update Go to 1.16, drop support for 1.14

.circleci/config.yml

@@ -1,19 +1,19 @@
 version: 2.1
 executors:
-  test-go114:
-    docker:
-      - image: "circleci/golang:1.14"
-    environment:
-      runrace: true
   test-go115:
     docker:
       - image: "circleci/golang:1.15"
     environment:
       runrace: true
+  test-go116:
+    docker:
+      - image: "circleci/golang:1.16"
+    environment:
+      runrace: true
  
 jobs:
   "test": &test
-    executor: test-go114
+    executor: test-go115
     working_directory: /go/src/github.com/lucas-clemente/quic-go
     steps:
       - checkout
@@ -43,14 +43,14 @@ jobs:
       - run:
           name: "Run self integration tests with qlog"
           command: ginkgo -v -randomizeAllSpecs -trace integrationtests/self -- -qlog
-  go114:
-    <<: *test
   go115:
     <<: *test
-    executor: test-go115
+  go116:
+    <<: *test
+    executor: test-go116
 
 workflows:
   workflow:
     jobs:
-      - go114
       - go115
+      - go116

.github/workflows/cross-compile.yml

@@ -4,7 +4,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        go: [ "1.14.x", "1.15.x", "1.16.0-rc1" ]
+        go: [ "1.15.x", "1.16.x" ]
     runs-on: ubuntu-latest
     name: "Cross Compilation (Go ${{matrix.go}})"
     steps:

.github/workflows/integration.yml

@@ -5,9 +5,9 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        go: [ "1.14.x", "1.15.x", "1.16.0-rc1" ]
+        go: [ "1.15.x", "1.16.x" ]
     runs-on: ubuntu-latest
-    name: Integration Tests, Go ${{ matrix.go }})
+    name: Integration Tests (Go ${{ matrix.go }})
     steps:
       - uses: actions/checkout@v2
       - uses: actions/setup-go@v2

.github/workflows/unit.yml

@@ -7,7 +7,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [ "ubuntu", "windows", "macos" ]
-        go: [ "1.14.x", "1.15.x", "1.16.0-rc1" ]
+        go: [ "1.15.x", "1.16.x" ]
     runs-on: ${{ matrix.os }}-latest
     name: Unit tests (${{ matrix.os}}, Go ${{ matrix.go }})
     steps:

.golangci.yml

@@ -1,7 +1,6 @@
 run:
   skip-files:
-    - internal/handshake/client_session_state.go
+    - internal/qtls/structs_equal_test.go
-    - internal/handshake/unsafe_test.go
 
 linters-settings:
   depguard:

go.mod

@@ -7,9 +7,8 @@ require (
 	github.com/francoispqt/gojay v1.2.13
 	github.com/golang/mock v1.4.4
 	github.com/marten-seemann/qpack v0.2.1
-	github.com/marten-seemann/qtls v0.10.0
 	github.com/marten-seemann/qtls-go1-15 v0.1.1
-	github.com/marten-seemann/qtls-go1-16 v0.1.0-rc.1
+	github.com/marten-seemann/qtls-go1-16 v0.1.0
 	github.com/onsi/ginkgo v1.14.0
 	github.com/onsi/gomega v1.10.1
 	golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9

go.sum

@@ -35,8 +35,6 @@ github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200j
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/mock v1.2.0 h1:28o5sBqPkBsMGnC6b4MvE2TzSr5/AT4c/1fLqVGIwlk=
 github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
-github.com/golang/mock v1.4.0 h1:Rd1kQnQu0Hq3qvJppYSG0HtP+f5LPPUiDswTLiEegLg=
-github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
 github.com/golang/mock v1.4.4 h1:l75CXGRSwbaYNpl/Z2X1XIIAMSCquvXgpVZDhwEIJsc=
 github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
@@ -81,12 +79,10 @@ github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm
 github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/marten-seemann/qpack v0.2.1 h1:jvTsT/HpCn2UZJdP+UUB53FfUUgeOyG5K1ns0OJOGVs=
 github.com/marten-seemann/qpack v0.2.1/go.mod h1:F7Gl5L1jIgN1D11ucXefiuJS9UMVP2opoCp2jDKb7wc=
-github.com/marten-seemann/qtls v0.10.0 h1:ECsuYUKalRL240rRD4Ri33ISb7kAQ3qGDlrrl55b2pc=
-github.com/marten-seemann/qtls v0.10.0/go.mod h1:UvMd1oaYDACI99/oZUYLzMCkBXQVT0aGm99sJhbT8hs=
 github.com/marten-seemann/qtls-go1-15 v0.1.1 h1:LIH6K34bPVttyXnUWixk0bzH6/N07VxbSabxn5A5gZQ=
 github.com/marten-seemann/qtls-go1-15 v0.1.1/go.mod h1:GyFwywLKkRt+6mfU99csTEY1joMZz5vmB1WNZH3P81I=
-github.com/marten-seemann/qtls-go1-16 v0.1.0-rc.1 h1:JCvEgXNTQjxa+vxOx5c8e84iRttJvyt+7Jo7GLgR7KI=
+github.com/marten-seemann/qtls-go1-16 v0.1.0 h1:g7GDnhM8kkJRX6oGDLt+fjEkmKS+f6wdLkFSFdxwRp0=
-github.com/marten-seemann/qtls-go1-16 v0.1.0-rc.1/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk=
+github.com/marten-seemann/qtls-go1-16 v0.1.0/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk=
 github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4=
@@ -200,7 +196,6 @@ golang.org/x/sys v0.0.0-20200519105757-fe76b779f299 h1:DYfZAGf2WMFjMxbgTjaC+2HC7
 golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201231184435-2d18734c6014 h1:joucsQqXmyBVxViHCPFjG3hx8JzIFSaym3l3MM/Jsdg=
 golang.org/x/sys v0.0.0-20201231184435-2d18734c6014/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2 h1:z99zHgr7hKfrUcX/KsoJk5FJfjTceCKIp96+biqP4To=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -258,7 +253,5 @@ grpc.go4.org v0.0.0-20170609214715-11d0a25b4919/go.mod h1:77eQGdRu53HpSqPFJFmuJd
 honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
-rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
 sourcegraph.com/sourcegraph/go-diff v0.5.0/go.mod h1:kuch7UrkMzY0X+p9CRK03kfuPQ2zzQcaEFbx8wA8rck=
 sourcegraph.com/sqs/pbtypes v0.0.0-20180604144634-d3ebe8f20ae4/go.mod h1:ketZ/q3QxT9HOBeFhu6RdvsftgpsbFHBF5Cas6cDKZ0=

