coredns

Mirrors/coredns

Fork 0

mirror of https://github.com/coredns/coredns.git synced 2025-12-17 23:55:10 -05:00

Commit Graph

Author	SHA1	Message	Date
Ville Vesilehto	0d8cbb1a6b	Merge commit from fork Add configurable resource limits to prevent potential DoS vectors via connection/stream exhaustion on gRPC, HTTPS, and HTTPS/3 servers. New configuration plugins: - grpc_server: configure max_streams, max_connections - https: configure max_connections - https3: configure max_streams Changes: - Use netutil.LimitListener for connection limiting - Use gRPC MaxConcurrentStreams and message size limits - Add QUIC MaxIncomingStreams for HTTPS/3 stream limiting - Set secure defaults: 256 max streams, 200 max connections - Setting any limit to 0 means unbounded/fallback to previous impl Defaults are applied automatically when plugins are omitted from config. Includes tests and integration tests. Signed-off-by: Ville Vesilehto <ville@vesilehto.fi>	2025-12-17 19:08:59 -08:00
Filippo125	d3e13fe05d	Add basic support for DoH3 (#7677 )	2025-11-21 06:01:59 +02:00

Author

SHA1

Message

Date

Ville Vesilehto

0d8cbb1a6b

Merge commit from fork

Add configurable resource limits to prevent potential DoS vectors
via connection/stream exhaustion on gRPC, HTTPS, and HTTPS/3 servers.

New configuration plugins:
- grpc_server: configure max_streams, max_connections
- https: configure max_connections
- https3: configure max_streams

Changes:
- Use netutil.LimitListener for connection limiting
- Use gRPC MaxConcurrentStreams and message size limits
- Add QUIC MaxIncomingStreams for HTTPS/3 stream limiting
- Set secure defaults: 256 max streams, 200 max connections
- Setting any limit to 0 means unbounded/fallback to previous impl

Defaults are applied automatically when plugins are omitted from
config.

Includes tests and integration tests.

Signed-off-by: Ville Vesilehto <ville@vesilehto.fi>

2025-12-17 19:08:59 -08:00

Filippo125

d3e13fe05d

Add basic support for DoH3 (#7677 )

2025-11-21 06:01:59 +02:00

2 Commits