only allow the HTTP/3 client to dial with a single QUIC version

http3/client.go

@@ -11,6 +11,7 @@ import (
 	"sync"
 
 	"github.com/lucas-clemente/quic-go"
+	"github.com/lucas-clemente/quic-go/internal/protocol"
 	"github.com/lucas-clemente/quic-go/internal/qtls"
 	"github.com/lucas-clemente/quic-go/internal/utils"
 	"github.com/marten-seemann/qpack"
@@ -28,6 +29,7 @@ const (
 var defaultQuicConfig = &quic.Config{
 	MaxIncomingStreams: -1, // don't allow the server to create bidirectional streams
 	KeepAlive:          true,
+	Versions:           []protocol.VersionNumber{protocol.VersionTLS},
 }
 
 var dialAddr = quic.DialAddrEarly
@@ -63,19 +65,26 @@ func newClient(
 	opts *roundTripperOpts,
 	quicConfig *quic.Config,
 	dialer func(network, addr string, tlsCfg *tls.Config, cfg *quic.Config) (quic.EarlySession, error),
-) *client {
+) (*client, error) {
+	if quicConfig == nil {
+		quicConfig = defaultQuicConfig
+	} else if len(quicConfig.Versions) == 0 {
+		quicConfig = quicConfig.Clone()
+		quicConfig.Versions = []quic.VersionNumber{defaultQuicConfig.Versions[0]}
+	}
+	if len(quicConfig.Versions) != 1 {
+		return nil, errors.New("can only use a single QUIC version for dialing a HTTP/3 connection")
+	}
+	quicConfig.MaxIncomingStreams = -1 // don't allow any bidirectional streams
+	logger := utils.DefaultLogger.WithPrefix("h3 client")
+
 	if tlsConf == nil {
 		tlsConf = &tls.Config{}
 	} else {
 		tlsConf = tlsConf.Clone()
 	}
 	// Replace existing ALPNs by H3
-	tlsConf.NextProtos = []string{nextProtoH3Draft29}
-	if quicConfig == nil {
-		quicConfig = defaultQuicConfig
-	}
-	quicConfig.MaxIncomingStreams = -1 // don't allow any bidirectional streams
-	logger := utils.DefaultLogger.WithPrefix("h3 client")
+	tlsConf.NextProtos = []string{versionToALPN(quicConfig.Versions[0])}
 
 	return &client{
 		hostname:      authorityAddr("https", hostname),
@@ -86,7 +95,7 @@ func newClient(
 		opts:          opts,
 		dialer:        dialer,
 		logger:        logger,
-	}
+	}, nil
 }
 
 func (c *client) dial() error {