internal/qtls/go114.go

@@ -1,186 +0,0 @@
-// +build !go1.15
-// +build !go1.16
-
-package qtls
-
-import (
-	"crypto"
-	"crypto/cipher"
-	"crypto/tls"
-	"net"
-	"unsafe"
-
-	"github.com/marten-seemann/qtls"
-)
-
-type (
-	// Alert is a TLS alert
-	Alert = qtls.Alert
-	// A Certificate is qtls.Certificate.
-	Certificate = qtls.Certificate
-	// CertificateRequestInfo contains inforamtion about a certificate request.
-	CertificateRequestInfo = qtls.CertificateRequestInfo
-	// A CipherSuiteTLS13 is a cipher suite for TLS 1.3
-	CipherSuiteTLS13 = qtls.CipherSuiteTLS13
-	// ClientHelloInfo contains information about a ClientHello.
-	ClientHelloInfo = qtls.ClientHelloInfo
-	// ClientSessionCache is a cache used for session resumption.
-	ClientSessionCache = qtls.ClientSessionCache
-	// ClientSessionState is a state needed for session resumption.
-	ClientSessionState = qtls.ClientSessionState
-	// A Config is a qtls.Config.
-	Config = qtls.Config
-	// A Conn is a qtls.Conn.
-	Conn = qtls.Conn
-	// ConnectionState contains information about the state of the connection.
-	ConnectionState = qtls.ConnectionState
-	// EncryptionLevel is the encryption level of a message.
-	EncryptionLevel = qtls.EncryptionLevel
-	// Extension is a TLS extension
-	Extension = qtls.Extension
-	// RecordLayer is a qtls RecordLayer.
-	RecordLayer = qtls.RecordLayer
-)
-
-type ExtraConfig struct {
-	// GetExtensions, if not nil, is called before a message that allows
-	// sending of extensions is sent.
-	// Currently only implemented for the ClientHello message (for the client)
-	// and for the EncryptedExtensions message (for the server).
-	// Only valid for TLS 1.3.
-	GetExtensions func(handshakeMessageType uint8) []Extension
-
-	// ReceivedExtensions, if not nil, is called when a message that allows the
-	// inclusion of extensions is received.
-	// It is called with an empty slice of extensions, if the message didn't
-	// contain any extensions.
-	// Currently only implemented for the ClientHello message (sent by the
-	// client) and for the EncryptedExtensions message (sent by the server).
-	// Only valid for TLS 1.3.
-	ReceivedExtensions func(handshakeMessageType uint8, exts []Extension)
-
-	// AlternativeRecordLayer is used by QUIC
-	AlternativeRecordLayer RecordLayer
-
-	// Enforce the selection of a supported application protocol.
-	// Only works for TLS 1.3.
-	// If enabled, client and server have to agree on an application protocol.
-	// Otherwise, connection establishment fails.
-	EnforceNextProtoSelection bool
-
-	// If MaxEarlyData is greater than 0, the client will be allowed to send early
-	// data when resuming a session.
-	// Requires the AlternativeRecordLayer to be set.
-	//
-	// It has no meaning on the client.
-	MaxEarlyData uint32
-
-	// The Accept0RTT callback is called when the client offers 0-RTT.
-	// The server then has to decide if it wants to accept or reject 0-RTT.
-	// It is only used for servers.
-	Accept0RTT func(appData []byte) bool
-
-	// 0RTTRejected is called when the server rejectes 0-RTT.
-	// It is only used for clients.
-	Rejected0RTT func()
-
-	// If set, the client will export the 0-RTT key when resuming a session that
-	// allows sending of early data.
-	// Requires the AlternativeRecordLayer to be set.
-	//
-	// It has no meaning to the server.
-	Enable0RTT bool
-
-	// Is called when the client saves a session ticket to the session ticket.
-	// This gives the application the opportunity to save some data along with the ticket,
-	// which can be restored when the session ticket is used.
-	GetAppDataForSessionState func() []byte
-
-	// Is called when the client uses a session ticket.
