This prevents a race condition when the underlying ClientSessionCache
provided by the application returns the same session ticket for multiple
connections. Reusing session tickets is explicitly recommended against
by both RFC 8446 and RFC 9001, but it's not forbidden. This fix only
benefits applications that compromise their users' privacy by reusing
session tickets.
This technically violates the stateless reset handling logic described
in RFC 9000 section 10.3.1 (see comment), but it saves one map lookup in
the hot path.
The slice will be allocated when STREAM frames are appended. By not
preallocating it is made sure that the slice is only created in cases
where STREAM frames are actually sent in this packet.
* avoid lock contention when accepting new connections
The server used to hold the packet handler map's lock while creating the
connection struct for a newly accepted connection. This was intended to
make sure that no two connections with the same Destination Connection
ID could be created.
This is a corner case: it can only happen if two Initial packets with
the same Destination Connection ID are received at the same time. If
the second one is received after the first one has already been
processed, it would be routed to the first connection. We don't need to
optimized for this corner case. It's ok to create a new connection in
that case, and immediately close it if this collision is detected.
* only pass 0-RTT to the connection if it was actually accepted
The qlog writer simply records events, puts them into a channel, and
consumes these events in a separate Go routine (by serializing them).
The ConnectionTracer is the one generating those events.
* Fix protocol
The default value should be "HTTP/3.0".
* Reject normal request with :protocol header
The :protocol pseudo header is only defined for
Extended Connect requests (RFC 9220).
* save one branch check
* Fix review issue
* add Transport config options to limit the number of handshakes
* fix accounting for failed handshakes
* increase handshake limits, improve documentation
So far, we used Connection.destroy, which destroys a connection without
sending out a CONNECTION_CLOSE frame. This is useful (for example) when
receiving a stateless reset, but it's not what we want when the server
refuses an incoming connection. In this case, we want to send out a
packet with a CONNECTION_CLOSE frame to inform the client that the
connection attempt is being rejected.
There's no need to have a dedicated shutdown method, as the use case
(shutting down an outgoing connection attempt on context cancellation)
can be achieved by using Connection.destroy.
