Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-12-20 17:15:10 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
0d8cbb1a6bcb6bc9c1a489865278b8725fa20812
coredns/plugin
History
Ville Vesilehto 0d8cbb1a6b Merge commit from fork 
Add configurable resource limits to prevent potential DoS vectors
via connection/stream exhaustion on gRPC, HTTPS, and HTTPS/3 servers.

New configuration plugins:
- grpc_server: configure max_streams, max_connections
- https: configure max_connections
- https3: configure max_streams

Changes:
- Use netutil.LimitListener for connection limiting
- Use gRPC MaxConcurrentStreams and message size limits
- Add QUIC MaxIncomingStreams for HTTPS/3 stream limiting
- Set secure defaults: 256 max streams, 200 max connections
- Setting any limit to 0 means unbounded/fallback to previous impl

Defaults are applied automatically when plugins are omitted from
config.

Includes tests and integration tests.

Signed-off-by: Ville Vesilehto <ville@vesilehto.fi>
2025-12-17 19:08:59 -08:00
..
acl
chore: Upgrade to golangci-lint v2 (#7236)
2025-04-04 14:27:39 -04:00
any
test(plugin): add tests for any (#7341)
2025-06-01 16:30:01 -07:00
auto
fix(auto): limit regex length (#7737)
2025-12-07 17:04:55 -08:00
autopath
[fix:documentation] Clarify autopath README (#6750)
2024-07-01 11:18:35 -04:00
azure
fix: fix slice init length (#6901)
2025-12-09 18:17:07 -08:00
bind
test: skip certain network-specific tests on non-Linux (#7318)
2025-05-23 09:23:14 -07:00
bufsize
Change default value to 1232 (#6183)
2023-07-10 07:49:52 -07:00
cache
plugin/cache: remove superfluous allocations in item.toMsg (#7700)
2025-11-21 15:07:59 -08:00
cancel
docs: move Also See to See Also (#4245)
2020-10-28 10:56:35 -07:00
chaos
Merge commit from fork
2025-12-17 19:08:59 -08:00
clouddns
refactor: use reflect.TypeFor (#7696)
2025-11-19 09:40:18 -08:00
debug
chore(lint): modernize Go (#7536)
2025-09-10 13:08:27 -07:00
deprecated
For caddy v1 in our org (#4018)
2020-09-24 18:14:41 +02:00
dns64
chore(lint): modernize Go (#7536)
2025-09-10 13:08:27 -07:00
dnssec
chore(lint): modernize Go (#7536)
2025-09-10 13:08:27 -07:00
dnstap
fix(dnstap): Better error handling (redial & logging) when Dnstap is busy (#7619)
2025-11-06 13:11:08 -08:00
erratic
lint: enable intrange linter (#7331)
2025-05-28 17:50:55 -07:00
errors
plugin/errors: add show_first option to consolidate (#7702) (#7703)
2025-12-09 18:15:49 -08:00
etcd
plugin/etcd: fix import order for ttl test (#7515)
2025-09-05 11:45:30 -07:00
file
fix: fix reload causing secondary plugin goroutine to leak. (#7694)
2025-11-19 17:17:57 -08:00
forward
feat(forward): add max connect attempts knob (#7722)
2025-12-01 18:06:52 -08:00
geoip
plugin/geoip: Upgrade to geoip2-golang v2 (#7732)
2025-12-08 20:19:47 +00:00
grpc
test(grpc): add fuzzer (#7513)
2025-09-12 14:43:56 -07:00
grpc_server
Merge commit from fork
2025-12-17 19:08:59 -08:00
header
lint: enable prealloc (#7493)
2025-09-01 18:05:15 -07:00
health
Enable Prometheus native histograms (#6524)
2024-03-11 16:09:09 -04:00
hosts
chore: enable early-return and superfluous-else from revive (#7129)
2025-06-05 10:10:58 +03:00
https
Merge commit from fork
2025-12-17 19:08:59 -08:00
https3
Merge commit from fork
2025-12-17 19:08:59 -08:00
import
chore: bump coredns/caddy dependency to latest (#7567)
2025-09-20 16:33:00 -07:00
