Please sign in to comment.
http2: limit number of rejected stream openings
Limit the number of streams that are rejected upon creation. Since each such rejection is associated with an `NGHTTP2_ENHANCE_YOUR_CALM` error that should tell the peer to not open any more streams, continuing to open streams should be read as a sign of a misbehaving peer. The limit is currently set to 100 but could be changed or made configurable. This is intended to mitigate CVE-2019-9514. Backport-PR-URL: #29123 PR-URL: #29122 Reviewed-By: Rich Trott <firstname.lastname@example.org> Reviewed-By: James M Snell <email@example.com>
- Loading branch information...
Showing with 17 additions and 1 deletion.