-	// Restores the application data that was saved earlier on GetAppDataForSessionTicket.
-	SetAppDataFromSessionState func([]byte)
-}
-
-const (
-	// EncryptionHandshake is the Handshake encryption level
-	EncryptionHandshake = qtls.EncryptionHandshake
-	// Encryption0RTT is the 0-RTT encryption level
-	Encryption0RTT = qtls.Encryption0RTT
-	// EncryptionApplication is the application data encryption level
-	EncryptionApplication = qtls.EncryptionApplication
-)
-
-// CipherSuiteName gets the name of a cipher suite.
-func CipherSuiteName(id uint16) string {
-	return qtls.CipherSuiteName(id)
-}
-
-// HkdfExtract generates a pseudorandom key for use with Expand from an input secret and an optional independent salt.
-func HkdfExtract(hash crypto.Hash, newSecret, currentSecret []byte) []byte {
-	return qtls.HkdfExtract(hash, newSecret, currentSecret)
-}
-
-// HkdfExpandLabel HKDF expands a label
-func HkdfExpandLabel(hash crypto.Hash, secret, hashValue []byte, label string, L int) []byte {
-	return qtls.HkdfExpandLabel(hash, secret, hashValue, label, L)
-}
-
-// AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3
-func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD {
-	return qtls.AEADAESGCMTLS13(key, fixedNonce)
-}
-
-// Client returns a new TLS client side connection.
-func Client(conn net.Conn, config *tls.Config, extraConfig *ExtraConfig) *Conn {
-	return qtls.Client(conn, tlsConfigToQtlsConfig(config, extraConfig))
-}
-
-// Server returns a new TLS server side connection.
-func Server(conn net.Conn, config *tls.Config, extraConfig *ExtraConfig) *Conn {
-	return qtls.Server(conn, tlsConfigToQtlsConfig(config, extraConfig))
-}
-
-func GetConnectionState(conn *Conn) ConnectionState {
-	return conn.ConnectionState()
-}
-
-// ToTLSConnectionState extracts the tls.ConnectionState
-// Warning: Calling ExportKeyingMaterial won't work.
-func ToTLSConnectionState(cs ConnectionState) tls.ConnectionState {
-	return tls.ConnectionState{
-		Version:                     cs.Version,
-		HandshakeComplete:           cs.HandshakeComplete,
-		DidResume:                   cs.DidResume,
-		CipherSuite:                 cs.CipherSuite,
-		NegotiatedProtocol:          cs.NegotiatedProtocol,
-		NegotiatedProtocolIsMutual:  cs.NegotiatedProtocolIsMutual,
-		ServerName:                  cs.ServerName,
-		PeerCertificates:            cs.PeerCertificates,
-		VerifiedChains:              cs.VerifiedChains,
-		SignedCertificateTimestamps: cs.SignedCertificateTimestamps,
-		OCSPResponse:                cs.OCSPResponse,
-		TLSUnique:                   cs.TLSUnique,
-	}
-}
-
-type cipherSuiteTLS13 struct {
-	ID     uint16
-	KeyLen int
-	AEAD   func(key, fixedNonce []byte) cipher.AEAD
-	Hash   crypto.Hash
-}
-
-//go:linkname cipherSuiteTLS13ByID github.com/marten-seemann/qtls.cipherSuiteTLS13ByID
-func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13
-
-// CipherSuiteTLS13ByID gets a TLS 1.3 cipher suite.
-func CipherSuiteTLS13ByID(id uint16) *CipherSuiteTLS13 {
-	val := cipherSuiteTLS13ByID(id)
-	cs := (*cipherSuiteTLS13)(unsafe.Pointer(val))
-	return &qtls.CipherSuiteTLS13{
-		ID:     cs.ID,
-		KeyLen: cs.KeyLen,
-		AEAD:   cs.AEAD,
-		Hash:   cs.Hash,
-	}
-}

internal/qtls/go114_test.go

@@ -1,20 +0,0 @@
-// +build !go1.15
-// +build !go1.16
-
-package qtls
-
-import (
-	"crypto/tls"
-
-	. "github.com/onsi/ginkgo"
-	. "github.com/onsi/gomega"
-)
-
-var _ = Describe("qtls wrapper", func() {
-	It("gets cipher suites", func() {
-		for _, id := range []uint16{tls.TLS_AES_128_GCM_SHA256, tls.TLS_AES_256_GCM_SHA384, tls.TLS_CHACHA20_POLY1305_SHA256} {
-			cs := CipherSuiteTLS13ByID(id)
-			Expect(cs.ID).To(Equal(id))
-		}
-	})
-})

