diff options
| author | Florian Obser <florian@cvs.openbsd.org> | 2019-04-03 03:48:46 +0000 |
|---|---|---|
| committer | Florian Obser <florian@cvs.openbsd.org> | 2019-04-03 03:48:46 +0000 |
| commit | e3aec67dbad58568129f9fce90648a8d9cd7cc78 (patch) | |
| tree | ec62f954724f3330a0910bfda053162ac86195ec /sbin/unwind | |
| parent | cbcf1fedf9bc5192de603e4ed9a00ad811d79096 (diff) | |
Default to port 853 if DoT is used; pointed out by tedu
Diffstat (limited to 'sbin/unwind')
| -rw-r--r-- | sbin/unwind/parse.y | 10 | ||||
| -rw-r--r-- | sbin/unwind/unwind.conf.5 | 9 |
2 files changed, 13 insertions, 6 deletions
diff --git a/sbin/unwind/parse.y b/sbin/unwind/parse.y index a968a6912a3..c7baa5d725e 100644 --- a/sbin/unwind/parse.y +++ b/sbin/unwind/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.3 2019/04/02 07:47:22 florian Exp $ */ +/* $OpenBSD: parse.y,v 1.4 2019/04/03 03:48:45 florian Exp $ */ /* * Copyright (c) 2018 Florian Obser <florian@openbsd.org> @@ -354,6 +354,7 @@ forwarderoptsl : STRING { uw_forwarder, entry); } | STRING DOT { + int ret; struct sockaddr_storage *ss; if ((ss = host_ip($1)) == NULL) { yyerror("%s is not an ip-address", $1); @@ -366,8 +367,9 @@ forwarderoptsl : STRING { sizeof(*uw_forwarder))) == NULL) err(1, NULL); - if(strlcpy(uw_forwarder->name, $1, - sizeof(uw_forwarder->name)) >= + ret = snprintf(uw_forwarder->name, + sizeof(uw_forwarder->name), "%s@853", $1); + if (ret == -1 || (size_t)ret >= sizeof(uw_forwarder->name)) { free(uw_forwarder); yyerror("forwarder %s too long", $1); @@ -429,7 +431,7 @@ forwarderoptsl : STRING { err(1, NULL); ret = snprintf(uw_forwarder->name, - sizeof(uw_forwarder->name), "%s#%s", $1, + sizeof(uw_forwarder->name), "%s@853#%s", $1, $4); if (ret == -1 || (size_t)ret >= sizeof(uw_forwarder->name)) { diff --git a/sbin/unwind/unwind.conf.5 b/sbin/unwind/unwind.conf.5 index e40c1fc9413..44fd9feaff7 100644 --- a/sbin/unwind/unwind.conf.5 +++ b/sbin/unwind/unwind.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: unwind.conf.5,v 1.12 2019/04/02 19:37:04 jmc Exp $ +.\" $OpenBSD: unwind.conf.5,v 1.13 2019/04/03 03:48:45 florian Exp $ .\" .\" Copyright (c) 2018 Florian Obser <florian@openbsd.org> .\" Copyright (c) 2005 Esben Norby <norby@openbsd.org> @@ -18,7 +18,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: April 2 2019 $ +.Dd $Mdocdate: April 3 2019 $ .Dt UNWIND.CONF 5 .Os .Sh NAME @@ -104,10 +104,15 @@ This parameter is required. .El .It Ic forwarder Brq Ar address Oo Ic port Ar number Oc Oo Oo Ic authentication name Ar name Oc Ic DoT Oc ... A list of addresses of DNS name servers to forward queries to. +.Ic port +defaults to 53. If .Ic DoT is specified, use DNS over TLS when sending queries to the server at .Ar address . +The default +.Ic port +is 853. .Ar name validates the certificate of the DNS over TLS server. .It Ic preference Brq Ar type ... |