github.com/tumi8/quic-go@v0.37.4-tum/connection.go (about)

     1  package quic
     2  
     3  import (
     4  	"bytes"
     5  	"context"
     6  	"crypto/tls"
     7  	"errors"
     8  	"fmt"
     9  	"io"
    10  	"net"
    11  	"reflect"
    12  	"sync"
    13  	"sync/atomic"
    14  	"time"
    15  
    16  	"github.com/tumi8/quic-go/noninternal/ackhandler"
    17  	"github.com/tumi8/quic-go/noninternal/flowcontrol"
    18  	"github.com/tumi8/quic-go/noninternal/handshake"
    19  	"github.com/tumi8/quic-go/noninternal/logutils"
    20  	"github.com/tumi8/quic-go/noninternal/protocol"
    21  	"github.com/tumi8/quic-go/noninternal/qerr"
    22  	"github.com/tumi8/quic-go/noninternal/utils"
    23  	"github.com/tumi8/quic-go/noninternal/wire"
    24  	"github.com/tumi8/quic-go/logging"
    25  )
    26  
    27  type unpacker interface {
    28  	UnpackLongHeader(hdr *wire.Header, rcvTime time.Time, data []byte, v protocol.VersionNumber) (*unpackedPacket, error)
    29  	UnpackShortHeader(rcvTime time.Time, data []byte) (protocol.PacketNumber, protocol.PacketNumberLen, protocol.KeyPhaseBit, []byte, error)
    30  }
    31  
    32  type streamGetter interface {
    33  	GetOrOpenReceiveStream(protocol.StreamID) (receiveStreamI, error)
    34  	GetOrOpenSendStream(protocol.StreamID) (sendStreamI, error)
    35  }
    36  
    37  type streamManager interface {
    38  	GetOrOpenSendStream(protocol.StreamID) (sendStreamI, error)
    39  	GetOrOpenReceiveStream(protocol.StreamID) (receiveStreamI, error)
    40  	OpenStream() (Stream, error)
    41  	OpenUniStream() (SendStream, error)
    42  	OpenStreamSync(context.Context) (Stream, error)
    43  	OpenUniStreamSync(context.Context) (SendStream, error)
    44  	AcceptStream(context.Context) (Stream, error)
    45  	AcceptUniStream(context.Context) (ReceiveStream, error)
    46  	DeleteStream(protocol.StreamID) error
    47  	UpdateLimits(*wire.TransportParameters)
    48  	HandleMaxStreamsFrame(*wire.MaxStreamsFrame)
    49  	CloseWithError(error)
    50  	ResetFor0RTT()
    51  	UseResetMaps()
    52  }
    53  
    54  type cryptoStreamHandler interface {
    55  	StartHandshake() error
    56  	ChangeConnectionID(protocol.ConnectionID)
    57  	SetLargest1RTTAcked(protocol.PacketNumber) error
    58  	SetHandshakeConfirmed()
    59  	GetSessionTicket() ([]byte, error)
    60  	NextEvent() handshake.Event
    61  	DiscardInitialKeys()
    62  	io.Closer
    63  	ConnectionState() handshake.ConnectionState
    64  }
    65  
    66  type receivedPacket struct {
    67  	buffer *packetBuffer
    68  
    69  	remoteAddr net.Addr
    70  	rcvTime    time.Time
    71  	data       []byte
    72  
    73  	ecn protocol.ECN
    74  
    75  	info packetInfo // only valid if the contained IP address is valid
    76  }
    77  
    78  func (p *receivedPacket) Size() protocol.ByteCount { return protocol.ByteCount(len(p.data)) }
    79  
    80  func (p *receivedPacket) Clone() *receivedPacket {
    81  	return &receivedPacket{
    82  		remoteAddr: p.remoteAddr,
    83  		rcvTime:    p.rcvTime,
    84  		data:       p.data,
    85  		buffer:     p.buffer,
    86  		ecn:        p.ecn,
    87  		info:       p.info,
    88  	}
    89  }
    90  
    91  type connRunner interface {
    92  	Add(protocol.ConnectionID, packetHandler) bool
    93  	GetStatelessResetToken(protocol.ConnectionID) protocol.StatelessResetToken
    94  	Retire(protocol.ConnectionID)
    95  	Remove(protocol.ConnectionID)
    96  	ReplaceWithClosed([]protocol.ConnectionID, protocol.Perspective, []byte)
    97  	AddResetToken(protocol.StatelessResetToken, packetHandler)
    98  	RemoveResetToken(protocol.StatelessResetToken)
    99  }
   100  
   101  type closeError struct {
   102  	err       error
   103  	remote    bool
   104  	immediate bool
   105  }
   106  
   107  type errCloseForRecreating struct {
   108  	nextPacketNumber protocol.PacketNumber
   109  	nextVersion      protocol.VersionNumber
   110  }
   111  
   112  func (e *errCloseForRecreating) Error() string {
   113  	return "closing connection in order to recreate it"
   114  }
   115  
   116  var connTracingID uint64        // to be accessed atomically
   117  func nextConnTracingID() uint64 { return atomic.AddUint64(&connTracingID, 1) }
   118  
   119  // A Connection is a QUIC connection
   120  type connection struct {
   121  	// Destination connection ID used during the handshake.
   122  	// Used to check source connection ID on incoming packets.
   123  	handshakeDestConnID protocol.ConnectionID
   124  	// Set for the client. Destination connection ID used on the first Initial sent.
   125  	origDestConnID protocol.ConnectionID
   126  	retrySrcConnID *protocol.ConnectionID // only set for the client (and if a Retry was performed)
   127  
   128  	srcConnIDLen int
   129  
   130  	perspective protocol.Perspective
   131  	version     protocol.VersionNumber
   132  	config      *Config
   133  
   134  	conn      sendConn
   135  	sendQueue sender
   136  
   137  	streamsMap      streamManager
   138  	connIDManager   *connIDManager
   139  	connIDGenerator *connIDGenerator
   140  
   141  	rttStats *utils.RTTStats
   142  
   143  	cryptoStreamManager   *cryptoStreamManager
   144  	sentPacketHandler     ackhandler.SentPacketHandler
   145  	receivedPacketHandler ackhandler.ReceivedPacketHandler
   146  	retransmissionQueue   *retransmissionQueue
   147  	framer                framer
   148  	windowUpdateQueue     *windowUpdateQueue
   149  	connFlowController    flowcontrol.ConnectionFlowController
   150  	tokenStoreKey         string                    // only set for the client
   151  	tokenGenerator        *handshake.TokenGenerator // only set for the server
   152  
   153  	unpacker      unpacker
   154  	frameParser   wire.FrameParser
   155  	packer        packer
   156  	mtuDiscoverer mtuDiscoverer // initialized when the handshake completes
   157  
   158  	initialStream       cryptoStream
   159  	handshakeStream     cryptoStream
   160  	oneRTTStream        cryptoStream // only set for the server
   161  	cryptoStreamHandler cryptoStreamHandler
   162  
   163  	receivedPackets  chan receivedPacket
   164  	sendingScheduled chan struct{}
   165  
   166  	closeOnce sync.Once
   167  	// closeChan is used to notify the run loop that it should terminate
   168  	closeChan chan closeError
   169  
   170  	ctx                context.Context
   171  	ctxCancel          context.CancelCauseFunc
   172  	handshakeCtx       context.Context
   173  	handshakeCtxCancel context.CancelFunc
   174  
   175  	undecryptablePackets          []receivedPacket // undecryptable packets, waiting for a change in encryption level
   176  	undecryptablePacketsToProcess []receivedPacket
   177  
   178  	earlyConnReadyChan chan struct{}
   179  	sentFirstPacket    bool
   180  	handshakeComplete  bool
   181  	handshakeConfirmed bool
   182  
   183  	ReceivedRetry       bool
   184  	versionNegotiated   bool
   185  	receivedFirstPacket bool
   186  
   187  	// the minimum of the max_idle_timeout values advertised by both endpoints
   188  	idleTimeout  time.Duration
   189  	creationTime time.Time
   190  	// The idle timeout is set based on the max of the time we received the last packet...
   191  	lastPacketReceivedTime time.Time
   192  	// ... and the time we sent a new ack-eliciting packet after receiving a packet.
   193  	firstAckElicitingPacketAfterIdleSentTime time.Time
   194  	// pacingDeadline is the time when the next packet should be sent
   195  	pacingDeadline time.Time
   196  
   197  	// Exposes PeerParams
   198  	PeerParams *wire.TransportParameters
   199  
   200  	timer connectionTimer
   201  	// keepAlivePingSent stores whether a keep alive PING is in flight.
   202  	// It is reset as soon as we receive a packet from the peer.
   203  	keepAlivePingSent bool
   204  	keepAliveInterval time.Duration
   205  
   206  	datagramQueue *datagramQueue
   207  
   208  	connStateMutex sync.Mutex
   209  	connState      ConnectionState
   210  
   211  	logID  string
   212  	tracer logging.ConnectionTracer
   213  	logger utils.Logger
   214  }
   215  
   216  var (
   217  	_ Connection      = &connection{}
   218  	_ EarlyConnection = &connection{}
   219  	_ streamSender    = &connection{}
   220  )
   221  
   222  var newConnection = func(
   223  	conn sendConn,
   224  	runner connRunner,
   225  	origDestConnID protocol.ConnectionID,
   226  	retrySrcConnID *protocol.ConnectionID,
   227  	clientDestConnID protocol.ConnectionID,
   228  	destConnID protocol.ConnectionID,
   229  	srcConnID protocol.ConnectionID,
   230  	connIDGenerator ConnectionIDGenerator,
   231  	statelessResetToken protocol.StatelessResetToken,
   232  	conf *Config,
   233  	tlsConf *tls.Config,
   234  	tokenGenerator *handshake.TokenGenerator,
   235  	clientAddressValidated bool,
   236  	tracer logging.ConnectionTracer,
   237  	tracingID uint64,
   238  	logger utils.Logger,
   239  	v protocol.VersionNumber,
   240  ) quicConn {
   241  	s := &connection{
   242  		conn:                conn,
   243  		config:              conf,
   244  		handshakeDestConnID: destConnID,
   245  		srcConnIDLen:        srcConnID.Len(),
   246  		tokenGenerator:      tokenGenerator,
   247  		oneRTTStream:        newCryptoStream(),
   248  		perspective:         protocol.PerspectiveServer,
   249  		tracer:              tracer,
   250  		logger:              logger,
   251  		version:             v,
   252  	}
   253  	if origDestConnID.Len() > 0 {
   254  		s.logID = origDestConnID.String()
   255  	} else {
   256  		s.logID = destConnID.String()
   257  	}
   258  	s.connIDManager = newConnIDManager(
   259  		destConnID,
   260  		func(token protocol.StatelessResetToken) { runner.AddResetToken(token, s) },
   261  		runner.RemoveResetToken,
   262  		s.queueControlFrame,
   263  	)
   264  	s.connIDGenerator = newConnIDGenerator(
   265  		srcConnID,
   266  		&clientDestConnID,
   267  		func(connID protocol.ConnectionID) { runner.Add(connID, s) },
   268  		runner.GetStatelessResetToken,
   269  		runner.Remove,
   270  		runner.Retire,
   271  		runner.ReplaceWithClosed,
   272  		s.queueControlFrame,
   273  		connIDGenerator,
   274  	)
   275  	s.preSetup()
   276  	s.ctx, s.ctxCancel = context.WithCancelCause(context.WithValue(context.Background(), ConnectionTracingKey, tracingID))
   277  	s.sentPacketHandler, s.receivedPacketHandler = ackhandler.NewAckHandler(
   278  		0,
   279  		getMaxPacketSize(s.conn.RemoteAddr()),
   280  		s.rttStats,
   281  		clientAddressValidated,
   282  		s.perspective,
   283  		s.tracer,
   284  		s.logger,
   285  	)
   286  	s.mtuDiscoverer = newMTUDiscoverer(s.rttStats, getMaxPacketSize(s.conn.RemoteAddr()), s.sentPacketHandler.SetMaxDatagramSize)
   287  	params := &wire.TransportParameters{
   288  		InitialMaxStreamDataBidiLocal:   protocol.ByteCount(s.config.InitialStreamReceiveWindow),
   289  		InitialMaxStreamDataBidiRemote:  protocol.ByteCount(s.config.InitialStreamReceiveWindow),
   290  		InitialMaxStreamDataUni:         protocol.ByteCount(s.config.InitialStreamReceiveWindow),
   291  		InitialMaxData:                  protocol.ByteCount(s.config.InitialConnectionReceiveWindow),
   292  		MaxIdleTimeout:                  s.config.MaxIdleTimeout,
   293  		MaxBidiStreamNum:                protocol.StreamNum(s.config.MaxIncomingStreams),
   294  		MaxUniStreamNum:                 protocol.StreamNum(s.config.MaxIncomingUniStreams),
   295  		MaxAckDelay:                     protocol.MaxAckDelayInclGranularity,
   296  		AckDelayExponent:                protocol.AckDelayExponent,
   297  		DisableActiveMigration:          true,
   298  		StatelessResetToken:             &statelessResetToken,
   299  		OriginalDestinationConnectionID: origDestConnID,
   300  		// For interoperability with quic-go versions before May 2023, this value must be set to a value
   301  		// different from protocol.DefaultActiveConnectionIDLimit.