internal/qtls/qtls.go

@@ -1,216 +0,0 @@
-// +build !go1.15
-
-package qtls
-
-// This package uses unsafe to convert between:
-// * Certificate and tls.Certificate
-// * CertificateRequestInfo and tls.CertificateRequestInfo
-// * ClientHelloInfo and tls.ClientHelloInfo
-// * ConnectionState and tls.ConnectionState
-// * ClientSessionState and tls.ClientSessionState
-// We check in init() that this conversion actually is safe.
-
-import (
-	"crypto/tls"
-	"net"
-	"unsafe"
-)
-
-func init() {
-	if !structsEqual(&tls.Certificate{}, &Certificate{}) {
-		panic("Certificate not compatible with tls.Certificate")
-	}
-	if !structsEqual(&tls.CertificateRequestInfo{}, &CertificateRequestInfo{}) {
-		panic("CertificateRequestInfo not compatible with tls.CertificateRequestInfo")
-	}
-	if !structsEqual(&tls.ClientSessionState{}, &ClientSessionState{}) {
-		panic("ClientSessionState not compatible with tls.ClientSessionState")
-	}
-	if !structsEqual(&tls.ClientHelloInfo{}, &clientHelloInfo{}) {
-		panic("clientHelloInfo not compatible with tls.ClientHelloInfo")
-	}
-	if !structsEqual(&ClientHelloInfo{}, &qtlsClientHelloInfo{}) {
-		panic("qtlsClientHelloInfo not compatible with ClientHelloInfo")
-	}
-}
-
-func tlsConfigToQtlsConfig(c *tls.Config, ec *ExtraConfig) *Config {
-	if c == nil {
-		c = &tls.Config{}
-	}
-	if ec == nil {
-		ec = &ExtraConfig{}
-	}
-	// Clone the config first. This executes the tls.Config.serverInit().
-	// This sets the SessionTicketKey, if the user didn't supply one.
-	c = c.Clone()
-	// QUIC requires TLS 1.3 or newer
-	minVersion := c.MinVersion
-	if minVersion < tls.VersionTLS13 {
-		minVersion = tls.VersionTLS13
-	}
-	maxVersion := c.MaxVersion
-	if maxVersion < tls.VersionTLS13 {
-		maxVersion = tls.VersionTLS13
-	}
-	var getConfigForClient func(ch *ClientHelloInfo) (*Config, error)
-	if c.GetConfigForClient != nil {
-		getConfigForClient = func(ch *ClientHelloInfo) (*Config, error) {
-			tlsConf, err := c.GetConfigForClient(toTLSClientHelloInfo(ch))
-			if err != nil {
-				return nil, err
-			}
-			if tlsConf == nil {
-				return nil, nil
-			}
-			return tlsConfigToQtlsConfig(tlsConf, ec), nil
-		}
-	}
-	var getCertificate func(ch *ClientHelloInfo) (*Certificate, error)
-	if c.GetCertificate != nil {
-		getCertificate = func(ch *ClientHelloInfo) (*Certificate, error) {
-			cert, err := c.GetCertificate(toTLSClientHelloInfo(ch))
-			if err != nil {
-				return nil, err
-			}
-			if cert == nil {
-				return nil, nil
-			}
-			return (*Certificate)(cert), nil
-		}
-	}
-	var csc ClientSessionCache
-	if c.ClientSessionCache != nil {
-		csc = &clientSessionCache{c.ClientSessionCache}
-	}
-	conf := &Config{
-		Rand:         c.Rand,
-		Time:         c.Time,
-		Certificates: *(*[]Certificate)(unsafe.Pointer(&c.Certificates)),
-		//nolint:staticcheck // NameToCertificate is deprecated, but we still need to copy it if the user sets it.
-		NameToCertificate:         *(*map[string]*Certificate)(unsafe.Pointer(&c.NameToCertificate)),
-		GetCertificate:            getCertificate,
-		GetClientCertificate:      *(*func(*CertificateRequestInfo) (*Certificate, error))(unsafe.Pointer(&c.GetClientCertificate)),
-		GetConfigForClient:        getConfigForClient,
-		VerifyPeerCertificate:     c.VerifyPeerCertificate,
-		RootCAs:                   c.RootCAs,
-		NextProtos:                c.NextProtos,
-		EnforceNextProtoSelection: true,
-		ServerName:                c.ServerName,
-		ClientAuth:                c.ClientAuth,
-		ClientCAs:                 c.ClientCAs,
-		InsecureSkipVerify:        c.InsecureSkipVerify,
-		CipherSuites:              c.CipherSuites,
-		PreferServerCipherSuites:  c.PreferServerCipherSuites,
-		SessionTicketsDisabled:    c.SessionTicketsDisabled,
-		//nolint:staticcheck // SessionTicketKey is deprecated, but we still need to copy it if the user sets it.
