git.ipfire.org Git - thirdparty/knot-resolver.git/commitdiff

]> git.ipfire.org Git - thirdparty/knot-resolver.git/commitdiff

projects / thirdparty / knot-resolver.git / commitdiff

author	Vladimír Čunát <vladimir.cunat@nic.cz>
	Tue, 13 Feb 2024 11:43:16 +0000 (12:43 +0100)
committer	Vladimír Čunát <vladimir.cunat@nic.cz>
	Tue, 13 Feb 2024 11:43:16 +0000 (12:43 +0100)

DNSSEC verification complexity could be exploited to exhaust CPU resources and stall DNS resolvers.

Solution boils down mainly to limiting crypto-validations per packet.

Trivial merge

Mirror of https://gitlab.nic.cz/knot/knot-resolver.git

RSS Atom