TUN-6191: Update quic-go to v0.27.1 and with custom patch to allow keep alive period to be configurable

The idle period is set to 5sec. We now also ping every second since last activity. This makes the quic.Connection less prone to being closed with no network activity, since we send multiple pings per idle period, and thus a single packet loss cannot cause the problem.
2025-07-28 11:29:57 +00:00 · 2022-06-06 14:15:35 +01:00
parent 4ccef23dbc
commit 475939a77f
49 changed files with 671 additions and 486 deletions
--- a/vendor/github.com/lucas-clemente/quic-go/interface.go
+++ b/vendor/github.com/lucas-clemente/quic-go/interface.go
@@ -59,15 +59,15 @@ type TokenStore interface {
 // when the server rejects a 0-RTT connection attempt.
 var Err0RTTRejected = errors.New("0-RTT rejected")

-// SessionTracingKey can be used to associate a ConnectionTracer with a Session.
-// It is set on the Session.Context() context,
+// ConnectionTracingKey can be used to associate a ConnectionTracer with a Connection.
+// It is set on the Connection.Context() context,
 // as well as on the context passed to logging.Tracer.NewConnectionTracer.
-var SessionTracingKey = sessionTracingCtxKey{}
+var ConnectionTracingKey = connTracingCtxKey{}

-type sessionTracingCtxKey struct{}
+type connTracingCtxKey struct{}

 // Stream is the interface implemented by QUIC streams
-// In addition to the errors listed on the Session,
+// In addition to the errors listed on the Connection,
 // calls to stream functions can return a StreamError if the stream is canceled.
 type Stream interface {
 	ReceiveStream
@@ -87,7 +87,7 @@ type ReceiveStream interface {
 	// after a fixed time limit; see SetDeadline and SetReadDeadline.
 	// If the stream was canceled by the peer, the error implements the StreamError
 	// interface, and Canceled() == true.
-	// If the session was closed due to a timeout, the error satisfies
+	// If the connection was closed due to a timeout, the error satisfies
 	// the net.Error interface, and Timeout() will be true.
 	io.Reader
 	// CancelRead aborts receiving on this stream.
@@ -111,7 +111,7 @@ type SendStream interface {
 	// after a fixed time limit; see SetDeadline and SetWriteDeadline.
 	// If the stream was canceled by the peer, the error implements the StreamError
 	// interface, and Canceled() == true.
-	// If the session was closed due to a timeout, the error satisfies
+	// If the connection was closed due to a timeout, the error satisfies
 	// the net.Error interface, and Timeout() will be true.
 	io.Writer
 	// Close closes the write-direction of the stream.
@@ -124,7 +124,7 @@ type SendStream interface {
 	// Write will unblock immediately, and future calls to Write will fail.
 	// When called multiple times or after closing the stream it is a no-op.
 	CancelWrite(StreamErrorCode)
-	// The context is canceled as soon as the write-side of the stream is closed.
+	// The Context is canceled as soon as the write-side of the stream is closed.
 	// This happens when Close() or CancelWrite() is called, or when the peer
 	// cancels the read-side of their stream.
 	// Warning: This API should not be considered stable and might change soon.
@@ -132,26 +132,26 @@ type SendStream interface {
 	// SetWriteDeadline sets the deadline for future Write calls
 	// and any currently-blocked Write call.
 	// Even if write times out, it may return n > 0, indicating that
-	// some of the data was successfully written.
+	// some data was successfully written.
 	// A zero value for t means Write will not time out.
 	SetWriteDeadline(t time.Time) error
 }

-// A Session is a QUIC connection between two peers.
-// Calls to the session (and to streams) can return the following types of errors:
+// A Connection is a QUIC connection between two peers.
+// Calls to the connection (and to streams) can return the following types of errors:
 // * ApplicationError: for errors triggered by the application running on top of QUIC
 // * TransportError: for errors triggered by the QUIC transport (in many cases a misbehaving peer)
 // * IdleTimeoutError: when the peer goes away unexpectedly (this is a net.Error timeout error)
 // * HandshakeTimeoutError: when the cryptographic handshake takes too long (this is a net.Error timeout error)
 // * StatelessResetError: when we receive a stateless reset (this is a net.Error temporary error)
 // * VersionNegotiationError: returned by the client, when there's no version overlap between the peers
-type Session interface {
+type Connection interface {
 	// AcceptStream returns the next stream opened by the peer, blocking until one is available.
-	// If the session was closed due to a timeout, the error satisfies
+	// If the connection was closed due to a timeout, the error satisfies
 	// the net.Error interface, and Timeout() will be true.
 	AcceptStream(context.Context) (Stream, error)
 	// AcceptUniStream returns the next unidirectional stream opened by the peer, blocking until one is available.
-	// If the session was closed due to a timeout, the error satisfies
+	// If the connection was closed due to a timeout, the error satisfies
 	// the net.Error interface, and Timeout() will be true.
 	AcceptUniStream(context.Context) (ReceiveStream, error)
 	// OpenStream opens a new bidirectional QUIC stream.
@@ -159,22 +159,22 @@ type Session interface {
 	// The peer can only accept the stream after data has been sent on the stream.
 	// If the error is non-nil, it satisfies the net.Error interface.
 	// When reaching the peer's stream limit, err.Temporary() will be true.
-	// If the session was closed due to a timeout, Timeout() will be true.
+	// If the connection was closed due to a timeout, Timeout() will be true.
 	OpenStream() (Stream, error)
 	// OpenStreamSync opens a new bidirectional QUIC stream.
 	// It blocks until a new stream can be opened.
 	// If the error is non-nil, it satisfies the net.Error interface.
-	// If the session was closed due to a timeout, Timeout() will be true.
+	// If the connection was closed due to a timeout, Timeout() will be true.
 	OpenStreamSync(context.Context) (Stream, error)
 	// OpenUniStream opens a new outgoing unidirectional QUIC stream.
 	// If the error is non-nil, it satisfies the net.Error interface.
 	// When reaching the peer's stream limit, Temporary() will be true.
-	// If the session was closed due to a timeout, Timeout() will be true.
+	// If the connection was closed due to a timeout, Timeout() will be true.
 	OpenUniStream() (SendStream, error)
 	// OpenUniStreamSync opens a new outgoing unidirectional QUIC stream.
 	// It blocks until a new stream can be opened.
 	// If the error is non-nil, it satisfies the net.Error interface.
-	// If the session was closed due to a timeout, Timeout() will be true.
+	// If the connection was closed due to a timeout, Timeout() will be true.
 	OpenUniStreamSync(context.Context) (SendStream, error)
 	// LocalAddr returns the local address.
 	LocalAddr() net.Addr
@@ -183,7 +183,7 @@ type Session interface {
 	// CloseWithError closes the connection with an error.
 	// The error string will be sent to the peer.
 	CloseWithError(ApplicationErrorCode, string) error
-	// The context is cancelled when the session is closed.
+	// The context is cancelled when the connection is closed.
 	// Warning: This API should not be considered stable and might change soon.
 	Context() context.Context
 	// ConnectionState returns basic details about the QUIC connection.
@@ -199,19 +199,19 @@ type Session interface {
 	ReceiveMessage() ([]byte, error)
 }