-		SessionTicketKey:            c.SessionTicketKey,
-		ClientSessionCache:          csc,
-		MinVersion:                  minVersion,
-		MaxVersion:                  maxVersion,
-		CurvePreferences:            c.CurvePreferences,
-		DynamicRecordSizingDisabled: c.DynamicRecordSizingDisabled,
-		// no need to copy Renegotiation, it's not supported by TLS 1.3
-		KeyLogWriter:               c.KeyLogWriter,
-		AlternativeRecordLayer:     ec.AlternativeRecordLayer,
-		GetExtensions:              ec.GetExtensions,
-		ReceivedExtensions:         ec.ReceivedExtensions,
-		Accept0RTT:                 ec.Accept0RTT,
-		Rejected0RTT:               ec.Rejected0RTT,
-		GetAppDataForSessionState:  ec.GetAppDataForSessionState,
-		SetAppDataFromSessionState: ec.SetAppDataFromSessionState,
-		Enable0RTT:                 ec.Enable0RTT,
-		MaxEarlyData:               ec.MaxEarlyData,
-	}
-	return conf
-}
-
-type clientSessionCache struct {
-	tls.ClientSessionCache
-}
-
-var _ ClientSessionCache = &clientSessionCache{}
-
-func (c *clientSessionCache) Get(sessionKey string) (*ClientSessionState, bool) {
-	sess, ok := c.ClientSessionCache.Get(sessionKey)
-	if sess == nil {
-		return nil, ok
-	}
-	// ClientSessionState is identical to the tls.ClientSessionState.
-	// In order to allow users of quic-go to use a tls.Config,
-	// we need this workaround to use the ClientSessionCache.
-	// In unsafe.go we check that the two structs are actually identical.
-	return (*ClientSessionState)(unsafe.Pointer(sess)), ok
-}
-
-func (c *clientSessionCache) Put(sessionKey string, cs *ClientSessionState) {
-	if cs == nil {
-		c.ClientSessionCache.Put(sessionKey, nil)
-		return
-	}
-	// ClientSessionState is identical to the tls.ClientSessionState.
-	// In order to allow users of quic-go to use a tls.Config,
-	// we need this workaround to use the ClientSessionCache.
-	// In unsafe.go we check that the two structs are actually identical.
-	c.ClientSessionCache.Put(sessionKey, (*tls.ClientSessionState)(unsafe.Pointer(cs)))
-}
-
-type clientHelloInfo struct {
-	CipherSuites      []uint16
-	ServerName        string
-	SupportedCurves   []tls.CurveID
-	SupportedPoints   []uint8
-	SignatureSchemes  []tls.SignatureScheme
-	SupportedProtos   []string
-	SupportedVersions []uint16
-	Conn              net.Conn
-
-	config *tls.Config
-}
-
-type qtlsClientHelloInfo struct {
-	CipherSuites      []uint16
-	ServerName        string
-	SupportedCurves   []tls.CurveID
-	SupportedPoints   []uint8
-	SignatureSchemes  []tls.SignatureScheme
-	SupportedProtos   []string
-	SupportedVersions []uint16
-	Conn              net.Conn
-
-	config *Config
-}
-
-func toTLSClientHelloInfo(chi *ClientHelloInfo) *tls.ClientHelloInfo {
-	if chi == nil {
-		return nil
-	}
-	qtlsCHI := (*qtlsClientHelloInfo)(unsafe.Pointer(chi))
-	var config *tls.Config
-	if qtlsCHI.config != nil {
-		config = qtlsConfigToTLSConfig(qtlsCHI.config)
-	}
-	return (*tls.ClientHelloInfo)(unsafe.Pointer(&clientHelloInfo{
-		CipherSuites:      chi.CipherSuites,
-		ServerName:        chi.ServerName,
-		SupportedCurves:   chi.SupportedCurves,
-		SupportedPoints:   chi.SupportedPoints,
-		SignatureSchemes:  chi.SignatureSchemes,
-		SupportedProtos:   chi.SupportedProtos,
-		SupportedVersions: chi.SupportedVersions,
-		Conn:              chi.Conn,
-		config:            config,
-	}))
-}
-
-// qtlsConfigToTLSConfig is used to transform a Config to a tls.Config.
-// It is used to create the tls.Config in the ClientHelloInfo.
-// It doesn't copy all values, but only those used by ClientHelloInfo.SupportsCertificate.
-func qtlsConfigToTLSConfig(config *Config) *tls.Config {
-	return &tls.Config{
-		MinVersion:       config.MinVersion,
-		MaxVersion:       config.MaxVersion,
-		CipherSuites:     config.CipherSuites,
-		CurvePreferences: config.CurvePreferences,
-	}
-}

