From: Wouter Wijngaards Date: Fri, 9 Oct 2015 07:55:21 +0000 (+0000) Subject: - Default for ssl-port is port 853, the temporary port assignment X-Git-Tag: release-1.5.6rc1~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c3a45dde152b5101b83757245bb1fc978066805c;p=thirdparty%2Funbound.git - Default for ssl-port is port 853, the temporary port assignment for secure domain name system traffic. If you used to rely on the older default of port 443, you have to put a clause in unbound.conf for that. The new value is likely going to be the standardised port number for this traffic. git-svn-id: file:///svn/unbound/trunk@3502 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/doc/Changelog b/doc/Changelog index e1710e78d..0d8fafa43 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,10 @@ +9 October 2015: Wouter + - Default for ssl-port is port 853, the temporary port assignment + for secure domain name system traffic. + If you used to rely on the older default of port 443, you have + to put a clause in unbound.conf for that. The new value is likely + going to be the standardised port number for this traffic. + 6 October 2015: Wouter - 1.5.5 release. - trunk tracks the development of 1.5.6. diff --git a/doc/example.conf.in b/doc/example.conf.in index e34fc3191..a89b228db 100644 --- a/doc/example.conf.in +++ b/doc/example.conf.in @@ -552,7 +552,7 @@ server: # default is "" (disabled). requires restart to take effect. # ssl-service-key: "path/to/privatekeyfile.key" # ssl-service-pem: "path/to/publiccertfile.pem" - # ssl-port: 443 + # ssl-port: 853 # request upstream over SSL (with plain DNS inside the SSL stream). # Default is no. Can be turned on and off with unbound-control. diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in index 25c88fdd6..76058f2c4 100644 --- a/doc/unbound.conf.5.in +++ b/doc/unbound.conf.5.in @@ -362,7 +362,7 @@ The public key certificate pem file for the ssl service. Default is "", turned off. .TP .B ssl\-port: \fI -The port number on which to provide TCP SSL service, default 443, only +The port number on which to provide TCP SSL service, default 853, only interfaces configured with that port number as @number get the SSL service. .TP .B do\-daemonize: \fI diff --git a/util/config_file.c b/util/config_file.c index 211fffba4..db328f330 100644 --- a/util/config_file.c +++ b/util/config_file.c @@ -100,7 +100,7 @@ config_create(void) cfg->tcp_upstream = 0; cfg->ssl_service_key = NULL; cfg->ssl_service_pem = NULL; - cfg->ssl_port = 443; + cfg->ssl_port = 853; cfg->ssl_upstream = 0; cfg->use_syslog = 1; cfg->log_time_ascii = 0;