713b53 --- /dev/null +++ b/dnstap/unbound-dnstap-socket.c @@ -0,0 +1,1562 @@ +/* + * dnstap/unbound-dnstap-socket.c - debug program that listens for DNSTAP logs. + * + * Copyright (c) 2020, NLnet Labs. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * \file + * + * This program listens on a DNSTAP socket for logged messages. + */ +#include "config.h" +#ifdef HAVE_GETOPT_H +#include +#endif +#include +#include +#include +#include +#include +#ifdef HAVE_SYS_UN_H +#include +#endif +#include +#include +#include +#include "dnstap/dtstream.h" +#include "dnstap/dnstap_fstrm.h" +#include "util/log.h" +#include "util/ub_event.h" +#include "util/net_help.h" +#include "services/listen_dnsport.h" +#include "sldns/sbuffer.h" +#include "sldns/wire2str.h" +#include +#include "dnstap/dnstap.pb-c.h" +#include "util/config_file.h" + +/** listen backlog on TCP connections for dnstap logs */ +#define LISTEN_BACKLOG 16 + +/** usage information for streamtcp */ +static void usage(char* argv[]) +{ + printf("usage: %s [options]\n", argv[0]); + printf(" Listen to dnstap messages\n"); + printf("stdout has dnstap log, stderr has verbose server log\n"); + printf("-u listen to unix socket with this file name\n"); + printf("-s listen for TCP on the IP and port\n"); + printf("-t listen for TLS on IP and port\n"); + printf("-x server key file for TLS service\n"); + printf("-y server cert file for TLS service\n"); + printf("-z cert file to verify client connections\n"); + printf("-l long format for DNS printout\n"); + printf("-v more verbose log output\n"); + printf("-h this help text\n"); + exit(1); +} + +/** long format option, for multiline printout per message */ +static int longformat = 0; + +struct tap_socket_list; +struct tap_socket; +/** main tap callback data */ +struct main_tap_data { + /** the event base (to loopexit) */ + struct ub_event_base* base; + /** the list of accept sockets */ + struct tap_socket_list* acceptlist; +}; + +/** tap callback variables */ +struct tap_data { + /** the fd */ + int fd; + /** the ub event */ + struct ub_event* ev; + /** the SSL for TLS streams */ + SSL* ssl; + /** is the ssl handshake done */ + int ssl_handshake_done; + /** we are briefly waiting to write (in the struct event) */ + int ssl_brief_write; + /** string that identifies the socket (or NULL), like IP address */ + char* id; + /** have we read the length, and how many bytes of it */ + int len_done; + /** have we read the data, and how many bytes of it */ + size_t data_done; + /** are we reading a control frame */ + int control_frame; + /** are we bi-directional (if false, uni-directional) */ + int is_bidirectional; + /** data of the frame */ + uint8_t* frame; + /** length of this frame */ + size_t len; +}; + +/** list of sockets */ +struct tap_socket_list { + /** next in list */ + struct tap_socket_list* next; + /** the socket */ + struct tap_socket* s; +}; + +/** tap socket */ +struct tap_socket { + /** fd of socket */ + int fd; + /** the event for it */ + struct ub_event *ev; + /** has the event been added */ + int ev_added; + /** the callback, for the event, ev_cb(fd, bits, arg) */ + void (*ev_cb)(int, short, void*); + /** data element, (arg for the tap_socket struct) */ + void* data; + /** socketpath, if this is an AF_LOCAL socket */ + char* socketpath; + /** IP, if this is a TCP socket */ + char* ip; + /** for a TLS socket, the tls context */ + SSL_CTX* sslctx; +}; + +/** del the tap event */ +static void tap_socket_delev(struct tap_socket* s) +{ + if(!s) return; + if(!s->ev) return; + if(!s->ev_added) return; + ub_event_del(s->ev); + s->ev_added = 0; +} + +/** close the tap socket */ +static void tap_socket_close(struct tap_socket* s) +{ + if(!s) return; + if(s->fd == -1) return; + close(s->fd); + s->fd = -1; +} + +/** delete tap socket */ +static void tap_socket_delete(struct tap_socket* s) +{ + if(!s) return; +#ifdef HAVE_SSL + SSL_CTX_free(s->sslctx); +#endif + ub_event_free(s->ev); + free(s->socketpath); + free(s->ip); + free(s); +} + +/** create new socket (unconnected, not base-added), or NULL malloc fail */ +static struct tap_socket* tap_socket_new_local(char* socketpath, + void (*ev_cb)(int, short, void*), void* data) +{ + struct tap_socket* s = calloc(1, sizeof(*s)); + if(!s) { + log_err("malloc failure"); + return NULL; + } + s->socketpath = strdup(socketpath); + if(!s->socketpath) { + free(s); + log_err("malloc failure"); + return NULL; + } + s->fd = -1; + s->ev_cb = ev_cb; + s->data = data; + return s; +} + +/** create new socket (unconnected, not base-added), or NULL malloc fail */ +static struct tap_socket* tap_socket_new_tcpaccept(char* ip, + void (*ev_cb)(int, short, void*), void* data) +{ + struct tap_socket* s = calloc(1, sizeof(*s)); + if(!s) { + log_err("malloc failure"); + return NULL; + } + s->ip = strdup(ip); + if(!s->ip) { + free(s); + log_err("malloc failure"); + return NULL; + } + s->fd = -1; + s->ev_cb = ev_cb; + s->data = data; + return s; +} + +/** create new socket (unconnected, not base-added), or NULL malloc fail */ +static struct tap_socket* tap_socket_new_tlsaccept(char* ip, + void (*ev_cb)(int, short, void*), void* data, char* server_key, + char* server_cert, char* verifypem) +{ + struct tap_socket* s = calloc(1, sizeof(*s)); + if(!s) { + log_err("malloc failure"); + return NULL; + } + s->ip = strdup(ip); + if(!s->ip) { + free(s); + log_err("malloc failure"); + return NULL; + } + s->fd = -1; + s->ev_cb = ev_cb; + s->data = data; + s->sslctx = listen_sslctx_create(server_key, server_cert, verifypem); + if(!s->sslctx) { + log_err("could not create ssl context"); + free(s->ip); + free(s); + return NULL; + } + return s; +} + +/** setup tcp accept socket on IP string */ +static int make_tcp_accept(char* ip) +{ +#ifdef SO_REUSEADDR + int on = 1; +#endif + struct sockaddr_storage addr; + socklen_t len; + int s; + + memset(&addr, 0, sizeof(addr)); + len = (socklen_t)sizeof(addr); + if(!extstrtoaddr(ip, &addr, &len)) { + log_err("could not parse IP '%s'", ip); + return -1; + } + + if((s = socket(addr.ss_family, SOCK_STREAM, 0)) == -1) { +#ifndef USE_WINSOCK + log_err("can't create socket: %s", strerror(errno)); +#else + log_err("can't create socket: %s", + wsa_strerror(WSAGetLastError())); +#endif + return -1; + } +#ifdef SO_REUSEADDR + if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void*)&on, + (socklen_t)sizeof(on)) < 0) { +#ifndef USE_WINSOCK + log_err("setsockopt(.. SO_REUSEADDR ..) failed: %s", + strerror(errno)); + close(s); +#else + log_err("setsockopt(.. SO_REUSEADDR ..) failed: %s", + wsa_strerror(WSAGetLastError())); + closesocket(s); +#endif + return -1; + } +#endif /* SO_REUSEADDR */ + if(bind(s, (struct sockaddr*)&addr, len) != 0) { +#ifndef USE_WINSOCK + log_err_addr("can't bind socket", strerror(errno), + &addr, len); + close(s); +#else + log_err_addr("can't bind socket", + wsa_strerror(WSAGetLastError()), &addr, len); + closesocket(s); +#endif + return -1; + } + if(!fd_set_nonblock(s)) { +#ifndef USE_WINSOCK + close(s); +#else + closesocket(s); +#endif + return -1; + } + if(listen(s, LISTEN_BACKLOG) == -1) { +#ifndef USE_WINSOCK + log_err("can't listen: %s", strerror(errno)); + close(s); +#else + log_err("can't listen: %s", wsa_strerror(WSAGetLastError())); + closesocket(s); +#endif + return -1; + } + return s; +} + +/** setup socket on event base */ +static int tap_socket_setup(struct tap_socket* s, struct ub_event_base* base) +{ + if(s->socketpath) { + /* AF_LOCAL accept socket */ + s->fd = create_local_accept_sock(s->socketpath, NULL, 0); + if(s->fd == -1) { + log_err("could not create local socket"); + return 0; + } + } else if(s->ip || s->sslctx) { + /* TCP accept socket */ + s->fd = make_tcp_accept(s->ip); + if(s->fd == -1) { + log_err("could not create tcp socket"); + return 0; + } + } + s->ev = ub_event_new(base, s->fd, UB_EV_READ | UB_EV_PERSIST, + s->ev_cb, s); + if(!s->ev) { + log_err("could not ub_event_new"); + return 0; + } + if(ub_event_add(s->ev, NULL) != 0) { + log_err("could not ub_event_add"); + return 0; + } + s->ev_added = 1; + return 1; +} + +/** add tap socket to list */ +static int tap_socket_list_insert(struct tap_socket_list** liststart, + struct tap_socket* s) +{ + struct tap_socket_list* entry = (struct tap_socket_list*) + malloc(sizeof(*entry)); + if(!entry) + return 0; + entry->next = *liststart; + entry->s = s; + *liststart = entry; + return 1; +} + +/** delete the list */ +static void tap_socket_list_delete(struct tap_socket_list* list) +{ + struct tap_socket_list* e = list, *next; + while(e) { + next = e->next; + tap_socket_delev(e->s); + tap_socket_close(e->s); + tap_socket_delete(e->s); + free(e); + e = next; + } +} + +/** setup accept events */ +static int tap_socket_list_addevs(struct tap_socket_list* list, + struct ub_event_base* base) +{ + struct tap_socket_list* entry; + for(entry = list; entry; entry = entry->next) { + if(!tap_socket_setup(entry->s, base)) { + log_err("could not setup socket"); + return 0; + } + } + return 1; +} + +/** log control frame contents */ +static void log_control_frame(uint8_t* pkt, size_t len) +{ + char* desc; + if(verbosity == 0) return; + desc = fstrm_describe_control(pkt, len); + if(!desc) { + log_err("out of memory"); + return; + } + log_info("control frame %s", desc); + free(desc); +} + +/** convert mtype to string */ +static const char* mtype_to_str(enum _Dnstap__Message__Type mtype) +{ + switch(mtype) { + case DNSTAP__MESSAGE__TYPE__AUTH_QUERY: + return "AUTH_QUERY"; + case DNSTAP__MESSAGE__TYPE__AUTH_RESPONSE: + return "AUTH_RESPONSE"; + case DNSTAP__MESSAGE__TYPE__RESOLVER_QUERY: + return "RESOLVER_QUERY"; + case DNSTAP__MESSAGE__TYPE__RESOLVER_RESPONSE: + return "RESOLVER_RESPONSE"; + case DNSTAP__MESSAGE__TYPE__CLIENT_QUERY: + return "CLIENT_QUERY"; + case DNSTAP__MESSAGE__TYPE__CLIENT_RESPONSE: + return "CLIENT_RESPONSE"; + case DNSTAP__MESSAGE__TYPE__FORWARDER_QUERY: + return "FORWARDER_QUERY"; + case DNSTAP__MESSAGE__TYPE__FORWARDER_RESPONSE: + return "FORWARDER_RESPONSE"; + case DNSTAP__MESSAGE__TYPE__STUB_QUERY: + return "STUB_QUERY"; + case DNSTAP__MESSAGE__TYPE__STUB_RESPONSE: + return "STUB_RESPONSE"; + default: break; + } + return "unknown_message_type"; +} + +/** convert type address to a string ip4 or ip6, malloced or NULL on fail */ +static char* str_of_addr(ProtobufCBinaryData address) +{ + char buf[64]; + socklen_t len = sizeof(buf); + if(address.len == 4) { + if(inet_ntop(AF_INET, address.data, buf, len)!=0) + return strdup(buf); + } else if(address.len == 16) { + if(inet_ntop(AF_INET6, address.data, buf, len)!=0) + return strdup(buf); + } + return NULL; +} + +/** convert message buffer (of dns bytes) to the first qname, type, class, + * malloced or NULL on fail */ +static char* q_of_msg(ProtobufCBinaryData message) +{ + char buf[300]; + /* header, name, type, class minimum to get the query tuple */ + if(message.len < 12 + 1 + 4 + 4) return NULL; + if(sldns_wire2str_rrquestion_buf(message.data+12, message.len-12, + buf, sizeof(buf)) != 0) { + /* remove trailing newline, tabs to spaces */ + /* remove the newline: */ + if(buf[0] != 0) buf[strlen(buf)-1]=0; + /* remove first tab (before type) */ + if(strrchr(buf, '\t')) *strrchr(buf, '\t')=' '; + /* remove second tab (before class) */ + if(strrchr(buf, '\t')) *strrchr(buf, '\t')=' '; + return strdup(buf); + } + return NULL; +} + +/** convert possible string or hex data to string. malloced or NULL */ +static char* possible_str(ProtobufCBinaryData str) +{ + int is_str = 1; + size_t i; + for(i=0; i>4]; + res[i*2+1] = hex[str.data[i]&0x0f]; + } + res[str.len*2] = 0; + return res; + } + } + return NULL; +} + +/** convert timeval to string, malloced or NULL */ +static char* tv_to_str(protobuf_c_boolean has_time_sec, uint64_t time_sec, + protobuf_c_boolean has_time_nsec, uint32_t time_nsec) +{ + char buf[64], buf2[256]; + struct timeval tv; + time_t time_t_sec; + memset(&tv, 0, sizeof(tv)); + if(has_time_sec) tv.tv_sec = time_sec; + if(has_time_nsec) tv.tv_usec = time_nsec; + + buf[0]=0; + time_t_sec = tv.tv_sec; + (void)ctime_r(&time_t_sec, buf); + snprintf(buf2, sizeof(buf2), "%u.%9.9u %s", + (unsigned)time_sec, (unsigned)time_nsec, buf); + return strdup(buf2); +} + +/** log data frame contents */ +static void log_data_frame(uint8_t* pkt, size_t len) +{ + Dnstap__Dnstap* d = dnstap__dnstap__unpack(NULL, len, pkt); + const char* mtype = NULL; + char* maddr=NULL, *qinf=NULL; + if(!d) { + log_err("could not unpack"); + return; + } + if(d->base.descriptor != &dnstap__dnstap__descriptor) { + log_err("wrong base descriptor"); + dnstap__dnstap__free_unpacked(d, NULL); + return; + } + if(d->type != DNSTAP__DNSTAP__TYPE__MESSAGE) { + log_err("dnstap type not type_message"); + dnstap__dnstap__free_unpacked(d, NULL); + return; + } + if(d->message) { + mtype = mtype_to_str(d->message->type); + if(d->message->has_query_address) + maddr = str_of_addr(d->message->query_address); + else if(d->message->has_response_address) + maddr = str_of_addr(d->message->response_address); + if(d->message->has_query_message) + qinf = q_of_msg(d->message->query_message); + else if(d->message->has_response_message) + qinf = q_of_msg(d->message->response_message); + + } else { + mtype = "nomessage"; + } + + printf("%s%s%s%s%s\n", mtype, (maddr?" ":""), (maddr?maddr:""), + (qinf?" ":""), (qinf?qinf:"")); + free(maddr); + free(qinf); + + if(longformat) { + char* id=NULL, *vs=NULL; + if(d->has_identity) { + id=possible_str(d->identity); + } + if(d->has_version) { + vs=possible_str(d->version); + } + if(id || vs) + printf("identity: %s%s%s\n", (id?id:""), + (id&&vs?" ":""), (vs?vs:"")); + free(id); + free(vs); + + if(d->message && d->message->has_query_message && + d->message->query_message.data) { + char* qmsg = sldns_wire2str_pkt( + d->message->query_message.data, + d->message->query_message.len); + if(qmsg) { + printf("query_message:\n%s", qmsg); + free(qmsg); + } + } + if(d->message && d->message->has_query_time_sec) { + char* qtv = tv_to_str(d->message->has_query_time_sec, + d->message->query_time_sec, + d->message->has_query_time_nsec, + d->message->query_time_nsec); + if(qtv) { + printf("query_time: %s\n", qtv); + free(qtv); + } + } + if(d->message && d->message->has_response_message && + d->message->response_message.data) { + char* rmsg = sldns_wire2str_pkt( + d->message->response_message.data, + d->message->response_message.len); + if(rmsg) { + printf("response_message:\n%s", rmsg); + free(rmsg); + } + } + if(d->message && d->message->has_response_time_sec) { + char* rtv = tv_to_str(d->message->has_response_time_sec, + d->message->response_time_sec, + d->message->has_response_time_nsec, + d->message->response_time_nsec); + if(rtv) { + printf("response_time: %s\n", rtv); + free(rtv); + } + } + } + fflush(stdout); + dnstap__dnstap__free_unpacked(d, NULL); +} + +/** receive bytes from fd, prints errors if bad, + * returns 0: closed/error, -1: continue, >0 number of bytes */ +static ssize_t receive_bytes(struct tap_data* data, int fd, void* buf, + size_t len) +{ + ssize_t ret = recv(fd, buf, len, 0); + if(ret == 0) { + /* closed */ + if(verbosity) log_info("dnstap client stream closed from %s", + (data->id?data->id:"")); + return 0; + } else if(ret == -1) { + /* error */ +#ifndef USE_WINSOCK + if(errno == EINTR || errno == EAGAIN) + return -1; + log_err("could not recv: %s", strerror(errno)); +#else /* USE_WINSOCK */ + if(WSAGetLastError() == WSAEINPROGRESS) + return -1; + if(WSAGetLastError() == WSAEWOULDBLOCK) { + ub_winsock_tcp_wouldblock(data->ev, UB_EV_READ); + return -1; + } + log_err("could not recv: %s", + wsa_strerror(WSAGetLastError())); +#endif + if(verbosity) log_info("dnstap client stream closed from %s", + (data->id?data->id:"")); + return 0; + } + return ret; +} + +/* define routine for have_ssl only to avoid unused function warning */ +#ifdef HAVE_SSL +/** set to wait briefly for a write event, for one event call */ +static void tap_enable_brief_write(struct tap_data* data) +{ + ub_event_del(data->ev); + ub_event_del_bits(data->ev, UB_EV_READ); + ub_event_add_bits(data->ev, UB_EV_WRITE); + if(ub_event_add(data->ev, NULL) != 0) + log_err("could not ub_event_add in tap_enable_brief_write"); + data->ssl_brief_write = 1; +} +#endif /* HAVE_SSL */ + +/* define routine for have_ssl only to avoid unused function warning */ +#ifdef HAVE_SSL +/** stop the brief wait for a write event. back to reading. */ +static void tap_disable_brief_write(struct tap_data* data) +{ + ub_event_del(data->ev); + ub_event_del_bits(data->ev, UB_EV_WRITE); + ub_event_add_bits(data->ev, UB_EV_READ); + if(ub_event_add(data->ev, NULL) != 0) + log_err("could not ub_event_add in tap_disable_brief_write"); + data->ssl_brief_write = 0; +} +#endif /* HAVE_SSL */ + +#ifdef HAVE_SSL +/** receive bytes over ssl stream, prints errors if bad, + * returns 0: closed/error, -1: continue, >0 number of bytes */ +static ssize_t ssl_read_bytes(struct tap_data* data, void* buf, size_t len) +{ + int r; + ERR_clear_error(); + r = SSL_read(data->ssl, buf, len); + if(r <= 0) { + int want = SSL_get_error(data->ssl, r); + if(want == SSL_ERROR_ZERO_RETURN) { + /* closed */ + if(verbosity) log_info("dnstap client stream closed from %s", + (data->id?data->id:"")); + return 0; + } else if(want == SSL_ERROR_WANT_READ) { + /* continue later */ + return -1; + } else if(want == SSL_ERROR_WANT_WRITE) { + /* set to briefly write */ + tap_enable_brief_write(data); + return -1; + } else if(want == SSL_ERROR_SYSCALL) { +#ifdef ECONNRESET + if(errno == ECONNRESET && verbosity < 2) + return 0; /* silence reset by peer */ +#endif + if(errno != 0) + log_err("SSL_read syscall: %s", + strerror(errno)); + if(verbosity) log_info("dnstap client stream closed from %s", + (data->id?data->id:"")); + return 0; + } + log_crypto_err("could not SSL_read"); + if(verbosity) log_info("dnstap client stream closed from %s", + (data->id?data->id:"")); + return 0; + } + return r; +} +#endif /* HAVE_SSL */ + +/** receive bytes on the tap connection, prints errors if bad, + * returns 0: closed/error, -1: continue, >0 number of bytes */ +static ssize_t tap_receive(struct tap_data* data, void* buf, size_t len) +{ +#ifdef HAVE_SSL + if(data->ssl) + return ssl_read_bytes(data, buf, len); +#endif + return receive_bytes(data, data->fd, buf, len); +} + +/** delete the tap structure */ +void tap_data_free(struct tap_data* data) +{ + ub_event_del(data->ev); + ub_event_free(data->ev); +#ifdef HAVE_SSL + SSL_free(data->ssl); +#endif + close(data->fd); + free(data->id); + free(data->frame); + free(data); +} + +/** reply with ACCEPT control frame to bidirectional client, + * returns 0 on error */ +static int reply_with_accept(int fd) +{ + /* len includes the escape and framelength */ + size_t len = 0; + void* acceptframe = fstrm_create_control_frame_accept( + DNSTAP_CONTENT_TYPE, &len); + if(!acceptframe) { + log_err("out of memory"); + return 0; + } + + fd_set_block(fd); + if(send(fd, acceptframe, len, 0) == -1) { +#ifndef USE_WINSOCK + log_err("send failed: %s", strerror(errno)); +#else + log_err("send failed: %s", wsa_strerror(WSAGetLastError())); +#endif + fd_set_nonblock(fd); + free(acceptframe); + return 0; + } + if(verbosity) log_info("sent control frame(accept) content-type:(%s)", + DNSTAP_CONTENT_TYPE); + + fd_set_nonblock(fd); + free(acceptframe); + return 1; +} + +/** reply with FINISH control frame to bidirectional client, + * returns 0 on error */ +static int reply_with_finish(int fd) +{ + size_t len = 0; + void* finishframe = fstrm_create_control_frame_finish(&len); + if(!finishframe) { + log_err("out of memory"); + return 0; + } + + fd_set_block(fd); + if(send(fd, finishframe, len, 0) == -1) { +#ifndef USE_WINSOCK + log_err("send failed: %s", strerror(errno)); +#else + log_err("send failed: %s", wsa_strerror(WSAGetLastError())); +#endif + fd_set_nonblock(fd); + free(finishframe); + return 0; + } + if(verbosity) log_info("sent control frame(finish)"); + + fd_set_nonblock(fd); + free(finishframe); + return 1; +} + +#ifdef HAVE_SSL +/** check SSL peer certificate, return 0 on fail */ +static int tap_check_peer(struct tap_data* data) +{ + if((SSL_get_verify_mode(data->ssl)&SSL_VERIFY_PEER)) { + /* verification */ + if(SSL_get_verify_result(data->ssl) == X509_V_OK) { + X509* x = SSL_get_peer_certificate(data->ssl); + if(!x) { + if(verbosity) log_info("SSL connection %s" + " failed no certificate", data->id); + return 0; + } + if(verbosity) + log_cert(VERB_ALGO, "peer certificate", x); +#ifdef HAVE_SSL_GET0_PEERNAME + if(SSL_get0_peername(data->ssl)) { + if(verbosity) log_info("SSL connection %s " + "to %s authenticated", data->id, + SSL_get0_peername(data->ssl)); + } else { +#endif + if(verbosity) log_info("SSL connection %s " + "authenticated", data->id); +#ifdef HAVE_SSL_GET0_PEERNAME + } +#endif + X509_free(x); + } else { + X509* x = SSL_get_peer_certificate(data->ssl); + if(x) { + if(verbosity) + log_cert(VERB_ALGO, "peer certificate", x); + X509_free(x); + } + if(verbosity) log_info("SSL connection %s failed: " + "failed to authenticate", data->id); + return 0; + } + } else { + /* unauthenticated, the verify peer flag was not set + * in ssl when the ssl object was created from ssl_ctx */ + if(verbosity) log_info("SSL connection %s", data->id); + } + return 1; +} +#endif /* HAVE_SSL */ + +#ifdef HAVE_SSL +/** perform SSL handshake, return 0 to wait for events, 1 if done */ +static int tap_handshake(struct tap_data* data) +{ + int r; + if(data->ssl_brief_write) { + /* write condition has been satisfied, back to reading */ + tap_disable_brief_write(data); + } + if(data->ssl_handshake_done) + return 1; + + ERR_clear_error(); + r = SSL_do_handshake(data->ssl); + if(r != 1) { + int want = SSL_get_error(data->ssl, r); + if(want == SSL_ERROR_WANT_READ) { + return 0; + } else if(want == SSL_ERROR_WANT_WRITE) { + tap_enable_brief_write(data); + return 0; + } else if(r == 0) { + /* closed */ + tap_data_free(data); + return 0; + } else if(want == SSL_ERROR_SYSCALL) { + /* SYSCALL and errno==0 means closed uncleanly */ + int silent = 0; +#ifdef EPIPE + if(errno == EPIPE && verbosity < 2) + silent = 1; /* silence 'broken pipe' */ +#endif +#ifdef ECONNRESET + if(errno == ECONNRESET && verbosity < 2) + silent = 1; /* silence reset by peer */ +#endif + if(errno == 0) + silent = 1; + if(!silent) + log_err("SSL_handshake syscall: %s", + strerror(errno)); + tap_data_free(data); + return 0; + } else { + unsigned long err = ERR_get_error(); + if(!squelch_err_ssl_handshake(err)) { + log_crypto_err_code("ssl handshake failed", + err); + verbose(VERB_OPS, "ssl handshake failed " + "from %s", data->id); + } + tap_data_free(data); + return 0; + } + } + /* check peer verification */ + data->ssl_handshake_done = 1; + if(!tap_check_peer(data)) { + /* closed */ + tap_data_free(data); + return 0; + } + return 1; +} +#endif /* HAVE_SSL */ + +/** callback for dnstap listener */ +void dtio_tap_callback(int fd, short ATTR_UNUSED(bits), void* arg) +{ + struct tap_data* data = (struct tap_data*)arg; + if(verbosity>=3) log_info("tap callback"); +#ifdef HAVE_SSL + if(data->ssl && (!data->ssl_handshake_done || + data->ssl_brief_write)) { + if(!tap_handshake(data)) + return; + } +#endif + while(data->len_done < 4) { + uint32_t l = (uint32_t)data->len; + ssize_t ret = tap_receive(data, + ((uint8_t*)&l)+data->len_done, 4-data->len_done); + if(verbosity>=4) log_info("s recv %d", (int)ret); + if(ret == 0) { + /* closed or error */ + tap_data_free(data); + return; + } else if(ret == -1) { + /* continue later */ + return; + } + data->len_done += ret; + data->len = (size_t)l; + if(data->len_done < 4) + return; /* continue later */ + data->len = (size_t)(ntohl(l)); + if(verbosity>=3) log_info("length is %d", (int)data->len); + if(data->len == 0) { + /* it is a control frame */ + data->control_frame = 1; + /* read controlframelen */ + data->len_done = 0; + } else { + /* allocate frame size */ + data->frame = calloc(1, data->len); + if(!data->frame) { + log_err("out of memory"); + tap_data_free(data); + return; + } + } + } + + /* we want to read the full length now */ + if(data->data_done < data->len) { + ssize_t r = tap_receive(data, data->frame + data->data_done, + data->len - data->data_done); + if(verbosity>=4) log_info("f recv %d", (int)r); + if(r == 0) { + /* closed or error */ + tap_data_free(data); + return; + } else if(r == -1) { + /* continue later */ + return; + } + data->data_done += r; + if(data->data_done < data->len) + return; /* continue later */ + } + + /* we are done with a frame */ + if(verbosity>=3) log_info("received %sframe len %d", + (data->control_frame?"control ":""), (int)data->len); + if(data->control_frame) + log_control_frame(data->frame, data->len); + else log_data_frame(data->frame, data->len); + + if(data->len >= 4 && sldns_read_uint32(data->frame) == + FSTRM_CONTROL_FRAME_READY) { + data->is_bidirectional = 1; + if(verbosity) log_info("bidirectional stream"); + if(!reply_with_accept(fd)) { + tap_data_free(data); + } + } else if(data->len >= 4 && sldns_read_uint32(data->frame) == + FSTRM_CONTROL_FRAME_STOP && data->is_bidirectional) { + if(!reply_with_finish(fd)) { + tap_data_free(data); + return; + } + } + + /* prepare for next frame */ + free(data->frame); + data->frame = NULL; + data->control_frame = 0; + data->len = 0; + data->len_done = 0; + data->data_done = 0; + +} + +/** callback for main listening file descriptor */ +void dtio_mainfdcallback(int fd, short ATTR_UNUSED(bits), void* arg) +{ + struct tap_socket* tap_sock = (struct tap_socket*)arg; + struct main_tap_data* maindata = (struct main_tap_data*) + tap_sock->data; + struct tap_data* data; + char* id = NULL; + struct sockaddr_storage addr; + socklen_t addrlen = (socklen_t)sizeof(addr); + int s = accept(fd, (struct sockaddr*)&addr, &addrlen); + if(s == -1) { +#ifndef USE_WINSOCK + /* EINTR is signal interrupt. others are closed connection. */ + if( errno == EINTR || errno == EAGAIN +#ifdef EWOULDBLOCK + || errno == EWOULDBLOCK +#endif +#ifdef ECONNABORTED + || errno == ECONNABORTED +#endif +#ifdef EPROTO + || errno == EPROTO +#endif /* EPROTO */ + ) + return; + log_err_addr("accept failed", strerror(errno), &addr, addrlen); +#else /* USE_WINSOCK */ + if(WSAGetLastError() == WSAEINPROGRESS || + WSAGetLastError() == WSAECONNRESET) + return; + if(WSAGetLastError() == WSAEWOULDBLOCK) { + ub_winsock_tcp_wouldblock(maindata->ev, UB_EV_READ); + return; + } + log_err_addr("accept failed", wsa_strerror(WSAGetLastError()), + &addr, addrlen); +#endif + return; + } + fd_set_nonblock(s); + if(verbosity) { + if(addr.ss_family == AF_LOCAL) { +#ifdef HAVE_SYS_UN_H + struct sockaddr_un* usock = calloc(1, sizeof(struct sockaddr_un) + 1); + if(usock) { + socklen_t ulen = sizeof(struct sockaddr_un); + if(getsockname(fd, (struct sockaddr*)usock, &ulen) != -1) { + log_info("accepted new dnstap client from %s", usock->sun_path); + id = strdup(usock->sun_path); + } else { + log_info("accepted new dnstap client"); + } + free(usock); + } else { + log_info("accepted new dnstap client"); + } +#endif /* HAVE_SYS_UN_H */ + } else if(addr.ss_family == AF_INET || + addr.ss_family == AF_INET6) { + char ip[256]; + addr_to_str(&addr, addrlen, ip, sizeof(ip)); + log_info("accepted new dnstap client from %s", ip); + id = strdup(ip); + } else { + log_info("accepted new dnstap client"); + } + } + + data = calloc(1, sizeof(*data)); + if(!data) fatal_exit("out of memory"); + data->fd = s; + data->id = id; + if(tap_sock->sslctx) { + data->ssl = incoming_ssl_fd(tap_sock->sslctx, data->fd); + if(!data->ssl) fatal_exit("could not SSL_new"); + } + data->ev = ub_event_new(maindata->base, s, UB_EV_READ | UB_EV_PERSIST, + &dtio_tap_callback, data); + if(!data->ev) fatal_exit("could not ub_event_new"); + if(ub_event_add(data->ev, NULL) != 0) fatal_exit("could not ub_event_add"); +} + +/** setup local accept sockets */ +static void setup_local_list(struct main_tap_data* maindata, + struct config_strlist_head* local_list) +{ + struct config_strlist* item; + for(item = local_list->first; item; item = item->next) { + struct tap_socket* s; + s = tap_socket_new_local(item->str, &dtio_mainfdcallback, + maindata); + if(!s) fatal_exit("out of memory"); + if(!tap_socket_list_insert(&maindata->acceptlist, s)) + fatal_exit("out of memory"); + } +} + +/** setup tcp accept sockets */ +static void setup_tcp_list(struct main_tap_data* maindata, + struct config_strlist_head* tcp_list) +{ + struct config_strlist* item; + for(item = tcp_list->first; item; item = item->next) { + struct tap_socket* s; + s = tap_socket_new_tcpaccept(item->str, &dtio_mainfdcallback, + maindata); + if(!s) fatal_exit("out of memory"); + if(!tap_socket_list_insert(&maindata->acceptlist, s)) + fatal_exit("out of memory"); + } +} + +/** setup tls accept sockets */ +static void setup_tls_list(struct main_tap_data* maindata, + struct config_strlist_head* tls_list, char* server_key, + char* server_cert, char* verifypem) +{ + struct config_strlist* item; + for(item = tls_list->first; item; item = item->next) { + struct tap_socket* s; + s = tap_socket_new_tlsaccept(item->str, &dtio_mainfdcallback, + maindata, server_key, server_cert, verifypem); + if(!s) fatal_exit("out of memory"); + if(!tap_socket_list_insert(&maindata->acceptlist, s)) + fatal_exit("out of memory"); + } +} + +/** signal variable */ +static struct ub_event_base* sig_base = NULL; +/** do we have to quit */ +int sig_quit = 0; +/** signal handler for user quit */ +static RETSIGTYPE main_sigh(int sig) +{ + verbose(VERB_ALGO, "exit on signal %d\n", sig); + if(sig_base) + ub_event_base_loopexit(sig_base); + sig_quit = 1; +} + +/** setup and run the server to listen to DNSTAP messages */ +static void +setup_and_run(struct config_strlist_head* local_list, + struct config_strlist_head* tcp_list, + struct config_strlist_head* tls_list, char* server_key, + char* server_cert, char* verifypem) +{ + time_t secs = 0; + struct timeval now; + struct main_tap_data* maindata; + struct ub_event_base* base; + const char *evnm="event", *evsys="", *evmethod=""; + + maindata = calloc(1, sizeof(*maindata)); + if(!maindata) fatal_exit("out of memory"); + memset(&now, 0, sizeof(now)); + base = ub_default_event_base(1, &secs, &now); + if(!base) fatal_exit("could not create ub_event base"); + maindata->base = base; + sig_base = base; + if(sig_quit) { + ub_event_base_free(base); + free(maindata); + return; + } + ub_get_event_sys(base, &evnm, &evsys, &evmethod); + if(verbosity) log_info("%s %s uses %s method", evnm, evsys, evmethod); + + setup_local_list(maindata, local_list); + setup_tcp_list(maindata, tcp_list); + setup_tls_list(maindata, tls_list, server_key, server_cert, + verifypem); + if(!tap_socket_list_addevs(maindata->acceptlist, base)) + fatal_exit("could not setup accept events"); + if(verbosity) log_info("start of service"); + + ub_event_base_dispatch(base); + + if(verbosity) log_info("end of service"); + sig_base = NULL; + tap_socket_list_delete(maindata->acceptlist); + ub_event_base_free(base); + free(maindata); +} + +/** getopt global, in case header files fail to declare it. */ +extern int optind; +/** getopt global, in case header files fail to declare it. */ +extern char* optarg; + +/** main program for streamtcp */ +int main(int argc, char** argv) +{ + int c; + int usessl = 0; + struct config_strlist_head local_list; + struct config_strlist_head tcp_list; + struct config_strlist_head tls_list; + char* server_key = NULL, *server_cert = NULL, *verifypem = NULL; +#ifdef USE_WINSOCK + WSADATA wsa_data; + if(WSAStartup(MAKEWORD(2,2), &wsa_data) != 0) { + printf("WSAStartup failed\n"); + return 1; + } +#endif + if(signal(SIGINT, main_sigh) == SIG_ERR || +#ifdef SIGQUIT + signal(SIGQUIT, main_sigh) == SIG_ERR || +#endif +#ifdef SIGHUP + signal(SIGHUP, main_sigh) == SIG_ERR || +#endif +#ifdef SIGBREAK + signal(SIGBREAK, main_sigh) == SIG_ERR || +#endif + signal(SIGTERM, main_sigh) == SIG_ERR) + fatal_exit("could not bind to signal"); + memset(&local_list, 0, sizeof(local_list)); + memset(&tcp_list, 0, sizeof(tcp_list)); + memset(&tls_list, 0, sizeof(tls_list)); + + /* lock debug start (if any) */ + log_ident_set("unbound-dnstap-socket"); + log_init(0, 0, 0); + checklock_start(); + +#ifdef SIGPIPE + if(signal(SIGPIPE, SIG_IGN) == SIG_ERR) { + perror("could not install signal handler for SIGPIPE"); + return 1; + } +#endif + + /* command line options */ + while( (c=getopt(argc, argv, "hls:t:u:vx:y:z:")) != -1) { + switch(c) { + case 'u': + if(!cfg_strlist_append(&local_list, + strdup(optarg))) + fatal_exit("out of memory"); + break; + case 's': + if(!cfg_strlist_append(&tcp_list, + strdup(optarg))) + fatal_exit("out of memory"); + break; + case 't': + if(!cfg_strlist_append(&tls_list, + strdup(optarg))) + fatal_exit("out of memory"); + usessl = 1; + break; + case 'x': + server_key = optarg; + usessl = 1; + break; + case 'y': + server_cert = optarg; + usessl = 1; + break; + case 'z': + verifypem = optarg; + usessl = 1; + break; + case 'l': + longformat = 1; + break; + case 'v': + verbosity++; + break; + case 'h': + case '?': + default: + usage(argv); + } + } + argc -= optind; + argv += optind; + + if(usessl) { +#ifdef HAVE_SSL +#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL) + ERR_load_SSL_strings(); +#endif +#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO) +# ifndef S_SPLINT_S + OpenSSL_add_all_algorithms(); +# endif +#else + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS + | OPENSSL_INIT_ADD_ALL_DIGESTS + | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); +#endif +#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL) + (void)SSL_library_init(); +#else + (void)OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); +#endif +#endif /* HAVE_SSL */ + } + setup_and_run(&local_list, &tcp_list, &tls_list, server_key, + server_cert, verifypem); + config_delstrlist(local_list.first); + config_delstrlist(tcp_list.first); + config_delstrlist(tls_list.first); + + checklock_stop(); +#ifdef USE_WINSOCK + WSACleanup(); +#endif + return 0; +} + +/***--- definitions to make fptr_wlist work. ---***/ +/* These are callbacks, similar to smallapp callbacks, except the debug + * tool callbacks are not in it */ +struct tube; +struct query_info; +#include "util/data/packed_rrset.h" + +void worker_handle_control_cmd(struct tube* ATTR_UNUSED(tube), + uint8_t* ATTR_UNUSED(buffer), size_t ATTR_UNUSED(len), + int ATTR_UNUSED(error), void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} + +int worker_handle_request(struct comm_point* ATTR_UNUSED(c), + void* ATTR_UNUSED(arg), int ATTR_UNUSED(error), + struct comm_reply* ATTR_UNUSED(repinfo)) +{ + log_assert(0); + return 0; +} + +int worker_handle_reply(struct comm_point* ATTR_UNUSED(c), + void* ATTR_UNUSED(arg), int ATTR_UNUSED(error), + struct comm_reply* ATTR_UNUSED(reply_info)) +{ + log_assert(0); + return 0; +} + +int worker_handle_service_reply(struct comm_point* ATTR_UNUSED(c), + void* ATTR_UNUSED(arg), int ATTR_UNUSED(error), + struct comm_reply* ATTR_UNUSED(reply_info)) +{ + log_assert(0); + return 0; +} + +int remote_accept_callback(struct comm_point* ATTR_UNUSED(c), + void* ATTR_UNUSED(arg), int ATTR_UNUSED(error), + struct comm_reply* ATTR_UNUSED(repinfo)) +{ + log_assert(0); + return 0; +} + +int remote_control_callback(struct comm_point* ATTR_UNUSED(c), + void* ATTR_UNUSED(arg), int ATTR_UNUSED(error), + struct comm_reply* ATTR_UNUSED(repinfo)) +{ + log_assert(0); + return 0; +} + +void worker_sighandler(int ATTR_UNUSED(sig), void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} + +struct outbound_entry* worker_send_query( + struct query_info* ATTR_UNUSED(qinfo), uint16_t ATTR_UNUSED(flags), + int ATTR_UNUSED(dnssec), int ATTR_UNUSED(want_dnssec), + int ATTR_UNUSED(nocaps), struct sockaddr_storage* ATTR_UNUSED(addr), + socklen_t ATTR_UNUSED(addrlen), uint8_t* ATTR_UNUSED(zone), + size_t ATTR_UNUSED(zonelen), int ATTR_UNUSED(ssl_upstream), + char* ATTR_UNUSED(tls_auth_name), struct module_qstate* ATTR_UNUSED(q)) +{ + log_assert(0); + return 0; +} + +#ifdef UB_ON_WINDOWS +void +worker_win_stop_cb(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev), void* + ATTR_UNUSED(arg)) { + log_assert(0); +} + +void +wsvc_cron_cb(void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} +#endif /* UB_ON_WINDOWS */ + +void +worker_alloc_cleanup(void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} + +struct outbound_entry* libworker_send_query( + struct query_info* ATTR_UNUSED(qinfo), uint16_t ATTR_UNUSED(flags), + int ATTR_UNUSED(dnssec), int ATTR_UNUSED(want_dnssec), + int ATTR_UNUSED(nocaps), struct sockaddr_storage* ATTR_UNUSED(addr), + socklen_t ATTR_UNUSED(addrlen), uint8_t* ATTR_UNUSED(zone), + size_t ATTR_UNUSED(zonelen), int ATTR_UNUSED(ssl_upstream), + char* ATTR_UNUSED(tls_auth_name), struct module_qstate* ATTR_UNUSED(q)) +{ + log_assert(0); + return 0; +} + +int libworker_handle_reply(struct comm_point* ATTR_UNUSED(c), + void* ATTR_UNUSED(arg), int ATTR_UNUSED(error), + struct comm_reply* ATTR_UNUSED(reply_info)) +{ + log_assert(0); + return 0; +} + +int libworker_handle_service_reply(struct comm_point* ATTR_UNUSED(c), + void* ATTR_UNUSED(arg), int ATTR_UNUSED(error), + struct comm_reply* ATTR_UNUSED(reply_info)) +{ + log_assert(0); + return 0; +} + +void libworker_handle_control_cmd(struct tube* ATTR_UNUSED(tube), + uint8_t* ATTR_UNUSED(buffer), size_t ATTR_UNUSED(len), + int ATTR_UNUSED(error), void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} + +void libworker_fg_done_cb(void* ATTR_UNUSED(arg), int ATTR_UNUSED(rcode), + struct sldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s), + char* ATTR_UNUSED(why_bogus), int ATTR_UNUSED(was_ratelimited)) +{ + log_assert(0); +} + +void libworker_bg_done_cb(void* ATTR_UNUSED(arg), int ATTR_UNUSED(rcode), + struct sldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s), + char* ATTR_UNUSED(why_bogus), int ATTR_UNUSED(was_ratelimited)) +{ + log_assert(0); +} + +void libworker_event_done_cb(void* ATTR_UNUSED(arg), int ATTR_UNUSED(rcode), + struct sldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s), + char* ATTR_UNUSED(why_bogus), int ATTR_UNUSED(was_ratelimited)) +{ + log_assert(0); +} + +int context_query_cmp(const void* ATTR_UNUSED(a), const void* ATTR_UNUSED(b)) +{ + log_assert(0); + return 0; +} + +void worker_stat_timer_cb(void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} + +void worker_probe_timer_cb(void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} + +void worker_start_accept(void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} + +void worker_stop_accept(void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} + +/** keep track of lock id in lock-verify application */ +struct order_id { + /** the thread id that created it */ + int thr; + /** the instance number of creation */ + int instance; +}; + +int order_lock_cmp(const void* e1, const void* e2) +{ + const struct order_id* o1 = e1; + const struct order_id* o2 = e2; + if(o1->thr < o2->thr) return -1; + if(o1->thr > o2->thr) return 1; + if(o1->instance < o2->instance) return -1; + if(o1->instance > o2->instance) return 1; + return 0; +} + +int +codeline_cmp(const void* a, const void* b) +{ + return strcmp(a, b); +} + +int replay_var_compare(const void* ATTR_UNUSED(a), const void* ATTR_UNUSED(b)) +{ + log_assert(0); + return 0; +} + +void remote_get_opt_ssl(char* ATTR_UNUSED(str), void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} diff --git a/doc/example.conf.in b/doc/example.conf.in index 30a767d62..dbc30a48c 100644 --- a/doc/example.conf.in +++ b/doc/example.conf.in @@ -1019,6 +1019,38 @@ remote-control: # name-v6: "list-v6" # +# Dnstap logging support, if compiled in. To enable, set the dnstap-enable +# to yes and also some of dnstap-log-..-messages to yes. And select an +# upstream log destination, by socket path, TCP or TLS destination. +# dnstap: +# dnstap-enable: no +# dnstap-socket-path: "@DNSTAP_SOCKET_PATH@" +# # if "" use the unix socket in dnstap-socket-path, otherwise, +# # set it to "IPaddress[@port]" of the destination. +# dnstap-ip: "" +# # if set to yes if you want to use TLS to dnstap-ip, no for TCP. +# dnstap-tls: yes +# # name for authenticating the upstream server. or "" disabled. +# dnstap-tls-server-name: "" +# # if "", it uses the cert bundle from the main unbound config. +# dnstap-tls-cert-bundle: "" +# # key file for client authentication, or "" disabled. +# dnstap-tls-client-key-file: "" +# # cert file for client authentication, or "" disabled. +# dnstap-tls-client-cert-file: "" +# dnstap-send-identity: no +# dnstap-send-version: no +# # if "" it uses the hostname. +# dnstap-identity: "" +# # if "" it uses the package version. +# dnstap-version: "" +# dnstap-log-resolver-query-messages: no +# dnstap-log-resolver-response-messages: no +# dnstap-log-client-query-messages: no +# dnstap-log-client-response-messages: no +# dnstap-log-forwarder-query-messages: no +# dnstap-log-forwarder-response-messages: no + # Response Policy Zones # RPZ policies. Applied in order of configuration. QNAME and Response IP # Address trigger are the only supported triggers. Supported actions are: diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in index 541a93688..43159666d 100644 --- a/doc/unbound.conf.5.in +++ b/doc/unbound.conf.5.in @@ -2121,6 +2121,82 @@ If this timeout expires Unbound closes the connection, treats it as if the Redis server does not have the requested data, and will try to re-establish a new connection later. This option defaults to 100 milliseconds. +.SS DNSTAP Logging Options +DNSTAP support, when compiled in, is enabled in the \fBdnstap:\fR section. +This starts an extra thread (when compiled with threading) that writes +the log information to the destination. If unbound is compiled without +threading it does not spawn a thread, but connects per-process to the +destination. +.TP +.B dnstap-enable: \fI +If dnstap is enabled. Default no. If yes, it connects to the dnstap server +and if any of the dnstap-log-..-messages options is enabled it sends logs +for those messages to the server. +.TP +.B dnstap-socket-path: \fI +Sets the unix socket file name for connecting to the server that is +listening on that socket. Default is "@DNSTAP_SOCKET_PATH@". +.TP +.B dnstap-ip: \fI +If "", the unix socket is used, if set with an IP address (IPv4 or IPv6) +that address is used to connect to the server. +.TP +.B dnstap-tls: \fI +Set this to use TLS to connect to the server specified in \fBdnstap-ip\fR. +The default is yes. If set to no, TCP is used to connect to the server. +.TP +.B dnstap-tls-server-name: \fI +The TLS server name to authenticate the server with. Used when \fBdnstap-tls\fR is enabled. If "" it is ignored, default "". +.TP +.B dnstap-tls-cert-bundle: \fI +The pem file with certs to verify the TLS server certificate. If "" the +server default cert bundle is used, or the windows cert bundle on windows. +Default is "". +.TP +.B dnstap-tls-client-key-file: \fI +The client key file for TLS client authentication. If "" client +authentication is not used. Default is "". +.TP +.B dnstap-tls-client-cert-file: \fI +The client cert file for TLS client authentication. Default is "". +.TP +.B dnstap-send-identity: \fI +If enabled, the server identity is included in the log messages. +Default is no. +.TP +.B dnstap-send-version: \fI +If enabled, the server version if included in the log messages. +Default is no. +.TP +.B dnstap-identity: \fI +The identity to send with messages, if "" the hostname is used. +Default is "". +.TP +.B dnstap-version: \fI +The version to send with messages, if "" the package version is used. +Default is "". +.TP +.B dnstap-log-resolver-query-messages: \fI +Enable to log resolver query messages. Default is no. +These are messages from unbound to upstream servers. +.TP +.B dnstap-log-resolver-response-messages: \fI +Enable to log resolver response messages. Default is no. +These are replies from upstream servers to unbound. +.TP +.B dnstap-log-client-query-messages: \fI +Enable to log client query messages. Default is no. +These are client queries to unbound. +.TP +.B dnstap-log-client-response-messages: \fI +Enable to log client response messages. Default is no. +These are responses from unbound to clients. +.TP +.B dnstap-log-forwarder-query-messages: \fI +Enable to log forwarder query messages. Default is no. +.TP +.B dnstap-log-forwarder-response-messages: \fI +Enable to log forwarder response messages. Default is no. .SS Response Policy Zone Options .LP Response Policy Zones are configured with \fBrpz:\fR, and each one must have a diff --git a/libunbound/libworker.c b/libunbound/libworker.c index 6cb97ff1f..0ed778903 100644 --- a/libunbound/libworker.c +++ b/libunbound/libworker.c @@ -1047,3 +1047,19 @@ wsvc_cron_cb(void* ATTR_UNUSED(arg)) log_assert(0); } #endif /* UB_ON_WINDOWS */ + +#ifdef USE_DNSTAP +void dtio_tap_callback(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev), + void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} +#endif + +#ifdef USE_DNSTAP +void dtio_mainfdcallback(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev), + void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} +#endif diff --git a/services/outside_network.c b/services/outside_network.c index d3ebe04f6..4df00ca7a 100644 --- a/services/outside_network.c +++ b/services/outside_network.c @@ -373,47 +373,15 @@ outnet_tcp_take_into_use(struct waiting_tcp* w, uint8_t* pkt, size_t pkt_len) comm_point_tcp_win_bio_cb(pend->c, pend->c->ssl); #endif pend->c->ssl_shake_state = comm_ssl_shake_write; - if(w->tls_auth_name) { + if(!set_auth_name_on_ssl(pend->c->ssl, w->tls_auth_name)) { + pend->c->fd = s; #ifdef HAVE_SSL - (void)SSL_set_tlsext_host_name(pend->c->ssl, w->tls_auth_name); + SSL_free(pend->c->ssl); #endif + pend->c->ssl = NULL; + comm_point_close(pend->c); + return 0; } -#ifdef HAVE_SSL_SET1_HOST - if(w->tls_auth_name) { - SSL_set_verify(pend->c->ssl, SSL_VERIFY_PEER, NULL); - /* setting the hostname makes openssl verify the - * host name in the x509 certificate in the - * SSL connection*/ - if(!SSL_set1_host(pend->c->ssl, w->tls_auth_name)) { - log_err("SSL_set1_host failed"); - pend->c->fd = s; - SSL_free(pend->c->ssl); - pend->c->ssl = NULL; - comm_point_close(pend->c); - return 0; - } - } -#elif defined(HAVE_X509_VERIFY_PARAM_SET1_HOST) - /* openssl 1.0.2 has this function that can be used for - * set1_host like verification */ - if(w->tls_auth_name) { - X509_VERIFY_PARAM* param = SSL_get0_param(pend->c->ssl); -# ifdef X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS - X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); -# endif - if(!X509_VERIFY_PARAM_set1_host(param, w->tls_auth_name, strlen(w->tls_auth_name))) { - log_err("X509_VERIFY_PARAM_set1_host failed"); - pend->c->fd = s; - SSL_free(pend->c->ssl); - pend->c->ssl = NULL; - comm_point_close(pend->c); - return 0; - } - SSL_set_verify(pend->c->ssl, SSL_VERIFY_PEER, NULL); - } -#else - verbose(VERB_ALGO, "the query has an auth_name, but libssl has no call to perform TLS authentication"); -#endif /* HAVE_SSL_SET1_HOST */ } w->pkt = NULL; w->next_waiting = (void*)pend; diff --git a/smallapp/worker_cb.c b/smallapp/worker_cb.c index 6c3bd0049..78d921a3c 100644 --- a/smallapp/worker_cb.c +++ b/smallapp/worker_cb.c @@ -248,3 +248,19 @@ void remote_get_opt_ssl(char* ATTR_UNUSED(str), void* ATTR_UNUSED(arg)) { log_assert(0); } + +#ifdef USE_DNSTAP +void dtio_tap_callback(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev), + void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} +#endif + +#ifdef USE_DNSTAP +void dtio_mainfdcallback(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev), + void* ATTR_UNUSED(arg)) +{ + log_assert(0); +} +#endif diff --git a/testcode/testbound.c b/testcode/testbound.c index 4405231c0..602dffaff 100644 --- a/testcode/testbound.c +++ b/testcode/testbound.c @@ -577,3 +577,13 @@ void wsvc_cron_cb(void* ATTR_UNUSED(arg)) } #endif /* UB_ON_WINDOWS */ +int tcp_connect_errno_needs_log(struct sockaddr* ATTR_UNUSED(addr), + socklen_t ATTR_UNUSED(addrlen)) +{ + return 1; +} + +int squelch_err_ssl_handshake(unsigned long ATTR_UNUSED(err)) +{ + return 0; +} diff --git a/testdata/dnstap.tdir/dnstap.conf b/testdata/dnstap.tdir/dnstap.conf new file mode 100644 index 000000000..5e8dfaefb --- /dev/null +++ b/testdata/dnstap.tdir/dnstap.conf @@ -0,0 +1,40 @@ +server: + verbosity: 2 + num-threads: 3 + outgoing-range: 16 + interface: 127.0.0.1 + port: @PORT@ + use-syslog: no + directory: "" + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + local-zone: "example.net." redirect + local-data: "example.net. IN A 10.20.30.41" +remote-control: + control-enable: yes + control-interface: 127.0.0.1 + # control-interface: ::1 + control-port: @CONTROL_PORT@ + server-key-file: "unbound_server.key" + server-cert-file: "unbound_server.pem" + control-key-file: "unbound_control.key" + control-cert-file: "unbound_control.pem" +forward-zone: + name: "." + forward-addr: "127.0.0.1@@TOPORT@" +dnstap: + dnstap-enable: yes + dnstap-socket-path: "dnstap.socket" + dnstap-send-identity: yes + dnstap-send-version: yes + #dnstap-identity + #dnstap-version + dnstap-log-resolver-query-messages: yes + dnstap-log-resolver-response-messages: yes + dnstap-log-client-query-messages: yes + dnstap-log-client-response-messages: yes + dnstap-log-forwarder-query-messages: yes + dnstap-log-forwarder-response-messages: yes + diff --git a/testdata/dnstap.tdir/dnstap.dsc b/testdata/dnstap.tdir/dnstap.dsc new file mode 100644 index 000000000..92a67ef2e --- /dev/null +++ b/testdata/dnstap.tdir/dnstap.dsc @@ -0,0 +1,16 @@ +BaseName: dnstap +Version: 1.0 +Description: test dnstap socket communication +CreationDate: Tue Jan 21 13:00:38 CET 2020 +Maintainer: dr. W.C.A. Wijngaards +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: dnstap.pre +Post: dnstap.post +Test: dnstap.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/dnstap.tdir/dnstap.post b/testdata/dnstap.tdir/dnstap.post new file mode 100644 index 000000000..6744b4b61 --- /dev/null +++ b/testdata/dnstap.tdir/dnstap.post @@ -0,0 +1,16 @@ +# #-- dnstap.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +kill_pid $DNSTAP_SOCKET_PID +kill_pid $FWD_PID +kill $UNBOUND_PID +kill $UNBOUND_PID >/dev/null 2>&1 +cat unbound.log +exit 0 diff --git a/testdata/dnstap.tdir/dnstap.pre b/testdata/dnstap.tdir/dnstap.pre new file mode 100644 index 000000000..95216949c --- /dev/null +++ b/testdata/dnstap.tdir/dnstap.pre @@ -0,0 +1,55 @@ +# #-- dnstap.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh + +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +get_random_port 3 +UNBOUND_PORT=$RND_PORT +FWD_PORT=$(($RND_PORT + 1)) +CONTROL_PORT=$(($RND_PORT + 2)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test +echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test + +# start forwarder +get_ldns_testns +$LDNS_TESTNS -p $FWD_PORT dnstap.testns >fwd.log 2>&1 & +FWD_PID=$! +echo "FWD_PID=$FWD_PID" >> .tpkg.var.test + +# start the dnstap log server +# the -vvvv flag prints protocol and connection information from the +# unbound-dnstap-socket server. +# the -l flag prints the DNS info in the DNSTAP packet in multiline output. +# stderr is the '-vvvv' server logs and errors. +# stdout is the one-line packet logs (or with -l, multiline). +$PRE/unbound-dnstap-socket -u dnstap.socket -l -vvvv 2>tap.errlog >tap.log & +if test $? -ne 0; then + echo "could not start unbound-dnstap-socket server" + exit 1 +fi +DNSTAP_SOCKET_PID=$! +echo "DNSTAP_SOCKET_PID=$DNSTAP_SOCKET_PID" >> .tpkg.var.test +# wait for the server to go up and make the dnstap.socket file +wait_server_up "tap.errlog" "creating unix socket" +if test ! -S dnstap.socket; then + echo "the dnstap.socket file does not exist!" +fi + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' < dnstap.conf > ub.conf +# start unbound in the background +$PRE/unbound -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_ldns_testns_up fwd.log +wait_unbound_up unbound.log + diff --git a/testdata/dnstap.tdir/dnstap.test b/testdata/dnstap.tdir/dnstap.test new file mode 100644 index 000000000..04db17b27 --- /dev/null +++ b/testdata/dnstap.tdir/dnstap.test @@ -0,0 +1,86 @@ +# #-- dnstap.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +# test if the server is up. +echo "> dig www.example.com." +dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile +echo "> check answer" +if grep "10.20.30.40" outfile; then + echo "OK" +else + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "> check tap.log for dnstap info" +# see if it logged the information in tap.log +# wait for a moment for filesystem to catch up. +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 10; fi +if grep "www.example.com" tap.log; then echo "yes it is in tap.log"; +else + echo "information not in tap.log" + echo "failed" + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "> make 10 queries to spread them over threads" +dig @127.0.0.1 -p $UNBOUND_PORT q1.example.net. +dig @127.0.0.1 -p $UNBOUND_PORT q2.example.net. +dig @127.0.0.1 -p $UNBOUND_PORT q3.example.net. +dig @127.0.0.1 -p $UNBOUND_PORT q4.example.net. +dig @127.0.0.1 -p $UNBOUND_PORT q5.example.net. +dig @127.0.0.1 -p $UNBOUND_PORT q6.example.net. +dig @127.0.0.1 -p $UNBOUND_PORT q7.example.net. +dig @127.0.0.1 -p $UNBOUND_PORT q8.example.net. +dig @127.0.0.1 -p $UNBOUND_PORT q9.example.net. +dig @127.0.0.1 -p $UNBOUND_PORT q10.example.net. +for x in q1 q2 q3 q4 5 q6 q7 q8 q9 q10; do + if grep "$x.example.net" tap.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap.log >/dev/null; then :; else sleep 10; fi + if grep "$x.example.net" tap.log; then echo "yes it is in tap.log"; + else + echo "$x.example.net. information not in tap.log" + echo "failed" + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 + fi +done + +echo "> cat logfiles" +cat tap.log +cat tap.errlog +cat fwd.log +echo "> OK" +exit 0 diff --git a/testdata/dnstap.tdir/dnstap.testns b/testdata/dnstap.tdir/dnstap.testns new file mode 100644 index 000000000..0c911ca5b --- /dev/null +++ b/testdata/dnstap.tdir/dnstap.testns @@ -0,0 +1,22 @@ +; nameserver test file +$ORIGIN example.com. +$TTL 3600 + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +www IN A +SECTION ANSWER +www IN A 10.20.30.40 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA SERVFAIL +ADJUST copy_id +SECTION QUESTION +www.example.net. IN A +ENTRY_END + diff --git a/testdata/dnstap.tdir/unbound_control.key b/testdata/dnstap.tdir/unbound_control.key new file mode 100644 index 000000000..d7c43a06b --- /dev/null +++ b/testdata/dnstap.tdir/unbound_control.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa +rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH +ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB +AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z +WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG +DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr +4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m +Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr +p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg +P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+ +aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe +YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9 +DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE= +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap.tdir/unbound_control.pem b/testdata/dnstap.tdir/unbound_control.pem new file mode 100644 index 000000000..8f1ba87f1 --- /dev/null +++ b/testdata/dnstap.tdir/unbound_control.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE +AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD +6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3 +qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US +J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB +BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B +9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC +iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq +-----END CERTIFICATE----- diff --git a/testdata/dnstap.tdir/unbound_server.key b/testdata/dnstap.tdir/unbound_server.key new file mode 100644 index 000000000..4256c421d --- /dev/null +++ b/testdata/dnstap.tdir/unbound_server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA +3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s +RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB +AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS +6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds +sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi +XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3 +fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL +CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP +0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2 +oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l +In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S +LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg== +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap.tdir/unbound_server.pem b/testdata/dnstap.tdir/unbound_server.pem new file mode 100644 index 000000000..aeda3ff11 --- /dev/null +++ b/testdata/dnstap.tdir/unbound_server.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE +AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS +y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/ +/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu +g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ +9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG +l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH +Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg== +-----END CERTIFICATE----- diff --git a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.conf b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.conf new file mode 100644 index 000000000..07febae5a --- /dev/null +++ b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.conf @@ -0,0 +1,40 @@ +server: + verbosity: 2 + num-threads: 1 + outgoing-range: 16 + interface: 127.0.0.1 + port: @PORT@ + use-syslog: no + directory: "" + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + local-zone: "example.net." redirect + local-data: "example.net. IN A 10.20.30.41" +remote-control: + control-enable: yes + control-interface: 127.0.0.1 + # control-interface: ::1 + control-port: @CONTROL_PORT@ + server-key-file: "unbound_server.key" + server-cert-file: "unbound_server.pem" + control-key-file: "unbound_control.key" + control-cert-file: "unbound_control.pem" +forward-zone: + name: "." + forward-addr: "127.0.0.1@@TOPORT@" +dnstap: + dnstap-enable: yes + dnstap-socket-path: "dnstap.socket" + dnstap-send-identity: yes + dnstap-send-version: yes + #dnstap-identity + #dnstap-version + dnstap-log-resolver-query-messages: yes + dnstap-log-resolver-response-messages: yes + dnstap-log-client-query-messages: yes + dnstap-log-client-response-messages: yes + dnstap-log-forwarder-query-messages: yes + dnstap-log-forwarder-response-messages: yes + diff --git a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.dsc b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.dsc new file mode 100644 index 000000000..c6b128006 --- /dev/null +++ b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.dsc @@ -0,0 +1,16 @@ +BaseName: dnstap_reconnect +Version: 1.0 +Description: test dnstap reconnect +CreationDate: Tue Jan 21 13:00:38 CET 2020 +Maintainer: dr. W.C.A. Wijngaards +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: dnstap_reconnect.pre +Post: dnstap_reconnect.post +Test: dnstap_reconnect.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.post b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.post new file mode 100644 index 000000000..8474b3a02 --- /dev/null +++ b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.post @@ -0,0 +1,16 @@ +# #-- dnstap_reconnect.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +kill_pid $DNSTAP_SOCKET_PID +kill_pid $FWD_PID +kill $UNBOUND_PID +kill $UNBOUND_PID >/dev/null 2>&1 +cat unbound.log +exit 0 diff --git a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.pre b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.pre new file mode 100644 index 000000000..a1aba4f35 --- /dev/null +++ b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.pre @@ -0,0 +1,55 @@ +# #-- dnstap_reconnect.