From: Tomas Krizek <tomas.krizek@nic.cz>
Date: Wed, 20 Mar 2019 11:57:16 +0000 (+0100)
Subject: daemon: listen on TLS port 853 by default
X-Git-Tag: v4.0.0~17^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f8dd044316f82bf7c1fdb0f66b0ff303a7cdb6d5;p=thirdparty%2Fknot-resolver.git

daemon: listen on TLS port 853 by default
---

diff --git a/daemon/lua/config.lua.in b/daemon/lua/config.lua.in
index 1cf00db51..26f756a5c 100644
--- a/daemon/lua/config.lua.in
+++ b/daemon/lua/config.lua.in
@@ -4,10 +4,18 @@ if not next(net.list()) and not env.KRESD_NO_LISTEN then
 	if not ok then
 		error('bind to 127.0.0.1@53 '..err)
 	end
-	-- IPv6 loopback may fail
+	-- Binding to other ifaces may fail
+	ok, err = pcall(net.listen, '127.0.0.1', 853)
+	if not ok and verbose() then
+		log('bind to 127.0.0.1@853 '..err)
+	end
 	ok, err = pcall(net.listen, '::1')
 	if not ok and verbose() then
-		print('bind to ::1@53 '..err)
+		log('bind to ::1@53 '..err)
+	end
+	ok, err = pcall(net.listen, '::1', 853)
+	if not ok and verbose() then
+		log('bind to ::1@853 '..err)
 	end
 	-- Exit when kresd isn't listening on any interfaces
 	if not next(net.list()) then
diff --git a/etc/config/meson.build b/etc/config/meson.build
index b13aa77e3..4f160ff1d 100644
--- a/etc/config/meson.build
+++ b/etc/config/meson.build
@@ -7,7 +7,10 @@ if systemd_files == 'enabled'
 else
   config_defaults = '''
 -- Listen on localhost
-net = { '127.0.0.1', '::1' }
+net.listen('127.0.0.1')
+net.listen('127.0.0.1', 853)
+net.listen('::1')
+net.listen('::1', 853)
 
 -- Drop root privileges
 user('@0@', '@1@')'''.format(user, group)