   302  		// If set to the default value, it will be omitted from the transport parameters, which will make
   303  		// old quic-go versions interpret it as 0, instead of the default value of 2.
   304  		// See https://github.com/tumi8/quic-go/pull/3806.
   305  		ActiveConnectionIDLimit:   protocol.MaxActiveConnectionIDs,
   306  		InitialSourceConnectionID: srcConnID,
   307  		RetrySourceConnectionID:   retrySrcConnID,
   308  	}
   309  	if s.config.EnableDatagrams {
   310  		params.MaxDatagramFrameSize = protocol.MaxDatagramFrameSize
   311  	} else {
   312  		params.MaxDatagramFrameSize = protocol.InvalidByteCount
   313  	}
   314  	if s.tracer != nil {
   315  		s.tracer.SentTransportParameters(params)
   316  	}
   317  	cs := handshake.NewCryptoSetupServer(
   318  		clientDestConnID,
   319  		conn.LocalAddr(),
   320  		conn.RemoteAddr(),
   321  		params,
   322  		tlsConf,
   323  		conf.Allow0RTT,
   324  		s.rttStats,
   325  		tracer,
   326  		logger,
   327  		s.version,
   328  	)
   329  	s.cryptoStreamHandler = cs
   330  	s.packer = newPacketPacker(srcConnID, s.connIDManager.Get, s.initialStream, s.handshakeStream, s.sentPacketHandler, s.retransmissionQueue, cs, s.framer, s.receivedPacketHandler, s.datagramQueue, s.perspective)
   331  	s.unpacker = newPacketUnpacker(cs, s.srcConnIDLen)
   332  	s.cryptoStreamManager = newCryptoStreamManager(cs, s.initialStream, s.handshakeStream, s.oneRTTStream)
   333  	return s
   334  }
   335  
   336  // declare this as a variable, such that we can it mock it in the tests
   337  var newClientConnection = func(
   338  	conn sendConn,
   339  	runner connRunner,
   340  	destConnID protocol.ConnectionID,
   341  	srcConnID protocol.ConnectionID,
   342  	connIDGenerator ConnectionIDGenerator,
   343  	conf *Config,
   344  	tlsConf *tls.Config,
   345  	initialPacketNumber protocol.PacketNumber,
   346  	enable0RTT bool,
   347  	hasNegotiatedVersion bool,
   348  	tracer logging.ConnectionTracer,
   349  	tracingID uint64,
   350  	logger utils.Logger,
   351  	v protocol.VersionNumber,
   352  ) quicConn {
   353  	s := &connection{
   354  		conn:                conn,
   355  		config:              conf,
   356  		origDestConnID:      destConnID,
   357  		handshakeDestConnID: destConnID,
   358  		srcConnIDLen:        srcConnID.Len(),
   359  		perspective:         protocol.PerspectiveClient,
   360  		logID:               destConnID.String(),
   361  		logger:              logger,
   362  		tracer:              tracer,
   363  		versionNegotiated:   hasNegotiatedVersion,
   364  		version:             v,
   365  	}
   366  	s.connIDManager = newConnIDManager(
   367  		destConnID,
   368  		func(token protocol.StatelessResetToken) { runner.AddResetToken(token, s) },
   369  		runner.RemoveResetToken,
   370  		s.queueControlFrame,
   371  	)
   372  	s.connIDGenerator = newConnIDGenerator(
   373  		srcConnID,
   374  		nil,
   375  		func(connID protocol.ConnectionID) { runner.Add(connID, s) },
   376  		runner.GetStatelessResetToken,
   377  		runner.Remove,
   378  		runner.Retire,
   379  		runner.ReplaceWithClosed,
   380  		s.queueControlFrame,
   381  		connIDGenerator,
   382  	)
   383  	s.preSetup()
   384  	s.ctx, s.ctxCancel = context.WithCancelCause(context.WithValue(context.Background(), ConnectionTracingKey, tracingID))
   385  	s.sentPacketHandler, s.receivedPacketHandler = ackhandler.NewAckHandler(
   386  		initialPacketNumber,
   387  		getMaxPacketSize(s.conn.RemoteAddr()),
   388  		s.rttStats,
   389  		false, /* has no effect */
   390  		s.perspective,
   391  		s.tracer,
   392  		s.logger,
   393  	)
   394  	s.mtuDiscoverer = newMTUDiscoverer(s.rttStats, getMaxPacketSize(s.conn.RemoteAddr()), s.sentPacketHandler.SetMaxDatagramSize)
   395  	oneRTTStream := newCryptoStream()
   396  	params := &wire.TransportParameters{
   397  		InitialMaxStreamDataBidiRemote: protocol.ByteCount(s.config.InitialStreamReceiveWindow),
   398  		InitialMaxStreamDataBidiLocal:  protocol.ByteCount(s.config.InitialStreamReceiveWindow),
   399  		InitialMaxStreamDataUni:        protocol.ByteCount(s.config.InitialStreamReceiveWindow),
   400  		InitialMaxData:                 protocol.ByteCount(s.config.InitialConnectionReceiveWindow),
   401  		MaxIdleTimeout:                 s.config.MaxIdleTimeout,
   402  		MaxBidiStreamNum:               protocol.StreamNum(s.config.MaxIncomingStreams),
   403  		MaxUniStreamNum:                protocol.StreamNum(s.config.MaxIncomingUniStreams),
   404  		MaxAckDelay:                    protocol.MaxAckDelayInclGranularity,
   405  		AckDelayExponent:               protocol.AckDelayExponent,
   406  		DisableActiveMigration:         true,
   407  		// For interoperability with quic-go versions before May 2023, this value must be set to a value
   408  		// different from protocol.DefaultActiveConnectionIDLimit.
   409  		// If set to the default value, it will be omitted from the transport parameters, which will make
   410  		// old quic-go versions interpret it as 0, instead of the default value of 2.
   411  		// See https://github.com/tumi8/quic-go/pull/3806.
   412  		ActiveConnectionIDLimit:   protocol.MaxActiveConnectionIDs,
   413  		InitialSourceConnectionID: srcConnID,
   414  	}
   415  	if s.config.EnableDatagrams {
   416  		params.MaxDatagramFrameSize = protocol.MaxDatagramFrameSize
   417  	} else {
   418  		params.MaxDatagramFrameSize = protocol.InvalidByteCount
   419  	}
   420  	if s.tracer != nil {
   421  		s.tracer.SentTransportParameters(params)
   422  	}
   423  	cs := handshake.NewCryptoSetupClient(
   424  		destConnID,
   425  		params,
   426  		tlsConf,
   427  		enable0RTT,
   428  		s.rttStats,
   429  		tracer,
   430  		logger,
   431  		s.version,
   432  	)
   433  	s.cryptoStreamHandler = cs
   434  	s.cryptoStreamManager = newCryptoStreamManager(cs, s.initialStream, s.handshakeStream, oneRTTStream)
   435  	s.unpacker = newPacketUnpacker(cs, s.srcConnIDLen)
   436  	s.packer = newPacketPacker(srcConnID, s.connIDManager.Get, s.initialStream, s.handshakeStream, s.sentPacketHandler, s.retransmissionQueue, cs, s.framer, s.receivedPacketHandler, s.datagramQueue, s.perspective)
   437  	if len(tlsConf.ServerName) > 0 {
   438  		s.tokenStoreKey = tlsConf.ServerName
   439  	} else {
   440  		s.tokenStoreKey = conn.RemoteAddr().String()
   441  	}
   442  	if s.config.TokenStore != nil {
   443  		if token := s.config.TokenStore.Pop(s.tokenStoreKey); token != nil {
   444  			s.packer.SetToken(token.data)
   445  		}
   446  	}
   447  	return s
   448  }
   449  
   450  func (s *connection) preSetup() {
   451  	s.initialStream = newCryptoStream()
   452  	s.handshakeStream = newCryptoStream()
   453  	s.sendQueue = newSendQueue(s.conn)
   454  	s.retransmissionQueue = newRetransmissionQueue()
   455  	s.frameParser = wire.NewFrameParser(s.config.EnableDatagrams)
   456  	s.rttStats = &utils.RTTStats{}
   457  	s.connFlowController = flowcontrol.NewConnectionFlowController(
   458  		protocol.ByteCount(s.config.InitialConnectionReceiveWindow),
   459  		protocol.ByteCount(s.config.MaxConnectionReceiveWindow),
   460  		s.onHasConnectionWindowUpdate,
   461  		func(size protocol.ByteCount) bool {
   462  			if s.config.AllowConnectionWindowIncrease == nil {
   463  				return true
   464  			}
   465  			return s.config.AllowConnectionWindowIncrease(s, uint64(size))
   466  		},
   467  		s.rttStats,
   468  		s.logger,
   469  	)
   470  	s.earlyConnReadyChan = make(chan struct{})
   471  	s.streamsMap = newStreamsMap(
   472  		s,
   473  		s.newFlowController,
   474  		uint64(s.config.MaxIncomingStreams),
   475  		uint64(s.config.MaxIncomingUniStreams),
   476  		s.perspective,
   477  	)
   478  	s.framer = newFramer(s.streamsMap)
   479  	s.receivedPackets = make(chan receivedPacket, protocol.MaxConnUnprocessedPackets)
   480  	s.closeChan = make(chan closeError, 1)
   481  	s.sendingScheduled = make(chan struct{}, 1)
   482  	s.handshakeCtx, s.handshakeCtxCancel = context.WithCancel(context.Background())
   483  
   484  	now := time.Now()
   485  	s.lastPacketReceivedTime = now
   486  	s.creationTime = now
   487  
   488  	s.windowUpdateQueue = newWindowUpdateQueue(s.streamsMap, s.connFlowController, s.framer.QueueControlFrame)
   489  	s.datagramQueue = newDatagramQueue(s.scheduleSending, s.logger)
   490  	s.connState.Version = s.version
   491  }
   492  
   493  // run the connection main loop
   494  func (s *connection) run() error {
   495  	var closeErr closeError
   496  	defer func() {
   497  		s.ctxCancel(closeErr.err)
   498  	}()
   499  
   500  	s.timer = *newTimer()
   501  
   502  	if err := s.cryptoStreamHandler.StartHandshake(); err != nil {
   503  		return err
   504  	}
   505  	if err := s.handleHandshakeEvents(); err != nil {
   506  		return err
   507  	}
   508  	go func() {
   509  		if err := s.sendQueue.Run(); err != nil {
   510  			s.destroyImpl(err)
   511  		}
   512  	}()
   513  
   514  	if s.perspective == protocol.PerspectiveClient {
   515  		s.scheduleSending() // so the ClientHello actually gets sent
   516  	}
   517  
   518  	var sendQueueAvailable <-chan struct{}
   519  
   520  runLoop:
   521  	for {
   522  		// Close immediately if requested
   523  		select {
   524  		case closeErr = <-s.closeChan:
   525  			break runLoop
   526  		default:
   527  		}
   528  
   529  		s.maybeResetTimer()
   530  
   531  		var processedUndecryptablePacket bool
   532  		if len(s.undecryptablePacketsToProcess) > 0 {
   533  			queue := s.undecryptablePacketsToProcess
   534  			s.undecryptablePacketsToProcess = nil
   535  			for _, p := range queue {
   536  				if processed := s.handlePacketImpl(p); processed {
   537  					processedUndecryptablePacket = true
   538  				}
   539  				// Don't set timers and send packets if the packet made us close the connection.