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh + +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +get_random_port 3 +UNBOUND_PORT=$RND_PORT +FWD_PORT=$(($RND_PORT + 1)) +CONTROL_PORT=$(($RND_PORT + 2)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test +echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test + +# start forwarder +get_ldns_testns +$LDNS_TESTNS -p $FWD_PORT dnstap_reconnect.testns >fwd.log 2>&1 & +FWD_PID=$! +echo "FWD_PID=$FWD_PID" >> .tpkg.var.test + +# start the dnstap log server +# the -vvvv flag prints protocol and connection information from the +# unbound-dnstap-socket server. +# the -l flag prints the DNS info in the DNSTAP packet in multiline output. +# stderr is the '-vvvv' server logs and errors. +# stdout is the one-line packet logs (or with -l, multiline). +$PRE/unbound-dnstap-socket -u dnstap.socket -l -vvvv 2>tap.errlog >tap.log & +if test $? -ne 0; then + echo "could not start unbound-dnstap-socket server" + exit 1 +fi +DNSTAP_SOCKET_PID=$! +echo "DNSTAP_SOCKET_PID=$DNSTAP_SOCKET_PID" >> .tpkg.var.test +# wait for the server to go up and make the dnstap.socket file +wait_server_up "tap.errlog" "creating unix socket" +if test ! -S dnstap.socket; then + echo "the dnstap.socket file does not exist!" +fi + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' < dnstap_reconnect.conf > ub.conf +# start unbound in the background +$PRE/unbound -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_ldns_testns_up fwd.log +wait_unbound_up unbound.log + diff --git a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.test b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.test new file mode 100644 index 000000000..94679bc66 --- /dev/null +++ b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.test @@ -0,0 +1,98 @@ +# #-- dnstap_reconnect.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +# test if the server is up. +echo "> dig www.example.com." +dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile +echo "> check answer" +if grep "10.20.30.40" outfile; then + echo "OK" +else + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "> check tap.log for dnstap info" +# see if it logged the information in tap.log +# wait for a moment for filesystem to catch up. +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 10; fi +if grep "www.example.com" tap.log; then echo "yes it is in tap.log"; +else + echo "information not in tap.log" + echo "failed" + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "" +echo "> test disconnect from the upstream server" + +kill_pid $DNSTAP_SOCKET_PID +dig @127.0.0.1 -p $UNBOUND_PORT down.example.net. + +# bring log socket back up +$PRE/unbound-dnstap-socket -u dnstap.socket -l -vvvv 2>tap2.errlog >tap2.log & +if test $? -ne 0; then + echo "could not start (again) unbound-dnstap-socket server" + exit 1 +fi +DNSTAP_SOCKET_PID=$! +echo "DNSTAP_SOCKET_PID=$DNSTAP_SOCKET_PID" >> .tpkg.var.test +# wait for the server to go up and make the dnstap.socket file +wait_server_up "tap2.errlog" "creating unix socket" + +dig @127.0.0.1 -p $UNBOUND_PORT up.example.net. +sleep 2 +dig @127.0.0.1 -p $UNBOUND_PORT up2.example.net. + +for x in down up up2; do + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 10; fi + if grep "$x.example.net" tap2.log; then echo "yes it is in tap2.log"; + else + echo "$x.example.net. information not in tap2.log" + echo "failed" + echo "> cat logfiles" + cat tap.log + cat tap.errlog + echo "> tap2 logfiles" + cat tap2.log + cat tap2.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 + fi +done + +echo "> cat logfiles" +cat tap.log +cat tap.errlog +echo "> tap2 logfiles" +cat tap2.log +cat tap2.errlog +cat fwd.log +echo "> OK" +exit 0 diff --git a/testdata/dnstap_reconnect.tdir/dnstap_reconnect.testns b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.testns new file mode 100644 index 000000000..0c911ca5b --- /dev/null +++ b/testdata/dnstap_reconnect.tdir/dnstap_reconnect.testns @@ -0,0 +1,22 @@ +; nameserver test file +$ORIGIN example.com. +$TTL 3600 + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +www IN A +SECTION ANSWER +www IN A 10.20.30.40 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA SERVFAIL +ADJUST copy_id +SECTION QUESTION +www.example.net. IN A +ENTRY_END + diff --git a/testdata/dnstap_reconnect.tdir/unbound_control.key b/testdata/dnstap_reconnect.tdir/unbound_control.key new file mode 100644 index 000000000..d7c43a06b --- /dev/null +++ b/testdata/dnstap_reconnect.tdir/unbound_control.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa +rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH +ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB +AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z +WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG +DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr +4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m +Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr +p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg +P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+ +aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe +YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9 +DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE= +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_reconnect.tdir/unbound_control.pem b/testdata/dnstap_reconnect.tdir/unbound_control.pem new file mode 100644 index 000000000..8f1ba87f1 --- /dev/null +++ b/testdata/dnstap_reconnect.tdir/unbound_control.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE +AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD +6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3 +qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US +J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB +BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B +9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC +iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq +-----END CERTIFICATE----- diff --git a/testdata/dnstap_reconnect.tdir/unbound_server.key b/testdata/dnstap_reconnect.tdir/unbound_server.key new file mode 100644 index 000000000..4256c421d --- /dev/null +++ b/testdata/dnstap_reconnect.tdir/unbound_server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA +3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s +RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB +AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS +6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds +sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi +XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3 +fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL +CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP +0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2 +oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l +In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S +LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg== +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_reconnect.tdir/unbound_server.pem b/testdata/dnstap_reconnect.tdir/unbound_server.pem new file mode 100644 index 000000000..aeda3ff11 --- /dev/null +++ b/testdata/dnstap_reconnect.tdir/unbound_server.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE +AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS +y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/ +/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu +g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ +9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG +l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH +Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg== +-----END CERTIFICATE----- diff --git a/testdata/dnstap_tcp.tdir/dnstap_tcp.conf b/testdata/dnstap_tcp.tdir/dnstap_tcp.conf new file mode 100644 index 000000000..3506ab56a --- /dev/null +++ b/testdata/dnstap_tcp.tdir/dnstap_tcp.conf @@ -0,0 +1,42 @@ +server: + verbosity: 2 + num-threads: 1 + outgoing-range: 16 + interface: 127.0.0.1 + port: @PORT@ + use-syslog: no + directory: "" + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + local-zone: "example.net." redirect + local-data: "example.net. IN A 10.20.30.41" +remote-control: + control-enable: yes + control-interface: 127.0.0.1 + # control-interface: ::1 + control-port: @CONTROL_PORT@ + server-key-file: "unbound_server.key" + server-cert-file: "unbound_server.pem" + control-key-file: "unbound_control.key" + control-cert-file: "unbound_control.pem" +forward-zone: + name: "." + forward-addr: "127.0.0.1@@TOPORT@" +dnstap: + dnstap-enable: yes + dnstap-socket-path: "dnstap.socket" + dnstap-ip: "127.0.0.1@@TAPPORT@" + dnstap-tls: no + dnstap-send-identity: yes + dnstap-send-version: yes + #dnstap-identity + #dnstap-version + dnstap-log-resolver-query-messages: yes + dnstap-log-resolver-response-messages: yes + dnstap-log-client-query-messages: yes + dnstap-log-client-response-messages: yes + dnstap-log-forwarder-query-messages: yes + dnstap-log-forwarder-response-messages: yes + diff --git a/testdata/dnstap_tcp.tdir/dnstap_tcp.dsc b/testdata/dnstap_tcp.tdir/dnstap_tcp.dsc new file mode 100644 index 000000000..de4ad82da --- /dev/null +++ b/testdata/dnstap_tcp.tdir/dnstap_tcp.dsc @@ -0,0 +1,16 @@ +BaseName: dnstap_tcp +Version: 1.0 +Description: test dnstap tcp and reconnect +CreationDate: Tue Feb 14 14:00:38 CET 2020 +Maintainer: dr. W.C.A. Wijngaards +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: dnstap_tcp.pre +Post: dnstap_tcp.post +Test: dnstap_tcp.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/dnstap_tcp.tdir/dnstap_tcp.post b/testdata/dnstap_tcp.tdir/dnstap_tcp.post new file mode 100644 index 000000000..8aad21e19 --- /dev/null +++ b/testdata/dnstap_tcp.tdir/dnstap_tcp.post @@ -0,0 +1,23 @@ +# #-- dnstap_tcp.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +kill_pid $DNSTAP_SOCKET_PID +kill_pid $FWD_PID +kill $UNBOUND_PID +kill $UNBOUND_PID >/dev/null 2>&1 +cat unbound.log +echo "> tap logfiles" +cat tap.log +cat tap.errlog +echo "> tap2 logfiles" +if test -f tap2.log; then cat tap2.log; fi +if test -f tap2.errlog; then cat tap2.errlog; fi +cat fwd.log +exit 0 diff --git a/testdata/dnstap_tcp.tdir/dnstap_tcp.pre b/testdata/dnstap_tcp.tdir/dnstap_tcp.pre new file mode 100644 index 000000000..3006603c5 --- /dev/null +++ b/testdata/dnstap_tcp.tdir/dnstap_tcp.pre @@ -0,0 +1,54 @@ +# #-- dnstap_tcp.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh + +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +get_random_port 4 +UNBOUND_PORT=$RND_PORT +FWD_PORT=$(($RND_PORT + 1)) +CONTROL_PORT=$(($RND_PORT + 2)) +TAP_PORT=$(($RND_PORT + 3)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test +echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test +echo "TAP_PORT=$TAP_PORT" >> .tpkg.var.test + +# start forwarder +get_ldns_testns +$LDNS_TESTNS -p $FWD_PORT dnstap_tcp.testns >fwd.log 2>&1 & +FWD_PID=$! +echo "FWD_PID=$FWD_PID" >> .tpkg.var.test + +# start the dnstap log server +# the -vvvv flag prints protocol and connection information from the +# unbound-dnstap-socket server. +# the -l flag prints the DNS info in the DNSTAP packet in multiline output. +# stderr is the '-vvvv' server logs and errors. +# stdout is the one-line packet logs (or with -l, multiline). +$PRE/unbound-dnstap-socket -s "127.0.0.1@$TAP_PORT" -l -vvvv 2>tap.errlog >tap.log & +if test $? -ne 0; then + echo "could not start unbound-dnstap-socket server" + exit 1 +fi +DNSTAP_SOCKET_PID=$! +echo "DNSTAP_SOCKET_PID=$DNSTAP_SOCKET_PID" >> .tpkg.var.test +# wait for the server to go up +wait_server_up "tap.errlog" "start of service" + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' -e 's/@TAPPORT\@/'$TAP_PORT'/' < dnstap_tcp.conf > ub.conf +# start unbound in the background +$PRE/unbound -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_ldns_testns_up fwd.log +wait_unbound_up unbound.log + diff --git a/testdata/dnstap_tcp.tdir/dnstap_tcp.test b/testdata/dnstap_tcp.tdir/dnstap_tcp.test new file mode 100644 index 000000000..d57eecfdb --- /dev/null +++ b/testdata/dnstap_tcp.tdir/dnstap_tcp.test @@ -0,0 +1,95 @@ +# #-- dnstap_tcp.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +# test if the server is up. +echo "> dig www.example.com." +dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile +echo "> check answer" +if grep "10.20.30.40" outfile; then + echo "OK" +else + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "> check tap.log for dnstap info" +# see if it logged the information in tap.log +# wait for a moment for filesystem to catch up. +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 10; fi +if grep "www.example.com" tap.log; then echo "yes it is in tap.log"; +else + echo "information not in tap.log" + echo "failed" + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "" +echo "> test disconnect from the upstream server" + +kill_pid $DNSTAP_SOCKET_PID +dig @127.0.0.1 -p $UNBOUND_PORT down.example.net. + +# bring log socket back up +$PRE/unbound-dnstap-socket -s "127.0.0.1@$TAP_PORT" -l -vvvv 2>tap2.errlog >tap2.log & +if test $? -ne 0; then + echo "could not start (again) unbound-dnstap-socket server" + exit 1 +fi +DNSTAP_SOCKET_PID=$! +echo "DNSTAP_SOCKET_PID=$DNSTAP_SOCKET_PID" >> .tpkg.var.test +# wait for the server to go up +wait_server_up "tap2.errlog" "start of service" + +dig @127.0.0.1 -p $UNBOUND_PORT up.example.net. +sleep 2 +dig @127.0.0.1 -p $UNBOUND_PORT up2.example.net. + +for x in down up up2; do + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 10; fi + if grep "$x.example.net" tap2.log; then echo "yes it is in tap2.log"; + else + echo "$x.example.net. information not in tap2.log" + echo "failed" + echo "> cat logfiles" + cat tap.log + cat tap.errlog + echo "> tap2 logfiles" + cat tap2.log + cat tap2.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 + fi +done + +echo "> OK" +exit 0 diff --git a/testdata/dnstap_tcp.tdir/dnstap_tcp.testns b/testdata/dnstap_tcp.tdir/dnstap_tcp.testns new file mode 100644 index 000000000..0c911ca5b --- /dev/null +++ b/testdata/dnstap_tcp.tdir/dnstap_tcp.testns @@ -0,0 +1,22 @@ +; nameserver test file +$ORIGIN example.com. +$TTL 3600 + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +www IN A +SECTION ANSWER +www IN A 10.20.30.40 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA SERVFAIL +ADJUST copy_id +SECTION QUESTION +www.example.net. IN A +ENTRY_END + diff --git a/testdata/dnstap_tcp.tdir/unbound_control.key b/testdata/dnstap_tcp.tdir/unbound_control.key new file mode 100644 index 000000000..d7c43a06b --- /dev/null +++ b/testdata/dnstap_tcp.tdir/unbound_control.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa +rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH +ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB +AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z +WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG +DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr +4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m +Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr +p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg +P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+ +aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe +YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9 +DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE= +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_tcp.tdir/unbound_control.pem b/testdata/dnstap_tcp.tdir/unbound_control.pem new file mode 100644 index 000000000..8f1ba87f1 --- /dev/null +++ b/testdata/dnstap_tcp.tdir/unbound_control.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE +AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD +6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3 +qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US +J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB +BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B +9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC +iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq +-----END CERTIFICATE----- diff --git a/testdata/dnstap_tcp.tdir/unbound_server.key b/testdata/dnstap_tcp.tdir/unbound_server.key new file mode 100644 index 000000000..4256c421d --- /dev/null +++ b/testdata/dnstap_tcp.tdir/unbound_server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA +3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s +RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB +AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS +6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds +sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi +XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3 +fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL +CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP +0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2 +oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l +In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S +LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg== +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_tcp.tdir/unbound_server.pem b/testdata/dnstap_tcp.tdir/unbound_server.pem new file mode 100644 index 000000000..aeda3ff11 --- /dev/null +++ b/testdata/dnstap_tcp.tdir/unbound_server.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE +AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS +y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/ +/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu +g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ +9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG +l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH +Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg== +-----END CERTIFICATE----- diff --git a/testdata/dnstap_tls.tdir/dnstap_tls.conf b/testdata/dnstap_tls.tdir/dnstap_tls.conf new file mode 100644 index 000000000..3bff3d1d0 --- /dev/null +++ b/testdata/dnstap_tls.tdir/dnstap_tls.conf @@ -0,0 +1,42 @@ +server: + verbosity: 2 + num-threads: 1 + outgoing-range: 16 + interface: 127.0.0.1 + port: @PORT@ + use-syslog: no + directory: "" + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + local-zone: "example.net." redirect + local-data: "example.net. IN A 10.20.30.41" +remote-control: + control-enable: yes + control-interface: 127.0.0.1 + # control-interface: ::1 + control-port: @CONTROL_PORT@ + server-key-file: "unbound_server.key" + server-cert-file: "unbound_server.pem" + control-key-file: "unbound_control.key" + control-cert-file: "unbound_control.pem" +forward-zone: + name: "." + forward-addr: "127.0.0.1@@TOPORT@" +dnstap: + dnstap-enable: yes + dnstap-socket-path: "dnstap.socket" + dnstap-ip: "127.0.0.1@@TAPPORT@" + dnstap-tls: yes + dnstap-send-identity: yes + dnstap-send-version: yes + #dnstap-identity + #dnstap-version + dnstap-log-resolver-query-messages: yes + dnstap-log-resolver-response-messages: yes + dnstap-log-client-query-messages: yes + dnstap-log-client-response-messages: yes + dnstap-log-forwarder-query-messages: yes + dnstap-log-forwarder-response-messages: yes + diff --git a/testdata/dnstap_tls.tdir/dnstap_tls.dsc b/testdata/dnstap_tls.tdir/dnstap_tls.dsc new file mode 100644 index 000000000..20a4467ce --- /dev/null +++ b/testdata/dnstap_tls.tdir/dnstap_tls.dsc @@ -0,0 +1,16 @@ +BaseName: dnstap_tls +Version: 1.0 +Description: test dnstap tls and reconnect +CreationDate: Tue Feb 14 14:00:38 CET 2020 +Maintainer: dr. W.C.A. Wijngaards +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: dnstap_tls.pre +Post: dnstap_tls.post +Test: dnstap_tls.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/dnstap_tls.tdir/dnstap_tls.post b/testdata/dnstap_tls.tdir/dnstap_tls.post new file mode 100644 index 000000000..fe1824a06 --- /dev/null +++ b/testdata/dnstap_tls.tdir/dnstap_tls.post @@ -0,0 +1,23 @@ +# #-- dnstap_tls.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +kill_pid $DNSTAP_SOCKET_PID +kill_pid $FWD_PID +kill $UNBOUND_PID +kill $UNBOUND_PID >/dev/null 2>&1 +cat unbound.log +echo "> tap logfiles" +cat tap.log +cat tap.errlog +echo "> tap2 logfiles" +if test -f tap2.log; then cat tap2.log; fi +if test -f tap2.errlog; then cat tap2.errlog; fi +cat fwd.log +exit 0 diff --git a/testdata/dnstap_tls.tdir/dnstap_tls.pre b/testdata/dnstap_tls.tdir/dnstap_tls.pre new file mode 100644 index 000000000..1df914873 --- /dev/null +++ b/testdata/dnstap_tls.tdir/dnstap_tls.pre @@ -0,0 +1,54 @@ +# #-- dnstap_tls.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh + +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +get_random_port 4 +UNBOUND_PORT=$RND_PORT +FWD_PORT=$(($RND_PORT + 1)) +CONTROL_PORT=$(($RND_PORT + 2)) +TAP_PORT=$(($RND_PORT + 3)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test +echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test +echo "TAP_PORT=$TAP_PORT" >> .tpkg.var.test + +# start forwarder +get_ldns_testns +$LDNS_TESTNS -p $FWD_PORT dnstap_tls.testns >fwd.log 2>&1 & +FWD_PID=$! +echo "FWD_PID=$FWD_PID" >> .tpkg.var.test + +# start the dnstap log server +# the -vvvv flag prints protocol and connection information from the +# unbound-dnstap-socket server. +# the -l flag prints the DNS info in the DNSTAP packet in multiline output. +# stderr is the '-vvvv' server logs and errors. +# stdout is the one-line packet logs (or with -l, multiline). +$PRE/unbound-dnstap-socket -t "127.0.0.1@$TAP_PORT" -x unbound_server.key -y unbound_server.pem -l -vvvv 2>tap.errlog >tap.log & +if test $? -ne 0; then + echo "could not start unbound-dnstap-socket server" + exit 1 +fi +DNSTAP_SOCKET_PID=$! +echo "DNSTAP_SOCKET_PID=$DNSTAP_SOCKET_PID" >> .tpkg.var.test +# wait for the server to go up +wait_server_up "tap.errlog" "start of service" + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' -e 's/@TAPPORT\@/'$TAP_PORT'/' < dnstap_tls.conf > ub.conf +# start unbound in the background +$PRE/unbound -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_ldns_testns_up fwd.log +wait_unbound_up unbound.log + diff --git a/testdata/dnstap_tls.tdir/dnstap_tls.test b/testdata/dnstap_tls.tdir/dnstap_tls.test new file mode 100644 index 000000000..f9a2bf00d --- /dev/null +++ b/testdata/dnstap_tls.tdir/dnstap_tls.test @@ -0,0 +1,95 @@ +# #-- dnstap_tls.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +# test if the server is up. +echo "> dig www.example.com." +dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile +echo "> check answer" +if grep "10.20.30.40" outfile; then + echo "OK" +else + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "> check tap.log for dnstap info" +# see if it logged the information in tap.log +# wait for a moment for filesystem to catch up. +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 10; fi +if grep "www.example.com" tap.log; then echo "yes it is in tap.log"; +else + echo "information not in tap.log" + echo "failed" + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "" +echo "> test disconnect from the upstream server" + +kill_pid $DNSTAP_SOCKET_PID +dig @127.0.0.1 -p $UNBOUND_PORT down.example.net. + +# bring log socket back up +$PRE/unbound-dnstap-socket -t "127.0.0.1@$TAP_PORT" -x unbound_server.key -y unbound_server.pem -l -vvvv 2>tap2.errlog >tap2.log & +if test $? -ne 0; then + echo "could not start (again) unbound-dnstap-socket server" + exit 1 +fi +DNSTAP_SOCKET_PID=$! +echo "DNSTAP_SOCKET_PID=$DNSTAP_SOCKET_PID" >> .tpkg.var.test +# wait for the server to go up +wait_server_up "tap2.errlog" "start of service" + +dig @127.0.0.1 -p $UNBOUND_PORT up.example.net. +sleep 2 +dig @127.0.0.1 -p $UNBOUND_PORT up2.example.net. + +for x in down up up2; do + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 1; fi + if grep "$x.example.net" tap2.log >/dev/null; then :; else sleep 10; fi + if grep "$x.example.net" tap2.log; then echo "yes it is in tap2.log"; + else + echo "$x.example.net. information not in tap2.log" + echo "failed" + echo "> cat logfiles" + cat tap.log + cat tap.errlog + echo "> tap2 logfiles" + cat tap2.log + cat tap2.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 + fi +done + +echo "> OK" +exit 0 diff --git a/testdata/dnstap_tls.tdir/dnstap_tls.testns b/testdata/dnstap_tls.tdir/dnstap_tls.testns new file mode 100644 index 000000000..0c911ca5b --- /dev/null +++ b/testdata/dnstap_tls.tdir/dnstap_tls.testns @@ -0,0 +1,22 @@ +; nameserver test file +$ORIGIN example.com. +$TTL 3600 + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +www IN A +SECTION ANSWER +www IN A 10.20.30.40 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA SERVFAIL +ADJUST copy_id +SECTION QUESTION +www.example.net. IN A +ENTRY_END + diff --git a/testdata/dnstap_tls.tdir/unbound_control.key b/testdata/dnstap_tls.tdir/unbound_control.key new file mode 100644 index 000000000..d7c43a06b --- /dev/null +++ b/testdata/dnstap_tls.tdir/unbound_control.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa +rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH +ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB +AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z +WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG +DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr +4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m +Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr +p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg +P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+ +aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe +YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9 +DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE= +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_tls.tdir/unbound_control.pem b/testdata/dnstap_tls.tdir/unbound_control.pem new file mode 100644 index 000000000..8f1ba87f1 --- /dev/null +++ b/testdata/dnstap_tls.tdir/unbound_control.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE +AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD +6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3 +qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US +J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB +BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B +9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC +iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq +-----END CERTIFICATE----- diff --git a/testdata/dnstap_tls.tdir/unbound_server.key b/testdata/dnstap_tls.tdir/unbound_server.key new file mode 100644 index 000000000..4256c421d --- /dev/null +++ b/testdata/dnstap_tls.tdir/unbound_server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA +3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s +RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB +AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS +6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds +sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi +XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3 +fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL +CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP +0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2 +oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l +In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S +LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg== +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_tls.tdir/unbound_server.pem b/testdata/dnstap_tls.tdir/unbound_server.pem new file mode 100644 index 000000000..aeda3ff11 --- /dev/null +++ b/testdata/dnstap_tls.tdir/unbound_server.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE +AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS +y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/ +/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu +g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ +9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG +l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH +Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg== +-----END CERTIFICATE----- diff --git a/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.conf b/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.conf new file mode 100644 index 000000000..32698b621 --- /dev/null +++ b/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.conf @@ -0,0 +1,48 @@ +server: + verbosity: 4 + num-threads: 1 + outgoing-range: 16 + interface: 127.0.0.1 + port: @PORT@ + use-syslog: no + directory: "" + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + local-zone: "example.net." redirect + local-data: "example.net. IN A 10.20.30.41" +remote-control: + control-enable: yes + control-interface: 127.0.0.1 + # control-interface: ::1 + control-port: @CONTROL_PORT@ + server-key-file: "unbound_server.key" + server-cert-file: "unbound_server.pem" + control-key-file: "unbound_control.key" + control-cert-file: "unbound_control.pem" +forward-zone: + name: "." + forward-addr: "127.0.0.1@@TOPORT@" +dnstap: + dnstap-enable: yes + dnstap-socket-path: "dnstap.socket" + dnstap-ip: "127.0.0.1@@TAPPORT@" + dnstap-tls: yes + dnstap-tls-server-name: "unbound" + # the actual tls cert bundle that authenticates the server + # is the unbound_server.pem bundle. + # we pass the wrong bundle. (of another key we also use in the client + # authentication test) + dnstap-tls-cert-bundle: "unbound_control.pem" + dnstap-send-identity: yes + dnstap-send-version: yes + #dnstap-identity + #dnstap-version + dnstap-log-resolver-query-messages: yes + dnstap-log-resolver-response-messages: yes + dnstap-log-client-query-messages: yes + dnstap-log-client-response-messages: yes + dnstap-log-forwarder-query-messages: yes + dnstap-log-forwarder-response-messages: yes + diff --git a/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.dsc b/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.dsc new file mode 100644 index 000000000..7d392ff56 --- /dev/null +++ b/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.dsc @@ -0,0 +1,16 @@ +BaseName: dnstap_tls_badcert +Version: 1.0 +Description: test dnstap tls with bad cert for authentication +CreationDate: Tue Feb 18 13:00:38 CET 2020 +Maintainer: dr. W.C.A. Wijngaards +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: dnstap_tls_badcert.pre +Post: dnstap_tls_badcert.post +Test: dnstap_tls_badcert.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.post b/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.post new file mode 100644 index 000000000..d71eb28ae --- /dev/null +++ b/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.post @@ -0,0 +1,20 @@ +# #-- dnstap_tls_badcert.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +kill_pid $DNSTAP_SOCKET_PID +kill_pid $FWD_PID +kill $UNBOUND_PID +kill $UNBOUND_PID >/dev/null 2>&1 +cat unbound.log +echo "> tap logfiles" +cat tap.log +cat tap.errlog +cat fwd.log +exit 0 diff --git a/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.pre b/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.pre new file mode 100644 index 000000000..eff7074d0 --- /dev/null +++ b/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.pre @@ -0,0 +1,54 @@ +# #-- dnstap_tls_badcert.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh + +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +get_random_port 4 +UNBOUND_PORT=$RND_PORT +FWD_PORT=$(($RND_PORT + 1)) +CONTROL_PORT=$(($RND_PORT + 2)) +TAP_PORT=$(($RND_PORT + 3)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test +echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test +echo "TAP_PORT=$TAP_PORT" >> .tpkg.var.test + +# start forwarder +get_ldns_testns +$LDNS_TESTNS -p $FWD_PORT dnstap_tls_badcert.testns >fwd.log 2>&1 & +FWD_PID=$! +echo "FWD_PID=$FWD_PID" >> .tpkg.var.test + +# start the dnstap log server +# the -vvvv flag prints protocol and connection information from the +# unbound-dnstap-socket server. +# the -l flag prints the DNS info in the DNSTAP packet in multiline output. +# stderr is the '-vvvv' server logs and errors. +# stdout is the one-line packet logs (or with -l, multiline). +$PRE/unbound-dnstap-socket -t "127.0.0.1@$TAP_PORT" -x unbound_server.key -y unbound_server.pem -l -vvvv 2>tap.errlog >tap.log & +if test $? -ne 0; then + echo "could not start unbound-dnstap-socket server" + exit 1 +fi +DNSTAP_SOCKET_PID=$! +echo "DNSTAP_SOCKET_PID=$DNSTAP_SOCKET_PID" >> .tpkg.var.test +# wait for the server to go up +wait_server_up "tap.errlog" "start of service" + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' -e 's/@TAPPORT\@/'$TAP_PORT'/' < dnstap_tls_badcert.conf > ub.conf +# start unbound in the background +$PRE/unbound -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_ldns_testns_up fwd.log +wait_unbound_up unbound.log + diff --git a/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.test b/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.test new file mode 100644 index 000000000..0b85f64ac --- /dev/null +++ b/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.test @@ -0,0 +1,51 @@ +# #-- dnstap_tls_badcert.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +# test if the server is up. +echo "> dig www.example.com." +dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile +echo "> check answer" +if grep "10.20.30.40" outfile; then + echo "OK" +else + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "> check tap.log for dnstap info" +# see if it logged the information in tap.log +# wait for a moment for filesystem to catch up. +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log; then + echo "it is in tap.log"; + echo "but there should not be a connection" + echo "failed" + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +else + echo "information not in tap.log" +fi + +echo "> OK" +exit 0 diff --git a/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.testns b/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.testns new file mode 100644 index 000000000..0c911ca5b --- /dev/null +++ b/testdata/dnstap_tls_badcert.tdir/dnstap_tls_badcert.testns @@ -0,0 +1,22 @@ +; nameserver test file +$ORIGIN example.com. +$TTL 3600 + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +www IN A +SECTION ANSWER +www IN A 10.20.30.40 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA SERVFAIL +ADJUST copy_id +SECTION QUESTION +www.example.net. IN A +ENTRY_END + diff --git a/testdata/dnstap_tls_badcert.tdir/unbound_control.key b/testdata/dnstap_tls_badcert.tdir/unbound_control.key new file mode 100644 index 000000000..d7c43a06b --- /dev/null +++ b/testdata/dnstap_tls_badcert.tdir/unbound_control.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa +rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH +ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB +AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z +WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG +DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr +4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m +Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr +p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg +P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+ +aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe +YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9 +DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE= +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_tls_badcert.tdir/unbound_control.pem b/testdata/dnstap_tls_badcert.tdir/unbound_control.pem new file mode 100644 index 000000000..8f1ba87f1 --- /dev/null +++ b/testdata/dnstap_tls_badcert.tdir/unbound_control.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE +AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD +6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3 +qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US +J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB +BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B +9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC +iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq +-----END CERTIFICATE----- diff --git a/testdata/dnstap_tls_badcert.tdir/unbound_server.key b/testdata/dnstap_tls_badcert.tdir/unbound_server.key new file mode 100644 index 000000000..4256c421d --- /dev/null +++ b/testdata/dnstap_tls_badcert.tdir/unbound_server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA +3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s +RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB +AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS +6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds +sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi +XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3 +fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL +CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP +0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2 +oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l +In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S +LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg== +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_tls_badcert.tdir/unbound_server.pem b/testdata/dnstap_tls_badcert.tdir/unbound_server.pem new file mode 100644 index 000000000..aeda3ff11 --- /dev/null +++ b/testdata/dnstap_tls_badcert.tdir/unbound_server.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE +AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS +y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/ +/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu +g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ +9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG +l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH +Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg== +-----END CERTIFICATE----- diff --git a/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.conf b/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.conf new file mode 100644 index 000000000..75e98a71d --- /dev/null +++ b/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.conf @@ -0,0 +1,46 @@ +server: + verbosity: 4 + num-threads: 1 + outgoing-range: 16 + interface: 127.0.0.1 + port: @PORT@ + use-syslog: no + directory: "" + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + local-zone: "example.net." redirect + local-data: "example.net. IN A 10.20.30.41" +remote-control: + control-enable: yes + control-interface: 127.0.0.1 + # control-interface: ::1 + control-port: @CONTROL_PORT@ + server-key-file: "unbound_server.key" + server-cert-file: "unbound_server.pem" + control-key-file: "unbound_control.key" + control-cert-file: "unbound_control.pem" +forward-zone: + name: "." + forward-addr: "127.0.0.1@@TOPORT@" +dnstap: + dnstap-enable: yes + dnstap-socket-path: "dnstap.socket" + dnstap-ip: "127.0.0.1@@TAPPORT@" + dnstap-tls: yes + # actual certificate name: "unbound" + # we enter another name here. + dnstap-tls-server-name: "anothername" + dnstap-tls-cert-bundle: "unbound_server.pem" + dnstap-send-identity: yes + dnstap-send-version: yes + #dnstap-identity + #dnstap-version + dnstap-log-resolver-query-messages: yes + dnstap-log-resolver-response-messages: yes + dnstap-log-client-query-messages: yes + dnstap-log-client-response-messages: yes + dnstap-log-forwarder-query-messages: yes + dnstap-log-forwarder-response-messages: yes + diff --git a/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.dsc b/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.dsc new file mode 100644 index 000000000..9f878b91c --- /dev/null +++ b/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.dsc @@ -0,0 +1,16 @@ +BaseName: dnstap_tls_badname +Version: 1.0 +Description: test dnstap tls test bad peer name for authentication +CreationDate: Tue Feb 18 13:00:38 CET 2020 +Maintainer: dr. W.C.A. Wijngaards +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: dnstap_tls_badname.pre +Post: dnstap_tls_badname.post +Test: dnstap_tls_badname.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.post b/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.post new file mode 100644 index 000000000..59f05b81d --- /dev/null +++ b/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.post @@ -0,0 +1,20 @@ +# #-- dnstap_tls_badname.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +kill_pid $DNSTAP_SOCKET_PID +kill_pid $FWD_PID +kill $UNBOUND_PID +kill $UNBOUND_PID >/dev/null 2>&1 +cat unbound.log +echo "> tap logfiles" +cat tap.log +cat tap.errlog +cat fwd.log +exit 0 diff --git a/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.pre b/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.pre new file mode 100644 index 000000000..0ffee6081 --- /dev/null +++ b/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.pre @@ -0,0 +1,54 @@ +# #-- dnstap_tls_badname.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh + +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +get_random_port 4 +UNBOUND_PORT=$RND_PORT +FWD_PORT=$(($RND_PORT + 1)) +CONTROL_PORT=$(($RND_PORT + 2)) +TAP_PORT=$(($RND_PORT + 3)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test +echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test +echo "TAP_PORT=$TAP_PORT" >> .tpkg.var.test + +# start forwarder +get_ldns_testns +$LDNS_TESTNS -p $FWD_PORT dnstap_tls_badname.testns >fwd.log 2>&1 & +FWD_PID=$! +echo "FWD_PID=$FWD_PID" >> .tpkg.var.test + +# start the dnstap log server +# the -vvvv flag prints protocol and connection information from the +# unbound-dnstap-socket server. +# the -l flag prints the DNS info in the DNSTAP packet in multiline output. +# stderr is the '-vvvv' server logs and errors. +# stdout is the one-line packet logs (or with -l, multiline). +$PRE/unbound-dnstap-socket -t "127.0.0.1@$TAP_PORT" -x unbound_server.key -y unbound_server.pem -l -vvvv 2>tap.errlog >tap.log & +if test $? -ne 0; then + echo "could not start unbound-dnstap-socket server" + exit 1 +fi +DNSTAP_SOCKET_PID=$! +echo "DNSTAP_SOCKET_PID=$DNSTAP_SOCKET_PID" >> .tpkg.var.test +# wait for the server to go up +wait_server_up "tap.errlog" "start of service" + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' -e 's/@TAPPORT\@/'$TAP_PORT'/' < dnstap_tls_badname.conf > ub.conf +# start unbound in the background +$PRE/unbound -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_ldns_testns_up fwd.log +wait_unbound_up unbound.log + diff --git a/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.test b/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.test new file mode 100644 index 000000000..248d8f222 --- /dev/null +++ b/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.test @@ -0,0 +1,51 @@ +# #-- dnstap_tls_badname.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +# test if the server is up. +echo "> dig www.example.com." +dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile +echo "> check answer" +if grep "10.20.30.40" outfile; then + echo "OK" +else + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "> check tap.log for dnstap info" +# see if it logged the information in tap.log +# wait for a moment for filesystem to catch up. +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log; then + echo "it is in tap.log"; + echo "but there should not be a connection" + echo "failed" + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +else + echo "information not in tap.log" +fi + +echo "> OK" +exit 0 diff --git a/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.testns b/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.testns new file mode 100644 index 000000000..0c911ca5b --- /dev/null +++ b/testdata/dnstap_tls_badname.tdir/dnstap_tls_badname.testns @@ -0,0 +1,22 @@ +; nameserver test file +$ORIGIN example.com. +$TTL 3600 + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +www IN A +SECTION ANSWER +www IN A 10.20.30.40 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA SERVFAIL +ADJUST copy_id +SECTION QUESTION +www.example.net. IN A +ENTRY_END + diff --git a/testdata/dnstap_tls_badname.tdir/unbound_control.key b/testdata/dnstap_tls_badname.tdir/unbound_control.key new file mode 100644 index 000000000..d7c43a06b --- /dev/null +++ b/testdata/dnstap_tls_badname.tdir/unbound_control.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa +rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH +ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB +AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z +WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG +DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr +4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m +Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr +p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg +P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+ +aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe +YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9 +DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE= +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_tls_badname.tdir/unbound_control.pem b/testdata/dnstap_tls_badname.tdir/unbound_control.pem new file mode 100644 index 000000000..8f1ba87f1 --- /dev/null +++ b/testdata/dnstap_tls_badname.tdir/unbound_control.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE +AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD +6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3 +qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US +J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB +BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B +9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC +iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq +-----END CERTIFICATE----- diff --git a/testdata/dnstap_tls_badname.tdir/unbound_server.key b/testdata/dnstap_tls_badname.tdir/unbound_server.key new file mode 100644 index 000000000..4256c421d --- /dev/null +++ b/testdata/dnstap_tls_badname.tdir/unbound_server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA +3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s +RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB +AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS +6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds +sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi +XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3 +fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL +CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP +0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2 +oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l +In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S +LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg== +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_tls_badname.tdir/unbound_server.pem b/testdata/dnstap_tls_badname.tdir/unbound_server.pem new file mode 100644 index 000000000..aeda3ff11 --- /dev/null +++ b/testdata/dnstap_tls_badname.tdir/unbound_server.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE +AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS +y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/ +/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu +g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ +9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG +l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH +Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg== +-----END CERTIFICATE----- diff --git a/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.conf b/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.conf new file mode 100644 index 000000000..6182526ac --- /dev/null +++ b/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.conf @@ -0,0 +1,46 @@ +server: + verbosity: 4 + num-threads: 1 + outgoing-range: 16 + interface: 127.0.0.1 + port: @PORT@ + use-syslog: no + directory: "" + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + local-zone: "example.net." redirect + local-data: "example.net. IN A 10.20.30.41" +remote-control: + control-enable: yes + control-interface: 127.0.0.1 + # control-interface: ::1 + control-port: @CONTROL_PORT@ + server-key-file: "unbound_server.key" + server-cert-file: "unbound_server.pem" + control-key-file: "unbound_control.key" + control-cert-file: "unbound_control.pem" +forward-zone: + name: "." + forward-addr: "127.0.0.1@@TOPORT@" +dnstap: + dnstap-enable: yes + dnstap-socket-path: "dnstap.socket" + dnstap-ip: "127.0.0.1@@TAPPORT@" + dnstap-tls: yes + dnstap-tls-server-name: "unbound" + dnstap-tls-cert-bundle: "unbound_server.pem" + dnstap-tls-client-key-file: "unbound_control.key" + dnstap-tls-client-cert-file: "unbound_control.pem" + dnstap-send-identity: yes + dnstap-send-version: yes + #dnstap-identity + #dnstap-version + dnstap-log-resolver-query-messages: yes + dnstap-log-resolver-response-messages: yes + dnstap-log-client-query-messages: yes + dnstap-log-client-response-messages: yes + dnstap-log-forwarder-query-messages: yes + dnstap-log-forwarder-response-messages: yes + diff --git a/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.dsc b/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.dsc new file mode 100644 index 000000000..37aacbbd9 --- /dev/null +++ b/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.dsc @@ -0,0 +1,16 @@ +BaseName: dnstap_tls_clientauth +Version: 1.0 +Description: test dnstap tls with client authentication +CreationDate: Tue Feb 18 14:00:38 CET 2020 +Maintainer: dr. W.C.A. Wijngaards +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: dnstap_tls_clientauth.pre +Post: dnstap_tls_clientauth.post +Test: dnstap_tls_clientauth.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.post b/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.post new file mode 100644 index 000000000..83df2a72e --- /dev/null +++ b/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.post @@ -0,0 +1,20 @@ +# #-- dnstap_tls_clientauth.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +kill_pid $DNSTAP_SOCKET_PID +kill_pid $FWD_PID +kill $UNBOUND_PID +kill $UNBOUND_PID >/dev/null 2>&1 +cat unbound.log +echo "> tap logfiles" +cat tap.log +cat tap.errlog +cat fwd.log +exit 0 diff --git a/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.pre b/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.pre new file mode 100644 index 000000000..a035181ce --- /dev/null +++ b/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.pre @@ -0,0 +1,54 @@ +# #-- dnstap_tls_clientauth.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh + +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +get_random_port 4 +UNBOUND_PORT=$RND_PORT +FWD_PORT=$(($RND_PORT + 1)) +CONTROL_PORT=$(($RND_PORT + 2)) +TAP_PORT=$(($RND_PORT + 3)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test +echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test +echo "TAP_PORT=$TAP_PORT" >> .tpkg.var.test + +# start forwarder +get_ldns_testns +$LDNS_TESTNS -p $FWD_PORT dnstap_tls_clientauth.testns >fwd.log 2>&1 & +FWD_PID=$! +echo "FWD_PID=$FWD_PID" >> .tpkg.var.test + +# start the dnstap log server +# the -vvvv flag prints protocol and connection information from the +# unbound-dnstap-socket server. +# the -l flag prints the DNS info in the DNSTAP packet in multiline output. +# stderr is the '-vvvv' server logs and errors. +# stdout is the one-line packet logs (or with -l, multiline). +$PRE/unbound-dnstap-socket -t "127.0.0.1@$TAP_PORT" -x unbound_server.key -y unbound_server.pem -z unbound_server.pem -l -vvvv 2>tap.errlog >tap.log & +if test $? -ne 0; then + echo "could not start unbound-dnstap-socket server" + exit 1 +fi +DNSTAP_SOCKET_PID=$! +echo "DNSTAP_SOCKET_PID=$DNSTAP_SOCKET_PID" >> .tpkg.var.test +# wait for the server to go up +wait_server_up "tap.errlog" "start of service" + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' -e 's/@TAPPORT\@/'$TAP_PORT'/' < dnstap_tls_clientauth.conf > ub.conf +# start unbound in the background +$PRE/unbound -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_ldns_testns_up fwd.log +wait_unbound_up unbound.log + diff --git a/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.test b/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.test new file mode 100644 index 000000000..5b9cce0a4 --- /dev/null +++ b/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.test @@ -0,0 +1,50 @@ +# #-- dnstap_tls_clientauth.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +# test if the server is up. +echo "> dig www.example.com." +dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile +echo "> check answer" +if grep "10.20.30.40" outfile; then + echo "OK" +else + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "> check tap.log for dnstap info" +# see if it logged the information in tap.log +# wait for a moment for filesystem to catch up. +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 10; fi +if grep "www.example.com" tap.log; then echo "yes it is in tap.log"; +else + echo "information not in tap.log" + echo "failed" + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "> OK" +exit 0 diff --git a/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.testns b/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.testns new file mode 100644 index 000000000..0c911ca5b --- /dev/null +++ b/testdata/dnstap_tls_clientauth.tdir/dnstap_tls_clientauth.testns @@ -0,0 +1,22 @@ +; nameserver test file +$ORIGIN example.com. +$TTL 3600 + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +www IN A +SECTION ANSWER +www IN A 10.20.30.40 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA SERVFAIL +ADJUST copy_id +SECTION QUESTION +www.example.net. IN A +ENTRY_END + diff --git a/testdata/dnstap_tls_clientauth.tdir/unbound_control.key b/testdata/dnstap_tls_clientauth.tdir/unbound_control.key new file mode 100644 index 000000000..d7c43a06b --- /dev/null +++ b/testdata/dnstap_tls_clientauth.tdir/unbound_control.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa +rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH +ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB +AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z +WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG +DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr +4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m +Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr +p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg +P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+ +aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe +YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9 +DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE= +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_tls_clientauth.tdir/unbound_control.pem b/testdata/dnstap_tls_clientauth.tdir/unbound_control.pem new file mode 100644 index 000000000..8f1ba87f1 --- /dev/null +++ b/testdata/dnstap_tls_clientauth.tdir/unbound_control.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE +AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD +6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3 +qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US +J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB +BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B +9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC +iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq +-----END CERTIFICATE----- diff --git a/testdata/dnstap_tls_clientauth.tdir/unbound_server.key b/testdata/dnstap_tls_clientauth.tdir/unbound_server.key new file mode 100644 index 000000000..4256c421d --- /dev/null +++ b/testdata/dnstap_tls_clientauth.tdir/unbound_server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA +3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s +RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB +AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS +6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds +sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi +XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3 +fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL +CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP +0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2 +oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l +In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S +LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg== +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_tls_clientauth.tdir/unbound_server.pem b/testdata/dnstap_tls_clientauth.tdir/unbound_server.pem new file mode 100644 index 000000000..aeda3ff11 --- /dev/null +++ b/testdata/dnstap_tls_clientauth.tdir/unbound_server.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE +AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS +y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/ +/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu +g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ +9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG +l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH +Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg== +-----END CERTIFICATE----- diff --git a/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.conf b/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.conf new file mode 100644 index 000000000..55f844ae4 --- /dev/null +++ b/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.conf @@ -0,0 +1,44 @@ +server: + verbosity: 4 + num-threads: 1 + outgoing-range: 16 + interface: 127.0.0.1 + port: @PORT@ + use-syslog: no + directory: "" + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + local-zone: "example.net." redirect + local-data: "example.net. IN A 10.20.30.41" +remote-control: + control-enable: yes + control-interface: 127.0.0.1 + # control-interface: ::1 + control-port: @CONTROL_PORT@ + server-key-file: "unbound_server.key" + server-cert-file: "unbound_server.pem" + control-key-file: "unbound_control.key" + control-cert-file: "unbound_control.pem" +forward-zone: + name: "." + forward-addr: "127.0.0.1@@TOPORT@" +dnstap: + dnstap-enable: yes + dnstap-socket-path: "dnstap.socket" + dnstap-ip: "127.0.0.1@@TAPPORT@" + dnstap-tls: yes + dnstap-tls-server-name: "unbound" + dnstap-tls-cert-bundle: "unbound_server.pem" + dnstap-send-identity: yes + dnstap-send-version: yes + #dnstap-identity + #dnstap-version + dnstap-log-resolver-query-messages: yes + dnstap-log-resolver-response-messages: yes + dnstap-log-client-query-messages: yes + dnstap-log-client-response-messages: yes + dnstap-log-forwarder-query-messages: yes + dnstap-log-forwarder-response-messages: yes + diff --git a/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.dsc b/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.dsc new file mode 100644 index 000000000..bce84f55c --- /dev/null +++ b/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.dsc @@ -0,0 +1,16 @@ +BaseName: dnstap_tls_peername +Version: 1.0 +Description: test dnstap tls with auth name and tls authentication +CreationDate: Tue Feb 14 14:00:38 CET 2020 +Maintainer: dr. W.C.A. Wijngaards +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: dnstap_tls_peername.pre +Post: dnstap_tls_peername.post +Test: dnstap_tls_peername.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.post b/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.post new file mode 100644 index 000000000..3ca63ada4 --- /dev/null +++ b/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.post @@ -0,0 +1,20 @@ +# #-- dnstap_tls_peername.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi +kill_pid $DNSTAP_SOCKET_PID +kill_pid $FWD_PID +kill $UNBOUND_PID +kill $UNBOUND_PID >/dev/null 2>&1 +cat unbound.log +echo "> tap logfiles" +cat tap.log +cat tap.errlog +cat fwd.log +exit 0 diff --git a/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.pre b/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.pre new file mode 100644 index 000000000..25b838d8b --- /dev/null +++ b/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.pre @@ -0,0 +1,54 @@ +# #-- dnstap_tls_peername.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh + +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +get_random_port 4 +UNBOUND_PORT=$RND_PORT +FWD_PORT=$(($RND_PORT + 1)) +CONTROL_PORT=$(($RND_PORT + 2)) +TAP_PORT=$(($RND_PORT + 3)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test +echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test +echo "TAP_PORT=$TAP_PORT" >> .tpkg.var.test + +# start forwarder +get_ldns_testns +$LDNS_TESTNS -p $FWD_PORT dnstap_tls_peername.testns >fwd.log 2>&1 & +FWD_PID=$! +echo "FWD_PID=$FWD_PID" >> .tpkg.var.test + +# start the dnstap log server +# the -vvvv flag prints protocol and connection information from the +# unbound-dnstap-socket server. +# the -l flag prints the DNS info in the DNSTAP packet in multiline output. +# stderr is the '-vvvv' server logs and errors. +# stdout is the one-line packet logs (or with -l, multiline). +$PRE/unbound-dnstap-socket -t "127.0.0.1@$TAP_PORT" -x unbound_server.key -y unbound_server.pem -l -vvvv 2>tap.errlog >tap.log & +if test $? -ne 0; then + echo "could not start unbound-dnstap-socket server" + exit 1 +fi +DNSTAP_SOCKET_PID=$! +echo "DNSTAP_SOCKET_PID=$DNSTAP_SOCKET_PID" >> .tpkg.var.test +# wait for the server to go up +wait_server_up "tap.errlog" "start of service" + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' -e 's/@TAPPORT\@/'$TAP_PORT'/' < dnstap_tls_peername.conf > ub.conf +# start unbound in the background +$PRE/unbound -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_ldns_testns_up fwd.log +wait_unbound_up unbound.log + diff --git a/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.test b/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.test new file mode 100644 index 000000000..03bcbadfd --- /dev/null +++ b/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.test @@ -0,0 +1,50 @@ +# #-- dnstap_tls_peername.