From: Wouter Wijngaards <wouter@nlnetlabs.nl>
Date: Thu, 19 Apr 2018 14:23:14 +0000 (+0000)
Subject: - For addr with #authname and no @port notation, the default is 853.
X-Git-Tag: release-1.7.1rc1~27
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f39e39ed4728ea7853f6fd3e59fc5397e92fb317;p=thirdparty%2Funbound.git

- For addr with #authname and no @port notation, the default is 853.


git-svn-id: file:///svn/unbound/trunk@4637 be551aaa-1e26-0410-a405-d3ace91eadb9
---

diff --git a/config.h.in b/config.h.in
index e9e3a9523..922389428 100644
--- a/config.h.in
+++ b/config.h.in
@@ -1245,6 +1245,8 @@ void *unbound_stat_realloc_log(void *ptr, size_t size, const char* file,
 
 /** default port for DNS traffic. */
 #define UNBOUND_DNS_PORT 53
+/** default port for DNS over TLS traffic. */
+#define UNBOUND_DNS_OVER_TLS_PORT 853
 /** default port for unbound control traffic, registered port with IANA,
     ub-dns-control  8953/tcp    unbound dns nameserver control */
 #define UNBOUND_CONTROL_PORT 8953
diff --git a/configure.ac b/configure.ac
index a149fe637..435147eeb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1806,6 +1806,8 @@ void *unbound_stat_realloc_log(void *ptr, size_t size, const char* file,
 
 /** default port for DNS traffic. */
 #define UNBOUND_DNS_PORT 53
+/** default port for DNS over TLS traffic. */
+#define UNBOUND_DNS_OVER_TLS_PORT 853
 /** default port for unbound control traffic, registered port with IANA,
     ub-dns-control  8953/tcp    unbound dns nameserver control */
 #define UNBOUND_CONTROL_PORT 8953
diff --git a/doc/Changelog b/doc/Changelog
index 6ed2754df..2f6e4dcea 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -5,6 +5,7 @@
 	  1.1.1.1@853#cloudflare-dns.com
 	- Fix #658: unbound using TLS in a forwarding configuration does not
 	  verify the server's certificate (RFC 8310 support).
+	- For addr with #authname and no @port notation, the default is 853.
 
 18 April 2018: Wouter
 	- Fix auth-zone retry timer to be on schedule with retry timeout,
diff --git a/util/config_file.c b/util/config_file.c
index 7c7458a51..03756128a 100644
--- a/util/config_file.c
+++ b/util/config_file.c
@@ -106,7 +106,7 @@ config_create(void)
 	cfg->outgoing_tcp_mss = 0;
 	cfg->ssl_service_key = NULL;
 	cfg->ssl_service_pem = NULL;
-	cfg->ssl_port = 853;
+	cfg->ssl_port = UNBOUND_DNS_OVER_TLS_PORT;
 	cfg->ssl_upstream = 0;
 	cfg->tls_cert_bundle = NULL;
 	cfg->use_syslog = 1;
diff --git a/util/net_help.c b/util/net_help.c
index d371519d7..d8250f936 100644
--- a/util/net_help.c
+++ b/util/net_help.c
@@ -306,6 +306,7 @@ int authextstrtoaddr(char* str, struct sockaddr_storage* addr,
 		}
 		(void)strlcpy(buf, str, sizeof(buf));
 		buf[len] = 0;
+		port = UNBOUND_DNS_OVER_TLS_PORT;
 		*auth_name = s+1;
 		return ipstrtoaddr(buf, port, addr, addrlen);
 	}