TUN-6191: Update quic-go to v0.27.1 and with custom patch to allow keep alive period to be configurable

The idle period is set to 5sec.

We now also ping every second since last activity.
This makes the quic.Connection less prone to being closed with
no network activity, since we send multiple pings per idle
period, and thus a single packet loss cannot cause the problem.

vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/base_flow_controller.go

@@ -23,6 +23,8 @@ type baseFlowController struct {
 	receiveWindowSize    protocol.ByteCount
 	maxReceiveWindowSize protocol.ByteCount
 
+	allowWindowIncrease func(size protocol.ByteCount) bool
+
 	epochStartTime   time.Time
 	epochStartOffset protocol.ByteCount
 	rttStats         *utils.RTTStats
@@ -105,7 +107,10 @@ func (c *baseFlowController) maybeAdjustWindowSize() {
 	now := time.Now()
 	if now.Sub(c.epochStartTime) < time.Duration(4*fraction*float64(rtt)) {
 		// window is consumed too fast, try to increase the window size
-		c.receiveWindowSize = utils.MinByteCount(2*c.receiveWindowSize, c.maxReceiveWindowSize)
+		newSize := utils.MinByteCount(2*c.receiveWindowSize, c.maxReceiveWindowSize)
+		if newSize > c.receiveWindowSize && (c.allowWindowIncrease == nil || c.allowWindowIncrease(newSize-c.receiveWindowSize)) {
+			c.receiveWindowSize = newSize
+		}
 	}
 	c.startNewAutoTuningEpoch(now)
 }

vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/connection_flow_controller.go

@@ -19,11 +19,12 @@ type connectionFlowController struct {
 var _ ConnectionFlowController = &connectionFlowController{}
 
 // NewConnectionFlowController gets a new flow controller for the connection
-// It is created before we receive the peer's transport paramenters, thus it starts with a sendWindow of 0.
+// It is created before we receive the peer's transport parameters, thus it starts with a sendWindow of 0.
 func NewConnectionFlowController(
 	receiveWindow protocol.ByteCount,
 	maxReceiveWindow protocol.ByteCount,
 	queueWindowUpdate func(),
+	allowWindowIncrease func(size protocol.ByteCount) bool,
 	rttStats *utils.RTTStats,
 	logger utils.Logger,
 ) ConnectionFlowController {
@@ -33,6 +34,7 @@ func NewConnectionFlowController(
 			receiveWindow:        receiveWindow,
 			receiveWindowSize:    receiveWindow,
 			maxReceiveWindowSize: maxReceiveWindow,
+			allowWindowIncrease:  allowWindowIncrease,
 			logger:               logger,
 		},
 		queueWindowUpdate: queueWindowUpdate,
@@ -85,13 +87,16 @@ func (c *connectionFlowController) EnsureMinimumWindowSize(inc protocol.ByteCoun
 	c.mutex.Lock()
 	if inc > c.receiveWindowSize {
 		c.logger.Debugf("Increasing receive flow control window for the connection to %d kB, in response to stream flow control window increase", c.receiveWindowSize/(1<<10))
-		c.receiveWindowSize = utils.MinByteCount(inc, c.maxReceiveWindowSize)
+		newSize := utils.MinByteCount(inc, c.maxReceiveWindowSize)
+		if delta := newSize - c.receiveWindowSize; delta > 0 && c.allowWindowIncrease(delta) {
+			c.receiveWindowSize = newSize
+		}
 		c.startNewAutoTuningEpoch(time.Now())
 	}
 	c.mutex.Unlock()
 }
 
-// The flow controller is reset when 0-RTT is rejected.
+// Reset rests the flow controller. This happens when 0-RTT is rejected.
 // All stream data is invalidated, it's if we had never opened a stream and never sent any data.
 // At that point, we only have sent stream data, but we didn't have the keys to open 1-RTT keys yet.
 func (c *connectionFlowController) Reset() error {

vendor/github.com/lucas-clemente/quic-go/internal/protocol/params.go

@@ -14,7 +14,7 @@ const InitialPacketSizeIPv6 = 1232
 // MaxCongestionWindowPackets is the maximum congestion window in packet.
 const MaxCongestionWindowPackets = 10000
 