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh +PRE="../.." +if grep "define USE_DNSTAP 1" $PRE/config.h; then echo test enabled; else echo test skipped; exit 0; fi + +# test if the server is up. +echo "> dig www.example.com." +dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile +echo "> check answer" +if grep "10.20.30.40" outfile; then + echo "OK" +else + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "> check tap.log for dnstap info" +# see if it logged the information in tap.log +# wait for a moment for filesystem to catch up. +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 1; fi +if grep "www.example.com" tap.log >/dev/null; then :; else sleep 10; fi +if grep "www.example.com" tap.log; then echo "yes it is in tap.log"; +else + echo "information not in tap.log" + echo "failed" + echo "> cat logfiles" + cat tap.log + cat tap.errlog + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi + +echo "> OK" +exit 0 diff --git a/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.testns b/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.testns new file mode 100644 index 000000000..0c911ca5b --- /dev/null +++ b/testdata/dnstap_tls_peername.tdir/dnstap_tls_peername.testns @@ -0,0 +1,22 @@ +; nameserver test file +$ORIGIN example.com. +$TTL 3600 + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id +SECTION QUESTION +www IN A +SECTION ANSWER +www IN A 10.20.30.40 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA SERVFAIL +ADJUST copy_id +SECTION QUESTION +www.example.net. IN A +ENTRY_END + diff --git a/testdata/dnstap_tls_peername.tdir/unbound_control.key b/testdata/dnstap_tls_peername.tdir/unbound_control.key new file mode 100644 index 000000000..d7c43a06b --- /dev/null +++ b/testdata/dnstap_tls_peername.tdir/unbound_control.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa +rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH +ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB +AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z +WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG +DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr +4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m +Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr +p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg +P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+ +aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe +YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9 +DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE= +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_tls_peername.tdir/unbound_control.pem b/testdata/dnstap_tls_peername.tdir/unbound_control.pem new file mode 100644 index 000000000..8f1ba87f1 --- /dev/null +++ b/testdata/dnstap_tls_peername.tdir/unbound_control.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE +AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD +6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3 +qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US +J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB +BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B +9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC +iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq +-----END CERTIFICATE----- diff --git a/testdata/dnstap_tls_peername.tdir/unbound_server.key b/testdata/dnstap_tls_peername.tdir/unbound_server.key new file mode 100644 index 000000000..4256c421d --- /dev/null +++ b/testdata/dnstap_tls_peername.tdir/unbound_server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA +3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s +RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB +AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS +6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds +sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi +XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3 +fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL +CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP +0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2 +oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l +In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S +LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg== +-----END RSA PRIVATE KEY----- diff --git a/testdata/dnstap_tls_peername.tdir/unbound_server.pem b/testdata/dnstap_tls_peername.tdir/unbound_server.pem new file mode 100644 index 000000000..aeda3ff11 --- /dev/null +++ b/testdata/dnstap_tls_peername.tdir/unbound_server.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE +AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS +y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/ +/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu +g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ +9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG +l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH +Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg== +-----END CERTIFICATE----- diff --git a/util/config_file.c b/util/config_file.c index 52ca5a184..394cf17f3 100644 --- a/util/config_file.c +++ b/util/config_file.c @@ -295,6 +295,7 @@ config_create(void) if(!(cfg->dnstap_socket_path = strdup(DNSTAP_SOCKET_PATH))) goto error_exit; #endif + cfg->dnstap_tls = 1; cfg->disable_dnssec_lame_check = 0; cfg->ip_ratelimit = 0; cfg->ratelimit = 0; @@ -632,6 +633,13 @@ int config_set_option(struct config_file* cfg, const char* opt, #ifdef USE_DNSTAP else S_YNO("dnstap-enable:", dnstap) else S_STR("dnstap-socket-path:", dnstap_socket_path) + else S_STR("dnstap-ip:", dnstap_ip) + else S_YNO("dnstap-tls:", dnstap_tls) + else S_STR("dnstap-tls-server-name:", dnstap_tls_server_name) + else S_STR("dnstap-tls-cert-bundle:", dnstap_tls_cert_bundle) + else S_STR("dnstap-tls-client-key-file:", dnstap_tls_client_key_file) + else S_STR("dnstap-tls-client-cert-file:", + dnstap_tls_client_cert_file) else S_YNO("dnstap-send-identity:", dnstap_send_identity) else S_YNO("dnstap-send-version:", dnstap_send_version) else S_STR("dnstap-identity:", dnstap_identity) @@ -1039,6 +1047,14 @@ config_get_option(struct config_file* cfg, const char* opt, #ifdef USE_DNSTAP else O_YNO(opt, "dnstap-enable", dnstap) else O_STR(opt, "dnstap-socket-path", dnstap_socket_path) + else O_STR(opt, "dnstap-ip", dnstap_ip) + else O_YNO(opt, "dnstap-tls", dnstap_tls) + else O_STR(opt, "dnstap-tls-server-name", dnstap_tls_server_name) + else O_STR(opt, "dnstap-tls-cert-bundle", dnstap_tls_cert_bundle) + else O_STR(opt, "dnstap-tls-client-key-file", + dnstap_tls_client_key_file) + else O_STR(opt, "dnstap-tls-client-cert-file", + dnstap_tls_client_cert_file) else O_YNO(opt, "dnstap-send-identity", dnstap_send_identity) else O_YNO(opt, "dnstap-send-version", dnstap_send_version) else O_STR(opt, "dnstap-identity", dnstap_identity) @@ -1458,6 +1474,11 @@ config_delete(struct config_file* cfg) free(cfg->dns64_prefix); config_delstrlist(cfg->dns64_ignore_aaaa); free(cfg->dnstap_socket_path); + free(cfg->dnstap_ip); + free(cfg->dnstap_tls_server_name); + free(cfg->dnstap_tls_cert_bundle); + free(cfg->dnstap_tls_client_key_file); + free(cfg->dnstap_tls_client_cert_file); free(cfg->dnstap_identity); free(cfg->dnstap_version); config_deldblstrlist(cfg->ratelimit_for_domain); diff --git a/util/config_file.h b/util/config_file.h index ff80d63c4..bd6e884eb 100644 --- a/util/config_file.h +++ b/util/config_file.h @@ -476,6 +476,18 @@ struct config_file { int dnstap; /** dnstap socket path */ char* dnstap_socket_path; + /** dnstap IP */ + char* dnstap_ip; + /** dnstap TLS enable */ + int dnstap_tls; + /** dnstap tls server authentication name */ + char* dnstap_tls_server_name; + /** dnstap server cert bundle */ + char* dnstap_tls_cert_bundle; + /** dnstap client key for client authentication */ + char* dnstap_tls_client_key_file; + /** dnstap client cert for client authentication */ + char* dnstap_tls_client_cert_file; /** true to send "identity" via dnstap */ int dnstap_send_identity; /** true to send "version" via dnstap */ diff --git a/util/configlexer.c b/util/configlexer.c index 112301330..601cd78bf 100644 --- a/util/configlexer.c +++ b/util/configlexer.c @@ -354,8 +354,8 @@ static void yynoreturn yy_fatal_error ( const char* msg ); (yy_hold_char) = *yy_cp; \ *yy_cp = '\0'; \ (yy_c_buf_p) = yy_cp; -#define YY_NUM_RULES 303 -#define YY_END_OF_BUFFER 304 +#define YY_NUM_RULES 309 +#define YY_END_OF_BUFFER 310 /* This struct is not used in this scanner, but its presence is necessary. */ struct yy_trans_info @@ -363,336 +363,343 @@ struct yy_trans_info flex_int32_t yy_verify; flex_int32_t yy_nxt; }; -static const flex_int16_t yy_accept[2988] = +static const flex_int16_t yy_accept[3044] = { 0, - 1, 1, 285, 285, 289, 289, 293, 293, 297, 297, - 1, 1, 304, 301, 1, 283, 283, 302, 2, 302, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 285, 286, 286, 287, 302, 289, 290, 290, - 291, 302, 296, 293, 294, 294, 295, 302, 297, 298, - 298, 299, 302, 300, 284, 2, 288, 302, 300, 301, - 0, 1, 2, 2, 2, 2, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 1, 1, 291, 291, 295, 295, 299, 299, 303, 303, + 1, 1, 310, 307, 1, 289, 289, 308, 2, 308, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 291, 292, 292, 293, 308, 295, 296, 296, + 297, 308, 302, 299, 300, 300, 301, 308, 303, 304, + 304, 305, 308, 306, 290, 2, 294, 308, 306, 307, + 0, 1, 2, 2, 2, 2, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 285, 0, 289, 0, 296, 0, 293, 297, 0, 300, - 0, 2, 2, 300, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 291, 0, 295, 0, 302, 0, 299, 303, 0, 306, + 0, 2, 2, 306, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 300, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 306, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 113, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 121, 301, 301, 301, 301, - 301, 301, 301, 300, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 113, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 121, 307, 307, 307, 307, + 307, 307, 307, 306, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 97, 301, - 301, 301, 301, 301, 301, 8, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 114, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 126, 301, 300, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 97, 307, + 307, 307, 307, 307, 307, 8, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 114, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 126, 307, 306, 307, 307, 307, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 278, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 284, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 300, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 55, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 223, 301, 14, 15, 301, 19, 18, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 306, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 55, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 223, 307, 14, 15, 307, 19, 18, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 120, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 207, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 3, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 120, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 207, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 3, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 300, 301, 301, 301, 301, 301, 301, - 301, 273, 301, 301, 272, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 292, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 306, 307, 307, 307, 307, 307, 307, + 307, 279, 307, 307, 278, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 298, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 58, 301, 247, 301, 301, 301, 301, - 301, 301, 301, 301, 279, 280, 301, 301, 301, 301, - 301, 59, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 117, 301, 301, - 301, 301, 301, 301, 301, 301, 196, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 21, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 145, 301, 301, 292, 301, + 307, 307, 307, 307, 58, 307, 253, 307, 307, 307, + 307, 307, 307, 307, 307, 285, 286, 307, 307, 307, + 307, 307, 59, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 117, 307, + 307, 307, 307, 307, 307, 307, 307, 196, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 21, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 145, 307, 307, 298, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 95, - 301, 301, 301, 301, 301, 301, 301, 255, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 168, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 144, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 95, 307, 307, 307, 307, 307, 307, 307, 261, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 168, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 144, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 301, 94, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 32, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 33, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 56, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 119, 301, 301, 301, 301, - 301, 112, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 57, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 94, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 32, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 33, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 56, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 119, 307, + 307, 307, 307, 307, 112, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 57, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 169, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 46, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 238, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 226, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 169, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 46, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 50, 301, 51, 301, 301, - 301, 301, 301, 98, 301, 99, 301, 301, 301, 301, - 96, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 7, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 216, 301, 301, - 301, 301, 147, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 244, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 50, 307, 51, 307, 307, 307, 307, 307, 98, 307, + 99, 307, 307, 307, 307, 96, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 7, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 216, 307, 307, 307, 307, 147, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 47, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 188, 301, 187, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 16, 17, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 60, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 227, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 47, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 188, 307, 187, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 16, 17, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 60, 307, 307, 307, - 301, 195, 301, 301, 301, 301, 301, 301, 101, 301, - 100, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 179, 301, 301, 301, 301, 301, 301, 301, 301, - 127, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 79, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 195, 307, + 307, 307, 307, 307, 307, 101, 307, 100, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 179, 307, + 307, 307, 307, 307, 307, 307, 307, 127, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 79, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 83, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 54, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 182, 183, 301, 301, 301, 249, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 6, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 253, 301, 301, 301, 301, 301, 301, 274, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 42, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 83, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 54, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 182, 183, 307, 307, 307, 255, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 6, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 259, 307, 307, 307, 307, 307, 307, 280, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 44, 301, 301, 301, 301, 301, 301, 301, - 301, 175, 301, 301, 301, 122, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 200, 301, 176, 301, - 301, 301, 213, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 45, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 124, - 106, 301, 107, 301, 301, 301, 105, 301, 301, 301, - 301, 301, 301, 301, 301, 142, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 237, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 42, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 44, 307, 307, 307, 307, 307, 307, 307, 307, + 175, 307, 307, 307, 122, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 200, 307, 176, 307, 307, + 307, 213, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 45, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 124, 106, 307, 107, 307, 307, 307, 105, 307, + 307, 307, 307, 307, 307, 307, 307, 142, 307, 307, - 301, 301, 301, 301, 301, 301, 177, 301, 301, 301, - 301, 301, 180, 301, 186, 301, 301, 301, 301, 301, - 212, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 93, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 118, 301, 301, 301, 301, 301, 301, - 52, 301, 301, 301, 26, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 20, 301, 301, 301, 301, 301, - 301, 27, 36, 301, 152, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 243, + 307, 307, 307, 307, 307, 307, 307, 307, 177, 307, + 307, 307, 307, 307, 180, 307, 186, 307, 307, 307, + 307, 307, 212, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 93, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 118, 307, 307, 307, 307, + 307, 307, 52, 307, 307, 307, 26, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 20, 307, 307, 307, + 307, 307, 307, 27, 36, 307, 152, 307, 307, 307, - 301, 301, 301, 301, 68, 70, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 257, - 301, 301, 301, 224, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 108, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 141, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 268, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 146, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 68, 70, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 263, 307, 307, 307, 224, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 108, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 141, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 274, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 206, 301, 301, 301, 301, 301, 301, 301, 301, - 277, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 163, 301, 301, 301, 301, 301, 301, 301, - 301, 102, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 158, 301, 170, 301, 301, 301, 301, 301, 130, - 301, 301, 301, 301, 301, 89, 301, 301, 301, 301, - 198, 301, 301, 301, 301, 301, 301, 214, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 229, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 146, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 206, 307, 307, 307, + 307, 307, 307, 307, 307, 283, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 163, 307, 307, + 307, 307, 307, 307, 307, 307, 102, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 158, 307, 170, 307, + 307, 307, 307, 307, 130, 307, 307, 307, 307, 307, + 89, 307, 307, 307, 307, 198, 307, 307, 307, 307, + 307, 307, 214, 307, 307, 307, 307, 307, 307, 307, - 123, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 162, 301, 301, 301, 301, 301, 71, 72, 301, - 301, 301, 301, 301, 53, 301, 301, 301, 301, 301, - 78, 171, 301, 189, 301, 217, 301, 301, 181, 250, - 301, 301, 301, 301, 301, 64, 301, 173, 301, 301, - 301, 301, 301, 9, 301, 301, 301, 92, 301, 301, - 301, 301, 242, 301, 301, 301, 197, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 235, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 123, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 162, + 307, 307, 307, 307, 307, 71, 72, 307, 307, 307, + 307, 307, 53, 307, 307, 307, 307, 307, 78, 171, + 307, 189, 307, 217, 307, 307, 181, 256, 307, 307, + 307, 307, 307, 64, 307, 173, 307, 307, 307, 307, + 307, 9, 307, 307, 307, 92, 307, 307, 307, 307, + 248, 307, 307, 307, 197, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 161, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 148, 301, 256, - 301, 301, 301, 301, 228, 301, 301, 301, 301, 301, - 301, 301, 301, 208, 301, 301, 301, 301, 248, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 271, 301, 172, 301, 301, 301, 301, - 301, 301, 301, 63, 65, 301, 301, 301, 301, 301, - 301, 301, 91, 301, 301, 301, 301, 240, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 161, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 148, 307, 262, 307, 307, + 307, 307, 234, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 208, 307, 307, 307, 307, 254, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 277, 307, 172, 307, 307, 307, - 301, 252, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 202, 34, 28, 30, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 35, 301, 29, 31, - 301, 301, 301, 301, 301, 301, 301, 301, 88, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 204, 201, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 62, 301, 301, 125, 301, 109, 301, 301, - 301, 301, 301, 301, 301, 301, 143, 13, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 266, 301, 269, + 307, 307, 307, 307, 63, 65, 307, 307, 307, 307, + 307, 307, 307, 91, 307, 307, 307, 307, 246, 307, + 307, 307, 258, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 202, 34, 28, 30, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 35, 307, 29, + 31, 307, 307, 307, 307, 307, 307, 307, 307, 88, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 204, 201, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 62, 307, 307, 125, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 12, 301, 301, 22, 301, 301, 301, 246, 301, 301, - 301, 254, 301, 301, 301, 66, 301, 210, 301, 301, - 301, 301, 203, 301, 301, 61, 301, 301, 301, 301, - 23, 301, 43, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 157, 156, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 205, 199, 301, 215, - 301, 301, 258, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 73, 301, 301, + 307, 109, 307, 307, 307, 307, 307, 307, 307, 307, + 143, 13, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 272, 307, 275, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 12, 307, 307, 22, 307, 307, + 307, 252, 307, 307, 307, 260, 307, 307, 307, 66, + 307, 210, 307, 307, 307, 307, 203, 307, 307, 61, + 307, 307, 307, 307, 23, 307, 43, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 157, + 156, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 205, 199, 307, 215, 307, 307, 264, 307, 307, 307, - 301, 241, 301, 301, 301, 301, 185, 301, 301, 301, - 301, 209, 301, 301, 301, 301, 301, 301, 301, 301, - 275, 276, 154, 301, 301, 67, 301, 301, 301, 301, - 164, 301, 301, 103, 104, 301, 301, 301, 301, 149, - 301, 151, 301, 190, 301, 301, 301, 301, 155, 301, - 301, 218, 301, 301, 301, 301, 301, 301, 301, 132, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 225, 301, 301, 301, 24, 301, 251, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 191, - 301, 301, 239, 301, 270, 301, 184, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 73, 307, 307, 307, 247, 307, + 307, 307, 307, 185, 307, 307, 307, 307, 209, 307, + 307, 307, 307, 307, 307, 307, 307, 281, 282, 154, + 307, 307, 67, 307, 307, 307, 307, 164, 307, 307, + 103, 104, 307, 307, 307, 307, 149, 307, 151, 307, + 190, 307, 307, 307, 307, 155, 307, 307, 218, 307, + 307, 307, 307, 307, 307, 307, 132, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 225, 307, - 301, 48, 301, 301, 301, 301, 4, 301, 301, 301, - 116, 131, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 221, 37, 38, 301, 301, 301, 301, 301, 301, 301, - 259, 301, 301, 301, 301, 301, 301, 227, 301, 301, - 301, 194, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 76, 301, 49, 245, 301, 222, 301, 301, 301, - 301, 11, 301, 301, 301, 301, 301, 115, 301, 301, - 301, 301, 192, 80, 301, 40, 301, 301, 301, 301, - 301, 301, 301, 301, 160, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 24, 307, 257, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 191, 307, 307, 245, 307, 276, 307, 184, 307, 307, + 307, 307, 48, 307, 307, 307, 307, 4, 307, 307, + 307, 116, 131, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 221, 37, 38, 307, 307, 307, 307, 307, 307, + 307, 265, 307, 307, 307, 307, 307, 307, 233, 307, + 307, 307, 307, 307, 307, 307, 194, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 76, 307, 49, 251, - 134, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 226, 128, 301, 301, 110, 111, 301, 301, 301, 82, - 86, 81, 301, 74, 301, 301, 301, 301, 301, 10, - 301, 301, 301, 243, 301, 301, 301, 301, 282, 39, - 301, 301, 301, 301, 301, 159, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 87, 85, 301, 75, 267, 301, - 301, 301, 301, 301, 301, 301, 178, 301, 301, 301, - 301, 301, 193, 301, 301, 301, 301, 301, 301, 301, - 301, 150, 69, 301, 301, 301, 301, 301, 260, 301, + 307, 222, 307, 307, 307, 307, 11, 307, 307, 307, + 307, 307, 115, 307, 307, 307, 307, 192, 80, 307, + 40, 307, 307, 307, 307, 307, 307, 307, 307, 160, + 307, 307, 307, 307, 307, 134, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 232, 307, 307, 307, 307, + 128, 307, 307, 110, 111, 307, 307, 307, 82, 86, + 81, 307, 74, 307, 307, 307, 307, 307, 10, 307, + 307, 307, 249, 307, 307, 307, 307, 288, 39, 307, + 307, 307, 307, 307, 159, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, - 301, 301, 301, 301, 301, 301, 129, 301, 84, 135, - 136, 139, 140, 137, 138, 77, 301, 244, 301, 301, - 301, 301, 153, 301, 301, 301, 301, 301, 220, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 166, 165, 41, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 90, - 301, 219, 301, 236, 264, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 5, 301, 301, 211, 301, - 301, 265, 301, 301, 301, 301, 301, 301, 301, 301, + 307, 307, 307, 307, 307, 307, 307, 87, 85, 307, + 75, 273, 307, 307, 307, 307, 307, 307, 307, 178, + 307, 307, 307, 307, 307, 193, 307, 307, 307, 307, + 307, 307, 307, 307, 150, 69, 307, 307, 307, 307, + 307, 266, 307, 307, 307, 307, 307, 307, 307, 229, + 307, 307, 228, 129, 307, 84, 135, 136, 139, 140, + 137, 138, 77, 307, 250, 307, 307, 307, 307, 153, + 307, 307, 307, 307, 307, 220, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 166, 165, 41, 307, 307, 307, 307, - 25, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 301, 133, 301, 301, 301, - 301, 301, 301, 301, 301, 167, 301, 174, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 261, 301, 301, - 301, 301, 301, 301, 301, 301, 301, 301, 301, 301, - 301, 301, 301, 301, 301, 281, 301, 301, 232, 301, - 301, 301, 301, 301, 262, 301, 301, 301, 301, 301, - 301, 263, 301, 301, 301, 230, 301, 233, 234, 301, - 301, 301, 301, 301, 231, 235, 0 + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 90, 307, 219, 307, 242, 270, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 5, 307, + 307, 211, 307, 307, 271, 307, 307, 307, 307, 307, + 307, 307, 307, 307, 230, 25, 307, 307, 307, 307, + 307, 307, 307, 307, 307, 307, 307, 307, 231, 307, + 307, 307, 133, 307, 307, 307, 307, 307, 307, 307, + 307, 167, 307, 174, 307, 307, 307, 307, 307, 307, + 307, 307, 307, 267, 307, 307, 307, 307, 307, 307, + + 307, 307, 307, 307, 307, 307, 307, 307, 307, 307, + 307, 287, 307, 307, 238, 307, 307, 307, 307, 307, + 268, 307, 307, 307, 307, 307, 307, 269, 307, 307, + 307, 236, 307, 239, 240, 307, 307, 307, 307, 307, + 237, 241, 0 } ; static const YY_CHAR yy_ec[256] = @@ -735,15 +742,15 @@ static const YY_CHAR yy_meta[41] = 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 } ; -static const flex_int16_t yy_base[3002] = +static const flex_int16_t yy_base[3058] = { 0, 0, 0, 38, 41, 44, 46, 59, 65, 71, 77, - 90, 112, 3479, 3230, 81, 5821, 5821, 5821, 96, 52, + 90, 112, 3212, 2720, 81, 5927, 5927, 5927, 96, 52, 106, 63, 107, 111, 70, 128, 130, 133, 57, 88, 76, 135, 141, 117, 148, 145, 160, 164, 185, 177, - 189, 152, 3109, 5821, 5821, 5821, 107, 3022, 5821, 5821, - 5821, 165, 2626, 2353, 5821, 5821, 5821, 211, 2291, 5821, - 5821, 5821, 180, 2178, 5821, 217, 5821, 221, 168, 1832, + 189, 152, 2544, 5927, 5927, 5927, 107, 2459, 5927, 5927, + 5927, 165, 2157, 2047, 5927, 5927, 5927, 211, 1913, 5927, + 5927, 5927, 180, 1568, 5927, 217, 5927, 221, 168, 1529, 225, 231, 0, 237, 0, 0, 226, 231, 85, 180, 114, 238, 239, 156, 234, 206, 240, 232, 200, 132, 253, 244, 245, 248, 256, 257, 264, 271, 249, 277, @@ -772,9 +779,9 @@ static const flex_int16_t yy_base[3002] = 700, 701, 702, 711, 704, 712, 713, 726, 731, 721, 732, 733, 735, 737, 740, 748, 739, 746, 743, 750, - 752, 753, 762, 758, 5821, 757, 760, 773, 766, 774, + 752, 753, 762, 758, 5927, 757, 760, 773, 766, 774, 775, 776, 781, 782, 763, 789, 787, 788, 792, 814, - 796, 798, 794, 803, 806, 5821, 804, 808, 838, 810, + 796, 798, 794, 803, 806, 5927, 804, 808, 838, 810, 812, 832, 828, 824, 827, 829, 839, 836, 849, 842, 847, 851, 862, 858, 859, 860, 861, 864, 863, 877, 872, 870, 799, 874, 889, 875, 882, 886, 887, 892, @@ -783,21 +790,21 @@ static const flex_int16_t yy_base[3002] = 942, 943, 937, 944, 947, 950, 951, 952, 953, 961, 958, 959, 963, 964, 966, 967, 970, 972, 973, 975, - 977, 979, 978, 985, 988, 981, 994, 989, 5821, 996, - 998, 999, 1000, 1001, 1003, 5821, 1004, 1005, 1006, 1014, + 977, 979, 978, 985, 988, 981, 994, 989, 5927, 996, + 998, 999, 1000, 1001, 1003, 5927, 1004, 1005, 1006, 1014, 1017, 1016, 1013, 1023, 1027, 1028, 1029, 1030, 1039, 1012, 1041, 1040, 1036, 1042, 1046, 1048, 1049, 1051, 1052, 1054, - 1055, 1057, 1060, 1077, 5821, 1061, 1064, 1062, 1063, 1070, + 1055, 1057, 1060, 1077, 5927, 1061, 1064, 1062, 1063, 1070, 1080, 1089, 1072, 1090, 1088, 1065, 1105, 1092, 1106, 1100, 1101, 1111, 1102, 1113, 1107, 1116, 1115, 1117, 1118, 1119, - 1120, 1125, 1126, 1131, 5821, 1133, 1134, 1145, 1135, 1143, + 1120, 1125, 1126, 1131, 5927, 1133, 1134, 1145, 1135, 1143, 1132, 1146, 1148, 1149, 1150, 1152, 1153, 1156, 1162, 1172, 1157, 1174, 1159, 1170, 1175, 1176, 1177, 1178, 1179, 1180, 1193, 1184, 1186, 1200, 1207, 1203, 1205, 1212, 1190, 1210, 1209, 1208, 1215, 1216, 1217, 1218, 1220, 1221, 1230, 1228, 1226, 1229, 1231, 1242, 1233, 1235, 1240, 1237, 1245, 1247, - 1253, 1254, 1250, 1256, 5821, 1263, 1260, 1267, 1262, 1268, + 1253, 1254, 1250, 1256, 5927, 1263, 1260, 1267, 1262, 1268, 1272, 1274, 1261, 1276, 1278, 1280, 1281, 1282, 1284, 1287, 1289, 1290, 1291, 1292, 1301, 1297, 1307, 1314, 1313, 1315, 1299, 1305, 1324, 1321, 1328, 1327, 1329, 1337, 1325, 1332, @@ -809,603 +816,613 @@ static const flex_int16_t yy_base[3002] = 1416, 1417, 1418, 1419, 1420, 1423, 1424, 1183, 1425, 1440, 1426, 1430, 1438, 1441, 1447, 1446, 1450, 1454, 1444, 1456, 1457, 1458, 1460, 1461, 1465, 1464, 1471, 1468, 1474, 1476, - 1478, 1477, 1480, 1484, 1487, 1481, 5821, 1488, 1495, 1494, + 1478, 1477, 1480, 1484, 1487, 1481, 5927, 1488, 1495, 1494, 1496, 1497, 1499, 1501, 1508, 1503, 1505, 1504, 1506, 1510, - 1516, 5821, 1517, 5821, 5821, 1520, 5821, 5821, 1518, 1523, - 1526, 1536, 1533, 1543, 1298, 1539, 1541, 1545, 1552, 1566, + 1532, 5927, 1513, 5927, 5927, 1516, 5927, 5927, 1517, 1515, + 1518, 1523, 1535, 1538, 1298, 1525, 1542, 1520, 1553, 1557, - 1548, 1550, 1551, 1547, 1556, 1561, 1574, 1562, 1549, 1575, - 1577, 1580, 1586, 1513, 1587, 1579, 1554, 1588, 1590, 1589, - 1592, 1595, 1600, 1601, 1594, 1603, 1596, 1611, 1616, 1607, - 1623, 5821, 1619, 1626, 1631, 1627, 1634, 1630, 1629, 1636, - 1638, 1640, 1641, 1642, 1643, 1645, 1646, 1651, 1604, 1647, - 1659, 1654, 5821, 1657, 1658, 1656, 1662, 1669, 1663, 1664, - 1670, 1674, 1675, 1682, 1679, 1677, 1684, 1685, 1686, 1687, - 5821, 1689, 1697, 1693, 1699, 1700, 1702, 1705, 1701, 1706, - 1707, 1708, 1709, 1711, 1715, 1718, 1719, 1720, 1717, 1724, - 1727, 1730, 1735, 1742, 1737, 1739, 1743, 1745, 1746, 1747, + 1545, 1546, 1548, 1549, 1560, 1571, 1555, 1572, 1565, 1577, + 1579, 1582, 1581, 1587, 1583, 1588, 1590, 1591, 1593, 1592, + 1596, 1598, 1601, 1602, 1599, 1604, 1605, 1614, 1618, 1610, + 1625, 5927, 1621, 1628, 1635, 1631, 1638, 1630, 1634, 1637, + 1642, 1644, 1639, 1646, 1648, 1649, 1650, 1652, 1654, 1657, + 1661, 1658, 5927, 1659, 1662, 1667, 1666, 1670, 1674, 1606, + 1660, 1678, 1676, 1692, 1680, 1682, 1683, 1684, 1688, 1695, + 5927, 1694, 1700, 1690, 1703, 1701, 1704, 1705, 1707, 1710, + 1709, 1713, 1715, 1714, 1716, 1723, 1728, 1721, 1720, 1726, + 1738, 1727, 1742, 1746, 1731, 1734, 1748, 1749, 1750, 1752, - 1749, 1750, 1758, 1751, 1760, 1755, 1762, 1767, 1772, 1759, - 1771, 1774, 1764, 1780, 1788, 1784, 1777, 1773, 1796, 1789, - 1793, 1794, 1797, 1799, 1800, 1801, 1803, 1806, 1807, 1808, - 1810, 5821, 1811, 1816, 5821, 1814, 1817, 1839, 1818, 1820, - 1821, 1823, 1826, 1833, 1825, 1831, 1841, 1843, 1853, 1849, - 1854, 1856, 1859, 1861, 1862, 1865, 1867, 1869, 1878, 1879, - 1883, 1885, 1890, 1870, 1868, 1877, 1896, 1888, 1889, 1891, - 1899, 1906, 1893, 1901, 1903, 1908, 1912, 1914, 1919, 5821, - 1924, 1925, 1920, 1921, 1932, 1930, 1929, 1933, 1936, 1937, - 1944, 1940, 1941, 1946, 1943, 1947, 1950, 1952, 1956, 1957, + 1753, 1755, 1760, 1759, 1762, 1758, 1767, 1769, 1776, 1764, + 1765, 1766, 1779, 1781, 1790, 1786, 1787, 1788, 1797, 1792, + 1794, 1795, 1798, 1807, 1796, 1804, 1809, 1799, 1802, 1814, + 1815, 5927, 1816, 1817, 5927, 1818, 1820, 1842, 1823, 1825, + 1828, 1827, 1830, 1832, 1833, 1835, 1839, 1846, 1862, 1850, + 1865, 1837, 1867, 1854, 1868, 1857, 1859, 1870, 1877, 1885, + 1892, 1875, 1893, 1895, 1876, 1878, 1887, 1906, 1890, 1891, + 1894, 1899, 1900, 1904, 1910, 1903, 1915, 1916, 1922, 1919, + 5927, 1930, 1928, 1927, 1929, 1939, 1936, 1937, 1938, 1940, + 1943, 1950, 1945, 1948, 1952, 1951, 1955, 1953, 1958, 1963, - 1962, 1954, 1973, 5821, 1958, 5821, 1955, 1959, 1972, 1975, - 1976, 1977, 1978, 1980, 5821, 5821, 1981, 1984, 1987, 1996, - 1982, 5821, 1997, 2004, 2001, 2006, 2000, 1999, 2007, 2008, - 2011, 2016, 2012, 2023, 2015, 2022, 2020, 5821, 2028, 2018, - 2024, 2033, 2035, 2036, 2037, 2040, 5821, 2043, 2044, 2047, - 2054, 2046, 2050, 2055, 2058, 2056, 2062, 2063, 2064, 2065, - 2066, 2075, 2076, 2067, 2078, 2081, 2077, 5821, 2074, 2085, - 2093, 2089, 2091, 2088, 2095, 2096, 2098, 2099, 2100, 2103, - 2106, 2107, 2115, 2116, 2108, 2112, 2120, 2113, 2122, 2125, - 2128, 2127, 2129, 2130, 2131, 5821, 2133, 2135, 124, 2139, + 1965, 1960, 1961, 1968, 5927, 1964, 5927, 1975, 1976, 1979, + 1977, 1981, 1982, 1983, 1985, 5927, 5927, 1987, 1984, 1994, + 2006, 2001, 5927, 1986, 2009, 2011, 2004, 2005, 2010, 2013, + 2016, 2017, 2024, 2020, 2027, 2022, 2023, 2025, 5927, 2033, + 2026, 2038, 2041, 2034, 2044, 2048, 2042, 5927, 2045, 2052, + 2055, 2062, 2058, 2060, 2059, 2063, 2064, 2067, 2070, 2071, + 2072, 2073, 2080, 2082, 2078, 2079, 2087, 2094, 5927, 2081, + 2090, 2101, 2093, 2097, 2100, 2102, 2103, 2104, 2105, 2106, + 2112, 2113, 2114, 2122, 2124, 2119, 2115, 2127, 2123, 2129, + 2128, 2135, 2132, 2136, 2137, 2138, 5927, 2139, 2147, 124, - 2140, 2142, 2141, 2148, 2144, 2147, 2164, 2165, 2161, 2160, - 2163, 2169, 2170, 2171, 2172, 2173, 2174, 2175, 2177, 5821, - 2151, 2179, 2180, 2182, 2185, 2186, 2189, 5821, 2199, 2202, - 2188, 2201, 2209, 2204, 2210, 2211, 2213, 2218, 2214, 2217, - 5821, 2221, 2224, 2226, 2227, 2228, 2230, 2235, 2237, 2238, - 2239, 2242, 2240, 2241, 2245, 2243, 2246, 2250, 2259, 2249, - 2251, 2256, 2260, 5821, 2272, 2261, 2270, 2263, 2274, 2273, - 2287, 2277, 2280, 2282, 2288, 2297, 2290, 2284, 2298, 2299, - 2304, 2308, 2307, 2313, 2314, 2311, 2315, 2321, 2323, 2324, - 2325, 2329, 2327, 2330, 2331, 2332, 2339, 2340, 2337, 2348, + 2141, 2144, 2148, 2149, 2152, 2165, 2151, 2168, 2172, 2169, + 2173, 2176, 2153, 2170, 2177, 2178, 2179, 2180, 2185, 2183, + 5927, 2189, 2190, 2191, 2186, 2197, 2192, 2194, 5927, 2195, + 2206, 2215, 2216, 2205, 2217, 2207, 2218, 2221, 2222, 2224, + 2228, 2229, 2225, 5927, 2232, 2234, 2237, 2235, 2241, 2245, + 2238, 2248, 2250, 2251, 2252, 2253, 2254, 2257, 2256, 2258, + 2259, 2260, 2267, 2271, 2272, 2274, 5927, 2284, 2262, 2273, + 2280, 2285, 2286, 2294, 2287, 2289, 2295, 2296, 2309, 2299, + 2301, 2311, 2315, 2302, 2304, 2325, 2321, 2324, 2330, 2320, + 2333, 2335, 2323, 2327, 2337, 2336, 2339, 2347, 2342, 2354, - 2346, 2353, 2359, 2358, 5821, 2361, 2363, 2349, 2368, 2376, - 2351, 2374, 2371, 2372, 2380, 2382, 2383, 2390, 2386, 2388, - 2389, 2393, 2391, 2395, 2392, 2394, 2402, 2409, 2400, 2412, - 2414, 5821, 2417, 2413, 2406, 2421, 2423, 2424, 2427, 2428, - 2431, 2432, 2433, 2435, 2437, 2438, 2439, 2440, 2442, 2446, - 2443, 5821, 2447, 2449, 2455, 2458, 2462, 2466, 2467, 2468, - 2473, 2456, 2475, 2476, 2452, 5821, 2485, 2486, 2477, 2490, - 2487, 2488, 2489, 2492, 2493, 5821, 2494, 2495, 2503, 2504, - 2499, 5821, 2508, 2501, 2506, 2510, 2509, 2511, 2516, 2512, - 2519, 2520, 2525, 2528, 2524, 2531, 5821, 2533, 2540, 2535, + 2355, 2352, 2358, 2350, 2371, 2376, 2367, 5927, 2365, 2375, + 2363, 2377, 2385, 2380, 2382, 2383, 2389, 2388, 2391, 2392, + 2399, 2394, 2396, 2400, 2403, 2401, 2409, 2405, 2411, 2412, + 2420, 2413, 2422, 2351, 5927, 2424, 2425, 2416, 2429, 2432, + 2426, 2434, 2439, 2437, 2441, 2443, 2445, 2447, 2448, 2449, + 2450, 2452, 2454, 2453, 5927, 2457, 2458, 2463, 2465, 2466, + 2472, 2475, 2478, 2476, 2482, 2483, 2484, 2485, 5927, 2492, + 2493, 2490, 2494, 2496, 2497, 2499, 2502, 2503, 5927, 2504, + 2506, 2513, 2514, 2509, 5927, 2517, 2512, 2518, 2519, 2520, + 2521, 2527, 2522, 2525, 2530, 2535, 2537, 2533, 2541, 5927, - 2537, 2541, 2542, 2543, 2545, 2554, 2548, 2551, 2561, 2564, - 2566, 2557, 2567, 2569, 2570, 2571, 2573, 2572, 5821, 2574, - 2579, 2580, 2581, 2586, 2583, 2584, 2591, 2594, 2595, 2596, - 2600, 2602, 2599, 2604, 2605, 2608, 2607, 2611, 2621, 2616, - 2623, 2619, 2627, 2630, 2634, 2635, 2637, 5821, 2642, 2639, - 2644, 2633, 2645, 2646, 2647, 2648, 2650, 2652, 2657, 2655, - 2656, 2664, 2672, 2665, 2667, 2673, 2674, 2677, 2676, 2678, - 2679, 2680, 2688, 2684, 2683, 2696, 2687, 2694, 2701, 2691, - 2702, 2703, 2704, 2705, 2707, 2711, 2712, 2714, 2708, 2716, - 2725, 2727, 2729, 2718, 2730, 2734, 2735, 5821, 2738, 2736, + 2543, 2553, 2545, 2549, 2551, 2554, 2555, 2557, 2561, 2565, + 2560, 5927, 2577, 2576, 2573, 2587, 2564, 2578, 2579, 2585, + 2582, 2588, 2589, 5927, 2591, 2592, 2594, 2595, 2598, 2599, + 2601, 2613, 2603, 2606, 2608, 2611, 2614, 2616, 2618, 2621, + 2619, 2627, 2630, 2631, 2633, 2634, 2636, 2637, 2644, 2647, + 2649, 2651, 5927, 2654, 2655, 2656, 2643, 2646, 2658, 2662, + 2663, 2666, 2667, 2671, 2668, 2670, 2678, 2680, 2681, 2683, + 2685, 2687, 2688, 2690, 2691, 2692, 2693, 2700, 2698, 2696, + 2705, 2702, 2707, 2714, 2709, 2715, 2716, 2717, 2718, 2719, + 2723, 2724, 2726, 2727, 2731, 2742, 2743, 2733, 2744, 2745, - 2740, 2742, 2745, 2748, 2752, 2749, 2750, 2756, 2755, 2762, - 2757, 2765, 2767, 2774, 2770, 5821, 2771, 5821, 2772, 2773, - 2775, 2785, 2780, 5821, 2782, 5821, 2788, 2795, 2786, 2790, - 5821, 2796, 2784, 2792, 2797, 2803, 2805, 2808, 2807, 2809, - 2810, 2813, 2814, 2815, 2816, 2819, 2820, 2825, 2821, 2835, - 2824, 2822, 2843, 2832, 2837, 2841, 2839, 2846, 5821, 2850, - 2847, 2852, 2853, 2855, 2856, 2859, 2857, 2863, 2864, 2861, - 2871, 2867, 2875, 2874, 2886, 2868, 2891, 5821, 2878, 2890, - 2882, 2893, 5821, 2895, 2894, 2896, 2902, 2898, 2904, 2905, - 2906, 2907, 2911, 2910, 2913, 2921, 2924, 2917, 2927, 2914, + 2746, 2747, 5927, 2750, 2752, 2751, 2756, 2761, 2758, 2768, + 2764, 2765, 2769, 2773, 2776, 2770, 2775, 2781, 2788, 2784, + 5927, 2785, 5927, 2786, 2787, 2794, 2797, 2789, 5927, 2799, + 5927, 2802, 2811, 2796, 2800, 5927, 2814, 2804, 2806, 2818, + 2808, 2813, 2820, 2821, 2822, 2827, 2825, 2829, 2830, 2831, + 2833, 2835, 2837, 2841, 2846, 2848, 2838, 2849, 2840, 2854, + 2857, 2851, 2859, 5927, 2867, 2860, 2863, 2868, 2869, 2871, + 2872, 2874, 2875, 2880, 2876, 2881, 2882, 2889, 2892, 2890, + 2893, 2904, 5927, 2894, 2906, 2899, 2901, 5927, 2909, 2903, + 2910, 2915, 2912, 2917, 2919, 2920, 2921, 2924, 2925, 2937, - 2925, 2940, 2933, 2935, 2941, 2943, 2944, 2945, 2946, 2947, - 2948, 2950, 2957, 2960, 2956, 2965, 2952, 2962, 2970, 2971, - 2955, 2963, 2972, 2974, 2977, 2978, 2980, 2985, 2981, 2982, - 2984, 2986, 5821, 2995, 2989, 2999, 2996, 3000, 3003, 2987, - 3005, 3010, 3006, 3013, 3016, 3008, 5821, 3012, 5821, 3014, - 3026, 3031, 3034, 3035, 3018, 3037, 3042, 3038, 3043, 3044, - 3045, 3046, 3048, 3052, 3053, 3054, 3058, 3074, 3056, 3057, - 3060, 3069, 3070, 3059, 3071, 5821, 5821, 3076, 3078, 3079, - 3081, 3082, 3085, 3088, 3086, 3092, 3093, 3094, 3105, 5821, - 3102, 3100, 3106, 3108, 3117, 3107, 3119, 3126, 3122, 3129, + 2938, 2928, 2939, 5927, 2941, 2944, 2929, 2948, 2952, 2956, + 2930, 2959, 2953, 2957, 2963, 2964, 2965, 2966, 2967, 2974, + 2975, 2972, 2979, 2971, 2978, 2981, 2985, 2987, 2988, 2989, + 2992, 2993, 2991, 2997, 3001, 2996, 2998, 2999, 3000, 5927, + 3012, 3002, 3014, 3023, 3015, 3017, 3004, 3020, 3025, 3026, + 3029, 3033, 3027, 5927, 3032, 5927, 3035, 3037, 3049, 3051, + 3044, 3039, 3055, 3054, 3046, 3061, 3062, 3063, 3064, 3065, + 3066, 3069, 3070, 3076, 3077, 3073, 3074, 3078, 3084, 3086, + 3087, 3089, 5927, 5927, 3090, 3092, 3095, 3093, 3097, 3099, + 3107, 3105, 3098, 3111, 3112, 3119, 5927, 3120, 3121, 3123, - 3124, 5821, 3121, 3131, 3138, 3133, 3134, 3142, 5821, 3139, - 5821, 3135, 3140, 3144, 3148, 3149, 3150, 3151, 3153, 3156, - 3164, 3166, 3161, 3168, 3169, 3170, 3171, 3178, 3173, 3175, - 3176, 5821, 3180, 3181, 3182, 3185, 3192, 3193, 3196, 3183, - 5821, 3199, 3203, 3200, 3204, 3207, 3209, 3210, 3211, 3213, - 3215, 3212, 3217, 3228, 3220, 3221, 3223, 3234, 3235, 3241, - 5821, 3242, 3236, 3249, 3251, 3244, 3246, 3252, 3253, 3254, - 3257, 3259, 3258, 3260, 3262, 3264, 3261, 3271, 3265, 3267, - 3284, 3278, 3268, 3281, 3270, 3287, 3288, 3292, 3294, 3297, - 3299, 3291, 3302, 3303, 3305, 3309, 3313, 3310, 3321, 3316, + 3124, 3131, 3126, 3128, 3139, 3135, 3143, 3141, 5927, 3138, + 3142, 3152, 3148, 3150, 3155, 5927, 3154, 5927, 3151, 3157, + 3160, 3163, 3164, 3165, 3166, 3167, 3174, 3175, 3185, 3171, + 3182, 3183, 3186, 3187, 3194, 3189, 3190, 3191, 5927, 3193, + 3196, 3199, 3207, 3208, 3210, 3214, 3197, 5927, 3204, 3218, + 3221, 3222, 3224, 3226, 3227, 3228, 3230, 3232, 3229, 3231, + 3239, 3237, 3236, 3246, 3256, 3247, 3258, 5927, 3259, 3253, + 3266, 3268, 3261, 3263, 3269, 3270, 3271, 3274, 3276, 3275, + 3277, 3279, 3281, 3278, 3288, 3282, 3295, 3284, 3298, 3304, + 3305, 3285, 3301, 3308, 3309, 3312, 3311, 3315, 3318, 3322, - 5821, 3323, 3318, 3328, 3320, 3324, 3332, 3333, 3335, 3325, - 3340, 3341, 3348, 3343, 5821, 3352, 3350, 3347, 3354, 3353, - 3362, 3357, 3355, 3358, 3370, 3359, 3371, 3367, 3373, 3376, - 3381, 3374, 5821, 5821, 3383, 3378, 3384, 5821, 3388, 3386, - 3396, 3392, 3389, 3398, 3399, 3400, 3401, 3404, 3402, 3408, - 5821, 3411, 3418, 3414, 3415, 3423, 3425, 3421, 3426, 3429, - 3430, 3432, 3433, 3436, 3435, 3437, 3440, 3448, 3444, 3443, - 3452, 5821, 3446, 3447, 3449, 3460, 3455, 3461, 5821, 3462, - 3467, 3473, 3468, 3483, 3480, 3475, 3488, 3457, 3485, 3470, - 3490, 3492, 3493, 3500, 3496, 3497, 3504, 3505, 3510, 5821, + 3319, 3331, 3332, 3323, 3326, 3335, 3336, 3343, 3338, 5927, + 3348, 3328, 3351, 3349, 3350, 3355, 3356, 3358, 3359, 3360, + 3361, 3368, 3363, 5927, 3370, 3365, 3375, 3376, 3367, 3390, + 3385, 3366, 3388, 3392, 3389, 3395, 3393, 3397, 3398, 3401, + 3402, 5927, 5927, 3404, 3405, 3407, 5927, 3408, 3406, 3418, + 3411, 3414, 3421, 3238, 3420, 3423, 3424, 3426, 3428, 5927, + 3432, 3439, 3431, 3434, 3446, 3448, 3454, 3438, 3447, 3445, + 3450, 3455, 3457, 3458, 3459, 3461, 3470, 3463, 3466, 3468, + 5927, 3471, 3473, 3474, 3478, 3475, 3482, 5927, 3480, 3486, + 3487, 3489, 3501, 3492, 3502, 3504, 3484, 3506, 3507, 3509, - 3498, 3508, 3501, 3516, 3518, 3526, 3528, 3529, 3509, 3527, - 3530, 3537, 5821, 3533, 3534, 3536, 3539, 3546, 3541, 3549, - 3544, 5821, 3547, 3550, 3552, 5821, 3551, 3560, 3566, 3568, - 3553, 3576, 3571, 3574, 3572, 3575, 5821, 3580, 5821, 3555, - 3581, 3582, 5821, 3586, 3587, 3589, 3591, 3588, 3595, 3596, - 3603, 3592, 3604, 3605, 3606, 3607, 3609, 3616, 3608, 5821, - 3617, 3615, 3619, 3620, 3626, 3624, 3627, 3632, 3630, 5821, - 5821, 3639, 5821, 3631, 3640, 3641, 5821, 3644, 3646, 3651, - 3647, 3649, 3652, 3662, 3655, 5821, 3658, 3653, 3666, 3668, - 3669, 3670, 3671, 3672, 3674, 3676, 3675, 5821, 3678, 3680, + 3508, 3510, 3517, 3512, 3516, 3523, 3524, 3515, 5927, 3529, + 3531, 3532, 3534, 3536, 3545, 3543, 3546, 3541, 3548, 3549, + 3556, 5927, 3551, 3554, 3557, 3555, 3565, 3560, 3568, 3564, + 5927, 3566, 3570, 3572, 5927, 3571, 3583, 3586, 3588, 3573, + 3581, 3590, 3592, 3594, 3595, 5927, 3598, 5927, 3599, 3579, + 3605, 5927, 3601, 3607, 3609, 3611, 3608, 3615, 3616, 3623, + 3612, 3618, 3624, 3625, 3626, 3628, 3635, 3631, 3634, 3636, + 3637, 5927, 3638, 3640, 3646, 3647, 3652, 3641, 3645, 3657, + 3656, 5927, 5927, 3660, 5927, 3664, 3663, 3665, 5927, 3668, + 3670, 3677, 3672, 3673, 3676, 3686, 3680, 5927, 3675, 3687, - 3686, 3679, 3687, 3693, 3699, 3688, 5821, 3701, 3703, 3695, - 3709, 3710, 5821, 3702, 5821, 3712, 3715, 3716, 3718, 3719, - 5821, 3721, 3722, 3726, 3727, 3729, 3731, 3732, 3735, 3739, - 3741, 3748, 3744, 3743, 3746, 5821, 3745, 3751, 3759, 3762, - 3752, 3750, 3766, 3768, 3769, 3772, 3775, 3777, 3778, 3781, - 3776, 3786, 3783, 5821, 3784, 3790, 3787, 3800, 3795, 3797, - 5821, 3798, 3802, 3806, 5821, 3803, 3805, 3812, 3814, 3815, - 3817, 3818, 3822, 3823, 5821, 3819, 3820, 3824, 3837, 3840, - 3830, 5821, 5821, 3841, 5821, 3843, 3827, 3846, 3848, 3826, - 3853, 3829, 3854, 3856, 3852, 3864, 3865, 3859, 3875, 3873, + 3690, 3692, 3693, 3694, 3696, 3697, 3695, 3698, 3699, 5927, + 3700, 3703, 3711, 3704, 3712, 3716, 3723, 3717, 5927, 3724, + 3725, 3726, 3730, 3731, 5927, 3733, 5927, 3734, 3736, 3739, + 3741, 3740, 5927, 3746, 3747, 3750, 3753, 3755, 3754, 3757, + 3758, 3764, 3765, 3772, 3768, 3767, 3769, 5927, 3770, 3774, + 3776, 3783, 3771, 3778, 3787, 3790, 3791, 3792, 3797, 3794, + 3801, 3803, 3805, 3807, 3799, 5927, 3809, 3811, 3810, 3825, + 3820, 3815, 5927, 3816, 3830, 3832, 5927, 3823, 3822, 3834, + 3839, 3826, 3833, 3840, 3841, 3845, 5927, 3846, 3847, 3848, + 3849, 3852, 3853, 5927, 5927, 3861, 5927, 3863, 3850, 3864, - 3882, 3877, 3747, 3858, 5821, 5821, 3884, 3885, 3879, 3890, - 3891, 3881, 3887, 3901, 3894, 3896, 3903, 3904, 3912, 5821, - 3910, 3898, 3913, 5821, 3907, 3915, 3908, 3919, 3916, 3922, - 3923, 3925, 3926, 3927, 3928, 3929, 3935, 3937, 3936, 3938, - 3943, 3945, 5821, 3946, 3948, 3949, 3950, 3952, 3953, 3957, - 3958, 3959, 5821, 3960, 3963, 3966, 3964, 3965, 3971, 3981, - 3986, 3988, 3974, 3983, 3990, 3992, 3994, 3995, 5821, 3997, - 3998, 3999, 4003, 4006, 4008, 4009, 4011, 4012, 4014, 4016, - 4017, 4021, 4024, 4025, 4026, 4027, 4029, 5821, 4032, 4034, - 4036, 4043, 4038, 4040, 4044, 4049, 4052, 4045, 4053, 4054, + 3865, 3866, 3872, 3871, 3875, 3877, 3874, 3878, 3885, 3886, + 3895, 3898, 3902, 3897, 3901, 3887, 5927, 5927, 3904, 3905, + 3908, 3911, 3912, 3914, 3915, 3922, 3918, 3924, 3928, 3929, + 3936, 5927, 3935, 3921, 3938, 5927, 3919, 3932, 3940, 3943, + 3945, 3946, 3949, 3947, 3948, 3951, 3955, 3952, 3957, 3961, + 3959, 3962, 3960, 3970, 3968, 3969, 3977, 5927, 3978, 3971, + 3980, 3982, 3983, 3984, 3988, 3989, 3991, 5927, 3993, 3995, + 3997, 3998, 3992, 4002, 4013, 4017, 4019, 4010, 4020, 4021, + 4023, 4027, 4024, 5927, 4031, 4028, 4030, 4034, 4038, 4040, + 4041, 4043, 4044, 4052, 4049, 4053, 4055, 4057, 4045, 4061, - 4058, 5821, 4059, 4060, 4061, 4062, 4070, 4063, 4071, 4072, - 5821, 4075, 4077, 4078, 4067, 4080, 4084, 4088, 4089, 4091, - 4092, 4093, 5821, 4095, 4099, 4101, 4103, 4105, 4108, 4110, - 4109, 5821, 4112, 4116, 4119, 4126, 4122, 4130, 4127, 4131, - 4123, 4125, 4137, 4133, 4141, 4144, 4145, 4146, 4155, 4157, - 4152, 5821, 4139, 5821, 4158, 4161, 4169, 4164, 4166, 5821, - 4168, 4171, 4175, 4170, 4172, 5821, 4177, 4176, 4178, 4179, - 5821, 4180, 4190, 4182, 4194, 4197, 4198, 5821, 4201, 4204, - 4203, 4211, 4215, 4213, 4210, 4216, 4214, 4218, 4219, 4220, - 5821, 4223, 4222, 4229, 4230, 4231, 4233, 4237, 4243, 4234, + 4063, 4047, 5927, 4067, 4069, 4065, 4074, 4071, 4075, 4076, + 4082, 4086, 4078, 4080, 4087, 4091, 5927, 4088, 4092, 4094, + 4096, 4102, 4093, 4099, 4103, 5927, 4105, 4107, 4110, 4111, + 4113, 4116, 4119, 4120, 4123, 4122, 4126, 5927, 4128, 4130, + 4133, 4136, 4137, 4139, 4142, 4141, 5927, 4143, 4149, 4151, + 4158, 4153, 4162, 4159, 4163, 4155, 4157, 4169, 4173, 4175, + 4176, 4177, 4165, 4187, 4189, 4188, 5927, 4171, 5927, 4190, + 4193, 4201, 4196, 4178, 5927, 4202, 4203, 4207, 4208, 4204, + 5927, 4209, 4210, 4212, 4216, 5927, 4211, 4215, 4217, 4222, + 4225, 4229, 5927, 4232, 4233, 4235, 4244, 4245, 4242, 4243, - 5821, 4239, 4236, 4245, 4246, 4248, 4249, 4250, 4257, 4258, - 4254, 5821, 4259, 4261, 4268, 4263, 4274, 5821, 5821, 4267, - 4277, 4270, 4279, 4282, 5821, 4280, 4291, 4286, 4288, 4290, - 5821, 5821, 4293, 5821, 4289, 5821, 4294, 4295, 5821, 5821, - 4296, 4297, 4304, 4310, 4303, 5821, 4313, 5821, 4306, 4316, - 4314, 4318, 4319, 5821, 4320, 4321, 4326, 5821, 4322, 4334, - 4327, 4329, 5821, 4336, 4332, 4337, 5821, 4341, 4347, 4338, - 4348, 4349, 4352, 4354, 4350, 4353, 4359, 4360, 4361, 4363, - 4370, 4373, 4375, 4377, 4378, 4362, 4379, 4382, 4385, 4387, - 4388, 4389, 4391, 4393, 4394, 4396, 4398, 4401, 4402, 4403, + 4246, 4248, 4249, 4250, 4251, 4259, 4254, 4256, 5927, 4258, + 4264, 4266, 4270, 4271, 4272, 4273, 4279, 4274, 5927, 4276, + 4282, 4283, 4284, 4285, 4286, 4288, 4296, 4291, 4294, 5927, + 4295, 4299, 4307, 3996, 4308, 5927, 5927, 4300, 4315, 4317, + 4305, 4318, 5927, 4309, 4327, 4322, 4324, 4326, 5927, 5927, + 4329, 5927, 4325, 5927, 4330, 4332, 5927, 5927, 4333, 4336, + 4337, 4340, 4347, 5927, 4350, 5927, 4357, 4352, 4339, 4341, + 4354, 5927, 4356, 4358, 4361, 5927, 4364, 4371, 4366, 4367, + 5927, 4369, 4372, 4374, 5927, 4376, 4379, 4380, 4381, 4386, + 4383, 4387, 4390, 4393, 4394, 4396, 4397, 4398, 4409, 4411, - 4404, 4405, 4406, 4408, 4415, 4418, 4420, 4419, 4421, 4423, - 4422, 4424, 4426, 4430, 4432, 4433, 5821, 4431, 4434, 4437, - 4440, 4444, 4450, 4452, 4454, 4462, 4463, 5821, 4465, 5821, - 4467, 4451, 4459, 4471, 5821, 4472, 4473, 4474, 4475, 4476, - 4477, 4480, 4478, 5821, 4482, 4483, 4484, 4487, 5821, 4494, - 4489, 4499, 4500, 4501, 4504, 4502, 4506, 4507, 4509, 4511, - 4513, 4521, 4514, 4516, 4522, 4525, 4526, 4527, 4529, 4533, - 4537, 4538, 4543, 5821, 4539, 5821, 4544, 4545, 4548, 4549, - 4550, 4551, 4554, 5821, 5821, 4552, 4556, 4562, 4563, 4557, - 4566, 4570, 5821, 4567, 4576, 4584, 4568, 5821, 4577, 4579, + 4413, 4415, 4416, 4400, 4419, 4420, 4422, 4425, 4426, 4427, + 4429, 4431, 4432, 4434, 4436, 4439, 4440, 4441, 4442, 4443, + 4444, 4446, 4453, 4456, 4458, 4457, 4459, 4461, 4460, 4462, + 4464, 4468, 4470, 4471, 5927, 4469, 4472, 4475, 4402, 4478, + 4488, 4490, 4481, 4497, 4499, 5927, 4501, 5927, 4503, 4489, + 4505, 4491, 5927, 4506, 4509, 4508, 4511, 4512, 4513, 4515, + 4514, 4518, 4519, 4522, 5927, 4525, 4520, 4529, 4540, 5927, + 4532, 4544, 4528, 4535, 4545, 4547, 4548, 4549, 4554, 4550, + 4556, 4558, 4565, 4560, 4561, 4563, 4568, 4551, 4564, 4572, + 4579, 4575, 4583, 4587, 5927, 4580, 5927, 4588, 4589, 4590, - 4586, 5821, 4588, 4587, 4589, 4591, 4592, 4595, 4598, 4601, - 4602, 4604, 4606, 5821, 5821, 5821, 5821, 4607, 4609, 4613, - 4614, 4615, 4617, 4620, 4622, 4619, 5821, 4624, 5821, 5821, - 4625, 4632, 4633, 4635, 4636, 4638, 4639, 4641, 5821, 4643, - 4645, 4646, 4652, 4654, 4656, 4659, 4660, 4661, 4662, 4669, - 4668, 4670, 4672, 4676, 4675, 4678, 5821, 5821, 4682, 4684, - 4685, 4692, 4689, 4693, 4696, 4697, 4699, 4700, 4702, 4703, - 4705, 4706, 5821, 4707, 4713, 5821, 4708, 5821, 4714, 4721, - 4715, 4722, 4723, 4725, 4727, 4729, 5821, 5821, 4724, 4730, - 4736, 4740, 4737, 4742, 4731, 4745, 4741, 5821, 4747, 5821, + 4591, 4593, 4592, 4594, 5927, 5927, 4595, 4600, 4605, 4601, + 4596, 4607, 4617, 5927, 4609, 4618, 4620, 4610, 5927, 4625, + 4626, 4628, 5927, 4629, 4630, 4631, 4633, 4634, 4637, 4638, + 4640, 4642, 4644, 4648, 5927, 5927, 5927, 5927, 4650, 4652, + 4655, 4657, 4659, 4660, 4662, 4664, 4661, 5927, 4666, 5927, + 5927, 4668, 4675, 4667, 4677, 4678, 4679, 4683, 4685, 5927, + 4684, 4689, 4690, 4687, 4697, 4701, 4703, 4704, 4688, 4705, + 4713, 4711, 4714, 4712, 4717, 4719, 4721, 5927, 5927, 4724, + 4726, 4728, 4735, 4733, 4736, 4745, 4740, 4742, 4743, 4746, + 4748, 4730, 4755, 4759, 4757, 4754, 5927, 4758, 4764, 5927, - 4748, 4749, 4758, 4752, 4765, 4767, 4769, 4771, 4764, 4773, - 5821, 4766, 4774, 5821, 4776, 4779, 4781, 5821, 4782, 4785, - 4789, 5821, 4791, 4794, 4792, 5821, 4800, 5821, 4786, 4802, - 4801, 4809, 5821, 4795, 4804, 5821, 4811, 4817, 4818, 4812, - 5821, 4814, 5821, 4819, 4823, 4826, 4829, 4820, 4831, 4824, - 4833, 4834, 4842, 4841, 4843, 5821, 5821, 4850, 4838, 4845, - 4846, 4852, 4859, 4854, 4856, 4863, 5821, 5821, 4864, 5821, - 4867, 4868, 5821, 4855, 4870, 4872, 4876, 4874, 4857, 4882, - 4884, 4878, 4885, 4900, 4886, 4888, 4901, 4903, 4906, 4908, - 4895, 4910, 4898, 4891, 4912, 4913, 4914, 5821, 4920, 4922, + 4760, 5927, 4765, 4768, 4732, 4769, 4771, 4774, 4775, 4777, + 5927, 5927, 4778, 4779, 4781, 4785, 4787, 4789, 4788, 4791, + 4792, 5927, 4793, 5927, 4794, 4801, 4796, 4802, 4810, 4813, + 4815, 4817, 4812, 4818, 5927, 4819, 4821, 5927, 4822, 4824, + 4825, 5927, 4829, 4832, 4836, 5927, 4842, 4833, 4839, 5927, + 4846, 5927, 4843, 4847, 4848, 4855, 5927, 4850, 4856, 5927, + 4859, 4862, 4864, 4853, 5927, 4851, 5927, 4865, 4872, 4873, + 4876, 4868, 4878, 4879, 4880, 4881, 4888, 4887, 4889, 5927, + 5927, 4897, 4884, 4890, 4894, 4899, 4906, 4901, 4904, 4903, + 5927, 5927, 4911, 5927, 4909, 4912, 5927, 4913, 4918, 4919, - 4923, 5821, 4927, 4924, 4929, 4930, 5821, 4937, 4938, 4939, - 4940, 5821, 4932, 4943, 4951, 4944, 4945, 4958, 4946, 4954, - 5821, 5821, 5821, 4956, 4965, 5821, 4967, 4962, 4968, 4969, - 5821, 4970, 4971, 5821, 5821, 4972, 4973, 4974, 4981, 5821, - 4977, 5821, 4978, 5821, 4980, 4986, 4995, 4992, 5821, 4998, - 5004, 5821, 5007, 5010, 5012, 5013, 5000, 5002, 5014, 5821, - 4990, 5018, 5024, 5016, 5017, 5025, 5026, 5027, 5034, 5030, - 5033, 5821, 5037, 5036, 5038, 5821, 5040, 5821, 5041, 5044, - 5043, 5050, 5048, 5042, 5052, 5062, 5049, 5066, 5053, 5821, - 5069, 5071, 5821, 5063, 5821, 5074, 5821, 5076, 5077, 5078, + 4920, 4922, 4923, 4927, 4929, 4930, 4931, 4932, 4933, 4939, + 4951, 4935, 4949, 4955, 4957, 4959, 4961, 4953, 4963, 4964, + 4965, 4966, 4967, 4970, 5927, 4972, 4973, 4974, 5927, 4978, + 4979, 4981, 4983, 5927, 4994, 4989, 4995, 4996, 5927, 4982, + 5002, 4999, 4997, 5007, 5014, 5010, 5009, 5927, 5927, 5927, + 5011, 5020, 5927, 5025, 5012, 5015, 5017, 5927, 5021, 5027, + 5927, 5927, 5028, 5029, 5031, 5042, 5927, 5032, 5927, 5033, + 5927, 5041, 5043, 5049, 5047, 5927, 5052, 5058, 5927, 5061, + 5064, 5066, 5067, 5055, 5068, 5069, 5927, 5077, 5073, 5079, + 5081, 5070, 5072, 5085, 5082, 5089, 5086, 5092, 5927, 5094, - 5080, 5821, 5082, 5079, 5083, 5086, 5821, 5087, 5089, 5091, - 5821, 5821, 5095, 5102, 5104, 4642, 5098, 5101, 5107, 5111, - 5108, 5112, 5113, 5120, 5116, 5117, 5118, 5123, 5125, 5131, - 5821, 5821, 5821, 5124, 5126, 5140, 5142, 5144, 5143, 5139, - 5821, 5145, 5148, 5149, 5158, 5154, 5156, 5821, 5160, 5151, - 5164, 5821, 5162, 5166, 5169, 5163, 5175, 5179, 5182, 5184, - 5185, 5821, 5187, 5821, 5821, 5176, 5821, 5167, 5188, 5191, - 5192, 5821, 5197, 5194, 5198, 5200, 5202, 5821, 5205, 5203, - 5206, 5207, 5821, 5821, 5215, 5821, 5217, 5219, 5220, 5227, - 5226, 5222, 5229, 5231, 5821, 5232, 5233, 5235, 5237, 5239, + 5096, 5097, 5103, 5095, 5105, 5099, 5927, 5107, 5927, 5108, + 5109, 5112, 5115, 5110, 5113, 5037, 5118, 5117, 5128, 5125, + 5927, 5130, 5134, 5927, 5131, 5927, 5136, 5927, 5137, 5138, + 5139, 5140, 5927, 5142, 5146, 5147, 5148, 5927, 5149, 5151, + 5157, 5927, 5927, 5158, 5168, 5159, 5160, 5172, 5174, 5161, + 5176, 5169, 5177, 5163, 5185, 5184, 5187, 5188, 5190, 5191, + 5192, 5927, 5927, 5927, 5197, 5196, 5204, 5201, 5202, 5212, + 5207, 5927, 5210, 5213, 5211, 5220, 5217, 5222, 5927, 5219, + 5223, 5224, 5226, 5228, 5229, 5233, 5927, 5237, 5244, 5240, + 5232, 5247, 5251, 5254, 5256, 5257, 5927, 5259, 5927, 5927, - 5821, 5242, 5241, 5243, 5244, 5247, 5246, 5251, 5254, 5256, - 5821, 5821, 5257, 5258, 5821, 5821, 5267, 5273, 5255, 5821, - 5821, 5821, 5279, 5821, 5281, 5285, 5289, 5293, 5270, 5821, - 5295, 5284, 5292, 5821, 5276, 5288, 5298, 5300, 5821, 5821, - 5297, 5204, 5301, 5304, 5309, 5821, 5307, 5310, 5311, 5315, - 5317, 5318, 5321, 5320, 5336, 5334, 5323, 5327, 5331, 5338, - 5339, 5337, 5341, 5345, 5821, 5821, 5347, 5821, 5821, 5354, - 5358, 5360, 5362, 5364, 5366, 5368, 5821, 5369, 5371, 5372, - 5373, 5355, 5821, 5374, 5377, 5379, 5382, 5380, 5383, 5386, - 5388, 5821, 5821, 5389, 5396, 5390, 5397, 5391, 5821, 5400, + 5260, 5927, 5261, 5263, 5264, 5265, 5927, 5268, 5270, 5269, + 5271, 5273, 5927, 5281, 5274, 5276, 5277, 5927, 5927, 5288, + 5927, 5291, 5292, 5293, 5302, 5298, 5300, 5304, 5301, 5927, + 5299, 5305, 5309, 5311, 5312, 5927, 5313, 5315, 5316, 5317, + 5320, 5324, 5326, 5327, 5328, 5927, 5330, 5322, 5345, 5341, + 5927, 5329, 5347, 5927, 5927, 5332, 5351, 5352, 5927, 5927, + 5927, 5354, 5927, 5358, 5364, 5368, 5372, 5355, 5927, 5374, + 5363, 5371, 5927, 5367, 5375, 5377, 5379, 5927, 5927, 5376, + 5383, 5380, 5388, 5389, 5927, 5391, 5393, 5398, 5406, 5408, + 5396, 5410, 5412, 5419, 5392, 5400, 5414, 5416, 5417, 5423, - 5408, 5404, 5405, 5406, 5411, 5412, 5821, 5415, 5821, 5821, - 5821, 5821, 5821, 5821, 5821, 5821, 5414, 5821, 5413, 5420, - 5422, 5424, 5821, 5427, 5431, 5432, 5433, 5434, 5821, 5435, - 5438, 5437, 5349, 5439, 5443, 5446, 5441, 5445, 5451, 5447, - 5455, 5452, 5456, 5457, 5821, 5821, 5821, 5461, 5464, 5466, - 5468, 5479, 5480, 5483, 5486, 5469, 5471, 5487, 5489, 5492, - 5474, 5493, 5501, 5496, 5498, 5503, 5500, 5504, 5506, 5821, - 5507, 5821, 5509, 5821, 5821, 5512, 5513, 5516, 5517, 5525, - 5526, 5521, 5528, 5529, 5531, 5821, 5532, 5534, 5821, 5533, - 5538, 5821, 5537, 5539, 5540, 5543, 5545, 5546, 5550, 5561, + 5420, 5427, 5436, 5432, 5434, 5441, 5442, 5927, 5927, 5444, + 5927, 5927, 5446, 5449, 5451, 5453, 5455, 5457, 5459, 5927, + 5394, 5461, 5462, 5463, 5464, 5927, 5466, 5468, 5465, 5469, + 5474, 5472, 5476, 5478, 5927, 5927, 5470, 5487, 5479, 5492, + 5481, 5927, 5494, 5489, 5495, 5496, 5498, 5500, 5503, 5927, + 5502, 5504, 5927, 5927, 5506, 5927, 5927, 5927, 5927, 5927, + 5927, 5927, 5927, 5507, 5927, 5511, 5515, 5523, 5526, 5927, + 5512, 5520, 5431, 5516, 5527, 5927, 5528, 5531, 5532, 5538, + 5530, 5533, 5539, 5543, 5546, 5544, 5547, 5548, 5549, 5553, + 5550, 5554, 5556, 5927, 5927, 5927, 5555, 5557, 5567, 5559, - 5821, 5549, 5552, 5560, 5563, 5567, 5574, 5575, 5573, 5577, - 5580, 5564, 5587, 5589, 5586, 5593, 5821, 5590, 5584, 5595, - 5596, 5597, 5604, 5599, 5600, 5821, 5605, 5821, 5608, 5610, - 5609, 5601, 5611, 5612, 5623, 5621, 5627, 5821, 5617, 5628, - 5631, 5632, 5634, 5636, 5637, 5638, 5646, 5642, 5649, 5653, - 5648, 5654, 5639, 5659, 5656, 5821, 5663, 5660, 5821, 5665, - 5666, 5667, 5668, 5672, 5821, 5677, 5669, 5674, 5680, 5683, - 5678, 5821, 5690, 5692, 5694, 5821, 5695, 5821, 5821, 5697, - 5684, 5696, 5699, 5705, 5821, 5821, 5821, 5729, 5736, 5743, - 5750, 5757, 88, 5764, 5771, 5778, 5785, 5792, 5799, 5806, + 5576, 5578, 5581, 5583, 5570, 5573, 5584, 5585, 5586, 5588, + 5592, 5600, 5595, 5596, 5597, 5598, 5604, 5599, 5601, 5606, + 5927, 5610, 5927, 5611, 5927, 5927, 5616, 5621, 5619, 5612, + 5623, 5630, 5626, 5628, 5632, 5633, 5635, 5637, 5927, 5639, + 5642, 5927, 5643, 5644, 5927, 5645, 5647, 5649, 5646, 5650, + 5653, 5656, 5664, 5655, 5927, 5927, 5658, 5666, 5667, 5671, + 5674, 5681, 5676, 5680, 5682, 5683, 5673, 5695, 5927, 5691, + 5693, 5697, 5927, 5699, 5694, 5700, 5701, 5702, 5710, 5705, + 5706, 5927, 5708, 5927, 5712, 5714, 5717, 5715, 5716, 5718, + 5727, 5725, 5729, 5927, 5732, 5736, 5733, 5738, 5740, 5743, - 5813 + 5744, 5745, 5747, 5749, 5753, 5757, 5759, 5760, 5750, 5763, + 5761, 5927, 5771, 5762, 5927, 5772, 5773, 5765, 5774, 5775, + 5927, 5783, 5779, 5785, 5786, 5789, 5790, 5927, 5792, 5795, + 5796, 5927, 5800, 5927, 5927, 5801, 5799, 5802, 5808, 5810, + 5927, 5927, 5927, 5835, 5842, 5849, 5856, 5863, 88, 5870, + 5877, 5884, 5891, 5898, 5905, 5912, 5919 } ; -static const flex_int16_t yy_def[3002] = +static const flex_int16_t yy_def[3058] = { 0, - 2987, 1, 2988, 2988, 2989, 2989, 2990, 2990, 2991, 2991, - 2992, 2992, 2987, 2993, 2987, 2987, 2987, 2987, 2994, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2995, 2987, 2987, 2987, 2995, 2996, 2987, 2987, - 2987, 2996, 2997, 2987, 2987, 2987, 2987, 2997, 2998, 2987, - 2987, 2987, 2998, 2999, 2987, 3000, 2987, 2999, 2999, 2993, - 2993, 2987, 3001, 2994, 3001, 2994, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3043, 1, 3044, 3044, 3045, 3045, 3046, 3046, 3047, 3047, + 3048, 3048, 3043, 3049, 3043, 3043, 3043, 3043, 3050, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3051, 3043, 3043, 3043, 3051, 3052, 3043, 3043, + 3043, 3052, 3053, 3043, 3043, 3043, 3043, 3053, 3054, 3043, + 3043, 3043, 3054, 3055, 3043, 3056, 3043, 3055, 3055, 3049, + 3049, 3043, 3057, 3050, 3057, 3050, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2995, 2995, 2996, 2996, 2997, 2997, 2987, 2998, 2998, 2999, - 