   540  				select {
   541  				case closeErr = <-s.closeChan:
   542  					break runLoop
   543  				default:
   544  				}
   545  			}
   546  		}
   547  		// If we processed any undecryptable packets, jump to the resetting of the timers directly.
   548  		if !processedUndecryptablePacket {
   549  			select {
   550  			case closeErr = <-s.closeChan:
   551  				break runLoop
   552  			case <-s.timer.Chan():
   553  				s.timer.SetRead()
   554  				// We do all the interesting stuff after the switch statement, so
   555  				// nothing to see here.
   556  			case <-s.sendingScheduled:
   557  				// We do all the interesting stuff after the switch statement, so
   558  				// nothing to see here.
   559  			case <-sendQueueAvailable:
   560  			case firstPacket := <-s.receivedPackets:
   561  				wasProcessed := s.handlePacketImpl(firstPacket)
   562  				// Don't set timers and send packets if the packet made us close the connection.
   563  				select {
   564  				case closeErr = <-s.closeChan:
   565  					break runLoop
   566  				default:
   567  				}
   568  				if s.handshakeComplete {
   569  					// Now process all packets in the receivedPackets channel.
   570  					// Limit the number of packets to the length of the receivedPackets channel,
   571  					// so we eventually get a chance to send out an ACK when receiving a lot of packets.
   572  					numPackets := len(s.receivedPackets)
   573  				receiveLoop:
   574  					for i := 0; i < numPackets; i++ {
   575  						select {
   576  						case p := <-s.receivedPackets:
   577  							if processed := s.handlePacketImpl(p); processed {
   578  								wasProcessed = true
   579  							}
   580  							select {
   581  							case closeErr = <-s.closeChan:
   582  								break runLoop
   583  							default:
   584  							}
   585  						default:
   586  							break receiveLoop
   587  						}
   588  					}
   589  				}
   590  				// Only reset the timers if this packet was actually processed.
   591  				// This avoids modifying any state when handling undecryptable packets,
   592  				// which could be injected by an attacker.
   593  				if !wasProcessed {
   594  					continue
   595  				}
   596  			}
   597  		}
   598  
   599  		now := time.Now()
   600  		if timeout := s.sentPacketHandler.GetLossDetectionTimeout(); !timeout.IsZero() && timeout.Before(now) {
   601  			// This could cause packets to be retransmitted.
   602  			// Check it before trying to send packets.
   603  			if err := s.sentPacketHandler.OnLossDetectionTimeout(); err != nil {
   604  				s.closeLocal(err)
   605  			}
   606  		}
   607  
   608  		if keepAliveTime := s.nextKeepAliveTime(); !keepAliveTime.IsZero() && !now.Before(keepAliveTime) {
   609  			// send a PING frame since there is no activity in the connection
   610  			s.logger.Debugf("Sending a keep-alive PING to keep the connection alive.")
   611  			s.framer.QueueControlFrame(&wire.PingFrame{})
   612  			s.keepAlivePingSent = true
   613  		} else if !s.handshakeComplete && now.Sub(s.creationTime) >= s.config.handshakeTimeout() {
   614  			s.destroyImpl(qerr.ErrHandshakeTimeout)
   615  			continue
   616  		} else {
   617  			idleTimeoutStartTime := s.idleTimeoutStartTime()
   618  			if (!s.handshakeComplete && now.Sub(idleTimeoutStartTime) >= s.config.HandshakeIdleTimeout) ||
   619  				(s.handshakeComplete && now.After(s.nextIdleTimeoutTime())) {
   620  				s.destroyImpl(qerr.ErrIdleTimeout)
   621  				continue
   622  			}
   623  		}
   624  
   625  		if s.sendQueue.WouldBlock() {
   626  			// The send queue is still busy sending out packets.
   627  			// Wait until there's space to enqueue new packets.
   628  			sendQueueAvailable = s.sendQueue.Available()
   629  			continue
   630  		}
   631  		if err := s.triggerSending(); err != nil {
   632  			s.closeLocal(err)
   633  		}
   634  		if s.sendQueue.WouldBlock() {
   635  			sendQueueAvailable = s.sendQueue.Available()
   636  		} else {
   637  			sendQueueAvailable = nil
   638  		}
   639  	}
   640  
   641  	s.cryptoStreamHandler.Close()
   642  	s.sendQueue.Close() // close the send queue before sending the CONNECTION_CLOSE
   643  	s.handleCloseError(&closeErr)
   644  	if e := (&errCloseForRecreating{}); !errors.As(closeErr.err, &e) && s.tracer != nil {
   645  		s.tracer.Close()
   646  	}
   647  	s.logger.Infof("Connection %s closed.", s.logID)
   648  	s.timer.Stop()
   649  	return closeErr.err
   650  }
   651  
   652  // blocks until the early connection can be used
   653  func (s *connection) earlyConnReady() <-chan struct{} {
   654  	return s.earlyConnReadyChan
   655  }
   656  
   657  func (s *connection) HandshakeComplete() <-chan struct{} {
   658  	return s.handshakeCtx.Done()
   659  }
   660  
   661  func (s *connection) Context() context.Context {
   662  	return s.ctx
   663  }
   664  
   665  func (s *connection) supportsDatagrams() bool {
   666  	return s.PeerParams.MaxDatagramFrameSize > 0
   667  }
   668  
   669  func (s *connection) ConnectionState() ConnectionState {
   670  	s.connStateMutex.Lock()
   671  	defer s.connStateMutex.Unlock()
   672  	cs := s.cryptoStreamHandler.ConnectionState()
   673  	s.connState.TLS = cs.ConnectionState
   674  	s.connState.Info = cs.ConnectionInfo
   675  	s.connState.Used0RTT = cs.Used0RTT
   676  	return s.connState
   677  }
   678  
   679  // Time when the connection should time out
   680  func (s *connection) nextIdleTimeoutTime() time.Time {
   681  	idleTimeout := utils.Max(s.idleTimeout, s.rttStats.PTO(true)*3)
   682  	return s.idleTimeoutStartTime().Add(idleTimeout)
   683  }
   684  
   685  // Time when the next keep-alive packet should be sent.
   686  // It returns a zero time if no keep-alive should be sent.
   687  func (s *connection) nextKeepAliveTime() time.Time {
   688  	if s.config.KeepAlivePeriod == 0 || s.keepAlivePingSent || !s.firstAckElicitingPacketAfterIdleSentTime.IsZero() {
   689  		return time.Time{}
   690  	}
   691  	keepAliveInterval := utils.Max(s.keepAliveInterval, s.rttStats.PTO(true)*3/2)
   692  	return s.lastPacketReceivedTime.Add(keepAliveInterval)
   693  }
   694  
   695  func (s *connection) maybeResetTimer() {
   696  	var deadline time.Time
   697  	if !s.handshakeComplete {
   698  		deadline = utils.MinTime(
   699  			s.creationTime.Add(s.config.handshakeTimeout()),
   700  			s.idleTimeoutStartTime().Add(s.config.HandshakeIdleTimeout),
   701  		)
   702  	} else {
   703  		if keepAliveTime := s.nextKeepAliveTime(); !keepAliveTime.IsZero() {
   704  			deadline = keepAliveTime
   705  		} else {
   706  			deadline = s.nextIdleTimeoutTime()
   707  		}
   708  	}
   709  
   710  	s.timer.SetTimer(
   711  		deadline,
   712  		s.receivedPacketHandler.GetAlarmTimeout(),
   713  		s.sentPacketHandler.GetLossDetectionTimeout(),
   714  		s.pacingDeadline,
   715  	)
   716  }
   717  
   718  func (s *connection) idleTimeoutStartTime() time.Time {
   719  	return utils.MaxTime(s.lastPacketReceivedTime, s.firstAckElicitingPacketAfterIdleSentTime)
   720  }
   721  
   722  func (s *connection) handleHandshakeComplete() error {
   723  	defer s.handshakeCtxCancel()
   724  	// Once the handshake completes, we have derived 1-RTT keys.
   725  	// There's no point in queueing undecryptable packets for later decryption anymore.
   726  	s.undecryptablePackets = nil
   727  
   728  	s.connIDManager.SetHandshakeComplete()
   729  	s.connIDGenerator.SetHandshakeComplete()
   730  
   731  	// The server applies transport parameters right away, but the client side has to wait for handshake completion.
   732  	// During a 0-RTT connection, the client is only allowed to use the new transport parameters for 1-RTT packets.
   733  	if s.perspective == protocol.PerspectiveClient {
   734  		s.applyTransportParameters()
   735  		return nil
   736  	}
   737  
   738  	// All these only apply to the server side.
