Change default dns listen port to 953 (instead of 1053)

Tom pointed out that it's slightly better to be a privileged port so that someone can't hijack it on a restart.
2023-12-14 06:53:00 +01:00 · 2021-08-12 20:05:13 -03:00 · 2021-08-12 20:05:13 -03:00 · e2894cdbac
parent 9e757ac839
commit e2894cdbac
2 changed files with 6 additions and 3 deletions
--- a/SOURCES/default-dns.patch
+++ b/SOURCES/default-dns.patch
@ -9,8 +9,8 @@ index 78d152602..8b07b0cec 100644
 -    constexpr Default DefaultDNSBind{"127.3.2.1:53"};
 +    // Fedora's systemd-resolved seems unable to connect to 127.3.2.1 for unknown reasons,
 +    // however since systemd-resolved is perfectly happy with a different port so listen on
-+    // localhost:1053 as a workaround.
-+    constexpr Default DefaultDNSBind{"127.0.0.1:1053"};
+    // localhost:953 as a workaround.
+    constexpr Default DefaultDNSBind{"127.0.0.1:953"};
 #else
     constexpr Default DefaultDNSBind{"127.0.0.1:53"};
 #endif
--- a/SPECS/lokinet.spec
+++ b/SPECS/lokinet.spec
@ -1,6 +1,6 @@
 Name:           lokinet
 Version:        0.9.5
-Release:        5%{?dist}
+Release:        6%{?dist}
 Summary:        Lokinet anonymous, decentralized overlay network

 License:        GPLv3+
@ -161,6 +161,9 @@ fi
 %systemd_postun lokinet.service

 %changelog
+* Thu Aug 12 2021 Jason Rhinelander <jason@imaginary.ca> - 0.9.5-6
+- Change default dns port from 1053 to 953 so that it is still privileged.
+
 * Wed Aug 11 2021 Jason Rhinelander <jason@imaginary.ca> - 0.9.5-5
 - Apply default upstream dns patch from PR #1715