2999, 3000, 3000, 2999, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3051, 3051, 3052, 3052, 3053, 3053, 3043, 3054, 3054, 3055, + 3055, 3056, 3056, 3055, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2999, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3055, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2999, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3055, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2987, 2993, 2999, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3055, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2999, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2987, 2987, 2993, 2987, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3055, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3049, 3043, 3043, 3049, 3043, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2999, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3055, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2987, 2993, 2987, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2987, 2987, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2999, 2993, + 3049, 3049, 3049, 3049, 3043, 3049, 3043, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3043, 3043, 3049, 3049, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3055, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2987, 2993, 2993, - 2993, 2993, 2993, 2987, 2993, 2987, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, - 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3043, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3043, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2987, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2987, 2987, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3043, 3049, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3043, 3043, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2987, 2987, 2993, 2993, 2993, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3043, 3049, 3049, 3049, 3043, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2987, 2993, - 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, - 2987, 2993, 2987, 2993, 2993, 2993, 2987, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3043, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3043, 3049, 3049, + 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3043, 3049, 3043, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, - 2993, 2993, 2987, 2993, 2987, 2993, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2987, 2993, 2987, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3043, 3049, 3049, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3043, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, + 3049, 3049, 3049, 3043, 3043, 3049, 3043, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2987, 2987, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, - 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2987, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3043, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2987, 2987, 2993, - 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, - 2987, 2987, 2993, 2987, 2993, 2987, 2993, 2993, 2987, 2987, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2987, 2993, 2993, - 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2987, 2993, 2993, - 2993, 2993, 2987, 2993, 2993, 2993, 2987, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, + 3049, 3049, 3049, 3049, 3049, 3043, 3043, 3049, 3049, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3043, 3043, + 3049, 3043, 3049, 3043, 3049, 3049, 3043, 3043, 3049, 3049, + 3049, 3049, 3049, 3043, 3049, 3043, 3049, 3049, 3049, 3049, + 3049, 3043, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, + 3043, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2987, - 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2987, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2987, 2993, 2987, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2987, 2987, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2987, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3043, 3049, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3043, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3043, 3049, 3049, 3049, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2987, 2987, 2987, 2987, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2987, 2987, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2987, 2993, 2993, 2987, 2993, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2987, + 3049, 3049, 3049, 3049, 3043, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3043, 3043, 3043, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3043, + 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3043, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2987, 2993, 2993, 2993, 2987, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2987, 2993, 2987, 2993, 2993, - 2993, 2993, 2987, 2993, 2993, 2987, 2993, 2993, 2993, 2993, - 2987, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2987, 2987, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2987, 2993, 2987, - 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, + 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3043, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3043, 3049, 3049, + 3049, 3043, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3043, + 3049, 3043, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3043, + 3049, 3049, 3049, 3049, 3043, 3049, 3043, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, + 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3043, 3043, 3049, 3043, 3049, 3049, 3043, 3049, 3049, 3049, - 2993, 2987, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2987, 2987, 2987, 2993, 2993, 2987, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2987, 2987, 2993, 2993, 2993, 2993, 2987, - 2993, 2987, 2993, 2987, 2993, 2993, 2993, 2993, 2987, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2987, 2993, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, - 2993, 2993, 2987, 2993, 2987, 2993, 2987, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3043, 3043, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3043, 3049, 3049, + 3043, 3043, 3049, 3049, 3049, 3049, 3043, 3049, 3043, 3049, + 3043, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, - 2993, 2987, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, - 2987, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2987, 2987, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2987, 2987, 2993, 2987, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, - 2993, 2993, 2987, 2987, 2993, 2987, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3043, 3049, 3049, 3043, 3049, 3043, 3049, 3043, 3049, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3043, 3049, 3049, + 3049, 3043, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3043, 3043, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3043, 3043, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2987, 2987, 2993, 2993, 2987, 2987, 2993, 2993, 2993, 2987, - 2987, 2987, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2987, - 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2987, 2987, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2987, 2987, 2993, 2987, 2987, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, - 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2987, 2993, 2993, 2993, 2993, 2993, 2987, 2993, + 3049, 3043, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3043, 3043, 3049, + 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, + 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, + 3043, 3049, 3049, 3043, 3043, 3049, 3049, 3049, 3043, 3043, + 3043, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3043, 3043, 3049, + 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2987, 2987, - 2987, 2987, 2987, 2987, 2987, 2987, 2993, 2987, 2993, 2993, - 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2987, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2987, 2987, 2987, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, - 2993, 2987, 2993, 2987, 2987, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2987, 2993, - 2993, 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3043, 3049, + 3043, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, + 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3043, 3049, 3049, 3049, 3049, + 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, + 3049, 3049, 3043, 3043, 3049, 3043, 3043, 3043, 3043, 3043, + 3043, 3043, 3043, 3049, 3043, 3049, 3049, 3049, 3049, 3043, + 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3043, 3043, 3043, 3049, 3049, 3049, 3049, - 2987, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, 2993, - 2993, 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2987, 2993, - 2993, 2993, 2993, 2993, 2987, 2993, 2993, 2993, 2993, 2993, - 2993, 2987, 2993, 2993, 2993, 2987, 2993, 2987, 2987, 2993, - 2993, 2993, 2993, 2993, 2987, 2987, 0, 2987, 2987, 2987, - 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3043, 3049, 3043, 3049, 3043, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3043, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3043, 3043, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, + 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, 3049, - 2987 + 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, 3049, + 3049, 3043, 3049, 3049, 3043, 3049, 3049, 3049, 3049, 3049, + 3043, 3049, 3049, 3049, 3049, 3049, 3049, 3043, 3049, 3049, + 3049, 3043, 3049, 3043, 3043, 3049, 3049, 3049, 3049, 3049, + 3043, 3043, 0, 3043, 3043, 3043, 3043, 3043, 3043, 3043, + 3043, 3043, 3043, 3043, 3043, 3043, 3043 } ; -static const flex_int16_t yy_nxt[5862] = +static const flex_int16_t yy_nxt[5968] = { 0, 14, 15, 16, 17, 18, 19, 18, 14, 14, 14, 14, 14, 18, 20, 21, 22, 23, 24, 25, 26, @@ -1552,7 +1569,7 @@ static const flex_int16_t yy_nxt[5862] = 71, 722, 71, 71, 71, 71, 729, 727, 738, 733, 71, 71, 71, 736, 71, 731, 739, 737, 71, 735, - 71, 734, 863, 740, 741, 742, 71, 71, 71, 743, + 71, 734, 864, 740, 741, 742, 71, 71, 71, 743, 745, 747, 746, 744, 71, 749, 71, 71, 71, 748, 71, 71, 71, 750, 752, 71, 758, 751, 71, 753, 71, 754, 71, 71, 71, 756, 757, 71, 755, 761, @@ -1574,487 +1591,498 @@ static const flex_int16_t yy_nxt[5862] = 71, 71, 838, 836, 829, 830, 834, 71, 71, 71, 71, 831, 71, 840, 71, 844, 71, 71, 71, 71, - 837, 71, 841, 71, 845, 846, 71, 839, 888, 71, - 71, 71, 843, 71, 850, 847, 71, 842, 851, 71, - 857, 852, 858, 849, 848, 855, 71, 861, 853, 71, - 856, 854, 71, 860, 71, 859, 71, 862, 71, 867, - 71, 71, 71, 71, 71, 71, 875, 71, 865, 71, - 864, 891, 879, 880, 71, 71, 882, 883, 866, 71, - 868, 869, 877, 870, 876, 878, 871, 71, 71, 884, - 71, 872, 71, 71, 881, 885, 886, 873, 874, 71, + 837, 71, 841, 71, 845, 846, 71, 839, 71, 71, + 71, 71, 843, 71, 859, 847, 71, 842, 71, 858, + 861, 856, 71, 849, 848, 71, 857, 860, 71, 862, + 850, 71, 863, 867, 851, 71, 865, 852, 71, 71, + 868, 71, 71, 876, 853, 854, 71, 855, 71, 866, + 71, 869, 870, 71, 871, 882, 880, 872, 71, 878, + 877, 151, 873, 881, 71, 71, 883, 879, 874, 875, + 71, 885, 71, 884, 71, 71, 71, 886, 887, 888, - 71, 71, 71, 71, 887, 71, 895, 71, 71, 71, - 894, 890, 889, 71, 71, 898, 71, 71, 902, 904, - 71, 892, 893, 896, 71, 899, 923, 897, 900, 71, - 905, 901, 71, 908, 903, 906, 71, 907, 909, 71, - 71, 911, 71, 71, 71, 910, 912, 71, 913, 71, - 915, 71, 916, 71, 71, 71, 71, 914, 71, 71, - 71, 919, 917, 922, 71, 920, 925, 71, 924, 71, - 71, 71, 71, 918, 929, 71, 71, 71, 921, 927, - 928, 932, 71, 71, 930, 931, 926, 71, 71, 937, - 71, 933, 71, 939, 938, 71, 935, 71, 71, 71, + 71, 71, 889, 71, 71, 71, 71, 892, 890, 71, + 896, 71, 71, 895, 71, 71, 899, 71, 71, 71, + 891, 903, 905, 71, 893, 894, 897, 71, 898, 901, + 900, 71, 906, 934, 71, 909, 904, 907, 71, 908, + 902, 71, 910, 71, 71, 912, 913, 71, 71, 911, + 71, 71, 71, 914, 916, 71, 917, 71, 915, 71, + 918, 71, 71, 71, 923, 71, 920, 71, 926, 921, + 71, 71, 71, 71, 71, 71, 924, 919, 925, 71, + 71, 928, 922, 71, 929, 930, 932, 71, 931, 71, + 927, 71, 933, 71, 940, 71, 71, 71, 935, 938, - 71, 936, 71, 944, 946, 940, 71, 942, 934, 947, - 71, 945, 71, 71, 71, 71, 941, 949, 71, 71, - 71, 71, 71, 943, 71, 960, 957, 948, 71, 955, - 71, 71, 71, 71, 950, 951, 953, 71, 952, 954, - 71, 961, 958, 71, 956, 962, 965, 959, 71, 963, - 71, 964, 71, 967, 968, 71, 71, 966, 71, 71, - 71, 970, 71, 71, 71, 977, 972, 979, 71, 981, - 969, 71, 71, 71, 982, 71, 971, 71, 978, 973, - 71, 975, 974, 976, 71, 71, 71, 71, 980, 983, - 71, 984, 987, 71, 989, 990, 985, 71, 988, 993, + 936, 71, 937, 71, 939, 71, 943, 71, 71, 947, + 941, 945, 948, 71, 71, 942, 71, 71, 71, 946, + 71, 950, 71, 71, 949, 944, 71, 71, 71, 71, + 961, 956, 958, 71, 71, 951, 71, 952, 953, 71, + 71, 71, 954, 955, 71, 959, 963, 71, 960, 957, + 962, 71, 964, 965, 967, 71, 971, 966, 969, 71, + 968, 71, 71, 71, 970, 71, 71, 978, 71, 980, + 973, 71, 71, 71, 982, 71, 983, 71, 71, 71, + 71, 972, 71, 974, 988, 976, 979, 975, 977, 71, + 986, 981, 71, 984, 71, 990, 985, 991, 987, 71, - 991, 71, 71, 994, 986, 996, 71, 71, 992, 71, - 71, 999, 151, 71, 71, 998, 71, 1002, 1001, 71, - 71, 71, 995, 71, 71, 997, 1005, 71, 1000, 71, - 71, 71, 1017, 71, 71, 1020, 71, 1018, 71, 71, - 1004, 1003, 1006, 1008, 71, 71, 71, 1009, 1007, 1019, - 1022, 1010, 71, 1023, 71, 1011, 71, 1012, 1024, 1025, - 1027, 1013, 71, 1014, 1021, 1028, 71, 71, 1015, 71, - 1026, 1030, 71, 1016, 71, 71, 1029, 1032, 71, 1034, - 71, 71, 71, 71, 1031, 1039, 1040, 1033, 1038, 1035, - 71, 71, 71, 1042, 1037, 1041, 71, 1043, 71, 1036, + 71, 71, 992, 71, 995, 71, 997, 71, 71, 71, + 71, 71, 71, 989, 994, 71, 999, 71, 993, 1000, + 151, 1002, 71, 1003, 1001, 996, 998, 71, 71, 71, + 71, 71, 1006, 71, 1004, 1005, 71, 1018, 71, 1021, + 71, 71, 1019, 71, 1009, 71, 71, 1007, 71, 1023, + 71, 1010, 71, 1008, 1011, 71, 1020, 1026, 1012, 71, + 1013, 1024, 1025, 71, 1014, 1033, 1015, 71, 1022, 1028, + 71, 1016, 71, 1027, 1029, 71, 1017, 1030, 71, 1036, + 71, 71, 1031, 71, 1038, 1034, 1037, 1044, 71, 71, + 71, 71, 1042, 1039, 1032, 1035, 1041, 1040, 71, 1043, - 1045, 71, 71, 71, 71, 1044, 71, 1055, 1046, 71, - 1047, 1059, 71, 1054, 71, 1048, 71, 1049, 1056, 71, - 1058, 71, 1060, 1050, 1057, 71, 1064, 71, 1051, 1052, - 1061, 1066, 71, 71, 71, 1053, 1065, 71, 71, 1070, - 1062, 1067, 71, 71, 1063, 71, 71, 1069, 1071, 71, - 71, 1076, 1068, 71, 71, 1073, 71, 71, 1074, 71, - 71, 1072, 1077, 71, 1079, 71, 1075, 71, 71, 71, - 71, 71, 71, 1078, 1081, 71, 1080, 1083, 1084, 1085, - 1088, 1086, 1090, 1082, 1087, 71, 71, 1089, 71, 71, - 71, 71, 1091, 71, 71, 71, 1096, 71, 1097, 1098, + 71, 1045, 1046, 71, 71, 71, 71, 71, 71, 1058, + 1048, 1047, 71, 71, 1061, 1057, 71, 71, 1049, 71, + 1050, 1059, 1062, 71, 1060, 1051, 149, 1052, 71, 71, + 1064, 1063, 71, 1053, 1067, 71, 1068, 1069, 1054, 1055, + 71, 71, 71, 71, 1070, 1056, 1073, 1065, 1066, 71, + 71, 71, 71, 71, 1074, 1072, 71, 1079, 71, 1071, + 1076, 71, 1077, 71, 71, 71, 71, 1080, 71, 1075, + 1082, 71, 1078, 71, 71, 1091, 71, 71, 71, 1089, + 1081, 71, 1084, 1086, 1083, 1087, 1085, 1088, 71, 71, + 71, 1090, 71, 1092, 71, 71, 71, 71, 71, 71, - 71, 1100, 1093, 1101, 1092, 1095, 1099, 1094, 1102, 71, - 71, 1104, 71, 71, 71, 1106, 1105, 71, 1107, 71, - 71, 71, 1108, 1114, 71, 71, 1103, 1109, 71, 71, - 1116, 71, 1110, 71, 1112, 71, 71, 71, 1111, 1113, - 1118, 71, 1122, 1117, 1120, 1115, 71, 1119, 71, 71, - 71, 1123, 1121, 71, 1125, 1126, 71, 71, 1132, 71, - 71, 1131, 1128, 71, 1124, 1127, 1130, 71, 71, 71, - 1136, 71, 1133, 1129, 1135, 71, 71, 71, 71, 71, - 71, 1140, 1142, 1143, 1147, 1144, 1134, 71, 71, 71, - 71, 71, 1141, 1137, 71, 1138, 1145, 1139, 71, 1146, + 71, 1099, 1093, 1100, 1096, 1101, 1102, 71, 1103, 1094, + 1098, 1095, 1097, 1104, 71, 1106, 1107, 71, 71, 71, + 1111, 1108, 71, 71, 71, 1109, 71, 1105, 1110, 71, + 71, 1117, 1112, 71, 1119, 71, 71, 71, 71, 71, + 71, 1121, 1115, 1113, 1114, 1116, 71, 71, 147, 1123, + 1120, 71, 1122, 1118, 71, 71, 1125, 71, 71, 1126, + 1124, 71, 1128, 1127, 1131, 71, 1129, 1130, 71, 1134, + 1135, 71, 71, 71, 1133, 71, 71, 71, 1139, 1138, + 71, 1132, 1136, 71, 71, 71, 71, 1145, 1143, 1146, + 1137, 71, 71, 71, 71, 71, 1147, 1148, 1140, 1144, - 1150, 71, 71, 1152, 71, 1148, 71, 1151, 71, 71, - 1153, 71, 71, 71, 1156, 1157, 71, 1154, 1149, 71, - 71, 71, 1162, 1163, 1158, 71, 71, 1155, 71, 71, - 1165, 1160, 1166, 71, 1159, 71, 1164, 1170, 71, 1161, - 71, 71, 71, 71, 71, 1167, 71, 1176, 71, 1168, - 1169, 1172, 71, 71, 71, 71, 1182, 71, 1171, 1180, - 71, 71, 1173, 1197, 71, 1175, 1177, 1179, 1178, 1174, - 1181, 1184, 1185, 71, 71, 1187, 71, 71, 71, 1186, - 1183, 1188, 71, 71, 71, 71, 71, 71, 71, 1191, - 71, 151, 71, 71, 1194, 71, 1189, 1190, 71, 71, + 71, 1150, 1141, 71, 1142, 1149, 71, 71, 1153, 1155, + 71, 1154, 1151, 71, 71, 71, 71, 71, 71, 71, + 1159, 1160, 1156, 1152, 1157, 71, 71, 71, 71, 1165, + 1161, 1166, 71, 1168, 1158, 71, 71, 71, 1163, 1169, + 71, 71, 71, 1162, 1173, 71, 1164, 1167, 71, 71, + 71, 71, 71, 1172, 71, 1170, 1171, 71, 1175, 1179, + 71, 71, 71, 1174, 71, 71, 71, 1183, 1180, 1176, + 146, 1178, 1181, 1182, 1184, 1187, 1177, 1185, 71, 1188, + 1192, 71, 71, 71, 1186, 71, 71, 1189, 1190, 71, + 71, 71, 71, 71, 1191, 1194, 71, 1193, 71, 71, - 1192, 71, 71, 1195, 1201, 1193, 1198, 1203, 1209, 1196, - 1200, 1199, 71, 1207, 71, 71, 1204, 71, 1205, 1202, - 1208, 1206, 71, 71, 71, 1211, 71, 71, 1210, 1214, - 71, 71, 1213, 1219, 71, 1212, 1216, 71, 1217, 71, - 71, 71, 1220, 71, 1221, 1215, 1223, 1224, 71, 1218, - 71, 71, 71, 71, 71, 71, 71, 1225, 71, 71, - 1222, 1231, 71, 71, 71, 1226, 1227, 1229, 1230, 71, - 1232, 1228, 71, 71, 71, 1233, 71, 1237, 1236, 1241, - 1234, 1235, 1240, 71, 1238, 71, 71, 71, 1242, 1239, - 71, 1243, 1245, 71, 1247, 71, 1244, 71, 1246, 1248, + 1197, 1200, 71, 71, 71, 71, 1195, 71, 71, 1210, + 71, 1196, 1206, 1198, 1203, 1199, 1204, 1201, 71, 71, + 71, 1207, 1202, 1208, 1211, 1205, 1209, 1212, 71, 71, + 71, 71, 1214, 1215, 71, 71, 1213, 71, 71, 1216, + 1219, 71, 71, 1218, 1224, 71, 1221, 71, 71, 1217, + 71, 71, 1225, 1222, 71, 1226, 1220, 1223, 71, 1228, + 1230, 71, 1229, 71, 71, 71, 71, 71, 1227, 71, + 71, 71, 71, 71, 1236, 71, 1231, 1234, 1232, 1241, + 71, 1235, 1237, 1233, 71, 71, 71, 71, 1238, 1247, + 1240, 1246, 1239, 71, 1248, 1242, 1245, 71, 71, 71, - 71, 71, 1252, 71, 149, 1261, 1260, 1250, 1251, 1249, - 71, 71, 71, 1262, 1265, 1253, 1259, 71, 1254, 1255, - 71, 71, 1263, 1256, 71, 1268, 71, 71, 71, 1257, - 1264, 1266, 1267, 1258, 71, 1270, 71, 71, 71, 1271, - 71, 1272, 71, 71, 71, 71, 1280, 1281, 1277, 1269, - 71, 1275, 71, 71, 147, 1282, 1274, 1273, 1278, 71, - 1276, 71, 71, 1279, 71, 1283, 71, 1289, 1284, 1290, - 1291, 71, 71, 1285, 71, 1286, 71, 1287, 1293, 1288, - 1295, 71, 1292, 1297, 71, 71, 1299, 71, 1298, 71, - 1296, 1294, 1300, 71, 1302, 71, 71, 1306, 1301, 71, + 71, 1252, 71, 1250, 1243, 1244, 1253, 71, 71, 71, + 1257, 1251, 71, 1249, 71, 71, 1255, 71, 1266, 1254, + 1268, 1256, 71, 1265, 71, 1264, 1269, 1258, 71, 1267, + 1259, 1260, 1270, 71, 71, 1261, 71, 71, 71, 1271, + 71, 1262, 1272, 71, 1273, 1263, 71, 1275, 71, 71, + 71, 1276, 71, 1277, 1274, 71, 1278, 1282, 1279, 1280, + 71, 1285, 1286, 71, 71, 71, 1324, 71, 71, 1281, + 1287, 71, 1289, 1284, 1283, 1288, 71, 1290, 71, 1291, + 71, 1292, 1298, 1293, 71, 1294, 1295, 1296, 71, 71, + 71, 1297, 1302, 71, 1300, 71, 71, 1303, 71, 1301, - 1307, 71, 71, 71, 71, 71, 71, 71, 71, 1308, - 1305, 1310, 1303, 71, 1304, 71, 1309, 1312, 1311, 71, - 1315, 1316, 71, 1313, 1318, 71, 71, 71, 1317, 1319, - 71, 1321, 1314, 1320, 71, 1324, 71, 71, 1322, 1326, - 71, 71, 1327, 1323, 71, 71, 71, 1331, 71, 1328, - 71, 71, 71, 71, 1333, 71, 71, 1325, 1335, 71, - 71, 1337, 71, 1339, 1336, 71, 1329, 1330, 71, 71, - 1332, 71, 1334, 1341, 1338, 71, 1342, 1340, 1351, 71, - 71, 71, 1346, 1343, 1344, 1345, 71, 1348, 71, 71, - 71, 1347, 1352, 1353, 1349, 1354, 1350, 1355, 71, 71, + 1305, 71, 71, 1299, 71, 71, 1311, 71, 1312, 71, + 1306, 1307, 71, 71, 71, 1304, 71, 1313, 71, 1310, + 1308, 1315, 71, 1309, 71, 71, 71, 1314, 1316, 71, + 1320, 1317, 1321, 71, 1323, 71, 1318, 71, 71, 71, + 1325, 1322, 71, 1326, 1329, 71, 1331, 71, 1327, 1319, + 71, 1328, 71, 1332, 71, 1333, 71, 1336, 71, 1330, + 71, 71, 71, 71, 1338, 71, 71, 71, 1340, 1342, + 71, 71, 144, 1344, 1341, 1334, 71, 1335, 71, 71, + 1337, 1346, 1339, 1347, 1343, 71, 1345, 1348, 71, 71, + 1349, 71, 1351, 1350, 1352, 71, 71, 71, 71, 1357, - 71, 71, 71, 71, 1359, 71, 71, 71, 71, 1356, - 1363, 1364, 71, 1358, 71, 1366, 71, 71, 1365, 71, - 1357, 71, 71, 71, 71, 71, 1360, 1361, 1367, 71, - 1373, 1362, 71, 71, 1368, 1370, 1371, 71, 71, 1369, - 1378, 71, 1372, 1377, 71, 1374, 71, 1382, 71, 1380, - 71, 1376, 1383, 71, 71, 71, 71, 1375, 71, 1385, - 1379, 71, 1386, 1393, 71, 1381, 1384, 71, 1395, 1387, - 71, 1388, 1391, 1389, 71, 1392, 1390, 71, 1394, 71, - 71, 1396, 71, 71, 71, 71, 71, 71, 1401, 1398, - 1397, 1403, 71, 71, 71, 1408, 71, 71, 1412, 71, + 1358, 1360, 1354, 71, 1355, 71, 71, 71, 1359, 71, + 71, 1356, 71, 1353, 1364, 71, 71, 71, 1361, 71, + 1368, 1369, 71, 1363, 1371, 71, 71, 71, 1370, 1362, + 71, 71, 71, 71, 71, 71, 1365, 1366, 71, 1372, + 71, 1378, 1367, 71, 1375, 1373, 71, 1376, 71, 1383, + 71, 1374, 1377, 1382, 71, 1379, 71, 142, 71, 1385, + 1387, 1381, 71, 1380, 71, 1388, 71, 71, 71, 1384, + 71, 1390, 1391, 71, 71, 1386, 1389, 71, 71, 1396, + 1398, 1392, 1397, 1393, 1400, 1394, 71, 1399, 1395, 71, + 71, 71, 71, 1401, 1403, 71, 1405, 1402, 71, 1404, - 1400, 1405, 1402, 1409, 71, 1404, 1399, 71, 71, 71, - 1406, 1407, 71, 71, 1410, 71, 1411, 71, 71, 1413, - 71, 71, 1419, 1415, 71, 1420, 1421, 1414, 1416, 71, - 1417, 1418, 71, 1423, 71, 1424, 71, 1429, 1422, 146, - 71, 1430, 1426, 71, 1425, 1428, 71, 71, 71, 1431, - 71, 1432, 71, 1427, 1433, 71, 1434, 71, 71, 71, - 71, 71, 1440, 71, 1436, 71, 1435, 1439, 71, 71, - 71, 1446, 1437, 1442, 1438, 1443, 1447, 71, 71, 1448, - 71, 1451, 1444, 1441, 1449, 71, 71, 71, 1445, 71, - 71, 71, 71, 71, 1455, 1459, 71, 71, 1450, 1454, + 71, 71, 71, 1408, 71, 71, 1410, 71, 71, 1415, + 1407, 71, 71, 1409, 71, 1416, 71, 1406, 1412, 71, + 1419, 71, 1411, 1413, 71, 1414, 71, 71, 1420, 71, + 1417, 71, 71, 1418, 71, 1422, 1426, 1428, 1421, 1423, + 71, 1427, 1424, 71, 71, 1431, 71, 71, 1425, 71, + 71, 1436, 1430, 1433, 1437, 1435, 71, 71, 1429, 71, + 71, 1432, 71, 1438, 71, 1439, 1440, 71, 71, 71, + 1434, 71, 1441, 1444, 1443, 71, 71, 1447, 1442, 71, + 71, 71, 1446, 71, 71, 1453, 1445, 1455, 1449, 1450, + 1454, 71, 1456, 71, 71, 1451, 71, 1458, 71, 1448, - 71, 71, 1460, 1462, 71, 1452, 1453, 71, 1465, 71, - 1456, 1458, 1457, 1464, 71, 71, 71, 71, 71, 1463, - 71, 71, 1461, 1466, 71, 71, 1473, 71, 1476, 71, - 1474, 71, 1470, 1475, 1467, 1468, 1469, 1477, 71, 1472, - 71, 1471, 71, 71, 1480, 1478, 1479, 71, 71, 71, - 1483, 71, 1481, 71, 1484, 71, 1486, 1490, 71, 1492, - 1482, 71, 71, 71, 1487, 71, 1491, 1485, 71, 71, - 71, 1489, 1496, 1488, 1495, 71, 1494, 1493, 71, 1497, - 71, 1501, 1502, 71, 71, 71, 71, 71, 71, 1506, - 1498, 1505, 1507, 71, 1509, 71, 1499, 71, 71, 71, + 71, 71, 1452, 71, 71, 71, 71, 1466, 1462, 71, + 1461, 71, 1469, 71, 1457, 71, 1467, 1459, 71, 1460, + 71, 1472, 71, 1463, 1465, 1464, 1471, 71, 71, 71, + 71, 71, 71, 71, 1470, 1468, 71, 71, 1480, 71, + 71, 1473, 1481, 1483, 71, 1477, 71, 1474, 1475, 1476, + 1486, 1479, 1482, 1478, 1484, 71, 71, 71, 71, 71, + 71, 1485, 1490, 71, 71, 71, 1491, 1488, 1493, 71, + 1487, 71, 1489, 1497, 71, 1499, 1498, 71, 71, 1492, + 1494, 71, 71, 71, 1495, 1496, 71, 1502, 71, 71, + 1503, 1501, 1500, 1504, 71, 1508, 1509, 71, 71, 71, - 1500, 71, 1503, 71, 1510, 71, 1504, 1511, 71, 71, - 71, 1517, 1514, 1508, 1516, 1512, 71, 1515, 71, 1513, - 71, 71, 71, 71, 1523, 1521, 71, 71, 71, 71, - 1527, 1518, 71, 71, 71, 71, 1522, 71, 71, 1519, - 1520, 1533, 1525, 1530, 1524, 71, 1528, 1532, 71, 1531, - 71, 1529, 71, 1526, 71, 1534, 71, 1535, 1538, 71, - 71, 1537, 1541, 71, 1540, 71, 71, 1536, 71, 71, - 71, 1539, 71, 1548, 71, 1549, 71, 71, 1542, 1543, - 71, 71, 1546, 1552, 71, 1544, 1545, 71, 71, 1553, - 1555, 71, 1556, 1557, 1547, 71, 1550, 1551, 1559, 71, + 71, 71, 71, 1505, 1514, 1512, 1506, 71, 1513, 71, + 71, 1516, 71, 71, 1507, 71, 1510, 71, 1517, 71, + 1511, 71, 1515, 1518, 71, 1519, 71, 71, 1523, 1520, + 1521, 71, 1524, 71, 71, 71, 1525, 1522, 71, 1528, + 71, 1530, 71, 71, 71, 1534, 71, 1526, 71, 1529, + 71, 71, 1527, 71, 71, 1537, 1531, 1532, 1539, 71, + 1535, 71, 71, 1542, 71, 1540, 1536, 71, 1533, 1538, + 71, 1541, 71, 71, 1545, 1543, 71, 1547, 1544, 1548, + 71, 71, 71, 1546, 71, 71, 1555, 71, 71, 71, + 1550, 1549, 1556, 71, 71, 71, 1553, 1564, 1559, 1560, - 1554, 1558, 1561, 71, 71, 1560, 71, 71, 71, 71, - 1566, 71, 1563, 1564, 1562, 71, 1567, 71, 71, 71, - 71, 1572, 1571, 71, 71, 1568, 71, 71, 1578, 1575, - 71, 1565, 1576, 1570, 71, 1569, 1573, 71, 71, 1580, - 71, 1583, 1579, 1574, 1577, 1581, 71, 1584, 71, 1586, - 1588, 1585, 1582, 71, 71, 1587, 71, 71, 71, 71, - 71, 71, 1589, 71, 1595, 71, 1594, 1596, 71, 71, - 71, 1590, 1598, 71, 1597, 71, 71, 1591, 71, 1592, - 1600, 1593, 1601, 71, 71, 71, 1603, 71, 1599, 1602, - 71, 71, 1610, 71, 71, 71, 1604, 71, 71, 71, + 1551, 1552, 71, 71, 1562, 71, 71, 71, 1557, 1554, + 1563, 1566, 71, 1558, 71, 1561, 71, 71, 1568, 71, + 1570, 1567, 71, 71, 1573, 71, 1565, 1571, 71, 1574, + 71, 1569, 71, 71, 71, 1579, 1578, 71, 71, 1575, + 1572, 71, 71, 71, 1595, 1585, 1586, 1577, 1576, 1580, + 71, 71, 71, 1582, 71, 1587, 1583, 71, 1581, 1593, + 1597, 71, 1590, 1589, 1592, 71, 71, 1591, 1584, 71, + 71, 1588, 71, 1596, 1594, 1598, 71, 71, 71, 71, + 71, 1604, 1605, 1603, 71, 71, 1607, 71, 71, 1599, + 1606, 71, 71, 1610, 71, 1600, 1609, 1601, 71, 1602, - 71, 1606, 71, 1608, 1607, 1605, 1609, 1615, 71, 71, - 1618, 1613, 71, 71, 1611, 1612, 71, 1617, 71, 71, - 1614, 71, 1616, 71, 1621, 71, 71, 71, 1619, 71, - 1620, 71, 1623, 1625, 1624, 144, 1622, 1628, 1626, 71, - 1629, 1627, 1632, 1633, 71, 1630, 1634, 71, 71, 1636, - 71, 71, 1631, 1637, 1638, 71, 71, 71, 71, 71, - 1635, 71, 1641, 1642, 1639, 71, 71, 71, 1651, 71, - 71, 71, 71, 71, 1645, 1640, 1647, 1644, 1643, 1648, - 1649, 1650, 71, 71, 71, 1646, 1653, 71, 1656, 71, - 1652, 71, 71, 1660, 71, 71, 1657, 1655, 71, 71, + 71, 71, 71, 1611, 71, 71, 71, 1608, 1619, 71, + 71, 71, 71, 71, 71, 71, 1617, 71, 1612, 1615, + 1616, 1613, 1614, 1618, 1624, 71, 1622, 71, 71, 1620, + 71, 1621, 1626, 71, 1623, 1625, 71, 1627, 71, 71, + 71, 1630, 71, 1628, 1629, 71, 71, 1632, 71, 1634, + 71, 1631, 71, 1641, 1633, 1635, 1637, 71, 1636, 71, + 1638, 1642, 71, 1643, 71, 1639, 1647, 71, 71, 1644, + 1645, 1646, 1648, 1640, 71, 71, 71, 71, 71, 71, + 1650, 1651, 71, 71, 1659, 1660, 71, 71, 1654, 71, + 71, 71, 1656, 1649, 1653, 1657, 1652, 71, 1658, 71, - 1654, 71, 1664, 1663, 1662, 71, 71, 71, 1666, 1659, - 1661, 1667, 1671, 71, 1658, 71, 1665, 1672, 71, 71, - 71, 71, 142, 1668, 1677, 1670, 1676, 1669, 1674, 1673, - 71, 1679, 71, 1680, 71, 71, 1682, 71, 1678, 71, - 1681, 1675, 71, 1683, 71, 1686, 71, 71, 71, 1690, - 1688, 71, 71, 71, 1684, 71, 1689, 71, 1685, 1687, - 1691, 71, 71, 71, 71, 1694, 71, 1692, 1700, 71, - 1695, 1702, 1693, 1703, 71, 1696, 1697, 71, 1698, 71, - 1699, 71, 71, 71, 71, 1709, 71, 1704, 71, 71, - 1701, 71, 1713, 71, 71, 71, 71, 1708, 71, 1715, + 71, 1655, 71, 71, 1662, 71, 71, 1661, 71, 1669, + 71, 71, 71, 1664, 1666, 1663, 1665, 1672, 71, 1671, + 71, 1673, 1670, 1668, 71, 71, 1680, 1675, 1667, 1677, + 1676, 1681, 71, 71, 71, 1674, 71, 71, 1686, 71, + 1688, 71, 1685, 1679, 71, 1678, 1689, 1682, 71, 1683, + 1691, 71, 71, 1690, 71, 71, 71, 1687, 1684, 1695, + 1692, 71, 1699, 71, 71, 71, 1697, 71, 71, 1694, + 71, 1693, 1698, 71, 1696, 1700, 71, 71, 71, 71, + 71, 1703, 1711, 1701, 71, 1704, 1709, 71, 71, 1702, + 1705, 1706, 1712, 1707, 1708, 71, 71, 1713, 71, 71, - 1706, 1705, 1707, 1716, 1711, 71, 71, 1712, 1710, 71, - 1717, 1718, 71, 71, 1714, 1722, 71, 71, 1719, 1720, - 71, 1726, 71, 71, 71, 71, 71, 1721, 71, 1724, - 71, 1728, 1723, 71, 71, 1733, 71, 1727, 1729, 1725, - 1730, 71, 1736, 71, 1731, 1734, 1737, 71, 71, 71, - 1732, 1738, 1735, 1739, 71, 71, 1742, 71, 1741, 71, - 1740, 1745, 71, 1743, 71, 71, 71, 71, 1746, 1744, - 71, 71, 71, 71, 71, 71, 1751, 71, 71, 1755, - 71, 71, 1752, 71, 71, 1761, 1747, 1753, 1749, 1748, - 1750, 71, 1754, 1756, 71, 1759, 1760, 71, 1758, 1764, + 71, 1718, 71, 71, 71, 1722, 71, 71, 1710, 71, + 71, 3043, 71, 1717, 1715, 1714, 1724, 71, 1716, 1720, + 71, 71, 1721, 71, 1719, 1725, 1726, 71, 1727, 1723, + 1731, 71, 1730, 1729, 71, 71, 1728, 71, 1735, 71, + 71, 71, 71, 71, 71, 71, 1742, 1733, 1737, 71, + 71, 71, 71, 1732, 1736, 1738, 1734, 1739, 1836, 71, + 71, 1740, 1743, 1747, 1741, 1745, 71, 1744, 1746, 71, + 1748, 71, 71, 1751, 71, 1750, 71, 1749, 1754, 71, + 1752, 71, 71, 71, 71, 1755, 1753, 71, 71, 71, + 71, 71, 71, 1760, 71, 71, 1764, 71, 71, 1761, - 71, 71, 1762, 1766, 71, 71, 1757, 71, 1769, 1770, - 71, 1771, 71, 1763, 1773, 71, 71, 1774, 71, 1767, - 1765, 1768, 71, 71, 1772, 1777, 71, 1778, 1779, 71, - 1781, 71, 1780, 71, 71, 1783, 71, 71, 71, 1775, - 1785, 71, 1788, 1776, 1786, 71, 71, 1787, 71, 1782, - 1789, 1790, 1791, 71, 71, 1795, 71, 1792, 1784, 1797, - 71, 71, 1800, 71, 1798, 71, 71, 71, 71, 1803, - 71, 71, 71, 1793, 1794, 71, 1796, 1799, 1801, 1804, - 71, 1802, 1807, 71, 71, 1809, 71, 71, 1805, 71, - 1812, 71, 1806, 1813, 71, 1815, 71, 71, 1808, 71, + 3043, 71, 1770, 1756, 1762, 1758, 1757, 1759, 71, 1763, + 1765, 71, 1773, 1768, 71, 1767, 1772, 71, 71, 1774, + 1769, 71, 71, 1766, 71, 71, 1771, 1778, 71, 1781, + 1782, 71, 71, 1775, 1783, 71, 71, 1776, 1779, 71, + 1780, 71, 1777, 1785, 71, 71, 1786, 1789, 71, 71, + 1791, 71, 1784, 1790, 1792, 1793, 71, 1787, 1795, 1794, + 1788, 71, 71, 71, 71, 1800, 1797, 1798, 71, 71, + 1799, 71, 71, 71, 71, 1807, 71, 1809, 71, 71, + 71, 71, 1810, 71, 1801, 1802, 1803, 1796, 71, 71, + 1812, 1804, 1811, 1805, 1806, 1814, 1808, 1815, 71, 1817, - 1810, 71, 71, 1820, 1821, 71, 1817, 1814, 1811, 71, - 1818, 71, 71, 71, 71, 71, 1816, 71, 1827, 1824, - 1819, 71, 1825, 1822, 71, 1831, 1823, 71, 71, 1830, - 1834, 71, 1835, 1836, 71, 1833, 71, 1829, 71, 71, - 1826, 1828, 71, 71, 1837, 71, 71, 1832, 71, 71, - 71, 1838, 1842, 71, 1845, 1846, 71, 71, 1841, 71, - 71, 71, 71, 1839, 1840, 71, 1843, 1853, 71, 1849, - 71, 1848, 1854, 71, 71, 71, 1844, 1847, 2987, 1851, - 71, 71, 1852, 71, 1858, 1850, 71, 1855, 71, 1856, - 1860, 1866, 1859, 71, 1857, 1861, 71, 1862, 71, 1863, + 1813, 71, 71, 71, 1819, 71, 71, 1816, 71, 1821, + 71, 71, 1824, 1825, 71, 71, 1827, 71, 71, 71, + 71, 71, 1818, 1833, 71, 1832, 1822, 71, 1820, 1829, + 1830, 71, 1823, 71, 71, 1826, 71, 71, 1839, 71, + 1831, 71, 1837, 1828, 71, 71, 1843, 71, 1834, 1835, + 1842, 71, 71, 1846, 1845, 1847, 1849, 1841, 71, 71, + 71, 71, 1838, 71, 1844, 1840, 1848, 71, 71, 1850, + 71, 71, 71, 1854, 71, 1857, 71, 1858, 1851, 71, + 1853, 71, 1852, 71, 71, 1861, 71, 71, 71, 1855, + 1866, 71, 1865, 71, 1860, 71, 1859, 71, 1856, 71, - 1865, 71, 1868, 71, 1864, 71, 71, 1872, 1869, 71, - 71, 71, 1867, 71, 71, 1874, 1875, 71, 71, 1876, - 1878, 71, 71, 71, 1873, 1870, 1871, 1877, 1882, 71, - 1883, 71, 1879, 1884, 1881, 1886, 1887, 1880, 1885, 71, - 71, 71, 71, 71, 1891, 1889, 71, 71, 1888, 71, - 71, 1893, 71, 1896, 71, 1890, 1898, 71, 1892, 71, - 71, 1894, 71, 71, 71, 71, 71, 1903, 71, 1899, - 1902, 1914, 1900, 71, 1904, 2987, 1897, 1895, 1905, 71, - 1906, 71, 1901, 1908, 71, 71, 1907, 71, 71, 71, - 1909, 1911, 1910, 71, 71, 71, 1916, 1912, 1913, 71, + 71, 1862, 71, 1870, 1863, 71, 1871, 1867, 1864, 1874, + 1868, 1872, 1869, 1873, 71, 71, 1877, 71, 1878, 71, + 71, 71, 71, 71, 1884, 71, 1875, 1881, 71, 71, + 71, 1876, 1889, 1879, 1886, 1887, 71, 71, 1888, 1880, + 1885, 1882, 71, 1883, 71, 71, 1894, 71, 1895, 71, + 1898, 1890, 1896, 1899, 71, 1891, 71, 1897, 71, 71, + 1892, 71, 71, 1903, 71, 1893, 1901, 71, 71, 71, + 71, 1905, 1908, 71, 1902, 1910, 1904, 71, 71, 71, + 1900, 71, 1906, 71, 71, 71, 71, 1915, 1920, 1911, + 1914, 1912, 71, 1907, 71, 1909, 71, 1916, 1917, 71, - 71, 71, 71, 1920, 71, 71, 1915, 1919, 71, 71, - 1921, 1917, 1918, 1922, 1923, 1924, 71, 71, 71, 71, - 71, 71, 71, 1931, 1929, 1925, 1926, 1930, 71, 71, - 71, 1933, 71, 71, 1937, 1932, 1927, 71, 1928, 71, - 71, 1936, 1934, 71, 71, 71, 1935, 1944, 1938, 1939, - 1941, 1943, 71, 71, 71, 2987, 1942, 71, 1949, 71, - 71, 1940, 71, 1951, 71, 71, 71, 1952, 71, 1945, - 1946, 71, 1947, 1948, 1953, 71, 1954, 1950, 1955, 71, - 1957, 71, 71, 71, 71, 71, 1956, 71, 71, 71, - 1958, 71, 71, 71, 1965, 1960, 1961, 1962, 1969, 71, + 1918, 71, 1913, 71, 1927, 71, 1919, 71, 71, 1921, + 1922, 71, 71, 1923, 71, 1926, 1925, 1924, 71, 1928, + 71, 71, 71, 1932, 71, 71, 1929, 1931, 71, 71, + 1933, 71, 1930, 1934, 1935, 1936, 71, 71, 71, 71, + 1938, 71, 1943, 1941, 71, 1937, 1942, 71, 71, 71, + 71, 71, 1948, 71, 71, 1939, 1945, 1940, 71, 71, + 71, 1952, 1944, 1949, 1947, 71, 1954, 1946, 1951, 71, + 71, 1950, 1958, 71, 1953, 1956, 71, 71, 71, 1955, + 1959, 71, 1957, 71, 1964, 71, 71, 1966, 71, 71, + 71, 1967, 1960, 71, 1961, 1970, 1962, 1963, 1968, 71, - 71, 71, 2987, 1959, 1964, 1968, 71, 1966, 71, 1972, - 1970, 1967, 71, 1963, 71, 71, 71, 1973, 1976, 1975, - 1971, 1974, 71, 71, 1980, 71, 1977, 1978, 71, 71, - 1979, 71, 71, 1984, 71, 71, 1986, 1982, 1988, 71, - 71, 1983, 71, 1981, 71, 71, 1991, 1990, 71, 1987, - 1992, 1985, 71, 1993, 71, 1996, 71, 71, 71, 71, - 71, 71, 1997, 71, 71, 71, 1989, 1999, 2064, 1998, - 1994, 2002, 71, 2006, 1995, 71, 2003, 2000, 2001, 71, - 2004, 71, 71, 2005, 2008, 71, 2007, 2011, 71, 71, - 71, 71, 2013, 2009, 71, 2014, 71, 71, 2015, 71, + 71, 1969, 1965, 71, 1972, 71, 71, 71, 71, 71, + 71, 71, 71, 71, 1973, 3043, 71, 71, 1980, 1975, + 1971, 1976, 1977, 1984, 71, 71, 1979, 1974, 1983, 71, + 71, 1981, 1987, 1982, 1978, 1985, 71, 71, 71, 71, + 1991, 1988, 1990, 71, 71, 1986, 71, 71, 1993, 71, + 1989, 1994, 71, 71, 71, 1995, 1999, 1992, 1997, 71, + 71, 2001, 2003, 71, 1998, 1996, 71, 71, 71, 2006, + 71, 71, 2000, 2005, 2002, 2007, 2008, 71, 71, 2011, + 71, 71, 71, 71, 71, 71, 2012, 71, 2017, 71, + 2014, 71, 2004, 2013, 2021, 2009, 71, 2018, 2010, 2019, - 71, 2010, 2012, 71, 2016, 2020, 2018, 2022, 71, 2019, - 71, 71, 2023, 71, 2017, 71, 71, 2024, 71, 71, - 2027, 2021, 2025, 2026, 2028, 71, 2032, 71, 71, 2029, - 71, 71, 71, 71, 2031, 71, 71, 71, 2030, 71, - 71, 2052, 71, 71, 2038, 2039, 2033, 2035, 2034, 2036, - 71, 2037, 2043, 71, 71, 2041, 71, 2040, 2042, 71, - 2044, 71, 2046, 2047, 2050, 71, 71, 71, 2054, 71, - 2987, 71, 71, 2045, 2048, 2051, 2053, 71, 71, 2049, - 2061, 2056, 2059, 2057, 2055, 2058, 71, 2060, 71, 2062, - 71, 2065, 71, 2063, 71, 71, 2066, 71, 71, 2067, + 71, 2016, 2015, 71, 71, 71, 2023, 71, 2022, 2026, + 71, 2020, 71, 2024, 71, 2028, 71, 2029, 71, 2027, + 71, 2025, 71, 71, 71, 2031, 2035, 2030, 71, 71, + 2032, 2033, 2037, 71, 2034, 71, 71, 2038, 71, 71, + 2040, 2041, 2039, 71, 2036, 71, 71, 71, 2042, 2044, + 2043, 2047, 71, 71, 71, 2045, 2046, 2048, 71, 71, + 71, 71, 71, 71, 2049, 71, 71, 2056, 2051, 2050, + 2057, 2053, 2054, 2052, 71, 2058, 71, 71, 71, 71, + 2059, 2055, 2061, 2067, 71, 71, 2062, 71, 71, 2069, + 71, 71, 2063, 2060, 2066, 2071, 2064, 2068, 71, 71, - 71, 2070, 2071, 71, 71, 2072, 2073, 71, 2075, 71, - 2077, 71, 2076, 2068, 71, 2078, 71, 71, 2074, 2080, - 71, 71, 2079, 71, 2069, 71, 71, 2081, 71, 71, - 2083, 2082, 71, 2085, 2088, 71, 71, 2091, 71, 71, - 71, 71, 71, 2092, 2086, 2084, 2094, 2087, 71, 71, - 71, 71, 2090, 2089, 2098, 2093, 71, 2101, 71, 71, - 2096, 71, 71, 71, 2099, 71, 71, 2102, 2095, 2097, - 71, 71, 71, 71, 2100, 2112, 71, 71, 71, 71, - 2103, 2104, 2113, 2109, 71, 2107, 2105, 71, 2111, 2106, - 2114, 2108, 2115, 2110, 71, 2117, 71, 2116, 2118, 71, + 71, 3043, 2074, 2072, 2065, 2076, 2070, 2075, 71, 2077, + 71, 71, 2073, 2078, 71, 71, 2081, 71, 71, 2082, + 2080, 71, 2079, 2086, 71, 71, 2087, 71, 71, 2090, + 2085, 71, 71, 2083, 71, 71, 2091, 71, 2092, 2088, + 2093, 71, 71, 2095, 2084, 71, 2089, 2094, 71, 71, + 2100, 71, 2096, 71, 2097, 2098, 71, 2099, 71, 71, + 71, 71, 71, 2103, 71, 71, 2107, 2109, 71, 2110, + 71, 2102, 71, 71, 71, 71, 2101, 2104, 2105, 2112, + 2106, 71, 71, 71, 71, 2111, 2108, 2114, 2116, 2119, + 71, 71, 2115, 71, 2117, 71, 71, 71, 2113, 2120, - 2119, 71, 2120, 71, 2122, 71, 2125, 71, 71, 2121, - 71, 71, 71, 2126, 2123, 2127, 71, 2124, 2131, 71, - 2132, 71, 71, 2134, 71, 71, 2136, 71, 2130, 71, - 71, 2128, 2129, 2139, 71, 2138, 2140, 71, 71, 71, - 71, 2133, 71, 2135, 2137, 71, 2146, 71, 2142, 71, - 2145, 71, 2141, 71, 2143, 2148, 71, 71, 71, 2150, - 2151, 2144, 71, 2152, 2154, 71, 71, 71, 2147, 2149, - 2158, 71, 71, 71, 71, 71, 71, 2155, 2153, 2162, - 71, 2156, 2163, 71, 71, 71, 2157, 2167, 71, 2161, - 71, 71, 2159, 71, 2170, 2164, 2160, 71, 2169, 2165, + 2118, 71, 71, 2121, 71, 71, 71, 2130, 71, 71, + 71, 71, 2122, 2131, 2127, 71, 2125, 2285, 2123, 2133, + 2124, 2129, 2126, 71, 2132, 2128, 71, 2135, 2134, 2136, + 71, 2137, 71, 71, 71, 2140, 71, 71, 2138, 2143, + 71, 71, 2144, 71, 71, 2141, 2139, 71, 2142, 2145, + 2149, 71, 2150, 71, 71, 2152, 71, 71, 71, 2148, + 71, 2146, 71, 2147, 2154, 71, 71, 2157, 71, 2158, + 71, 2156, 2159, 2151, 71, 2153, 71, 2155, 71, 2162, + 71, 2164, 71, 2160, 71, 2163, 2166, 71, 71, 71, + 2161, 71, 2169, 71, 2168, 71, 2170, 2165, 2172, 71, - 2166, 71, 71, 2174, 71, 71, 71, 2176, 71, 2177, - 2168, 2171, 71, 2175, 71, 2172, 71, 2181, 71, 2182, - 2180, 71, 71, 71, 2178, 71, 2179, 2173, 2186, 71, - 2188, 2184, 71, 2191, 2189, 71, 71, 2193, 71, 71, - 71, 2183, 2185, 71, 71, 2194, 71, 2190, 2187, 2195, - 71, 2197, 71, 2198, 71, 2199, 2192, 71, 71, 71, - 2987, 2196, 2204, 2200, 2205, 71, 2201, 2202, 71, 2206, - 71, 71, 2207, 2203, 71, 2209, 2210, 71, 2211, 71, - 2208, 71, 71, 71, 71, 71, 2212, 2217, 71, 71, - 71, 71, 71, 71, 2219, 71, 2224, 2215, 2218, 2213, + 71, 71, 2167, 2176, 71, 71, 71, 71, 2174, 71, + 2173, 2171, 71, 2180, 2181, 71, 71, 2185, 71, 2175, + 71, 2177, 2179, 71, 71, 2182, 71, 2183, 2178, 71, + 2187, 2184, 71, 71, 2192, 71, 71, 2194, 2188, 71, + 2186, 71, 2195, 71, 2189, 2193, 71, 2190, 2199, 71, + 71, 2200, 71, 2198, 71, 71, 71, 2196, 2191, 2197, + 2204, 2206, 71, 2202, 71, 2209, 71, 2207, 71, 2211, + 71, 71, 71, 2203, 2201, 71, 71, 2212, 71, 2208, + 2205, 2213, 71, 2215, 71, 2216, 71, 2210, 71, 71, + 71, 71, 2221, 2214, 2222, 2217, 2223, 2218, 2219, 2220, - 2216, 2214, 2220, 71, 2223, 2221, 2222, 71, 2225, 2228, - 71, 71, 2229, 2230, 71, 2226, 71, 71, 2233, 2227, - 2231, 2232, 2234, 71, 71, 2235, 71, 71, 71, 71, - 2237, 71, 71, 71, 2241, 71, 71, 2236, 2243, 2238, - 2242, 2244, 71, 71, 71, 2239, 71, 71, 2245, 71, - 71, 2240, 71, 2246, 2248, 2249, 71, 2251, 71, 71, - 2250, 71, 71, 71, 2258, 2255, 2247, 71, 2257, 2252, - 71, 71, 71, 2254, 71, 2263, 71, 2259, 2253, 2262, - 71, 71, 2256, 71, 2264, 2260, 2268, 71, 2261, 2265, - 71, 2267, 71, 71, 2266, 71, 2270, 2271, 2272, 71, + 71, 71, 71, 71, 2225, 2224, 71, 2227, 2228, 71, + 2229, 2231, 2226, 2232, 71, 71, 71, 71, 2230, 2235, + 71, 71, 71, 71, 71, 71, 2237, 2242, 71, 71, + 71, 2233, 2234, 2243, 2238, 71, 2236, 2246, 71, 2239, + 2240, 2241, 71, 2247, 2248, 71, 71, 2245, 71, 2249, + 2244, 2251, 2252, 2250, 2253, 71, 71, 71, 71, 71, + 2255, 71, 71, 71, 71, 2259, 2260, 71, 3043, 71, + 2254, 71, 71, 2256, 2262, 2263, 2257, 71, 2265, 71, + 2264, 2261, 2258, 71, 71, 71, 71, 71, 2266, 71, + 2269, 2270, 71, 2267, 2272, 71, 71, 71, 71, 71, - 2274, 71, 71, 71, 71, 2276, 71, 71, 71, 71, - 71, 2273, 2275, 2286, 2280, 2284, 71, 71, 2269, 71, - 2277, 2278, 2282, 71, 2279, 2285, 71, 71, 2283, 71, - 2287, 71, 71, 71, 71, 71, 2281, 2290, 2293, 71, - 71, 2295, 71, 2288, 2294, 71, 2292, 71, 2298, 71, - 71, 71, 2291, 2289, 71, 2301, 2303, 2297, 2296, 2302, - 71, 71, 71, 71, 2299, 71, 71, 71, 2300, 2307, - 2306, 2305, 71, 71, 71, 71, 71, 2308, 2311, 2304, - 2309, 2313, 2314, 71, 2310, 2315, 71, 2316, 71, 2317, - 71, 71, 71, 2319, 2312, 71, 2321, 2320, 71, 2322, + 2271, 71, 2276, 2279, 71, 2268, 2278, 71, 71, 71, + 2280, 2275, 71, 71, 2284, 2273, 2274, 2283, 71, 2277, + 71, 71, 71, 2286, 2282, 2281, 2292, 2287, 71, 2288, + 71, 71, 2291, 2289, 2293, 71, 2295, 71, 71, 71, + 71, 2297, 71, 71, 2290, 71, 71, 2294, 2296, 71, + 71, 2301, 71, 71, 71, 2303, 2298, 2299, 2304, 2305, + 71, 2300, 2306, 71, 2307, 71, 2308, 71, 2309, 71, + 71, 71, 2311, 2314, 71, 2302, 2310, 71, 2316, 71, + 71, 2319, 71, 2313, 71, 71, 2315, 71, 2312, 71, + 2322, 2323, 71, 71, 71, 2318, 71, 2317, 2324, 71, - 71, 71, 71, 2318, 71, 2327, 71, 71, 2329, 71, - 2330, 71, 2323, 2324, 71, 71, 71, 71, 71, 71, - 2326, 71, 2325, 2333, 2336, 2331, 2328, 2332, 71, 2334, - 2339, 71, 71, 71, 71, 71, 71, 71, 2335, 71, - 2346, 2337, 2340, 71, 71, 71, 71, 71, 2338, 2343, - 71, 2345, 2347, 71, 2342, 2987, 2353, 71, 2341, 2344, - 2348, 2349, 2350, 71, 71, 71, 2357, 71, 2355, 2351, - 2356, 2354, 71, 2352, 2358, 71, 71, 2359, 71, 2360, - 71, 2361, 2362, 2363, 71, 71, 71, 71, 71, 71, - 71, 71, 2372, 71, 2373, 71, 71, 71, 2369, 2376, + 71, 2327, 2328, 71, 2320, 2321, 71, 71, 2326, 71, + 71, 71, 2325, 71, 2332, 71, 2334, 2329, 2374, 2331, + 2330, 2335, 71, 2336, 71, 2337, 71, 2338, 71, 71, + 2333, 2340, 71, 71, 2342, 71, 2343, 2341, 71, 71, + 71, 2339, 71, 2348, 71, 71, 2350, 71, 2351, 71, + 2344, 2345, 71, 71, 71, 71, 71, 71, 2347, 71, + 2346, 2354, 2357, 2352, 2349, 2353, 71, 2355, 2360, 71, + 71, 71, 71, 71, 71, 71, 2356, 71, 2367, 2358, + 2361, 71, 71, 71, 71, 71, 2359, 2364, 71, 2366, + 2368, 71, 2363, 2378, 71, 3043, 2362, 2365, 2369, 2370, - 71, 2378, 71, 2364, 2366, 2365, 2375, 71, 2368, 2367, - 2370, 2371, 71, 71, 71, 71, 2377, 71, 2374, 71, - 71, 2381, 71, 2387, 71, 2388, 71, 71, 2389, 71, - 2379, 2380, 2382, 2383, 71, 71, 2385, 2384, 71, 71, - 71, 2386, 71, 2393, 2391, 2390, 71, 2396, 2397, 2398, - 71, 71, 71, 2399, 2392, 2400, 71, 71, 71, 2394, - 2395, 71, 71, 71, 71, 71, 2402, 71, 2406, 71, - 71, 2401, 2410, 2404, 2411, 71, 71, 2403, 2414, 71, - 71, 71, 2405, 71, 2407, 2409, 2408, 2415, 2413, 71, - 71, 2412, 71, 2417, 2419, 2416, 2418, 71, 2422, 71, + 2371, 71, 71, 71, 71, 2375, 2376, 2372, 2377, 2379, + 71, 2373, 71, 2380, 71, 2381, 71, 2382, 71, 71, + 2383, 71, 71, 2385, 71, 71, 71, 71, 71, 2384, + 2392, 71, 71, 71, 2390, 71, 2396, 2397, 71, 2386, + 2387, 71, 71, 2388, 2389, 71, 2391, 2393, 71, 2394, + 2395, 2399, 2400, 71, 2401, 2398, 2402, 71, 71, 2403, + 71, 71, 71, 71, 71, 2405, 2404, 71, 2411, 71, + 2412, 71, 2413, 71, 71, 2406, 71, 71, 71, 2407, + 2408, 71, 2410, 2409, 2418, 71, 2417, 2422, 71, 2415, + 2420, 2414, 71, 71, 2421, 2416, 71, 2419, 2423, 2424, - 71, 71, 71, 2426, 71, 71, 2425, 2428, 71, 2424, - 2420, 71, 2421, 2423, 71, 71, 2429, 71, 2433, 71, - 71, 2434, 71, 2430, 2427, 2436, 71, 71, 71, 2432, - 71, 2431, 71, 71, 2441, 71, 2443, 71, 71, 2439, - 2437, 2438, 2440, 2444, 2435, 71, 71, 2442, 71, 71, - 2445, 71, 71, 2447, 71, 71, 71, 2448, 71, 71, - 2446, 2450, 2451, 2453, 2454, 71, 2456, 71, 2457, 71, - 2449, 2452, 71, 71, 71, 71, 2462, 2682, 2459, 2458, - 2455, 71, 71, 71, 2464, 71, 2463, 2467, 71, 71, - 2468, 71, 2460, 2461, 2466, 71, 2470, 71, 71, 2472, + 71, 71, 71, 71, 71, 71, 71, 71, 71, 71, + 2426, 2430, 2425, 71, 71, 2428, 2434, 2435, 71, 2438, + 71, 2427, 71, 71, 2429, 2431, 2432, 2437, 2433, 2436, + 71, 71, 2442, 71, 2439, 2441, 2443, 2440, 71, 71, + 2446, 71, 71, 71, 71, 2450, 71, 71, 2449, 2452, + 71, 71, 2448, 71, 2447, 71, 2453, 71, 2444, 2445, + 2457, 71, 2454, 71, 2458, 71, 2451, 2460, 71, 2456, + 71, 2455, 71, 71, 71, 71, 2465, 71, 2467, 71, + 71, 71, 2463, 2461, 2464, 2462, 2468, 2459, 71, 2466, + 71, 71, 71, 2469, 2470, 2471, 71, 71, 71, 2472, - 2465, 2471, 71, 2476, 2473, 71, 71, 2474, 2469, 71, - 71, 2475, 71, 71, 2477, 71, 71, 2478, 71, 71, - 71, 71, 2479, 2482, 2481, 2484, 71, 71, 71, 2485, - 2480, 2483, 2487, 2486, 71, 71, 71, 71, 71, 2488, - 71, 2493, 71, 71, 71, 2491, 2489, 2492, 2490, 71, - 71, 2494, 2498, 71, 71, 71, 2495, 2502, 71, 2501, - 71, 71, 71, 2496, 2500, 71, 2506, 2987, 2497, 2499, - 2507, 71, 2509, 2503, 2510, 2504, 2511, 71, 71, 71, - 71, 2505, 71, 2512, 71, 2513, 71, 71, 2515, 71, - 2508, 2514, 71, 2517, 71, 71, 2520, 2521, 71, 71, + 71, 71, 71, 71, 3043, 2474, 2475, 2477, 2478, 2480, + 71, 2473, 2476, 2481, 71, 2479, 71, 71, 71, 2484, + 2486, 3043, 2483, 2482, 71, 71, 71, 71, 2488, 2487, + 71, 2491, 71, 2492, 71, 2490, 2485, 71, 2494, 71, + 2489, 71, 2496, 71, 2495, 71, 71, 2497, 71, 71, + 2493, 2498, 2500, 71, 2499, 71, 71, 2501, 71, 71, + 2502, 71, 2507, 2516, 2506, 2503, 2508, 71, 71, 2505, + 71, 71, 71, 71, 2504, 2509, 2511, 71, 71, 2510, + 2512, 71, 71, 2514, 71, 2513, 2515, 71, 71, 2520, + 71, 71, 71, 2518, 71, 2517, 2519, 2525, 71, 2521, - 2516, 2522, 71, 2523, 71, 71, 2518, 71, 71, 2519, - 2525, 2524, 2526, 71, 71, 71, 2530, 71, 2533, 2527, - 2528, 2531, 71, 2534, 71, 71, 2529, 71, 2532, 2535, - 71, 71, 71, 71, 2536, 2540, 71, 71, 2537, 71, - 2541, 2542, 71, 2544, 71, 2538, 71, 71, 2543, 2548, - 2545, 71, 2539, 2549, 71, 71, 71, 2551, 71, 71, - 2550, 2547, 2552, 71, 2546, 71, 2557, 71, 71, 71, - 71, 2556, 71, 2559, 2553, 2560, 71, 71, 2554, 2555, - 71, 71, 2561, 71, 2563, 71, 2565, 71, 2562, 71, - 2570, 71, 2558, 2564, 2568, 71, 2572, 71, 71, 71, + 71, 71, 71, 2529, 71, 71, 71, 71, 2534, 71, + 2522, 2527, 2523, 2524, 71, 71, 2528, 2536, 2533, 2526, + 2537, 2531, 2538, 71, 2530, 71, 71, 2532, 71, 2539, + 71, 71, 71, 2540, 71, 71, 2541, 71, 71, 2544, + 2535, 2542, 71, 2547, 2548, 71, 71, 2543, 2549, 71, + 2551, 2545, 71, 2546, 2550, 71, 71, 2552, 2553, 71, + 71, 71, 2557, 71, 71, 2555, 71, 2558, 71, 71, + 2560, 2561, 71, 2556, 2562, 71, 2554, 71, 71, 2564, + 2563, 71, 2565, 2559, 2567, 71, 71, 2568, 2569, 71, + 2571, 71, 71, 71, 71, 2575, 2570, 71, 2566, 2576, - 2578, 71, 2566, 2567, 71, 2569, 2574, 2575, 71, 2571, - 2573, 71, 2576, 71, 71, 2579, 71, 2580, 2577, 71, - 2581, 71, 2582, 71, 2583, 71, 71, 71, 2584, 2987, - 2586, 2585, 2590, 71, 2587, 71, 71, 71, 2591, 2593, - 71, 2595, 71, 71, 2594, 71, 2588, 2589, 2596, 2597, - 71, 71, 71, 71, 2592, 2602, 71, 71, 71, 71, - 2598, 2599, 2600, 2601, 71, 2606, 2604, 71, 2603, 71, - 2607, 71, 2608, 2605, 2610, 71, 2609, 2611, 71, 2612, - 71, 71, 71, 71, 71, 71, 71, 71, 2621, 2613, - 71, 71, 2616, 71, 71, 2619, 2617, 2638, 2624, 71, + 71, 71, 71, 71, 2578, 2572, 2577, 71, 2574, 2579, + 71, 2573, 71, 2584, 71, 2587, 71, 71, 2583, 71, + 2580, 2586, 71, 2581, 71, 71, 71, 2582, 2590, 2588, + 2589, 71, 71, 71, 2592, 71, 71, 3043, 2595, 2585, + 71, 2599, 71, 71, 71, 71, 71, 2601, 71, 2593, + 2594, 2591, 71, 2596, 2598, 2602, 2597, 2600, 2606, 2603, + 2605, 2609, 71, 2607, 71, 2604, 71, 2608, 71, 2610, + 71, 2611, 71, 2612, 71, 2613, 71, 71, 71, 71, + 71, 2615, 2614, 71, 2621, 71, 71, 71, 2618, 2622, + 2624, 71, 71, 2626, 71, 71, 71, 2616, 3043, 2625, - 2615, 2987, 2622, 71, 2625, 71, 2614, 2620, 71, 2626, - 2618, 71, 2623, 71, 2627, 71, 2628, 71, 2629, 2631, - 71, 2630, 2632, 71, 2633, 71, 71, 71, 2641, 71, - 71, 71, 2637, 2635, 2636, 2634, 2639, 71, 71, 71, - 71, 2646, 2640, 71, 2644, 2648, 71, 71, 2642, 71, - 71, 71, 2652, 71, 71, 71, 71, 71, 2645, 2643, - 2655, 71, 71, 71, 2650, 71, 71, 2653, 2647, 2649, - 2654, 2651, 2656, 2659, 2658, 71, 71, 2657, 2662, 71, - 2660, 2664, 71, 2665, 71, 2663, 2667, 71, 2661, 71, - 71, 71, 71, 71, 2672, 71, 71, 2666, 2671, 71, + 2619, 2627, 71, 2620, 2617, 2623, 2628, 71, 71, 71, + 71, 2629, 71, 2632, 2633, 71, 2634, 2630, 2631, 2635, + 71, 2637, 71, 71, 71, 71, 2638, 71, 71, 2641, + 71, 2640, 2642, 71, 71, 2636, 2639, 2643, 71, 2644, + 71, 71, 71, 2647, 71, 71, 71, 3043, 2646, 2652, + 71, 2650, 2648, 2645, 71, 71, 71, 2653, 2694, 2655, + 71, 2656, 71, 2657, 2651, 71, 2649, 2654, 71, 2658, + 2659, 71, 2660, 2662, 71, 2661, 2663, 71, 2664, 71, + 71, 71, 71, 71, 2669, 71, 71, 2668, 2666, 2665, + 71, 2670, 71, 2672, 71, 71, 2677, 2671, 71, 71, - 71, 2676, 71, 2678, 71, 2668, 2669, 2670, 71, 2680, - 2683, 71, 2673, 2684, 71, 71, 2677, 71, 2675, 2674, - 71, 71, 2681, 2686, 71, 71, 71, 2691, 2679, 71, - 71, 71, 2688, 71, 2689, 2695, 71, 71, 71, 71, - 2685, 2696, 2693, 2687, 71, 2697, 2690, 2700, 2692, 2698, - 2703, 2694, 71, 71, 2701, 71, 71, 71, 71, 2699, - 2702, 71, 71, 2705, 71, 2708, 2706, 71, 2711, 71, - 2704, 71, 2712, 71, 2715, 71, 71, 71, 2716, 71, - 71, 2707, 71, 2713, 2709, 2710, 2714, 2717, 71, 71, - 2718, 2720, 71, 2719, 2721, 71, 2722, 71, 71, 2724, + 2667, 2673, 71, 2675, 2679, 71, 2674, 71, 71, 71, + 71, 2680, 71, 2676, 2681, 2682, 71, 2683, 71, 2687, + 71, 71, 71, 71, 2678, 71, 71, 2684, 71, 2690, + 71, 71, 2686, 2685, 2688, 2689, 2695, 2691, 71, 2692, + 2697, 71, 2699, 71, 71, 2693, 2700, 71, 2702, 71, + 71, 71, 71, 71, 2707, 71, 2696, 2698, 2706, 71, + 71, 71, 71, 2711, 71, 2701, 2703, 2704, 2705, 2713, + 71, 71, 71, 71, 71, 2715, 71, 2716, 2712, 2708, + 2710, 71, 71, 2709, 2718, 71, 2719, 71, 2721, 71, + 71, 2714, 2726, 2723, 2720, 2717, 2725, 71, 71, 2724, - 71, 71, 2726, 2723, 71, 71, 2729, 71, 2725, 2730, - 71, 71, 2735, 71, 2734, 71, 71, 71, 71, 71, - 71, 2731, 2733, 2727, 2785, 2738, 2728, 2739, 71, 2740, - 71, 2732, 71, 71, 2743, 71, 2736, 2741, 2737, 71, - 71, 2746, 71, 2745, 71, 71, 71, 2742, 71, 2747, - 71, 2744, 71, 2750, 71, 71, 71, 71, 2752, 71, - 71, 2987, 2751, 2753, 71, 2748, 2749, 71, 71, 71, - 71, 71, 2767, 2754, 2762, 2758, 2755, 2756, 2757, 2765, - 71, 2759, 2760, 71, 2764, 2766, 71, 2776, 2761, 71, - 2763, 2768, 71, 2769, 71, 2770, 2771, 71, 71, 2772, + 71, 71, 2730, 71, 71, 71, 2732, 2731, 2722, 71, + 71, 2735, 2728, 2736, 71, 71, 2727, 71, 2737, 2738, + 71, 2729, 2733, 71, 71, 71, 71, 2743, 2740, 2734, + 71, 2741, 71, 71, 2746, 71, 71, 71, 2739, 71, + 2751, 71, 71, 2742, 2747, 71, 71, 2744, 2745, 2754, + 71, 3043, 2750, 71, 2748, 2753, 2755, 71, 2756, 2757, + 71, 2752, 2749, 2759, 71, 2758, 2760, 71, 2761, 71, + 71, 2763, 71, 71, 71, 2762, 71, 71, 71, 2768, + 2769, 71, 71, 71, 71, 2773, 71, 71, 2774, 71, + 71, 3043, 2764, 2772, 71, 2777, 2765, 2770, 2766, 2767, - 2773, 71, 71, 2774, 2775, 71, 71, 2777, 71, 2780, - 71, 71, 2783, 71, 71, 2778, 2782, 71, 2786, 2779, - 71, 2781, 71, 71, 71, 2791, 2787, 2792, 71, 2793, - 71, 71, 2790, 71, 71, 2784, 71, 2788, 2789, 2795, - 71, 2800, 2796, 2798, 71, 2797, 2794, 71, 2799, 71, - 71, 71, 71, 2807, 71, 2802, 2804, 2805, 71, 2809, - 71, 2801, 71, 2808, 2856, 2803, 2810, 71, 71, 2806, - 2811, 71, 2812, 71, 2813, 71, 2814, 71, 2815, 71, - 2816, 71, 71, 2818, 71, 71, 71, 71, 2821, 2823, - 71, 2817, 71, 71, 2819, 71, 71, 2827, 2820, 71, + 2778, 71, 2771, 2779, 71, 71, 71, 2775, 2776, 2782, + 2780, 71, 71, 71, 71, 71, 2785, 71, 71, 2786, + 2781, 2784, 71, 2783, 71, 71, 71, 2789, 71, 71, + 71, 2791, 2787, 71, 2792, 71, 2790, 71, 2788, 71, + 71, 71, 71, 71, 2808, 71, 2801, 2793, 2802, 2794, + 2795, 2796, 2804, 2797, 71, 2803, 2798, 2799, 71, 2805, + 71, 2800, 2806, 2809, 71, 71, 2811, 71, 71, 2810, + 2812, 71, 2819, 2807, 2813, 2814, 71, 71, 2815, 2816, + 71, 71, 2817, 2818, 71, 71, 2820, 71, 71, 71, + 71, 2826, 71, 71, 2821, 2825, 71, 2829, 2822, 2843, - 2829, 71, 71, 71, 71, 2826, 2822, 2824, 2825, 71, - 71, 2833, 2831, 71, 2828, 2836, 2835, 71, 71, 71, - 2830, 71, 2834, 2838, 71, 71, 71, 71, 71, 2832, - 2843, 2837, 2845, 71, 2846, 71, 2847, 71, 2839, 2844, - 71, 2841, 2840, 2842, 71, 71, 71, 71, 71, 2850, - 71, 71, 71, 2849, 71, 2855, 71, 2858, 71, 71, - 71, 2852, 2854, 2848, 71, 71, 2851, 2857, 71, 71, - 71, 2853, 2859, 2860, 71, 2867, 2861, 71, 2870, 71, - 2862, 71, 71, 2864, 71, 2863, 2865, 71, 2868, 2866, - 2871, 2872, 71, 71, 2873, 2874, 71, 2869, 2875, 71, + 2823, 71, 71, 2828, 71, 71, 71, 71, 2824, 71, + 2830, 71, 2834, 71, 2827, 2833, 2864, 2831, 2835, 71, + 2836, 71, 2832, 71, 2837, 71, 2841, 71, 2838, 71, + 71, 2842, 71, 71, 2839, 2847, 71, 2840, 2844, 2850, + 71, 2848, 2845, 2851, 71, 71, 2853, 71, 2899, 71, + 2846, 2852, 2849, 2854, 71, 71, 2856, 71, 2857, 71, + 2855, 2858, 71, 2859, 71, 2860, 71, 2861, 71, 2862, + 71, 2863, 71, 2865, 71, 71, 71, 71, 71, 71, + 2870, 71, 71, 71, 2866, 71, 2874, 71, 2867, 71, + 2876, 71, 71, 2871, 71, 2872, 2883, 2868, 2869, 2873, - 71, 2876, 71, 2878, 2877, 71, 71, 2879, 2883, 71, - 2880, 71, 2881, 71, 71, 2886, 71, 71, 2889, 71, - 71, 2882, 71, 2884, 2892, 71, 71, 2893, 2887, 71, - 71, 2885, 2896, 2897, 71, 2890, 2888, 2894, 71, 71, - 2891, 71, 71, 2901, 71, 71, 71, 71, 2898, 2895, - 71, 71, 71, 71, 2899, 2905, 71, 2907, 71, 71, - 2904, 2900, 71, 71, 2987, 71, 2902, 2903, 2912, 2909, - 2906, 2910, 2908, 71, 71, 2917, 71, 71, 2911, 2913, - 71, 2919, 2914, 2915, 2987, 2918, 71, 71, 71, 2920, - 71, 2921, 2916, 71, 2925, 2922, 2924, 71, 2923, 71, + 71, 2877, 71, 2878, 2875, 71, 2880, 71, 71, 71, + 2882, 71, 2881, 71, 2885, 71, 71, 71, 2879, 71, + 71, 2889, 2884, 2892, 71, 71, 2890, 2894, 71, 71, + 2886, 2887, 2888, 71, 2891, 2895, 71, 2893, 2896, 71, + 71, 71, 2898, 71, 71, 71, 71, 2907, 2897, 2900, + 2904, 71, 71, 2905, 2901, 2903, 71, 71, 2906, 71, + 71, 71, 71, 71, 2902, 2908, 71, 71, 71, 71, + 71, 2914, 71, 2911, 2918, 2909, 2913, 2910, 2915, 2921, + 71, 2922, 2919, 71, 2916, 2912, 71, 2917, 2923, 71, + 2920, 71, 2924, 2925, 71, 2926, 71, 71, 71, 71, - 71, 2926, 71, 71, 2927, 2928, 71, 2929, 71, 71, - 71, 2934, 71, 71, 71, 2931, 2930, 71, 71, 2937, - 2938, 71, 71, 71, 71, 71, 2936, 2941, 2932, 2933, - 71, 2935, 2939, 2942, 71, 2940, 71, 2945, 2944, 2946, - 71, 71, 2949, 2943, 71, 71, 2951, 71, 2952, 71, - 71, 71, 71, 2947, 2953, 71, 2948, 2954, 2956, 71, - 2957, 71, 71, 2950, 2958, 2959, 71, 71, 2960, 71, - 2955, 2962, 71, 71, 2961, 2965, 71, 2963, 71, 71, - 71, 71, 71, 2967, 2968, 71, 2971, 71, 2964, 2972, - 71, 71, 2966, 71, 2975, 2976, 71, 71, 2977, 2969, + 2929, 71, 2927, 2930, 2931, 71, 2928, 2934, 71, 71, + 71, 71, 71, 71, 71, 2937, 2939, 71, 2942, 71, + 2933, 2936, 2935, 71, 71, 71, 2932, 2940, 2945, 71, + 2949, 2938, 71, 2941, 71, 2946, 71, 2950, 2943, 71, + 2947, 71, 2944, 71, 2948, 71, 71, 2955, 71, 2956, + 71, 2954, 71, 2951, 2952, 71, 71, 71, 71, 71, + 71, 2960, 71, 71, 2953, 2962, 71, 2969, 71, 71, + 2959, 71, 2964, 2957, 2967, 2958, 2965, 71, 2961, 71, + 71, 2963, 2968, 2973, 71, 2966, 71, 71, 2975, 71, + 2976, 2970, 2974, 71, 71, 71, 71, 2971, 2977, 2972, - 2970, 2973, 2978, 71, 2979, 71, 2974, 71, 71, 71, - 71, 2985, 71, 2981, 2980, 2982, 2983, 2986, 71, 2987, - 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2984, 43, - 43, 43, 43, 43, 43, 43, 48, 48, 48, 48, - 48, 48, 48, 53, 53, 53, 53, 53, 53, 53, - 59, 59, 59, 59, 59, 59, 59, 64, 64, 64, - 64, 64, 64, 64, 74, 74, 2987, 74, 74, 74, - 74, 141, 141, 2987, 2987, 2987, 141, 141, 143, 143, - 2987, 2987, 143, 2987, 143, 145, 2987, 2987, 2987, 2987, - 2987, 145, 148, 148, 2987, 2987, 2987, 148, 148, 150, + 2978, 2979, 2981, 2982, 71, 2980, 71, 71, 71, 2984, + 71, 2983, 71, 71, 71, 71, 2985, 2990, 71, 71, + 2987, 71, 2993, 71, 2994, 71, 2986, 71, 71, 71, + 71, 71, 2992, 2988, 2989, 2997, 2995, 2991, 71, 2996, + 71, 3001, 71, 3002, 3000, 71, 71, 2998, 2999, 71, + 3005, 71, 3007, 71, 3008, 3003, 71, 71, 71, 3012, + 71, 3009, 71, 71, 3010, 3006, 71, 3013, 3014, 3015, + 71, 3004, 71, 71, 71, 71, 71, 3011, 71, 3016, + 3017, 3019, 3018, 3021, 71, 71, 71, 71, 71, 3027, + 3023, 3024, 71, 3020, 3022, 3028, 71, 3025, 71, 71, - 2987, 2987, 2987, 2987, 2987, 150, 152, 152, 2987, 152, - 152, 152, 152, 75, 75, 2987, 75, 75, 75, 75, - 13, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, - 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, - 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, - 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, - 2987 + 3031, 3032, 71, 71, 3034, 71, 3026, 3035, 71, 71, + 3033, 3029, 71, 71, 71, 71, 3036, 3030, 3037, 3038, + 3041, 71, 3042, 71, 3043, 3043, 3043, 3043, 3043, 3043, + 3043, 3039, 3043, 3043, 3040, 43, 43, 43, 43, 43, + 43, 43, 48, 48, 48, 48, 48, 48, 48, 53, + 53, 53, 53, 53, 53, 53, 59, 59, 59, 59, + 59, 59, 59, 64, 64, 64, 64, 64, 64, 64, + 74, 74, 3043, 74, 74, 74, 74, 141, 141, 3043, + 3043, 3043, 141, 141, 143, 143, 3043, 3043, 143, 3043, + 143, 145, 3043, 3043, 3043, 3043, 3043, 145, 148, 148, + + 3043, 3043, 3043, 148, 148, 150, 3043, 3043, 3043, 3043, + 3043, 150, 152, 152, 3043, 152, 152, 152, 152, 75, + 75, 3043, 75, 75, 75, 75, 13, 3043, 3043, 3043, + 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, + 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, + 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, + 3043, 3043, 3043, 3043, 3043, 3043, 3043 } ; -static const flex_int16_t yy_chk[5862] = +static const flex_int16_t yy_chk[5968] = { 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, @@ -2064,13 +2092,13 @@ static const flex_int16_t yy_chk[5862] = 5, 3, 6, 20, 4, 20, 20, 5, 20, 6, 7, 7, 7, 7, 20, 7, 8, 8, 8, 8, 29, 8, 7, 9, 9, 9, 22, 22, 8, 10, - 10, 10, 15, 25, 9, 29, 15, 25, 2993, 31, + 10, 10, 15, 25, 9, 29, 15, 25, 3049, 31, 10, 11, 11, 11, 11, 11, 11, 19, 79, 19, 19, 30, 19, 11, 31, 79, 30, 25, 19, 19, 47, 47, 11, 12, 12, 12, 12, 12, 12, 21, 23, 23, 21, 21, 24, 12, 21, 81, 23, 24, - 34, 21, 23, 24, 12, 23, 24, 999, 24, 24, + 34, 21, 23, 24, 12, 23, 24, 1000, 24, 24, 21, 26, 26, 27, 27, 90, 28, 81, 32, 32, 28, 34, 27, 28, 33, 33, 26, 32, 36, 33, 28, 35, 28, 32, 90, 42, 35, 32, 52, 84, @@ -2223,484 +2251,495 @@ static const flex_int16_t yy_chk[5862] = 665, 668, 669, 666, 660, 661, 664, 670, 669, 671, 672, 662, 673, 671, 674, 675, 676, 678, 677, 679, - 668, 675, 672, 680, 676, 677, 714, 670, 714, 681, - 683, 689, 674, 686, 681, 678, 690, 673, 681, 691, - 689, 681, 690, 680, 679, 683, 693, 693, 681, 692, - 686, 681, 696, 692, 697, 691, 694, 694, 698, 699, - 704, 701, 709, 702, 703, 699, 701, 717, 697, 705, - 696, 717, 705, 706, 706, 708, 708, 709, 698, 700, - 700, 700, 703, 700, 702, 704, 700, 707, 710, 710, - 711, 700, 716, 712, 707, 711, 712, 700, 700, 713, + 668, 675, 672, 680, 676, 677, 683, 670, 690, 686, + 689, 691, 674, 698, 690, 678, 692, 673, 696, 689, + 692, 683, 70, 680, 679, 681, 686, 691, 693, 693, + 681, 694, 694, 698, 681, 697, 696, 681, 701, 702, + 699, 703, 704, 701, 681, 681, 699, 681, 707, 697, + 700, 700, 700, 705, 700, 707, 705, 700, 709, 703, + 702, 64, 700, 706, 706, 708, 708, 704, 700, 700, + 710, 710, 711, 709, 713, 712, 715, 711, 712, 713, - 715, 718, 720, 719, 713, 721, 721, 725, 722, 727, - 720, 716, 715, 723, 724, 724, 726, 749, 728, 730, - 730, 718, 719, 722, 728, 725, 749, 723, 726, 729, - 731, 727, 733, 734, 729, 731, 731, 733, 735, 734, - 736, 737, 739, 738, 735, 736, 738, 737, 739, 740, - 741, 741, 742, 742, 743, 744, 745, 740, 746, 747, - 750, 745, 743, 748, 748, 746, 751, 752, 750, 756, - 754, 755, 751, 744, 756, 757, 759, 760, 747, 754, - 755, 759, 758, 761, 757, 758, 752, 762, 763, 764, - 766, 760, 765, 765, 764, 764, 762, 767, 768, 769, + 714, 716, 714, 717, 718, 720, 719, 717, 715, 721, + 721, 722, 725, 720, 723, 724, 724, 726, 727, 760, + 716, 728, 730, 730, 718, 719, 722, 728, 723, 726, + 725, 729, 731, 760, 733, 734, 729, 731, 731, 733, + 727, 734, 735, 738, 736, 737, 738, 739, 735, 736, + 740, 737, 743, 739, 741, 741, 742, 742, 740, 744, + 743, 745, 746, 747, 748, 748, 745, 749, 751, 746, + 750, 752, 754, 761, 751, 755, 749, 744, 750, 757, + 756, 754, 747, 758, 755, 756, 758, 759, 757, 763, + 752, 762, 759, 765, 765, 766, 767, 768, 761, 764, - 770, 763, 772, 770, 772, 766, 774, 768, 761, 773, - 773, 770, 775, 776, 779, 777, 767, 775, 778, 780, - 781, 782, 783, 769, 784, 786, 783, 774, 785, 781, - 789, 786, 787, 788, 776, 777, 779, 790, 778, 780, - 791, 787, 784, 792, 782, 788, 791, 785, 793, 789, - 795, 790, 796, 793, 794, 794, 797, 792, 798, 799, - 800, 796, 801, 802, 804, 803, 798, 805, 806, 807, - 795, 803, 810, 805, 808, 807, 797, 813, 804, 799, - 808, 801, 800, 802, 811, 809, 818, 812, 806, 809, - 817, 810, 812, 814, 814, 815, 811, 816, 813, 818, + 762, 769, 763, 774, 764, 764, 768, 772, 770, 772, + 766, 770, 773, 773, 776, 767, 775, 777, 778, 770, + 779, 775, 781, 780, 774, 769, 782, 784, 783, 785, + 786, 781, 783, 789, 788, 776, 786, 777, 778, 790, + 792, 787, 779, 780, 795, 784, 788, 796, 785, 782, + 787, 791, 789, 790, 792, 793, 796, 791, 794, 794, + 793, 797, 798, 799, 795, 800, 801, 803, 802, 805, + 798, 806, 804, 803, 807, 805, 808, 810, 811, 812, + 807, 797, 808, 799, 812, 801, 804, 800, 802, 809, + 811, 806, 813, 809, 814, 814, 810, 815, 811, 816, - 816, 815, 820, 819, 811, 821, 821, 822, 817, 819, - 823, 824, 824, 825, 826, 823, 827, 827, 826, 828, - 829, 830, 820, 831, 833, 822, 830, 836, 825, 834, - 837, 839, 839, 840, 841, 842, 842, 840, 845, 843, - 829, 828, 831, 834, 846, 70, 844, 836, 833, 841, - 844, 837, 838, 845, 847, 838, 848, 838, 846, 847, - 849, 838, 850, 838, 843, 849, 849, 851, 838, 852, - 848, 851, 853, 838, 854, 855, 850, 853, 856, 854, - 857, 865, 858, 864, 852, 859, 860, 853, 858, 855, - 866, 859, 860, 862, 857, 861, 861, 863, 862, 856, + 817, 818, 816, 815, 819, 820, 821, 821, 822, 825, + 819, 823, 828, 813, 818, 829, 823, 826, 817, 824, + 824, 826, 827, 827, 825, 820, 822, 830, 831, 833, + 834, 836, 830, 837, 828, 829, 839, 839, 840, 842, + 842, 841, 840, 843, 834, 844, 845, 831, 846, 844, + 852, 836, 847, 833, 837, 838, 841, 847, 838, 848, + 838, 845, 846, 850, 838, 852, 838, 854, 843, 849, + 856, 838, 857, 848, 849, 849, 838, 850, 851, 854, + 853, 855, 851, 858, 856, 853, 855, 862, 862, 865, + 859, 866, 860, 857, 851, 853, 859, 858, 860, 861, - 865, 868, 869, 863, 870, 864, 873, 869, 866, 867, - 867, 873, 871, 868, 874, 867, 875, 867, 870, 872, - 872, 876, 874, 867, 871, 877, 878, 878, 867, 867, - 875, 881, 879, 883, 884, 867, 879, 881, 882, 885, - 876, 882, 887, 886, 877, 885, 