   739  	if err := s.handleHandshakeConfirmed(); err != nil {
   740  		return err
   741  	}
   742  
   743  	ticket, err := s.cryptoStreamHandler.GetSessionTicket()
   744  	if err != nil {
   745  		return err
   746  	}
   747  	if ticket != nil { // may be nil if session tickets are disabled via tls.Config.SessionTicketsDisabled
   748  		s.oneRTTStream.Write(ticket)
   749  		for s.oneRTTStream.HasData() {
   750  			s.queueControlFrame(s.oneRTTStream.PopCryptoFrame(protocol.MaxPostHandshakeCryptoFrameSize))
   751  		}
   752  	}
   753  	token, err := s.tokenGenerator.NewToken(s.conn.RemoteAddr())
   754  	if err != nil {
   755  		return err
   756  	}
   757  	s.queueControlFrame(&wire.NewTokenFrame{Token: token})
   758  	s.queueControlFrame(&wire.HandshakeDoneFrame{})
   759  	return nil
   760  }
   761  
   762  func (s *connection) handleHandshakeConfirmed() error {
   763  	if err := s.dropEncryptionLevel(protocol.EncryptionHandshake); err != nil {
   764  		return err
   765  	}
   766  
   767  	s.handshakeConfirmed = true
   768  	s.sentPacketHandler.SetHandshakeConfirmed()
   769  	s.cryptoStreamHandler.SetHandshakeConfirmed()
   770  
   771  	if !s.config.DisablePathMTUDiscovery && s.conn.capabilities().DF {
   772  		maxPacketSize := s.PeerParams.MaxUDPPayloadSize
   773  		if maxPacketSize == 0 {
   774  			maxPacketSize = protocol.MaxByteCount
   775  		}
   776  		s.mtuDiscoverer.Start(utils.Min(maxPacketSize, protocol.MaxPacketBufferSize))
   777  	}
   778  	return nil
   779  }
   780  
   781  func (s *connection) handlePacketImpl(rp receivedPacket) bool {
   782  	s.sentPacketHandler.ReceivedBytes(rp.Size())
   783  
   784  	if wire.IsVersionNegotiationPacket(rp.data) {
   785  		s.handleVersionNegotiationPacket(rp)
   786  		return false
   787  	}
   788  
   789  	var counter uint8
   790  	var lastConnID protocol.ConnectionID
   791  	var processed bool
   792  	data := rp.data
   793  	p := rp
   794  	for len(data) > 0 {
   795  		var destConnID protocol.ConnectionID
   796  		if counter > 0 {
   797  			p = *(p.Clone())
   798  			p.data = data
   799  
   800  			var err error
   801  			destConnID, err = wire.ParseConnectionID(p.data, s.srcConnIDLen)
   802  			if err != nil {
   803  				if s.tracer != nil {
   804  					s.tracer.DroppedPacket(logging.PacketTypeNotDetermined, protocol.ByteCount(len(data)), logging.PacketDropHeaderParseError)
   805  				}
   806  				s.logger.Debugf("error parsing packet, couldn't parse connection ID: %s", err)
   807  				break
   808  			}
   809  			if destConnID != lastConnID {
   810  				if s.tracer != nil {
   811  					s.tracer.DroppedPacket(logging.PacketTypeNotDetermined, protocol.ByteCount(len(data)), logging.PacketDropUnknownConnectionID)
   812  				}
   813  				s.logger.Debugf("coalesced packet has different destination connection ID: %s, expected %s", destConnID, lastConnID)
   814  				break
   815  			}
   816  		}
   817  
   818  		if wire.IsLongHeaderPacket(p.data[0]) {
   819  			hdr, packetData, rest, err := wire.ParsePacket(p.data)
   820  			if err != nil {
   821  				if s.tracer != nil {
   822  					dropReason := logging.PacketDropHeaderParseError
   823  					if err == wire.ErrUnsupportedVersion {
   824  						dropReason = logging.PacketDropUnsupportedVersion
   825  					}
   826  					s.tracer.DroppedPacket(logging.PacketTypeNotDetermined, protocol.ByteCount(len(data)), dropReason)
   827  				}
   828  				s.logger.Debugf("error parsing packet: %s", err)
   829  				break
   830  			}
   831  			lastConnID = hdr.DestConnectionID
   832  
   833  			if hdr.Version != s.version {
   834  				if s.tracer != nil {
   835  					s.tracer.DroppedPacket(logging.PacketTypeFromHeader(hdr), protocol.ByteCount(len(data)), logging.PacketDropUnexpectedVersion)
   836  				}
   837  				s.logger.Debugf("Dropping packet with version %x. Expected %x.", hdr.Version, s.version)
   838  				break
   839  			}
   840  
   841  			if counter > 0 {
   842  				p.buffer.Split()
   843  			}
   844  			counter++
   845  
   846  			// only log if this actually a coalesced packet
   847  			if s.logger.Debug() && (counter > 1 || len(rest) > 0) {
   848  				s.logger.Debugf("Parsed a coalesced packet. Part %d: %d bytes. Remaining: %d bytes.", counter, len(packetData), len(rest))
   849  			}
   850  
   851  			p.data = packetData
   852  
   853  			if wasProcessed := s.handleLongHeaderPacket(p, hdr); wasProcessed {
   854  				processed = true
   855  			}
   856  			data = rest
   857  		} else {
   858  			if counter > 0 {
   859  				p.buffer.Split()
   860  			}
   861  			processed = s.handleShortHeaderPacket(p, destConnID)
   862  			break
   863  		}
   864  	}
   865  
   866  	p.buffer.MaybeRelease()
   867  	return processed
   868  }
   869  
   870  func (s *connection) handleShortHeaderPacket(p receivedPacket, destConnID protocol.ConnectionID) bool {
   871  	var wasQueued bool
   872  
   873  	defer func() {
   874  		// Put back the packet buffer if the packet wasn't queued for later decryption.
   875  		if !wasQueued {
   876  			p.buffer.Decrement()
   877  		}
   878  	}()
   879  
   880  	pn, pnLen, keyPhase, data, err := s.unpacker.UnpackShortHeader(p.rcvTime, p.data)
   881  	if err != nil {
   882  		wasQueued = s.handleUnpackError(err, p, logging.PacketType1RTT)
   883  		return false
   884  	}
   885  
   886  	if s.logger.Debug() {
   887  		s.logger.Debugf("<- Reading packet %d (%d bytes) for connection %s, 1-RTT", pn, p.Size(), destConnID)
   888  		wire.LogShortHeader(s.logger, destConnID, pn, pnLen, keyPhase)
   889  	}
   890  
   891  	if s.receivedPacketHandler.IsPotentiallyDuplicate(pn, protocol.Encryption1RTT) {
   892  		s.logger.Debugf("Dropping (potentially) duplicate packet.")
   893  		if s.tracer != nil {
   894  			s.tracer.DroppedPacket(logging.PacketType1RTT, p.Size(), logging.PacketDropDuplicate)
   895  		}
   896  		return false
   897  	}
   898  
   899  	var log func([]logging.Frame)
   900  	if s.tracer != nil {
   901  		log = func(frames []logging.Frame) {
   902  			s.tracer.ReceivedShortHeaderPacket(
   903  				&logging.ShortHeader{
   904  					DestConnectionID: destConnID,
   905  					PacketNumber:     pn,
   906  					PacketNumberLen:  pnLen,
   907  					KeyPhase:         keyPhase,
   908  				},
   909  				p.Size(),
   910  				frames,
   911  			)
   912  		}
   913  	}
   914  	if err := s.handleUnpackedShortHeaderPacket(destConnID, pn, data, p.ecn, p.rcvTime, log); err != nil {
   915  		s.closeLocal(err)
   916  		return false
   917  	}
   918  	return true
   919  }
   920  
   921  func (s *connection) handleLongHeaderPacket(p receivedPacket, hdr *wire.Header) bool /* was the packet successfully processed */ {
   922  	var wasQueued bool
   923  
   924  	defer func() {
   925  		// Put back the packet buffer if the packet wasn't queued for later decryption.
   926  		if !wasQueued {
   927  			p.buffer.Decrement()
   928  		}
   929  	}()
   930  
   931  	if hdr.Type == protocol.PacketTypeRetry {
   932  		return s.handleRetryPacket(hdr, p.data)
   933  	}
   934  
   935  	// The server can change the source connection ID with the first Handshake packet.
   936  	// After this, all packets with a different source connection have to be ignored.
   937  	if s.receivedFirstPacket && hdr.Type == protocol.PacketTypeInitial && hdr.SrcConnectionID != s.handshakeDestConnID {
   938  		if s.tracer != nil {
   939  			s.tracer.DroppedPacket(logging.PacketTypeInitial, p.Size(), logging.PacketDropUnknownConnectionID)
   940  		}
   941  		s.logger.Debugf("Dropping Initial packet (%d bytes) with unexpected source connection ID: %s (expected %s)", p.Size(), hdr.SrcConnectionID, s.handshakeDestConnID)
   942  		return false
   943  	}
   944  	// drop 0-RTT packets, if we are a client
   945  	if s.perspective == protocol.PerspectiveClient && hdr.Type == protocol.PacketType0RTT {
   946  		if s.tracer != nil {
   947  			s.tracer.DroppedPacket(logging.PacketType0RTT, p.Size(), logging.PacketDropKeyUnavailable)
   948  		}
   949  		return false
   950  	}
   951  
   952  	packet, err := s.unpacker.UnpackLongHeader(hdr, p.rcvTime, p.data, s.version)
   953  	if err != nil {
   954  		wasQueued = s.handleUnpackError(err, p, logging.PacketTypeFromHeader(hdr))
   955  		return false
   956  	}
   957  
   958  	if s.logger.Debug() {
   959  		s.logger.Debugf("<- Reading packet %d (%d bytes) for connection %s, %s", packet.hdr.PacketNumber, p.Size(), hdr.DestConnectionID, packet.encryptionLevel)
   960  		packet.hdr.Log(s.logger)
   961  	}
   962  
   963  	if s.receivedPacketHandler.IsPotentiallyDuplicate(packet.hdr.PacketNumber, packet.encryptionLevel) {
   964  		s.logger.Debugf("Dropping (potentially) duplicate packet.")
   965  		if s.tracer != nil {
   966  			s.tracer.DroppedPacket(logging.PacketTypeFromHeader(hdr), p.Size(), logging.PacketDropDuplicate)
   967  		}
   968  		return false
   969  	}
   970  
   971  	if err := s.handleUnpackedLongHeaderPacket(packet, p.ecn, p.rcvTime, p.Size()); err != nil {
   972  		s.closeLocal(err)
   973  		return false
   974  	}
   975  	return true
   976  }
   977  
   978  func (s *connection) handleUnpackError(err error, p receivedPacket, pt logging.PacketType) (wasQueued bool) {
   979  	switch err {
   980  	case handshake.ErrKeysDropped:
   981  		if s.tracer != nil {
   982  			s.tracer.DroppedPacket(pt, p.Size(), logging.PacketDropKeyUnavailable)
   983  		}
   984  		s.logger.Debugf("Dropping %s packet (%d bytes) because we already dropped the keys.", pt, p.Size())
   985  	case handshake.ErrKeysNotYetAvailable:
   986  		// Sealer for this encryption level not yet available.
   987  		// Try again later.
   988  		s.tryQueueingUndecryptablePacket(p, pt)
   989  		return true
   990  	case wire.ErrInvalidReservedBits:
   991  		s.closeLocal(&qerr.TransportError{
   992  			ErrorCode:    qerr.ProtocolViolation,
   993  			ErrorMessage: err.Error(),
   994  		})
   995  	case handshake.ErrDecryptionFailed:
   996  		// This might be a packet injected by an attacker. Drop it.
   997  		if s.tracer != nil {
   998  			s.tracer.DroppedPacket(pt, p.Size(), logging.PacketDropPayloadDecryptError)
   999  		}
  1000  		s.logger.Debugf("Dropping %s packet (%d bytes) that could not be unpacked. Error: %s", pt, p.Size(), err)
  1001  	default:
  1002  		var headerErr *headerParseError
  1003  		if errors.As(err, &headerErr) {
  1004  			// This might be a packet injected by an attacker. Drop it.
  1005  			if s.tracer != nil {
  1006  				s.tracer.DroppedPacket(pt, p.Size(), logging.PacketDropHeaderParseError)
  1007  			}
  1008  			s.logger.Debugf("Dropping %s packet (%d bytes) for which we couldn't unpack the header. Error: %s", pt, p.Size(), err)
  1009  		} else {
  1010  			// This is an error returned by the AEAD (other than ErrDecryptionFailed).
  1011  			// For example, a PROTOCOL_VIOLATION due to key updates.
  1012  			s.closeLocal(err)
  1013  		}
  1014  	}
  1015  	return false
  1016  }
  1017  
  1018  func (s *connection) handleRetryPacket(hdr *wire.Header, data []byte) bool /* was this a valid Retry */ {
  1019  	if s.perspective == protocol.PerspectiveServer {
  1020  		if s.tracer != nil {
  1021  			s.tracer.DroppedPacket(logging.PacketTypeRetry, protocol.ByteCount(len(data)), logging.PacketDropUnexpectedPacket)
  1022  		}
  1023  		s.logger.Debugf("Ignoring Retry.")
  1024  		return false
  1025  	}
  1026  	if s.receivedFirstPacket {
  1027  		if s.tracer != nil {
  1028  			s.tracer.DroppedPacket(logging.PacketTypeRetry, protocol.ByteCount(len(data)), logging.PacketDropUnexpectedPacket)
  1029  		}
  1030  		s.logger.Debugf("Ignoring Retry, since we already received a packet.")
  1031  		return false
  1032  	}
  1033  	destConnID := s.connIDManager.Get()
  1034  	if hdr.SrcConnectionID == destConnID {
  1035  		if s.tracer != nil {
  1036  			s.tracer.DroppedPacket(logging.PacketTypeRetry, protocol.ByteCount(len(data)), logging.PacketDropUnexpectedPacket)
  1037  		}
  1038  		s.logger.Debugf("Ignoring Retry, since the server didn't change the Source Connection ID.")
