document optional statements the same, enabled or not

the generated grammar for named.conf clauses that may or may not be enabled at compile time will now print the same comment regardless of whether or not they are. previously, the grammar didn't print a comment if an option was enabled, but printed "not configured" if it was disabled. now, in both cases, it will say "optional (only available if configured)". as an incidental fix, clarified the documentation for "named-checkconf -n".
2025-08-22 18:19:42 +00:00 · 2024-10-01 19:16:55 -07:00 · 2024-10-01 19:16:55 -07:00 · 202c68e6a8
commit 202c68e6a8
parent 6fd5e771eb
6 changed files with 105 additions and 78 deletions
--- a/bin/check/named-checkconf.rst
+++ b/bin/check/named-checkconf.rst
@ -73,7 +73,9 @@ Options

 .. option:: -n

-   Do not error on options that are disabled in this build.
+   Do not print errors when encountering options that are disabled in
+   this build. This allows checking of configuration files for other
+   builds, in which those options are enabled.

 .. option:: -p

--- a/doc/misc/options
+++ b/doc/misc/options
@ -37,7 +37,7 @@ http <string> {
 	endpoints { <quoted_string>; ... };
 	listener-clients <integer>;
 	streams-per-connection <integer>;
-}; // may occur multiple times
+}; // optional (only available if configured), may occur multiple times

 key <string> {
 	algorithm <string>;
@ -129,10 +129,10 @@ options {
 	dnssec-secure-to-insecure <boolean>; // obsolete
 	dnssec-update-mode ( maintain | no-resign ); // obsolete
 	dnssec-validation ( yes | no | auto );
-	dnstap { ( all | auth | client | forwarder | resolver | update ) [ ( query | response ) ]; ... }; // not configured
-	dnstap-identity ( <quoted_string> | none | hostname ); // not configured
-	dnstap-output ( file | unix ) <quoted_string> [ size ( unlimited | <size> ) ] [ versions ( unlimited | <integer> ) ] [ suffix ( increment | timestamp ) ]; // not configured
-	dnstap-version ( <quoted_string> | none ); // not configured
+	dnstap { ( all | auth | client | forwarder | resolver | update ) [ ( query | response ) ]; ... }; // optional (only available if configured)
+	dnstap-identity ( <quoted_string> | none | hostname ); // optional (only available if configured)
+	dnstap-output ( file | unix ) <quoted_string> [ size ( unlimited | <size> ) ] [ versions ( unlimited | <integer> ) ] [ suffix ( increment | timestamp ) ]; // optional (only available if configured)
+	dnstap-version ( <quoted_string> | none ); // optional (only available if configured)
 	dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port <integer> ] | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ); ... };
 	dump-file <quoted_string>;
 	edns-udp-size <integer>;
@ -145,19 +145,19 @@ options {
 	flush-zones-on-shutdown <boolean>;
 	forward ( first | only );
 	forwarders [ port <integer> ] [ tls <string> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ tls <string> ]; ... };
-	fstrm-set-buffer-hint <integer>; // not configured
-	fstrm-set-flush-timeout <integer>; // not configured
-	fstrm-set-input-queue-size <integer>; // not configured
-	fstrm-set-output-notify-threshold <integer>; // not configured
-	fstrm-set-output-queue-model ( mpsc | spsc ); // not configured
-	fstrm-set-output-queue-size <integer>; // not configured
-	fstrm-set-reopen-interval <duration>; // not configured
+	fstrm-set-buffer-hint <integer>; // optional (only available if configured)
+	fstrm-set-flush-timeout <integer>; // optional (only available if configured)
+	fstrm-set-input-queue-size <integer>; // optional (only available if configured)
+	fstrm-set-output-notify-threshold <integer>; // optional (only available if configured)
+	fstrm-set-output-queue-model ( mpsc | spsc ); // optional (only available if configured)
+	fstrm-set-output-queue-size <integer>; // optional (only available if configured)
+	fstrm-set-reopen-interval <duration>; // optional (only available if configured)
 	geoip-directory ( <quoted_string> | none );
 	hostname ( <quoted_string> | none );
-	http-listener-clients <integer>;
-	http-port <integer>;
-	http-streams-per-connection <integer>;
-	https-port <integer>;
+	http-listener-clients <integer>; // optional (only available if configured)
+	http-port <integer>; // optional (only available if configured)
+	http-streams-per-connection <integer>; // optional (only available if configured)
+	https-port <integer>; // optional (only available if configured)
 	interface-interval <duration>;
 	ipv4only-contact <string>;
 	ipv4only-enable <boolean>;
@ -168,7 +168,7 @@ options {
 	lame-ttl <duration>;
 	listen-on [ port <integer> ] [ proxy <string> ] [ tls <string> ] [ http <string> ] { <address_match_element>; ... }; // may occur multiple times
 	listen-on-v6 [ port <integer> ] [ proxy <string> ] [ tls <string> ] [ http <string> ] { <address_match_element>; ... }; // may occur multiple times
-	lmdb-mapsize <sizeval>;
+	lmdb-mapsize <sizeval>; // optional (only available if configured)
 	managed-keys-directory <quoted_string>;
 	masterfile-format ( raw | text );
 	masterfile-style ( full | relative );
@ -357,7 +357,7 @@ server <netprefix> {