888, 884, 886, 889, - 890, 891, 883, 892, 893, 888, 895, 891, 889, 894, - 896, 887, 892, 897, 894, 898, 890, 902, 907, 899, - 900, 905, 908, 893, 896, 901, 895, 898, 899, 900, - 903, 901, 907, 897, 902, 909, 903, 905, 910, 911, - 912, 913, 908, 914, 917, 921, 913, 918, 914, 917, + 867, 863, 864, 869, 870, 861, 863, 871, 864, 870, + 866, 865, 872, 873, 873, 869, 876, 874, 867, 868, + 868, 871, 874, 875, 872, 868, 59, 868, 877, 878, + 876, 875, 880, 868, 879, 879, 880, 882, 868, 868, + 884, 883, 885, 882, 883, 868, 886, 877, 878, 887, + 888, 889, 886, 890, 887, 885, 891, 892, 893, 884, + 889, 894, 890, 892, 896, 895, 898, 893, 897, 888, + 895, 899, 891, 902, 903, 904, 900, 906, 901, 902, + 894, 904, 897, 899, 896, 900, 898, 901, 908, 909, + 911, 903, 910, 906, 912, 913, 914, 919, 915, 924, - 919, 919, 910, 920, 909, 912, 918, 911, 921, 920, - 923, 924, 928, 927, 925, 925, 924, 924, 925, 926, - 929, 930, 926, 932, 931, 933, 923, 927, 935, 932, - 934, 940, 928, 937, 930, 936, 934, 941, 929, 931, - 936, 939, 941, 935, 939, 933, 942, 937, 943, 944, - 945, 942, 940, 946, 944, 945, 948, 949, 952, 952, - 950, 951, 948, 953, 943, 946, 950, 951, 954, 956, - 956, 955, 953, 949, 955, 957, 958, 959, 960, 961, - 964, 960, 962, 963, 967, 964, 954, 969, 962, 963, - 967, 965, 961, 957, 966, 958, 965, 959, 970, 966, + 918, 914, 908, 915, 911, 918, 919, 920, 920, 909, + 913, 910, 912, 921, 922, 924, 925, 927, 928, 921, + 927, 925, 925, 929, 926, 926, 930, 922, 926, 931, + 932, 933, 928, 934, 935, 936, 937, 933, 938, 941, + 935, 937, 931, 929, 930, 932, 940, 944, 54, 940, + 936, 942, 938, 934, 943, 947, 942, 945, 949, 943, + 941, 946, 945, 944, 949, 950, 946, 947, 951, 952, + 953, 953, 955, 954, 951, 952, 956, 957, 957, 956, + 958, 950, 954, 959, 960, 961, 962, 963, 961, 964, + 955, 965, 966, 963, 970, 964, 965, 966, 958, 962, - 971, 974, 972, 973, 973, 969, 971, 972, 975, 976, - 974, 977, 978, 979, 977, 978, 980, 975, 970, 981, - 982, 985, 983, 984, 979, 986, 988, 976, 983, 984, - 986, 981, 987, 987, 980, 989, 985, 991, 990, 982, - 992, 991, 993, 994, 995, 988, 997, 998, 998, 989, - 990, 993, 1000, 1001, 1003, 1002, 1005, 1005, 992, 1003, - 1006, 1004, 994, 1021, 1021, 997, 1000, 1002, 1001, 995, - 1004, 1007, 1008, 1010, 1009, 1010, 1011, 1007, 1008, 1009, - 1006, 1011, 1012, 1013, 1014, 1015, 1016, 1017, 1018, 1014, - 1019, 64, 1022, 1023, 1017, 1024, 1012, 1013, 1025, 1026, + 967, 968, 959, 971, 960, 967, 973, 968, 972, 974, + 974, 973, 970, 975, 972, 976, 977, 978, 979, 980, + 978, 979, 975, 971, 976, 981, 982, 983, 987, 984, + 980, 985, 986, 987, 977, 984, 989, 985, 982, 988, + 988, 991, 990, 981, 992, 993, 983, 986, 992, 994, + 995, 996, 998, 991, 1001, 989, 990, 1002, 994, 999, + 999, 1003, 1004, 993, 1007, 1005, 1013, 1004, 1001, 995, + 53, 998, 1002, 1003, 1005, 1008, 996, 1006, 1006, 1009, + 1013, 1008, 1010, 1014, 1007, 1009, 1011, 1010, 1011, 1012, + 1015, 1016, 1017, 1018, 1012, 1015, 1020, 1014, 1019, 1025, - 1015, 1031, 1027, 1018, 1025, 1016, 1022, 1027, 1031, 1019, - 1024, 1023, 1029, 1029, 1032, 1030, 1027, 1034, 1027, 1026, - 1030, 1027, 1033, 1035, 1036, 1033, 1037, 1039, 1032, 1036, - 1040, 1038, 1035, 1042, 1042, 1034, 1038, 1043, 1039, 1044, - 1045, 1046, 1043, 1047, 1044, 1037, 1046, 1047, 1048, 1040, - 1049, 1050, 1051, 1053, 1054, 1052, 1056, 1048, 1055, 1057, - 1045, 1054, 1060, 1058, 1061, 1049, 1050, 1052, 1053, 1062, - 1055, 1051, 1059, 1063, 1066, 1056, 1068, 1060, 1059, 1065, - 1057, 1058, 1063, 1067, 1061, 1065, 1070, 1069, 1066, 1062, - 1072, 1067, 1069, 1073, 1071, 1074, 1068, 1078, 1070, 1071, + 1018, 1022, 1022, 1023, 1024, 1027, 1016, 1028, 1030, 1030, + 1026, 1017, 1028, 1019, 1025, 1020, 1026, 1023, 1034, 1031, + 1036, 1028, 1024, 1028, 1031, 1027, 1028, 1032, 1032, 1033, + 1035, 1037, 1034, 1035, 1038, 1039, 1033, 1040, 1043, 1036, + 1039, 1041, 1042, 1038, 1045, 1045, 1041, 1046, 1048, 1037, + 1047, 1051, 1046, 1042, 1049, 1047, 1040, 1043, 1050, 1049, + 1051, 1052, 1050, 1053, 1054, 1055, 1056, 1057, 1048, 1059, + 1058, 1060, 1061, 1062, 1057, 1069, 1052, 1055, 1053, 1062, + 1063, 1056, 1058, 1054, 1064, 1065, 1070, 1066, 1059, 1069, + 1061, 1068, 1060, 1071, 1070, 1063, 1066, 1068, 1072, 1073, - 1071, 1075, 1075, 1077, 59, 1079, 1078, 1073, 1074, 1072, - 1076, 1079, 1080, 1080, 1083, 1076, 1077, 1081, 1076, 1076, - 1083, 1082, 1081, 1076, 1086, 1086, 1084, 1085, 1087, 1076, - 1082, 1084, 1085, 1076, 1088, 1088, 1089, 1090, 1091, 1089, - 1093, 1089, 1092, 1094, 1095, 1096, 1097, 1098, 1094, 1087, - 1099, 1092, 1097, 1098, 54, 1099, 1091, 1090, 1095, 1101, - 1093, 1100, 1108, 1096, 1111, 1100, 1102, 1102, 1101, 1103, - 1103, 1104, 1103, 1101, 1106, 1101, 1107, 1101, 1106, 1101, - 1108, 1109, 1104, 1110, 1113, 1114, 1111, 1112, 1110, 1110, - 1109, 1107, 1112, 1115, 1114, 1116, 1117, 1118, 1113, 1119, + 1075, 1074, 1076, 1072, 1064, 1065, 1074, 1074, 1077, 1078, + 1078, 1073, 1080, 1071, 1081, 1084, 1076, 1085, 1082, 1075, + 1084, 1077, 1079, 1081, 1082, 1080, 1085, 1079, 1083, 1083, + 1079, 1079, 1086, 1090, 1087, 1079, 1093, 1088, 1086, 1087, + 1094, 1079, 1088, 1089, 1089, 1079, 1091, 1091, 1092, 1096, + 1095, 1092, 1097, 1092, 1090, 1099, 1093, 1097, 1094, 1095, + 1098, 1100, 1101, 1104, 1134, 1102, 1134, 1100, 1101, 1096, + 1102, 1103, 1104, 1099, 1098, 1103, 1111, 1104, 1109, 1104, + 1107, 1104, 1109, 1104, 1105, 1105, 1106, 1106, 1110, 1106, + 1112, 1107, 1113, 1114, 1111, 1115, 1116, 1113, 1113, 1112, - 1119, 1120, 1121, 1118, 1123, 1125, 1122, 1126, 1124, 1120, - 1117, 1122, 1115, 1129, 1116, 1127, 1121, 1124, 1123, 1135, - 1127, 1128, 1128, 1125, 1130, 1130, 1134, 1131, 1129, 1131, - 1133, 1134, 1126, 1133, 1136, 1137, 1137, 1138, 1135, 1139, - 1139, 1140, 1140, 1136, 1141, 1142, 1143, 1144, 1144, 1141, - 1145, 1146, 1147, 1148, 1146, 1149, 1151, 1138, 1148, 1150, - 1153, 1150, 1154, 1153, 1149, 1165, 1142, 1143, 1155, 1162, - 1145, 1156, 1147, 1155, 1151, 1157, 1156, 1154, 1165, 1158, - 1159, 1160, 1160, 1157, 1158, 1159, 1161, 1162, 1163, 1164, - 1169, 1161, 1167, 1168, 1163, 1169, 1164, 1170, 1167, 1168, + 1115, 1118, 1117, 1110, 1119, 1120, 1121, 1122, 1122, 1123, + 1116, 1117, 1121, 1124, 1126, 1114, 1125, 1123, 1128, 1120, + 1118, 1125, 1127, 1119, 1129, 1130, 1132, 1124, 1126, 1138, + 1130, 1127, 1131, 1131, 1133, 1133, 1128, 1136, 1137, 1141, + 1136, 1132, 1139, 1137, 1140, 1140, 1142, 1142, 1138, 1129, + 1144, 1139, 1143, 1143, 1145, 1144, 1146, 1147, 1147, 1141, + 1148, 1149, 1150, 1151, 1149, 1152, 1154, 1153, 1151, 1153, + 1156, 1157, 48, 1156, 1152, 1145, 1158, 1146, 1159, 1160, + 1148, 1158, 1150, 1159, 1154, 1161, 1157, 1160, 1162, 1164, + 1161, 1163, 1163, 1162, 1164, 1165, 1166, 1167, 1168, 1170, - 1171, 1172, 1173, 1170, 1174, 1174, 1175, 1177, 1178, 1171, - 1179, 1180, 1181, 1173, 1184, 1183, 1179, 1180, 1181, 1185, - 1172, 1183, 1187, 1186, 1188, 1190, 1175, 1177, 1184, 1189, - 1189, 1178, 1191, 1192, 1184, 1186, 1187, 1195, 1193, 1185, - 1194, 1194, 1188, 1193, 1196, 1190, 1198, 1199, 1200, 1196, - 1201, 1192, 1199, 1199, 1202, 1203, 1204, 1191, 1205, 1201, - 1195, 1207, 1202, 1207, 1208, 1198, 1200, 1206, 1209, 1203, - 1212, 1204, 1206, 1205, 1209, 1206, 1205, 1210, 1208, 1211, - 1213, 1210, 1214, 1215, 1216, 1218, 1217, 1220, 1215, 1212, - 1211, 1217, 1221, 1222, 1223, 1223, 1225, 1226, 1227, 1224, + 1171, 1173, 1166, 1172, 1167, 1170, 1171, 1173, 1172, 1174, + 1175, 1168, 1176, 1165, 1177, 1177, 1178, 1180, 1174, 1181, + 1182, 1183, 1184, 1176, 1186, 1187, 1182, 1183, 1184, 1175, + 1186, 1188, 1189, 1190, 1191, 1193, 1178, 1180, 1194, 1187, + 1192, 1192, 1181, 1195, 1189, 1187, 1198, 1190, 1196, 1197, + 1197, 1188, 1191, 1196, 1199, 1193, 1201, 43, 1203, 1199, + 1202, 1195, 1204, 1194, 1205, 1202, 1202, 1206, 1207, 1198, + 1208, 1204, 1205, 1211, 1209, 1201, 1203, 1217, 1210, 1209, + 1210, 1206, 1209, 1207, 1213, 1208, 1215, 1211, 1208, 1214, + 1213, 1218, 1219, 1214, 1216, 1221, 1217, 1215, 1220, 1216, - 1214, 1220, 1216, 1224, 1227, 1218, 1213, 1228, 1229, 1230, - 1221, 1222, 1233, 1231, 1225, 1232, 1226, 1234, 1235, 1228, - 1237, 1236, 1234, 1230, 1238, 1235, 1236, 1229, 1231, 1240, - 1232, 1233, 1242, 1238, 1239, 1239, 1241, 1244, 1237, 53, - 1243, 1245, 1241, 1244, 1240, 1243, 1252, 1245, 1246, 1246, - 1247, 1247, 1250, 1242, 1249, 1249, 1250, 1251, 1253, 1254, - 1255, 1256, 1256, 1257, 1252, 1258, 1251, 1255, 1260, 1261, - 1259, 1262, 1253, 1258, 1254, 1259, 1262, 1262, 1264, 1263, - 1265, 1265, 1260, 1257, 1263, 1263, 1266, 1267, 1261, 1269, - 1268, 1270, 1271, 1272, 1269, 1273, 1275, 1274, 1264, 1268, + 1216, 1222, 1223, 1220, 1225, 1226, 1222, 1227, 1228, 1228, + 1219, 1229, 1230, 1221, 1231, 1229, 1233, 1218, 1225, 1234, + 1232, 1235, 1223, 1226, 1236, 1227, 1232, 1237, 1233, 1238, + 1230, 1239, 1241, 1231, 1240, 1235, 1239, 1241, 1234, 1236, + 1242, 1240, 1237, 1243, 1244, 1244, 1245, 1246, 1238, 1247, + 1248, 1249, 1243, 1246, 1250, 1248, 1257, 1249, 1242, 1258, + 1250, 1245, 1251, 1251, 1252, 1252, 1254, 1254, 1255, 1256, + 1247, 1259, 1255, 1258, 1257, 1260, 1261, 1261, 1256, 1262, + 1263, 1265, 1260, 1266, 1264, 1267, 1259, 1268, 1263, 1264, + 1267, 1267, 1268, 1268, 1269, 1265, 1270, 1270, 1271, 1262, - 1277, 1273, 1274, 1276, 1280, 1266, 1267, 1278, 1279, 1276, - 1270, 1272, 1271, 1278, 1279, 1281, 1282, 1283, 1284, 1277, - 1285, 1289, 1275, 1280, 1286, 1287, 1287, 1288, 1290, 1290, - 1288, 1294, 1284, 1289, 1281, 1282, 1283, 1291, 1291, 1286, - 1292, 1285, 1293, 1295, 1294, 1292, 1293, 1296, 1297, 1300, - 1297, 1299, 1295, 1301, 1297, 1302, 1299, 1303, 1303, 1305, - 1296, 1304, 1306, 1307, 1300, 1305, 1304, 1297, 1309, 1308, - 1311, 1302, 1309, 1301, 1308, 1310, 1307, 1306, 1312, 1310, - 1313, 1314, 1315, 1315, 1317, 1319, 1320, 1314, 1321, 1321, - 1311, 1320, 1322, 1323, 1325, 1325, 1312, 1333, 1322, 1329, + 1272, 1273, 1266, 1274, 1275, 1276, 1277, 1278, 1274, 1280, + 1273, 1279, 1281, 1278, 1269, 1282, 1279, 1271, 1281, 1272, + 1283, 1284, 1285, 1275, 1277, 1276, 1283, 1284, 1286, 1287, + 1288, 1289, 1290, 14, 1282, 1280, 1291, 1292, 1292, 1293, + 1294, 1285, 1293, 1295, 1295, 1289, 1298, 1286, 1287, 1288, + 1298, 1291, 1294, 1290, 1296, 1296, 1297, 1299, 1300, 1301, + 1302, 1297, 1302, 1304, 1306, 1305, 1302, 1300, 1304, 1307, + 1299, 1309, 1301, 1308, 1308, 1310, 1309, 1311, 1312, 1302, + 1305, 1310, 1313, 1316, 1306, 1307, 1314, 1313, 1317, 1315, + 1314, 1312, 1311, 1315, 1318, 1319, 1320, 1320, 1322, 1324, - 1313, 1327, 1317, 1330, 1327, 1334, 1319, 1328, 1328, 1332, - 1335, 1335, 1332, 1323, 1334, 1329, 1336, 1333, 1337, 1330, - 1339, 1338, 1340, 1341, 1341, 1339, 1342, 1343, 1344, 1345, - 1345, 1336, 1346, 1347, 1349, 1352, 1340, 1351, 1348, 1337, - 1338, 1351, 1343, 1348, 1342, 1354, 1346, 1350, 1350, 1349, - 1355, 1347, 1357, 1344, 1356, 1352, 1353, 1353, 1356, 1358, - 1361, 1355, 1360, 1360, 1358, 1362, 1363, 1354, 1364, 1365, - 1367, 1357, 1366, 1366, 1370, 1367, 1368, 1369, 1361, 1362, - 1372, 1376, 1364, 1370, 1371, 1363, 1363, 1374, 1373, 1371, - 1373, 1379, 1374, 1375, 1365, 1381, 1368, 1369, 1377, 1375, + 1325, 1319, 1328, 1316, 1327, 1325, 1317, 1326, 1326, 1334, + 1327, 1330, 1330, 1335, 1318, 1332, 1322, 1338, 1332, 1339, + 1324, 1341, 1328, 1333, 1333, 1334, 1342, 1337, 1339, 1335, + 1337, 1340, 1340, 1343, 1344, 1345, 1341, 1338, 1347, 1344, + 1346, 1346, 1348, 1349, 1350, 1350, 1351, 1342, 1352, 1345, + 1353, 1357, 1343, 1359, 1354, 1353, 1347, 1348, 1355, 1355, + 1351, 1356, 1358, 1358, 1362, 1356, 1352, 1360, 1349, 1354, + 1361, 1357, 1363, 1366, 1361, 1359, 1367, 1363, 1360, 1365, + 1365, 1368, 1369, 1362, 1370, 1371, 1371, 1372, 1373, 1375, + 1367, 1366, 1372, 1374, 1376, 1377, 1369, 1380, 1375, 1376, - 1372, 1376, 1380, 1380, 1377, 1379, 1382, 1385, 1384, 1386, - 1386, 1388, 1382, 1384, 1381, 1387, 1387, 1389, 1390, 1391, - 1392, 1392, 1391, 1394, 1393, 1388, 1395, 1400, 1396, 1395, - 1398, 1385, 1395, 1390, 1396, 1389, 1393, 1397, 1401, 1398, - 1399, 1401, 1397, 1394, 1395, 1399, 1403, 1402, 1404, 1404, - 1406, 1403, 1400, 1402, 1405, 1405, 1406, 1407, 1408, 1409, - 1410, 1411, 1407, 1412, 1413, 1417, 1412, 1414, 1421, 1415, - 1413, 1408, 1416, 1414, 1415, 1418, 1422, 1409, 1416, 1410, - 1418, 1411, 1419, 1419, 1420, 1423, 1421, 1424, 1417, 1420, - 1425, 1426, 1428, 1427, 1429, 1430, 1422, 1431, 1428, 1432, + 1368, 1368, 1378, 1380, 1378, 1379, 1381, 1384, 1373, 1370, + 1379, 1382, 1386, 1374, 1387, 1377, 1390, 1382, 1385, 1385, + 1387, 1384, 1389, 1391, 1391, 1393, 1381, 1389, 1392, 1392, + 1394, 1386, 1395, 1396, 1397, 1397, 1396, 1398, 1399, 1393, + 1390, 1402, 1407, 1411, 1411, 1401, 1402, 1395, 1394, 1398, + 1400, 1401, 1403, 1400, 1405, 1403, 1400, 1406, 1399, 1409, + 1413, 1408, 1406, 1405, 1408, 1409, 1413, 1407, 1400, 1410, + 1414, 1403, 1412, 1412, 1410, 1414, 1415, 1416, 1417, 1418, + 1419, 1420, 1421, 1419, 1424, 1422, 1423, 1420, 1421, 1415, + 1422, 1425, 1423, 1426, 1426, 1416, 1425, 1417, 1427, 1418, - 1440, 1424, 1435, 1426, 1425, 1423, 1427, 1434, 1434, 1437, - 1437, 1431, 1436, 1438, 1429, 1430, 1439, 1436, 1441, 1443, - 1432, 1446, 1435, 1442, 1440, 1448, 1444, 1450, 1438, 1445, - 1439, 1455, 1442, 1444, 1443, 48, 1441, 1446, 1445, 1451, - 1448, 1445, 1451, 1452, 1452, 1448, 1453, 1453, 1454, 1455, - 1456, 1458, 1450, 1456, 1457, 1457, 1459, 1460, 1461, 1462, - 1454, 1463, 1460, 1461, 1458, 1464, 1465, 1466, 1469, 1469, - 1470, 1467, 1474, 1471, 1464, 1459, 1466, 1463, 1462, 1466, - 1467, 1468, 1472, 1473, 1475, 1465, 1471, 1468, 1474, 1478, - 1470, 1479, 1480, 1480, 1481, 1482, 1475, 1473, 1483, 1485, + 1428, 1429, 1430, 1427, 1433, 1431, 1432, 1424, 1435, 1436, + 1434, 1437, 1438, 1439, 1435, 1442, 1433, 1447, 1428, 1431, + 1432, 1429, 1430, 1434, 1441, 1441, 1438, 1443, 1445, 1436, + 1446, 1437, 1443, 1448, 1439, 1442, 1444, 1444, 1449, 1450, + 1453, 1447, 1451, 1445, 1446, 1455, 1452, 1449, 1457, 1451, + 1458, 1448, 1462, 1458, 1450, 1452, 1453, 1461, 1452, 1465, + 1455, 1459, 1459, 1460, 1460, 1455, 1464, 1464, 1463, 1461, + 1462, 1463, 1465, 1457, 1466, 1467, 1468, 1469, 1470, 1471, + 1467, 1468, 1472, 1473, 1475, 1476, 1476, 1477, 1471, 1474, + 1475, 1478, 1473, 1466, 1470, 1473, 1469, 1479, 1474, 1480, - 1472, 1484, 1484, 1483, 1482, 1486, 1487, 1488, 1485, 1479, - 1481, 1485, 1489, 1492, 1478, 1491, 1484, 1489, 1489, 1493, - 1496, 1494, 43, 1486, 1495, 1488, 1494, 1487, 1492, 1491, - 1495, 1497, 1497, 1498, 1503, 1499, 1500, 1501, 1496, 1498, - 1499, 1493, 1500, 1501, 1504, 1505, 1506, 1507, 1512, 1508, - 1507, 1505, 1510, 1513, 1503, 1508, 1507, 1514, 1504, 1506, - 1510, 1515, 1516, 1517, 1518, 1514, 1519, 1512, 1520, 1520, - 1515, 1521, 1513, 1522, 1523, 1516, 1517, 1521, 1518, 1522, - 1519, 1524, 1525, 1526, 1527, 1528, 1529, 1523, 1530, 1531, - 1520, 1528, 1533, 1533, 1534, 1535, 1540, 1527, 1536, 1535, + 1481, 1472, 1482, 1485, 1478, 1486, 1488, 1477, 1487, 1487, + 1489, 1493, 1490, 1480, 1482, 1479, 1481, 1490, 1492, 1489, + 1491, 1491, 1488, 1486, 1494, 1495, 1496, 1492, 1485, 1493, + 1492, 1496, 1496, 1498, 1499, 1491, 1500, 1501, 1502, 1503, + 1504, 1504, 1501, 1495, 1502, 1494, 1505, 1498, 1506, 1499, + 1507, 1510, 1505, 1506, 1508, 1511, 1507, 1503, 1500, 1512, + 1508, 1513, 1515, 1514, 1519, 1512, 1514, 1517, 1515, 1511, + 1520, 1510, 1514, 1521, 1513, 1517, 1522, 1523, 1524, 1525, + 1526, 1521, 1528, 1519, 1530, 1522, 1527, 1527, 1528, 1520, + 1523, 1524, 1529, 1525, 1526, 1531, 1532, 1530, 1529, 1533, - 1525, 1524, 1526, 1536, 1530, 1537, 1538, 1531, 1529, 1539, - 1537, 1538, 1542, 1544, 1534, 1543, 1543, 1545, 1539, 1540, - 1546, 1547, 1547, 1548, 1549, 1552, 1550, 1542, 1551, 1545, - 1553, 1549, 1544, 1555, 1556, 1554, 1557, 1548, 1550, 1546, - 1551, 1554, 1557, 14, 1552, 1555, 1558, 1558, 1559, 1563, - 1553, 1559, 1556, 1560, 1560, 1562, 1564, 1566, 1563, 1567, - 1562, 1567, 1564, 1565, 1565, 1568, 1569, 1570, 1568, 1566, - 1571, 1573, 1572, 1574, 1577, 1575, 1573, 1576, 1579, 1577, - 1580, 1583, 1574, 1585, 1578, 1582, 1569, 1575, 1571, 1570, - 1572, 1582, 1576, 1578, 1584, 1580, 1581, 1581, 1579, 1585, + 1534, 1535, 1536, 1537, 1538, 1540, 1540, 1535, 1527, 1541, + 1547, 13, 1542, 1534, 1532, 1531, 1542, 1549, 1533, 1537, + 1543, 1544, 1538, 1545, 1536, 1543, 1544, 1546, 1545, 1541, + 1550, 1550, 1549, 1547, 1551, 1552, 1546, 1553, 1554, 1554, + 1555, 1556, 1559, 1557, 1560, 1558, 1561, 1552, 1556, 1563, + 1562, 1654, 1561, 1551, 1555, 1557, 1553, 1558, 1654, 1564, + 1566, 1559, 1562, 1566, 1560, 1564, 1570, 1563, 1565, 1565, + 1567, 1567, 1569, 1571, 1573, 1570, 1574, 1569, 1574, 1571, + 1572, 1572, 1575, 1576, 1577, 1575, 1573, 1578, 1580, 1579, + 1581, 1584, 1582, 1580, 1583, 1586, 1584, 1588, 1592, 1581, - 1586, 1587, 1583, 1587, 1592, 1588, 1578, 1589, 1589, 1590, - 1590, 1591, 1591, 1584, 1593, 1593, 1594, 1594, 1595, 1588, - 1586, 1588, 1596, 1598, 1592, 1597, 1597, 1598, 1599, 1600, - 1602, 1603, 1600, 1605, 1599, 1604, 1602, 1606, 1610, 1595, - 1606, 1604, 1609, 1596, 1607, 1607, 1608, 1608, 1609, 1603, - 1610, 1610, 1610, 1611, 1612, 1613, 1614, 1610, 1605, 1616, - 1618, 1613, 1618, 1617, 1616, 1616, 1620, 1619, 1623, 1621, - 1622, 1624, 1626, 1611, 1612, 1621, 1614, 1617, 1619, 1622, - 1628, 1620, 1625, 1625, 1627, 1627, 1629, 1632, 1623, 1630, - 1630, 1636, 1624, 1631, 1631, 1635, 1635, 1637, 1626, 1640, + 0, 1585, 1588, 1576, 1582, 1578, 1577, 1579, 1587, 1583, + 1585, 1589, 1591, 1587, 1593, 1586, 1590, 1590, 1591, 1592, + 1587, 1594, 1595, 1585, 1597, 1596, 1589, 1596, 1598, 1598, + 1599, 1599, 1601, 1593, 1600, 1600, 1604, 1594, 1597, 1605, + 1597, 1612, 1595, 1602, 1602, 1603, 1603, 1606, 1606, 1607, + 1608, 1609, 1601, 1607, 1609, 1611, 1608, 1604, 1613, 1612, + 1605, 1611, 1614, 1615, 1613, 1618, 1615, 1616, 1616, 1617, + 1617, 1618, 1619, 1620, 1621, 1622, 1623, 1625, 1626, 1632, + 1629, 1622, 1625, 1625, 1619, 1619, 1619, 1614, 1627, 1628, + 1627, 1619, 1626, 1620, 1621, 1629, 1623, 1630, 1631, 1632, - 1628, 1639, 1643, 1641, 1642, 1642, 1637, 1632, 1629, 1641, - 1639, 1644, 1645, 1646, 1647, 1649, 1636, 1648, 1648, 1645, - 1640, 1650, 1646, 1643, 1652, 1653, 1644, 1654, 1655, 1652, - 1656, 1653, 1657, 1658, 1658, 1655, 1656, 1650, 1657, 1659, - 1647, 1649, 1660, 1661, 1659, 1662, 1663, 1654, 1665, 1664, - 1666, 1660, 1664, 1667, 1667, 1668, 1670, 1669, 1663, 1673, - 1674, 1668, 1675, 1661, 1662, 1671, 1665, 1675, 1677, 1671, - 1688, 1670, 1676, 1676, 1678, 1680, 1666, 1669, 13, 1673, - 1681, 1683, 1674, 1690, 1681, 1671, 1682, 1677, 1686, 1678, - 1683, 1688, 1682, 1685, 1680, 1684, 1684, 1685, 1689, 1686, + 1628, 1633, 1635, 1630, 1634, 1634, 1637, 1631, 1636, 1636, + 1638, 1639, 1639, 1640, 1640, 1641, 1644, 1644, 1645, 1649, + 1646, 1648, 1633, 1651, 1651, 1650, 1637, 1652, 1635, 1646, + 1648, 1650, 1638, 1655, 1653, 1641, 1656, 1657, 1657, 1658, + 1649, 1659, 1655, 1645, 1663, 1661, 1662, 1664, 1652, 1653, + 1661, 1668, 1662, 1665, 1664, 1666, 1668, 1659, 1670, 1665, + 1669, 1666, 1656, 1671, 1663, 1658, 1667, 1667, 1672, 1669, + 1673, 1674, 1675, 1673, 1676, 1676, 1678, 1677, 1670, 1679, + 1672, 1680, 1671, 1677, 1682, 1680, 1683, 1684, 1686, 1674, + 1685, 1685, 1684, 1689, 1679, 1687, 1678, 1697, 1675, 1690, - 1687, 1687, 1690, 1691, 1686, 1692, 1693, 1694, 1691, 1695, - 1696, 1701, 1689, 1694, 1703, 1696, 1697, 1697, 1698, 1698, - 1701, 1702, 1709, 1699, 1695, 1692, 1693, 1699, 1704, 1704, - 1705, 1705, 1702, 1706, 1703, 1707, 1708, 1702, 1706, 1706, - 1710, 1707, 1708, 1711, 1712, 1710, 1714, 1715, 1709, 1716, - 1712, 1715, 1717, 1718, 1719, 1711, 1720, 1721, 1714, 1718, - 1723, 1716, 1720, 1724, 1727, 1725, 1731, 1727, 1740, 1721, - 1725, 1740, 1723, 1728, 1728, 0, 1719, 1717, 1729, 1729, - 1730, 1730, 1724, 1732, 1733, 1735, 1731, 1734, 1736, 1732, - 1733, 1735, 1734, 1738, 1741, 1742, 1742, 1736, 1738, 1744, + 1691, 1680, 1692, 1690, 1682, 1694, 1691, 1686, 1683, 1694, + 1687, 1692, 1689, 1693, 1693, 1695, 1696, 1696, 1697, 1698, + 1699, 1701, 1700, 1702, 1703, 1704, 1695, 1700, 1708, 1705, + 1703, 1695, 1708, 1698, 1705, 1706, 1706, 1707, 1707, 1699, + 1704, 1701, 1710, 1702, 1711, 1712, 1713, 1713, 1714, 1714, + 1716, 1710, 1715, 1717, 1718, 1711, 1716, 1715, 1715, 1717, + 1711, 1719, 1720, 1721, 1723, 1712, 1719, 1724, 1726, 1721, + 1725, 1724, 1727, 1728, 1720, 1729, 1723, 1730, 1727, 1732, + 1718, 1729, 1725, 1733, 1736, 1734, 1740, 1736, 1741, 1730, + 1734, 1732, 1750, 1726, 1741, 1728, 1737, 1737, 1738, 1738, - 1745, 1748, 1746, 1747, 1747, 1752, 1741, 1746, 1749, 1750, - 1748, 1744, 1745, 1749, 1750, 1751, 1751, 1753, 1754, 1755, - 1756, 1759, 1757, 1758, 1756, 1752, 1753, 1757, 1762, 1758, - 1761, 1761, 1763, 1764, 1764, 1759, 1754, 1766, 1755, 1765, - 1767, 1763, 1761, 1769, 1774, 1768, 1762, 1774, 1765, 1766, - 1768, 1772, 1772, 1775, 1776, 0, 1769, 1778, 1780, 1779, - 1781, 1767, 1782, 1782, 1780, 1783, 1788, 1783, 1785, 1775, - 1776, 1787, 1778, 1779, 1784, 1784, 1785, 1781, 1787, 1789, - 1789, 1790, 1791, 1792, 1793, 1794, 1788, 1795, 1797, 1796, - 1790, 1799, 1802, 1800, 1797, 1792, 1793, 1794, 1801, 1801, + 1739, 1739, 1733, 1742, 1750, 1743, 1740, 1744, 1745, 1742, + 1743, 1747, 1749, 1744, 1753, 1749, 1747, 1745, 1751, 1751, + 1754, 1757, 1755, 1756, 1756, 1761, 1753, 1755, 1758, 1759, + 1757, 1762, 1754, 1758, 1759, 1760, 1760, 1763, 1764, 1765, + 1762, 1766, 1767, 1765, 1768, 1761, 1766, 1769, 1767, 1770, + 1771, 1773, 1773, 1774, 1778, 1763, 1769, 1764, 1779, 1775, + 1776, 1776, 1768, 1773, 1771, 1777, 1778, 1770, 1775, 1781, + 1780, 1774, 1784, 1784, 1777, 1780, 1787, 1786, 1788, 1779, + 1786, 1790, 1781, 1791, 1792, 1793, 1794, 1794, 1799, 1795, + 1792, 1795, 1787, 1797, 1788, 1799, 1790, 1791, 1796, 1796, - 1803, 1806, 0, 1791, 1796, 1800, 1804, 1797, 1810, 1804, - 1802, 1799, 1805, 1795, 1808, 1814, 1809, 1805, 1809, 1808, - 1803, 1806, 1811, 1812, 1814, 1816, 1810, 1811, 1817, 1818, - 1812, 1819, 1820, 1819, 1822, 1823, 1822, 1817, 1824, 1824, - 1825, 1818, 1826, 1816, 1827, 1828, 1827, 1826, 1829, 1823, - 1828, 1820, 1830, 1829, 1831, 1832, 1834, 1833, 1837, 1835, - 1903, 1832, 1833, 1842, 1838, 1841, 1825, 1835, 1903, 1834, - 1830, 1839, 1839, 1843, 1831, 1840, 1840, 1837, 1838, 1843, - 1841, 1844, 1845, 1842, 1845, 1846, 1844, 1847, 1847, 1851, - 1848, 1849, 1849, 1846, 1850, 1850, 1853, 1855, 1851, 1852, + 1800, 1797, 1793, 1801, 1801, 1802, 1803, 1804, 1807, 1805, + 1806, 1808, 1809, 1811, 1802, 0, 1812, 1814, 1809, 1804, + 1800, 1805, 1806, 1813, 1813, 1815, 1808, 1803, 1812, 1816, + 1818, 1809, 1816, 1811, 1807, 1814, 1817, 1820, 1821, 1822, + 1821, 1817, 1820, 1823, 1824, 1815, 1826, 1828, 1823, 1829, + 1818, 1824, 1830, 1832, 1831, 1826, 1831, 1822, 1829, 1834, + 1835, 1834, 1836, 1836, 1830, 1828, 1837, 1839, 1838, 1839, + 1840, 1841, 1832, 1838, 1835, 1840, 1841, 1842, 1843, 1844, + 1846, 1845, 1847, 1849, 1853, 1844, 1845, 1850, 1851, 1851, + 1847, 1854, 1837, 1846, 1855, 1842, 1852, 1852, 1843, 1853, - 1857, 1846, 1848, 1856, 1852, 1856, 1855, 1858, 1859, 1855, - 1860, 1862, 1858, 1858, 1853, 1863, 1866, 1859, 1867, 1864, - 1863, 1857, 1860, 1862, 1864, 1868, 1869, 1869, 1870, 1866, - 1871, 1872, 1876, 1877, 1868, 1873, 1874, 1878, 1867, 1890, - 1887, 1892, 1892, 1881, 1876, 1877, 1870, 1872, 1871, 1873, - 1879, 1874, 1881, 1880, 1884, 1879, 1886, 1878, 1880, 1888, - 1884, 1889, 1886, 1887, 1890, 1895, 1891, 1893, 1894, 1894, - 0, 1904, 1898, 1884, 1888, 1891, 1893, 1896, 1897, 1889, - 1900, 1896, 1899, 1897, 1895, 1898, 1900, 1899, 1899, 1901, - 1902, 1904, 1909, 1902, 1912, 1901, 1907, 1907, 1908, 1908, + 1855, 1850, 1849, 1856, 1857, 1858, 1857, 1860, 1856, 1859, + 1859, 1854, 1865, 1858, 1861, 1861, 1862, 1862, 1863, 1860, + 1864, 1858, 1867, 1869, 1868, 1864, 1868, 1863, 1872, 1874, + 1865, 1867, 1870, 1871, 1867, 1879, 1878, 1870, 1870, 1882, + 1872, 1874, 1871, 1875, 1869, 1876, 1883, 1880, 1875, 1878, + 1876, 1881, 1881, 1884, 1885, 1879, 1880, 1882, 1886, 1888, + 1889, 1890, 1891, 1899, 1883, 1892, 1893, 1891, 1885, 1884, + 1892, 1888, 1889, 1886, 1896, 1893, 1898, 1900, 1901, 1902, + 1896, 1890, 1898, 1904, 1904, 1903, 1899, 1907, 1905, 1906, + 1906, 1908, 1900, 1896, 1903, 1908, 1901, 1905, 1909, 1910, - 1913, 1909, 1910, 1910, 1911, 1911, 1912, 1915, 1914, 1916, - 1916, 1922, 1915, 1908, 1914, 1917, 1917, 1918, 1913, 1919, - 1925, 1927, 1918, 1921, 1908, 1919, 1923, 1921, 1926, 1929, - 1923, 1922, 1928, 1926, 1929, 1930, 1931, 1932, 1932, 1933, - 1934, 1935, 1936, 1933, 1927, 1925, 1935, 1928, 1937, 1939, - 1938, 1940, 1931, 1930, 1939, 1934, 1941, 1942, 1942, 1944, - 1937, 1945, 1946, 1947, 1940, 1948, 1949, 1944, 1936, 1938, - 1950, 1951, 1952, 1954, 1941, 1955, 1955, 1957, 1958, 1956, - 1945, 1946, 1956, 1951, 1959, 1949, 1947, 1963, 1954, 1948, - 1957, 1950, 1958, 1952, 1960, 1960, 1964, 1959, 1961, 1961, + 1916, 0, 1911, 1909, 1902, 1912, 1907, 1911, 1911, 1913, + 1914, 1912, 1910, 1914, 1915, 1913, 1919, 1919, 1920, 1920, + 1916, 1921, 1915, 1922, 1922, 1923, 1923, 1924, 1925, 1926, + 1921, 1927, 1937, 1920, 1934, 1926, 1927, 1928, 1928, 1924, + 1929, 1929, 1930, 1931, 1920, 1938, 1925, 1930, 1933, 1931, + 1938, 1935, 1933, 1939, 1934, 1935, 1940, 1937, 1941, 1942, + 1944, 1945, 1943, 1941, 1946, 1948, 1945, 1947, 1947, 1948, + 1949, 1940, 1951, 1953, 1950, 1952, 1939, 1942, 1943, 1950, + 1944, 1955, 1956, 1954, 1960, 1949, 1946, 1952, 1954, 1957, + 1957, 1959, 1953, 1961, 1955, 1962, 1963, 1964, 1951, 1959, - 1962, 1962, 1963, 1965, 1965, 1966, 1967, 1967, 1968, 1964, - 1970, 1971, 1972, 1968, 1966, 1970, 1973, 1966, 1974, 1974, - 1975, 1975, 1976, 1977, 1977, 1978, 1979, 1979, 1973, 1980, - 1981, 1971, 1972, 1982, 1982, 1981, 1983, 1983, 1984, 1985, - 1986, 1976, 1987, 1978, 1980, 1989, 1990, 1990, 1985, 1991, - 1989, 1993, 1984, 1994, 1986, 1992, 1992, 1995, 1998, 1994, - 1995, 1987, 1996, 1996, 1997, 1997, 1999, 2000, 1991, 1993, - 2001, 2001, 2003, 2004, 2005, 2006, 2008, 1998, 1996, 2006, - 2015, 1999, 2007, 2007, 2009, 2010, 2000, 2012, 2012, 2005, - 2013, 2014, 2003, 2016, 2015, 2008, 2004, 2017, 2014, 2009, + 1956, 1965, 1966, 1960, 1967, 1973, 1969, 1970, 1970, 2134, + 1971, 1972, 1961, 1971, 1966, 1974, 1964, 2134, 1962, 1973, + 1963, 1969, 1965, 1978, 1972, 1967, 1975, 1975, 1974, 1976, + 1976, 1977, 1977, 1979, 1980, 1980, 1981, 1983, 1978, 1982, + 1982, 1986, 1983, 1987, 1985, 1981, 1979, 1988, 1981, 1985, + 1989, 1989, 1990, 1990, 1991, 1992, 1992, 1993, 1999, 1988, + 2002, 1986, 1995, 1987, 1994, 1994, 1996, 1997, 1997, 1998, + 1998, 1996, 1999, 1991, 2000, 1993, 2001, 1995, 2006, 2002, + 2004, 2005, 2005, 2000, 2008, 2004, 2007, 2007, 2009, 2010, + 2001, 2013, 2010, 2014, 2009, 2011, 2011, 2006, 2012, 2012, - 2010, 2018, 2019, 2019, 2020, 2021, 2022, 2021, 2024, 2022, - 2013, 2016, 2025, 2020, 2026, 2017, 2027, 2025, 2028, 2026, - 2024, 2029, 2031, 2030, 2022, 2033, 2022, 2018, 2030, 2034, - 2033, 2028, 2035, 2036, 2034, 2037, 2041, 2038, 2042, 2036, - 2039, 2027, 2029, 2038, 2040, 2039, 2044, 2035, 2031, 2040, - 2043, 2042, 2053, 2043, 2045, 2044, 2037, 2046, 2047, 2048, - 0, 2041, 2049, 2045, 2050, 2051, 2046, 2047, 2049, 2051, - 2050, 2055, 2053, 2048, 2056, 2056, 2057, 2058, 2058, 2059, - 2055, 2061, 2057, 2064, 2062, 2065, 2058, 2063, 2063, 2068, - 2067, 2069, 2070, 2072, 2065, 2074, 2072, 2061, 2064, 2059, + 2015, 2018, 2008, 2016, 2016, 2019, 2023, 2020, 2014, 2021, + 2013, 2011, 2024, 2021, 2022, 2022, 2025, 2027, 2027, 2015, + 2028, 2018, 2020, 2029, 2030, 2023, 2031, 2024, 2019, 2032, + 2029, 2025, 2033, 2034, 2034, 2036, 2035, 2036, 2030, 2037, + 2028, 2039, 2037, 2040, 2031, 2035, 2041, 2032, 2040, 2042, + 2043, 2041, 2044, 2039, 2046, 2045, 2048, 2037, 2033, 2037, + 2045, 2048, 2049, 2043, 2050, 2051, 2052, 2049, 2056, 2053, + 2057, 2051, 2054, 2044, 2042, 2053, 2055, 2054, 2063, 2050, + 2046, 2055, 2058, 2057, 2068, 2058, 2059, 2052, 2060, 2061, + 2062, 2074, 2063, 2056, 2064, 2059, 2065, 2060, 2061, 2062, - 2062, 2059, 2067, 2073, 2070, 2068, 2069, 2075, 2073, 2076, - 2076, 2077, 2077, 2079, 2079, 2074, 2081, 2080, 2082, 2075, - 2080, 2081, 2083, 2085, 2082, 2084, 2084, 2087, 2083, 2086, - 2086, 2088, 2089, 2090, 2090, 2093, 2092, 2085, 2093, 2087, - 2092, 2094, 2094, 2095, 2096, 2088, 2097, 2100, 2095, 2103, - 2098, 2089, 2102, 2096, 2098, 2099, 2099, 2102, 2104, 2105, - 2100, 2106, 2107, 2108, 2109, 2106, 2097, 2111, 2108, 2103, - 2109, 2110, 2113, 2105, 2114, 2115, 2116, 2110, 2104, 2114, - 2120, 2115, 2107, 2122, 2116, 2111, 2122, 2117, 2113, 2117, - 2121, 2121, 2123, 2126, 2120, 2124, 2124, 2126, 2127, 2128, + 2064, 2066, 2065, 2070, 2068, 2066, 2071, 2071, 2072, 2073, + 2073, 2074, 2070, 2074, 2072, 2076, 2077, 2080, 2073, 2078, + 2078, 2079, 2082, 2083, 2087, 2084, 2080, 2087, 2088, 2085, + 2089, 2076, 2077, 2088, 2082, 2090, 2079, 2091, 2091, 2083, + 2084, 2085, 2092, 2092, 2094, 2094, 2095, 2090, 2096, 2095, + 2089, 2097, 2098, 2096, 2099, 2099, 2100, 2097, 2098, 2101, + 2101, 2102, 2103, 2104, 2105, 2105, 2106, 2107, 0, 2108, + 2100, 2110, 2106, 2102, 2108, 2110, 2103, 2111, 2112, 2112, + 2111, 2107, 2104, 2113, 2114, 2115, 2116, 2118, 2113, 2120, + 2116, 2117, 2117, 2114, 2120, 2121, 2122, 2123, 2124, 2125, - 2129, 2129, 2135, 2130, 2127, 2133, 2133, 2137, 2138, 2141, - 2142, 2128, 2130, 2149, 2141, 2145, 2145, 2143, 2123, 2149, - 2135, 2137, 2143, 2144, 2138, 2147, 2147, 2151, 2144, 2150, - 2150, 2152, 2153, 2155, 2156, 2159, 2142, 2153, 2157, 2157, - 2161, 2160, 2162, 2151, 2159, 2165, 2156, 2160, 2164, 2164, - 2166, 2170, 2155, 2152, 2168, 2168, 2170, 2162, 2161, 2169, - 2169, 2171, 2172, 2175, 2165, 2173, 2176, 2174, 2166, 2174, - 2173, 2172, 2177, 2178, 2179, 2186, 2180, 2175, 2178, 2171, - 2176, 2180, 2181, 2181, 2177, 2182, 2182, 2183, 2183, 2184, - 2184, 2185, 2187, 2186, 2179, 2188, 2188, 2187, 2189, 2189, + 2118, 2126, 2124, 2127, 2128, 2115, 2126, 2129, 2131, 2127, + 2128, 2123, 2132, 2138, 2133, 2121, 2122, 2132, 2141, 2125, + 2133, 2135, 2144, 2135, 2131, 2129, 2144, 2138, 2139, 2139, + 2140, 2142, 2142, 2140, 2145, 2146, 2147, 2147, 2153, 2148, + 2145, 2151, 2151, 2155, 2141, 2156, 2159, 2146, 2148, 2160, + 2161, 2159, 2169, 2162, 2170, 2161, 2153, 2155, 2162, 2163, + 2163, 2156, 2165, 2165, 2167, 2168, 2168, 2171, 2169, 2173, + 2167, 2174, 2171, 2175, 2175, 2160, 2170, 2177, 2178, 2179, + 2180, 2182, 2182, 2174, 2178, 2183, 2177, 2184, 2173, 2186, + 2186, 2187, 2187, 2188, 2189, 2180, 2191, 2179, 2188, 2190, - 2190, 2191, 2192, 2185, 2193, 2194, 2194, 2195, 2196, 2196, - 2197, 2197, 2190, 2191, 2198, 2199, 2200, 2201, 2202, 2203, - 2193, 2204, 2192, 2200, 2203, 2198, 2195, 2199, 2205, 2201, - 2206, 2206, 2208, 2207, 2209, 2211, 2210, 2212, 2202, 2213, - 2213, 2204, 2207, 2214, 2218, 2215, 2216, 2219, 2205, 2210, - 2220, 2212, 2214, 2221, 2209, 0, 2221, 2222, 2208, 2211, - 2215, 2216, 2218, 2223, 2232, 2224, 2225, 2225, 2223, 2219, - 2224, 2222, 2233, 2220, 2226, 2226, 2227, 2227, 2229, 2229, - 2231, 2231, 2232, 2233, 2234, 2236, 2237, 2238, 2239, 2240, - 2241, 2243, 2243, 2242, 2245, 2245, 2246, 2247, 2240, 2248, + 2192, 2191, 2192, 2193, 2183, 2184, 2194, 2195, 2190, 2196, + 2197, 2198, 2189, 2204, 2196, 2239, 2198, 2193, 2239, 2195, + 2194, 2199, 2199, 2200, 2200, 2201, 2201, 2202, 2202, 2203, + 2197, 2204, 2205, 2206, 2206, 2207, 2207, 2205, 2208, 2209, + 2210, 2203, 2211, 2212, 2212, 2213, 2214, 2214, 2215, 2215, + 2208, 2209, 2216, 2217, 2218, 2219, 2220, 2221, 2211, 2222, + 2210, 2218, 2221, 2216, 2213, 2217, 2223, 2219, 2224, 2224, + 2226, 2225, 2227, 2229, 2228, 2230, 2220, 2231, 2231, 2222, + 2225, 2232, 2236, 2233, 2234, 2237, 2223, 2228, 2238, 2230, + 2232, 2240, 2227, 2243, 2243, 0, 2226, 2229, 2233, 2234, - 2248, 2251, 2251, 2234, 2237, 2236, 2247, 2250, 2239, 2238, - 2241, 2242, 2252, 2253, 2254, 2256, 2250, 2255, 2246, 2257, - 2258, 2254, 2259, 2260, 2260, 2261, 2261, 2263, 2262, 2264, - 2252, 2253, 2255, 2256, 2262, 2265, 2258, 2257, 2266, 2267, - 2268, 2259, 2269, 2266, 2264, 2263, 2270, 2269, 2270, 2271, - 2271, 2272, 2275, 2272, 2265, 2273, 2273, 2277, 2278, 2267, - 2268, 2279, 2280, 2281, 2282, 2286, 2277, 2283, 2281, 2287, - 2290, 2275, 2287, 2279, 2288, 2288, 2289, 2278, 2291, 2291, - 2294, 2297, 2280, 2292, 2282, 2286, 2283, 2292, 2290, 2295, - 2299, 2289, 2300, 2295, 2297, 2294, 2296, 2296, 2301, 2301, + 2236, 2241, 2250, 2242, 2252, 2240, 2241, 2237, 2242, 2244, + 2244, 2238, 2245, 2245, 2247, 2247, 2249, 2249, 2251, 2254, + 2250, 2256, 2255, 2252, 2257, 2258, 2259, 2261, 2260, 2251, + 2260, 2262, 2263, 2267, 2258, 2264, 2264, 2266, 2266, 2254, + 2255, 2273, 2268, 2256, 2257, 2271, 2259, 2261, 2274, 2262, + 2263, 2268, 2269, 2269, 2271, 2267, 2272, 2272, 2275, 2273, + 2276, 2277, 2278, 2280, 2288, 2275, 2274, 2279, 2281, 2281, + 2282, 2282, 2283, 2284, 2285, 2276, 2286, 2289, 2283, 2277, + 2278, 2287, 2280, 2279, 2288, 2290, 2287, 2292, 2292, 2285, + 2290, 2284, 2291, 2296, 2291, 2286, 2293, 2289, 2293, 2294, - 2304, 2303, 2305, 2306, 2306, 2307, 2305, 2308, 2308, 2304, - 2299, 2309, 2300, 2303, 2310, 2311, 2309, 2312, 2313, 2313, - 2318, 2318, 2319, 2310, 2307, 2320, 2320, 2321, 2322, 2312, - 2323, 2311, 2326, 2324, 2325, 2325, 2328, 2328, 2331, 2323, - 2321, 2322, 2324, 2331, 2319, 2332, 2333, 2326, 2334, 2335, - 2332, 2336, 2337, 2334, 2338, 2616, 2340, 2335, 2341, 2342, - 2333, 2337, 2338, 2341, 2342, 2343, 2344, 2344, 2345, 2345, - 2336, 2340, 2346, 2347, 2348, 2349, 2350, 2616, 2347, 2346, - 2343, 2351, 2350, 2352, 2352, 2353, 2351, 2355, 2355, 2354, - 2356, 2356, 2348, 2349, 2354, 2359, 2360, 2360, 2361, 2362, + 2294, 2298, 2299, 2300, 2301, 2303, 2302, 2304, 2307, 2311, + 2298, 2302, 2296, 2308, 2310, 2300, 2308, 2309, 2309, 2312, + 2312, 2299, 2315, 2318, 2301, 2303, 2304, 2311, 2307, 2310, + 2313, 2316, 2317, 2317, 2313, 2316, 2318, 2315, 2320, 2321, + 2322, 2322, 2324, 2325, 2326, 2327, 2327, 2328, 2326, 2329, + 2329, 2330, 2325, 2331, 2324, 2332, 2330, 2333, 2320, 2321, + 2334, 2334, 2331, 2339, 2339, 2340, 2328, 2341, 2341, 2333, + 2342, 2332, 2343, 2344, 2347, 2345, 2346, 2346, 2349, 2349, + 2354, 2352, 2344, 2342, 2345, 2343, 2352, 2340, 2353, 2347, + 2355, 2356, 2357, 2353, 2354, 2355, 2358, 2361, 2359, 2356, - 2353, 2361, 2363, 2365, 2362, 2362, 2364, 2363, 2359, 2365, - 2366, 2364, 2367, 2368, 2366, 2369, 2370, 2367, 2371, 2372, - 2374, 2377, 2368, 2371, 2370, 2374, 2375, 2379, 2381, 2375, - 2369, 2372, 2379, 2377, 2380, 2382, 2383, 2389, 2384, 2380, - 2385, 2385, 2386, 2390, 2395, 2383, 2381, 2384, 2382, 2391, - 2393, 2386, 2392, 2392, 2397, 2394, 2389, 2396, 2396, 2395, - 2399, 2401, 2402, 2390, 2394, 2404, 2402, 0, 2391, 2393, - 2403, 2403, 2405, 2397, 2406, 2399, 2407, 2409, 2405, 2412, - 2406, 2401, 2407, 2408, 2408, 2409, 2410, 2413, 2412, 2415, - 2404, 2410, 2416, 2415, 2417, 2419, 2419, 2420, 2420, 2429, + 2364, 2369, 2362, 2363, 0, 2358, 2359, 2362, 2363, 2365, + 2365, 2357, 2361, 2366, 2366, 2364, 2367, 2368, 2370, 2369, + 2371, 0, 2368, 2367, 2372, 2374, 2371, 2373, 2373, 2372, + 2375, 2376, 2376, 2377, 2377, 2375, 2370, 2380, 2381, 2381, + 2374, 2382, 2383, 2392, 2382, 2405, 2384, 2383, 2383, 2385, + 2380, 2384, 2386, 2387, 2385, 2388, 2389, 2387, 2386, 2390, + 2388, 2391, 2393, 2405, 2392, 2389, 2394, 2396, 2393, 2391, + 2395, 2398, 2394, 2401, 2390, 2395, 2398, 2399, 2403, 2396, + 2399, 2404, 2406, 2403, 2407, 2401, 2404, 2408, 2409, 2409, + 2410, 2413, 2414, 2407, 2415, 2406, 2408, 2416, 2416, 2410, - 2413, 2421, 2421, 2423, 2423, 2425, 2416, 2424, 2434, 2417, - 2425, 2424, 2427, 2427, 2431, 2430, 2432, 2435, 2435, 2429, - 2430, 2432, 2432, 2437, 2437, 2440, 2431, 2442, 2434, 2438, - 2438, 2439, 2444, 2448, 2439, 2445, 2445, 2450, 2440, 2446, - 2446, 2447, 2447, 2449, 2449, 2442, 2451, 2452, 2448, 2453, - 2450, 2459, 2444, 2454, 2454, 2453, 2455, 2458, 2460, 2461, - 2455, 2452, 2458, 2458, 2451, 2462, 2463, 2464, 2474, 2465, - 2479, 2462, 2463, 2465, 2459, 2466, 2466, 2469, 2460, 2461, - 2471, 2472, 2469, 2475, 2472, 2476, 2475, 2478, 2471, 2477, - 2479, 2482, 2464, 2474, 2477, 2480, 2481, 2481, 2483, 2485, + 2417, 2419, 2418, 2420, 2420, 2421, 2423, 2425, 2427, 2427, + 2413, 2418, 2414, 2415, 2426, 2428, 2419, 2429, 2426, 2417, + 2430, 2423, 2431, 2429, 2421, 2433, 2430, 2425, 2431, 2432, + 2432, 2434, 2436, 2433, 2437, 2439, 2434, 2440, 2441, 2439, + 2428, 2436, 2443, 2443, 2444, 2444, 2448, 2437, 2445, 2445, + 2448, 2440, 2449, 2441, 2447, 2447, 2453, 2449, 2451, 2451, + 2454, 2455, 2456, 2458, 2466, 2454, 2464, 2456, 2456, 2459, + 2459, 2461, 2461, 2455, 2462, 2462, 2453, 2463, 2468, 2464, + 2463, 2472, 2466, 2458, 2469, 2469, 2470, 2470, 2471, 2471, + 2473, 2473, 2474, 2475, 2476, 2477, 2472, 2483, 2468, 2478, - 2486, 2486, 2476, 2476, 2494, 2478, 2483, 2484, 2491, 2480, - 2482, 2493, 2484, 2484, 2487, 2487, 2488, 2488, 2485, 2489, - 2489, 2490, 2490, 2492, 2491, 2495, 2496, 2497, 2492, 0, - 2494, 2493, 2499, 2499, 2495, 2500, 2501, 2504, 2500, 2503, - 2503, 2505, 2505, 2506, 2504, 2513, 2496, 2497, 2506, 2508, - 2508, 2509, 2510, 2511, 2501, 2514, 2514, 2516, 2517, 2519, - 2509, 2510, 2511, 2513, 2515, 2518, 2516, 2520, 2515, 2524, - 2518, 2518, 2519, 2517, 2524, 2528, 2520, 2525, 2525, 2527, - 2527, 2529, 2530, 2532, 2533, 2536, 2537, 2538, 2539, 2528, - 2541, 2543, 2532, 2545, 2539, 2537, 2533, 2561, 2545, 2546, + 2478, 2477, 2479, 2484, 2482, 2474, 2479, 2485, 2476, 2482, + 2482, 2475, 2486, 2487, 2488, 2490, 2490, 2489, 2486, 2487, + 2483, 2489, 2495, 2484, 2493, 2496, 2498, 2485, 2496, 2493, + 2495, 2499, 2500, 2501, 2499, 2502, 2503, 0, 2501, 2488, + 2504, 2505, 2505, 2506, 2507, 2508, 2509, 2507, 2512, 2500, + 2500, 2498, 2510, 2502, 2504, 2507, 2503, 2506, 2511, 2508, + 2510, 2513, 2513, 2511, 2511, 2509, 2518, 2512, 2514, 2514, + 2515, 2515, 2516, 2516, 2517, 2517, 2519, 2520, 2521, 2522, + 2523, 2519, 2518, 2524, 2526, 2526, 2527, 2528, 2522, 2527, + 2530, 2530, 2531, 2532, 2532, 2540, 2533, 2520, 0, 2531, - 2530, 0, 2541, 2561, 2546, 2548, 2529, 2538, 2547, 2547, - 2536, 2550, 2543, 2557, 2548, 2558, 2550, 2551, 2551, 2553, - 2553, 2551, 2554, 2554, 2555, 2555, 2556, 2559, 2564, 2564, - 2565, 2562, 2559, 2557, 2558, 2556, 2562, 2563, 2566, 2567, - 2568, 2569, 2563, 2570, 2567, 2571, 2571, 2569, 2565, 2574, - 2573, 2575, 2577, 2577, 2579, 2584, 2581, 2580, 2568, 2566, - 2581, 2583, 2587, 2582, 2574, 2585, 2589, 2579, 2570, 2573, - 2580, 2575, 2582, 2585, 2584, 2586, 2594, 2583, 2588, 2588, - 2586, 2591, 2591, 2592, 2592, 2589, 2596, 2596, 2587, 2598, - 2599, 2600, 2604, 2601, 2603, 2603, 2605, 2594, 2601, 2606, + 2523, 2533, 2536, 2524, 2521, 2528, 2535, 2535, 2537, 2538, + 2543, 2536, 2542, 2540, 2541, 2541, 2542, 2537, 2538, 2543, + 2544, 2545, 2547, 2546, 2551, 2555, 2545, 2545, 2556, 2551, + 2557, 2547, 2552, 2552, 2559, 2544, 2546, 2554, 2554, 2555, + 2560, 2563, 2564, 2559, 2565, 2568, 2570, 0, 2557, 2566, + 2616, 2564, 2560, 2556, 2572, 2566, 2573, 2568, 2616, 2572, + 2575, 2573, 2574, 2574, 2565, 2577, 2563, 2570, 2584, 2575, + 2577, 2578, 2578, 2580, 2580, 2578, 2581, 2581, 2582, 2582, + 2583, 2585, 2586, 2592, 2588, 2593, 2589, 2586, 2584, 2583, + 2588, 2589, 2590, 2591, 2591, 2595, 2596, 2590, 2594, 2597, - 2608, 2608, 2609, 2610, 2610, 2598, 2599, 2600, 2613, 2614, - 2617, 2617, 2604, 2618, 2618, 2614, 2609, 2615, 2606, 2605, - 2619, 2621, 2615, 2620, 2620, 2622, 2623, 2624, 2613, 2625, - 2626, 2627, 2621, 2624, 2622, 2628, 2628, 2634, 2629, 2635, - 2619, 2629, 2626, 2620, 2630, 2630, 2623, 2636, 2625, 2634, - 2639, 2627, 2640, 2636, 2637, 2637, 2639, 2638, 2642, 2635, - 2638, 2643, 2644, 2642, 2650, 2645, 2643, 2646, 2647, 2647, - 2640, 2645, 2649, 2649, 2653, 2653, 2656, 2651, 2654, 2654, - 2668, 2644, 2655, 2650, 2646, 2646, 2651, 2655, 2657, 2666, - 2656, 2658, 2658, 2657, 2659, 2659, 2660, 2660, 2661, 2663, + 2585, 2592, 2596, 2594, 2598, 2598, 2593, 2600, 2604, 2601, + 2602, 2600, 2606, 2595, 2601, 2602, 2603, 2603, 2605, 2608, + 2608, 2610, 2611, 2614, 2597, 2612, 2615, 2604, 2613, 2612, + 2618, 2617, 2606, 2605, 2610, 2611, 2617, 2613, 2620, 2614, + 2619, 2619, 2622, 2622, 2625, 2615, 2623, 2623, 2627, 2627, + 2629, 2630, 2631, 2632, 2634, 2634, 2618, 2620, 2632, 2635, + 2636, 2637, 2639, 2639, 2640, 2625, 2629, 2630, 2631, 2641, + 2641, 2644, 2646, 2647, 2650, 2645, 2654, 2646, 2640, 2635, + 2637, 2645, 2652, 2636, 2648, 2648, 2649, 2649, 2651, 2651, + 2653, 2644, 2655, 2652, 2650, 2647, 2654, 2656, 2655, 2653, - 2663, 2669, 2668, 2661, 2670, 2671, 2671, 2674, 2666, 2673, - 2673, 2675, 2679, 2676, 2677, 2677, 2680, 2742, 2679, 2681, - 2682, 2674, 2676, 2669, 2742, 2682, 2670, 2685, 2685, 2687, - 2687, 2675, 2688, 2689, 2690, 2692, 2680, 2688, 2681, 2691, - 2690, 2693, 2693, 2692, 2694, 2696, 2697, 2689, 2698, 2694, - 2699, 2691, 2700, 2698, 2703, 2702, 2704, 2705, 2700, 2707, - 2706, 0, 2699, 2702, 2708, 2696, 2697, 2709, 2719, 2710, - 2713, 2714, 2719, 2703, 2710, 2707, 2704, 2705, 2706, 2717, - 2717, 2708, 2708, 2729, 2714, 2718, 2718, 2729, 2709, 2735, - 2713, 2723, 2723, 2725, 2725, 2726, 2726, 2732, 2726, 2727, + 2657, 2658, 2659, 2659, 2660, 2661, 2661, 2660, 2651, 2666, + 2665, 2667, 2657, 2668, 2668, 2669, 2656, 2667, 2669, 2670, + 2671, 2658, 2665, 2673, 2675, 2670, 2674, 2676, 2673, 2666, + 2677, 2674, 2680, 2676, 2678, 2678, 2681, 2682, 2671, 2683, + 2684, 2684, 2685, 2675, 2680, 2691, 2686, 2677, 2677, 2688, + 2688, 0, 2683, 2690, 2681, 2686, 2689, 2689, 2690, 2691, + 2692, 2685, 2682, 2693, 2693, 2692, 2694, 2694, 2695, 2695, + 2696, 2698, 2698, 2701, 2703, 2696, 2704, 2705, 2706, 2706, + 2708, 2708, 2710, 2709, 2711, 2712, 2712, 2715, 2714, 2716, + 2717, 0, 2701, 2711, 2714, 2717, 2703, 2709, 2704, 2705, - 2727, 2736, 2727, 2728, 2728, 2733, 2728, 2731, 2731, 2735, - 2741, 2737, 2738, 2738, 2743, 2732, 2737, 2744, 2743, 2733, - 2747, 2736, 2745, 2748, 2749, 2749, 2744, 2750, 2750, 2751, - 2751, 2752, 2748, 2754, 2753, 2741, 2757, 2745, 2747, 2753, - 2758, 2756, 2754, 2755, 2759, 2754, 2752, 2756, 2755, 2755, - 2762, 2760, 2761, 2763, 2763, 2758, 2760, 2761, 2764, 2767, - 2767, 2757, 2833, 2764, 2833, 2759, 2770, 2770, 2782, 2762, - 2771, 2771, 2772, 2772, 2773, 2773, 2774, 2774, 2775, 2775, - 2776, 2776, 2778, 2779, 2779, 2780, 2781, 2784, 2782, 2785, - 2785, 2778, 2786, 2788, 2780, 2787, 2789, 2789, 2781, 2790, + 2720, 2720, 2710, 2722, 2722, 2723, 2724, 2715, 2716, 2725, + 2723, 2726, 2731, 2727, 2729, 2725, 2728, 2728, 2732, 2729, + 2724, 2727, 2733, 2726, 2734, 2735, 2737, 2733, 2738, 2739, + 2740, 2735, 2731, 2741, 2737, 2748, 2734, 2742, 2732, 2743, + 2744, 2745, 2752, 2747, 2756, 2756, 2745, 2738, 2747, 2739, + 2740, 2741, 2749, 2742, 2750, 2748, 2743, 2743, 2749, 2750, + 2753, 2744, 2752, 2757, 2757, 2758, 2762, 2762, 2768, 2758, + 2764, 2764, 2768, 2753, 2765, 2765, 2771, 2765, 2766, 2766, + 2774, 2766, 2767, 2767, 2772, 2767, 2770, 2770, 2775, 2780, + 2776, 2777, 2777, 2782, 2771, 2776, 2781, 2782, 2772, 2795, - 2791, 2791, 2794, 2796, 2798, 2788, 2784, 2786, 2787, 2795, - 2797, 2797, 2795, 2800, 2790, 2801, 2800, 2802, 2803, 2804, - 2794, 2801, 2798, 2803, 2805, 2806, 2819, 2817, 2808, 2796, - 2817, 2802, 2820, 2820, 2821, 2821, 2822, 2822, 2804, 2819, - 2824, 2806, 2805, 2808, 2825, 2826, 2827, 2828, 2830, 2826, - 2832, 2831, 2834, 2825, 2837, 2832, 2835, 2835, 2838, 2836, - 2840, 2828, 2831, 2824, 2839, 2842, 2827, 2834, 2841, 2843, - 2844, 2830, 2836, 2837, 2848, 2844, 2838, 2849, 2850, 2850, - 2839, 2851, 2856, 2841, 2857, 2840, 2842, 2861, 2848, 2843, - 2851, 2852, 2852, 2853, 2853, 2854, 2854, 2849, 2855, 2855, + 2774, 2783, 2784, 2781, 2786, 2795, 2787, 2821, 2775, 2791, + 2783, 2788, 2788, 2796, 2780, 2787, 2821, 2784, 2789, 2789, + 2790, 2790, 2786, 2792, 2791, 2793, 2794, 2797, 2792, 2798, + 2799, 2794, 2794, 2801, 2793, 2799, 2800, 2793, 2796, 2802, + 2802, 2800, 2797, 2803, 2873, 2804, 2805, 2805, 2873, 2803, + 2798, 2804, 2801, 2806, 2806, 2807, 2810, 2810, 2813, 2813, + 2807, 2814, 2814, 2815, 2815, 2816, 2816, 2817, 2817, 2818, + 2818, 2819, 2819, 2822, 2822, 2823, 2824, 2825, 2829, 2827, + 2828, 2828, 2830, 2837, 2823, 2832, 2832, 2831, 2824, 2833, + 2834, 2834, 2839, 2829, 2841, 2830, 2844, 2825, 2827, 2831, - 2858, 2856, 2859, 2858, 2857, 2860, 2862, 2859, 2863, 2864, - 2860, 2865, 2861, 2867, 2863, 2866, 2866, 2868, 2869, 2869, - 2871, 2862, 2873, 2864, 2876, 2876, 2877, 2877, 2867, 2878, - 2879, 2865, 2880, 2881, 2882, 2871, 2868, 2878, 2880, 2881, - 2873, 2883, 2884, 2885, 2885, 2887, 2890, 2888, 2882, 2879, - 2893, 2891, 2894, 2895, 2883, 2891, 2896, 2894, 2897, 2898, - 2890, 2884, 2902, 2899, 0, 2903, 2887, 2888, 2899, 2896, - 2893, 2897, 2895, 2904, 2900, 2905, 2905, 2912, 2898, 2900, - 2906, 2907, 2902, 2903, 0, 2906, 2909, 2907, 2908, 2908, - 2910, 2909, 2904, 2911, 2913, 2910, 2912, 2919, 2911, 2915, + 2838, 2837, 2844, 2838, 2833, 2840, 2840, 2843, 2845, 2846, + 2843, 2847, 2841, 2848, 2846, 2851, 2849, 2852, 2839, 2855, + 2864, 2851, 2845, 2864, 2866, 2871, 2852, 2867, 2867, 2874, + 2847, 2848, 2849, 2872, 2855, 2868, 2868, 2866, 2869, 2869, + 2875, 2877, 2872, 2881, 2878, 2879, 2882, 2882, 2871, 2874, + 2879, 2880, 2883, 2880, 2875, 2878, 2884, 2886, 2881, 2885, + 2887, 2888, 2889, 2891, 2877, 2883, 2890, 2892, 2897, 2893, + 2898, 2889, 2900, 2886, 2893, 2884, 2888, 2885, 2890, 2899, + 2899, 2900, 2897, 2905, 2891, 2887, 2906, 2892, 2901, 2901, + 2898, 2902, 2902, 2903, 2903, 2904, 2904, 2907, 2908, 2909, - 2913, 2914, 2914, 2918, 2915, 2916, 2916, 2918, 2920, 2921, - 2922, 2923, 2924, 2925, 2932, 2920, 2919, 2923, 2927, 2927, - 2929, 2929, 2931, 2930, 2933, 2934, 2925, 2931, 2921, 2922, - 2939, 2924, 2930, 2932, 2936, 2930, 2935, 2935, 2934, 2936, - 2937, 2940, 2940, 2933, 2941, 2942, 2942, 2943, 2943, 2944, - 2945, 2946, 2953, 2937, 2944, 2948, 2939, 2945, 2947, 2947, - 2948, 2951, 2949, 2941, 2949, 2950, 2950, 2952, 2951, 2955, - 2946, 2953, 2954, 2958, 2952, 2957, 2957, 2954, 2960, 2961, - 2962, 2963, 2967, 2960, 2961, 2964, 2964, 2968, 2955, 2966, - 2966, 2971, 2958, 2969, 2969, 2970, 2970, 2981, 2971, 2962, + 2907, 2910, 2905, 2908, 2909, 2911, 2906, 2912, 2913, 2914, + 2915, 2916, 2918, 2912, 2919, 2915, 2917, 2917, 2920, 2920, + 2911, 2914, 2913, 2922, 2924, 2930, 2910, 2918, 2927, 2927, + 2931, 2916, 2929, 2919, 2928, 2928, 2931, 2932, 2922, 2933, + 2929, 2934, 2924, 2932, 2930, 2935, 2936, 2937, 2937, 2938, + 2938, 2936, 2940, 2933, 2934, 2941, 2943, 2944, 2946, 2949, + 2947, 2944, 2948, 2950, 2935, 2947, 2951, 2954, 2954, 2952, + 2943, 2957, 2949, 2940, 2952, 2941, 2950, 2953, 2946, 2958, + 2959, 2948, 2953, 2960, 2960, 2951, 2967, 2961, 2962, 2963, + 2963, 2957, 2961, 2964, 2962, 2965, 2966, 2958, 2964, 2959, - 2963, 2967, 2973, 2973, 2974, 2974, 2968, 2975, 2977, 2982, - 2980, 2983, 2983, 2977, 2975, 2980, 2981, 2984, 2984, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 2982, 2988, - 2988, 2988, 2988, 2988, 2988, 2988, 2989, 2989, 2989, 2989, - 2989, 2989, 2989, 2990, 2990, 2990, 2990, 2990, 2990, 2990, - 2991, 2991, 2991, 2991, 2991, 2991, 2991, 2992, 2992, 2992, - 2992, 2992, 2992, 2992, 2994, 2994, 0, 2994, 2994, 2994, - 2994, 2995, 2995, 0, 0, 0, 2995, 2995, 2996, 2996, - 0, 0, 2996, 0, 2996, 2997, 0, 0, 0, 0, - 0, 2997, 2998, 2998, 0, 0, 0, 2998, 2998, 2999, + 2965, 2966, 2968, 2970, 2970, 2967, 2971, 2975, 2968, 2972, + 2972, 2971, 2974, 2976, 2977, 2978, 2974, 2979, 2980, 2981, + 2976, 2983, 2983, 2979, 2985, 2985, 2975, 2986, 2988, 2989, + 2987, 2990, 2981, 2977, 2978, 2987, 2986, 2980, 2992, 2986, + 2991, 2991, 2993, 2992, 2990, 2995, 2997, 2988, 2989, 2996, + 2996, 2998, 2998, 2999, 2999, 2993, 3000, 3001, 3002, 3003, + 3003, 3000, 3004, 3009, 3001, 2997, 3005, 3004, 3005, 3006, + 3006, 2995, 3007, 3008, 3011, 3014, 3010, 3002, 3018, 3007, + 3008, 3010, 3009, 3013, 3013, 3016, 3017, 3019, 3020, 3020, + 3016, 3017, 3023, 3011, 3014, 3022, 3022, 3018, 3024, 3025, - 0, 0, 0, 0, 0, 2999, 3000, 3000, 0, 3000, - 3000, 3000, 3000, 3001, 3001, 0, 3001, 3001, 3001, 3001, - 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, - 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, - 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, - 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, 2987, - 2987 + 3025, 3026, 3026, 3027, 3029, 3029, 3019, 3030, 3030, 3031, + 3027, 3023, 3037, 3033, 3036, 3038, 3031, 3024, 3033, 3036, + 3039, 3039, 3040, 3040, 0, 0, 0, 0, 0, 0, + 0, 3037, 0, 0, 3038, 3044, 3044, 3044, 3044, 3044, + 3044, 3044, 3045, 3045, 3045, 3045, 3045, 3045, 3045, 3046, + 3046, 3046, 3046, 3046, 3046, 3046, 3047, 3047, 3047, 3047, + 3047, 3047, 3047, 3048, 3048, 3048, 3048, 3048, 3048, 3048, + 3050, 3050, 0, 3050, 3050, 3050, 3050, 3051, 3051, 0, + 0, 0, 3051, 3051, 3052, 3052, 0, 0, 3052, 0, + 3052, 3053, 0, 0, 0, 0, 0, 3053, 3054, 3054, + + 0, 0, 0, 3054, 3054, 3055, 0, 0, 0, 0, + 0, 3055, 3056, 3056, 0, 3056, 3056, 3056, 3056, 3057, + 3057, 0, 3057, 3057, 3057, 3057, 3043, 3043, 3043, 3043, + 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, + 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, + 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, 3043, + 3043, 3043, 3043, 3043, 3043, 3043, 3043 } ; static yy_state_type yy_last_accepting_state; @@ -2899,7 +2938,7 @@ static void config_end_include(void) } #endif -#line 2900 "" +#line 2939 "" #define YY_NO_INPUT 1 #line 184 "./util/configlexer.lex" #ifndef YY_NO_UNPUT @@ -2908,9 +2947,9 @@ static void config_end_include(void) #ifndef YY_NO_INPUT #define YY_NO_INPUT 1 #endif -#line 2909 "" +#line 2948 "" -#line 2911 "" +#line 2950 "" #define INITIAL 0 #define quotedstring 1 @@ -3132,7 +3171,7 @@ YY_DECL { #line 204 "./util/configlexer.lex" -#line 3133 "" +#line 3172 "" while ( /*CONSTCOND*/1 ) /* loops until end-of-file is reached */ { @@ -3165,13 +3204,13 @@ yy_match: while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 2988 ) + if ( yy_current_state >= 3044 ) yy_c = yy_meta[yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + yy_c]; ++yy_cp; } - while ( yy_base[yy_current_state] != 5821 ); + while ( yy_base[yy_current_state] != 5927 ); yy_find_action: yy_act = yy_accept[yy_current_state]; @@ -4327,331 +4366,363 @@ YY_RULE_SETUP case 226: YY_RULE_SETUP #line 434 "./util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_SEND_IDENTITY) } +{ YDVAR(1, VAR_DNSTAP_IP) } YY_BREAK case 227: YY_RULE_SETUP #line 435 "./util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_SEND_VERSION) } +{ YDVAR(1, VAR_DNSTAP_TLS) } YY_BREAK case 228: YY_RULE_SETUP #line 436 "./util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_IDENTITY) } +{ YDVAR(1, VAR_DNSTAP_TLS_SERVER_NAME) } YY_BREAK case 229: YY_RULE_SETUP #line 437 "./util/configlexer.lex" -{ YDVAR(1, VAR_DNSTAP_VERSION) } +{ YDVAR(1, VAR_DNSTAP_TLS_CERT_BUNDLE) } YY_BREAK case 230: YY_RULE_SETUP #line 438 "./util/configlexer.lex" { - YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES) } + YDVAR(1, VAR_DNSTAP_TLS_CLIENT_KEY_FILE) } YY_BREAK case 231: YY_RULE_SETUP #line 440 "./util/configlexer.lex" { - YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES) } + YDVAR(1, VAR_DNSTAP_TLS_CLIENT_CERT_FILE) } YY_BREAK case 232: YY_RULE_SETUP #line 442 "./util/configlexer.lex" -{ - YDVAR(1, VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES) } +{ YDVAR(1, VAR_DNSTAP_SEND_IDENTITY) } YY_BREAK case 233: YY_RULE_SETUP -#line 444 "./util/configlexer.lex" -{ - YDVAR(1, VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES) } +#line 443 "./util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_SEND_VERSION) } YY_BREAK case 234: YY_RULE_SETUP -#line 446 "./util/configlexer.lex" -{ - YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES) } +#line 444 "./util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_IDENTITY) } YY_BREAK case 235: YY_RULE_SETUP -#line 448 "./util/configlexer.lex" -{ - YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES) } +#line 445 "./util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_VERSION) } YY_BREAK case 236: YY_RULE_SETUP -#line 450 "./util/configlexer.lex" -{ YDVAR(1, VAR_DISABLE_DNSSEC_LAME_CHECK) } +#line 446 "./util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES) } YY_BREAK case 237: YY_RULE_SETUP -#line 451 "./util/configlexer.lex" -{ YDVAR(1, VAR_IP_RATELIMIT) } +#line 448 "./util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES) } YY_BREAK case 238: YY_RULE_SETUP -#line 452 "./util/configlexer.lex" -{ YDVAR(1, VAR_RATELIMIT) } +#line 450 "./util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES) } YY_BREAK case 239: YY_RULE_SETUP -#line 453 "./util/configlexer.lex" -{ YDVAR(1, VAR_IP_RATELIMIT_SLABS) } +#line 452 "./util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES) } YY_BREAK case 240: YY_RULE_SETUP #line 454 "./util/configlexer.lex" -{ YDVAR(1, VAR_RATELIMIT_SLABS) } +{ + YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES) } YY_BREAK case 241: YY_RULE_SETUP -#line 455 "./util/configlexer.lex" -{ YDVAR(1, VAR_IP_RATELIMIT_SIZE) } +#line 456 "./util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES) } YY_BREAK case 242: YY_RULE_SETUP -#line 456 "./util/configlexer.lex" -{ YDVAR(1, VAR_RATELIMIT_SIZE) } +#line 458 "./util/configlexer.lex" +{ YDVAR(1, VAR_DISABLE_DNSSEC_LAME_CHECK) } YY_BREAK case 243: YY_RULE_SETUP -#line 457 "./util/configlexer.lex" -{ YDVAR(2, VAR_RATELIMIT_FOR_DOMAIN) } +#line 459 "./util/configlexer.lex" +{ YDVAR(1, VAR_IP_RATELIMIT) } YY_BREAK case 244: YY_RULE_SETUP -#line 458 "./util/configlexer.lex" -{ YDVAR(2, VAR_RATELIMIT_BELOW_DOMAIN) } +#line 460 "./util/configlexer.lex" +{ YDVAR(1, VAR_RATELIMIT) } YY_BREAK case 245: YY_RULE_SETUP -#line 459 "./util/configlexer.lex" -{ YDVAR(1, VAR_IP_RATELIMIT_FACTOR) } +#line 461 "./util/configlexer.lex" +{ YDVAR(1, VAR_IP_RATELIMIT_SLABS) } YY_BREAK case 246: YY_RULE_SETUP -#line 460 "./util/configlexer.lex" -{ YDVAR(1, VAR_RATELIMIT_FACTOR) } +#line 462 "./util/configlexer.lex" +{ YDVAR(1, VAR_RATELIMIT_SLABS) } YY_BREAK case 247: YY_RULE_SETUP -#line 461 "./util/configlexer.lex" -{ YDVAR(1, VAR_LOW_RTT) } +#line 463 "./util/configlexer.lex" +{ YDVAR(1, VAR_IP_RATELIMIT_SIZE) } YY_BREAK case 248: YY_RULE_SETUP -#line 462 "./util/configlexer.lex" -{ YDVAR(1, VAR_FAST_SERVER_NUM) } +#line 464 "./util/configlexer.lex" +{ YDVAR(1, VAR_RATELIMIT_SIZE) } YY_BREAK case 249: YY_RULE_SETUP -#line 463 "./util/configlexer.lex" -{ YDVAR(1, VAR_FAST_SERVER_PERMIL) } +#line 465 "./util/configlexer.lex" +{ YDVAR(2, VAR_RATELIMIT_FOR_DOMAIN) } YY_BREAK case 250: YY_RULE_SETUP -#line 464 "./util/configlexer.lex" -{ YDVAR(1, VAR_FAST_SERVER_PERMIL) } +#line 466 "./util/configlexer.lex" +{ YDVAR(2, VAR_RATELIMIT_BELOW_DOMAIN) } YY_BREAK case 251: YY_RULE_SETUP -#line 465 "./util/configlexer.lex" -{ YDVAR(1, VAR_FAST_SERVER_PERMIL) } +#line 467 "./util/configlexer.lex" +{ YDVAR(1, VAR_IP_RATELIMIT_FACTOR) } YY_BREAK case 252: YY_RULE_SETUP -#line 466 "./util/configlexer.lex" -{ YDVAR(2, VAR_RESPONSE_IP_TAG) } +#line 468 "./util/configlexer.lex" +{ YDVAR(1, VAR_RATELIMIT_FACTOR) } YY_BREAK case 253: YY_RULE_SETUP -#line 467 "./util/configlexer.lex" -{ YDVAR(2, VAR_RESPONSE_IP) } +#line 469 "./util/configlexer.lex" +{ YDVAR(1, VAR_LOW_RTT) } YY_BREAK case 254: YY_RULE_SETUP -#line 468 "./util/configlexer.lex" -{ YDVAR(2, VAR_RESPONSE_IP_DATA) } +#line 470 "./util/configlexer.lex" +{ YDVAR(1, VAR_FAST_SERVER_NUM) } YY_BREAK case 255: YY_RULE_SETUP -#line 469 "./util/configlexer.lex" -{ YDVAR(0, VAR_DNSCRYPT) } +#line 471 "./util/configlexer.lex" +{ YDVAR(1, VAR_FAST_SERVER_PERMIL) } YY_BREAK case 256: YY_RULE_SETUP -#line 470 "./util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_ENABLE) } +#line 472 "./util/configlexer.lex" +{ YDVAR(1, VAR_FAST_SERVER_PERMIL) } YY_BREAK case 257: YY_RULE_SETUP -#line 471 "./util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_PORT) } +#line 473 "./util/configlexer.lex" +{ YDVAR(1, VAR_FAST_SERVER_PERMIL) } YY_BREAK case 258: YY_RULE_SETUP -#line 472 "./util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_PROVIDER) } +#line 474 "./util/configlexer.lex" +{ YDVAR(2, VAR_RESPONSE_IP_TAG) } YY_BREAK case 259: YY_RULE_SETUP -#line 473 "./util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_SECRET_KEY) } +#line 475 "./util/configlexer.lex" +{ YDVAR(2, VAR_RESPONSE_IP) } YY_BREAK case 260: YY_RULE_SETUP -#line 474 "./util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_PROVIDER_CERT) } +#line 476 "./util/configlexer.lex" +{ YDVAR(2, VAR_RESPONSE_IP_DATA) } YY_BREAK case 261: YY_RULE_SETUP -#line 475 "./util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_PROVIDER_CERT_ROTATED) } +#line 477 "./util/configlexer.lex" +{ YDVAR(0, VAR_DNSCRYPT) } YY_BREAK case 262: YY_RULE_SETUP -#line 476 "./util/configlexer.lex" -{ - YDVAR(1, VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE) } +#line 478 "./util/configlexer.lex" +{ YDVAR(1, VAR_DNSCRYPT_ENABLE) } YY_BREAK case 263: YY_RULE_SETUP -#line 478 "./util/configlexer.lex" -{ - YDVAR(1, VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS) } +#line 479 "./util/configlexer.lex" +{ YDVAR(1, VAR_DNSCRYPT_PORT) } YY_BREAK case 264: YY_RULE_SETUP #line 480 "./util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_NONCE_CACHE_SIZE) } +{ YDVAR(1, VAR_DNSCRYPT_PROVIDER) } YY_BREAK case 265: YY_RULE_SETUP #line 481 "./util/configlexer.lex" -{ YDVAR(1, VAR_DNSCRYPT_NONCE_CACHE_SLABS) } +{ YDVAR(1, VAR_DNSCRYPT_SECRET_KEY) } YY_BREAK case 266: YY_RULE_SETUP #line 482 "./util/configlexer.lex" -{ YDVAR(1, VAR_IPSECMOD_ENABLED) } +{ YDVAR(1, VAR_DNSCRYPT_PROVIDER_CERT) } YY_BREAK case 267: YY_RULE_SETUP #line 483 "./util/configlexer.lex" -{ YDVAR(1, VAR_IPSECMOD_IGNORE_BOGUS) } +{ YDVAR(1, VAR_DNSCRYPT_PROVIDER_CERT_ROTATED) } YY_BREAK case 268: YY_RULE_SETUP #line 484 "./util/configlexer.lex" -{ YDVAR(1, VAR_IPSECMOD_HOOK) } +{ + YDVAR(1, VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE) } YY_BREAK case 269: YY_RULE_SETUP -#line 485 "./util/configlexer.lex" -{ YDVAR(1, VAR_IPSECMOD_MAX_TTL) } +#line 486 "./util/configlexer.lex" +{ + YDVAR(1, VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS) } YY_BREAK case 270: YY_RULE_SETUP -#line 486 "./util/configlexer.lex" -{ YDVAR(1, VAR_IPSECMOD_WHITELIST) } +#line 488 "./util/configlexer.lex" +{ YDVAR(1, VAR_DNSCRYPT_NONCE_CACHE_SIZE) } YY_BREAK case 271: YY_RULE_SETUP -#line 487 "./util/configlexer.lex" -{ YDVAR(1, VAR_IPSECMOD_STRICT) } +#line 489 "./util/configlexer.lex" +{ YDVAR(1, VAR_DNSCRYPT_NONCE_CACHE_SLABS) } YY_BREAK case 272: YY_RULE_SETUP -#line 488 "./util/configlexer.lex" -{ YDVAR(0, VAR_CACHEDB) } +#line 490 "./util/configlexer.lex" +{ YDVAR(1, VAR_IPSECMOD_ENABLED) } YY_BREAK case 273: YY_RULE_SETUP -#line 489 "./util/configlexer.lex" -{ YDVAR(1, VAR_CACHEDB_BACKEND) } +#line 491 "./util/configlexer.lex" +{ YDVAR(1, VAR_IPSECMOD_IGNORE_BOGUS) } YY_BREAK case 274: YY_RULE_SETUP -#line 490 "./util/configlexer.lex" -{ YDVAR(1, VAR_CACHEDB_SECRETSEED) } +#line 492 "./util/configlexer.lex" +{ YDVAR(1, VAR_IPSECMOD_HOOK) } YY_BREAK case 275: YY_RULE_SETUP -#line 491 "./util/configlexer.lex" -{ YDVAR(1, VAR_CACHEDB_REDISHOST) } +#line 493 "./util/configlexer.lex" +{ YDVAR(1, VAR_IPSECMOD_MAX_TTL) } YY_BREAK case 276: YY_RULE_SETUP -#line 492 "./util/configlexer.lex" -{ YDVAR(1, VAR_CACHEDB_REDISPORT) } +#line 494 "./util/configlexer.lex" +{ YDVAR(1, VAR_IPSECMOD_WHITELIST) } YY_BREAK case 277: YY_RULE_SETUP -#line 493 "./util/configlexer.lex" -{ YDVAR(1, VAR_CACHEDB_REDISTIMEOUT) } +#line 495 "./util/configlexer.lex" +{ YDVAR(1, VAR_IPSECMOD_STRICT) } YY_BREAK case 278: YY_RULE_SETUP -#line 494 "./util/configlexer.lex" -{ YDVAR(0, VAR_IPSET) } +#line 496 "./util/configlexer.lex" +{ YDVAR(0, VAR_CACHEDB) } YY_BREAK case 279: YY_RULE_SETUP -#line 495 "./util/configlexer.lex" -{ YDVAR(1, VAR_IPSET_NAME_V4) } +#line 497 "./util/configlexer.lex" +{ YDVAR(1, VAR_CACHEDB_BACKEND) } YY_BREAK case 280: YY_RULE_SETUP -#line 496 "./util/configlexer.lex" -{ YDVAR(1, VAR_IPSET_NAME_V6) } +#line 498 "./util/configlexer.lex" +{ YDVAR(1, VAR_CACHEDB_SECRETSEED) } YY_BREAK case 281: YY_RULE_SETUP -#line 497 "./util/configlexer.lex" -{ YDVAR(1, VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM) } +#line 499 "./util/configlexer.lex" +{ YDVAR(1, VAR_CACHEDB_REDISHOST) } YY_BREAK case 282: YY_RULE_SETUP -#line 498 "./util/configlexer.lex" -{ YDVAR(2, VAR_TCP_CONNECTION_LIMIT) } +#line 500 "./util/configlexer.lex" +{ YDVAR(1, VAR_CACHEDB_REDISPORT) } YY_BREAK case 283: -/* rule 283 can match eol */ YY_RULE_SETUP -#line 499 "./util/configlexer.lex" -{ LEXOUT(("NL\n")); cfg_parser->line++; } +#line 501 "./util/configlexer.lex" +{ YDVAR(1, VAR_CACHEDB_REDISTIMEOUT) } YY_BREAK -/* Quoted strings. Strip leading and ending quotes */ case 284: YY_RULE_SETUP #line 502 "./util/configlexer.lex" +{ YDVAR(0, VAR_IPSET) } + YY_BREAK +case 285: +YY_RULE_SETUP +#line 503 "./util/configlexer.lex" +{ YDVAR(1, VAR_IPSET_NAME_V4) } + YY_BREAK +case 286: +YY_RULE_SETUP +#line 504 "./util/configlexer.lex" +{ YDVAR(1, VAR_IPSET_NAME_V6) } + YY_BREAK +case 287: +YY_RULE_SETUP +#line 505 "./util/configlexer.lex" +{ YDVAR(1, VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM) } + YY_BREAK +case 288: +YY_RULE_SETUP +#line 506 "./util/configlexer.lex" +{ YDVAR(2, VAR_TCP_CONNECTION_LIMIT) } + YY_BREAK +case 289: +/* rule 289 can match eol */ +YY_RULE_SETUP +#line 507 "./util/configlexer.lex" +{ LEXOUT(("NL\n")); cfg_parser->line++; } + YY_BREAK +/* Quoted strings. Strip leading and ending quotes */ +case 290: +YY_RULE_SETUP +#line 510 "./util/configlexer.lex" { BEGIN(quotedstring); LEXOUT(("QS ")); } YY_BREAK case YY_STATE_EOF(quotedstring): -#line 503 "./util/configlexer.lex" +#line 511 "./util/configlexer.lex" { yyerror("EOF inside quoted string"); if(--num_args == 0) { BEGIN(INITIAL); } else { BEGIN(val); } } YY_BREAK -case 285: +case 291: YY_RULE_SETUP -#line 508 "./util/configlexer.lex" +#line 516 "./util/configlexer.lex" { LEXOUT(("STR(%s) ", yytext)); yymore(); } YY_BREAK -case 286: -/* rule 286 can match eol */ +case 292: +/* rule 292 can match eol */ YY_RULE_SETUP -#line 509 "./util/configlexer.lex" +#line 517 "./util/configlexer.lex" { yyerror("newline inside quoted string, no end \""); cfg_parser->line++; BEGIN(INITIAL); } YY_BREAK -case 287: +case 293: YY_RULE_SETUP -#line 511 "./util/configlexer.lex" +#line 519 "./util/configlexer.lex" { LEXOUT(("QE ")); if(--num_args == 0) { BEGIN(INITIAL); } @@ -4664,34 +4735,34 @@ YY_RULE_SETUP } YY_BREAK /* Single Quoted strings. Strip leading and ending quotes */ -case 288: +case 294: YY_RULE_SETUP -#line 523 "./util/configlexer.lex" +#line 531 "./util/configlexer.lex" { BEGIN(singlequotedstr); LEXOUT(("SQS ")); } YY_BREAK case YY_STATE_EOF(singlequotedstr): -#line 524 "./util/configlexer.lex" +#line 532 "./util/configlexer.lex" { yyerror("EOF inside quoted string"); if(--num_args == 0) { BEGIN(INITIAL); } else { BEGIN(val); } } YY_BREAK -case 289: +case 295: YY_RULE_SETUP -#line 529 "./util/configlexer.lex" +#line 537 "./util/configlexer.lex" { LEXOUT(("STR(%s) ", yytext)); yymore(); } YY_BREAK -case 290: -/* rule 290 can match eol */ +case 296: +/* rule 296 can match eol */ YY_RULE_SETUP -#line 530 "./util/configlexer.lex" +#line 538 "./util/configlexer.lex" { yyerror("newline inside quoted string, no end '"); cfg_parser->line++; BEGIN(INITIAL); } YY_BREAK -case 291: +case 297: YY_RULE_SETUP -#line 532 "./util/configlexer.lex" +#line 540 "./util/configlexer.lex" { LEXOUT(("SQE ")); if(--num_args == 0) { BEGIN(INITIAL); } @@ -4704,38 +4775,38 @@ YY_RULE_SETUP } YY_BREAK /* include: directive */ -case 292: +case 298: YY_RULE_SETUP -#line 544 "./util/configlexer.lex" +#line 552 "./util/configlexer.lex" { LEXOUT(("v(%s) ", yytext)); inc_prev = YYSTATE; BEGIN(include); } YY_BREAK case YY_STATE_EOF(include): -#line 546 "./util/configlexer.lex" +#line 554 "./util/configlexer.lex" { yyerror("EOF inside include directive"); BEGIN(inc_prev); } YY_BREAK -case 293: +case 299: YY_RULE_SETUP -#line 550 "./util/configlexer.lex" +#line 558 "./util/configlexer.lex" { LEXOUT(("ISP ")); /* ignore */ } YY_BREAK -case 294: -/* rule 294 can match eol */ +case 300: +/* rule 300 can match eol */ YY_RULE_SETUP -#line 551 "./util/configlexer.lex" +#line 559 "./util/configlexer.lex" { LEXOUT(("NL\n")); cfg_parser->line++;} YY_BREAK -case 295: +case 301: YY_RULE_SETUP -#line 552 "./util/configlexer.lex" +#line 560 "./util/configlexer.lex" { LEXOUT(("IQS ")); BEGIN(include_quoted); } YY_BREAK -case 296: +case 302: YY_RULE_SETUP -#line 553 "./util/configlexer.lex" +#line 561 "./util/configlexer.lex" { LEXOUT(("Iunquotedstr(%s) ", yytext)); config_start_include_glob(yytext); @@ -4743,27 +4814,27 @@ YY_RULE_SETUP } YY_BREAK case YY_STATE_EOF(include_quoted): -#line 558 "./util/configlexer.lex" +#line 566 "./util/configlexer.lex" { yyerror("EOF inside quoted string"); BEGIN(inc_prev); } YY_BREAK -case 297: +case 303: YY_RULE_SETUP -#line 562 "./util/configlexer.lex" +#line 570 "./util/configlexer.lex" { LEXOUT(("ISTR(%s) ", yytext)); yymore(); } YY_BREAK -case 298: -/* rule 298 can match eol */ +case 304: +/* rule 304 can match eol */ YY_RULE_SETUP -#line 563 "./util/configlexer.lex" +#line 571 "./util/configlexer.lex" { yyerror("newline before \" in include name"); cfg_parser->line++; BEGIN(inc_prev); } YY_BREAK -case 299: +case 305: YY_RULE_SETUP -#line 565 "./util/configlexer.lex" +#line 573 "./util/configlexer.lex" { LEXOUT(("IQE ")); yytext[yyleng - 1] = '\0'; @@ -4773,7 +4844,7 @@ YY_RULE_SETUP YY_BREAK case YY_STATE_EOF(INITIAL): case YY_STATE_EOF(val): -#line 571 "./util/configlexer.lex" +#line 579 "./util/configlexer.lex" { LEXOUT(("LEXEOF ")); yy_set_bol(1); /* Set beginning of line, so "^" rules match. */ @@ -4785,33 +4856,33 @@ case YY_STATE_EOF(val): } } YY_BREAK -case 300: +case 306: YY_RULE_SETUP -#line 582 "./util/configlexer.lex" +#line 590 "./util/configlexer.lex" { LEXOUT(("unquotedstr(%s) ", yytext)); if(--num_args == 0) { BEGIN(INITIAL); } yylval.str = strdup(yytext); return STRING_ARG; } YY_BREAK -case 301: +case 307: YY_RULE_SETUP -#line 586 "./util/configlexer.lex" +#line 594 "./util/configlexer.lex" { ub_c_error_msg("unknown keyword '%s'", yytext); } YY_BREAK -case 302: +case 308: YY_RULE_SETUP -#line 590 "./util/configlexer.lex" +#line 598 "./util/configlexer.lex" { ub_c_error_msg("stray '%s'", yytext); } YY_BREAK -case 303: +case 309: YY_RULE_SETUP -#line 594 "./util/configlexer.lex" +#line 602 "./util/configlexer.lex" ECHO; YY_BREAK -#line 4812 "" +#line 4883 "" case YY_END_OF_BUFFER: { @@ -5106,7 +5177,7 @@ static int yy_get_next_buffer (void) while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 2988 ) + if ( yy_current_state >= 3044 ) yy_c = yy_meta[yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + yy_c]; @@ -5134,11 +5205,11 @@ static int yy_get_next_buffer (void) while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 2988 ) + if ( yy_current_state >= 3044 ) yy_c = yy_meta[yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + yy_c]; - yy_is_jam = (yy_current_state == 2987); + yy_is_jam = (yy_current_state == 3043); return yy_is_jam ? 