internal/qtls/qtls_test.go

@@ -1,229 +0,0 @@
-// +build !go1.15
-
-package qtls
-
-import (
-	"crypto/tls"
-	"errors"
-	"net"
-	"unsafe"
-
-	mocktls "github.com/lucas-clemente/quic-go/internal/mocks/tls"
-
-	"github.com/marten-seemann/qtls"
-
-	. "github.com/onsi/ginkgo"
-	. "github.com/onsi/gomega"
-)
-
-var _ = Describe("Config", func() {
-	It("sets MinVersion and MaxVersion", func() {
-		tlsConf := &tls.Config{MinVersion: tls.VersionTLS11, MaxVersion: tls.VersionTLS12}
-		qtlsConf := tlsConfigToQtlsConfig(tlsConf, nil)
-		Expect(qtlsConf.MinVersion).To(BeEquivalentTo(tls.VersionTLS13))
-		Expect(qtlsConf.MaxVersion).To(BeEquivalentTo(tls.VersionTLS13))
-	})
-
-	It("works when called with a nil config", func() {
-		qtlsConf := tlsConfigToQtlsConfig(nil, nil)
-		Expect(qtlsConf).ToNot(BeNil())
-	})
-
-	It("sets the setter and getter function for TLS extensions", func() {
-		var get, received bool
-		extraConfig := &ExtraConfig{
-			GetExtensions:      func(handshakeMessageType uint8) []Extension { get = true; return nil },
-			ReceivedExtensions: func(handshakeMessageType uint8, exts []qtls.Extension) { received = true },
-		}
-		qtlsConf := tlsConfigToQtlsConfig(&tls.Config{}, extraConfig)
-		qtlsConf.GetExtensions(10)
-		Expect(get).To(BeTrue())
-		Expect(received).To(BeFalse())
-		qtlsConf.ReceivedExtensions(10, nil)
-		Expect(received).To(BeTrue())
-	})
-
-	It("sets the Accept0RTT callback", func() {
-		qtlsConf := tlsConfigToQtlsConfig(nil, &ExtraConfig{Accept0RTT: func([]byte) bool { return true }})
-		Expect(qtlsConf.Accept0RTT).ToNot(BeNil())
-		Expect(qtlsConf.Accept0RTT(nil)).To(BeTrue())
-	})
-
-	It("sets the Rejected0RTT callback", func() {
-		var called bool
-		qtlsConf := tlsConfigToQtlsConfig(nil, &ExtraConfig{Rejected0RTT: func() { called = true }})
-		Expect(qtlsConf.Rejected0RTT).ToNot(BeNil())
-		qtlsConf.Rejected0RTT()
-		Expect(called).To(BeTrue())
-	})
-
-	It("sets MaxEarlyData", func() {
-		qtlsConf := tlsConfigToQtlsConfig(nil, nil)
-		Expect(qtlsConf.MaxEarlyData).To(BeZero())
-		qtlsConf = tlsConfigToQtlsConfig(nil, &ExtraConfig{MaxEarlyData: 1337})
-		Expect(qtlsConf.MaxEarlyData).To(Equal(uint32(1337)))
-	})
-
-	It("enables 0-RTT", func() {
-		qtlsConf := tlsConfigToQtlsConfig(nil, nil)
-		Expect(qtlsConf.Enable0RTT).To(BeFalse())
-		qtlsConf = tlsConfigToQtlsConfig(nil, &ExtraConfig{Enable0RTT: true})
-		Expect(qtlsConf.Enable0RTT).To(BeTrue())
-	})
-
-	It("initializes such that the session ticket key remains constant", func() {
-		tlsConf := &tls.Config{}
-		qtlsConf1 := tlsConfigToQtlsConfig(tlsConf, nil)
-		qtlsConf2 := tlsConfigToQtlsConfig(tlsConf, nil)
-		Expect(qtlsConf1.SessionTicketKey).ToNot(BeZero()) // should now contain a random value
-		Expect(qtlsConf1.SessionTicketKey).To(Equal(qtlsConf2.SessionTicketKey))
-	})
-
-	Context("GetConfigForClient callback", func() {
-		It("doesn't set it if absent", func() {
-			qtlsConf := tlsConfigToQtlsConfig(nil, nil)
-			Expect(qtlsConf.GetConfigForClient).To(BeNil())
-		})
-
-		It("returns a Config", func() {
-			tlsConf := &tls.Config{
-				GetConfigForClient: func(*tls.ClientHelloInfo) (*tls.Config, error) {
-					return &tls.Config{ServerName: "foo.bar"}, nil
-				},
-			}
-			var received bool
-			qtlsConf := tlsConfigToQtlsConfig(tlsConf, &ExtraConfig{ReceivedExtensions: func(uint8, []Extension) { received = true }})
-			Expect(qtlsConf.GetConfigForClient).ToNot(BeNil())
-			confForClient, err := qtlsConf.GetConfigForClient(nil)
-			Expect(err).ToNot(HaveOccurred())
-			Expect(confForClient.ServerName).To(Equal("foo.bar"))
-			Expect(confForClient).ToNot(BeNil())
-			Expect(confForClient.MinVersion).To(BeEquivalentTo(tls.VersionTLS13))
-			Expect(confForClient.MaxVersion).To(BeEquivalentTo(tls.VersionTLS13))
-			Expect(received).To(BeFalse())
-			Expect(confForClient.ReceivedExtensions).ToNot(BeNil())
-			confForClient.ReceivedExtensions(10, nil)
-			Expect(received).To(BeTrue())
-		})
-
-		It("returns errors", func() {
-			testErr := errors.New("test")
-			tlsConf := &tls.Config{
-				GetConfigForClient: func(*tls.ClientHelloInfo) (*tls.Config, error) {
-					return nil, testErr
-				},
-			}
-			qtlsConf := tlsConfigToQtlsConfig(tlsConf, nil)