 statistics-channels {
 	inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | * ) ] [ allow { <address_match_element>; ... } ]; // may occur multiple times
-}; // may occur multiple times
+}; // optional (only available if configured), may occur multiple times

 tls <string> {
 	ca-file <quoted_string>;
@ -435,7 +435,7 @@ view <string> [ <class> ] {
 	dnssec-secure-to-insecure <boolean>; // obsolete
 	dnssec-update-mode ( maintain | no-resign ); // obsolete
 	dnssec-validation ( yes | no | auto );
-	dnstap { ( all | auth | client | forwarder | resolver | update ) [ ( query | response ) ]; ... }; // not configured
+	dnstap { ( all | auth | client | forwarder | resolver | update ) [ ( query | response ) ]; ... }; // optional (only available if configured)
 	dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port <integer> ] | <ipv4_address> [ port <integer> ] | <ipv6_address> [ port <integer> ] ); ... };
 	dyndb <string> <quoted_string> { <unspecified-text> }; // may occur multiple times
 	edns-udp-size <integer>;
@ -457,7 +457,7 @@ view <string> [ <class> ] {
 	}; // may occur multiple times
 	key-directory <quoted_string>;
 	lame-ttl <duration>;
-	lmdb-mapsize <sizeval>;
+	lmdb-mapsize <sizeval>; // optional (only available if configured)
 	managed-keys { <string> ( static-key | initial-key | static-ds | initial-ds ) <integer> <integer> <integer> <quoted_string>; ... }; // may occur multiple times, deprecated
 	masterfile-format ( raw | text );
 	masterfile-style ( full | relative );
--- a/lib/isccfg/check.c
+++ b/lib/isccfg/check.c
@ -3102,7 +3102,7 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
 	const char *znamestr;
 	const char *typestr = NULL;
 	const char *target = NULL;
-	unsigned int ztype;
+	int ztype;
 	const cfg_obj_t *zoptions, *goptions = NULL;
 	const cfg_obj_t *obj = NULL, *kasp = NULL;
 	const cfg_obj_t *inviewobj = NULL;
--- a/lib/isccfg/include/isccfg/grammar.h
+++ b/lib/isccfg/include/isccfg/grammar.h
@ -31,48 +31,62 @@
 * Definitions shared between the configuration parser
 * and the grammars; not visible to users of the parser.
 */
+enum {
+	/*% A configuration option that was not configured at compile time. */
+	CFG_CLAUSEFLAG_NOTCONFIGURED = 1 << 0,