  1039  		return false
  1040  	}
  1041  	// If a token is already set, this means that we already received a Retry from the server.
  1042  	// Ignore this Retry packet.
  1043  	if s.ReceivedRetry {
  1044  		s.logger.Debugf("Ignoring Retry, since a Retry was already received.")
  1045  		return false
  1046  	}
  1047  
  1048  	tag := handshake.GetRetryIntegrityTag(data[:len(data)-16], destConnID, hdr.Version)
  1049  	if !bytes.Equal(data[len(data)-16:], tag[:]) {
  1050  		if s.tracer != nil {
  1051  			s.tracer.DroppedPacket(logging.PacketTypeRetry, protocol.ByteCount(len(data)), logging.PacketDropPayloadDecryptError)
  1052  		}
  1053  		s.logger.Debugf("Ignoring spoofed Retry. Integrity Tag doesn't match.")
  1054  		return false
  1055  	}
  1056  
  1057  	if s.logger.Debug() {
  1058  		s.logger.Debugf("<- Received Retry:")
  1059  		(&wire.ExtendedHeader{Header: *hdr}).Log(s.logger)
  1060  		s.logger.Debugf("Switching destination connection ID to: %s", hdr.SrcConnectionID)
  1061  	}
  1062  	if s.tracer != nil {
  1063  		s.tracer.ReceivedRetry(hdr)
  1064  	}
  1065  	newDestConnID := hdr.SrcConnectionID
  1066  	s.ReceivedRetry = true
  1067  	if err := s.sentPacketHandler.ResetForRetry(); err != nil {
  1068  		s.closeLocal(err)
  1069  		return false
  1070  	}
  1071  	s.handshakeDestConnID = newDestConnID
  1072  	s.retrySrcConnID = &newDestConnID
  1073  	s.cryptoStreamHandler.ChangeConnectionID(newDestConnID)
  1074  	s.packer.SetToken(hdr.Token)
  1075  	s.connIDManager.ChangeInitialConnID(newDestConnID)
  1076  	s.scheduleSending()
  1077  	return true
  1078  }
  1079  
  1080  func (s *connection) handleVersionNegotiationPacket(p receivedPacket) {
  1081  	if s.perspective == protocol.PerspectiveServer || // servers never receive version negotiation packets
  1082  		s.receivedFirstPacket || s.versionNegotiated { // ignore delayed / duplicated version negotiation packets
  1083  		if s.tracer != nil {
  1084  			s.tracer.DroppedPacket(logging.PacketTypeVersionNegotiation, p.Size(), logging.PacketDropUnexpectedPacket)
  1085  		}
  1086  		return
  1087  	}
  1088  
  1089  	src, dest, supportedVersions, err := wire.ParseVersionNegotiationPacket(p.data)
  1090  	if err != nil {
  1091  		if s.tracer != nil {
  1092  			s.tracer.DroppedPacket(logging.PacketTypeVersionNegotiation, p.Size(), logging.PacketDropHeaderParseError)
  1093  		}
  1094  		s.logger.Debugf("Error parsing Version Negotiation packet: %s", err)
  1095  		return
  1096  	}
  1097  
  1098  	for _, v := range supportedVersions {
  1099  		if v == s.version {
  1100  			if s.tracer != nil {
  1101  				s.tracer.DroppedPacket(logging.PacketTypeVersionNegotiation, p.Size(), logging.PacketDropUnexpectedVersion)
  1102  			}
  1103  			// The Version Negotiation packet contains the version that we offered.
  1104  			// This might be a packet sent by an attacker, or it was corrupted.
  1105  			return
  1106  		}
  1107  	}
  1108  
  1109  	s.logger.Infof("Received a Version Negotiation packet. Supported Versions: %s", supportedVersions)
  1110  	if s.tracer != nil {
  1111  		s.tracer.ReceivedVersionNegotiationPacket(dest, src, supportedVersions)
  1112  	}
  1113  	newVersion, ok := protocol.ChooseSupportedVersion(s.config.Versions, supportedVersions)
  1114  	if !ok {
  1115  		s.destroyImpl(&VersionNegotiationError{
  1116  			Ours:   s.config.Versions,
  1117  			Theirs: supportedVersions,
  1118  		})
  1119  		s.logger.Infof("No compatible QUIC version found.")
  1120  		return
  1121  	}
  1122  	if s.tracer != nil {
  1123  		s.tracer.NegotiatedVersion(newVersion, s.config.Versions, supportedVersions)
  1124  	}
  1125  
  1126  	s.logger.Infof("Switching to QUIC version %s.", newVersion)
  1127  	nextPN, _ := s.sentPacketHandler.PeekPacketNumber(protocol.EncryptionInitial)
  1128  	s.destroyImpl(&errCloseForRecreating{
  1129  		nextPacketNumber: nextPN,
  1130  		nextVersion:      newVersion,
  1131  	})
  1132  }
  1133  
  1134  func (s *connection) handleUnpackedLongHeaderPacket(
  1135  	packet *unpackedPacket,
  1136  	ecn protocol.ECN,
  1137  	rcvTime time.Time,
  1138  	packetSize protocol.ByteCount, // only for logging
  1139  ) error {
  1140  	if !s.receivedFirstPacket {
  1141  		s.receivedFirstPacket = true
  1142  		if !s.versionNegotiated && s.tracer != nil {
  1143  			var clientVersions, serverVersions []protocol.VersionNumber
  1144  			switch s.perspective {
  1145  			case protocol.PerspectiveClient:
  1146  				clientVersions = s.config.Versions
  1147  			case protocol.PerspectiveServer:
  1148  				serverVersions = s.config.Versions
  1149  			}
  1150  			s.tracer.NegotiatedVersion(s.version, clientVersions, serverVersions)
  1151  		}
  1152  		// The server can change the source connection ID with the first Handshake packet.
  1153  		if s.perspective == protocol.PerspectiveClient && packet.hdr.SrcConnectionID != s.handshakeDestConnID {
  1154  			cid := packet.hdr.SrcConnectionID
  1155  			s.logger.Debugf("Received first packet. Switching destination connection ID to: %s", cid)
  1156  			s.handshakeDestConnID = cid
  1157  			s.connIDManager.ChangeInitialConnID(cid)
  1158  		}
  1159  		// We create the connection as soon as we receive the first packet from the client.
  1160  		// We do that before authenticating the packet.
  1161  		// That means that if the source connection ID was corrupted,
  1162  		// we might have created a connection with an incorrect source connection ID.
  1163  		// Once we authenticate the first packet, we need to update it.
  1164  		if s.perspective == protocol.PerspectiveServer {
  1165  			if packet.hdr.SrcConnectionID != s.handshakeDestConnID {
  1166  				s.handshakeDestConnID = packet.hdr.SrcConnectionID
  1167  				s.connIDManager.ChangeInitialConnID(packet.hdr.SrcConnectionID)
  1168  			}
  1169  			if s.tracer != nil {
  1170  				s.tracer.StartedConnection(
  1171  					s.conn.LocalAddr(),
  1172  					s.conn.RemoteAddr(),
  1173  					packet.hdr.SrcConnectionID,
  1174  					packet.hdr.DestConnectionID,
  1175  				)
  1176  			}
  1177  		}
  1178  	}
  1179  
  1180  	if s.perspective == protocol.PerspectiveServer && packet.encryptionLevel == protocol.EncryptionHandshake {
  1181  		// On the server side, Initial keys are dropped as soon as the first Handshake packet is received.
  1182  		// See Section 4.9.1 of RFC 9001.
  1183  		if err := s.dropEncryptionLevel(protocol.EncryptionInitial); err != nil {
  1184  			return err
  1185  		}
  1186  	}
  1187  
  1188  	s.lastPacketReceivedTime = rcvTime
  1189  	s.firstAckElicitingPacketAfterIdleSentTime = time.Time{}
  1190  	s.keepAlivePingSent = false
  1191  
  1192  	var log func([]logging.Frame)
  1193  	if s.tracer != nil {
  1194  		log = func(frames []logging.Frame) {
  1195  			s.tracer.ReceivedLongHeaderPacket(packet.hdr, packetSize, frames)
  1196  		}
  1197  	}
  1198  	isAckEliciting, err := s.handleFrames(packet.data, packet.hdr.DestConnectionID, packet.encryptionLevel, log)
  1199  	if err != nil {
  1200  		return err
  1201  	}
  1202  	return s.receivedPacketHandler.ReceivedPacket(packet.hdr.PacketNumber, ecn, packet.encryptionLevel, rcvTime, isAckEliciting)
  1203  }
  1204  
  1205  func (s *connection) handleUnpackedShortHeaderPacket(
  1206  	destConnID protocol.ConnectionID,
  1207  	pn protocol.PacketNumber,
  1208  	data []byte,
  1209  	ecn protocol.ECN,
  1210  	rcvTime time.Time,
  1211  	log func([]logging.Frame),
  1212  ) error {
  1213  	s.lastPacketReceivedTime = rcvTime
  1214  	s.firstAckElicitingPacketAfterIdleSentTime = time.Time{}
  1215  	s.keepAlivePingSent = false
  1216  
  1217  	isAckEliciting, err := s.handleFrames(data, destConnID, protocol.Encryption1RTT, log)
  1218  	if err != nil {
  1219  		return err
  1220  	}
  1221  	return s.receivedPacketHandler.ReceivedPacket(pn, ecn, protocol.Encryption1RTT, rcvTime, isAckEliciting)
  1222  }
  1223  
  1224  func (s *connection) handleFrames(
  1225  	data []byte,
  1226  	destConnID protocol.ConnectionID,
  1227  	encLevel protocol.EncryptionLevel,
  1228  	log func([]logging.Frame),
  1229  ) (isAckEliciting bool, _ error) {
  1230  	// Only used for tracing.
  1231  	// If we're not tracing, this slice will always remain empty.
  1232  	var frames []logging.Frame
  1233  	if log != nil {
  1234  		frames = make([]logging.Frame, 0, 4)
  1235  	}
  1236  	handshakeWasComplete := s.handshakeComplete
  1237  	var handleErr error
  1238  	for len(data) > 0 {
  1239  		l, frame, err := s.frameParser.ParseNext(data, encLevel, s.version)
  1240  		if err != nil {
  1241  			return false, err
  1242  		}
  1243  		data = data[l:]
  1244  		if frame == nil {
  1245  			break
  1246  		}
  1247  		if ackhandler.IsFrameAckEliciting(frame) {
  1248  			isAckEliciting = true
  1249  		}
  1250  		if log != nil {
  1251  			frames = append(frames, logutils.ConvertFrame(frame))
  1252  		}
  1253  		// An error occurred handling a previous frame.
  1254  		// Don't handle the current frame.
  1255  		if handleErr != nil {
  1256  			continue
  1257  		}
  1258  		if err := s.handleFrame(frame, encLevel, destConnID); err != nil {
  1259  			if log == nil {
  1260  				return false, err
  1261  			}
  1262  			// If we're logging, we need to keep parsing (but not handling) all frames.
  1263  			handleErr = err
  1264  		}
  1265  	}
  1266  
  1267  	if log != nil {
  1268  		log(frames)
  1269  		if handleErr != nil {
  1270  			return false, handleErr
  1271  		}
  1272  	}
  1273  
  1274  	// Handle completion of the handshake after processing all the frames.
  1275  	// This ensures that we correctly handle the following case on the server side:
  1276  	// We receive a Handshake packet that contains the CRYPTO frame that allows us to complete the handshake,
  1277  	// and an ACK serialized after that CRYPTO frame. In this case, we still want to process the ACK frame.