0 : yy_current_state; } @@ -5777,6 +5848,6 @@ void yyfree (void * ptr ) #define YYTABLES_NAME "yytables" -#line 594 "./util/configlexer.lex" +#line 602 "./util/configlexer.lex" diff --git a/util/configlexer.lex b/util/configlexer.lex index c98f097a0..1d7a38681 100644 --- a/util/configlexer.lex +++ b/util/configlexer.lex @@ -431,6 +431,14 @@ local-zone-override{COLON} { YDVAR(3, VAR_LOCAL_ZONE_OVERRIDE) } dnstap{COLON} { YDVAR(0, VAR_DNSTAP) } dnstap-enable{COLON} { YDVAR(1, VAR_DNSTAP_ENABLE) } dnstap-socket-path{COLON} { YDVAR(1, VAR_DNSTAP_SOCKET_PATH) } +dnstap-ip{COLON} { YDVAR(1, VAR_DNSTAP_IP) } +dnstap-tls{COLON} { YDVAR(1, VAR_DNSTAP_TLS) } +dnstap-tls-server-name{COLON} { YDVAR(1, VAR_DNSTAP_TLS_SERVER_NAME) } +dnstap-tls-cert-bundle{COLON} { YDVAR(1, VAR_DNSTAP_TLS_CERT_BUNDLE) } +dnstap-tls-client-key-file{COLON} { + YDVAR(1, VAR_DNSTAP_TLS_CLIENT_KEY_FILE) } +dnstap-tls-client-cert-file{COLON} { + YDVAR(1, VAR_DNSTAP_TLS_CLIENT_CERT_FILE) } dnstap-send-identity{COLON} { YDVAR(1, VAR_DNSTAP_SEND_IDENTITY) } dnstap-send-version{COLON} { YDVAR(1, VAR_DNSTAP_SEND_VERSION) } dnstap-identity{COLON} { YDVAR(1, VAR_DNSTAP_IDENTITY) } diff --git a/util/configparser.c b/util/configparser.c index c53aea9eb..6d792c698 100644 --- a/util/configparser.c +++ b/util/configparser.c @@ -286,130 +286,136 @@ extern int yydebug; VAR_DNSTAP = 407, VAR_DNSTAP_ENABLE = 408, VAR_DNSTAP_SOCKET_PATH = 409, - VAR_DNSTAP_SEND_IDENTITY = 410, - VAR_DNSTAP_SEND_VERSION = 411, - VAR_DNSTAP_IDENTITY = 412, - VAR_DNSTAP_VERSION = 413, - VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES = 414, - VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES = 415, - VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES = 416, - VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES = 417, - VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES = 418, - VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES = 419, - VAR_RESPONSE_IP_TAG = 420, - VAR_RESPONSE_IP = 421, - VAR_RESPONSE_IP_DATA = 422, - VAR_HARDEN_ALGO_DOWNGRADE = 423, - VAR_IP_TRANSPARENT = 424, - VAR_DISABLE_DNSSEC_LAME_CHECK = 425, - VAR_IP_RATELIMIT = 426, - VAR_IP_RATELIMIT_SLABS = 427, - VAR_IP_RATELIMIT_SIZE = 428, - VAR_RATELIMIT = 429, - VAR_RATELIMIT_SLABS = 430, - VAR_RATELIMIT_SIZE = 431, - VAR_RATELIMIT_FOR_DOMAIN = 432, - VAR_RATELIMIT_BELOW_DOMAIN = 433, - VAR_IP_RATELIMIT_FACTOR = 434, - VAR_RATELIMIT_FACTOR = 435, - VAR_SEND_CLIENT_SUBNET = 436, - VAR_CLIENT_SUBNET_ZONE = 437, - VAR_CLIENT_SUBNET_ALWAYS_FORWARD = 438, - VAR_CLIENT_SUBNET_OPCODE = 439, - VAR_MAX_CLIENT_SUBNET_IPV4 = 440, - VAR_MAX_CLIENT_SUBNET_IPV6 = 441, - VAR_MIN_CLIENT_SUBNET_IPV4 = 442, - VAR_MIN_CLIENT_SUBNET_IPV6 = 443, - VAR_MAX_ECS_TREE_SIZE_IPV4 = 444, - VAR_MAX_ECS_TREE_SIZE_IPV6 = 445, - VAR_CAPS_WHITELIST = 446, - VAR_CACHE_MAX_NEGATIVE_TTL = 447, - VAR_PERMIT_SMALL_HOLDDOWN = 448, - VAR_QNAME_MINIMISATION = 449, - VAR_QNAME_MINIMISATION_STRICT = 450, - VAR_IP_FREEBIND = 451, - VAR_DEFINE_TAG = 452, - VAR_LOCAL_ZONE_TAG = 453, - VAR_ACCESS_CONTROL_TAG = 454, - VAR_LOCAL_ZONE_OVERRIDE = 455, - VAR_ACCESS_CONTROL_TAG_ACTION = 456, - VAR_ACCESS_CONTROL_TAG_DATA = 457, - VAR_VIEW = 458, - VAR_ACCESS_CONTROL_VIEW = 459, - VAR_VIEW_FIRST = 460, - VAR_SERVE_EXPIRED = 461, - VAR_SERVE_EXPIRED_TTL = 462, - VAR_SERVE_EXPIRED_TTL_RESET = 463, - VAR_SERVE_EXPIRED_REPLY_TTL = 464, - VAR_SERVE_EXPIRED_CLIENT_TIMEOUT = 465, - VAR_FAKE_DSA = 466, - VAR_FAKE_SHA1 = 467, - VAR_LOG_IDENTITY = 468, - VAR_HIDE_TRUSTANCHOR = 469, - VAR_TRUST_ANCHOR_SIGNALING = 470, - VAR_AGGRESSIVE_NSEC = 471, - VAR_USE_SYSTEMD = 472, - VAR_SHM_ENABLE = 473, - VAR_SHM_KEY = 474, - VAR_ROOT_KEY_SENTINEL = 475, - VAR_DNSCRYPT = 476, - VAR_DNSCRYPT_ENABLE = 477, - VAR_DNSCRYPT_PORT = 478, - VAR_DNSCRYPT_PROVIDER = 479, - VAR_DNSCRYPT_SECRET_KEY = 480, - VAR_DNSCRYPT_PROVIDER_CERT = 481, - VAR_DNSCRYPT_PROVIDER_CERT_ROTATED = 482, - VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE = 483, - VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS = 484, - VAR_DNSCRYPT_NONCE_CACHE_SIZE = 485, - VAR_DNSCRYPT_NONCE_CACHE_SLABS = 486, - VAR_IPSECMOD_ENABLED = 487, - VAR_IPSECMOD_HOOK = 488, - VAR_IPSECMOD_IGNORE_BOGUS = 489, - VAR_IPSECMOD_MAX_TTL = 490, - VAR_IPSECMOD_WHITELIST = 491, - VAR_IPSECMOD_STRICT = 492, - VAR_CACHEDB = 493, - VAR_CACHEDB_BACKEND = 494, - VAR_CACHEDB_SECRETSEED = 495, - VAR_CACHEDB_REDISHOST = 496, - VAR_CACHEDB_REDISPORT = 497, - VAR_CACHEDB_REDISTIMEOUT = 498, - VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM = 499, - VAR_FOR_UPSTREAM = 500, - VAR_AUTH_ZONE = 501, - VAR_ZONEFILE = 502, - VAR_MASTER = 503, - VAR_URL = 504, - VAR_FOR_DOWNSTREAM = 505, - VAR_FALLBACK_ENABLED = 506, - VAR_TLS_ADDITIONAL_PORT = 507, - VAR_LOW_RTT = 508, - VAR_LOW_RTT_PERMIL = 509, - VAR_FAST_SERVER_PERMIL = 510, - VAR_FAST_SERVER_NUM = 511, - VAR_ALLOW_NOTIFY = 512, - VAR_TLS_WIN_CERT = 513, - VAR_TCP_CONNECTION_LIMIT = 514, - VAR_FORWARD_NO_CACHE = 515, - VAR_STUB_NO_CACHE = 516, - VAR_LOG_SERVFAIL = 517, - VAR_DENY_ANY = 518, - VAR_UNKNOWN_SERVER_TIME_LIMIT = 519, - VAR_LOG_TAG_QUERYREPLY = 520, - VAR_STREAM_WAIT_SIZE = 521, - VAR_TLS_CIPHERS = 522, - VAR_TLS_CIPHERSUITES = 523, - VAR_IPSET = 524, - VAR_IPSET_NAME_V4 = 525, - VAR_IPSET_NAME_V6 = 526, - VAR_TLS_SESSION_TICKET_KEYS = 527, - VAR_RPZ = 528, - VAR_TAGS = 529, - VAR_RPZ_ACTION_OVERRIDE = 530, - VAR_RPZ_CNAME_OVERRIDE = 531, - VAR_RPZ_LOG = 532, - VAR_RPZ_LOG_NAME = 533 + VAR_DNSTAP_IP = 410, + VAR_DNSTAP_TLS = 411, + VAR_DNSTAP_TLS_SERVER_NAME = 412, + VAR_DNSTAP_TLS_CERT_BUNDLE = 413, + VAR_DNSTAP_TLS_CLIENT_KEY_FILE = 414, + VAR_DNSTAP_TLS_CLIENT_CERT_FILE = 415, + VAR_DNSTAP_SEND_IDENTITY = 416, + VAR_DNSTAP_SEND_VERSION = 417, + VAR_DNSTAP_IDENTITY = 418, + VAR_DNSTAP_VERSION = 419, + VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES = 420, + VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES = 421, + VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES = 422, + VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES = 423, + VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES = 424, + VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES = 425, + VAR_RESPONSE_IP_TAG = 426, + VAR_RESPONSE_IP = 427, + VAR_RESPONSE_IP_DATA = 428, + VAR_HARDEN_ALGO_DOWNGRADE = 429, + VAR_IP_TRANSPARENT = 430, + VAR_DISABLE_DNSSEC_LAME_CHECK = 431, + VAR_IP_RATELIMIT = 432, + VAR_IP_RATELIMIT_SLABS = 433, + VAR_IP_RATELIMIT_SIZE = 434, + VAR_RATELIMIT = 435, + VAR_RATELIMIT_SLABS = 436, + VAR_RATELIMIT_SIZE = 437, + VAR_RATELIMIT_FOR_DOMAIN = 438, + VAR_RATELIMIT_BELOW_DOMAIN = 439, + VAR_IP_RATELIMIT_FACTOR = 440, + VAR_RATELIMIT_FACTOR = 441, + VAR_SEND_CLIENT_SUBNET = 442, + VAR_CLIENT_SUBNET_ZONE = 443, + VAR_CLIENT_SUBNET_ALWAYS_FORWARD = 444, + VAR_CLIENT_SUBNET_OPCODE = 445, + VAR_MAX_CLIENT_SUBNET_IPV4 = 446, + VAR_MAX_CLIENT_SUBNET_IPV6 = 447, + VAR_MIN_CLIENT_SUBNET_IPV4 = 448, + VAR_MIN_CLIENT_SUBNET_IPV6 = 449, + VAR_MAX_ECS_TREE_SIZE_IPV4 = 450, + VAR_MAX_ECS_TREE_SIZE_IPV6 = 451, + VAR_CAPS_WHITELIST = 452, + VAR_CACHE_MAX_NEGATIVE_TTL = 453, + VAR_PERMIT_SMALL_HOLDDOWN = 454, + VAR_QNAME_MINIMISATION = 455, + VAR_QNAME_MINIMISATION_STRICT = 456, + VAR_IP_FREEBIND = 457, + VAR_DEFINE_TAG = 458, + VAR_LOCAL_ZONE_TAG = 459, + VAR_ACCESS_CONTROL_TAG = 460, + VAR_LOCAL_ZONE_OVERRIDE = 461, + VAR_ACCESS_CONTROL_TAG_ACTION = 462, + VAR_ACCESS_CONTROL_TAG_DATA = 463, + VAR_VIEW = 464, + VAR_ACCESS_CONTROL_VIEW = 465, + VAR_VIEW_FIRST = 466, + VAR_SERVE_EXPIRED = 467, + VAR_SERVE_EXPIRED_TTL = 468, + VAR_SERVE_EXPIRED_TTL_RESET = 469, + VAR_SERVE_EXPIRED_REPLY_TTL = 470, + VAR_SERVE_EXPIRED_CLIENT_TIMEOUT = 471, + VAR_FAKE_DSA = 472, + VAR_FAKE_SHA1 = 473, + VAR_LOG_IDENTITY = 474, + VAR_HIDE_TRUSTANCHOR = 475, + VAR_TRUST_ANCHOR_SIGNALING = 476, + VAR_AGGRESSIVE_NSEC = 477, + VAR_USE_SYSTEMD = 478, + VAR_SHM_ENABLE = 479, + VAR_SHM_KEY = 480, + VAR_ROOT_KEY_SENTINEL = 481, + VAR_DNSCRYPT = 482, + VAR_DNSCRYPT_ENABLE = 483, + VAR_DNSCRYPT_PORT = 484, + VAR_DNSCRYPT_PROVIDER = 485, + VAR_DNSCRYPT_SECRET_KEY = 486, + VAR_DNSCRYPT_PROVIDER_CERT = 487, + VAR_DNSCRYPT_PROVIDER_CERT_ROTATED = 488, + VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE = 489, + VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS = 490, + VAR_DNSCRYPT_NONCE_CACHE_SIZE = 491, + VAR_DNSCRYPT_NONCE_CACHE_SLABS = 492, + VAR_IPSECMOD_ENABLED = 493, + VAR_IPSECMOD_HOOK = 494, + VAR_IPSECMOD_IGNORE_BOGUS = 495, + VAR_IPSECMOD_MAX_TTL = 496, + VAR_IPSECMOD_WHITELIST = 497, + VAR_IPSECMOD_STRICT = 498, + VAR_CACHEDB = 499, + VAR_CACHEDB_BACKEND = 500, + VAR_CACHEDB_SECRETSEED = 501, + VAR_CACHEDB_REDISHOST = 502, + VAR_CACHEDB_REDISPORT = 503, + VAR_CACHEDB_REDISTIMEOUT = 504, + VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM = 505, + VAR_FOR_UPSTREAM = 506, + VAR_AUTH_ZONE = 507, + VAR_ZONEFILE = 508, + VAR_MASTER = 509, + VAR_URL = 510, + VAR_FOR_DOWNSTREAM = 511, + VAR_FALLBACK_ENABLED = 512, + VAR_TLS_ADDITIONAL_PORT = 513, + VAR_LOW_RTT = 514, + VAR_LOW_RTT_PERMIL = 515, + VAR_FAST_SERVER_PERMIL = 516, + VAR_FAST_SERVER_NUM = 517, + VAR_ALLOW_NOTIFY = 518, + VAR_TLS_WIN_CERT = 519, + VAR_TCP_CONNECTION_LIMIT = 520, + VAR_FORWARD_NO_CACHE = 521, + VAR_STUB_NO_CACHE = 522, + VAR_LOG_SERVFAIL = 523, + VAR_DENY_ANY = 524, + VAR_UNKNOWN_SERVER_TIME_LIMIT = 525, + VAR_LOG_TAG_QUERYREPLY = 526, + VAR_STREAM_WAIT_SIZE = 527, + VAR_TLS_CIPHERS = 528, + VAR_TLS_CIPHERSUITES = 529, + VAR_IPSET = 530, + VAR_IPSET_NAME_V4 = 531, + VAR_IPSET_NAME_V6 = 532, + VAR_TLS_SESSION_TICKET_KEYS = 533, + VAR_RPZ = 534, + VAR_TAGS = 535, + VAR_RPZ_ACTION_OVERRIDE = 536, + VAR_RPZ_CNAME_OVERRIDE = 537, + VAR_RPZ_LOG = 538, + VAR_RPZ_LOG_NAME = 539 }; #endif /* Tokens. */ @@ -565,130 +571,136 @@ extern int yydebug; #define VAR_DNSTAP 407 #define VAR_DNSTAP_ENABLE 408 #define VAR_DNSTAP_SOCKET_PATH 409 -#define VAR_DNSTAP_SEND_IDENTITY 410 -#define VAR_DNSTAP_SEND_VERSION 411 -#define VAR_DNSTAP_IDENTITY 412 -#define VAR_DNSTAP_VERSION 413 -#define VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 414 -#define VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 415 -#define VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 416 -#define VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 417 -#define VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 418 -#define VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 419 -#define VAR_RESPONSE_IP_TAG 420 -#define VAR_RESPONSE_IP 421 -#define VAR_RESPONSE_IP_DATA 422 -#define VAR_HARDEN_ALGO_DOWNGRADE 423 -#define VAR_IP_TRANSPARENT 424 -#define VAR_DISABLE_DNSSEC_LAME_CHECK 425 -#define VAR_IP_RATELIMIT 426 -#define VAR_IP_RATELIMIT_SLABS 427 -#define VAR_IP_RATELIMIT_SIZE 428 -#define VAR_RATELIMIT 429 -#define VAR_RATELIMIT_SLABS 430 -#define VAR_RATELIMIT_SIZE 431 -#define VAR_RATELIMIT_FOR_DOMAIN 432 -#define VAR_RATELIMIT_BELOW_DOMAIN 433 -#define VAR_IP_RATELIMIT_FACTOR 434 -#define VAR_RATELIMIT_FACTOR 435 -#define VAR_SEND_CLIENT_SUBNET 436 -#define VAR_CLIENT_SUBNET_ZONE 437 -#define VAR_CLIENT_SUBNET_ALWAYS_FORWARD 438 -#define VAR_CLIENT_SUBNET_OPCODE 439 -#define VAR_MAX_CLIENT_SUBNET_IPV4 440 -#define VAR_MAX_CLIENT_SUBNET_IPV6 441 -#define VAR_MIN_CLIENT_SUBNET_IPV4 442 -#define VAR_MIN_CLIENT_SUBNET_IPV6 443 -#define VAR_MAX_ECS_TREE_SIZE_IPV4 444 -#define VAR_MAX_ECS_TREE_SIZE_IPV6 445 -#define VAR_CAPS_WHITELIST 446 -#define VAR_CACHE_MAX_NEGATIVE_TTL 447 -#define VAR_PERMIT_SMALL_HOLDDOWN 448 -#define VAR_QNAME_MINIMISATION 449 -#define VAR_QNAME_MINIMISATION_STRICT 450 -#define VAR_IP_FREEBIND 451 -#define VAR_DEFINE_TAG 452 -#define VAR_LOCAL_ZONE_TAG 453 -#define VAR_ACCESS_CONTROL_TAG 454 -#define VAR_LOCAL_ZONE_OVERRIDE 455 -#define VAR_ACCESS_CONTROL_TAG_ACTION 456 -#define VAR_ACCESS_CONTROL_TAG_DATA 457 -#define VAR_VIEW 458 -#define VAR_ACCESS_CONTROL_VIEW 459 -#define VAR_VIEW_FIRST 460 -#define VAR_SERVE_EXPIRED 461 -#define VAR_SERVE_EXPIRED_TTL 462 -#define VAR_SERVE_EXPIRED_TTL_RESET 463 -#define VAR_SERVE_EXPIRED_REPLY_TTL 464 -#define VAR_SERVE_EXPIRED_CLIENT_TIMEOUT 465 -#define VAR_FAKE_DSA 466 -#define VAR_FAKE_SHA1 467 -#define VAR_LOG_IDENTITY 468 -#define VAR_HIDE_TRUSTANCHOR 469 -#define VAR_TRUST_ANCHOR_SIGNALING 470 -#define VAR_AGGRESSIVE_NSEC 471 -#define VAR_USE_SYSTEMD 472 -#define VAR_SHM_ENABLE 473 -#define VAR_SHM_KEY 474 -#define VAR_ROOT_KEY_SENTINEL 475 -#define VAR_DNSCRYPT 476 -#define VAR_DNSCRYPT_ENABLE 477 -#define VAR_DNSCRYPT_PORT 478 -#define VAR_DNSCRYPT_PROVIDER 479 -#define VAR_DNSCRYPT_SECRET_KEY 480 -#define VAR_DNSCRYPT_PROVIDER_CERT 481 -#define VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 482 -#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 483 -#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 484 -#define VAR_DNSCRYPT_NONCE_CACHE_SIZE 485 -#define VAR_DNSCRYPT_NONCE_CACHE_SLABS 486 -#define VAR_IPSECMOD_ENABLED 487 -#define VAR_IPSECMOD_HOOK 488 -#define VAR_IPSECMOD_IGNORE_BOGUS 489 -#define VAR_IPSECMOD_MAX_TTL 490 -#define VAR_IPSECMOD_WHITELIST 491 -#define VAR_IPSECMOD_STRICT 492 -#define VAR_CACHEDB 493 -#define VAR_CACHEDB_BACKEND 494 -#define VAR_CACHEDB_SECRETSEED 495 -#define VAR_CACHEDB_REDISHOST 496 -#define VAR_CACHEDB_REDISPORT 497 -#define VAR_CACHEDB_REDISTIMEOUT 498 -#define VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM 499 -#define VAR_FOR_UPSTREAM 500 -#define VAR_AUTH_ZONE 501 -#define VAR_ZONEFILE 502 -#define VAR_MASTER 503 -#define VAR_URL 504 -#define VAR_FOR_DOWNSTREAM 505 -#define VAR_FALLBACK_ENABLED 506 -#define VAR_TLS_ADDITIONAL_PORT 507 -#define VAR_LOW_RTT 508 -#define VAR_LOW_RTT_PERMIL 509 -#define VAR_FAST_SERVER_PERMIL 510 -#define VAR_FAST_SERVER_NUM 511 -#define VAR_ALLOW_NOTIFY 512 -#define VAR_TLS_WIN_CERT 513 -#define VAR_TCP_CONNECTION_LIMIT 514 -#define VAR_FORWARD_NO_CACHE 515 -#define VAR_STUB_NO_CACHE 516 -#define VAR_LOG_SERVFAIL 517 -#define VAR_DENY_ANY 518 -#define VAR_UNKNOWN_SERVER_TIME_LIMIT 519 -#define VAR_LOG_TAG_QUERYREPLY 520 -#define VAR_STREAM_WAIT_SIZE 521 -#define VAR_TLS_CIPHERS 522 -#define VAR_TLS_CIPHERSUITES 523 -#define VAR_IPSET 524 -#define VAR_IPSET_NAME_V4 525 -#define VAR_IPSET_NAME_V6 526 -#define VAR_TLS_SESSION_TICKET_KEYS 527 -#define VAR_RPZ 528 -#define VAR_TAGS 529 -#define VAR_RPZ_ACTION_OVERRIDE 530 -#define VAR_RPZ_CNAME_OVERRIDE 531 -#define VAR_RPZ_LOG 532 -#define VAR_RPZ_LOG_NAME 533 +#define VAR_DNSTAP_IP 410 +#define VAR_DNSTAP_TLS 411 +#define VAR_DNSTAP_TLS_SERVER_NAME 412 +#define VAR_DNSTAP_TLS_CERT_BUNDLE 413 +#define VAR_DNSTAP_TLS_CLIENT_KEY_FILE 414 +#define VAR_DNSTAP_TLS_CLIENT_CERT_FILE 415 +#define VAR_DNSTAP_SEND_IDENTITY 416 +#define VAR_DNSTAP_SEND_VERSION 417 +#define VAR_DNSTAP_IDENTITY 418 +#define VAR_DNSTAP_VERSION 419 +#define VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 420 +#define VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 421 +#define VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 422 +#define VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 423 +#define VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 424 +#define VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 425 +#define VAR_RESPONSE_IP_TAG 426 +#define VAR_RESPONSE_IP 427 +#define VAR_RESPONSE_IP_DATA 428 +#define VAR_HARDEN_ALGO_DOWNGRADE 429 +#define VAR_IP_TRANSPARENT 430 +#define VAR_DISABLE_DNSSEC_LAME_CHECK 431 +#define VAR_IP_RATELIMIT 432 +#define VAR_IP_RATELIMIT_SLABS 433 +#define VAR_IP_RATELIMIT_SIZE 434 +#define VAR_RATELIMIT 435 +#define VAR_RATELIMIT_SLABS 436 +#define VAR_RATELIMIT_SIZE 437 +#define VAR_RATELIMIT_FOR_DOMAIN 438 +#define VAR_RATELIMIT_BELOW_DOMAIN 439 +#define VAR_IP_RATELIMIT_FACTOR 440 +#define VAR_RATELIMIT_FACTOR 441 +#define VAR_SEND_CLIENT_SUBNET 442 +#define VAR_CLIENT_SUBNET_ZONE 443 +#define VAR_CLIENT_SUBNET_ALWAYS_FORWARD 444 +#define VAR_CLIENT_SUBNET_OPCODE 445 +#define VAR_MAX_CLIENT_SUBNET_IPV4 446 +#define VAR_MAX_CLIENT_SUBNET_IPV6 447 +#define VAR_MIN_CLIENT_SUBNET_IPV4 448 +#define VAR_MIN_CLIENT_SUBNET_IPV6 449 +#define VAR_MAX_ECS_TREE_SIZE_IPV4 450 +#define VAR_MAX_ECS_TREE_SIZE_IPV6 451 +#define VAR_CAPS_WHITELIST 452 +#define VAR_CACHE_MAX_NEGATIVE_TTL 453 +#define VAR_PERMIT_SMALL_HOLDDOWN 454 +#define VAR_QNAME_MINIMISATION 455 +#define VAR_QNAME_MINIMISATION_STRICT 456 +#define VAR_IP_FREEBIND 457 +#define VAR_DEFINE_TAG 458 +#define VAR_LOCAL_ZONE_TAG 459 +#define VAR_ACCESS_CONTROL_TAG 460 +#define VAR_LOCAL_ZONE_OVERRIDE 461 +#define VAR_ACCESS_CONTROL_TAG_ACTION 462 +#define VAR_ACCESS_CONTROL_TAG_DATA 463 +#define VAR_VIEW 464 +#define VAR_ACCESS_CONTROL_VIEW 465 +#define VAR_VIEW_FIRST 466 +#define VAR_SERVE_EXPIRED 467 +#define VAR_SERVE_EXPIRED_TTL 468 +#define VAR_SERVE_EXPIRED_TTL_RESET 469 +#define VAR_SERVE_EXPIRED_REPLY_TTL 470 +#define VAR_SERVE_EXPIRED_CLIENT_TIMEOUT 471 +#define VAR_FAKE_DSA 472 +#define VAR_FAKE_SHA1 473 +#define VAR_LOG_IDENTITY 474 +#define VAR_HIDE_TRUSTANCHOR 475 +#define VAR_TRUST_ANCHOR_SIGNALING 476 +#define VAR_AGGRESSIVE_NSEC 477 +#define VAR_USE_SYSTEMD 478 +#define VAR_SHM_ENABLE 479 +#define VAR_SHM_KEY 480 +#define VAR_ROOT_KEY_SENTINEL 481 +#define VAR_DNSCRYPT 482 +#define VAR_DNSCRYPT_ENABLE 483 +#define VAR_DNSCRYPT_PORT 484 +#define VAR_DNSCRYPT_PROVIDER 485 +#define VAR_DNSCRYPT_SECRET_KEY 486 +#define VAR_DNSCRYPT_PROVIDER_CERT 487 +#define VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 488 +#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 489 +#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 490 +#define VAR_DNSCRYPT_NONCE_CACHE_SIZE 491 +#define VAR_DNSCRYPT_NONCE_CACHE_SLABS 492 +#define VAR_IPSECMOD_ENABLED 493 +#define VAR_IPSECMOD_HOOK 494 +#define VAR_IPSECMOD_IGNORE_BOGUS 495 +#define VAR_IPSECMOD_MAX_TTL 496 +#define VAR_IPSECMOD_WHITELIST 497 +#define VAR_IPSECMOD_STRICT 498 +#define VAR_CACHEDB 499 +#define VAR_CACHEDB_BACKEND 500 +#define VAR_CACHEDB_SECRETSEED 501 +#define VAR_CACHEDB_REDISHOST 502 +#define VAR_CACHEDB_REDISPORT 503 +#define VAR_CACHEDB_REDISTIMEOUT 504 +#define VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM 505 +#define VAR_FOR_UPSTREAM 506 +#define VAR_AUTH_ZONE 507 +#define VAR_ZONEFILE 508 +#define VAR_MASTER 509 +#define VAR_URL 510 +#define VAR_FOR_DOWNSTREAM 511 +#define VAR_FALLBACK_ENABLED 512 +#define VAR_TLS_ADDITIONAL_PORT 513 +#define VAR_LOW_RTT 514 +#define VAR_LOW_RTT_PERMIL 515 +#define VAR_FAST_SERVER_PERMIL 516 +#define VAR_FAST_SERVER_NUM 517 +#define VAR_ALLOW_NOTIFY 518 +#define VAR_TLS_WIN_CERT 519 +#define VAR_TCP_CONNECTION_LIMIT 520 +#define VAR_FORWARD_NO_CACHE 521 +#define VAR_STUB_NO_CACHE 522 +#define VAR_LOG_SERVFAIL 523 +#define VAR_DENY_ANY 524 +#define VAR_UNKNOWN_SERVER_TIME_LIMIT 525 +#define VAR_LOG_TAG_QUERYREPLY 526 +#define VAR_STREAM_WAIT_SIZE 527 +#define VAR_TLS_CIPHERS 528 +#define VAR_TLS_CIPHERSUITES 529 +#define VAR_IPSET 530 +#define VAR_IPSET_NAME_V4 531 +#define VAR_IPSET_NAME_V6 532 +#define VAR_TLS_SESSION_TICKET_KEYS 533 +#define VAR_RPZ 534 +#define VAR_TAGS 535 +#define VAR_RPZ_ACTION_OVERRIDE 536 +#define VAR_RPZ_CNAME_OVERRIDE 537 +#define VAR_RPZ_LOG 538 +#define VAR_RPZ_LOG_NAME 539 /* Value type. */ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED @@ -698,7 +710,7 @@ union YYSTYPE char* str; -#line 702 "util/configparser.c" +#line 714 "util/configparser.c" }; typedef union YYSTYPE YYSTYPE; @@ -948,19 +960,19 @@ union yyalloc /* YYFINAL -- State number of the termination state. */ #define YYFINAL 2 /* YYLAST -- Last index in YYTABLE. */ -#define YYLAST 592 +#define YYLAST 604 /* YYNTOKENS -- Number of terminals. */ -#define YYNTOKENS 279 +#define YYNTOKENS 285 /* YYNNTS -- Number of nonterminals. */ -#define YYNNTS 302 +#define YYNNTS 308 /* YYNRULES -- Number of rules. */ -#define YYNRULES 582 +#define YYNRULES 594 /* YYNSTATES -- Number of states. */ -#define YYNSTATES 866 +#define YYNSTATES 884 #define YYUNDEFTOK 2 -#define YYMAXUTOK 533 +#define YYMAXUTOK 539 /* YYTRANSLATE(TOKEN-NUM) -- Symbol number corresponding to TOKEN-NUM as returned by yylex, with out-of-bounds checking. */ @@ -1024,72 +1036,73 @@ static const yytype_uint16 yytranslate[] = 245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255, 256, 257, 258, 259, 260, 261, 262, 263, 264, 265, 266, 267, 268, 269, 270, 271, 272, 273, 274, - 275, 276, 277, 278 + 275, 276, 277, 278, 279, 280, 281, 282, 283, 284 }; #if YYDEBUG /* YYRLINE[YYN] -- Source line where rule number YYN was defined. */ static const yytype_uint16 yyrline[] = { - 0, 175, 175, 175, 176, 176, 177, 177, 178, 178, - 178, 179, 179, 180, 180, 181, 185, 190, 191, 192, - 192, 192, 193, 193, 194, 194, 194, 195, 195, 196, - 196, 196, 197, 197, 198, 198, 198, 199, 199, 199, - 200, 200, 201, 201, 202, 202, 203, 203, 204, 204, - 205, 205, 206, 206, 207, 207, 208, 208, 208, 209, - 209, 209, 210, 210, 210, 211, 211, 212, 212, 213, - 213, 214, 214, 215, 215, 215, 216, 216, 217, 217, - 218, 218, 218, 219, 219, 220, 220, 221, 221, 222, - 222, 222, 223, 223, 224, 224, 225, 225, 226, 226, - 227, 227, 228, 228, 228, 229, 229, 230, 230, 230, - 231, 231, 231, 232, 232, 232, 233, 233, 233, 233, - 234, 235, 235, 235, 236, 236, 236, 237, 237, 238, - 238, 239, 239, 239, 240, 240, 241, 241, 241, 242, - 242, 243, 243, 244, 245, 245, 246, 246, 247, 247, - 248, 249, 249, 250, 250, 251, 251, 252, 252, 253, - 253, 254, 254, 254, 255, 255, 256, 256, 257, 257, - 258, 258, 259, 259, 260, 260, 261, 261, 261, 262, - 262, 262, 263, 263, 263, 264, 264, 265, 266, 266, - 267, 267, 268, 268, 269, 269, 270, 270, 270, 271, - 271, 271, 272, 272, 272, 273, 273, 274, 274, 275, - 275, 277, 289, 290, 291, 291, 291, 291, 291, 292, - 292, 294, 306, 307, 308, 308, 308, 308, 309, 309, - 311, 325, 326, 327, 327, 327, 327, 328, 328, 328, - 330, 347, 348, 349, 349, 349, 349, 350, 350, 350, - 351, 354, 373, 390, 398, 408, 416, 433, 434, 435, - 435, 435, 435, 435, 436, 436, 436, 437, 437, 439, - 448, 457, 468, 477, 486, 495, 506, 515, 527, 541, - 556, 567, 584, 601, 618, 635, 650, 665, 678, 693, - 702, 711, 720, 729, 738, 747, 756, 765, 774, 783, - 792, 801, 810, 819, 832, 841, 854, 863, 872, 881, - 888, 895, 904, 911, 920, 928, 935, 942, 950, 959, - 968, 982, 991, 1000, 1009, 1018, 1027, 1036, 1043, 1050, - 1076, 1084, 1091, 1098, 1105, 1112, 1120, 1128, 1136, 1143, - 1154, 1165, 1172, 1181, 1190, 1199, 1206, 1213, 1221, 1229, - 1239, 1249, 1259, 1267, 1280, 1291, 1299, 1312, 1321, 1330, - 1339, 1349, 1359, 1367, 1380, 1389, 1397, 1406, 1414, 1427, - 1436, 1443, 1453, 1463, 1473, 1483, 1493, 1503, 1513, 1523, - 1530, 1537, 1544, 1553, 1562, 1571, 1580, 1587, 1597, 1617, - 1624, 1642, 1655, 1668, 1677, 1686, 1695, 1704, 1714, 1724, - 1735, 1744, 1753, 1762, 1771, 1780, 1789, 1802, 1815, 1824, - 1831, 1840, 1849, 1858, 1867, 1875, 1888, 1896, 1937, 1944, - 1959, 1969, 1979, 1986, 1993, 2000, 2009, 2017, 2031, 2052, - 2073, 2085, 2097, 2109, 2118, 2139, 2149, 2158, 2166, 2174, - 2187, 2200, 2215, 2230, 2239, 2248, 2254, 2263, 2272, 2282, - 2292, 2305, 2318, 2330, 2344, 2356, 2370, 2380, 2387, 2394, - 2403, 2412, 2422, 2432, 2442, 2449, 2456, 2465, 2474, 2484, - 2494, 2501, 2508, 2515, 2523, 2533, 2543, 2553, 2563, 2602, - 2612, 2620, 2628, 2643, 2652, 2657, 2658, 2659, 2659, 2659, - 2660, 2660, 2660, 2661, 2661, 2663, 2673, 2682, 2689, 2696, - 2703, 2710, 2717, 2724, 2729, 2730, 2731, 2731, 2732, 2732, - 2733, 2733, 2734, 2735, 2736, 2737, 2738, 2739, 2741, 2750, - 2757, 2766, 2775, 2782, 2789, 2799, 2809, 2819, 2829, 2839, - 2849, 2854, 2855, 2856, 2858, 2864, 2874, 2881, 2890, 2898, - 2903, 2904, 2906, 2906, 2906, 2907, 2907, 2908, 2909, 2910, - 2911, 2912, 2914, 2924, 2933, 2940, 2949, 2956, 2965, 2973, - 2986, 2994, 3007, 3012, 3013, 3014, 3014, 3015, 3015, 3015, - 3017, 3029, 3041, 3053, 3068, 3081, 3092, 3097, 3098, 3099, - 3099, 3101, 3116 + 0, 177, 177, 177, 178, 178, 179, 179, 180, 180, + 180, 181, 181, 182, 182, 183, 187, 192, 193, 194, + 194, 194, 195, 195, 196, 196, 196, 197, 197, 198, + 198, 198, 199, 199, 200, 200, 200, 201, 201, 201, + 202, 202, 203, 203, 204, 204, 205, 205, 206, 206, + 207, 207, 208, 208, 209, 209, 210, 210, 210, 211, + 211, 211, 212, 212, 212, 213, 213, 214, 214, 215, + 215, 216, 216, 217, 217, 217, 218, 218, 219, 219, + 220, 220, 220, 221, 221, 222, 222, 223, 223, 224, + 224, 224, 225, 225, 226, 226, 227, 227, 228, 228, + 229, 229, 230, 230, 230, 231, 231, 232, 232, 232, + 233, 233, 233, 234, 234, 234, 235, 235, 235, 235, + 236, 237, 237, 237, 238, 238, 238, 239, 239, 240, + 240, 241, 241, 241, 242, 242, 243, 243, 243, 244, + 244, 245, 245, 246, 247, 247, 248, 248, 249, 249, + 250, 251, 251, 252, 252, 253, 253, 254, 254, 255, + 255, 256, 256, 256, 257, 257, 258, 258, 259, 259, + 260, 260, 261, 261, 262, 262, 263, 263, 263, 264, + 264, 264, 265, 265, 265, 266, 266, 267, 268, 268, + 269, 269, 270, 270, 271, 271, 272, 272, 272, 273, + 273, 273, 274, 274, 274, 275, 275, 276, 276, 277, + 277, 279, 291, 292, 293, 293, 293, 293, 293, 294, + 294, 296, 308, 309, 310, 310, 310, 310, 311, 311, + 313, 327, 328, 329, 329, 329, 329, 330, 330, 330, + 332, 349, 350, 351, 351, 351, 351, 352, 352, 352, + 353, 356, 375, 392, 400, 410, 418, 435, 436, 437, + 437, 437, 437, 437, 438, 438, 438, 439, 439, 441, + 450, 459, 470, 479, 488, 497, 508, 517, 529, 543, + 558, 569, 586, 603, 620, 637, 652, 667, 680, 695, + 704, 713, 722, 731, 740, 749, 758, 767, 776, 785, + 794, 803, 812, 821, 834, 843, 856, 865, 874, 883, + 890, 897, 906, 913, 922, 930, 937, 944, 952, 961, + 970, 984, 993, 1002, 1011, 1020, 1029, 1038, 1045, 1052, + 1078, 1086, 1093, 1100, 1107, 1114, 1122, 1130, 1138, 1145, + 1156, 1167, 1174, 1183, 1192, 1201, 1208, 1215, 1223, 1231, + 1241, 1251, 1261, 1269, 1282, 1293, 1301, 1314, 1323, 1332, + 1341, 1351, 1361, 1369, 1382, 1391, 1399, 1408, 1416, 1429, + 1438, 1445, 1455, 1465, 1475, 1485, 1495, 1505, 1515, 1525, + 1532, 1539, 1546, 1555, 1564, 1573, 1582, 1589, 1599, 1619, + 1626, 1644, 1657, 1670, 1679, 1688, 1697, 1706, 1716, 1726, + 1737, 1746, 1755, 1764, 1773, 1782, 1791, 1804, 1817, 1826, + 1833, 1842, 1851, 1860, 1869, 1877, 1890, 1898, 1939, 1946, + 1961, 1971, 1981, 1988, 1995, 2002, 2011, 2019, 2033, 2054, + 2075, 2087, 2099, 2111, 2120, 2141, 2151, 2160, 2168, 2176, + 2189, 2202, 2217, 2232, 2241, 2250, 2256, 2265, 2274, 2284, + 2294, 2307, 2320, 2332, 2346, 2358, 2372, 2382, 2389, 2396, + 2405, 2414, 2424, 2434, 2444, 2451, 2458, 2467, 2476, 2486, + 2496, 2503, 2510, 2517, 2525, 2535, 2545, 2555, 2565, 2604, + 2614, 2622, 2630, 2645, 2654, 2659, 2660, 2661, 2661, 2661, + 2662, 2662, 2662, 2663, 2663, 2665, 2675, 2684, 2691, 2698, + 2705, 2712, 2719, 2726, 2731, 2732, 2733, 2733, 2734, 2734, + 2734, 2735, 2736, 2736, 2737, 2737, 2738, 2738, 2739, 2740, + 2741, 2742, 2743, 2744, 2746, 2755, 2762, 2769, 2778, 2785, + 2792, 2799, 2806, 2815, 2824, 2831, 2838, 2848, 2858, 2868, + 2878, 2888, 2898, 2903, 2904, 2905, 2907, 2913, 2923, 2930, + 2939, 2947, 2952, 2953, 2955, 2955, 2955, 2956, 2956, 2957, + 2958, 2959, 2960, 2961, 2963, 2973, 2982, 2989, 2998, 3005, + 3014, 3022, 3035, 3043, 3056, 3061, 3062, 3063, 3063, 3064, + 3064, 3064, 3066, 3078, 3090, 3102, 3117, 3130, 3141, 3146, + 3147, 3148, 3148, 3150, 3165 }; #endif @@ -1147,8 +1160,11 @@ static const char *const yytname[] = "VAR_DELAY_CLOSE", "VAR_UNBLOCK_LAN_ZONES", "VAR_INSECURE_LAN_ZONES", "VAR_INFRA_CACHE_MIN_RTT", "VAR_DNS64_PREFIX", "VAR_DNS64_SYNTHALL", "VAR_DNS64_IGNORE_AAAA", "VAR_DNSTAP", "VAR_DNSTAP_ENABLE", - "VAR_DNSTAP_SOCKET_PATH", "VAR_DNSTAP_SEND_IDENTITY", - "VAR_DNSTAP_SEND_VERSION", "VAR_DNSTAP_IDENTITY", "VAR_DNSTAP_VERSION", + "VAR_DNSTAP_SOCKET_PATH", "VAR_DNSTAP_IP", "VAR_DNSTAP_TLS", + "VAR_DNSTAP_TLS_SERVER_NAME", "VAR_DNSTAP_TLS_CERT_BUNDLE", + "VAR_DNSTAP_TLS_CLIENT_KEY_FILE", "VAR_DNSTAP_TLS_CLIENT_CERT_FILE", + "VAR_DNSTAP_SEND_IDENTITY", "VAR_DNSTAP_SEND_VERSION", + "VAR_DNSTAP_IDENTITY", "VAR_DNSTAP_VERSION", "VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES", "VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES", "VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES", @@ -1300,8 +1316,11 @@ static const char *const yytname[] = "rc_control_interface", "rc_control_use_cert", "rc_server_key_file", "rc_server_cert_file", "rc_control_key_file", "rc_control_cert_file", "dtstart", "contents_dt", "content_dt", "dt_dnstap_enable", - "dt_dnstap_socket_path", "dt_dnstap_send_identity", - "dt_dnstap_send_version", "dt_dnstap_identity", "dt_dnstap_version", + "dt_dnstap_socket_path", "dt_dnstap_ip", "dt_dnstap_tls", + "dt_dnstap_tls_server_name", "dt_dnstap_tls_cert_bundle", + "dt_dnstap_tls_client_key_file", "dt_dnstap_tls_client_cert_file", + "dt_dnstap_send_identity", "dt_dnstap_send_version", + "dt_dnstap_identity", "dt_dnstap_version", "dt_dnstap_log_resolver_query_messages", "dt_dnstap_log_resolver_response_messages", "dt_dnstap_log_client_query_messages", @@ -1357,14 +1376,15 @@ static const yytype_uint16 yytoknum[] = 495, 496, 497, 498, 499, 500, 501, 502, 503, 504, 505, 506, 507, 508, 509, 510, 511, 512, 513, 514, 515, 516, 517, 518, 519, 520, 521, 522, 523, 524, - 525, 526, 527, 528, 529, 530, 531, 532, 533 + 525, 526, 527, 528, 529, 530, 531, 532, 533, 534, + 535, 536, 537, 538, 539 }; # endif -#define YYPACT_NINF -263 +#define YYPACT_NINF -269 #define yypact_value_is_default(Yystate) \ - (!!((Yystate) == (-263))) + (!!((Yystate) == (-269))) #define YYTABLE_NINF -1 @@ -1375,93 +1395,95 @@ static const yytype_uint16 yytoknum[] = STATE-NUM. */ static const yytype_int16 yypact[] = { - -263, 0, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, 262, -42, - -37, -41, -21, -43, -30, -129, -106, -170, -222, -262, - 2, 3, 4, 12, 26, 27, 28, 31, 32, 33, - 34, 36, 37, 38, 39, 40, 52, 53, 64, 65, - 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, - 76, 77, 78, 79, 80, 81, 82, 83, 84, 87, - 88, 91, 93, 94, 95, 96, 97, 98, 99, 100, - 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, - 112, 113, 114, 117, 118, 119, 120, 121, 122, 123, - 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, - 134, 135, 136, 137, 138, 139, 140, 141, 143, 144, - 145, 146, 147, 148, 149, 150, 151, 152, 153, 155, - 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, - 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, - 176, 177, 178, 179, 180, 181, 182, 183, 184, 185, - 186, 187, 188, 189, 190, 191, 192, 197, 198, 199, - 200, 201, 202, 203, 205, 206, 207, 208, 210, 212, - 215, 227, 229, 230, 231, 232, 233, 234, 235, 237, - 238, 239, 240, 241, 242, 243, 244, 245, 246, 247, - 248, 249, 250, 251, 252, 253, 254, 255, 256, 257, - 258, 260, 261, 296, 297, 298, 299, 303, 304, 305, - 347, 348, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, 349, 350, 351, 352, 353, - 354, 355, -263, -263, -263, -263, -263, -263, -263, -263, - 359, 363, 364, 389, 390, 391, -263, -263, -263, -263, - -263, -263, -263, 393, 404, 405, 406, 407, 408, 409, - -263, -263, -263, -263, -263, -263, -263, -263, 410, 411, - 412, 413, 414, 415, 416, 455, -263, -263, -263, -263, - -263, -263, -263, -263, -263, 457, 473, 474, 475, 476, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, 477, 478, 479, 480, 481, 482, 483, 490, -263, - -263, -263, -263, -263, -263, -263, -263, -263, 491, 492, - 493, 494, 495, 497, 498, 499, 500, 501, 502, 503, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, 506, -263, -263, 509, 512, 513, 521, - 522, 523, 525, 526, 527, 528, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, 529, 530, 531, - 532, 533, -263, -263, -263, -263, -263, -263, 534, 535, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, 536, 537, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - 538, 539, 540, -263, -263, -263, -263, -263, -263, -263, - -263, -263, 541, 542, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, 543, 544, 545, 546, 547, 548, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, 549, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, 550, - -263, -263, 551, 552, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, 553, 554, 555, -263, -263, - -263, -263, -263, -263, -263, -263 + -269, 0, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, 268, -42, + -37, -41, -21, -43, -44, -87, -106, -204, -228, -268, + 2, 3, 4, 12, 24, 25, 26, 27, 28, 31, + 32, 33, 34, 36, 37, 38, 39, 40, 50, 51, + 52, 53, 74, 75, 76, 77, 78, 79, 80, 81, + 82, 83, 84, 87, 88, 91, 93, 94, 95, 96, + 97, 98, 99, 100, 102, 103, 104, 105, 106, 107, + 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, + 118, 119, 120, 123, 124, 125, 126, 127, 128, 129, + 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, + 140, 141, 143, 144, 145, 146, 147, 148, 149, 150, + 151, 152, 153, 154, 155, 156, 157, 158, 159, 161, + 162, 163, 164, 165, 166, 167, 168, 169, 170, 171, + 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, + 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, + 192, 193, 194, 195, 196, 197, 198, 203, 204, 205, + 206, 207, 208, 209, 211, 212, 213, 214, 216, 218, + 221, 233, 235, 236, 237, 238, 239, 240, 241, 243, + 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, + 254, 255, 256, 257, 258, 259, 260, 261, 262, 263, + 264, 266, 267, 302, 303, 304, 305, 309, 310, 311, + 353, 354, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, 355, 356, 357, 358, 359, + 360, 361, -269, -269, -269, -269, -269, -269, -269, -269, + 365, 369, 370, 395, 396, 397, -269, -269, -269, -269, + -269, -269, -269, 399, 410, 411, 412, 413, 414, 415, + -269, -269, -269, -269, -269, -269, -269, -269, 416, 417, + 418, 419, 420, 421, 422, 423, -269, -269, -269, -269, + -269, -269, -269, -269, -269, 424, 425, 426, 427, 428, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, 467, 469, 485, 486, 487, 488, 489, 490, -269, + -269, -269, -269, -269, -269, -269, -269, -269, 491, 492, + 493, 494, 495, 502, 503, 504, 505, 506, 507, 509, + 510, 511, 512, 513, 514, 515, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, 518, -269, -269, 521, 524, + 525, 533, 534, 535, 537, 538, 539, 540, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, 541, + 542, 543, 544, 545, -269, -269, -269, -269, -269, -269, + 546, 547, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, 548, 549, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, 550, 551, 552, -269, -269, -269, -269, -269, + -269, -269, -269, -269, 553, 554, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, 555, 556, 557, 558, 559, + 560, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, 561, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, 562, -269, -269, 563, 564, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, 565, 566, 567, -269, -269, -269, -269, + -269, -269, -269, -269 }; /* YYDEFACT[STATE-NUM] -- Default reduction number in state STATE-NUM. @@ -1469,9 +1491,9 @@ static const yytype_int16 yypact[] = means the default is an error. */ static const yytype_uint16 yydefact[] = { - 2, 0, 1, 16, 211, 221, 484, 530, 503, 230, - 539, 562, 240, 576, 256, 3, 18, 213, 223, 232, - 242, 258, 486, 505, 532, 541, 564, 578, 4, 5, + 2, 0, 1, 16, 211, 221, 484, 542, 503, 230, + 551, 574, 240, 588, 256, 3, 18, 213, 223, 232, + 242, 258, 486, 505, 544, 553, 576, 590, 4, 5, 6, 10, 14, 15, 8, 9, 7, 11, 12, 13, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, @@ -1522,76 +1544,78 @@ static const yytype_uint16 yydefact[] = 264, 0, 0, 0, 0, 0, 0, 0, 0, 485, 487, 489, 488, 494, 490, 491, 492, 493, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 504, 506, 507, 508, 509, 510, 511, 512, 513, 514, - 515, 516, 517, 0, 531, 533, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 540, 542, 543, 544, - 546, 547, 545, 548, 549, 550, 551, 0, 0, 0, - 0, 0, 563, 565, 566, 567, 568, 569, 0, 0, - 577, 579, 580, 270, 269, 276, 289, 287, 299, 295, - 296, 300, 297, 298, 301, 302, 303, 304, 305, 327, - 328, 329, 330, 331, 355, 356, 357, 362, 363, 292, - 364, 365, 368, 366, 367, 370, 371, 372, 386, 342, - 343, 345, 346, 373, 389, 336, 338, 390, 396, 397, - 398, 293, 354, 414, 415, 337, 409, 320, 288, 332, - 387, 393, 374, 0, 0, 418, 294, 271, 319, 378, - 272, 290, 291, 333, 334, 416, 376, 380, 381, 273, - 419, 358, 385, 321, 341, 391, 392, 395, 408, 335, - 412, 410, 411, 347, 353, 382, 383, 348, 349, 375, - 400, 322, 323, 326, 306, 308, 309, 310, 311, 312, - 420, 421, 423, 359, 360, 361, 369, 424, 425, 426, - 0, 0, 0, 377, 350, 535, 435, 439, 437, 436, - 440, 438, 0, 0, 443, 444, 277, 278, 279, 280, - 281, 282, 283, 284, 285, 286, 379, 394, 413, 448, - 449, 351, 427, 0, 0, 0, 0, 0, 0, 401, - 402, 403, 404, 405, 406, 407, 536, 344, 339, 399, - 318, 274, 275, 340, 450, 452, 451, 453, 454, 455, - 307, 314, 445, 447, 446, 313, 0, 325, 384, 422, - 324, 352, 315, 316, 317, 456, 457, 458, 462, 461, - 459, 460, 463, 464, 465, 466, 468, 467, 477, 0, - 481, 482, 0, 0, 483, 469, 475, 470, 471, 472, - 474, 476, 473, 251, 252, 253, 254, 255, 495, 497, - 496, 499, 500, 501, 502, 498, 518, 519, 520, 521, - 522, 523, 524, 525, 526, 527, 528, 529, 534, 552, - 553, 554, 557, 555, 556, 558, 559, 560, 561, 570, - 571, 572, 573, 574, 581, 582, 388, 417, 434, 537, - 538, 441, 442, 428, 429, 0, 0, 0, 433, 575, - 478, 479, 480, 432, 430, 431 + 0, 0, 0, 0, 0, 0, 504, 506, 507, 508, + 509, 510, 511, 512, 513, 514, 515, 516, 517, 518, + 519, 520, 521, 522, 523, 0, 543, 545, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 552, 554, + 555, 556, 558, 559, 557, 560, 561, 562, 563, 0, + 0, 0, 0, 0, 575, 577, 578, 579, 580, 581, + 0, 0, 589, 591, 592, 270, 269, 276, 289, 287, + 299, 295, 296, 300, 297, 298, 301, 302, 303, 304, + 305, 327, 328, 329, 330, 331, 355, 356, 357, 362, + 363, 292, 364, 365, 368, 366, 367, 370, 371, 372, + 386, 342, 343, 345, 346, 373, 389, 336, 338, 390, + 396, 397, 398, 293, 354, 414, 415, 337, 409, 320, + 288, 332, 387, 393, 374, 0, 0, 418, 294, 271, + 319, 378, 272, 290, 291, 333, 334, 416, 376, 380, + 381, 273, 419, 358, 385, 321, 341, 391, 392, 395, + 408, 335, 412, 410, 411, 347, 353, 382, 383, 348, + 349, 375, 400, 322, 323, 326, 306, 308, 309, 310, + 311, 312, 420, 421, 423, 359, 360, 361, 369, 424, + 425, 426, 0, 0, 0, 377, 350, 547, 435, 439, + 437, 436, 440, 438, 0, 0, 443, 444, 277, 278, + 279, 280, 281, 282, 283, 284, 285, 286, 379, 394, + 413, 448, 449, 351, 427, 0, 0, 0, 0, 0, + 0, 401, 402, 403, 404, 405, 406, 407, 548, 344, + 339, 399, 318, 274, 275, 340, 450, 452, 451, 453, + 454, 455, 307, 314, 445, 447, 446, 313, 0, 325, + 384, 422, 324, 352, 315, 316, 317, 456, 457, 458, + 462, 461, 459, 460, 463, 464, 465, 466, 468, 467, + 477, 0, 481, 482, 0, 0, 483, 469, 475, 470, + 471, 472, 474, 476, 473, 251, 252, 253, 254, 255, + 495, 497, 496, 499, 500, 501, 502, 498, 524, 525, + 526, 527, 528, 529, 530, 531, 532, 533, 534, 535, + 536, 537, 538, 539, 540, 541, 546, 564, 565, 566, + 569, 567, 568, 570, 571, 572, 573, 582, 583, 584, + 585, 586, 593, 594, 388, 417, 434, 549, 550, 441, + 442, 428, 429, 0, 0, 0, 433, 587, 478, 479, + 480, 432, 430, 431 }; /* YYPGOTO[NTERM-NUM]. */ static const yytype_int16 yypgoto[] = { - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -23, 556, 557, 558, - 559, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263, -263, -263, -263, -263, -263, -263, -263, -263, - -263, -263 + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -23, 568, 569, 570, + 571, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269, -269, -269, + -269, -269, -269, -269, -269, -269, -269, -269 }; /* YYDEFGOTO[NTERM-NUM]. */ @@ -1622,12 +1646,12 @@ static const yytype_int16 yydefgoto[] = 447, 448, 449, 450, 451, 452, 477, 478, 479, 480, 481, 482, 483, 484, 461, 462, 463, 464, 465, 466, 467, 22, 34, 509, 510, 511, 512, 513, 514, 515, - 516, 517, 23, 35, 530, 531, 532, 533, 534, 535, - 536, 537, 538, 539, 540, 541, 542, 24, 36, 544, - 545, 420, 421, 422, 423, 25, 37, 556, 557, 558, - 559, 560, 561, 562, 563, 564, 565, 566, 26, 38, - 572, 573, 574, 575, 576, 577, 424, 27, 39, 580, - 581, 582 + 516, 517, 23, 35, 536, 537, 538, 539, 540, 541, + 542, 543, 544, 545, 546, 547, 548, 549, 550, 551, + 552, 553, 554, 24, 36, 556, 557, 420, 421, 422, + 423, 25, 37, 568, 569, 570, 571, 572, 573, 574, + 575, 576, 577, 578, 26, 38, 584, 585, 586, 587, + 588, 589, 424, 27, 39, 592, 593, 594 }; /* YYTABLE[YYPACT[STATE-NUM]] -- What to do in state STATE-NUM. If @@ -1635,140 +1659,142 @@ static const yytype_int16 yydefgoto[] = number is the opposite. If YYTABLE_NINF, syntax error. */ static const yytype_uint16 yytable[] = { - 2, 468, 425, 453, 426, 427, 543, 440, 578, 579, - 496, 3, 583, 584, 585, 441, 442, 567, 568, 569, - 570, 571, 586, 468, 518, 519, 520, 521, 522, 523, - 524, 525, 526, 527, 528, 529, 587, 588, 589, 454, - 455, 590, 591, 592, 593, 4, 594, 595, 596, 597, - 598, 5, 546, 547, 548, 549, 550, 551, 552, 553, - 554, 555, 599, 600, 456, 428, 501, 502, 503, 504, - 505, 506, 507, 508, 601, 602, 603, 604, 605, 606, - 607, 608, 609, 610, 611, 612, 613, 614, 615, 616, - 617, 618, 619, 620, 621, 6, 429, 622, 623, 430, - 443, 624, 444, 625, 626, 627, 628, 629, 630, 631, - 632, 7, 633, 634, 635, 636, 637, 638, 639, 640, - 641, 642, 643, 644, 645, 457, 458, 646, 647, 648, - 649, 650, 651, 652, 653, 654, 655, 656, 657, 658, - 659, 660, 661, 662, 663, 664, 665, 666, 667, 668, - 669, 670, 8, 671, 672, 673, 674, 675, 676, 677, - 678, 679, 680, 681, 459, 682, 683, 684, 685, 686, - 687, 688, 689, 690, 691, 692, 693, 694, 695, 696, - 697, 698, 699, 700, 701, 702, 703, 704, 705, 706, - 707, 708, 709, 710, 711, 712, 713, 714, 715, 716, - 717, 718, 719, 9, 470, 471, 472, 720, 721, 722, - 723, 724, 725, 726, 475, 727, 728, 729, 730, 431, - 731, 10, 732, 445, 469, 733, 470, 471, 472, 473, - 474, 485, 486, 487, 488, 489, 475, 734, 11, 735, - 736, 737, 738, 739, 740, 741, 12, 742, 743, 744, - 745, 746, 747, 748, 749, 750, 751, 752, 753, 754, - 755, 756, 757, 758, 759, 760, 761, 762, 763, 13, - 764, 765, 0, 14, 40, 41, 42, 43, 44, 45, - 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, - 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, - 66, 67, 68, 69, 70, 71, 766, 767, 768, 769, - 72, 73, 74, 770, 771, 772, 75, 76, 77, 78, - 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, - 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, - 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, - 109, 110, 111, 112, 113, 114, 115, 773, 774, 775, - 776, 777, 778, 779, 780, 781, 116, 117, 118, 782, - 119, 120, 121, 783, 784, 122, 123, 124, 125, 126, - 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, - 137, 138, 139, 140, 141, 142, 143, 144, 145, 785, - 786, 787, 146, 788, 147, 148, 149, 150, 151, 152, - 153, 154, 155, 156, 789, 790, 791, 792, 793, 794, - 795, 796, 797, 798, 799, 800, 801, 157, 158, 159, - 160, 161, 162, 163, 164, 165, 166, 167, 168, 169, - 170, 171, 172, 173, 174, 175, 176, 177, 178, 179, - 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, - 190, 191, 192, 193, 194, 802, 195, 803, 196, 197, - 198, 199, 200, 201, 202, 203, 204, 205, 206, 207, - 208, 209, 210, 804, 805, 806, 807, 808, 809, 810, - 811, 812, 813, 814, 211, 212, 213, 214, 215, 216, - 815, 816, 817, 818, 819, 820, 217, 821, 822, 823, - 824, 825, 826, 827, 218, 219, 828, 220, 221, 829, - 222, 223, 830, 831, 224, 225, 226, 227, 228, 229, - 230, 832, 833, 834, 231, 835, 836, 837, 838, 839, - 840, 841, 842, 843, 844, 845, 846, 847, 848, 849, - 850, 851, 852, 853, 854, 855, 856, 857, 858, 859, - 860, 861, 862, 863, 864, 865, 0, 0, 0, 0, + 2, 468, 425, 453, 426, 427, 555, 440, 590, 591, + 496, 3, 595, 596, 597, 441, 442, 579, 580, 581, + 582, 583, 598, 468, 558, 559, 560, 561, 562, 563, + 564, 565, 566, 567, 599, 600, 601, 602, 603, 454, + 455, 604, 605, 606, 607, 4, 608, 609, 610, 611, + 612, 5, 501, 502, 503, 504, 505, 506, 507, 508, + 613, 614, 615, 616, 456, 428, 518, 519, 520, 521, + 522, 523, 524, 525, 526, 527, 528, 529, 530, 531, + 532, 533, 534, 535, 617, 618, 619, 620, 621, 622, + 623, 624, 625, 626, 627, 6, 429, 628, 629, 430, + 443, 630, 444, 631, 632, 633, 634, 635, 636, 637, + 638, 7, 639, 640, 641, 642, 643, 644, 645, 646, + 647, 648, 649, 650, 651, 652, 653, 654, 655, 656, + 657, 457, 458, 658, 659, 660, 661, 662, 663, 664, + 665, 666, 667, 668, 669, 670, 671, 672, 673, 674, + 675, 676, 8, 677, 678, 679, 680, 681, 682, 683, + 684, 685, 686, 687, 688, 689, 690, 691, 692, 693, + 459, 694, 695, 696, 697, 698, 699, 700, 701, 702, + 703, 704, 705, 706, 707, 708, 709, 710, 711, 712, + 713, 714, 715, 716, 717, 718, 719, 720, 721, 722, + 723, 724, 725, 726, 727, 728, 729, 730, 731, 9, + 470, 471, 472, 732, 733, 734, 735, 736, 737, 738, + 475, 739, 740, 741, 742, 431, 743, 10, 744, 445, + 469, 745, 470, 471, 472, 473, 474, 485, 486, 487, + 488, 489, 475, 746, 11, 747, 748, 749, 750, 751, + 752, 753, 12, 754, 755, 756, 757, 758, 759, 760, + 761, 762, 763, 764, 765, 766, 767, 768, 769, 770, + 771, 772, 773, 774, 775, 13, 776, 777, 0, 14, + 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, + 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, + 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, + 70, 71, 778, 779, 780, 781, 72, 73, 74, 782, + 783, 784, 75, 76, 77, 78, 79, 80, 81, 82, + 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, + 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, + 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, + 113, 114, 115, 785, 786, 787, 788, 789, 790, 791, + 792, 793, 116, 117, 118, 794, 119, 120, 121, 795, + 796, 122, 123, 124, 125, 126, 127, 128, 129, 130, + 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, + 141, 142, 143, 144, 145, 797, 798, 799, 146, 800, + 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, + 801, 802, 803, 804, 805, 806, 807, 808, 809, 810, + 811, 812, 813, 814, 815, 816, 817, 818, 819, 157, + 158, 159, 160, 161, 162, 163, 164, 165, 166, 167, + 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, + 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, + 188, 189, 190, 191, 192, 193, 194, 820, 195, 821, + 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, + 206, 207, 208, 209, 210, 822, 823, 824, 825, 826, + 827, 828, 829, 830, 831, 832, 211, 212, 213, 214, + 215, 216, 833, 834, 835, 836, 837, 838, 217, 839, + 840, 841, 842, 843, 844, 845, 218, 219, 846, 220, + 221, 847, 222, 223, 848, 849, 224, 225, 226, 227, + 228, 229, 230, 850, 851, 852, 231, 853, 854, 855, + 856, 857, 858, 859, 860, 861, 862, 863, 864, 865, + 866, 867, 868, 869, 870, 871, 872, 873, 874, 875, + 876, 877, 878, 879, 880, 881, 882, 883, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 497, - 498, 499, 500 + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 497, 498, 499, 500 }; static const yytype_int16 yycheck[] = { - 0, 44, 44, 44, 46, 47, 112, 44, 270, 271, - 33, 11, 10, 10, 10, 52, 53, 239, 240, 241, - 242, 243, 10, 44, 153, 154, 155, 156, 157, 158, - 159, 160, 161, 162, 163, 164, 10, 10, 10, 80, + 0, 44, 44, 44, 46, 47, 112, 44, 276, 277, + 33, 11, 10, 10, 10, 52, 53, 245, 246, 247, + 248, 249, 10, 44, 228, 229, 230, 231, 232, 233, + 234, 235, 236, 237, 10, 10, 10, 10, 10, 80, 81, 10, 10, 10, 10, 45, 10, 10, 10, 10, - 10, 51, 222, 223, 224, 225, 226, 227, 228, 229, - 230, 231, 10, 10, 105, 107, 96, 97, 98, 99, - 100, 101, 102, 103, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 51, 96, 97, 98, 99, 100, 101, 102, 103, + 10, 10, 10, 10, 105, 107, 153, 154, 155, 156, + 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, + 167, 168, 169, 170, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 95, 138, 10, 10, 141, 137, 10, 139, 10, 10, 10, 10, 10, 10, 10, 10, 111, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 166, 167, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 172, 173, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 152, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 205, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 211, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 209, + 253, 254, 255, 10, 10, 10, 10, 10, 10, 10, + 263, 10, 10, 10, 10, 267, 10, 227, 10, 266, + 251, 10, 253, 254, 255, 256, 257, 280, 281, 282, + 283, 284, 263, 10, 244, 10, 10, 10, 10, 10, + 10, 10, 252, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 203, 247, 248, 249, 10, 10, 10, - 10, 10, 10, 10, 257, 10, 10, 10, 10, 261, - 10, 221, 10, 260, 245, 10, 247, 248, 249, 250, - 251, 274, 275, 276, 277, 278, 257, 10, 238, 10, - 10, 10, 10, 10, 10, 10, 246, 10, 10, 10, + 10, 10, 10, 10, 10, 275, 10, 10, -1, 279, + 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, + 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, + 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, + 42, 43, 10, 10, 10, 10, 48, 49, 50, 10, + 10, 10, 54, 55, 56, 57, 58, 59, 60, 61, + 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, + 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, + 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, + 92, 93, 94, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 104, 105, 106, 10, 108, 109, 110, 10, + 10, 113, 114, 115, 116, 117, 118, 119, 120, 121, + 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, + 132, 133, 134, 135, 136, 10, 10, 10, 140, 10, + 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 269, - 10, 10, -1, 273, 12, 13, 14, 15, 16, 17, - 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, - 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, - 38, 39, 40, 41, 42, 43, 10, 10, 10, 10, - 48, 49, 50, 10, 10, 10, 54, 55, 56, 57, - 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, - 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, - 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, - 88, 89, 90, 91, 92, 93, 94, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 104, 105, 106, 10, - 108, 109, 110, 10, 10, 113, 114, 115, 116, 117, - 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, - 128, 129, 130, 131, 132, 133, 134, 135, 136, 10, - 10, 10, 140, 10, 142, 143, 144, 145, 146, 147, - 148, 149, 150, 151, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 165, 166, 167, - 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, - 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, - 188, 189, 190, 191, 192, 193, 194, 195, 196, 197, - 198, 199, 200, 201, 202, 10, 204, 10, 206, 207, - 208, 209, 210, 211, 212, 213, 214, 215, 216, 217, - 218, 219, 220, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 232, 233, 234, 235, 236, 237, - 10, 10, 10, 10, 10, 10, 244, 10, 10, 10, - 10, 10, 10, 10, 252, 253, 10, 255, 256, 10, - 258, 259, 10, 10, 262, 263, 264, 265, 266, 267, - 268, 10, 10, 10, 272, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 171, + 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, + 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, + 192, 193, 194, 195, 196, 197, 198, 199, 200, 201, + 202, 203, 204, 205, 206, 207, 208, 10, 210, 10, + 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, + 222, 223, 224, 225, 226, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 238, 239, 240, 241, + 242, 243, 10, 10, 10, 10, 10, 10, 250, 10, + 10, 10, 10, 10, 10, 10, 258, 259, 10, 261, + 262, 10, 264, 265, 10, 10, 268, 269, 270, 271, + 272, 273, 274, 10, 10, 10, 278, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, -1, -1, -1, -1, + 10, 10, 10, 10, 10, 10, 10, 10, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, 33, - 33, 33, 33 + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, 33, 33, 33, 33 }; /* YYSTOS[STATE-NUM] -- The (internal number of the) accessing symbol of state STATE-NUM. */ static const yytype_uint16 yystos[] = { - 0, 280, 0, 11, 45, 51, 95, 111, 152, 203, - 221, 238, 246, 269, 273, 281, 282, 285, 288, 291, - 294, 302, 520, 531, 546, 554, 567, 576, 283, 286, - 289, 292, 295, 303, 521, 532, 547, 555, 568, 577, + 0, 286, 0, 11, 45, 51, 95, 111, 152, 209, + 227, 244, 252, 275, 279, 287, 288, 291, 294, 297, + 300, 308, 526, 537, 558, 566, 579, 588, 289, 292, + 295, 298, 301, 309, 527, 538, 559, 567, 580, 589, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, @@ -1780,15 +1806,112 @@ static const yytype_uint16 yystos[] = 109, 110, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 140, 142, 143, 144, - 145, 146, 147, 148, 149, 150, 151, 165, 166, 167, - 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, - 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, - 188, 189, 190, 191, 192, 193, 194, 195, 196, 197, - 198, 199, 200, 201, 202, 204, 206, 207, 208, 209, - 210, 211, 212, 213, 214, 215, 216, 217, 218, 219, - 220, 232, 233, 234, 235, 236, 237, 244, 252, 253, - 255, 256, 258, 259, 262, 263, 264, 265, 266, 267, - 268, 272, 284, 305, 306, 307, 308, 309, 310, 311, + 145, 146, 147, 148, 149, 150, 151, 171, 172, 173, + 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, + 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, + 194, 195, 196, 197, 198, 199, 200, 201, 202, 203, + 204, 205, 206, 207, 208, 210, 212, 213, 214, 215, + 216, 217, 218, 219, 220, 221, 222, 223, 224, 225, + 226, 238, 239, 240, 241, 242, 243, 250, 258, 259, + 261, 262, 264, 265, 268, 269, 270, 271, 272, 273, + 274, 278, 290, 311, 312, 313, 314, 315, 316, 317, + 318, 319, 320, 321, 322, 323, 324, 325, 326, 327, + 328, 329, 330, 331, 332, 333, 334, 335, 336, 337, + 338, 339, 340, 341, 342, 343, 344, 345, 346, 347, + 348, 349, 350, 351, 352, 353, 354, 355, 356, 357, + 358, 359, 360, 361, 362, 363, 364, 365, 366, 367, + 368, 369, 370, 371, 372, 373, 374, 375, 376, 377, + 378, 379, 380, 381, 382, 383, 384, 385, 386, 387, + 388, 389, 390, 391, 392, 393, 394, 395, 396, 397, + 398, 399, 400, 401, 402, 403, 404, 405, 406, 407, + 408, 409, 410, 411, 412, 413, 414, 415, 416, 417, + 418, 419, 420, 421, 422, 423, 424, 425, 426, 427, + 428, 429, 430, 431, 432, 433, 434, 435, 436, 437, + 438, 439, 440, 441, 442, 443, 444, 445, 446, 447, + 448, 449, 450, 451, 452, 453, 454, 455, 456, 457, + 458, 459, 460, 461, 462, 463, 464, 465, 466, 467, + 468, 469, 470, 471, 472, 473, 474, 475, 476, 477, + 478, 479, 480, 481, 482, 483, 484, 485, 486, 487, + 488, 489, 490, 491, 492, 493, 494, 495, 496, 497, + 562, 563, 564, 565, 587, 44, 46, 47, 107, 138, + 141, 267, 293, 498, 499, 500, 501, 502, 503, 504, + 44, 52, 53, 137, 139, 266, 296, 505, 506, 507, + 508, 509, 510, 44, 80, 81, 105, 172, 173, 211, + 299, 519, 520, 521, 522, 523, 524, 525, 44, 251, + 253, 254, 255, 256, 257, 263, 302, 511, 512, 513, + 514, 515, 516, 517, 518, 280, 281, 282, 283, 284, + 303, 304, 305, 306, 307, 310, 511, 512, 513, 514, + 515, 96, 97, 98, 99, 100, 101, 102, 103, 528, + 529, 530, 531, 532, 533, 534, 535, 536, 153, 154, + 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, + 165, 166, 167, 168, 169, 170, 539, 540, 541, 542, + 543, 544, 545, 546, 547, 548, 549, 550, 551, 552, + 553, 554, 555, 556, 557, 112, 560, 561, 228, 229, + 230, 231, 232, 233, 234, 235, 236, 237, 568, 569, + 570, 571, 572, 573, 574, 575, 576, 577, 578, 245, + 246, 247, 248, 249, 581, 582, 583, 584, 585, 586, + 276, 277, 590, 591, 592, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10 +}; + + /* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ +static const yytype_uint16 yyr1[] = +{ + 0, 285, 286, 286, 287, 287, 287, 287, 287, 287, + 287, 287, 287, 287, 287, 287, 288, 289, 289, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 290, 290, 290, 290, 290, 290, 290, 290, 290, + 290, 291, 292, 292, 293, 293, 293, 293, 293, 293, + 293, 294, 295, 295, 296, 296, 296, 296, 296, 296, + 297, 298, 298, 299, 299, 299, 299, 299, 299, 299, + 300, 301, 301, 302, 302, 302, 302, 302, 302, 302, + 302, 303, 304, 305, 306, 307, 308, 309, 309, 310, + 310, 310, 310, 310, 310, 310, 310, 310, 310, 311, 312, 313, 314, 315, 316, 317, 318, 319, 320, 321, 322, 323, 324, 325, 326, 327, 328, 329, 330, 331, 332, 333, 334, 335, 336, 337, 338, 339, 340, 341, @@ -1807,115 +1930,21 @@ static const yytype_uint16 yystos[] = 462, 463, 464, 465, 466, 467, 468, 469, 470, 471, 472, 473, 474, 475, 476, 477, 478, 479, 480, 481, 482, 483, 484, 485, 486, 487, 488, 489, 490, 491, - 550, 551, 552, 553, 575, 44, 46, 47, 107, 138, - 141, 261, 287, 492, 493, 494, 495, 496, 497, 498, - 44, 52, 53, 137, 139, 260, 290, 499, 500, 501, - 502, 503, 504, 44, 80, 81, 105, 166, 167, 205, - 293, 513, 514, 515, 516, 517, 518, 519, 44, 245, - 247, 248, 249, 250, 251, 257, 296, 505, 506, 507, - 508, 509, 510, 511, 512, 274, 275, 276, 277, 278, - 297, 298, 299, 300, 301, 304, 505, 506, 507, 508, - 509, 96, 97, 98, 99, 100, 101, 102, 103, 522, - 523, 524, 525, 526, 527, 528, 529, 530, 153, 154, - 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, - 533, 534, 535, 536, 537, 538, 539, 540, 541, 542, - 543, 544, 545, 112, 548, 549, 222, 223, 224, 225, - 226, 227, 228, 229, 230, 231, 556, 557, 558, 559, - 560, 561, 562, 563, 564, 565, 566, 239, 240, 241, - 242, 243, 569, 570, 571, 572, 573, 574, 270, 271, - 578, 579, 580, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10 -}; - - /* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ -static const yytype_uint16 yyr1[] = -{ - 0, 279, 280, 280, 281, 281, 281, 281, 281, 281, - 281, 281, 281, 281, 281, 281, 282, 283, 283, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 284, 284, 284, 284, 284, 284, 284, 284, 284, - 284, 285, 286, 286, 287, 287, 287, 287, 287, 287, - 287, 288, 289, 289, 290, 290, 290, 290, 290, 290, - 291, 292, 292, 293, 293, 293, 293, 293, 293, 293, - 294, 295, 295, 296, 296, 296, 296, 296, 296, 296, - 296, 297, 298, 299, 300, 301, 302, 303, 303, 304, - 304, 304, 304, 304, 304, 304, 304, 304, 304, 305, - 306, 307, 308, 309, 310, 311, 312, 313, 314, 315, - 316, 317, 318, 319, 320, 321, 322, 323, 324, 325, - 326, 327, 328, 329, 330, 331, 332, 333, 334, 335, - 336, 337, 338, 339, 340, 341, 342, 343, 344, 345, - 346, 347, 348, 349, 350, 351, 352, 353, 354, 355, - 356, 357, 358, 359, 360, 361, 362, 363, 364, 365, - 366, 367, 368, 369, 370, 371, 372, 373, 374, 375, - 376, 377, 378, 379, 380, 381, 382, 383, 384, 385, - 386, 387, 388, 389, 390, 391, 392, 393, 394, 395, - 396, 397, 398, 399, 400, 401, 402, 403, 404, 405, - 406, 407, 408, 409, 410, 411, 412, 413, 414, 415, - 416, 417, 418, 419, 420, 421, 422, 423, 424, 425, - 426, 427, 428, 429, 430, 431, 432, 433, 434, 435, - 436, 437, 438, 439, 440, 441, 442, 443, 444, 445, - 446, 447, 448, 449, 450, 451, 452, 453, 454, 455, - 456, 457, 458, 459, 460, 461, 462, 463, 464, 465, - 466, 467, 468, 469, 470, 471, 472, 473, 474, 475, - 476, 477, 478, 479, 480, 481, 482, 483, 484, 485, - 486, 487, 488, 489, 490, 491, 492, 493, 494, 495, - 496, 497, 498, 499, 500, 501, 502, 503, 504, 505, - 506, 507, 508, 509, 510, 511, 512, 513, 514, 515, - 516, 517, 518, 519, 520, 521, 521, 522, 522, 522, - 522, 522, 522, 522, 522, 523, 524, 525, 526, 527, - 528, 529, 530, 531, 532, 532, 533, 533, 533, 533, - 533, 533, 533, 533, 533, 533, 533, 533, 534, 535, - 536, 537, 538, 539, 540, 541, 542, 543, 544, 545, - 546, 547, 547, 548, 549, 550, 551, 552, 553, 554, - 555, 555, 556, 556, 556, 556, 556, 556, 556, 556, - 556, 556, 557, 558, 559, 560, 561, 562, 563, 564, - 565, 566, 567, 568, 568, 569, 569, 569, 569, 569, - 570, 571, 572, 573, 574, 575, 576, 577, 577, 578, - 578, 579, 580 + 492, 493, 494, 495, 496, 497, 498, 499, 500, 501, + 502, 503, 504, 505, 506, 507, 508, 509, 510, 511, + 512, 513, 514, 515, 516, 517, 518, 519, 520, 521, + 522, 523, 524, 525, 526, 527, 527, 528, 528, 528, + 528, 528, 528, 528, 528, 529, 530, 531, 532, 533, + 534, 535, 536, 537, 538, 538, 539, 539, 539, 539, + 539, 539, 539, 539, 539, 539, 539, 539, 539, 539, + 539, 539, 539, 539, 540, 541, 542, 543, 544, 545, + 546, 547, 548, 549, 550, 551, 552, 553, 554, 555, + 556, 557, 558, 559, 559, 560, 561, 562, 563, 564, + 565, 566, 567, 567, 568, 568, 568, 568, 568, 568, + 568, 568, 568, 568, 569, 570, 571, 572, 573, 574, + 575, 576, 577, 578, 579, 580, 580, 581, 581, 581, + 581, 581, 582, 583, 584, 585, 586, 587, 588, 589, + 589, 590, 590, 591, 592 }; /* YYR2[YYN] -- Number of symbols on the right hand side of rule YYN. */ @@ -1972,14 +2001,15 @@ static const yytype_uint8 yyr2[] = 3, 2, 2, 2, 1, 2, 0, 1, 1, 1, 1, 1, 1, 1, 1, 2, 2, 2, 2, 2, 2, 2, 2, 1, 2, 0, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 2, 2, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 1, 2, 0, 1, 2, 2, 2, 3, 3, 1, - 2, 0, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 1, 2, 0, 1, 1, 1, 1, 1, - 2, 2, 2, 2, 2, 3, 1, 2, 0, 1, - 1, 2, 2 + 2, 2, 1, 2, 0, 1, 2, 2, 2, 3, + 3, 1, 2, 0, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 1, 2, 0, 1, 1, 1, + 1, 1, 2, 2, 2, 2, 2, 3, 1, 2, + 0, 1, 1, 2, 2 }; @@ -2664,15 +2694,15 @@ yyreduce: switch (yyn) { case 16: -#line 186 "./util/configparser.y" +#line 188 "./util/configparser.y" { OUTYY(("\nP(server:)\n")); } -#line 2672 "util/configparser.c" +#line 2702 "util/configparser.c" break; case 211: -#line 278 "./util/configparser.y" +#line 280 "./util/configparser.y" { struct config_stub* s; OUTYY(("\nP(stub_zone:)\n")); @@ -2683,11 +2713,11 @@ yyreduce: } else yyerror("out of memory"); } -#line 2687 "util/configparser.c" +#line 2717 "util/configparser.c" break; case 221: -#line 295 "./util/configparser.y" +#line 297 "./util/configparser.y" { struct config_stub* s; OUTYY(("\nP(forward_zone:)\n")); @@ -2698,11 +2728,11 @@ yyreduce: } else yyerror("out of memory"); } -#line 2702 "util/configparser.c" +#line 2732 "util/configparser.c" break; case 230: -#line 312 "./util/configparser.y" +#line 314 "./util/configparser.y" { struct config_view* s; OUTYY(("\nP(view:)\n")); @@ -2715,11 +2745,11 @@ yyreduce: } else yyerror("out of memory"); } -#line 2719 "util/configparser.c" +#line 2749 "util/configparser.c" break; case 240: -#line 331 "./util/configparser.y" +#line 333 "./util/configparser.y" { struct config_auth* s; OUTYY(("\nP(auth_zone:)\n")); @@ -2735,11 +2765,11 @@ yyreduce: } else yyerror("out of memory"); } -#line 2739 "util/configparser.c" +#line 2769 "util/configparser.c" break; case 251: -#line 355 "./util/configparser.y" +#line 357 "./util/configparser.y" { uint8_t* bitlist; size_t len = 0; @@ -2756,11 +2786,11 @@ yyreduce: } } -#line 2760 "util/configparser.c" +#line 2790 "util/configparser.c" break; case 252: -#line 374 "./util/configparser.y" +#line 376 "./util/configparser.y" { OUTYY(("P(rpz_action_override:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "nxdomain")!