Update deps

2025-04-05 06:07:36 +03:00 · 2022-08-30 20:45:06 +02:00 · 2022-08-30 20:45:06 +02:00 · 08d44241b9
commit 08d44241b9
parent 4881186dcf
334 changed files with 15365 additions and 28008 deletions
--- a/vendor/github.com/lucas-clemente/quic-go/interface.go
+++ b/vendor/github.com/lucas-clemente/quic-go/interface.go
@ -26,16 +26,6 @@ const (
 	Version2 = protocol.Version2
 )

-// A Token can be used to verify the ownership of the client address.
-type Token struct {
-	// IsRetryToken encodes how the client received the token. There are two ways:
-	// * In a Retry packet sent when trying to establish a new connection.
-	// * In a NEW_TOKEN frame on a previous connection.
-	IsRetryToken bool
-	RemoteAddr   string
-	SentTime     time.Time
-}
-
 // A ClientToken is a token received by the client.
 // It can be used to skip address validation on future connection attempts.
 type ClientToken struct {
@ -211,6 +201,24 @@ type EarlyConnection interface {
 	NextConnection() Connection
 }

+// A ConnectionIDGenerator is an interface that allows clients to implement their own format
+// for the Connection IDs that servers/clients use as SrcConnectionID in QUIC packets.
+//
+// Connection IDs generated by an implementation should always produce IDs of constant size.
+type ConnectionIDGenerator interface {
+	// GenerateConnectionID generates a new ConnectionID.
+	// Generated ConnectionIDs should be unique and observers should not be able to correlate two ConnectionIDs.
+	GenerateConnectionID() ([]byte, error)
+
+	// ConnectionIDLen tells what is the length of the ConnectionIDs generated by the implementation of
+	// this interface.
+	// Effectively, this means that implementations of ConnectionIDGenerator must always return constant-size
+	// connection IDs. Valid lengths are between 0 and 20 and calls to GenerateConnectionID.
+	// 0-length ConnectionsIDs can be used when an endpoint (server or client) does not require multiplexing connections
+	// in the presence of a connection migration environment.
+	ConnectionIDLen() int
+}
+
 // Config contains all configuration data needed for a QUIC server or client.
 type Config struct {
 	// The QUIC versions that can be negotiated.
@ -223,6 +231,11 @@ type Config struct {
 	// If used for a server, or dialing on a packet conn, a 4 byte connection ID will be used.
 	// When dialing on a packet conn, the ConnectionIDLength value must be the same for every Dial call.
 	ConnectionIDLength int
+	// An optional ConnectionIDGenerator to be used for ConnectionIDs generated during the lifecycle of a QUIC connection.
+	// The goal is to give some control on how connection IDs, which can be useful in some scenarios, in particular for servers.
+	// By default, if not provided, random connection IDs with the length given by ConnectionIDLength is used.
+	// Otherwise, if one is provided, then ConnectionIDLength is ignored.
+	ConnectionIDGenerator ConnectionIDGenerator
 	// HandshakeIdleTimeout is the idle timeout before completion of the handshake.
 	// Specifically, if we don't receive any packet from the peer within this time, the connection attempt is aborted.
 	// If this value is zero, the timeout is set to 5 seconds.
@ -233,14 +246,18 @@ type Config struct {
 	// If the timeout is exceeded, the connection is closed.
 	// If this value is zero, the timeout is set to 30 seconds.
 	MaxIdleTimeout time.Duration
-	// AcceptToken determines if a Token is accepted.
-	// It is called with token = nil if the client didn't send a token.
-	// If not set, a default verification function is used:
-	// * it verifies that the address matches, and
-	//   * if the token is a retry token, that it was issued within the last 5 seconds
-	//   * else, that it was issued within the last 24 hours.
-	// This option is only valid for the server.
-	AcceptToken func(clientAddr net.Addr, token *Token) bool
+	// RequireAddressValidation determines if a QUIC Retry packet is sent.
+	// This allows the server to verify the client's address, at the cost of increasing the handshake latency by 1 RTT.
+	// See https://datatracker.ietf.org/doc/html/rfc9000#section-8 for details.
+	// If not set, every client is forced to prove its remote address.
+	RequireAddressValidation func(net.Addr) bool
+	// MaxRetryTokenAge is the maximum age of a Retry token.
+	// If not set, it defaults to 5 seconds. Only valid for a server.
+	MaxRetryTokenAge time.Duration
+	// MaxTokenAge is the maximum age of the token presented during the handshake,
+	// for tokens that were issued on a previous connection.
+	// If not set, it defaults to 24 hours. Only valid for a server.
+	MaxTokenAge time.Duration
 	// The TokenStore stores tokens received from the server.
 	// Tokens are used to skip address validation on future connection attempts.
 	// The key used to store tokens is the ServerName from the tls.Config, if set