-/*% Clause may occur multiple times (e.g., "zone") */
-#define CFG_CLAUSEFLAG_MULTI 0x00000001
-/*% Clause is obsolete (logs a warning, but is not a fatal error) */
-#define CFG_CLAUSEFLAG_OBSOLETE 0x00000002
-/* obsolete: #define CFG_CLAUSEFLAG_NOTIMP 0x00000004 */
-/* obsolete: #define CFG_CLAUSEFLAG_NYI 0x00000008 */
-/* obsolete: #define CFG_CLAUSEFLAG_NEWDEFAULT 0x00000010 */
-/*%
- * Clause needs to be interpreted during parsing
- * by calling a callback function, like the
- * "directory" option.
- */
-#define CFG_CLAUSEFLAG_CALLBACK 0x00000020
-/*% An option that is only used in testing. */
-#define CFG_CLAUSEFLAG_TESTONLY 0x00000040
-/*% A configuration option that was not configured at compile time. */
-#define CFG_CLAUSEFLAG_NOTCONFIGURED 0x00000080
-/*% An option for an experimental feature. */
-#define CFG_CLAUSEFLAG_EXPERIMENTAL 0x00000100
-/*% An option that should be omited from the documentation */
-#define CFG_CLAUSEFLAG_NODOC 0x00000200
-/*% Clause will be obsolete in a future release (logs a warning) */
-#define CFG_CLAUSEFLAG_DEPRECATED 0x00000400
-/*% Clause has been obsolete so long that it's now a fatal error */
-#define CFG_CLAUSEFLAG_ANCIENT 0x00000800
+	/*%
+	 * A configuration option that *is* configured, but could be
+	 * disabled at compile time in some builds.
+	 */
+	CFG_CLAUSEFLAG_OPTIONAL = 1 << 1,
+
+	/*% Clause may occur multiple times (e.g., "zone") */
+	CFG_CLAUSEFLAG_MULTI = 1 << 2,
+
+	/*% Clause is obsolete (logs a warning, but is not a fatal error) */
+	CFG_CLAUSEFLAG_OBSOLETE = 1 << 3,
+
+	/*%
+	 * Clause needs to be interpreted during parsing by calling a
+	 * callback function, like the "directory" option.
+	 */
+	CFG_CLAUSEFLAG_CALLBACK = 1 << 4,
+
+	/*% Clause that is only used in testing. */
+	CFG_CLAUSEFLAG_TESTONLY = 1 << 5,
+
+	/*% An option for an experimental feature. */
+	CFG_CLAUSEFLAG_EXPERIMENTAL = 1 << 6,
+
+	/*% An option that should be omited from the documentation */
+	CFG_CLAUSEFLAG_NODOC = 1 << 7,
+
+	/*% Clause will be obsolete in a future release (logs a warning) */
+	CFG_CLAUSEFLAG_DEPRECATED = 1 << 8,
+
+	/*% Clause has been obsolete so long that it's now a fatal error */
+	CFG_CLAUSEFLAG_ANCIENT = 1 << 9,
+};

 /*%
 * Zone types for which a clause is valid:
 * These share space with CFG_CLAUSEFLAG values, but count
- * down from the top.
+ * down from the most significant bit, instead of up from
+ * the least.
 */
-#define CFG_ZONE_PRIMARY    0x80000000
-#define CFG_ZONE_SECONDARY  0x40000000
-#define CFG_ZONE_STUB	    0x20000000
-#define CFG_ZONE_HINT	    0x10000000
-#define CFG_ZONE_FORWARD    0x08000000
-#define CFG_ZONE_STATICSTUB 0x04000000
-#define CFG_ZONE_REDIRECT   0x02000000
-#define CFG_ZONE_DELEGATION 0x01000000
-#define CFG_ZONE_INVIEW	    0x00800000
-#define CFG_ZONE_MIRROR	    0x00400000
+enum {
+	CFG_ZONE_PRIMARY = 1 << 31,
+	CFG_ZONE_SECONDARY = 1 << 30,
+	CFG_ZONE_STUB = 1 << 29,
+	CFG_ZONE_HINT = 1 << 28,
+	CFG_ZONE_FORWARD = 1 << 27,
+	CFG_ZONE_STATICSTUB = 1 << 26,
+	CFG_ZONE_REDIRECT = 1 << 25,
+	CFG_ZONE_DELEGATION = 1 << 24,
+	CFG_ZONE_INVIEW = 1 << 23,
+	CFG_ZONE_MIRROR = 1 << 22,
+};