=0 && strcmp((yyvsp[0].str), "nodata")!=0 && @@ -2775,21 +2805,21 @@ yyreduce: cfg_parser->cfg->auths->rpz_action_override = (yyvsp[0].str); } } -#line 2779 "util/configparser.c" +#line 2809 "util/configparser.c" break; case 253: -#line 391 "./util/configparser.y" +#line 393 "./util/configparser.y" { OUTYY(("P(rpz_cname_override:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->auths->rpz_cname); cfg_parser->cfg->auths->rpz_cname = (yyvsp[0].str); } -#line 2789 "util/configparser.c" +#line 2819 "util/configparser.c" break; case 254: -#line 399 "./util/configparser.y" +#line 401 "./util/configparser.y" { OUTYY(("P(rpz_log:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -2797,21 +2827,21 @@ yyreduce: else cfg_parser->cfg->auths->rpz_log = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 2801 "util/configparser.c" +#line 2831 "util/configparser.c" break; case 255: -#line 409 "./util/configparser.y" +#line 411 "./util/configparser.y" { OUTYY(("P(rpz_log_name:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->auths->rpz_log_name); cfg_parser->cfg->auths->rpz_log_name = (yyvsp[0].str); } -#line 2811 "util/configparser.c" +#line 2841 "util/configparser.c" break; case 256: -#line 417 "./util/configparser.y" +#line 419 "./util/configparser.y" { struct config_auth* s; OUTYY(("\nP(rpz:)\n")); @@ -2827,11 +2857,11 @@ yyreduce: } else yyerror("out of memory"); } -#line 2831 "util/configparser.c" +#line 2861 "util/configparser.c" break; case 269: -#line 440 "./util/configparser.y" +#line 442 "./util/configparser.y" { OUTYY(("P(server_num_threads:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -2839,11 +2869,11 @@ yyreduce: else cfg_parser->cfg->num_threads = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 2843 "util/configparser.c" +#line 2873 "util/configparser.c" break; case 270: -#line 449 "./util/configparser.y" +#line 451 "./util/configparser.y" { OUTYY(("P(server_verbosity:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -2851,11 +2881,11 @@ yyreduce: else cfg_parser->cfg->verbosity = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 2855 "util/configparser.c" +#line 2885 "util/configparser.c" break; case 271: -#line 458 "./util/configparser.y" +#line 460 "./util/configparser.y" { OUTYY(("P(server_statistics_interval:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "") == 0 || strcmp((yyvsp[0].str), "0") == 0) @@ -2865,11 +2895,11 @@ yyreduce: else cfg_parser->cfg->stat_interval = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 2869 "util/configparser.c" +#line 2899 "util/configparser.c" break; case 272: -#line 469 "./util/configparser.y" +#line 471 "./util/configparser.y" { OUTYY(("P(server_statistics_cumulative:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -2877,11 +2907,11 @@ yyreduce: else cfg_parser->cfg->stat_cumulative = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 2881 "util/configparser.c" +#line 2911 "util/configparser.c" break; case 273: -#line 478 "./util/configparser.y" +#line 480 "./util/configparser.y" { OUTYY(("P(server_extended_statistics:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -2889,11 +2919,11 @@ yyreduce: else cfg_parser->cfg->stat_extended = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 2893 "util/configparser.c" +#line 2923 "util/configparser.c" break; case 274: -#line 487 "./util/configparser.y" +#line 489 "./util/configparser.y" { OUTYY(("P(server_shm_enable:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -2901,11 +2931,11 @@ yyreduce: else cfg_parser->cfg->shm_enable = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 2905 "util/configparser.c" +#line 2935 "util/configparser.c" break; case 275: -#line 496 "./util/configparser.y" +#line 498 "./util/configparser.y" { OUTYY(("P(server_shm_key:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "") == 0 || strcmp((yyvsp[0].str), "0") == 0) @@ -2915,11 +2945,11 @@ yyreduce: else cfg_parser->cfg->shm_key = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 2919 "util/configparser.c" +#line 2949 "util/configparser.c" break; case 276: -#line 507 "./util/configparser.y" +#line 509 "./util/configparser.y" { OUTYY(("P(server_port:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -2927,11 +2957,11 @@ yyreduce: else cfg_parser->cfg->port = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 2931 "util/configparser.c" +#line 2961 "util/configparser.c" break; case 277: -#line 516 "./util/configparser.y" +#line 518 "./util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(server_send_client_subnet:%s)\n", (yyvsp[0].str))); @@ -2942,11 +2972,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 2946 "util/configparser.c" +#line 2976 "util/configparser.c" break; case 278: -#line 528 "./util/configparser.y" +#line 530 "./util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(server_client_subnet_zone:%s)\n", (yyvsp[0].str))); @@ -2958,11 +2988,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 2962 "util/configparser.c" +#line 2992 "util/configparser.c" break; case 279: -#line 542 "./util/configparser.y" +#line 544 "./util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(server_client_subnet_always_forward:%s)\n", (yyvsp[0].str))); @@ -2976,11 +3006,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 2980 "util/configparser.c" +#line 3010 "util/configparser.c" break; case 280: -#line 557 "./util/configparser.y" +#line 559 "./util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(client_subnet_opcode:%s)\n", (yyvsp[0].str))); @@ -2990,11 +3020,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 2994 "util/configparser.c" +#line 3024 "util/configparser.c" break; case 281: -#line 568 "./util/configparser.y" +#line 570 "./util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(max_client_subnet_ipv4:%s)\n", (yyvsp[0].str))); @@ -3010,11 +3040,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3014 "util/configparser.c" +#line 3044 "util/configparser.c" break; case 282: -#line 585 "./util/configparser.y" +#line 587 "./util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(max_client_subnet_ipv6:%s)\n", (yyvsp[0].str))); @@ -3030,11 +3060,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3034 "util/configparser.c" +#line 3064 "util/configparser.c" break; case 283: -#line 602 "./util/configparser.y" +#line 604 "./util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(min_client_subnet_ipv4:%s)\n", (yyvsp[0].str))); @@ -3050,11 +3080,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3054 "util/configparser.c" +#line 3084 "util/configparser.c" break; case 284: -#line 619 "./util/configparser.y" +#line 621 "./util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(min_client_subnet_ipv6:%s)\n", (yyvsp[0].str))); @@ -3070,11 +3100,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3074 "util/configparser.c" +#line 3104 "util/configparser.c" break; case 285: -#line 636 "./util/configparser.y" +#line 638 "./util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", (yyvsp[0].str))); @@ -3088,11 +3118,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3092 "util/configparser.c" +#line 3122 "util/configparser.c" break; case 286: -#line 651 "./util/configparser.y" +#line 653 "./util/configparser.y" { #ifdef CLIENT_SUBNET OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", (yyvsp[0].str))); @@ -3106,11 +3136,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3110 "util/configparser.c" +#line 3140 "util/configparser.c" break; case 287: -#line 666 "./util/configparser.y" +#line 668 "./util/configparser.y" { OUTYY(("P(server_interface:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->num_ifs == 0) @@ -3122,11 +3152,11 @@ yyreduce: else cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = (yyvsp[0].str); } -#line 3126 "util/configparser.c" +#line 3156 "util/configparser.c" break; case 288: -#line 679 "./util/configparser.y" +#line 681 "./util/configparser.y" { OUTYY(("P(server_outgoing_interface:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->num_out_ifs == 0) @@ -3140,11 +3170,11 @@ yyreduce: cfg_parser->cfg->out_ifs[ cfg_parser->cfg->num_out_ifs++] = (yyvsp[0].str); } -#line 3144 "util/configparser.c" +#line 3174 "util/configparser.c" break; case 289: -#line 694 "./util/configparser.y" +#line 696 "./util/configparser.y" { OUTYY(("P(server_outgoing_range:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -3152,11 +3182,11 @@ yyreduce: else cfg_parser->cfg->outgoing_num_ports = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3156 "util/configparser.c" +#line 3186 "util/configparser.c" break; case 290: -#line 703 "./util/configparser.y" +#line 705 "./util/configparser.y" { OUTYY(("P(server_outgoing_port_permit:%s)\n", (yyvsp[0].str))); if(!cfg_mark_ports((yyvsp[0].str), 1, @@ -3164,11 +3194,11 @@ yyreduce: yyerror("port number or range (\"low-high\") expected"); free((yyvsp[0].str)); } -#line 3168 "util/configparser.c" +#line 3198 "util/configparser.c" break; case 291: -#line 712 "./util/configparser.y" +#line 714 "./util/configparser.y" { OUTYY(("P(server_outgoing_port_avoid:%s)\n", (yyvsp[0].str))); if(!cfg_mark_ports((yyvsp[0].str), 0, @@ -3176,11 +3206,11 @@ yyreduce: yyerror("port number or range (\"low-high\") expected"); free((yyvsp[0].str)); } -#line 3180 "util/configparser.c" +#line 3210 "util/configparser.c" break; case 292: -#line 721 "./util/configparser.y" +#line 723 "./util/configparser.y" { OUTYY(("P(server_outgoing_num_tcp:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3188,11 +3218,11 @@ yyreduce: else cfg_parser->cfg->outgoing_num_tcp = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3192 "util/configparser.c" +#line 3222 "util/configparser.c" break; case 293: -#line 730 "./util/configparser.y" +#line 732 "./util/configparser.y" { OUTYY(("P(server_incoming_num_tcp:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3200,11 +3230,11 @@ yyreduce: else cfg_parser->cfg->incoming_num_tcp = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3204 "util/configparser.c" +#line 3234 "util/configparser.c" break; case 294: -#line 739 "./util/configparser.y" +#line 741 "./util/configparser.y" { OUTYY(("P(server_interface_automatic:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3212,11 +3242,11 @@ yyreduce: else cfg_parser->cfg->if_automatic = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3216 "util/configparser.c" +#line 3246 "util/configparser.c" break; case 295: -#line 748 "./util/configparser.y" +#line 750 "./util/configparser.y" { OUTYY(("P(server_do_ip4:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3224,11 +3254,11 @@ yyreduce: else cfg_parser->cfg->do_ip4 = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3228 "util/configparser.c" +#line 3258 "util/configparser.c" break; case 296: -#line 757 "./util/configparser.y" +#line 759 "./util/configparser.y" { OUTYY(("P(server_do_ip6:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3236,11 +3266,11 @@ yyreduce: else cfg_parser->cfg->do_ip6 = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3240 "util/configparser.c" +#line 3270 "util/configparser.c" break; case 297: -#line 766 "./util/configparser.y" +#line 768 "./util/configparser.y" { OUTYY(("P(server_do_udp:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3248,11 +3278,11 @@ yyreduce: else cfg_parser->cfg->do_udp = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3252 "util/configparser.c" +#line 3282 "util/configparser.c" break; case 298: -#line 775 "./util/configparser.y" +#line 777 "./util/configparser.y" { OUTYY(("P(server_do_tcp:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3260,11 +3290,11 @@ yyreduce: else cfg_parser->cfg->do_tcp = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3264 "util/configparser.c" +#line 3294 "util/configparser.c" break; case 299: -#line 784 "./util/configparser.y" +#line 786 "./util/configparser.y" { OUTYY(("P(server_prefer_ip4:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3272,11 +3302,11 @@ yyreduce: else cfg_parser->cfg->prefer_ip4 = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3276 "util/configparser.c" +#line 3306 "util/configparser.c" break; case 300: -#line 793 "./util/configparser.y" +#line 795 "./util/configparser.y" { OUTYY(("P(server_prefer_ip6:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3284,11 +3314,11 @@ yyreduce: else cfg_parser->cfg->prefer_ip6 = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3288 "util/configparser.c" +#line 3318 "util/configparser.c" break; case 301: -#line 802 "./util/configparser.y" +#line 804 "./util/configparser.y" { OUTYY(("P(server_tcp_mss:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3296,11 +3326,11 @@ yyreduce: else cfg_parser->cfg->tcp_mss = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3300 "util/configparser.c" +#line 3330 "util/configparser.c" break; case 302: -#line 811 "./util/configparser.y" +#line 813 "./util/configparser.y" { OUTYY(("P(server_outgoing_tcp_mss:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3308,11 +3338,11 @@ yyreduce: else cfg_parser->cfg->outgoing_tcp_mss = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3312 "util/configparser.c" +#line 3342 "util/configparser.c" break; case 303: -#line 820 "./util/configparser.y" +#line 822 "./util/configparser.y" { OUTYY(("P(server_tcp_idle_timeout:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3324,11 +3354,11 @@ yyreduce: else cfg_parser->cfg->tcp_idle_timeout = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3328 "util/configparser.c" +#line 3358 "util/configparser.c" break; case 304: -#line 833 "./util/configparser.y" +#line 835 "./util/configparser.y" { OUTYY(("P(server_tcp_keepalive:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3336,11 +3366,11 @@ yyreduce: else cfg_parser->cfg->do_tcp_keepalive = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3340 "util/configparser.c" +#line 3370 "util/configparser.c" break; case 305: -#line 842 "./util/configparser.y" +#line 844 "./util/configparser.y" { OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3352,11 +3382,11 @@ yyreduce: else cfg_parser->cfg->tcp_keepalive_timeout = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3356 "util/configparser.c" +#line 3386 "util/configparser.c" break; case 306: -#line 855 "./util/configparser.y" +#line 857 "./util/configparser.y" { OUTYY(("P(server_tcp_upstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3364,11 +3394,11 @@ yyreduce: else cfg_parser->cfg->tcp_upstream = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3368 "util/configparser.c" +#line 3398 "util/configparser.c" break; case 307: -#line 864 "./util/configparser.y" +#line 866 "./util/configparser.y" { OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3376,11 +3406,11 @@ yyreduce: else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3380 "util/configparser.c" +#line 3410 "util/configparser.c" break; case 308: -#line 873 "./util/configparser.y" +#line 875 "./util/configparser.y" { OUTYY(("P(server_ssl_upstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3388,31 +3418,31 @@ yyreduce: else cfg_parser->cfg->ssl_upstream = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3392 "util/configparser.c" +#line 3422 "util/configparser.c" break; case 309: -#line 882 "./util/configparser.y" +#line 884 "./util/configparser.y" { OUTYY(("P(server_ssl_service_key:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->ssl_service_key); cfg_parser->cfg->ssl_service_key = (yyvsp[0].str); } -#line 3402 "util/configparser.c" +#line 3432 "util/configparser.c" break; case 310: -#line 889 "./util/configparser.y" +#line 891 "./util/configparser.y" { OUTYY(("P(server_ssl_service_pem:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->ssl_service_pem); cfg_parser->cfg->ssl_service_pem = (yyvsp[0].str); } -#line 3412 "util/configparser.c" +#line 3442 "util/configparser.c" break; case 311: -#line 896 "./util/configparser.y" +#line 898 "./util/configparser.y" { OUTYY(("P(server_ssl_port:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -3420,21 +3450,21 @@ yyreduce: else cfg_parser->cfg->ssl_port = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3424 "util/configparser.c" +#line 3454 "util/configparser.c" break; case 312: -#line 905 "./util/configparser.y" +#line 907 "./util/configparser.y" { OUTYY(("P(server_tls_cert_bundle:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->tls_cert_bundle); cfg_parser->cfg->tls_cert_bundle = (yyvsp[0].str); } -#line 3434 "util/configparser.c" +#line 3464 "util/configparser.c" break; case 313: -#line 912 "./util/configparser.y" +#line 914 "./util/configparser.y" { OUTYY(("P(server_tls_win_cert:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3442,53 +3472,53 @@ yyreduce: else cfg_parser->cfg->tls_win_cert = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3446 "util/configparser.c" +#line 3476 "util/configparser.c" break; case 314: -#line 921 "./util/configparser.y" +#line 923 "./util/configparser.y" { OUTYY(("P(server_tls_additional_port:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3457 "util/configparser.c" +#line 3487 "util/configparser.c" break; case 315: -#line 929 "./util/configparser.y" +#line 931 "./util/configparser.y" { OUTYY(("P(server_tls_ciphers:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->tls_ciphers); cfg_parser->cfg->tls_ciphers = (yyvsp[0].str); } -#line 3467 "util/configparser.c" +#line 3497 "util/configparser.c" break; case 316: -#line 936 "./util/configparser.y" +#line 938 "./util/configparser.y" { OUTYY(("P(server_tls_ciphersuites:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->tls_ciphersuites); cfg_parser->cfg->tls_ciphersuites = (yyvsp[0].str); } -#line 3477 "util/configparser.c" +#line 3507 "util/configparser.c" break; case 317: -#line 943 "./util/configparser.y" +#line 945 "./util/configparser.y" { OUTYY(("P(server_tls_session_ticket_keys:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3488 "util/configparser.c" +#line 3518 "util/configparser.c" break; case 318: -#line 951 "./util/configparser.y" +#line 953 "./util/configparser.y" { OUTYY(("P(server_use_systemd:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3496,11 +3526,11 @@ yyreduce: else cfg_parser->cfg->use_systemd = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3500 "util/configparser.c" +#line 3530 "util/configparser.c" break; case 319: -#line 960 "./util/configparser.y" +#line 962 "./util/configparser.y" { OUTYY(("P(server_do_daemonize:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3508,11 +3538,11 @@ yyreduce: else cfg_parser->cfg->do_daemonize = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3512 "util/configparser.c" +#line 3542 "util/configparser.c" break; case 320: -#line 969 "./util/configparser.y" +#line 971 "./util/configparser.y" { OUTYY(("P(server_use_syslog:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3525,11 +3555,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 3529 "util/configparser.c" +#line 3559 "util/configparser.c" break; case 321: -#line 983 "./util/configparser.y" +#line 985 "./util/configparser.y" { OUTYY(("P(server_log_time_ascii:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3537,11 +3567,11 @@ yyreduce: else cfg_parser->cfg->log_time_ascii = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3541 "util/configparser.c" +#line 3571 "util/configparser.c" break; case 322: -#line 992 "./util/configparser.y" +#line 994 "./util/configparser.y" { OUTYY(("P(server_log_queries:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3549,11 +3579,11 @@ yyreduce: else cfg_parser->cfg->log_queries = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3553 "util/configparser.c" +#line 3583 "util/configparser.c" break; case 323: -#line 1001 "./util/configparser.y" +#line 1003 "./util/configparser.y" { OUTYY(("P(server_log_replies:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3561,11 +3591,11 @@ yyreduce: else cfg_parser->cfg->log_replies = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3565 "util/configparser.c" +#line 3595 "util/configparser.c" break; case 324: -#line 1010 "./util/configparser.y" +#line 1012 "./util/configparser.y" { OUTYY(("P(server_log_tag_queryreply:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3573,11 +3603,11 @@ yyreduce: else cfg_parser->cfg->log_tag_queryreply = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3577 "util/configparser.c" +#line 3607 "util/configparser.c" break; case 325: -#line 1019 "./util/configparser.y" +#line 1021 "./util/configparser.y" { OUTYY(("P(server_log_servfail:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3585,11 +3615,11 @@ yyreduce: else cfg_parser->cfg->log_servfail = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3589 "util/configparser.c" +#line 3619 "util/configparser.c" break; case 326: -#line 1028 "./util/configparser.y" +#line 1030 "./util/configparser.y" { OUTYY(("P(server_log_local_actions:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3597,31 +3627,31 @@ yyreduce: else cfg_parser->cfg->log_local_actions = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3601 "util/configparser.c" +#line 3631 "util/configparser.c" break; case 327: -#line 1037 "./util/configparser.y" +#line 1039 "./util/configparser.y" { OUTYY(("P(server_chroot:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->chrootdir); cfg_parser->cfg->chrootdir = (yyvsp[0].str); } -#line 3611 "util/configparser.c" +#line 3641 "util/configparser.c" break; case 328: -#line 1044 "./util/configparser.y" +#line 1046 "./util/configparser.y" { OUTYY(("P(server_username:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->username); cfg_parser->cfg->username = (yyvsp[0].str); } -#line 3621 "util/configparser.c" +#line 3651 "util/configparser.c" break; case 329: -#line 1051 "./util/configparser.y" +#line 1053 "./util/configparser.y" { OUTYY(("P(server_directory:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->directory); @@ -3646,105 +3676,105 @@ yyreduce: } } } -#line 3650 "util/configparser.c" +#line 3680 "util/configparser.c" break; case 330: -#line 1077 "./util/configparser.y" +#line 1079 "./util/configparser.y" { OUTYY(("P(server_logfile:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->logfile); cfg_parser->cfg->logfile = (yyvsp[0].str); cfg_parser->cfg->use_syslog = 0; } -#line 3661 "util/configparser.c" +#line 3691 "util/configparser.c" break; case 331: -#line 1085 "./util/configparser.y" +#line 1087 "./util/configparser.y" { OUTYY(("P(server_pidfile:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->pidfile); cfg_parser->cfg->pidfile = (yyvsp[0].str); } -#line 3671 "util/configparser.c" +#line 3701 "util/configparser.c" break; case 332: -#line 1092 "./util/configparser.y" +#line 1094 "./util/configparser.y" { OUTYY(("P(server_root_hints:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3681 "util/configparser.c" +#line 3711 "util/configparser.c" break; case 333: -#line 1099 "./util/configparser.y" +#line 1101 "./util/configparser.y" { OUTYY(("P(server_dlv_anchor_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dlv_anchor_file); cfg_parser->cfg->dlv_anchor_file = (yyvsp[0].str); } -#line 3691 "util/configparser.c" +#line 3721 "util/configparser.c" break; case 334: -#line 1106 "./util/configparser.y" +#line 1108 "./util/configparser.y" { OUTYY(("P(server_dlv_anchor:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3701 "util/configparser.c" +#line 3731 "util/configparser.c" break; case 335: -#line 1113 "./util/configparser.y" +#line 1115 "./util/configparser.y" { OUTYY(("P(server_auto_trust_anchor_file:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg-> auto_trust_anchor_file_list, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3712 "util/configparser.c" +#line 3742 "util/configparser.c" break; case 336: -#line 1121 "./util/configparser.y" +#line 1123 "./util/configparser.y" { OUTYY(("P(server_trust_anchor_file:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg-> trust_anchor_file_list, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3723 "util/configparser.c" +#line 3753 "util/configparser.c" break; case 337: -#line 1129 "./util/configparser.y" +#line 1131 "./util/configparser.y" { OUTYY(("P(server_trusted_keys_file:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg-> trusted_keys_file_list, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3734 "util/configparser.c" +#line 3764 "util/configparser.c" break; case 338: -#line 1137 "./util/configparser.y" +#line 1139 "./util/configparser.y" { OUTYY(("P(server_trust_anchor:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3744 "util/configparser.c" +#line 3774 "util/configparser.c" break; case 339: -#line 1144 "./util/configparser.y" +#line 1146 "./util/configparser.y" { OUTYY(("P(server_trust_anchor_signaling:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3754,11 +3784,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3758 "util/configparser.c" +#line 3788 "util/configparser.c" break; case 340: -#line 1155 "./util/configparser.y" +#line 1157 "./util/configparser.y" { OUTYY(("P(server_root_key_sentinel:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3768,21 +3798,21 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3772 "util/configparser.c" +#line 3802 "util/configparser.c" break; case 341: -#line 1166 "./util/configparser.y" +#line 1168 "./util/configparser.y" { OUTYY(("P(server_domain_insecure:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, (yyvsp[0].str))) yyerror("out of memory"); } -#line 3782 "util/configparser.c" +#line 3812 "util/configparser.c" break; case 342: -#line 1173 "./util/configparser.y" +#line 1175 "./util/configparser.y" { OUTYY(("P(server_hide_identity:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3790,11 +3820,11 @@ yyreduce: else cfg_parser->cfg->hide_identity = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3794 "util/configparser.c" +#line 3824 "util/configparser.c" break; case 343: -#line 1182 "./util/configparser.y" +#line 1184 "./util/configparser.y" { OUTYY(("P(server_hide_version:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3802,11 +3832,11 @@ yyreduce: else cfg_parser->cfg->hide_version = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3806 "util/configparser.c" +#line 3836 "util/configparser.c" break; case 344: -#line 1191 "./util/configparser.y" +#line 1193 "./util/configparser.y" { OUTYY(("P(server_hide_trustanchor:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3814,53 +3844,53 @@ yyreduce: else cfg_parser->cfg->hide_trustanchor = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3818 "util/configparser.c" +#line 3848 "util/configparser.c" break; case 345: -#line 1200 "./util/configparser.y" +#line 1202 "./util/configparser.y" { OUTYY(("P(server_identity:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->identity); cfg_parser->cfg->identity = (yyvsp[0].str); } -#line 3828 "util/configparser.c" +#line 3858 "util/configparser.c" break; case 346: -#line 1207 "./util/configparser.y" +#line 1209 "./util/configparser.y" { OUTYY(("P(server_version:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->version); cfg_parser->cfg->version = (yyvsp[0].str); } -#line 3838 "util/configparser.c" +#line 3868 "util/configparser.c" break; case 347: -#line 1214 "./util/configparser.y" +#line 1216 "./util/configparser.y" { OUTYY(("P(server_so_rcvbuf:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->so_rcvbuf)) yyerror("buffer size expected"); free((yyvsp[0].str)); } -#line 3849 "util/configparser.c" +#line 3879 "util/configparser.c" break; case 348: -#line 1222 "./util/configparser.y" +#line 1224 "./util/configparser.y" { OUTYY(("P(server_so_sndbuf:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->so_sndbuf)) yyerror("buffer size expected"); free((yyvsp[0].str)); } -#line 3860 "util/configparser.c" +#line 3890 "util/configparser.c" break; case 349: -#line 1230 "./util/configparser.y" +#line 1232 "./util/configparser.y" { OUTYY(("P(server_so_reuseport:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3869,11 +3899,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3873 "util/configparser.c" +#line 3903 "util/configparser.c" break; case 350: -#line 1240 "./util/configparser.y" +#line 1242 "./util/configparser.y" { OUTYY(("P(server_ip_transparent:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3882,11 +3912,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3886 "util/configparser.c" +#line 3916 "util/configparser.c" break; case 351: -#line 1250 "./util/configparser.y" +#line 1252 "./util/configparser.y" { OUTYY(("P(server_ip_freebind:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -3895,22 +3925,22 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 3899 "util/configparser.c" +#line 3929 "util/configparser.c" break; case 352: -#line 1260 "./util/configparser.y" +#line 1262 "./util/configparser.y" { OUTYY(("P(server_stream_wait_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->stream_wait_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 3910 "util/configparser.c" +#line 3940 "util/configparser.c" break; case 353: -#line 1268 "./util/configparser.y" +#line 1270 "./util/configparser.y" { OUTYY(("P(server_edns_buffer_size:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -3922,11 +3952,11 @@ yyreduce: else cfg_parser->cfg->edns_buffer_size = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3926 "util/configparser.c" +#line 3956 "util/configparser.c" break; case 354: -#line 1281 "./util/configparser.y" +#line 1283 "./util/configparser.y" { OUTYY(("P(server_msg_buffer_size:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -3936,22 +3966,22 @@ yyreduce: else cfg_parser->cfg->msg_buffer_size = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3940 "util/configparser.c" +#line 3970 "util/configparser.c" break; case 355: -#line 1292 "./util/configparser.y" +#line 1294 "./util/configparser.y" { OUTYY(("P(server_msg_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->msg_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 3951 "util/configparser.c" +#line 3981 "util/configparser.c" break; case 356: -#line 1300 "./util/configparser.y" +#line 1302 "./util/configparser.y" { OUTYY(("P(server_msg_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -3963,11 +3993,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 3967 "util/configparser.c" +#line 3997 "util/configparser.c" break; case 357: -#line 1313 "./util/configparser.y" +#line 1315 "./util/configparser.y" { OUTYY(("P(server_num_queries_per_thread:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -3975,11 +4005,11 @@ yyreduce: else cfg_parser->cfg->num_queries_per_thread = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3979 "util/configparser.c" +#line 4009 "util/configparser.c" break; case 358: -#line 1322 "./util/configparser.y" +#line 1324 "./util/configparser.y" { OUTYY(("P(server_jostle_timeout:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3987,11 +4017,11 @@ yyreduce: else cfg_parser->cfg->jostle_time = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 3991 "util/configparser.c" +#line 4021 "util/configparser.c" break; case 359: -#line 1331 "./util/configparser.y" +#line 1333 "./util/configparser.y" { OUTYY(("P(server_delay_close:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -3999,11 +4029,11 @@ yyreduce: else cfg_parser->cfg->delay_close = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4003 "util/configparser.c" +#line 4033 "util/configparser.c" break; case 360: -#line 1340 "./util/configparser.y" +#line 1342 "./util/configparser.y" { OUTYY(("P(server_unblock_lan_zones:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4012,11 +4042,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4016 "util/configparser.c" +#line 4046 "util/configparser.c" break; case 361: -#line 1350 "./util/configparser.y" +#line 1352 "./util/configparser.y" { OUTYY(("P(server_insecure_lan_zones:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4025,22 +4055,22 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4029 "util/configparser.c" +#line 4059 "util/configparser.c" break; case 362: -#line 1360 "./util/configparser.y" +#line 1362 "./util/configparser.y" { OUTYY(("P(server_rrset_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->rrset_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 4040 "util/configparser.c" +#line 4070 "util/configparser.c" break; case 363: -#line 1368 "./util/configparser.y" +#line 1370 "./util/configparser.y" { OUTYY(("P(server_rrset_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -4052,11 +4082,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4056 "util/configparser.c" +#line 4086 "util/configparser.c" break; case 364: -#line 1381 "./util/configparser.y" +#line 1383 "./util/configparser.y" { OUTYY(("P(server_infra_host_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4064,22 +4094,22 @@ yyreduce: else cfg_parser->cfg->host_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4068 "util/configparser.c" +#line 4098 "util/configparser.c" break; case 365: -#line 1390 "./util/configparser.y" +#line 1392 "./util/configparser.y" { OUTYY(("P(server_infra_lame_ttl:%s)\n", (yyvsp[0].str))); verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option " "removed, use infra-host-ttl)", (yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4079 "util/configparser.c" +#line 4109 "util/configparser.c" break; case 366: -#line 1398 "./util/configparser.y" +#line 1400 "./util/configparser.y" { OUTYY(("P(server_infra_cache_numhosts:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -4087,22 +4117,22 @@ yyreduce: else cfg_parser->cfg->infra_cache_numhosts = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4091 "util/configparser.c" +#line 4121 "util/configparser.c" break; case 367: -#line 1407 "./util/configparser.y" +#line 1409 "./util/configparser.y" { OUTYY(("P(server_infra_cache_lame_size:%s)\n", (yyvsp[0].str))); verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s " "(option removed, use infra-cache-numhosts)", (yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4102 "util/configparser.c" +#line 4132 "util/configparser.c" break; case 368: -#line 1415 "./util/configparser.y" +#line 1417 "./util/configparser.y" { OUTYY(("P(server_infra_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -4114,11 +4144,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4118 "util/configparser.c" +#line 4148 "util/configparser.c" break; case 369: -#line 1428 "./util/configparser.y" +#line 1430 "./util/configparser.y" { OUTYY(("P(server_infra_cache_min_rtt:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4126,21 +4156,21 @@ yyreduce: else cfg_parser->cfg->infra_cache_min_rtt = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4130 "util/configparser.c" +#line 4160 "util/configparser.c" break; case 370: -#line 1437 "./util/configparser.y" +#line 1439 "./util/configparser.y" { OUTYY(("P(server_target_fetch_policy:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->target_fetch_policy); cfg_parser->cfg->target_fetch_policy = (yyvsp[0].str); } -#line 4140 "util/configparser.c" +#line 4170 "util/configparser.c" break; case 371: -#line 1444 "./util/configparser.y" +#line 1446 "./util/configparser.y" { OUTYY(("P(server_harden_short_bufsize:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4149,11 +4179,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4153 "util/configparser.c" +#line 4183 "util/configparser.c" break; case 372: -#line 1454 "./util/configparser.y" +#line 1456 "./util/configparser.y" { OUTYY(("P(server_harden_large_queries:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4162,11 +4192,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4166 "util/configparser.c" +#line 4196 "util/configparser.c" break; case 373: -#line 1464 "./util/configparser.y" +#line 1466 "./util/configparser.y" { OUTYY(("P(server_harden_glue:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4175,11 +4205,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4179 "util/configparser.c" +#line 4209 "util/configparser.c" break; case 374: -#line 1474 "./util/configparser.y" +#line 1476 "./util/configparser.y" { OUTYY(("P(server_harden_dnssec_stripped:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4188,11 +4218,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4192 "util/configparser.c" +#line 4222 "util/configparser.c" break; case 375: -#line 1484 "./util/configparser.y" +#line 1486 "./util/configparser.y" { OUTYY(("P(server_harden_below_nxdomain:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4201,11 +4231,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4205 "util/configparser.c" +#line 4235 "util/configparser.c" break; case 376: -#line 1494 "./util/configparser.y" +#line 1496 "./util/configparser.y" { OUTYY(("P(server_harden_referral_path:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4214,11 +4244,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4218 "util/configparser.c" +#line 4248 "util/configparser.c" break; case 377: -#line 1504 "./util/configparser.y" +#line 1506 "./util/configparser.y" { OUTYY(("P(server_harden_algo_downgrade:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4227,11 +4257,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4231 "util/configparser.c" +#line 4261 "util/configparser.c" break; case 378: -#line 1514 "./util/configparser.y" +#line 1516 "./util/configparser.y" { OUTYY(("P(server_use_caps_for_id:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4240,41 +4270,41 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4244 "util/configparser.c" +#line 4274 "util/configparser.c" break; case 379: -#line 1524 "./util/configparser.y" +#line 1526 "./util/configparser.y" { OUTYY(("P(server_caps_whitelist:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, (yyvsp[0].str))) yyerror("out of memory"); } -#line 4254 "util/configparser.c" +#line 4284 "util/configparser.c" break; case 380: -#line 1531 "./util/configparser.y" +#line 1533 "./util/configparser.y" { OUTYY(("P(server_private_address:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, (yyvsp[0].str))) yyerror("out of memory"); } -#line 4264 "util/configparser.c" +#line 4294 "util/configparser.c" break; case 381: -#line 1538 "./util/configparser.y" +#line 1540 "./util/configparser.y" { OUTYY(("P(server_private_domain:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, (yyvsp[0].str))) yyerror("out of memory"); } -#line 4274 "util/configparser.c" +#line 4304 "util/configparser.c" break; case 382: -#line 1545 "./util/configparser.y" +#line 1547 "./util/configparser.y" { OUTYY(("P(server_prefetch:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4282,11 +4312,11 @@ yyreduce: else cfg_parser->cfg->prefetch = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4286 "util/configparser.c" +#line 4316 "util/configparser.c" break; case 383: -#line 1554 "./util/configparser.y" +#line 1556 "./util/configparser.y" { OUTYY(("P(server_prefetch_key:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4294,11 +4324,11 @@ yyreduce: else cfg_parser->cfg->prefetch_key = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4298 "util/configparser.c" +#line 4328 "util/configparser.c" break; case 384: -#line 1563 "./util/configparser.y" +#line 1565 "./util/configparser.y" { OUTYY(("P(server_deny_any:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4306,11 +4336,11 @@ yyreduce: else cfg_parser->cfg->deny_any = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4310 "util/configparser.c" +#line 4340 "util/configparser.c" break; case 385: -#line 1572 "./util/configparser.y" +#line 1574 "./util/configparser.y" { OUTYY(("P(server_unwanted_reply_threshold:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4318,21 +4348,21 @@ yyreduce: else cfg_parser->cfg->unwanted_threshold = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4322 "util/configparser.c" +#line 4352 "util/configparser.c" break; case 386: -#line 1581 "./util/configparser.y" +#line 1583 "./util/configparser.y" { OUTYY(("P(server_do_not_query_address:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, (yyvsp[0].str))) yyerror("out of memory"); } -#line 4332 "util/configparser.c" +#line 4362 "util/configparser.c" break; case 387: -#line 1588 "./util/configparser.y" +#line 1590 "./util/configparser.y" { OUTYY(("P(server_do_not_query_localhost:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4341,11 +4371,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4345 "util/configparser.c" +#line 4375 "util/configparser.c" break; case 388: -#line 1598 "./util/configparser.y" +#line 1600 "./util/configparser.y" { OUTYY(("P(server_access_control:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "deny")!=0 && strcmp((yyvsp[0].str), "refuse")!=0 && @@ -4364,21 +4394,21 @@ yyreduce: fatal_exit("out of memory adding acl"); } } -#line 4368 "util/configparser.c" +#line 4398 "util/configparser.c" break; case 389: -#line 1618 "./util/configparser.y" +#line 1620 "./util/configparser.y" { OUTYY(("P(server_module_conf:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->module_conf); cfg_parser->cfg->module_conf = (yyvsp[0].str); } -#line 4378 "util/configparser.c" +#line 4408 "util/configparser.c" break; case 390: -#line 1625 "./util/configparser.y" +#line 1627 "./util/configparser.y" { OUTYY(("P(server_val_override_date:%s)\n", (yyvsp[0].str))); if(*(yyvsp[0].str) == '\0' || strcmp((yyvsp[0].str), "0") == 0) { @@ -4395,11 +4425,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4399 "util/configparser.c" +#line 4429 "util/configparser.c" break; case 391: -#line 1643 "./util/configparser.y" +#line 1645 "./util/configparser.y" { OUTYY(("P(server_val_sig_skew_min:%s)\n", (yyvsp[0].str))); if(*(yyvsp[0].str) == '\0' || strcmp((yyvsp[0].str), "0") == 0) { @@ -4411,11 +4441,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4415 "util/configparser.c" +#line 4445 "util/configparser.c" break; case 392: -#line 1656 "./util/configparser.y" +#line 1658 "./util/configparser.y" { OUTYY(("P(server_val_sig_skew_max:%s)\n", (yyvsp[0].str))); if(*(yyvsp[0].str) == '\0' || strcmp((yyvsp[0].str), "0") == 0) { @@ -4427,11 +4457,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4431 "util/configparser.c" +#line 4461 "util/configparser.c" break; case 393: -#line 1669 "./util/configparser.y" +#line 1671 "./util/configparser.y" { OUTYY(("P(server_cache_max_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4439,11 +4469,11 @@ yyreduce: else cfg_parser->cfg->max_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4443 "util/configparser.c" +#line 4473 "util/configparser.c" break; case 394: -#line 1678 "./util/configparser.y" +#line 1680 "./util/configparser.y" { OUTYY(("P(server_cache_max_negative_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4451,11 +4481,11 @@ yyreduce: else cfg_parser->cfg->max_negative_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4455 "util/configparser.c" +#line 4485 "util/configparser.c" break; case 395: -#line 1687 "./util/configparser.y" +#line 1689 "./util/configparser.y" { OUTYY(("P(server_cache_min_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4463,11 +4493,11 @@ yyreduce: else cfg_parser->cfg->min_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4467 "util/configparser.c" +#line 4497 "util/configparser.c" break; case 396: -#line 1696 "./util/configparser.y" +#line 1698 "./util/configparser.y" { OUTYY(("P(server_bogus_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4475,11 +4505,11 @@ yyreduce: else cfg_parser->cfg->bogus_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4479 "util/configparser.c" +#line 4509 "util/configparser.c" break; case 397: -#line 1705 "./util/configparser.y" +#line 1707 "./util/configparser.y" { OUTYY(("P(server_val_clean_additional:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4488,11 +4518,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4492 "util/configparser.c" +#line 4522 "util/configparser.c" break; case 398: -#line 1715 "./util/configparser.y" +#line 1717 "./util/configparser.y" { OUTYY(("P(server_val_permissive_mode:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4501,11 +4531,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4505 "util/configparser.c" +#line 4535 "util/configparser.c" break; case 399: -#line 1725 "./util/configparser.y" +#line 1727 "./util/configparser.y" { OUTYY(("P(server_aggressive_nsec:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4515,11 +4545,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4519 "util/configparser.c" +#line 4549 "util/configparser.c" break; case 400: -#line 1736 "./util/configparser.y" +#line 1738 "./util/configparser.y" { OUTYY(("P(server_ignore_cd_flag:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4527,11 +4557,11 @@ yyreduce: else cfg_parser->cfg->ignore_cd = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4531 "util/configparser.c" +#line 4561 "util/configparser.c" break; case 401: -#line 1745 "./util/configparser.y" +#line 1747 "./util/configparser.y" { OUTYY(("P(server_serve_expired:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4539,11 +4569,11 @@ yyreduce: else cfg_parser->cfg->serve_expired = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4543 "util/configparser.c" +#line 4573 "util/configparser.c" break; case 402: -#line 1754 "./util/configparser.y" +#line 1756 "./util/configparser.y" { OUTYY(("P(server_serve_expired_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4551,11 +4581,11 @@ yyreduce: else cfg_parser->cfg->serve_expired_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4555 "util/configparser.c" +#line 4585 "util/configparser.c" break; case 403: -#line 1763 "./util/configparser.y" +#line 1765 "./util/configparser.y" { OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4563,11 +4593,11 @@ yyreduce: else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4567 "util/configparser.c" +#line 4597 "util/configparser.c" break; case 404: -#line 1772 "./util/configparser.y" +#line 1774 "./util/configparser.y" { OUTYY(("P(server_serve_expired_reply_ttl:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4575,11 +4605,11 @@ yyreduce: else cfg_parser->cfg->serve_expired_reply_ttl = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4579 "util/configparser.c" +#line 4609 "util/configparser.c" break; case 405: -#line 1781 "./util/configparser.y" +#line 1783 "./util/configparser.y" { OUTYY(("P(server_serve_expired_client_timeout:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4587,11 +4617,11 @@ yyreduce: else cfg_parser->cfg->serve_expired_client_timeout = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4591 "util/configparser.c" +#line 4621 "util/configparser.c" break; case 406: -#line 1790 "./util/configparser.y" +#line 1792 "./util/configparser.y" { OUTYY(("P(server_fake_dsa:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4603,11 +4633,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 4607 "util/configparser.c" +#line 4637 "util/configparser.c" break; case 407: -#line 1803 "./util/configparser.y" +#line 1805 "./util/configparser.y" { OUTYY(("P(server_fake_sha1:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4619,11 +4649,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 4623 "util/configparser.c" +#line 4653 "util/configparser.c" break; case 408: -#line 1816 "./util/configparser.y" +#line 1818 "./util/configparser.y" { OUTYY(("P(server_val_log_level:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4631,21 +4661,21 @@ yyreduce: else cfg_parser->cfg->val_log_level = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4635 "util/configparser.c" +#line 4665 "util/configparser.c" break; case 409: -#line 1825 "./util/configparser.y" +#line 1827 "./util/configparser.y" { OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->val_nsec3_key_iterations); cfg_parser->cfg->val_nsec3_key_iterations = (yyvsp[0].str); } -#line 4645 "util/configparser.c" +#line 4675 "util/configparser.c" break; case 410: -#line 1832 "./util/configparser.y" +#line 1834 "./util/configparser.y" { OUTYY(("P(server_add_holddown:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4653,11 +4683,11 @@ yyreduce: else cfg_parser->cfg->add_holddown = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4657 "util/configparser.c" +#line 4687 "util/configparser.c" break; case 411: -#line 1841 "./util/configparser.y" +#line 1843 "./util/configparser.y" { OUTYY(("P(server_del_holddown:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4665,11 +4695,11 @@ yyreduce: else cfg_parser->cfg->del_holddown = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4669 "util/configparser.c" +#line 4699 "util/configparser.c" break; case 412: -#line 1850 "./util/configparser.y" +#line 1852 "./util/configparser.y" { OUTYY(("P(server_keep_missing:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -4677,11 +4707,11 @@ yyreduce: else cfg_parser->cfg->keep_missing = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4681 "util/configparser.c" +#line 4711 "util/configparser.c" break; case 413: -#line 1859 "./util/configparser.y" +#line 1861 "./util/configparser.y" { OUTYY(("P(server_permit_small_holddown:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4690,22 +4720,22 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4694 "util/configparser.c" +#line 4724 "util/configparser.c" break; case 414: -#line 1868 "./util/configparser.y" +#line 1870 "./util/configparser.y" { OUTYY(("P(server_key_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->key_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 4705 "util/configparser.c" +#line 4735 "util/configparser.c" break; case 415: -#line 1876 "./util/configparser.y" +#line 1878 "./util/configparser.y" { OUTYY(("P(server_key_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -4717,22 +4747,22 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4721 "util/configparser.c" +#line 4751 "util/configparser.c" break; case 416: -#line 1889 "./util/configparser.y" +#line 1891 "./util/configparser.y" { OUTYY(("P(server_neg_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->neg_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 4732 "util/configparser.c" +#line 4762 "util/configparser.c" break; case 417: -#line 1897 "./util/configparser.y" +#line 1899 "./util/configparser.y" { OUTYY(("P(server_local_zone:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "static")!=0 && strcmp((yyvsp[0].str), "deny")!