-// An EarlySession is a session that is handshaking.
+// An EarlyConnection is a connection that is handshaking.
 // Data sent during the handshake is encrypted using the forward secure keys.
 // When using client certificates, the client's identity is only verified
 // after completion of the handshake.
-type EarlySession interface {
-	Session
+type EarlyConnection interface {
+	Connection

-	// Blocks until the handshake completes (or fails).
+	// HandshakeComplete blocks until the handshake completes (or fails).
 	// Data sent before completion of the handshake is encrypted with 1-RTT keys.
 	// Note that the client's identity hasn't been verified yet.
 	HandshakeComplete() context.Context

-	NextSession() Session
+	NextConnection() Connection
 }

 // Config contains all configuration data needed for a QUIC server or client.
@@ -266,6 +266,13 @@ type Config struct {
 	// MaxConnectionReceiveWindow is the connection-level flow control window for receiving data.
 	// If this value is zero, it will default to 15 MB.
 	MaxConnectionReceiveWindow uint64
+	// AllowConnectionWindowIncrease is called every time the connection flow controller attempts
+	// to increase the connection flow control window.
+	// If set, the caller can prevent an increase of the window. Typically, it would do so to
+	// limit the memory usage.
+	// To avoid deadlocks, it is not valid to call other functions on the connection or on streams
+	// in this callback.
+	AllowConnectionWindowIncrease func(sess Connection, delta uint64) bool
 	// MaxIncomingStreams is the maximum number of concurrent bidirectional streams that a peer is allowed to open.
 	// Values above 2^60 are invalid.
 	// If not set, it will default to 100.
@@ -279,11 +286,13 @@ type Config struct {
 	// The StatelessResetKey is used to generate stateless reset tokens.
 	// If no key is configured, sending of stateless resets is disabled.
 	StatelessResetKey []byte
-	// KeepAlive defines whether this peer will periodically send a packet to keep the connection alive.
-	KeepAlive bool
+	// KeepAlivePeriod defines whether this peer will periodically send a packet to keep the connection alive.
+	// If set to 0, then no keep alive is sent. Otherwise, the keep alive is sent on that period (or at most
+	// every half of MaxIdleTimeout, whichever is smaller).
+	KeepAlivePeriod time.Duration
 	// DisablePathMTUDiscovery disables Path MTU Discovery (RFC 8899).
 	// Packets will then be at most 1252 (IPv4) / 1232 (IPv6) bytes in size.
-	// Note that Path MTU discovery is always disabled on Windows, see https://github.com/lucas-clemente/quic-go/issues/3273.
+	// Note that if Path MTU discovery is causing issues on your system, please open a new issue
 	DisablePathMTUDiscovery bool
 	// DisableVersionNegotiationPackets disables the sending of Version Negotiation packets.
 	// This can be useful if version information is exchanged out-of-band.
@@ -304,21 +313,21 @@ type ConnectionState struct {

 // A Listener for incoming QUIC connections
 type Listener interface {
-	// Close the server. All active sessions will be closed.
+	// Close the server. All active connections will be closed.
 	Close() error
 	// Addr returns the local network addr that the server is listening on.
 	Addr() net.Addr
-	// Accept returns new sessions. It should be called in a loop.
-	Accept(context.Context) (Session, error)
+	// Accept returns new connections. It should be called in a loop.
+	Accept(context.Context) (Connection, error)
 }

 // An EarlyListener listens for incoming QUIC connections,
 // and returns them before the handshake completes.
 type EarlyListener interface {
-	// Close the server. All active sessions will be closed.
+	// Close the server. All active connections will be closed.
 	Close() error
 	// Addr returns the local network addr that the server is listening on.
 	Addr() net.Addr
-	// Accept returns new early sessions. It should be called in a loop.
-	Accept(context.Context) (EarlySession, error)
+	// Accept returns new early connections. It should be called in a loop.
+	Accept(context.Context) (EarlyConnection, error)
 }