 typedef struct cfg_clausedef	 cfg_clausedef_t;
 typedef struct cfg_tuplefielddef cfg_tuplefielddef_t;
--- a/lib/isccfg/namedconf.c
+++ b/lib/isccfg/namedconf.c
@ -159,7 +159,7 @@ static cfg_tuplefielddef_t listenon_tuple_fields[] = {
 	{ "proxy", &cfg_type_astring, CFG_CLAUSEFLAG_EXPERIMENTAL },
 	{ "tls", &cfg_type_astring, 0 },
 #if HAVE_LIBNGHTTP2
-	{ "http", &cfg_type_astring, 0 },
+	{ "http", &cfg_type_astring, CFG_CLAUSEFLAG_OPTIONAL },
 #else
 	{ "http", &cfg_type_astring, CFG_CLAUSEFLAG_NOTCONFIGURED },
 #endif
@ -1156,7 +1156,8 @@ static cfg_clausedef_t namedconf_clauses[] = {
 	{ "controls", &cfg_type_controls, CFG_CLAUSEFLAG_MULTI },
 	{ "dnssec-policy", &cfg_type_dnssecpolicy, CFG_CLAUSEFLAG_MULTI },
 #if HAVE_LIBNGHTTP2
-	{ "http", &cfg_type_http_description, CFG_CLAUSEFLAG_MULTI },
+	{ "http", &cfg_type_http_description,
+	  CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_OPTIONAL },
 #else
 	{ "http", &cfg_type_http_description,
 	  CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_NOTCONFIGURED },
@ -1171,7 +1172,7 @@ static cfg_clausedef_t namedconf_clauses[] = {
 	{ "primaries", &cfg_type_remoteservers, CFG_CLAUSEFLAG_MULTI },
 #if defined(HAVE_LIBXML2) || defined(HAVE_JSON_C)
 	{ "statistics-channels", &cfg_type_statschannels,
-	  CFG_CLAUSEFLAG_MULTI },
+	  CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_OPTIONAL },
 #else
 	{ "statistics-channels", &cfg_type_statschannels,
 	  CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_NOTCONFIGURED },
@ -1236,9 +1237,9 @@ static cfg_clausedef_t options_clauses[] = {
 	{ "directory", &cfg_type_qstring, CFG_CLAUSEFLAG_CALLBACK },
 	{ "dnsrps-library", &cfg_type_qstring, CFG_CLAUSEFLAG_OBSOLETE },
 #ifdef HAVE_DNSTAP
-	{ "dnstap-output", &cfg_type_dnstapoutput, 0 },
-	{ "dnstap-identity", &cfg_type_serverid, 0 },
-	{ "dnstap-version", &cfg_type_qstringornone, 0 },
+	{ "dnstap-output", &cfg_type_dnstapoutput, CFG_CLAUSEFLAG_OPTIONAL },
+	{ "dnstap-identity", &cfg_type_serverid, CFG_CLAUSEFLAG_OPTIONAL },
+	{ "dnstap-version", &cfg_type_qstringornone, CFG_CLAUSEFLAG_OPTIONAL },
 #else  /* ifdef HAVE_DNSTAP */
 	{ "dnstap-output", &cfg_type_dnstapoutput,
 	  CFG_CLAUSEFLAG_NOTCONFIGURED },
@ -1252,13 +1253,19 @@ static cfg_clausedef_t options_clauses[] = {
 	{ "files", NULL, CFG_CLAUSEFLAG_ANCIENT },
 	{ "flush-zones-on-shutdown", &cfg_type_boolean, 0 },
 #ifdef HAVE_DNSTAP
-	{ "fstrm-set-buffer-hint", &cfg_type_uint32, 0 },
-	{ "fstrm-set-flush-timeout", &cfg_type_uint32, 0 },
-	{ "fstrm-set-input-queue-size", &cfg_type_uint32, 0 },
-	{ "fstrm-set-output-notify-threshold", &cfg_type_uint32, 0 },
-	{ "fstrm-set-output-queue-model", &cfg_type_fstrm_model, 0 },
-	{ "fstrm-set-output-queue-size", &cfg_type_uint32, 0 },
-	{ "fstrm-set-reopen-interval", &cfg_type_duration, 0 },
+	{ "fstrm-set-buffer-hint", &cfg_type_uint32, CFG_CLAUSEFLAG_OPTIONAL },