=0 && @@ -4772,21 +4802,21 @@ yyreduce: fatal_exit("out of memory adding local-zone"); } } -#line 4776 "util/configparser.c" +#line 4806 "util/configparser.c" break; case 418: -#line 1938 "./util/configparser.y" +#line 1940 "./util/configparser.y" { OUTYY(("P(server_local_data:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, (yyvsp[0].str))) fatal_exit("out of memory adding local-data"); } -#line 4786 "util/configparser.c" +#line 4816 "util/configparser.c" break; case 419: -#line 1945 "./util/configparser.y" +#line 1947 "./util/configparser.y" { char* ptr; OUTYY(("P(server_local_data_ptr:%s)\n", (yyvsp[0].str))); @@ -4800,11 +4830,11 @@ yyreduce: yyerror("local-data-ptr could not be reversed"); } } -#line 4804 "util/configparser.c" +#line 4834 "util/configparser.c" break; case 420: -#line 1960 "./util/configparser.y" +#line 1962 "./util/configparser.y" { OUTYY(("P(server_minimal_responses:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4813,11 +4843,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4817 "util/configparser.c" +#line 4847 "util/configparser.c" break; case 421: -#line 1970 "./util/configparser.y" +#line 1972 "./util/configparser.y" { OUTYY(("P(server_rrset_roundrobin:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4826,41 +4856,41 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4830 "util/configparser.c" +#line 4860 "util/configparser.c" break; case 422: -#line 1980 "./util/configparser.y" +#line 1982 "./util/configparser.y" { OUTYY(("P(server_unknown_server_time_limit:%s)\n", (yyvsp[0].str))); cfg_parser->cfg->unknown_server_time_limit = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4840 "util/configparser.c" +#line 4870 "util/configparser.c" break; case 423: -#line 1987 "./util/configparser.y" +#line 1989 "./util/configparser.y" { OUTYY(("P(server_max_udp_size:%s)\n", (yyvsp[0].str))); cfg_parser->cfg->max_udp_size = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 4850 "util/configparser.c" +#line 4880 "util/configparser.c" break; case 424: -#line 1994 "./util/configparser.y" +#line 1996 "./util/configparser.y" { OUTYY(("P(dns64_prefix:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dns64_prefix); cfg_parser->cfg->dns64_prefix = (yyvsp[0].str); } -#line 4860 "util/configparser.c" +#line 4890 "util/configparser.c" break; case 425: -#line 2001 "./util/configparser.y" +#line 2003 "./util/configparser.y" { OUTYY(("P(server_dns64_synthall:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -4868,22 +4898,22 @@ yyreduce: else cfg_parser->cfg->dns64_synthall = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 4872 "util/configparser.c" +#line 4902 "util/configparser.c" break; case 426: -#line 2010 "./util/configparser.y" +#line 2012 "./util/configparser.y" { OUTYY(("P(dns64_ignore_aaaa:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa, (yyvsp[0].str))) fatal_exit("out of memory adding dns64-ignore-aaaa"); } -#line 4883 "util/configparser.c" +#line 4913 "util/configparser.c" break; case 427: -#line 2018 "./util/configparser.y" +#line 2020 "./util/configparser.y" { char* p, *s = (yyvsp[0].str); OUTYY(("P(server_define_tag:%s)\n", (yyvsp[0].str))); @@ -4896,11 +4926,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 4900 "util/configparser.c" +#line 4930 "util/configparser.c" break; case 428: -#line 2032 "./util/configparser.y" +#line 2034 "./util/configparser.y" { size_t len = 0; uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, (yyvsp[0].str), @@ -4920,11 +4950,11 @@ yyreduce: } } } -#line 4924 "util/configparser.c" +#line 4954 "util/configparser.c" break; case 429: -#line 2053 "./util/configparser.y" +#line 2055 "./util/configparser.y" { size_t len = 0; uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, (yyvsp[0].str), @@ -4944,11 +4974,11 @@ yyreduce: } } } -#line 4948 "util/configparser.c" +#line 4978 "util/configparser.c" break; case 430: -#line 2074 "./util/configparser.y" +#line 2076 "./util/configparser.y" { OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", (yyvsp[-2].str), (yyvsp[-1].str), (yyvsp[0].str))); if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions, @@ -4959,11 +4989,11 @@ yyreduce: free((yyvsp[0].str)); } } -#line 4963 "util/configparser.c" +#line 4993 "util/configparser.c" break; case 431: -#line 2086 "./util/configparser.y" +#line 2088 "./util/configparser.y" { OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", (yyvsp[-2].str), (yyvsp[-1].str), (yyvsp[0].str))); if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas, @@ -4974,11 +5004,11 @@ yyreduce: free((yyvsp[0].str)); } } -#line 4978 "util/configparser.c" +#line 5008 "util/configparser.c" break; case 432: -#line 2098 "./util/configparser.y" +#line 2100 "./util/configparser.y" { OUTYY(("P(server_local_zone_override:%s %s %s)\n", (yyvsp[-2].str), (yyvsp[-1].str), (yyvsp[0].str))); if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides, @@ -4989,11 +5019,11 @@ yyreduce: free((yyvsp[0].str)); } } -#line 4993 "util/configparser.c" +#line 5023 "util/configparser.c" break; case 433: -#line 2110 "./util/configparser.y" +#line 2112 "./util/configparser.y" { OUTYY(("P(server_access_control_view:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view, @@ -5001,11 +5031,11 @@ yyreduce: yyerror("out of memory"); } } -#line 5005 "util/configparser.c" +#line 5035 "util/configparser.c" break; case 434: -#line 2119 "./util/configparser.y" +#line 2121 "./util/configparser.y" { size_t len = 0; uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, (yyvsp[0].str), @@ -5025,11 +5055,11 @@ yyreduce: } } } -#line 5029 "util/configparser.c" +#line 5059 "util/configparser.c" break; case 435: -#line 2140 "./util/configparser.y" +#line 2142 "./util/configparser.y" { OUTYY(("P(server_ip_ratelimit:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5037,11 +5067,11 @@ yyreduce: else cfg_parser->cfg->ip_ratelimit = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5041 "util/configparser.c" +#line 5071 "util/configparser.c" break; case 436: -#line 2150 "./util/configparser.y" +#line 2152 "./util/configparser.y" { OUTYY(("P(server_ratelimit:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5049,33 +5079,33 @@ yyreduce: else cfg_parser->cfg->ratelimit = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5053 "util/configparser.c" +#line 5083 "util/configparser.c" break; case 437: -#line 2159 "./util/configparser.y" +#line 2161 "./util/configparser.y" { OUTYY(("P(server_ip_ratelimit_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->ip_ratelimit_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 5064 "util/configparser.c" +#line 5094 "util/configparser.c" break; case 438: -#line 2167 "./util/configparser.y" +#line 2169 "./util/configparser.y" { OUTYY(("P(server_ratelimit_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->ratelimit_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 5075 "util/configparser.c" +#line 5105 "util/configparser.c" break; case 439: -#line 2175 "./util/configparser.y" +#line 2177 "./util/configparser.y" { OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -5087,11 +5117,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 5091 "util/configparser.c" +#line 5121 "util/configparser.c" break; case 440: -#line 2188 "./util/configparser.y" +#line 2190 "./util/configparser.y" { OUTYY(("P(server_ratelimit_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -5103,11 +5133,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 5107 "util/configparser.c" +#line 5137 "util/configparser.c" break; case 441: -#line 2201 "./util/configparser.y" +#line 2203 "./util/configparser.y" { OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) { @@ -5121,11 +5151,11 @@ yyreduce: "ratelimit-for-domain"); } } -#line 5125 "util/configparser.c" +#line 5155 "util/configparser.c" break; case 442: -#line 2216 "./util/configparser.y" +#line 2218 "./util/configparser.y" { OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) { @@ -5139,11 +5169,11 @@ yyreduce: "ratelimit-below-domain"); } } -#line 5143 "util/configparser.c" +#line 5173 "util/configparser.c" break; case 443: -#line 2231 "./util/configparser.y" +#line 2233 "./util/configparser.y" { OUTYY(("P(server_ip_ratelimit_factor:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5151,11 +5181,11 @@ yyreduce: else cfg_parser->cfg->ip_ratelimit_factor = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5155 "util/configparser.c" +#line 5185 "util/configparser.c" break; case 444: -#line 2240 "./util/configparser.y" +#line 2242 "./util/configparser.y" { OUTYY(("P(server_ratelimit_factor:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5163,20 +5193,20 @@ yyreduce: else cfg_parser->cfg->ratelimit_factor = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5167 "util/configparser.c" +#line 5197 "util/configparser.c" break; case 445: -#line 2249 "./util/configparser.y" +#line 2251 "./util/configparser.y" { OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n")); free((yyvsp[0].str)); } -#line 5176 "util/configparser.c" +#line 5206 "util/configparser.c" break; case 446: -#line 2255 "./util/configparser.y" +#line 2257 "./util/configparser.y" { OUTYY(("P(server_fast_server_num:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) <= 0) @@ -5184,11 +5214,11 @@ yyreduce: else cfg_parser->cfg->fast_server_num = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5188 "util/configparser.c" +#line 5218 "util/configparser.c" break; case 447: -#line 2264 "./util/configparser.y" +#line 2266 "./util/configparser.y" { OUTYY(("P(server_fast_server_permil:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5196,11 +5226,11 @@ yyreduce: else cfg_parser->cfg->fast_server_permil = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5200 "util/configparser.c" +#line 5230 "util/configparser.c" break; case 448: -#line 2273 "./util/configparser.y" +#line 2275 "./util/configparser.y" { OUTYY(("P(server_qname_minimisation:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5209,11 +5239,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5213 "util/configparser.c" +#line 5243 "util/configparser.c" break; case 449: -#line 2283 "./util/configparser.y" +#line 2285 "./util/configparser.y" { OUTYY(("P(server_qname_minimisation_strict:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5222,11 +5252,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5226 "util/configparser.c" +#line 5256 "util/configparser.c" break; case 450: -#line 2293 "./util/configparser.y" +#line 2295 "./util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_enabled:%s)\n", (yyvsp[0].str))); @@ -5238,11 +5268,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 5242 "util/configparser.c" +#line 5272 "util/configparser.c" break; case 451: -#line 2306 "./util/configparser.y" +#line 2308 "./util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", (yyvsp[0].str))); @@ -5254,11 +5284,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 5258 "util/configparser.c" +#line 5288 "util/configparser.c" break; case 452: -#line 2319 "./util/configparser.y" +#line 2321 "./util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_hook:%s)\n", (yyvsp[0].str))); @@ -5269,11 +5299,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 5273 "util/configparser.c" +#line 5303 "util/configparser.c" break; case 453: -#line 2331 "./util/configparser.y" +#line 2333 "./util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", (yyvsp[0].str))); @@ -5286,11 +5316,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 5290 "util/configparser.c" +#line 5320 "util/configparser.c" break; case 454: -#line 2345 "./util/configparser.y" +#line 2347 "./util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_whitelist:%s)\n", (yyvsp[0].str))); @@ -5301,11 +5331,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 5305 "util/configparser.c" +#line 5335 "util/configparser.c" break; case 455: -#line 2357 "./util/configparser.y" +#line 2359 "./util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_strict:%s)\n", (yyvsp[0].str))); @@ -5318,11 +5348,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 5322 "util/configparser.c" +#line 5352 "util/configparser.c" break; case 456: -#line 2371 "./util/configparser.y" +#line 2373 "./util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->stubs->name) @@ -5331,31 +5361,31 @@ yyreduce: free(cfg_parser->cfg->stubs->name); cfg_parser->cfg->stubs->name = (yyvsp[0].str); } -#line 5335 "util/configparser.c" +#line 5365 "util/configparser.c" break; case 457: -#line 2381 "./util/configparser.y" +#line 2383 "./util/configparser.y" { OUTYY(("P(stub-host:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5345 "util/configparser.c" +#line 5375 "util/configparser.c" break; case 458: -#line 2388 "./util/configparser.y" +#line 2390 "./util/configparser.y" { OUTYY(("P(stub-addr:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5355 "util/configparser.c" +#line 5385 "util/configparser.c" break; case 459: -#line 2395 "./util/configparser.y" +#line 2397 "./util/configparser.y" { OUTYY(("P(stub-first:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5363,11 +5393,11 @@ yyreduce: else cfg_parser->cfg->stubs->isfirst=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5367 "util/configparser.c" +#line 5397 "util/configparser.c" break; case 460: -#line 2404 "./util/configparser.y" +#line 2406 "./util/configparser.y" { OUTYY(("P(stub-no-cache:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5375,11 +5405,11 @@ yyreduce: else cfg_parser->cfg->stubs->no_cache=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5379 "util/configparser.c" +#line 5409 "util/configparser.c" break; case 461: -#line 2413 "./util/configparser.y" +#line 2415 "./util/configparser.y" { OUTYY(("P(stub-ssl-upstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5388,11 +5418,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5392 "util/configparser.c" +#line 5422 "util/configparser.c" break; case 462: -#line 2423 "./util/configparser.y" +#line 2425 "./util/configparser.y" { OUTYY(("P(stub-prime:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5401,11 +5431,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5405 "util/configparser.c" +#line 5435 "util/configparser.c" break; case 463: -#line 2433 "./util/configparser.y" +#line 2435 "./util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->forwards->name) @@ -5414,31 +5444,31 @@ yyreduce: free(cfg_parser->cfg->forwards->name); cfg_parser->cfg->forwards->name = (yyvsp[0].str); } -#line 5418 "util/configparser.c" +#line 5448 "util/configparser.c" break; case 464: -#line 2443 "./util/configparser.y" +#line 2445 "./util/configparser.y" { OUTYY(("P(forward-host:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5428 "util/configparser.c" +#line 5458 "util/configparser.c" break; case 465: -#line 2450 "./util/configparser.y" +#line 2452 "./util/configparser.y" { OUTYY(("P(forward-addr:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5438 "util/configparser.c" +#line 5468 "util/configparser.c" break; case 466: -#line 2457 "./util/configparser.y" +#line 2459 "./util/configparser.y" { OUTYY(("P(forward-first:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5446,11 +5476,11 @@ yyreduce: else cfg_parser->cfg->forwards->isfirst=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5450 "util/configparser.c" +#line 5480 "util/configparser.c" break; case 467: -#line 2466 "./util/configparser.y" +#line 2468 "./util/configparser.y" { OUTYY(("P(forward-no-cache:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5458,11 +5488,11 @@ yyreduce: else cfg_parser->cfg->forwards->no_cache=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5462 "util/configparser.c" +#line 5492 "util/configparser.c" break; case 468: -#line 2475 "./util/configparser.y" +#line 2477 "./util/configparser.y" { OUTYY(("P(forward-ssl-upstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5471,11 +5501,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5475 "util/configparser.c" +#line 5505 "util/configparser.c" break; case 469: -#line 2485 "./util/configparser.y" +#line 2487 "./util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->auths->name) @@ -5484,52 +5514,52 @@ yyreduce: free(cfg_parser->cfg->auths->name); cfg_parser->cfg->auths->name = (yyvsp[0].str); } -#line 5488 "util/configparser.c" +#line 5518 "util/configparser.c" break; case 470: -#line 2495 "./util/configparser.y" +#line 2497 "./util/configparser.y" { OUTYY(("P(zonefile:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->auths->zonefile); cfg_parser->cfg->auths->zonefile = (yyvsp[0].str); } -#line 5498 "util/configparser.c" +#line 5528 "util/configparser.c" break; case 471: -#line 2502 "./util/configparser.y" +#line 2504 "./util/configparser.y" { OUTYY(("P(master:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5508 "util/configparser.c" +#line 5538 "util/configparser.c" break; case 472: -#line 2509 "./util/configparser.y" +#line 2511 "./util/configparser.y" { OUTYY(("P(url:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5518 "util/configparser.c" +#line 5548 "util/configparser.c" break; case 473: -#line 2516 "./util/configparser.y" +#line 2518 "./util/configparser.y" { OUTYY(("P(allow-notify:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5529 "util/configparser.c" +#line 5559 "util/configparser.c" break; case 474: -#line 2524 "./util/configparser.y" +#line 2526 "./util/configparser.y" { OUTYY(("P(for-downstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5538,11 +5568,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5542 "util/configparser.c" +#line 5572 "util/configparser.c" break; case 475: -#line 2534 "./util/configparser.y" +#line 2536 "./util/configparser.y" { OUTYY(("P(for-upstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5551,11 +5581,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5555 "util/configparser.c" +#line 5585 "util/configparser.c" break; case 476: -#line 2544 "./util/configparser.y" +#line 2546 "./util/configparser.y" { OUTYY(("P(fallback-enabled:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5564,11 +5594,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5568 "util/configparser.c" +#line 5598 "util/configparser.c" break; case 477: -#line 2554 "./util/configparser.y" +#line 2556 "./util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->views->name) @@ -5577,11 +5607,11 @@ yyreduce: free(cfg_parser->cfg->views->name); cfg_parser->cfg->views->name = (yyvsp[0].str); } -#line 5581 "util/configparser.c" +#line 5611 "util/configparser.c" break; case 478: -#line 2564 "./util/configparser.y" +#line 2566 "./util/configparser.y" { OUTYY(("P(view_local_zone:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "static")!=0 && strcmp((yyvsp[0].str), "deny")!=0 && @@ -5619,11 +5649,11 @@ yyreduce: fatal_exit("out of memory adding local-zone"); } } -#line 5623 "util/configparser.c" +#line 5653 "util/configparser.c" break; case 479: -#line 2603 "./util/configparser.y" +#line 2605 "./util/configparser.y" { OUTYY(("P(view_response_ip:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); validate_respip_action((yyvsp[0].str)); @@ -5632,33 +5662,33 @@ yyreduce: fatal_exit("out of memory adding per-view " "response-ip action"); } -#line 5636 "util/configparser.c" +#line 5666 "util/configparser.c" break; case 480: -#line 2613 "./util/configparser.y" +#line 2615 "./util/configparser.y" { OUTYY(("P(view_response_ip_data:%s)\n", (yyvsp[-1].str))); if(!cfg_str2list_insert( &cfg_parser->cfg->views->respip_data, (yyvsp[-1].str), (yyvsp[0].str))) fatal_exit("out of memory adding response-ip-data"); } -#line 5647 "util/configparser.c" +#line 5677 "util/configparser.c" break; case 481: -#line 2621 "./util/configparser.y" +#line 2623 "./util/configparser.y" { OUTYY(("P(view_local_data:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, (yyvsp[0].str))) { fatal_exit("out of memory adding local-data"); } } -#line 5658 "util/configparser.c" +#line 5688 "util/configparser.c" break; case 482: -#line 2629 "./util/configparser.y" +#line 2631 "./util/configparser.y" { char* ptr; OUTYY(("P(view_local_data_ptr:%s)\n", (yyvsp[0].str))); @@ -5672,11 +5702,11 @@ yyreduce: yyerror("local-data-ptr could not be reversed"); } } -#line 5676 "util/configparser.c" +#line 5706 "util/configparser.c" break; case 483: -#line 2644 "./util/configparser.y" +#line 2646 "./util/configparser.y" { OUTYY(("P(view-first:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5684,19 +5714,19 @@ yyreduce: else cfg_parser->cfg->views->isfirst=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5688 "util/configparser.c" +#line 5718 "util/configparser.c" break; case 484: -#line 2653 "./util/configparser.y" +#line 2655 "./util/configparser.y" { OUTYY(("\nP(remote-control:)\n")); } -#line 5696 "util/configparser.c" +#line 5726 "util/configparser.c" break; case 495: -#line 2664 "./util/configparser.y" +#line 2666 "./util/configparser.y" { OUTYY(("P(control_enable:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5705,11 +5735,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5709 "util/configparser.c" +#line 5739 "util/configparser.c" break; case 496: -#line 2674 "./util/configparser.y" +#line 2676 "./util/configparser.y" { OUTYY(("P(control_port:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -5717,79 +5747,79 @@ yyreduce: else cfg_parser->cfg->control_port = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5721 "util/configparser.c" +#line 5751 "util/configparser.c" break; case 497: -#line 2683 "./util/configparser.y" +#line 2685 "./util/configparser.y" { OUTYY(("P(control_interface:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5731 "util/configparser.c" +#line 5761 "util/configparser.c" break; case 498: -#line 2690 "./util/configparser.y" +#line 2692 "./util/configparser.y" { OUTYY(("P(control_use_cert:%s)\n", (yyvsp[0].str))); cfg_parser->cfg->control_use_cert = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5741 "util/configparser.c" +#line 5771 "util/configparser.c" break; case 499: -#line 2697 "./util/configparser.y" +#line 2699 "./util/configparser.y" { OUTYY(("P(rc_server_key_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->server_key_file); cfg_parser->cfg->server_key_file = (yyvsp[0].str); } -#line 5751 "util/configparser.c" +#line 5781 "util/configparser.c" break; case 500: -#line 2704 "./util/configparser.y" +#line 2706 "./util/configparser.y" { OUTYY(("P(rc_server_cert_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->server_cert_file); cfg_parser->cfg->server_cert_file = (yyvsp[0].str); } -#line 5761 "util/configparser.c" +#line 5791 "util/configparser.c" break; case 501: -#line 2711 "./util/configparser.y" +#line 2713 "./util/configparser.y" { OUTYY(("P(rc_control_key_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->control_key_file); cfg_parser->cfg->control_key_file = (yyvsp[0].str); } -#line 5771 "util/configparser.c" +#line 5801 "util/configparser.c" break; case 502: -#line 2718 "./util/configparser.y" +#line 2720 "./util/configparser.y" { OUTYY(("P(rc_control_cert_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->control_cert_file); cfg_parser->cfg->control_cert_file = (yyvsp[0].str); } -#line 5781 "util/configparser.c" +#line 5811 "util/configparser.c" break; case 503: -#line 2725 "./util/configparser.y" +#line 2727 "./util/configparser.y" { OUTYY(("\nP(dnstap:)\n")); } -#line 5789 "util/configparser.c" +#line 5819 "util/configparser.c" break; - case 518: -#line 2742 "./util/configparser.y" + case 524: +#line 2747 "./util/configparser.y" { OUTYY(("P(dt_dnstap_enable:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5797,21 +5827,83 @@ yyreduce: else cfg_parser->cfg->dnstap = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5801 "util/configparser.c" +#line 5831 "util/configparser.c" break; - case 519: -#line 2751 "./util/configparser.y" + case 525: +#line 2756 "./util/configparser.y" { OUTYY(("P(dt_dnstap_socket_path:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_socket_path); cfg_parser->cfg->dnstap_socket_path = (yyvsp[0].str); } -#line 5811 "util/configparser.c" +#line 5841 "util/configparser.c" break; - case 520: -#line 2758 "./util/configparser.y" + case 526: +#line 2763 "./util/configparser.y" + { + OUTYY(("P(dt_dnstap_ip:%s)\n", (yyvsp[0].str))); + free(cfg_parser->cfg->dnstap_ip); + cfg_parser->cfg->dnstap_ip = (yyvsp[0].str); + } +#line 5851 "util/configparser.c" + break; + + case 527: +#line 2770 "./util/configparser.y" + { + OUTYY(("P(dt_dnstap_tls:%s)\n", (yyvsp[0].str))); + if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_tls = (strcmp((yyvsp[0].str), "yes")==0); + free((yyvsp[0].str)); + } +#line 5863 "util/configparser.c" + break; + + case 528: +#line 2779 "./util/configparser.y" + { + OUTYY(("P(dt_dnstap_tls_server_name:%s)\n", (yyvsp[0].str))); + free(cfg_parser->cfg->dnstap_tls_server_name); + cfg_parser->cfg->dnstap_tls_server_name = (yyvsp[0].str); + } +#line 5873 "util/configparser.c" + break; + + case 529: +#line 2786 "./util/configparser.y" + { + OUTYY(("P(dt_dnstap_tls_cert_bundle:%s)\n", (yyvsp[0].str))); + free(cfg_parser->cfg->dnstap_tls_cert_bundle); + cfg_parser->cfg->dnstap_tls_cert_bundle = (yyvsp[0].str); + } +#line 5883 "util/configparser.c" + break; + + case 530: +#line 2793 "./util/configparser.y" + { + OUTYY(("P(dt_dnstap_tls_client_key_file:%s)\n", (yyvsp[0].str))); + free(cfg_parser->cfg->dnstap_tls_client_key_file); + cfg_parser->cfg->dnstap_tls_client_key_file = (yyvsp[0].str); + } +#line 5893 "util/configparser.c" + break; + + case 531: +#line 2800 "./util/configparser.y" + { + OUTYY(("P(dt_dnstap_tls_client_cert_file:%s)\n", (yyvsp[0].str))); + free(cfg_parser->cfg->dnstap_tls_client_cert_file); + cfg_parser->cfg->dnstap_tls_client_cert_file = (yyvsp[0].str); + } +#line 5903 "util/configparser.c" + break; + + case 532: +#line 2807 "./util/configparser.y" { OUTYY(("P(dt_dnstap_send_identity:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5819,11 +5911,11 @@ yyreduce: else cfg_parser->cfg->dnstap_send_identity = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5823 "util/configparser.c" +#line 5915 "util/configparser.c" break; - case 521: -#line 2767 "./util/configparser.y" + case 533: +#line 2816 "./util/configparser.y" { OUTYY(("P(dt_dnstap_send_version:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5831,31 +5923,31 @@ yyreduce: else cfg_parser->cfg->dnstap_send_version = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5835 "util/configparser.c" +#line 5927 "util/configparser.c" break; - case 522: -#line 2776 "./util/configparser.y" + case 534: +#line 2825 "./util/configparser.y" { OUTYY(("P(dt_dnstap_identity:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_identity); cfg_parser->cfg->dnstap_identity = (yyvsp[0].str); } -#line 5845 "util/configparser.c" +#line 5937 "util/configparser.c" break; - case 523: -#line 2783 "./util/configparser.y" + case 535: +#line 2832 "./util/configparser.y" { OUTYY(("P(dt_dnstap_version:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_version); cfg_parser->cfg->dnstap_version = (yyvsp[0].str); } -#line 5855 "util/configparser.c" +#line 5947 "util/configparser.c" break; - case 524: -#line 2790 "./util/configparser.y" + case 536: +#line 2839 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5864,11 +5956,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5868 "util/configparser.c" +#line 5960 "util/configparser.c" break; - case 525: -#line 2800 "./util/configparser.y" + case 537: +#line 2849 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5877,11 +5969,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5881 "util/configparser.c" +#line 5973 "util/configparser.c" break; - case 526: -#line 2810 "./util/configparser.y" + case 538: +#line 2859 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5890,11 +5982,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5894 "util/configparser.c" +#line 5986 "util/configparser.c" break; - case 527: -#line 2820 "./util/configparser.y" + case 539: +#line 2869 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5903,11 +5995,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5907 "util/configparser.c" +#line 5999 "util/configparser.c" break; - case 528: -#line 2830 "./util/configparser.y" + case 540: +#line 2879 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5916,11 +6008,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5920 "util/configparser.c" +#line 6012 "util/configparser.c" break; - case 529: -#line 2840 "./util/configparser.y" + case 541: +#line 2889 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5929,29 +6021,29 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5933 "util/configparser.c" +#line 6025 "util/configparser.c" break; - case 530: -#line 2850 "./util/configparser.y" + case 542: +#line 2899 "./util/configparser.y" { OUTYY(("\nP(python:)\n")); } -#line 5941 "util/configparser.c" +#line 6033 "util/configparser.c" break; - case 534: -#line 2859 "./util/configparser.y" + case 546: +#line 2908 "./util/configparser.y" { OUTYY(("P(python-script:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5951 "util/configparser.c" +#line 6043 "util/configparser.c" break; - case 535: -#line 2865 "./util/configparser.y" + case 547: +#line 2914 "./util/configparser.y" { OUTYY(("P(disable_dnssec_lame_check:%s)\n", (yyvsp[0].str))); if (strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5960,21 +6052,21 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5964 "util/configparser.c" +#line 6056 "util/configparser.c" break; - case 536: -#line 2875 "./util/configparser.y" + case 548: +#line 2924 "./util/configparser.y" { OUTYY(("P(server_log_identity:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->log_identity); cfg_parser->cfg->log_identity = (yyvsp[0].str); } -#line 5974 "util/configparser.c" +#line 6066 "util/configparser.c" break; - case 537: -#line 2882 "./util/configparser.y" + case 549: +#line 2931 "./util/configparser.y" { OUTYY(("P(server_response_ip:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); validate_respip_action((yyvsp[0].str)); @@ -5982,30 +6074,30 @@ yyreduce: (yyvsp[-1].str), (yyvsp[0].str))) fatal_exit("out of memory adding response-ip"); } -#line 5986 "util/configparser.c" +#line 6078 "util/configparser.c" break; - case 538: -#line 2891 "./util/configparser.y" + case 550: +#line 2940 "./util/configparser.y" { OUTYY(("P(server_response_ip_data:%s)\n", (yyvsp[-1].str))); if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data, (yyvsp[-1].str), (yyvsp[0].str))) fatal_exit("out of memory adding response-ip-data"); } -#line 5997 "util/configparser.c" +#line 6089 "util/configparser.c" break; - case 539: -#line 2899 "./util/configparser.y" + case 551: +#line 2948 "./util/configparser.y" { OUTYY(("\nP(dnscrypt:)\n")); } -#line 6005 "util/configparser.c" +#line 6097 "util/configparser.c" break; - case 552: -#line 2915 "./util/configparser.y" + case 564: +#line 2964 "./util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6013,11 +6105,11 @@ yyreduce: else cfg_parser->cfg->dnscrypt = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6017 "util/configparser.c" +#line 6109 "util/configparser.c" break; - case 553: -#line 2925 "./util/configparser.y" + case 565: +#line 2974 "./util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_port:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -6025,21 +6117,21 @@ yyreduce: else cfg_parser->cfg->dnscrypt_port = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 6029 "util/configparser.c" +#line 6121 "util/configparser.c" break; - case 554: -#line 2934 "./util/configparser.y" + case 566: +#line 2983 "./util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnscrypt_provider); cfg_parser->cfg->dnscrypt_provider = (yyvsp[0].str); } -#line 6039 "util/configparser.c" +#line 6131 "util/configparser.c" break; - case 555: -#line 2941 "./util/configparser.y" + case 567: +#line 2990 "./util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", (yyvsp[0].str))); if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, (yyvsp[0].str))) @@ -6047,21 +6139,21 @@ yyreduce: if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, (yyvsp[0].str))) fatal_exit("out of memory adding dnscrypt-provider-cert"); } -#line 6051 "util/configparser.c" +#line 6143 "util/configparser.c" break; - case 556: -#line 2950 "./util/configparser.y" + case 568: +#line 2999 "./util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, (yyvsp[0].str))) fatal_exit("out of memory adding dnscrypt-provider-cert-rotated"); } -#line 6061 "util/configparser.c" +#line 6153 "util/configparser.c" break; - case 557: -#line 2957 "./util/configparser.y" + case 569: +#line 3006 "./util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", (yyvsp[0].str))); if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, (yyvsp[0].str))) @@ -6069,22 +6161,22 @@ yyreduce: if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, (yyvsp[0].str))) fatal_exit("out of memory adding dnscrypt-secret-key"); } -#line 6073 "util/configparser.c" +#line 6165 "util/configparser.c" break; - case 558: -#line 2966 "./util/configparser.y" + case 570: +#line 3015 "./util/configparser.y" { OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->dnscrypt_shared_secret_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 6084 "util/configparser.c" +#line 6176 "util/configparser.c" break; - case 559: -#line 2974 "./util/configparser.y" + case 571: +#line 3023 "./util/configparser.y" { OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -6096,22 +6188,22 @@ yyreduce: } free((yyvsp[0].str)); } -#line 6100 "util/configparser.c" +#line 6192 "util/configparser.c" break; - case 560: -#line 2987 "./util/configparser.y" + case 572: +#line 3036 "./util/configparser.y" { OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->dnscrypt_nonce_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 6111 "util/configparser.c" +#line 6203 "util/configparser.c" break; - case 561: -#line 2995 "./util/configparser.y" + case 573: +#line 3044 "./util/configparser.y" { OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -6123,19 +6215,19 @@ yyreduce: } free((yyvsp[0].str)); } -#line 6127 "util/configparser.c" +#line 6219 "util/configparser.c" break; - case 562: -#line 3008 "./util/configparser.y" + case 574: +#line 3057 "./util/configparser.y" { OUTYY(("\nP(cachedb:)\n")); } -#line 6135 "util/configparser.c" +#line 6227 "util/configparser.c" break; - case 570: -#line 3018 "./util/configparser.y" + case 582: +#line 3067 "./util/configparser.y" { #ifdef USE_CACHEDB OUTYY(("P(backend:%s)\n", (yyvsp[0].str))); @@ -6146,11 +6238,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6150 "util/configparser.c" +#line 6242 "util/configparser.c" break; - case 571: -#line 3030 "./util/configparser.y" + case 583: +#line 3079 "./util/configparser.y" { #ifdef USE_CACHEDB OUTYY(("P(secret-seed:%s)\n", (yyvsp[0].str))); @@ -6161,11 +6253,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6165 "util/configparser.c" +#line 6257 "util/configparser.c" break; - case 572: -#line 3042 "./util/configparser.y" + case 584: +#line 3091 "./util/configparser.y" { #if defined(USE_CACHEDB) && defined(USE_REDIS) OUTYY(("P(redis_server_host:%s)\n", (yyvsp[0].str))); @@ -6176,11 +6268,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6180 "util/configparser.c" +#line 6272 "util/configparser.c" break; - case 573: -#line 3054 "./util/configparser.y" + case 585: +#line 3103 "./util/configparser.y" { #if defined(USE_CACHEDB) && defined(USE_REDIS) int port; @@ -6194,11 +6286,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 6198 "util/configparser.c" +#line 6290 "util/configparser.c" break; - case 574: -#line 3069 "./util/configparser.y" + case 586: +#line 3118 "./util/configparser.y" { #if defined(USE_CACHEDB) && defined(USE_REDIS) OUTYY(("P(redis_timeout:%s)\n", (yyvsp[0].str))); @@ -6210,11 +6302,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 6214 "util/configparser.c" +#line 6306 "util/configparser.c" break; - case 575: -#line 3082 "./util/configparser.y" + case 587: +#line 3131 "./util/configparser.y" { OUTYY(("P(server_tcp_connection_limit:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if (atoi((yyvsp[0].str)) < 0) @@ -6224,19 +6316,19 @@ yyreduce: fatal_exit("out of memory adding tcp connection limit"); } } -#line 6228 "util/configparser.c" +#line 6320 "util/configparser.c" break; - case 576: -#line 3093 "./util/configparser.y" + case 588: +#line 3142 "./util/configparser.y" { OUTYY(("\nP(ipset:)\n")); } -#line 6236 "util/configparser.c" +#line 6328 "util/configparser.c" break; - case 581: -#line 3102 "./util/configparser.y" + case 593: +#line 3151 "./util/configparser.y" { #ifdef USE_IPSET OUTYY(("P(name-v4:%s)\n", (yyvsp[0].str))); @@ -6250,11 +6342,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6254 "util/configparser.c" +#line 6346 "util/configparser.c" break; - case 582: -#line 3117 "./util/configparser.y" + case 594: +#line 3166 "./util/configparser.y" { #ifdef USE_IPSET OUTYY(("P(name-v6:%s)\n", (yyvsp[0].str))); @@ -6268,11 +6360,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6272 "util/configparser.c" +#line 6364 "util/configparser.c" break; -#line 6276 "util/configparser.c" +#line 6368 "util/configparser.c" default: break; } @@ -6504,7 +6596,7 @@ yyreturn: #endif return yyresult; } -#line 3131 "./util/configparser.y" +#line 3180 "./util/configparser.y" /* parse helper routines could be here */ diff --git a/util/configparser.h b/util/configparser.h index 919bdadf6..aaf822223 100644 --- a/util/configparser.h +++ b/util/configparser.h @@ -201,130 +201,136 @@ extern int yydebug; VAR_DNSTAP = 407, VAR_DNSTAP_ENABLE = 408, VAR_DNSTAP_SOCKET_PATH = 409, - VAR_DNSTAP_SEND_IDENTITY = 410, - VAR_DNSTAP_SEND_VERSION = 411, - VAR_DNSTAP_IDENTITY = 412, - VAR_DNSTAP_VERSION = 413, - VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES = 414, - VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES = 415, - VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES = 416, - VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES = 417, - VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES = 418, - VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES = 419, - VAR_RESPONSE_IP_TAG = 420, - VAR_RESPONSE_IP = 421, - VAR_RESPONSE_IP_DATA = 422, - VAR_HARDEN_ALGO_DOWNGRADE = 423, - VAR_IP_TRANSPARENT = 424, - VAR_DISABLE_DNSSEC_LAME_CHECK = 425, - VAR_IP_RATELIMIT = 426, - VAR_IP_RATELIMIT_SLABS = 427, - VAR_IP_RATELIMIT_SIZE = 428, - VAR_RATELIMIT = 429, - VAR_RATELIMIT_SLABS = 430, - VAR_RATELIMIT_SIZE = 431, - VAR_RATELIMIT_FOR_DOMAIN = 432, - VAR_RATELIMIT_BELOW_DOMAIN = 433, - VAR_IP_RATELIMIT_FACTOR = 434, - VAR_RATELIMIT_FACTOR = 435, - VAR_SEND_CLIENT_SUBNET = 436, - VAR_CLIENT_SUBNET_ZONE = 437, - VAR_CLIENT_SUBNET_ALWAYS_FORWARD = 438, - VAR_CLIENT_SUBNET_OPCODE = 439, - VAR_MAX_CLIENT_SUBNET_IPV4 = 440, - VAR_MAX_CLIENT_SUBNET_IPV6 = 441, - VAR_MIN_CLIENT_SUBNET_IPV4 = 442, - VAR_MIN_CLIENT_SUBNET_IPV6 = 443, - VAR_MAX_ECS_TREE_SIZE_IPV4 = 444, - VAR_MAX_ECS_TREE_SIZE_IPV6 = 445, - VAR_CAPS_WHITELIST = 446, - VAR_CACHE_MAX_NEGATIVE_TTL = 447, - VAR_PERMIT_SMALL_HOLDDOWN = 448, - VAR_QNAME_MINIMISATION = 449, - VAR_QNAME_MINIMISATION_STRICT = 450, - VAR_IP_FREEBIND = 451, - VAR_DEFINE_TAG = 452, - VAR_LOCAL_ZONE_TAG = 453, - VAR_ACCESS_CONTROL_TAG = 454, - VAR_LOCAL_ZONE_OVERRIDE = 455, - VAR_ACCESS_CONTROL_TAG_ACTION = 456, - VAR_ACCESS_CONTROL_TAG_DATA = 457, - VAR_VIEW = 458, - VAR_ACCESS_CONTROL_VIEW = 459, - VAR_VIEW_FIRST = 460, - VAR_SERVE_EXPIRED = 461, - VAR_SERVE_EXPIRED_TTL = 462, - VAR_SERVE_EXPIRED_TTL_RESET = 463, - VAR_SERVE_EXPIRED_REPLY_TTL = 464, - VAR_SERVE_EXPIRED_CLIENT_TIMEOUT = 465, - VAR_FAKE_DSA = 466, - VAR_FAKE_SHA1 = 467, - VAR_LOG_IDENTITY = 468, - VAR_HIDE_TRUSTANCHOR = 469, - VAR_TRUST_ANCHOR_SIGNALING = 470, - VAR_AGGRESSIVE_NSEC = 471, - VAR_USE_SYSTEMD = 472, - VAR_SHM_ENABLE = 473, - VAR_SHM_KEY = 474, - VAR_ROOT_KEY_SENTINEL = 475, - VAR_DNSCRYPT = 476, - VAR_DNSCRYPT_ENABLE = 477, - VAR_DNSCRYPT_PORT = 478, - VAR_DNSCRYPT_PROVIDER = 479, - VAR_DNSCRYPT_SECRET_KEY = 480, - VAR_DNSCRYPT_PROVIDER_CERT = 481, - VAR_DNSCRYPT_PROVIDER_CERT_ROTATED = 482, - VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE = 483, - VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS = 484, - VAR_DNSCRYPT_NONCE_CACHE_SIZE = 485, - VAR_DNSCRYPT_NONCE_CACHE_SLABS = 486, - VAR_IPSECMOD_ENABLED = 487, - VAR_IPSECMOD_HOOK = 488, - VAR_IPSECMOD_IGNORE_BOGUS = 489, - VAR_IPSECMOD_MAX_TTL = 490, - VAR_IPSECMOD_WHITELIST = 491, - VAR_IPSECMOD_STRICT = 492, - VAR_CACHEDB = 493, - VAR_CACHEDB_BACKEND = 494, - VAR_CACHEDB_SECRETSEED = 495, - VAR_CACHEDB_REDISHOST = 496, - VAR_CACHEDB_REDISPORT = 497, - VAR_CACHEDB_REDISTIMEOUT = 498, - VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM = 499, - VAR_FOR_UPSTREAM = 500, - VAR_AUTH_ZONE = 501, - VAR_ZONEFILE = 502, - VAR_MASTER = 503, - VAR_URL = 504, - VAR_FOR_DOWNSTREAM = 505, - VAR_FALLBACK_ENABLED = 506, - VAR_TLS_ADDITIONAL_PORT = 507, - VAR_LOW_RTT = 508, - VAR_LOW_RTT_PERMIL = 509, - VAR_FAST_SERVER_PERMIL = 510, - VAR_FAST_SERVER_NUM = 511, - VAR_ALLOW_NOTIFY = 512, - VAR_TLS_WIN_CERT = 513, - VAR_TCP_CONNECTION_LIMIT = 514, - VAR_FORWARD_NO_CACHE = 515, - VAR_STUB_NO_CACHE = 516, - VAR_LOG_SERVFAIL = 517, - VAR_DENY_ANY = 518, - VAR_UNKNOWN_SERVER_TIME_LIMIT = 519, - VAR_LOG_TAG_QUERYREPLY = 520, - VAR_STREAM_WAIT_SIZE = 521, - VAR_TLS_CIPHERS = 522, - VAR_TLS_CIPHERSUITES = 523, - VAR_IPSET = 524, - VAR_IPSET_NAME_V4 = 525, - VAR_IPSET_NAME_V6 = 526, - VAR_TLS_SESSION_TICKET_KEYS = 527, - VAR_RPZ = 528, - VAR_TAGS = 529, - VAR_RPZ_ACTION_OVERRIDE = 530, - VAR_RPZ_CNAME_OVERRIDE = 531, - VAR_RPZ_LOG = 532, - VAR_RPZ_LOG_NAME = 533 + VAR_DNSTAP_IP = 410, + VAR_DNSTAP_TLS = 411, + VAR_DNSTAP_TLS_SERVER_NAME = 412, + VAR_DNSTAP_TLS_CERT_BUNDLE = 413, + VAR_DNSTAP_TLS_CLIENT_KEY_FILE = 414, + VAR_DNSTAP_TLS_CLIENT_CERT_FILE = 415, + VAR_DNSTAP_SEND_IDENTITY = 416, + VAR_DNSTAP_SEND_VERSION = 417, + VAR_DNSTAP_IDENTITY = 418, + VAR_DNSTAP_VERSION = 419, + VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES = 420, + VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES = 421, + VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES = 422, + VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES = 423, + VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES = 424, + VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES = 425, + VAR_RESPONSE_IP_TAG = 426, + VAR_RESPONSE_IP = 427, + VAR_RESPONSE_IP_DATA = 428, + VAR_HARDEN_ALGO_DOWNGRADE = 429, + VAR_IP_TRANSPARENT = 430, + VAR_DISABLE_DNSSEC_LAME_CHECK = 431, + VAR_IP_RATELIMIT = 432, + VAR_IP_RATELIMIT_SLABS = 433, + VAR_IP_RATELIMIT_SIZE = 434, + VAR_RATELIMIT = 435, + VAR_RATELIMIT_SLABS = 436, + VAR_RATELIMIT_SIZE = 437, + VAR_RATELIMIT_FOR_DOMAIN = 438, + VAR_RATELIMIT_BELOW_DOMAIN = 439, + VAR_IP_RATELIMIT_FACTOR = 440, + VAR_RATELIMIT_FACTOR = 441, + VAR_SEND_CLIENT_SUBNET = 442, + VAR_CLIENT_SUBNET_ZONE = 443, + VAR_CLIENT_SUBNET_ALWAYS_FORWARD = 444, + VAR_CLIENT_SUBNET_OPCODE = 445, + VAR_MAX_CLIENT_SUBNET_IPV4 = 446, + VAR_MAX_CLIENT_SUBNET_IPV6 = 447, + VAR_MIN_CLIENT_SUBNET_IPV4 = 448, + VAR_MIN_CLIENT_SUBNET_IPV6 = 449, + VAR_MAX_ECS_TREE_SIZE_IPV4 = 450, + VAR_MAX_ECS_TREE_SIZE_IPV6 = 451, + VAR_CAPS_WHITELIST = 452, + VAR_CACHE_MAX_NEGATIVE_TTL = 453, + VAR_PERMIT_SMALL_HOLDDOWN = 454, + VAR_QNAME_MINIMISATION = 455, + VAR_QNAME_MINIMISATION_STRICT = 456, + VAR_IP_FREEBIND = 457, + VAR_DEFINE_TAG = 458, + VAR_LOCAL_ZONE_TAG = 459, + VAR_ACCESS_CONTROL_TAG = 460, + VAR_LOCAL_ZONE_OVERRIDE = 461, + VAR_ACCESS_CONTROL_TAG_ACTION = 462, + VAR_ACCESS_CONTROL_TAG_DATA = 463, + VAR_VIEW = 464, + VAR_ACCESS_CONTROL_VIEW = 465, + VAR_VIEW_FIRST = 466, + VAR_SERVE_EXPIRED = 467, + VAR_SERVE_EXPIRED_TTL = 468, + VAR_SERVE_EXPIRED_TTL_RESET = 469, + VAR_SERVE_EXPIRED_REPLY_TTL = 470, + VAR_SERVE_EXPIRED_CLIENT_TIMEOUT = 471, + VAR_FAKE_DSA = 472, + VAR_FAKE_SHA1 = 473, + VAR_LOG_IDENTITY = 474, + VAR_HIDE_TRUSTANCHOR = 475, + VAR_TRUST_ANCHOR_SIGNALING = 476, + VAR_AGGRESSIVE_NSEC = 477, + VAR_USE_SYSTEMD = 478, + VAR_SHM_ENABLE = 479, + VAR_SHM_KEY = 480, + VAR_ROOT_KEY_SENTINEL = 481, + VAR_DNSCRYPT = 482, + VAR_DNSCRYPT_ENABLE = 483, + VAR_DNSCRYPT_PORT = 484, + VAR_DNSCRYPT_PROVIDER = 485, + VAR_DNSCRYPT_SECRET_KEY = 486, + VAR_DNSCRYPT_PROVIDER_CERT = 487, + VAR_DNSCRYPT_PROVIDER_CERT_ROTATED = 488, + VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE = 489, + VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS = 490, + VAR_DNSCRYPT_NONCE_CACHE_SIZE = 491, + VAR_DNSCRYPT_NONCE_CACHE_SLABS = 492, + VAR_IPSECMOD_ENABLED = 493, + VAR_IPSECMOD_HOOK = 494, + VAR_IPSECMOD_IGNORE_BOGUS = 495, + VAR_IPSECMOD_MAX_TTL = 496, + VAR_IPSECMOD_WHITELIST = 497, + VAR_IPSECMOD_STRICT = 498, + VAR_CACHEDB = 499, + VAR_CACHEDB_BACKEND = 500, + VAR_CACHEDB_SECRETSEED = 501, + VAR_CACHEDB_REDISHOST = 502, + VAR_CACHEDB_REDISPORT = 503, + VAR_CACHEDB_REDISTIMEOUT = 504, + VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM = 505, + VAR_FOR_UPSTREAM = 506, + VAR_AUTH_ZONE = 507, + VAR_ZONEFILE = 508, + VAR_MASTER = 509, + VAR_URL = 510, + VAR_FOR_DOWNSTREAM = 511, + VAR_FALLBACK_ENABLED = 512, + VAR_TLS_ADDITIONAL_PORT = 513, + VAR_LOW_RTT = 514, + VAR_LOW_RTT_PERMIL = 515, + VAR_FAST_SERVER_PERMIL = 516, + VAR_FAST_SERVER_NUM = 517, + VAR_ALLOW_NOTIFY = 518, + VAR_TLS_WIN_CERT = 519, + VAR_TCP_CONNECTION_LIMIT = 520, + VAR_FORWARD_NO_CACHE = 521, + VAR_STUB_NO_CACHE = 522, + VAR_LOG_SERVFAIL = 523, + VAR_DENY_ANY = 524, + VAR_UNKNOWN_SERVER_TIME_LIMIT = 525, + VAR_LOG_TAG_QUERYREPLY = 526, + VAR_STREAM_WAIT_SIZE = 527, + VAR_TLS_CIPHERS = 528, + VAR_TLS_CIPHERSUITES = 529, + VAR_IPSET = 530, + VAR_IPSET_NAME_V4 = 531, + VAR_IPSET_NAME_V6 = 532, + VAR_TLS_SESSION_TICKET_KEYS = 533, + VAR_RPZ = 534, + VAR_TAGS = 535, + VAR_RPZ_ACTION_OVERRIDE = 536, + VAR_RPZ_CNAME_OVERRIDE = 537, + VAR_RPZ_LOG = 538, + VAR_RPZ_LOG_NAME = 539 }; #endif /* Tokens. */ @@ -480,130 +486,136 @@ extern int yydebug; #define VAR_DNSTAP 407 #define VAR_DNSTAP_ENABLE 408 #define VAR_DNSTAP_SOCKET_PATH 409 -#define VAR_DNSTAP_SEND_IDENTITY 410 -#define VAR_DNSTAP_SEND_VERSION 411 -#define VAR_DNSTAP_IDENTITY 412 -#define VAR_DNSTAP_VERSION 413 -#define VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 414 -#define VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 415 -#define VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 416 -#define VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 417 -#define VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 418 -#define VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 419 -#define VAR_RESPONSE_IP_TAG 420 -#define VAR_RESPONSE_IP 421 -#define VAR_RESPONSE_IP_DATA 422 -#define VAR_HARDEN_ALGO_DOWNGRADE 423 -#define VAR_IP_TRANSPARENT 424 -#define VAR_DISABLE_DNSSEC_LAME_CHECK 425 -#define VAR_IP_RATELIMIT 426 -#define VAR_IP_RATELIMIT_SLABS 427 -#define VAR_IP_RATELIMIT_SIZE 428 -#define VAR_RATELIMIT 429 -#define VAR_RATELIMIT_SLABS 430 -#define VAR_RATELIMIT_SIZE 431 -#define VAR_RATELIMIT_FOR_DOMAIN 432 -#define VAR_RATELIMIT_BELOW_DOMAIN 433 -#define VAR_IP_RATELIMIT_FACTOR 434 -#define VAR_RATELIMIT_FACTOR 435 -#define VAR_SEND_CLIENT_SUBNET 436 -#define VAR_CLIENT_SUBNET_ZONE 437 -#define VAR_CLIENT_SUBNET_ALWAYS_FORWARD 438 -#define VAR_CLIENT_SUBNET_OPCODE 439 -#define VAR_MAX_CLIENT_SUBNET_IPV4 440 -#define VAR_MAX_CLIENT_SUBNET_IPV6 441 -#define VAR_MIN_CLIENT_SUBNET_IPV4 442 -#define VAR_MIN_CLIENT_SUBNET_IPV6 443 -#define VAR_MAX_ECS_TREE_SIZE_IPV4 444 -#define VAR_MAX_ECS_TREE_SIZE_IPV6 445 -#define VAR_CAPS_WHITELIST 446 -#define VAR_CACHE_MAX_NEGATIVE_TTL 447 -#define VAR_PERMIT_SMALL_HOLDDOWN 448 -#define VAR_QNAME_MINIMISATION 449 -#define VAR_QNAME_MINIMISATION_STRICT 450 -#define VAR_IP_FREEBIND 451 -#define VAR_DEFINE_TAG 452 -#define VAR_LOCAL_ZONE_TAG 453 -#define VAR_ACCESS_CONTROL_TAG 454 -#define VAR_LOCAL_ZONE_OVERRIDE 455 -#define VAR_ACCESS_CONTROL_TAG_ACTION 456 -#define VAR_ACCESS_CONTROL_TAG_DATA 457 -#define VAR_VIEW 458 -#define VAR_ACCESS_CONTROL_VIEW 459 -#define VAR_VIEW_FIRST 460 -#define VAR_SERVE_EXPIRED 461 -#define VAR_SERVE_EXPIRED_TTL 462 -#define VAR_SERVE_EXPIRED_TTL_RESET 463 -#define VAR_SERVE_EXPIRED_REPLY_TTL 464 -#define VAR_SERVE_EXPIRED_CLIENT_TIMEOUT 465 -#define VAR_FAKE_DSA 466 -#define VAR_FAKE_SHA1 467 -#define VAR_LOG_IDENTITY 468 -#define VAR_HIDE_TRUSTANCHOR 469 -#define VAR_TRUST_ANCHOR_SIGNALING 470 -#define VAR_AGGRESSIVE_NSEC 471 -#define VAR_USE_SYSTEMD 472 -#define VAR_SHM_ENABLE 473 -#define VAR_SHM_KEY 474 -#define VAR_ROOT_KEY_SENTINEL 475 -#define VAR_DNSCRYPT 476 -#define VAR_DNSCRYPT_ENABLE 477 -#define VAR_DNSCRYPT_PORT 478 -#define VAR_DNSCRYPT_PROVIDER 479 -#define VAR_DNSCRYPT_SECRET_KEY 480 -#define VAR_DNSCRYPT_PROVIDER_CERT 481 -#define VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 482 -#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 483 -#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 484 -#define VAR_DNSCRYPT_NONCE_CACHE_SIZE 485 -#define VAR_DNSCRYPT_NONCE_CACHE_SLABS 486 -#define VAR_IPSECMOD_ENABLED 487 -#define VAR_IPSECMOD_HOOK 488 -#define VAR_IPSECMOD_IGNORE_BOGUS 489 -#define VAR_IPSECMOD_MAX_TTL 490 -#define VAR_IPSECMOD_WHITELIST 491 -#define VAR_IPSECMOD_STRICT 492 -#define VAR_CACHEDB 493 -#define VAR_CACHEDB_BACKEND 494 -#define VAR_CACHEDB_SECRETSEED 495 -#define VAR_CACHEDB_REDISHOST 496 -#define VAR_CACHEDB_REDISPORT 497 -#define VAR_CACHEDB_REDISTIMEOUT 498 -#define VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM 499 -#define VAR_FOR_UPSTREAM 500 -#define VAR_AUTH_ZONE 501 -#define VAR_ZONEFILE 502 -#define VAR_MASTER 503 -#define VAR_URL 504 -#define VAR_FOR_DOWNSTREAM 505 -#define VAR_FALLBACK_ENABLED 506 -#define VAR_TLS_ADDITIONAL_PORT 507 -#define VAR_LOW_RTT 508 -#define VAR_LOW_RTT_PERMIL 509 -#define VAR_FAST_SERVER_PERMIL 510 -#define VAR_FAST_SERVER_NUM 511 -#define VAR_ALLOW_NOTIFY 512 -#define VAR_TLS_WIN_CERT 513 -#define VAR_TCP_CONNECTION_LIMIT 514 -#define VAR_FORWARD_NO_CACHE 515 -#define VAR_STUB_NO_CACHE 516 -#define VAR_LOG_SERVFAIL 517 -#define VAR_DENY_ANY 518 -#define VAR_UNKNOWN_SERVER_TIME_LIMIT 519 -#define VAR_LOG_TAG_QUERYREPLY 520 -#define VAR_STREAM_WAIT_SIZE 521 -#define VAR_TLS_CIPHERS 522 -#define VAR_TLS_CIPHERSUITES 523 -#define VAR_IPSET 524 -#define VAR_IPSET_NAME_V4 525 -#define VAR_IPSET_NAME_V6 526 -#define VAR_TLS_SESSION_TICKET_KEYS 527 -#define VAR_RPZ 528 -#define VAR_TAGS 529 -#define VAR_RPZ_ACTION_OVERRIDE 530 -#define VAR_RPZ_CNAME_OVERRIDE 531 -#define VAR_RPZ_LOG 532 -#define VAR_RPZ_LOG_NAME 533 +#define VAR_DNSTAP_IP 410 +#define VAR_DNSTAP_TLS 411 +#define VAR_DNSTAP_TLS_SERVER_NAME 412 +#define VAR_DNSTAP_TLS_CERT_BUNDLE 413 +#define VAR_DNSTAP_TLS_CLIENT_KEY_FILE 414 +#define VAR_DNSTAP_TLS_CLIENT_CERT_FILE 415 +#define VAR_DNSTAP_SEND_IDENTITY 416 +#define VAR_DNSTAP_SEND_VERSION 417 +#define VAR_DNSTAP_IDENTITY 418 +#define VAR_DNSTAP_VERSION 419 +#define VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 420 +#define VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 421 +#define VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 422 +#define VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 423 +#define VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 424 +#define VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 425 +#define VAR_RESPONSE_IP_TAG 426 +#define VAR_RESPONSE_IP 427 +#define VAR_RESPONSE_IP_DATA 428 +#define VAR_HARDEN_ALGO_DOWNGRADE 429 +#define VAR_IP_TRANSPARENT 430 +#define VAR_DISABLE_DNSSEC_LAME_CHECK 431 +#define VAR_IP_RATELIMIT 432 +#define VAR_IP_RATELIMIT_SLABS 433 +#define VAR_IP_RATELIMIT_SIZE 434 +#define VAR_RATELIMIT 435 +#define VAR_RATELIMIT_SLABS 436 +#define VAR_RATELIMIT_SIZE 437 +#define VAR_RATELIMIT_FOR_DOMAIN 438 +#define VAR_RATELIMIT_BELOW_DOMAIN 439 +#define VAR_IP_RATELIMIT_FACTOR 440 +#define VAR_RATELIMIT_FACTOR 441 +#define VAR_SEND_CLIENT_SUBNET 442 +#define VAR_CLIENT_SUBNET_ZONE 443 +#define VAR_CLIENT_SUBNET_ALWAYS_FORWARD 444 +#define VAR_CLIENT_SUBNET_OPCODE 445 +#define VAR_MAX_CLIENT_SUBNET_IPV4 446 +#define VAR_MAX_CLIENT_SUBNET_IPV6 447 +#define VAR_MIN_CLIENT_SUBNET_IPV4 448 +#define VAR_MIN_CLIENT_SUBNET_IPV6 449 +#define VAR_MAX_ECS_TREE_SIZE_IPV4 450 +#define VAR_MAX_ECS_TREE_SIZE_IPV6 451 +#define VAR_CAPS_WHITELIST 452 +#define VAR_CACHE_MAX_NEGATIVE_TTL 453 +#define VAR_PERMIT_SMALL_HOLDDOWN 454 +#define VAR_QNAME_MINIMISATION 455 +#define VAR_QNAME_MINIMISATION_STRICT 456 +#define VAR_IP_FREEBIND 457 +#define VAR_DEFINE_TAG 458 +#define VAR_LOCAL_ZONE_TAG 459 +#define VAR_ACCESS_CONTROL_TAG 460 +#define VAR_LOCAL_ZONE_OVERRIDE 461 +#define VAR_ACCESS_CONTROL_TAG_ACTION 462 +#define VAR_ACCESS_CONTROL_TAG_DATA 463 +#define VAR_VIEW 464 +#define VAR_ACCESS_CONTROL_VIEW 465 +#define VAR_VIEW_FIRST 466 +#define VAR_SERVE_EXPIRED 467 +#define VAR_SERVE_EXPIRED_TTL 468 +#define VAR_SERVE_EXPIRED_TTL_RESET 469 +#define VAR_SERVE_EXPIRED_REPLY_TTL 470 +#define VAR_SERVE_EXPIRED_CLIENT_TIMEOUT 471 +#define VAR_FAKE_DSA 472 +#define VAR_FAKE_SHA1 473 +#define VAR_LOG_IDENTITY 474 +#define VAR_HIDE_TRUSTANCHOR 475 +#define VAR_TRUST_ANCHOR_SIGNALING 476 +#define VAR_AGGRESSIVE_NSEC 477 +#define VAR_USE_SYSTEMD 478 +#define VAR_SHM_ENABLE 479 +#define VAR_SHM_KEY 480 +#define VAR_ROOT_KEY_SENTINEL 481 +#define VAR_DNSCRYPT 482 +#define VAR_DNSCRYPT_ENABLE 483 +#define VAR_DNSCRYPT_PORT 484 +#define VAR_DNSCRYPT_PROVIDER 485 +#define VAR_DNSCRYPT_SECRET_KEY 486 +#define VAR_DNSCRYPT_PROVIDER_CERT 487 +#define VAR_DNSCRYPT_PROVIDER_CERT_ROTATED 488 +#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE 489 +#define VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS 490 +#define VAR_DNSCRYPT_NONCE_CACHE_SIZE 491 +#define VAR_DNSCRYPT_NONCE_CACHE_SLABS 492 +#define VAR_IPSECMOD_ENABLED 493 +#define VAR_IPSECMOD_HOOK 494 +#define VAR_IPSECMOD_IGNORE_BOGUS 495 +#define VAR_IPSECMOD_MAX_TTL 496 +#define VAR_IPSECMOD_WHITELIST 497 +#define VAR_IPSECMOD_STRICT 498 +#define VAR_CACHEDB 499 +#define VAR_CACHEDB_BACKEND 500 +#define VAR_CACHEDB_SECRETSEED 501 +#define VAR_CACHEDB_REDISHOST 502 +#define VAR_CACHEDB_REDISPORT 503 +#define VAR_CACHEDB_REDISTIMEOUT 504 +#define VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM 505 +#define VAR_FOR_UPSTREAM 506 +#define VAR_AUTH_ZONE 507 +#define VAR_ZONEFILE 508 +#define VAR_MASTER 509 +#define VAR_URL 510 +#define VAR_FOR_DOWNSTREAM 511 +#define VAR_FALLBACK_ENABLED 512 +#define VAR_TLS_ADDITIONAL_PORT 513 +#define VAR_LOW_RTT 514 +#define VAR_LOW_RTT_PERMIL 515 +#define VAR_FAST_SERVER_PERMIL 516 +#define VAR_FAST_SERVER_NUM 517 +#define VAR_ALLOW_NOTIFY 518 +#define VAR_TLS_WIN_CERT 519 +#define VAR_TCP_CONNECTION_LIMIT 520 +#define VAR_FORWARD_NO_CACHE 521 +#define VAR_STUB_NO_CACHE 522 +#define VAR_LOG_SERVFAIL 523 +#define VAR_DENY_ANY 524 +#define VAR_UNKNOWN_SERVER_TIME_LIMIT 525 +#define VAR_LOG_TAG_QUERYREPLY 526 +#define VAR_STREAM_WAIT_SIZE 527 +#define VAR_TLS_CIPHERS 528 +#define VAR_TLS_CIPHERSUITES 529 +#define VAR_IPSET 530 +#define VAR_IPSET_NAME_V4 531 +#define VAR_IPSET_NAME_V6 532 +#define VAR_TLS_SESSION_TICKET_KEYS 533 +#define VAR_RPZ 534 +#define VAR_TAGS 535 +#define VAR_RPZ_ACTION_OVERRIDE 536 +#define VAR_RPZ_CNAME_OVERRIDE 537 +#define VAR_RPZ_LOG 538 +#define VAR_RPZ_LOG_NAME 539 /* Value type. */ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED @@ -613,7 +625,7 @@ union YYSTYPE char* str; -#line 617 "util/configparser.h" +#line 629 "util/configparser.h" }; typedef union YYSTYPE YYSTYPE; diff --git a/util/configparser.y b/util/configparser.y index af6cfc683..206f2f946 100644 --- a/util/configparser.y +++ b/util/configparser.y @@ -116,7 +116,9 @@ extern struct config_parser_state* cfg_parser; %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES %token VAR_INFRA_CACHE_MIN_RTT %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA -%token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH +%token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH VAR_DNSTAP_IP +%token VAR_DNSTAP_TLS VAR_DNSTAP_TLS_SERVER_NAME VAR_DNSTAP_TLS_CERT_BUNDLE +%token VAR_DNSTAP_TLS_CLIENT_KEY_FILE VAR_DNSTAP_TLS_CLIENT_CERT_FILE %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES @@ -2729,6 +2731,9 @@ dtstart: VAR_DNSTAP contents_dt: contents_dt content_dt | ; content_dt: dt_dnstap_enable | dt_dnstap_socket_path | + dt_dnstap_ip | dt_dnstap_tls | dt_dnstap_tls_server_name | + dt_dnstap_tls_cert_bundle | + dt_dnstap_tls_client_key_file | dt_dnstap_tls_client_cert_file | dt_dnstap_send_identity | dt_dnstap_send_version | dt_dnstap_identity | dt_dnstap_version | dt_dnstap_log_resolver_query_messages | @@ -2754,6 +2759,50 @@ dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG cfg_parser->cfg->dnstap_socket_path = $2; } ; +dt_dnstap_ip: VAR_DNSTAP_IP STRING_ARG + { + OUTYY(("P(dt_dnstap_ip:%s)\n", $2)); + free(cfg_parser->cfg->dnstap_ip); + cfg_parser->cfg->dnstap_ip = $2; + } + ; +dt_dnstap_tls: VAR_DNSTAP_TLS STRING_ARG + { + OUTYY(("P(dt_dnstap_tls:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_tls = (strcmp($2, "yes")==0); + free($2); + } + ; +dt_dnstap_tls_server_name: VAR_DNSTAP_TLS_SERVER_NAME STRING_ARG + { + OUTYY(("P(dt_dnstap_tls_server_name:%s)\n", $2)); + free(cfg_parser->cfg->dnstap_tls_server_name); + cfg_parser->cfg->dnstap_tls_server_name = $2; + } + ; +dt_dnstap_tls_cert_bundle: VAR_DNSTAP_TLS_CERT_BUNDLE STRING_ARG + { + OUTYY(("P(dt_dnstap_tls_cert_bundle:%s)\n", $2)); + free(cfg_parser->cfg->dnstap_tls_cert_bundle); + cfg_parser->cfg->dnstap_tls_cert_bundle = $2; + } + ; +dt_dnstap_tls_client_key_file: VAR_DNSTAP_TLS_CLIENT_KEY_FILE STRING_ARG + { + OUTYY(("P(dt_dnstap_tls_client_key_file:%s)\n", $2)); + free(cfg_parser->cfg->dnstap_tls_client_key_file); + cfg_parser->cfg->dnstap_tls_client_key_file = $2; + } + ; +dt_dnstap_tls_client_cert_file: VAR_DNSTAP_TLS_CLIENT_CERT_FILE STRING_ARG + { + OUTYY(("P(dt_dnstap_tls_client_cert_file:%s)\n", $2)); + free(cfg_parser->cfg->dnstap_tls_client_cert_file); + cfg_parser->cfg->dnstap_tls_client_cert_file = $2; + } + ; dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG { OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2)); diff --git a/util/fptr_wlist.c b/util/fptr_wlist.c index 84d41cc84..b124e7169 100644 --- a/util/fptr_wlist.c +++ b/util/fptr_wlist.c @@ -93,6 +93,9 @@ #ifdef USE_IPSET #include "ipset/ipset.h" #endif +#ifdef USE_DNSTAP +#include "dnstap/dtstream.h" +#endif int fptr_whitelist_comm_point(comm_point_callback_type *fptr) @@ -168,6 +171,15 @@ fptr_whitelist_event(void (*fptr)(int, short, void *)) else if(fptr == &tube_handle_signal) return 1; else if(fptr == &comm_base_handle_slow_accept) return 1; else if(fptr == &comm_point_http_handle_callback) return 1; +#ifdef USE_DNSTAP + else if(fptr == &dtio_output_cb) return 1; + else if(fptr == &dtio_cmd_cb) return 1; + else if(fptr == &dtio_reconnect_timeout_cb) return 1; + else if(fptr == &dtio_stop_timer_cb) return 1; + else if(fptr == &dtio_stop_ev_cb) return 1; + else if(fptr == &dtio_tap_callback) return 1; + else if(fptr == &dtio_mainfdcallback) return 1; +#endif #ifdef UB_ON_WINDOWS else if(fptr == &worker_win_stop_cb) return 1; #endif diff --git a/util/net_help.c b/util/net_help.c index 0869f91f9..8f75da07f 100644 --- a/util/net_help.c +++ b/util/net_help.c @@ -829,6 +829,32 @@ void log_crypto_err_code(const char* str, unsigned long err) #endif /* HAVE_SSL */ } +#ifdef HAVE_SSL +/** log certificate details */ +void +log_cert(unsigned level, const char* str, void* cert) +{ + BIO* bio; + char nul = 0; + char* pp = NULL; + long len; + if(verbosity < level) return; + bio = BIO_new(BIO_s_mem()); + if(!bio) return; + X509_print_ex(bio, (X509*)cert, 0, (unsigned long)-1 + ^(X509_FLAG_NO_SUBJECT + |X509_FLAG_NO_ISSUER|X509_FLAG_NO_VALIDITY + |X509_FLAG_NO_EXTENSIONS|X509_FLAG_NO_AUX + |X509_FLAG_NO_ATTRIBUTES)); + BIO_write(bio, &nul, (int)sizeof(nul)); + len = BIO_get_mem_data(bio, &pp); + if(len != 0 && pp) { + verbose(level, "%s: \n%s", str, pp); + } + BIO_free(bio); +} +#endif /* HAVE_SSL */ + int listen_sslctx_setup(void* ctxt) { @@ -970,7 +996,7 @@ void* listen_sslctx_create(char* key, char* pem, char* verifypem) } SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file( verifypem)); - SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL); + SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); } return ctx; #else @@ -1191,6 +1217,57 @@ void* outgoing_ssl_fd(void* sslctx, int fd) #endif } +int check_auth_name_for_ssl(char* auth_name) +{ + if(!auth_name) return 1; +#if defined(HAVE_SSL) && !defined(HAVE_SSL_SET1_HOST) && !defined(HAVE_X509_VERIFY_PARAM_SET1_HOST) + log_err("the query has an auth_name %s, but libssl has no call to " + "perform TLS authentication. Remove that name from config " + "or upgrade the ssl crypto library.", auth_name); + return 0; +#else + return 1; +#endif +} + +/** set the authname on an SSL structure, SSL* ssl */ +int set_auth_name_on_ssl(void* ssl, char* auth_name) +{ + if(!auth_name) return 1; +#ifdef HAVE_SSL + (void)SSL_set_tlsext_host_name(ssl, auth_name); +#else + (void)ssl; +#endif +#ifdef HAVE_SSL_SET1_HOST + SSL_set_verify(ssl, SSL_VERIFY_PEER, NULL); + /* setting the hostname makes openssl verify the + * host name in the x509 certificate in the + * SSL connection*/ + if(!SSL_set1_host(ssl, auth_name)) { + log_err("SSL_set1_host failed"); + return 0; + } +#elif defined(HAVE_X509_VERIFY_PARAM_SET1_HOST) + /* openssl 1.0.2 has this function that can be used for + * set1_host like verification */ + if(auth_name) { + X509_VERIFY_PARAM* param = SSL_get0_param(ssl); +# ifdef X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS + X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); +# endif + if(!X509_VERIFY_PARAM_set1_host(param, auth_name, strlen(auth_name))) { + log_err("X509_VERIFY_PARAM_set1_host failed"); + return 0; + } + SSL_set_verify(ssl, SSL_VERIFY_PEER, NULL); + } +#else + verbose(VERB_ALGO, "the query has an auth_name, but libssl has no call to perform TLS authentication"); +#endif /* HAVE_SSL_SET1_HOST */ + return 1; +} + #if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) && defined(CRYPTO_LOCK) && OPENSSL_VERSION_NUMBER < 0x10100000L /** global lock list for openssl locks */ static lock_basic_type *ub_openssl_locks = NULL; diff --git a/util/net_help.h b/util/net_help.h index 7a33a7203..d9ee37ad0 100644 --- a/util/net_help.h +++ b/util/net_help.h @@ -385,6 +385,14 @@ void log_crypto_err(const char* str); */ void log_crypto_err_code(const char* str, unsigned long err); +/** + * Log certificate details verbosity, string, of X509 cert + * @param level: verbosity level + * @param str: string to prefix on output + * @param cert: X509* structure. + */ +void log_cert(unsigned level, const char* str, void* cert); + /** * Set SSL_OP_NOxxx options on SSL context to disable bad crypto * @param ctxt: SSL_CTX* @@ -434,6 +442,21 @@ void* incoming_ssl_fd(void* sslctx, int fd); */ void* outgoing_ssl_fd(void* sslctx, int fd); +/** + * check if authname SSL functionality is available, false if not + * @param auth_name: the name for the remote server, used for error print. + * @return false if SSL functionality to check the SSL name is not available. + */ +int check_auth_name_for_ssl(char* auth_name); + +/** + * set auth name on SSL for verification + * @param ssl: SSL* to set + * @param auth_name: if NULL nothing happens, otherwise the name to check. + * @return 1 on success or NULL auth_name, 0 on failure. + */ +int set_auth_name_on_ssl(void* ssl, char* auth_name); + /** * Initialize openssl locking for thread safety * @return false on failure (alloc failure). diff --git a/util/netevent.c b/util/netevent.c index 9fe5da2d4..090238384 100644 --- a/util/netevent.c +++ b/util/netevent.c @@ -1026,35 +1026,9 @@ tcp_callback_reader(struct comm_point* c) } } -#ifdef HAVE_SSL -/** log certificate details */ -static void -log_cert(unsigned level, const char* str, X509* cert) -{ - BIO* bio; - char nul = 0; - char* pp = NULL; - long len; - if(verbosity < level) return; - bio = BIO_new(BIO_s_mem()); - if(!bio) return; - X509_print_ex(bio, cert, 0, (unsigned long)-1 - ^(X509_FLAG_NO_SUBJECT - |X509_FLAG_NO_ISSUER|X509_FLAG_NO_VALIDITY - |X509_FLAG_NO_EXTENSIONS|X509_FLAG_NO_AUX - |X509_FLAG_NO_ATTRIBUTES)); - BIO_write(bio, &nul, (int)sizeof(nul)); - len = BIO_get_mem_data(bio, &pp); - if(len != 0 && pp) { - verbose(level, "%s: \n%s", str, pp); - } - BIO_free(bio); -} -#endif /* HAVE_SSL */ - #ifdef HAVE_SSL /** true if the ssl handshake error has to be squelched from the logs */ -static int +int squelch_err_ssl_handshake(unsigned long err) { if(verbosity >= VERB_QUERY) diff --git a/util/netevent.h b/util/netevent.h index d80c72b33..bb2cd1e53 100644 --- a/util/netevent.h +++ b/util/netevent.h @@ -783,7 +783,23 @@ void comm_base_handle_slow_accept(int fd, short event, void* arg); void comm_point_tcp_win_bio_cb(struct comm_point* c, void* ssl); #endif -/** see if errno for tcp connect has to be logged or not. This uses errno */ +/** + * See if errno for tcp connect has to be logged or not. This uses errno + * @param addr: apart from checking errno, the addr is checked for ip4mapped + * and broadcast type, hence passed. + * @param addrlen: length of the addr parameter. + * @return true if it needs to be logged. + */ int tcp_connect_errno_needs_log(struct sockaddr* addr, socklen_t addrlen); +#ifdef HAVE_SSL +/** + * True if the ssl handshake error has to be squelched from the logs + * @param err: the error returned by the openssl routine, ERR_get_error. + * This is a packed structure with elements that are examined. + * @return true if the error is squelched (not logged). + */ +int squelch_err_ssl_handshake(unsigned long err); +#endif + #endif /* NET_EVENT_H */