From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Fri, 27 Mar 2026 13:29:15 +0000 (+0100)
Subject: - Fix to allow the control-interface config to use ip@port notation.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ea36979c40593bdf3185c9dd0dc6df11f325d93f;p=thirdparty%2Funbound.git

- Fix to allow the control-interface config to use ip@port notation.
---

diff --git a/daemon/remote.c b/daemon/remote.c
index dd0e8f299..eb0e96b9c 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -307,6 +307,26 @@ add_open(const char* ip, int nr, struct listen_port** list, int noproto_is_err,
 #endif
 		}
 	} else {
+		char* s = strchr(ip, '@');
+		char newif[128];
+		if(s) {
+			/* override port with ifspec@port */
+			int portnr;
+			if((size_t)(s-ip) >= sizeof(newif)) {
+				log_err("ifname too long: %s", ip);
+				return -1;
+			}
+			portnr = atoi(s+1);
+			if(portnr < 0 || 0 == portnr || portnr > 65535) {
+				log_err("invalid portnumber in control-interface: %s", ip);
+				return -1;
+			}
+			(void)strlcpy(newif, ip, sizeof(newif));
+			newif[s-ip] = 0;
+			ip = newif;
+			snprintf(port, sizeof(port), "%d", portnr);
+			port[sizeof(port)-1]=0;
+		}
 		hints.ai_socktype = SOCK_STREAM;
 		hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
 		if((r = getaddrinfo(ip, port, &hints, &res)) != 0 || !res) {
diff --git a/doc/Changelog b/doc/Changelog
index 5981ac2fa..31216df8c 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+27 March 2026: Wouter
+	- Fix to allow the control-interface config to use ip@port notation.
+
 24 March 2026: Wouter
 	- Fix to check for invalid http content length and chunk size,
 	  and to check the RR rdata field lengths when decompressing and
diff --git a/doc/unbound.conf.rst b/doc/unbound.conf.rst
index 8f7b24e83..09278be12 100644
--- a/doc/unbound.conf.rst
+++ b/doc/unbound.conf.rst
@@ -3457,7 +3457,7 @@ To setup the correct self-signed certificates use the
     Default: no
 
 
-@@UAHL@unbound.conf.remote@control-interface@@: *<IP address or interface name or path>*
+@@UAHL@unbound.conf.remote@control-interface@@: *<IP address or interface name[@port] or path>*
     Give IPv4 or IPv6 addresses or local socket path to listen on for control
     commands.
     If an interface name is used instead of an IP address, the list of IP