  1278  	if !handshakeWasComplete && s.handshakeComplete {
  1279  		if err := s.handleHandshakeComplete(); err != nil {
  1280  			return false, err
  1281  		}
  1282  	}
  1283  
  1284  	return
  1285  }
  1286  
  1287  func (s *connection) handleFrame(f wire.Frame, encLevel protocol.EncryptionLevel, destConnID protocol.ConnectionID) error {
  1288  	var err error
  1289  	wire.LogFrame(s.logger, f, false)
  1290  	switch frame := f.(type) {
  1291  	case *wire.CryptoFrame:
  1292  		err = s.handleCryptoFrame(frame, encLevel)
  1293  	case *wire.StreamFrame:
  1294  		err = s.handleStreamFrame(frame)
  1295  	case *wire.AckFrame:
  1296  		err = s.handleAckFrame(frame, encLevel)
  1297  	case *wire.ConnectionCloseFrame:
  1298  		s.handleConnectionCloseFrame(frame)
  1299  	case *wire.ResetStreamFrame:
  1300  		err = s.handleResetStreamFrame(frame)
  1301  	case *wire.MaxDataFrame:
  1302  		s.handleMaxDataFrame(frame)
  1303  	case *wire.MaxStreamDataFrame:
  1304  		err = s.handleMaxStreamDataFrame(frame)
  1305  	case *wire.MaxStreamsFrame:
  1306  		s.handleMaxStreamsFrame(frame)
  1307  	case *wire.DataBlockedFrame:
  1308  	case *wire.StreamDataBlockedFrame:
  1309  	case *wire.StreamsBlockedFrame:
  1310  	case *wire.StopSendingFrame:
  1311  		err = s.handleStopSendingFrame(frame)
  1312  	case *wire.PingFrame:
  1313  	case *wire.PathChallengeFrame:
  1314  		s.handlePathChallengeFrame(frame)
  1315  	case *wire.PathResponseFrame:
  1316  		// since we don't send PATH_CHALLENGEs, we don't expect PATH_RESPONSEs
  1317  		err = errors.New("unexpected PATH_RESPONSE frame")
  1318  	case *wire.NewTokenFrame:
  1319  		err = s.handleNewTokenFrame(frame)
  1320  	case *wire.NewConnectionIDFrame:
  1321  		err = s.handleNewConnectionIDFrame(frame)
  1322  	case *wire.RetireConnectionIDFrame:
  1323  		err = s.handleRetireConnectionIDFrame(frame, destConnID)
  1324  	case *wire.HandshakeDoneFrame:
  1325  		err = s.handleHandshakeDoneFrame()
  1326  	case *wire.DatagramFrame:
  1327  		err = s.handleDatagramFrame(frame)
  1328  	default:
  1329  		err = fmt.Errorf("unexpected frame type: %s", reflect.ValueOf(&frame).Elem().Type().Name())
  1330  	}
  1331  	return err
  1332  }
  1333  
  1334  // handlePacket is called by the server with a new packet
  1335  func (s *connection) handlePacket(p receivedPacket) {
  1336  	// Discard packets once the amount of queued packets is larger than
  1337  	// the channel size, protocol.MaxConnUnprocessedPackets
  1338  	select {
  1339  	case s.receivedPackets <- p:
  1340  	default:
  1341  		if s.tracer != nil {
  1342  			s.tracer.DroppedPacket(logging.PacketTypeNotDetermined, p.Size(), logging.PacketDropDOSPrevention)
  1343  		}
  1344  	}
  1345  }
  1346  
  1347  func (s *connection) handleConnectionCloseFrame(frame *wire.ConnectionCloseFrame) {
  1348  	if frame.IsApplicationError {
  1349  		s.closeRemote(&qerr.ApplicationError{
  1350  			Remote:       true,
  1351  			ErrorCode:    qerr.ApplicationErrorCode(frame.ErrorCode),
  1352  			ErrorMessage: frame.ReasonPhrase,
  1353  		})
  1354  		return
  1355  	}
  1356  	s.closeRemote(&qerr.TransportError{
  1357  		Remote:       true,
  1358  		ErrorCode:    qerr.TransportErrorCode(frame.ErrorCode),
  1359  		FrameType:    frame.FrameType,
  1360  		ErrorMessage: frame.ReasonPhrase,
  1361  	})
  1362  }
  1363  
  1364  func (s *connection) handleCryptoFrame(frame *wire.CryptoFrame, encLevel protocol.EncryptionLevel) error {
  1365  	if err := s.cryptoStreamManager.HandleCryptoFrame(frame, encLevel); err != nil {
  1366  		return err
  1367  	}
  1368  	return s.handleHandshakeEvents()
  1369  }
  1370  
  1371  func (s *connection) handleHandshakeEvents() error {
  1372  	for {
  1373  		ev := s.cryptoStreamHandler.NextEvent()
  1374  		var err error
  1375  		switch ev.Kind {
  1376  		case handshake.EventNoEvent:
  1377  			return nil
  1378  		case handshake.EventHandshakeComplete:
  1379  			// Don't call handleHandshakeComplete yet.
  1380  			// It's advantageous to process ACK frames that might be serialized after the CRYPTO frame first.
  1381  			s.handshakeComplete = true
  1382  		case handshake.EventReceivedTransportParameters:
  1383  			err = s.handleTransportParameters(ev.TransportParameters)
  1384  		case handshake.EventRestoredTransportParameters:
  1385  			s.restoreTransportParameters(ev.TransportParameters)
  1386  			close(s.earlyConnReadyChan)
  1387  		case handshake.EventReceivedReadKeys:
  1388  			// Queue all packets for decryption that have been undecryptable so far.
  1389  			s.undecryptablePacketsToProcess = s.undecryptablePackets
  1390  			s.undecryptablePackets = nil
  1391  		case handshake.EventDiscard0RTTKeys:
  1392  			err = s.dropEncryptionLevel(protocol.Encryption0RTT)
  1393  		case handshake.EventWriteInitialData:
  1394  			_, err = s.initialStream.Write(ev.Data)
  1395  		case handshake.EventWriteHandshakeData:
  1396  			_, err = s.handshakeStream.Write(ev.Data)
  1397  		}
  1398  		if err != nil {
  1399  			return err
  1400  		}
  1401  	}
  1402  }
  1403  
  1404  func (s *connection) handleStreamFrame(frame *wire.StreamFrame) error {
  1405  	str, err := s.streamsMap.GetOrOpenReceiveStream(frame.StreamID)
  1406  	if err != nil {
  1407  		return err
  1408  	}
  1409  	if str == nil {
  1410  		// Stream is closed and already garbage collected
  1411  		// ignore this StreamFrame
  1412  		return nil
  1413  	}
  1414  	return str.handleStreamFrame(frame)
  1415  }
  1416  
  1417  func (s *connection) handleMaxDataFrame(frame *wire.MaxDataFrame) {
  1418  	s.connFlowController.UpdateSendWindow(frame.MaximumData)
  1419  }
  1420  
  1421  func (s *connection) handleMaxStreamDataFrame(frame *wire.MaxStreamDataFrame) error {
  1422  	str, err := s.streamsMap.GetOrOpenSendStream(frame.StreamID)
  1423  	if err != nil {
  1424  		return err
  1425  	}
  1426  	if str == nil {
  1427  		// stream is closed and already garbage collected
  1428  		return nil
  1429  	}
  1430  	str.updateSendWindow(frame.MaximumStreamData)
  1431  	return nil
  1432  }
  1433  
  1434  func (s *connection) handleMaxStreamsFrame(frame *wire.MaxStreamsFrame) {
  1435  	s.streamsMap.HandleMaxStreamsFrame(frame)
  1436  }
  1437  
  1438  func (s *connection) handleResetStreamFrame(frame *wire.ResetStreamFrame) error {
  1439  	str, err := s.streamsMap.GetOrOpenReceiveStream(frame.StreamID)
  1440  	if err != nil {
  1441  		return err
  1442  	}
  1443  	if str == nil {
  1444  		// stream is closed and already garbage collected
  1445  		return nil
  1446  	}
  1447  	return str.handleResetStreamFrame(frame)
  1448  }
  1449  
  1450  func (s *connection) handleStopSendingFrame(frame *wire.StopSendingFrame) error {
  1451  	str, err := s.streamsMap.GetOrOpenSendStream(frame.StreamID)
  1452  	if err != nil {
  1453  		return err
  1454  	}
  1455  	if str == nil {
  1456  		// stream is closed and already garbage collected
  1457  		return nil
  1458  	}
  1459  	str.handleStopSendingFrame(frame)
  1460  	return nil
  1461  }
  1462  
  1463  func (s *connection) handlePathChallengeFrame(frame *wire.PathChallengeFrame) {
  1464  	s.queueControlFrame(&wire.PathResponseFrame{Data: frame.Data})
  1465  }
  1466  
  1467  func (s *connection) handleNewTokenFrame(frame *wire.NewTokenFrame) error {
  1468  	if s.perspective == protocol.PerspectiveServer {
  1469  		return &qerr.TransportError{
  1470  			ErrorCode:    qerr.ProtocolViolation,
  1471  			ErrorMessage: "received NEW_TOKEN frame from the client",
  1472  		}
  1473  	}
  1474  	if s.config.TokenStore != nil {
  1475  		s.config.TokenStore.Put(s.tokenStoreKey, &ClientToken{data: frame.Token})
  1476  	}
  1477  	return nil
  1478  }
  1479  
  1480  func (s *connection) handleNewConnectionIDFrame(f *wire.NewConnectionIDFrame) error {
  1481  	return s.connIDManager.Add(f)
  1482  }
  1483  
  1484  func (s *connection) handleRetireConnectionIDFrame(f *wire.RetireConnectionIDFrame, destConnID protocol.ConnectionID) error {
  1485  	return s.connIDGenerator.Retire(f.SequenceNumber, destConnID)
  1486  }
  1487  
  1488  func (s *connection) handleHandshakeDoneFrame() error {
  1489  	if s.perspective == protocol.PerspectiveServer {
  1490  		return &qerr.TransportError{
  1491  			ErrorCode:    qerr.ProtocolViolation,
  1492  			ErrorMessage: "received a HANDSHAKE_DONE frame",
  1493  		}
  1494  	}
  1495  	if !s.handshakeConfirmed {
  1496  		return s.handleHandshakeConfirmed()
  1497  	}
  1498  	return nil
  1499  }
  1500  
  1501  func (s *connection) handleAckFrame(frame *wire.AckFrame, encLevel protocol.EncryptionLevel) error {
  1502  	acked1RTTPacket, err := s.sentPacketHandler.ReceivedAck(frame, encLevel, s.lastPacketReceivedTime)
  1503  	if err != nil {
  1504  		return err
  1505  	}
  1506  	if !acked1RTTPacket {
  1507  		return nil
  1508  	}
  1509  	// On the client side: If the packet acknowledged a 1-RTT packet, this confirms the handshake.
  1510  	// This is only possible if the ACK was sent in a 1-RTT packet.
  1511  	// This is an optimization over simply waiting for a HANDSHAKE_DONE frame, see section 4.1.2 of RFC 9001.
  1512  	if s.perspective == protocol.PerspectiveClient && !s.handshakeConfirmed {
  1513  		if err := s.handleHandshakeConfirmed(); err != nil {
  1514  			return err
  1515  		}
  1516  	}
  1517  	return s.cryptoStreamHandler.SetLargest1RTTAcked(frame.LargestAcked())
  1518  }
  1519  
  1520  func (s *connection) handleDatagramFrame(f *wire.DatagramFrame) error {
  1521  	if f.Length(s.version) > protocol.MaxDatagramFrameSize {
  1522  		return &qerr.TransportError{
  1523  			ErrorCode:    qerr.ProtocolViolation,
  1524  			ErrorMessage: "DATAGRAM frame too large",
  1525  		}
  1526  	}
  1527  	s.datagramQueue.HandleDatagramFrame(f)
  1528  	return nil
  1529  }
  1530  
  1531  // closeLocal closes the connection and send a CONNECTION_CLOSE containing the error
  1532  func (s *connection) closeLocal(e error) {
  1533  	s.closeOnce.Do(func() {
  1534  		if e == nil {
  1535  			s.logger.Infof("Closing connection.")