-// MaxUndecryptablePackets limits the number of undecryptable packets that are queued in the session.
+// MaxUndecryptablePackets limits the number of undecryptable packets that are queued in the connection.
 const MaxUndecryptablePackets = 32
 
 // ConnectionFlowControlMultiplier determines how much larger the connection flow control windows needs to be relative to any stream's flow control window
@@ -45,8 +45,8 @@ const DefaultMaxIncomingUniStreams = 100
 // MaxServerUnprocessedPackets is the max number of packets stored in the server that are not yet processed.
 const MaxServerUnprocessedPackets = 1024
 
-// MaxSessionUnprocessedPackets is the max number of packets stored in each session that are not yet processed.
-const MaxSessionUnprocessedPackets = 256
+// MaxConnUnprocessedPackets is the max number of packets stored in each connection that are not yet processed.
+const MaxConnUnprocessedPackets = 256
 
 // SkipPacketInitialPeriod is the initial period length used for packet number skipping to prevent an Optimistic ACK attack.
 // Every time a packet number is skipped, the period is doubled, up to SkipPacketMaxPeriod.
@@ -55,7 +55,7 @@ const SkipPacketInitialPeriod PacketNumber = 256
 // SkipPacketMaxPeriod is the maximum period length used for packet number skipping.
 const SkipPacketMaxPeriod PacketNumber = 128 * 1024
 
-// MaxAcceptQueueSize is the maximum number of sessions that the server queues for accepting.
+// MaxAcceptQueueSize is the maximum number of connections that the server queues for accepting.
 // If the queue is full, new connection attempts will be rejected.
 const MaxAcceptQueueSize = 32
 
@@ -112,7 +112,7 @@ const DefaultHandshakeTimeout = 10 * time.Second
 // It should be shorter than the time that NATs clear their mapping.
 const MaxKeepAliveInterval = 20 * time.Second
 
-// RetiredConnectionIDDeleteTimeout is the time we keep closed sessions around in order to retransmit the CONNECTION_CLOSE.
+// RetiredConnectionIDDeleteTimeout is the time we keep closed connections around in order to retransmit the CONNECTION_CLOSE.
 // after this time all information about the old connection will be deleted
 const RetiredConnectionIDDeleteTimeout = 5 * time.Second
 
@@ -189,7 +189,7 @@ const Max0RTTQueueingDuration = 100 * time.Millisecond
 const Max0RTTQueues = 32
 
 // Max0RTTQueueLen is the maximum number of 0-RTT packets that we buffer for each connection.
-// When a new session is created, all buffered packets are passed to the session immediately.
-// To avoid blocking, this value has to be smaller than MaxSessionUnprocessedPackets.
-// To avoid packets being dropped as undecryptable by the session, this value has to be smaller than MaxUndecryptablePackets.
+// When a new connection is created, all buffered packets are passed to the connection immediately.
+// To avoid blocking, this value has to be smaller than MaxConnUnprocessedPackets.
+// To avoid packets being dropped as undecryptable by the connection, this value has to be smaller than MaxUndecryptablePackets.
 const Max0RTTQueueLen = 31

vendor/github.com/lucas-clemente/quic-go/internal/qtls/go119.go

@@ -3,4 +3,4 @@
 
 package qtls
 
-var _ int = "quic-go doesn't build on Go 1.19 yet."
+var _ int = "The version of quic-go you're using can't be built on Go 1.19 yet. For more details, please see https://github.com/lucas-clemente/quic-go/wiki/quic-go-and-Go-versions."

vendor/github.com/lucas-clemente/quic-go/internal/qtls/go_oldversion.go

@@ -0,0 +1,7 @@
+//go:build (go1.9 || go1.10 || go1.11 || go1.12 || go1.13 || go1.14 || go1.15) && !go1.16
+// +build go1.9 go1.10 go1.11 go1.12 go1.13 go1.14 go1.15
+// +build !go1.16
+
+package qtls
+
+var _ int = "The version of quic-go you're using can't be built using outdated Go versions. For more details, please see https://github.com/lucas-clemente/quic-go/wiki/quic-go-and-Go-versions."