-			_, err := qtlsConf.GetConfigForClient(nil)
-			Expect(err).To(MatchError(testErr))
-		})
-
-		It("returns nil when the callback returns nil", func() {
-			tlsConf := &tls.Config{
-				GetConfigForClient: func(*tls.ClientHelloInfo) (*tls.Config, error) {
-					return nil, nil
-				},
-			}
-			qtlsConf := tlsConfigToQtlsConfig(tlsConf, nil)
-			Expect(qtlsConf.GetConfigForClient(nil)).To(BeNil())
-		})
-	})
-
-	Context("GetCertificate callback", func() {
-		It("returns a certificate", func() {
-			tlsConf := &tls.Config{
-				GetCertificate: func(*tls.ClientHelloInfo) (*tls.Certificate, error) {
-					return &tls.Certificate{Certificate: [][]byte{[]byte("foo"), []byte("bar")}}, nil
-				},
-			}
-			qtlsConf := tlsConfigToQtlsConfig(tlsConf, nil)
-			qtlsCert, err := qtlsConf.GetCertificate(nil)
-			Expect(err).ToNot(HaveOccurred())
-			Expect(qtlsCert).ToNot(BeNil())
-			Expect(qtlsCert.Certificate).To(Equal([][]byte{[]byte("foo"), []byte("bar")}))
-		})
-
-		It("doesn't set it if absent", func() {
-			qtlsConf := tlsConfigToQtlsConfig(&tls.Config{}, nil)
-			Expect(qtlsConf.GetCertificate).To(BeNil())
-		})
-
-		It("returns errors", func() {
-			tlsConf := &tls.Config{
-				GetCertificate: func(*tls.ClientHelloInfo) (*tls.Certificate, error) {
-					return nil, errors.New("test")
-				},
-			}
-			qtlsConf := tlsConfigToQtlsConfig(tlsConf, nil)
-			_, err := qtlsConf.GetCertificate(nil)
-			Expect(err).To(MatchError("test"))
-		})
-
-		It("returns nil when the callback returns nil", func() {
-			tlsConf := &tls.Config{
-				GetCertificate: func(*tls.ClientHelloInfo) (*tls.Certificate, error) {
-					return nil, nil
-				},
-			}
-			qtlsConf := tlsConfigToQtlsConfig(tlsConf, nil)
-			Expect(qtlsConf.GetCertificate(nil)).To(BeNil())
-		})
-	})
-
-	Context("ClientSessionCache", func() {
-		It("doesn't set if absent", func() {
-			qtlsConf := tlsConfigToQtlsConfig(&tls.Config{}, nil)
-			Expect(qtlsConf.ClientSessionCache).To(BeNil())
-		})
-
-		It("puts a nil session state", func() {
-			csc := mocktls.NewMockClientSessionCache(mockCtrl)
-			tlsConf := &tls.Config{ClientSessionCache: csc}
-			qtlsConf := tlsConfigToQtlsConfig(tlsConf, nil)
-			// put something
-			csc.EXPECT().Put("foobar", nil)
-			qtlsConf.ClientSessionCache.Put("foobar", nil)
-		})
-	})
-})
-
-var _ = Describe("Config generation", func() {
-	It("converts a ClientHelloInfo to a tls.ClientHelloInfo", func() {
-		chi := &qtlsClientHelloInfo{
-			CipherSuites:      []uint16{1, 2, 3},
-			ServerName:        "foo.bar",
-			SupportedCurves:   []tls.CurveID{4, 5, 6},
-			SupportedPoints:   []uint8{7, 8, 9},
-			SignatureSchemes:  []tls.SignatureScheme{10, 11, 12},
-			SupportedProtos:   []string{"foo", "bar"},
-			SupportedVersions: []uint16{13, 14, 15},
-			Conn:              &net.UDPConn{},
-			config: &Config{
-				MinVersion:       tls.VersionTLS10,
-				MaxVersion:       tls.VersionTLS12,
-				CipherSuites:     []uint16{16, 17, 18},
-				CurvePreferences: []tls.CurveID{19, 20, 21},
-			},
-		}
-		tlsCHI := toTLSClientHelloInfo((*ClientHelloInfo)(unsafe.Pointer(chi)))
-		Expect(tlsCHI.CipherSuites).To(Equal([]uint16{1, 2, 3}))
-		Expect(tlsCHI.ServerName).To(Equal("foo.bar"))
-		Expect(tlsCHI.SupportedCurves).To(Equal([]tls.CurveID{4, 5, 6}))
-		Expect(tlsCHI.SupportedPoints).To(Equal([]uint8{7, 8, 9}))
-		Expect(tlsCHI.SignatureSchemes).To(Equal([]tls.SignatureScheme{10, 11, 12}))
-		Expect(tlsCHI.SupportedProtos).To(Equal([]string{"foo", "bar"}))
-		Expect(tlsCHI.SupportedVersions).To(Equal([]uint16{13, 14, 15}))
-		Expect(tlsCHI.Conn).To(Equal(&net.UDPConn{}))
-		c := (*clientHelloInfo)(unsafe.Pointer(tlsCHI))
-		Expect(c.config.CipherSuites).To(Equal([]uint16{16, 17, 18}))
-		Expect(c.config.MinVersion).To(BeEquivalentTo(tls.VersionTLS10))
-		Expect(c.config.MaxVersion).To(BeEquivalentTo(tls.VersionTLS12))
-		Expect(c.config.CurvePreferences).To(Equal([]tls.CurveID{19, 20, 21}))
-	})
-
-	It("converts a ClientHelloInfo to a tls.ClientHelloInfo, if no config is set", func() {
-		chi := &qtlsClientHelloInfo{CipherSuites: []uint16{13, 37}}
-		tlsCHI := toTLSClientHelloInfo((*ClientHelloInfo)(unsafe.Pointer(chi)))
-		Expect(tlsCHI.CipherSuites).To(Equal([]uint16{13, 37}))
-	})
-})