  1536  		} else {
  1537  			s.logger.Errorf("Closing connection with error: %s", e)
  1538  		}
  1539  		s.closeChan <- closeError{err: e, immediate: false, remote: false}
  1540  	})
  1541  }
  1542  
  1543  // destroy closes the connection without sending the error on the wire
  1544  func (s *connection) destroy(e error) {
  1545  	s.destroyImpl(e)
  1546  	<-s.ctx.Done()
  1547  }
  1548  
  1549  func (s *connection) destroyImpl(e error) {
  1550  	s.closeOnce.Do(func() {
  1551  		if nerr, ok := e.(net.Error); ok && nerr.Timeout() {
  1552  			s.logger.Errorf("Destroying connection: %s", e)
  1553  		} else {
  1554  			s.logger.Errorf("Destroying connection with error: %s", e)
  1555  		}
  1556  		s.closeChan <- closeError{err: e, immediate: true, remote: false}
  1557  	})
  1558  }
  1559  
  1560  func (s *connection) closeRemote(e error) {
  1561  	s.closeOnce.Do(func() {
  1562  		s.logger.Errorf("Peer closed connection with error: %s", e)
  1563  		s.closeChan <- closeError{err: e, immediate: true, remote: true}
  1564  	})
  1565  }
  1566  
  1567  // Close the connection. It sends a NO_ERROR application error.
  1568  // It waits until the run loop has stopped before returning
  1569  func (s *connection) shutdown() {
  1570  	s.closeLocal(nil)
  1571  	<-s.ctx.Done()
  1572  }
  1573  
  1574  func (s *connection) CloseWithError(code ApplicationErrorCode, desc string) error {
  1575  	s.closeLocal(&qerr.ApplicationError{
  1576  		ErrorCode:    code,
  1577  		ErrorMessage: desc,
  1578  	})
  1579  	<-s.ctx.Done()
  1580  	return nil
  1581  }
  1582  
  1583  func (s *connection) handleCloseError(closeErr *closeError) {
  1584  	e := closeErr.err
  1585  	if e == nil {
  1586  		e = &qerr.ApplicationError{}
  1587  	} else {
  1588  		defer func() {
  1589  			closeErr.err = e
  1590  		}()
  1591  	}
  1592  
  1593  	var (
  1594  		statelessResetErr     *StatelessResetError
  1595  		versionNegotiationErr *VersionNegotiationError
  1596  		recreateErr           *errCloseForRecreating
  1597  		applicationErr        *ApplicationError
  1598  		transportErr          *TransportError
  1599  	)
  1600  	switch {
  1601  	case errors.Is(e, qerr.ErrIdleTimeout),
  1602  		errors.Is(e, qerr.ErrHandshakeTimeout),
  1603  		errors.As(e, &statelessResetErr),
  1604  		errors.As(e, &versionNegotiationErr),
  1605  		errors.As(e, &recreateErr),
  1606  		errors.As(e, &applicationErr),
  1607  		errors.As(e, &transportErr):
  1608  	default:
  1609  		e = &qerr.TransportError{
  1610  			ErrorCode:    qerr.InternalError,
  1611  			ErrorMessage: e.Error(),
  1612  		}
  1613  	}
  1614  
  1615  	s.streamsMap.CloseWithError(e)
  1616  	s.connIDManager.Close()
  1617  	if s.datagramQueue != nil {
  1618  		s.datagramQueue.CloseWithError(e)
  1619  	}
  1620  
  1621  	if s.tracer != nil && !errors.As(e, &recreateErr) {
  1622  		s.tracer.ClosedConnection(e)
  1623  	}
  1624  
  1625  	// If this is a remote close we're done here
  1626  	if closeErr.remote {
  1627  		s.connIDGenerator.ReplaceWithClosed(s.perspective, nil)
  1628  		return
  1629  	}
  1630  	if closeErr.immediate {
  1631  		s.connIDGenerator.RemoveAll()
  1632  		return
  1633  	}
  1634  	// Don't send out any CONNECTION_CLOSE if this is an error that occurred
  1635  	// before we even sent out the first packet.
  1636  	if s.perspective == protocol.PerspectiveClient && !s.sentFirstPacket {
  1637  		s.connIDGenerator.RemoveAll()
  1638  		return
  1639  	}
  1640  	connClosePacket, err := s.sendConnectionClose(e)
  1641  	if err != nil {
  1642  		s.logger.Debugf("Error sending CONNECTION_CLOSE: %s", err)
  1643  	}
  1644  	s.connIDGenerator.ReplaceWithClosed(s.perspective, connClosePacket)
  1645  }
  1646  
  1647  func (s *connection) dropEncryptionLevel(encLevel protocol.EncryptionLevel) error {
  1648  	if s.tracer != nil {
  1649  		s.tracer.DroppedEncryptionLevel(encLevel)
  1650  	}
  1651  	s.sentPacketHandler.DropPackets(encLevel)
  1652  	s.receivedPacketHandler.DropPackets(encLevel)
  1653  	//nolint:exhaustive // only Initial and 0-RTT need special treatment
  1654  	switch encLevel {
  1655  	case protocol.EncryptionInitial:
  1656  		s.cryptoStreamHandler.DiscardInitialKeys()
  1657  	case protocol.Encryption0RTT:
  1658  		s.streamsMap.ResetFor0RTT()
  1659  		if err := s.connFlowController.Reset(); err != nil {
  1660  			return err
  1661  		}
  1662  		return s.framer.Handle0RTTRejection()
  1663  	}
  1664  	return s.cryptoStreamManager.Drop(encLevel)
  1665  }
  1666  
  1667  // is called for the client, when restoring transport parameters saved for 0-RTT
  1668  func (s *connection) restoreTransportParameters(params *wire.TransportParameters) {
  1669  	if s.logger.Debug() {
  1670  		s.logger.Debugf("Restoring Transport Parameters: %s", params)
  1671  	}
  1672  
  1673  	s.PeerParams = params
  1674  	s.connIDGenerator.SetMaxActiveConnIDs(params.ActiveConnectionIDLimit)
  1675  	s.connFlowController.UpdateSendWindow(params.InitialMaxData)
  1676  	s.streamsMap.UpdateLimits(params)
  1677  	s.connStateMutex.Lock()
  1678  	s.connState.SupportsDatagrams = s.supportsDatagrams()
  1679  	s.connStateMutex.Unlock()
  1680  }
  1681  
  1682  func (s *connection) handleTransportParameters(params *wire.TransportParameters) error {
  1683  	if s.tracer != nil {
  1684  		s.tracer.ReceivedTransportParameters(params)
  1685  	}
  1686  	if err := s.checkTransportParameters(params); err != nil {
  1687  		return &qerr.TransportError{
  1688  			ErrorCode:    qerr.TransportParameterError,
  1689  			ErrorMessage: err.Error(),
  1690  		}
  1691  	}
  1692  
  1693  	if s.perspective == protocol.PerspectiveClient && s.PeerParams != nil && s.ConnectionState().Used0RTT && !params.ValidForUpdate(s.PeerParams) {
  1694  		return &qerr.TransportError{
  1695  			ErrorCode:    qerr.ProtocolViolation,
  1696  			ErrorMessage: "server sent reduced limits after accepting 0-RTT data",
  1697  		}
  1698  	}
  1699  
  1700  	s.PeerParams = params
  1701  	// On the client side we have to wait for handshake completion.
  1702  	// During a 0-RTT connection, we are only allowed to use the new transport parameters for 1-RTT packets.
  1703  	if s.perspective == protocol.PerspectiveServer {
  1704  		s.applyTransportParameters()
  1705  		// On the server side, the early connection is ready as soon as we processed
  1706  		// the client's transport parameters.
  1707  		close(s.earlyConnReadyChan)
  1708  	}
  1709  
  1710  	s.connStateMutex.Lock()
  1711  	s.connState.SupportsDatagrams = s.supportsDatagrams()
  1712  	s.connStateMutex.Unlock()
  1713  	return nil
  1714  }
  1715  
  1716  func (s *connection) checkTransportParameters(params *wire.TransportParameters) error {
  1717  	if s.logger.Debug() {
  1718  		s.logger.Debugf("Processed Transport Parameters: %s", params)
  1719  	}
  1720  
  1721  	// check the initial_source_connection_id
  1722  	if params.InitialSourceConnectionID != s.handshakeDestConnID {
  1723  		return fmt.Errorf("expected initial_source_connection_id to equal %s, is %s", s.handshakeDestConnID, params.InitialSourceConnectionID)
  1724  	}
  1725  
  1726  	if s.perspective == protocol.PerspectiveServer {
  1727  		return nil
  1728  	}
  1729  	// check the original_destination_connection_id
  1730  	if params.OriginalDestinationConnectionID != s.origDestConnID {
  1731  		return fmt.Errorf("expected original_destination_connection_id to equal %s, is %s", s.origDestConnID, params.OriginalDestinationConnectionID)
  1732  	}
  1733  	if s.retrySrcConnID != nil { // a Retry was performed
  1734  		if params.RetrySourceConnectionID == nil {
  1735  			return errors.New("missing retry_source_connection_id")
  1736  		}
  1737  		if *params.RetrySourceConnectionID != *s.retrySrcConnID {
  1738  			return fmt.Errorf("expected retry_source_connection_id to equal %s, is %s", s.retrySrcConnID, *params.RetrySourceConnectionID)
  1739  		}
  1740  	} else if params.RetrySourceConnectionID != nil {
  1741  		return errors.New("received retry_source_connection_id, although no Retry was performed")
  1742  	}
  1743  	return nil
  1744  }
  1745  
  1746  func (s *connection) applyTransportParameters() {
  1747  	params := s.PeerParams
  1748  	// Our local idle timeout will always be > 0.
  1749  	s.idleTimeout = utils.MinNonZeroDuration(s.config.MaxIdleTimeout, params.MaxIdleTimeout)
  1750  	s.keepAliveInterval = utils.Min(s.config.KeepAlivePeriod, utils.Min(s.idleTimeout/2, protocol.MaxKeepAliveInterval))
  1751  	s.streamsMap.UpdateLimits(params)
  1752  	s.frameParser.SetAckDelayExponent(params.AckDelayExponent)
  1753  	s.connFlowController.UpdateSendWindow(params.InitialMaxData)
  1754  	s.rttStats.SetMaxAckDelay(params.MaxAckDelay)
  1755  	s.connIDGenerator.SetMaxActiveConnIDs(params.ActiveConnectionIDLimit)
  1756  	if params.StatelessResetToken != nil {
  1757  		s.connIDManager.SetStatelessResetToken(*params.StatelessResetToken)
  1758  	}
  1759  	// We don't support connection migration yet, so we don't have any use for the preferred_address.
  1760  	if params.PreferredAddress != nil {
  1761  		// Retire the connection ID.
  1762  		s.connIDManager.AddFromPreferredAddress(params.PreferredAddress.ConnectionID, params.PreferredAddress.StatelessResetToken)
  1763  	}
  1764  }
  1765  
  1766  func (s *connection) triggerSending() error {
  1767  	s.pacingDeadline = time.Time{}
  1768  	now := time.Now()
  1769  
  1770  	sendMode := s.sentPacketHandler.SendMode(now)
  1771  	//nolint:exhaustive // No need to handle pacing limited here.
  1772  	switch sendMode {
  1773  	case ackhandler.SendAny:
  1774  		return s.sendPackets(now)
  1775  	case ackhandler.SendNone:
  1776  		return nil
  1777  	case ackhandler.SendPacingLimited:
  1778  		deadline := s.sentPacketHandler.TimeUntilSend()
  1779  		if deadline.IsZero() {
  1780  			deadline = deadlineSendImmediately
  1781  		}
  1782  		s.pacingDeadline = deadline
  1783  		// Allow sending of an ACK if we're pacing limit.
