From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Fri, 20 Jun 2025 11:44:33 +0000 (+0200)
Subject: dnsdist: Define `dnsdist::doh::MAX_INCOMING_CONCURRENT_STREAMS`
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=866c8f3fff753d3b2a03c1da50e8d53056880a46;p=thirdparty%2Fpdns.git

dnsdist: Define `dnsdist::doh::MAX_INCOMING_CONCURRENT_STREAMS`

Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
---

diff --git a/pdns/dnsdistdist/dnsdist-doh-common.hh b/pdns/dnsdistdist/dnsdist-doh-common.hh
index d485e7a5d..74f12b2fa 100644
--- a/pdns/dnsdistdist/dnsdist-doh-common.hh
+++ b/pdns/dnsdistdist/dnsdist-doh-common.hh
@@ -35,6 +35,8 @@
 
 namespace dnsdist::doh
 {
+static constexpr uint32_t MAX_INCOMING_CONCURRENT_STREAMS{100U};
+
 std::optional<PacketBuffer> getPayloadFromPath(const std::string_view& path);
 }
 
diff --git a/pdns/dnsdistdist/dnsdist-nghttp2-in.cc b/pdns/dnsdistdist/dnsdist-nghttp2-in.cc
index b7983314b..2ada93a4a 100644
--- a/pdns/dnsdistdist/dnsdist-nghttp2-in.cc
+++ b/pdns/dnsdistdist/dnsdist-nghttp2-in.cc
@@ -93,8 +93,6 @@ private:
 };
 #endif
 
-static constexpr uint32_t MAX_CONCURRENT_STREAMS{100U};
-
 class IncomingDoHCrossProtocolContext : public DOHUnitInterface
 {
 public:
@@ -294,7 +292,7 @@ bool IncomingHTTP2Connection::checkALPN()
 
 void IncomingHTTP2Connection::handleConnectionReady()
 {
-  constexpr std::array<nghttp2_settings_entry, 1> settings{{{NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, MAX_CONCURRENT_STREAMS}}};
+  constexpr std::array<nghttp2_settings_entry, 1> settings{{{NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, dnsdist::doh::MAX_INCOMING_CONCURRENT_STREAMS}}};
   constexpr std::array<nghttp2_settings_entry, 1> nearLimitsSettings{{{NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, 1U}}};
   auto ret = nghttp2_submit_settings(d_session.get(), NGHTTP2_FLAG_NONE, isNearTCPLimits() ? nearLimitsSettings.data() : settings.data(), isNearTCPLimits() ? nearLimitsSettings.size() : settings.size());
   if (ret != 0) {
@@ -987,7 +985,7 @@ int IncomingHTTP2Connection::on_begin_headers_callback(nghttp2_session* session,
     return 0;
   };
 
-  if (conn->getConcurrentStreamsCount() >= MAX_CONCURRENT_STREAMS) {
+  if (conn->getConcurrentStreamsCount() >= dnsdist::doh::MAX_INCOMING_CONCURRENT_STREAMS) {
     vinfolog("Too many concurrent streams on connection from %d", conn->d_ci.remote.toStringWithPort());
     return close_connection(conn, frame->hd.stream_id, conn->d_ci.remote);
   }
diff --git a/pdns/dnsdistdist/doh.cc b/pdns/dnsdistdist/doh.cc
index 6dfff3322..ea28a020e 100644
--- a/pdns/dnsdistdist/doh.cc
+++ b/pdns/dnsdistdist/doh.cc
@@ -1085,7 +1085,7 @@ static int doh_handler(h2o_handler_t *self, h2o_req_t *req)
     }
 
     auto& conn = t_conns.at(descriptor);
-    if (conn.d_concurrentStreams >= 100U) {
+    if (conn.d_concurrentStreams >= dnsdist::doh::MAX_INCOMING_CONCURRENT_STREAMS) {
       vinfolog("Too many concurrent streams on connection from %d", conn.d_remote.toStringWithPort());
       return 0;
     }