k8s_external
kubernetes: add multicluster support (#7266)
2025-05-18 22:58:16 -07:00
kubernetes
plugin/kubernetes: rate limits to api server (#7771)
2025-12-15 20:06:16 -08:00
loadbalance
chore(lint): bump to v2.5.0 and enable godoclint (#7632)
2025-10-23 10:01:57 -07:00
local
add local plugin (#4262)
2020-11-05 15:02:07 +01:00
log
chore(lint): modernize Go (#7536)
2025-09-10 13:08:27 -07:00
loop
plugin/loop: avoid panic on invalid server block (#7568)
2025-09-21 22:44:36 -07:00
metadata
replace reviewdog fully by golangci-lint (#6139)
2023-06-09 18:08:23 +02:00
metrics
Add basic support for DoH3 (#7677)
2025-11-21 06:01:59 +02:00
minimal
plugin/minimal: fix import path (#4523)
2021-03-16 10:55:21 +01:00
multisocket
Update multisocket README.md (#7621)
2025-10-17 19:16:29 +03:00
nomad
plugin/nomad: Support service filtering (#7724)
2025-11-25 21:05:14 +02:00
nsid
fix: remove unnecessary conversion (#6258)
2023-08-14 15:14:09 +02:00
pkg
fix(test): prevent race condition in dial test (#7770)
2025-12-15 19:30:56 -08:00
pprof
test(plugin): improve test coverage for pprof (#7473)
2025-08-25 13:06:19 -07:00
quic
test: add t.Helper() calls to test helper functions (#7351)
2025-06-04 14:36:04 -07:00
ready
chore(docs): remove extra whitespace from readmes (#7532)
2025-09-09 14:30:27 -07:00
reload
fix: prevent SIGTERM/reload deadlock (#7562)
2025-09-19 04:01:53 -07:00
rewrite
plugin/rewrite: pre-compile CNMAE rewrite regexp (#7697)
2025-11-19 22:27:29 -05:00
root
chore: enable early-return and superfluous-else from revive (#7129)
2025-06-05 10:10:58 +03:00
route53
refactor: use reflect.TypeFor (#7696)
2025-11-19 09:40:18 -08:00
secondary
fix: fix reload causing secondary plugin goroutine to leak. (#7694)
2025-11-19 17:17:57 -08:00
sign
fix(sign): reject invalid UTF‑8 dbfile token (#7589)
2025-10-06 00:06:28 -07:00
template
lint: enable nakedret (#7569)
2025-09-21 08:17:35 -07:00
test
chore(lint): bump to v2.5.0 and enable godoclint (#7632)
2025-10-23 10:01:57 -07:00
timeouts
timeouts plugin documentation include DNS over QUIC (DoQ) (#7166)
2025-03-24 10:37:28 -04:00
tls
fix broken link in webpage (#6488)
2024-03-07 14:24:38 -05:00
trace
fix(plugin): prevent panic when ListenHosts is empty (#7565)
2025-09-19 03:59:37 -07:00
transfer
fix(plugin): nilness findings (#7556)
2025-09-15 10:17:06 -07:00
tsig
chore: Upgrade to golangci-lint v2 (#7236)
2025-04-04 14:27:39 -04:00
view
fix: update broken link to expr language definition (#7604)
2025-10-10 18:24:14 -07:00
whoami
fix: remove unnecessary conversion (#6258)
2023-08-14 15:14:09 +02:00
backend_lookup_test.go
lint: add missing prealloc to backend lookup test (#7510)
2025-09-02 00:41:06 -07:00
backend_lookup.go
chore(lint): modernize Go (#7536)
2025-09-10 13:08:27 -07:00
backend.go
Cherry-pick: Implement notifies for transfer plugin (#3972) (#4142)
2020-09-24 20:30:39 +02:00
done.go
go report card fixes (#3182)
2019-08-24 18:14:25 +00:00
log_test.go
Clean up tests logging (#1979)
2018-07-19 16:23:06 +01:00
normalize_test.go
fix(plugin): normalize panics on invalid origins (#7563)
2025-09-18 19:15:40 -07:00
normalize.go
fix(plugin): normalize panics on invalid origins (#7563)
2025-09-18 19:15:40 -07:00
plugin.go
plugin: Use %w to wrap user error (#7489)
2025-08-29 05:27:11 -07:00
register.go
For caddy v1 in our org (#4018)
2020-09-24 18:14:41 +02:00