internal/qtls/structs_equal.go

@@ -1,5 +1,3 @@
-// +build !go1.15
-
 package qtls
 
 import "reflect"

internal/qtls/structs_equal_test.go

@@ -1,5 +1,3 @@
-// +build !go1.15
-
 package qtls
 
 import (

interop/Dockerfile

@@ -2,9 +2,9 @@ FROM martenseemann/quic-network-simulator-endpoint:latest AS builder
 
 RUN apt-get update && apt-get install -y wget tar git
 
-RUN wget https://dl.google.com/go/go1.14.linux-amd64.tar.gz && \
+RUN wget https://dl.google.com/go/go1.16.linux-amd64.tar.gz && \
-  tar xfz go1.14.linux-amd64.tar.gz && \
+  tar xfz go1.16.linux-amd64.tar.gz && \
-  rm go1.14.linux-amd64.tar.gz
+  rm go1.16.linux-amd64.tar.gz
 
 ENV PATH="/go/bin:${PATH}"
 

stream.go

@@ -1,6 +1,8 @@
 package quic
 
 import (
+	"net"
+	"os"
 	"sync"
 	"time"
 
@@ -10,6 +12,15 @@ import (
 	"github.com/lucas-clemente/quic-go/internal/wire"
 )
 
+type deadlineError struct{}
+
+func (deadlineError) Error() string   { return "deadline exceeded" }
+func (deadlineError) Temporary() bool { return true }
+func (deadlineError) Timeout() bool   { return true }
+func (deadlineError) Unwrap() error   { return os.ErrDeadlineExceeded }
+
+var errDeadline net.Error = &deadlineError{}
+
 // The streamSender is notified by the stream about various events.
 type streamSender interface {
 	queueControlFrame(wire.Frame)

stream_deadline_error.go

@@ -1,11 +0,0 @@
-package quic
-
-import "net"
-
-type deadlineError struct{}
-
-func (deadlineError) Error() string   { return "deadline exceeded" }
-func (deadlineError) Temporary() bool { return true }
-func (deadlineError) Timeout() bool   { return true }
-
-var errDeadline net.Error = &deadlineError{}

stream_deadline_error_go115.go

@@ -1,9 +0,0 @@
-// +build go1.15
-
-package quic
-
-import (
-	"os"
-)
-
-func (deadlineError) Unwrap() error { return os.ErrDeadlineExceeded }

stream_deadline_error_test.go

@@ -1,21 +0,0 @@
-// +build go1.15
-
-package quic
-
-import (
-	"errors"
-	"os"
-
-	. "github.com/onsi/ginkgo"
-	. "github.com/onsi/gomega"
-)
-
-var _ = Describe("Deadline Error", func() {
-	It("is a net.Error that wraps os.ErrDeadlineError", func() {
-		err := deadlineError{}
-		Expect(err.Temporary()).To(BeTrue())
-		Expect(err.Timeout()).To(BeTrue())
-		Expect(errors.Is(err, os.ErrDeadlineExceeded)).To(BeTrue())
-		Expect(errors.Unwrap(err)).To(Equal(os.ErrDeadlineExceeded))
-	})
-})

stream_test.go

@@ -1,6 +1,7 @@
 package quic
 
 import (
+	"errors"
 	"io"
 	"os"
 	"strconv"
@@ -94,3 +95,13 @@ var _ = Describe("Stream", func() {
 		})
 	})
 })
+
+var _ = Describe("Deadline Error", func() {
+	It("is a net.Error that wraps os.ErrDeadlineError", func() {
+		err := deadlineError{}
+		Expect(err.Temporary()).To(BeTrue())
+		Expect(err.Timeout()).To(BeTrue())
+		Expect(errors.Is(err, os.ErrDeadlineExceeded)).To(BeTrue())
+		Expect(errors.Unwrap(err)).To(Equal(os.ErrDeadlineExceeded))
+	})
+})