coredns

mirror of https://github.com/coredns/coredns.git synced 2026-06-01 23:00:23 -04:00

Author	SHA1	Message	Date
Nicholas Amorim	6b93363b94	feat(core): expose TLS ConnectionState (SNI) for DoQ (#8129 ) DoQWriter previously stored only the QUIC stream, so plugins reading TLS state via dns.ConnectionStater (e.g. for SNI-based routing or auditing) could not see anything for DoQ connections, even though the underlying QUIC connection carries a full tls.ConnectionState. This change adds a quic.Conn reference to DoQWriter and wires it in serveQUICStream. It implements dns.ConnectionStater on DoQWriter, returning the TLS state from the underlying QUIC connection (mirrors the DoT behavior that miekg/dns already provides for *tls.Conn) Forwards ConnectionState through request.ScrubWriter, which wraps every response writer before the plugin chain runs; the embedded dns.ResponseWriter interface does not promote ConnectionState (it belongs to a separate interface), so without this plugins would still see nil for both DoQ and DoT Signed-off-by: Nicholas Amorim <nicholas@santos.ee>	2026-05-28 15:45:48 -07:00
Ville Vesilehto	6720959b8b	lint(revive): fix unused-parameter violations (#7980 )	2026-03-29 17:02:20 -07:00
Yong Tang	e8db7e155e	Core: Propagate TSIG status in DoQ transport (#7947 ) This PR nsure DoQ writer preserves and returns TSIG verification status, preventing authentication bypass on DNS-over-QUIC. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>	2026-03-20 22:08:19 +02:00
Syed Azeez	7b38eb8625	plugin: fix gosec G115 integer overflow warnings (#7799 ) Fix integer overflow conversion warnings (G115) by adding appropriate suppressions where values are provably bounded. Fixes: https://github.com/coredns/coredns/issues/7793 Changes: - Updated 56 G115 annotations to use consistent // #nosec G115 format - Added 2 //nolint:gosec suppressions for conditional expressions - Removed G115 exclusion from golangci.yml (now explicitly handled per-line) Suppressions justify why each conversion is safe (e.g., port numbers are bounded 1-65535, DNS TTL limits, pool lengths, etc.) Signed-off-by: Azeez Syed <syedazeez337@gmail.com>	2026-01-01 10:20:29 +02:00
Ville Vesilehto	b72d267a29	chore(lint): bump to v2.5.0 and enable godoclint (#7632 )	2025-10-23 10:01:57 -07:00
dependabot[bot]	d5932041f7	build(deps): bump github.com/miekg/dns from 1.1.66 to 1.1.67 (#7406 ) * build(deps): bump github.com/miekg/dns from 1.1.66 to 1.1.67 Bumps [github.com/miekg/dns](https://github.com/miekg/dns) from 1.1.66 to 1.1.67. - [Changelog](https://github.com/miekg/dns/blob/master/Makefile.release) - [Commits](https://github.com/miekg/dns/compare/v1.1.66...v1.1.67) --- updated-dependencies: - dependency-name: github.com/miekg/dns dependency-version: 1.1.67 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Fix build failure Signed-off-by: Yong Tang <yong.tang.github@outlook.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Yong Tang <yong.tang.github@outlook.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yong Tang <yong.tang.github@outlook.com>	2025-07-14 22:48:29 -07:00
dependabot[bot]	e90db8e666	build(deps): bump github.com/quic-go/quic-go from 0.52.0 to 0.53.0 (#7392 )	2025-07-14 18:57:36 -07:00
João Henri	cc7a364633	[RFC-9250]: Add QUIC server support (#6182 ) Add DNS-over-QUIC server Signed-off-by: jaehnri <joao.henri.cr@gmail.com> Signed-off-by: João Henri <joao.henri.cr@gmail.com>	2023-07-31 15:34:31 -04:00

8 Commits