+	{ "fstrm-set-flush-timeout", &cfg_type_uint32,
+	  CFG_CLAUSEFLAG_OPTIONAL },
+	{ "fstrm-set-input-queue-size", &cfg_type_uint32,
+	  CFG_CLAUSEFLAG_OPTIONAL },
+	{ "fstrm-set-output-notify-threshold", &cfg_type_uint32,
+	  CFG_CLAUSEFLAG_OPTIONAL },
+	{ "fstrm-set-output-queue-model", &cfg_type_fstrm_model,
+	  CFG_CLAUSEFLAG_OPTIONAL },
+	{ "fstrm-set-output-queue-size", &cfg_type_uint32,
+	  CFG_CLAUSEFLAG_OPTIONAL },
+	{ "fstrm-set-reopen-interval", &cfg_type_duration,
+	  CFG_CLAUSEFLAG_OPTIONAL },
 #else  /* ifdef HAVE_DNSTAP */
 	{ "fstrm-set-buffer-hint", &cfg_type_uint32,
 	  CFG_CLAUSEFLAG_NOTCONFIGURED },
@ -1305,10 +1312,11 @@ static cfg_clausedef_t options_clauses[] = {
 	{ "port", &cfg_type_uint32, 0 },
 	{ "tls-port", &cfg_type_uint32, 0 },
 #if HAVE_LIBNGHTTP2
-	{ "http-port", &cfg_type_uint32, 0 },
-	{ "http-listener-clients", &cfg_type_uint32, 0 },
-	{ "http-streams-per-connection", &cfg_type_uint32, 0 },
-	{ "https-port", &cfg_type_uint32, 0 },
+	{ "http-port", &cfg_type_uint32, CFG_CLAUSEFLAG_OPTIONAL },
+	{ "http-listener-clients", &cfg_type_uint32, CFG_CLAUSEFLAG_OPTIONAL },
+	{ "http-streams-per-connection", &cfg_type_uint32,
+	  CFG_CLAUSEFLAG_OPTIONAL },
+	{ "https-port", &cfg_type_uint32, CFG_CLAUSEFLAG_OPTIONAL },
 #else
 	{ "http-port", &cfg_type_uint32, CFG_CLAUSEFLAG_NOTCONFIGURED },
 	{ "http-listener-clients", &cfg_type_uint32,
@ -2066,7 +2074,7 @@ static cfg_clausedef_t view_clauses[] = {
 	  CFG_CLAUSEFLAG_MULTI | CFG_CLAUSEFLAG_DEPRECATED },
 	{ "dnssec-validation", &cfg_type_boolorauto, 0 },
 #ifdef HAVE_DNSTAP
-	{ "dnstap", &cfg_type_dnstap, 0 },
+	{ "dnstap", &cfg_type_dnstap, CFG_CLAUSEFLAG_OPTIONAL },
 #else  /* ifdef HAVE_DNSTAP */
 	{ "dnstap", &cfg_type_dnstap, CFG_CLAUSEFLAG_NOTCONFIGURED },
 #endif /* HAVE_DNSTAP */
@ -2089,7 +2097,7 @@ static cfg_clausedef_t view_clauses[] = {
 	{ "ixfr-from-differences", &cfg_type_ixfrdifftype, 0 },
 	{ "lame-ttl", &cfg_type_duration, 0 },
 #ifdef HAVE_LMDB
-	{ "lmdb-mapsize", &cfg_type_sizeval, 0 },
+	{ "lmdb-mapsize", &cfg_type_sizeval, CFG_CLAUSEFLAG_OPTIONAL },
 #else  /* ifdef HAVE_LMDB */
 	{ "lmdb-mapsize", &cfg_type_sizeval, CFG_CLAUSEFLAG_NOTCONFIGURED },
 #endif /* ifdef HAVE_LMDB */
--- a/lib/isccfg/parser.c
+++ b/lib/isccfg/parser.c
@ -2589,7 +2589,10 @@ static struct flagtext {
 	const char *text;
 } flagtexts[] = { { CFG_CLAUSEFLAG_OBSOLETE, "obsolete" },
 		  { CFG_CLAUSEFLAG_TESTONLY, "test only" },
-		  { CFG_CLAUSEFLAG_NOTCONFIGURED, "not configured" },
+		  { CFG_CLAUSEFLAG_NOTCONFIGURED,
+		    "optional (only available if configured)" },
+		  { CFG_CLAUSEFLAG_OPTIONAL,
+		    "optional (only available if configured)" },
 		  { CFG_CLAUSEFLAG_MULTI, "may occur multiple times" },
 		  { CFG_CLAUSEFLAG_EXPERIMENTAL, "experimental" },
 		  { CFG_CLAUSEFLAG_DEPRECATED, "deprecated" },