  1784  		// This makes sure that a peer that is mostly receiving data (and thus has an inaccurate cwnd estimate)
  1785  		// sends enough ACKs to allow its peer to utilize the bandwidth.
  1786  		fallthrough
  1787  	case ackhandler.SendAck:
  1788  		// We can at most send a single ACK only packet.
  1789  		// There will only be a new ACK after receiving new packets.
  1790  		// SendAck is only returned when we're congestion limited, so we don't need to set the pacinggs timer.
  1791  		return s.maybeSendAckOnlyPacket(now)
  1792  	case ackhandler.SendPTOInitial:
  1793  		if err := s.sendProbePacket(protocol.EncryptionInitial, now); err != nil {
  1794  			return err
  1795  		}
  1796  		if s.sendQueue.WouldBlock() {
  1797  			s.scheduleSending()
  1798  			return nil
  1799  		}
  1800  		return s.triggerSending()
  1801  	case ackhandler.SendPTOHandshake:
  1802  		if err := s.sendProbePacket(protocol.EncryptionHandshake, now); err != nil {
  1803  			return err
  1804  		}
  1805  		if s.sendQueue.WouldBlock() {
  1806  			s.scheduleSending()
  1807  			return nil
  1808  		}
  1809  		return s.triggerSending()
  1810  	case ackhandler.SendPTOAppData:
  1811  		if err := s.sendProbePacket(protocol.Encryption1RTT, now); err != nil {
  1812  			return err
  1813  		}
  1814  		if s.sendQueue.WouldBlock() {
  1815  			s.scheduleSending()
  1816  			return nil
  1817  		}
  1818  		return s.triggerSending()
  1819  	default:
  1820  		return fmt.Errorf("BUG: invalid send mode %d", sendMode)
  1821  	}
  1822  }
  1823  
  1824  func (s *connection) sendPackets(now time.Time) error {
  1825  	// Path MTU Discovery
  1826  	// Can't use GSO, since we need to send a single packet that's larger than our current maximum size.
  1827  	// Performance-wise, this doesn't matter, since we only send a very small (<10) number of
  1828  	// MTU probe packets per connection.
  1829  	if s.handshakeConfirmed && s.mtuDiscoverer != nil && s.mtuDiscoverer.ShouldSendProbe(now) {
  1830  		ping, size := s.mtuDiscoverer.GetPing()
  1831  		p, buf, err := s.packer.PackMTUProbePacket(ping, size, s.version)
  1832  		if err != nil {
  1833  			return err
  1834  		}
  1835  		s.logShortHeaderPacket(p.DestConnID, p.Ack, p.Frames, p.StreamFrames, p.PacketNumber, p.PacketNumberLen, p.KeyPhase, buf.Len(), false)
  1836  		s.registerPackedShortHeaderPacket(p, now)
  1837  		s.sendQueue.Send(buf, buf.Len())
  1838  		// This is kind of a hack. We need to trigger sending again somehow.
  1839  		s.pacingDeadline = deadlineSendImmediately
  1840  		return nil
  1841  	}
  1842  
  1843  	if isBlocked, offset := s.connFlowController.IsNewlyBlocked(); isBlocked {
  1844  		s.framer.QueueControlFrame(&wire.DataBlockedFrame{MaximumData: offset})
  1845  	}
  1846  	s.windowUpdateQueue.QueueAll()
  1847  	if cf := s.cryptoStreamManager.GetPostHandshakeData(protocol.MaxPostHandshakeCryptoFrameSize); cf != nil {
  1848  		s.queueControlFrame(cf)
  1849  	}
  1850  
  1851  	if !s.handshakeConfirmed {
  1852  		packet, err := s.packer.PackCoalescedPacket(false, s.mtuDiscoverer.CurrentSize(), s.version)
  1853  		if err != nil || packet == nil {
  1854  			return err
  1855  		}
  1856  		s.sentFirstPacket = true
  1857  		if err := s.sendPackedCoalescedPacket(packet, now); err != nil {
  1858  			return err
  1859  		}
  1860  		sendMode := s.sentPacketHandler.SendMode(now)
  1861  		if sendMode == ackhandler.SendPacingLimited {
  1862  			s.resetPacingDeadline()
  1863  		} else if sendMode == ackhandler.SendAny {
  1864  			s.pacingDeadline = deadlineSendImmediately
  1865  		}
  1866  		return nil
  1867  	}
  1868  
  1869  	if s.conn.capabilities().GSO {
  1870  		return s.sendPacketsWithGSO(now)
  1871  	}
  1872  	return s.sendPacketsWithoutGSO(now)
  1873  }
  1874  
  1875  func (s *connection) sendPacketsWithoutGSO(now time.Time) error {
  1876  	for {
  1877  		buf := getPacketBuffer()
  1878  		if _, err := s.appendPacket(buf, s.mtuDiscoverer.CurrentSize(), now); err != nil {
  1879  			if err == errNothingToPack {
  1880  				buf.Release()
  1881  				return nil
  1882  			}
  1883  			return err
  1884  		}
  1885  
  1886  		s.sendQueue.Send(buf, buf.Len())
  1887  
  1888  		if s.sendQueue.WouldBlock() {
  1889  			return nil
  1890  		}
  1891  		sendMode := s.sentPacketHandler.SendMode(now)
  1892  		if sendMode == ackhandler.SendPacingLimited {
  1893  			s.resetPacingDeadline()
  1894  			return nil
  1895  		}
  1896  		if sendMode != ackhandler.SendAny {
  1897  			return nil
  1898  		}
  1899  		// Prioritize receiving of packets over sending out more packets.
  1900  		if len(s.receivedPackets) > 0 {
  1901  			s.pacingDeadline = deadlineSendImmediately
  1902  			return nil
  1903  		}
  1904  	}
  1905  }
  1906  
  1907  func (s *connection) sendPacketsWithGSO(now time.Time) error {
  1908  	buf := getLargePacketBuffer()
  1909  	maxSize := s.mtuDiscoverer.CurrentSize()
  1910  
  1911  	for {
  1912  		var dontSendMore bool
  1913  		size, err := s.appendPacket(buf, maxSize, now)
  1914  		if err != nil {
  1915  			if err != errNothingToPack {
  1916  				return err
  1917  			}
  1918  			if buf.Len() == 0 {
  1919  				buf.Release()
  1920  				return nil
  1921  			}
  1922  			dontSendMore = true
  1923  		}
  1924  
  1925  		if !dontSendMore {
  1926  			sendMode := s.sentPacketHandler.SendMode(now)
  1927  			if sendMode == ackhandler.SendPacingLimited {
  1928  				s.resetPacingDeadline()
  1929  			}
  1930  			if sendMode != ackhandler.SendAny {
  1931  				dontSendMore = true
  1932  			}
  1933  		}
  1934  
  1935  		// Append another packet if
  1936  		// 1. The congestion controller and pacer allow sending more
  1937  		// 2. The last packet appended was a full-size packet
  1938  		// 3. We still have enough space for another full-size packet in the buffer
  1939  		if !dontSendMore && size == maxSize && buf.Len()+maxSize <= buf.Cap() {
  1940  			continue
  1941  		}
  1942  
  1943  		s.sendQueue.Send(buf, maxSize)
  1944  
  1945  		if dontSendMore {
  1946  			return nil
  1947  		}
  1948  		if s.sendQueue.WouldBlock() {
  1949  			return nil
  1950  		}
  1951  
  1952  		// Prioritize receiving of packets over sending out more packets.
  1953  		if len(s.receivedPackets) > 0 {
  1954  			s.pacingDeadline = deadlineSendImmediately
  1955  			return nil
  1956  		}
  1957  
  1958  		buf = getLargePacketBuffer()
  1959  	}
  1960  }
  1961  
  1962  func (s *connection) resetPacingDeadline() {
  1963  	deadline := s.sentPacketHandler.TimeUntilSend()
  1964  	if deadline.IsZero() {
  1965  		deadline = deadlineSendImmediately
  1966  	}
  1967  	s.pacingDeadline = deadline
  1968  }
  1969  
  1970  func (s *connection) maybeSendAckOnlyPacket(now time.Time) error {
  1971  	if !s.handshakeConfirmed {
  1972  		packet, err := s.packer.PackCoalescedPacket(true, s.mtuDiscoverer.CurrentSize(), s.version)
  1973  		if err != nil {
  1974  			return err
  1975  		}
  1976  		if packet == nil {
  1977  			return nil
  1978  		}
  1979  		return s.sendPackedCoalescedPacket(packet, time.Now())
  1980  	}
  1981  
  1982  	p, buf, err := s.packer.PackAckOnlyPacket(s.mtuDiscoverer.CurrentSize(), s.version)
  1983  	if err != nil {
  1984  		if err == errNothingToPack {
  1985  			return nil
  1986  		}
  1987  		return err
  1988  	}
  1989  	s.logShortHeaderPacket(p.DestConnID, p.Ack, p.Frames, p.StreamFrames, p.PacketNumber, p.PacketNumberLen, p.KeyPhase, buf.Len(), false)
  1990  	s.registerPackedShortHeaderPacket(p, now)
  1991  	s.sendQueue.Send(buf, buf.Len())
  1992  	return nil
  1993  }
  1994  
  1995  func (s *connection) sendProbePacket(encLevel protocol.EncryptionLevel, now time.Time) error {
  1996  	// Queue probe packets until we actually send out a packet,
  1997  	// or until there are no more packets to queue.
  1998  	var packet *coalescedPacket
  1999  	for {
  2000  		if wasQueued := s.sentPacketHandler.QueueProbePacket(encLevel); !wasQueued {
  2001  			break
  2002  		}
  2003  		var err error
  2004  		packet, err = s.packer.MaybePackProbePacket(encLevel, s.mtuDiscoverer.CurrentSize(), s.version)
  2005  		if err != nil {
  2006  			return err
  2007  		}
  2008  		if packet != nil {
  2009  			break
  2010  		}
  2011  	}
  2012  	if packet == nil {
  2013  		s.retransmissionQueue.AddPing(encLevel)
  2014  		var err error
  2015  		packet, err = s.packer.MaybePackProbePacket(encLevel, s.mtuDiscoverer.CurrentSize(), s.version)
  2016  		if err != nil {
  2017  			return err
  2018  		}
  2019  	}
  2020  	if packet == nil || (len(packet.longHdrPackets) == 0 && packet.shortHdrPacket == nil) {
  2021  		return fmt.Errorf("connection BUG: couldn't pack %s probe packet", encLevel)
  2022  	}
  2023  	return s.sendPackedCoalescedPacket(packet, now)
  2024  }
  2025  
  2026  // appendPacket appends a new packet to the given packetBuffer.
  2027  // If there was nothing to pack, the returned size is 0.
  2028  func (s *connection) appendPacket(buf *packetBuffer, maxSize protocol.ByteCount, now time.Time) (protocol.ByteCount, error) {
  2029  	startLen := buf.Len()
  2030  	p, err := s.packer.AppendPacket(buf, maxSize, s.version)
  2031  	if err != nil {
  2032  		return 0, err
  2033  	}
  2034  	size := buf.Len() - startLen
  2035  	s.logShortHeaderPacket(p.DestConnID, p.Ack, p.Frames, p.StreamFrames, p.PacketNumber, p.PacketNumberLen, p.KeyPhase, size, false)
  2036  	s.registerPackedShortHeaderPacket(p, now)
  2037  	return size, nil
  2038  }
  2039  
  2040  func (s *connection) registerPackedShortHeaderPacket(p shortHeaderPacket, now time.Time) {
  2041  	if s.firstAckElicitingPacketAfterIdleSentTime.IsZero() && (len(p.StreamFrames) > 0 || ackhandler.HasAckElicitingFrames(p.Frames)) {
  2042  		s.firstAckElicitingPacketAfterIdleSentTime = now
  2043  	}
  2044  
  2045  	largestAcked := protocol.InvalidPacketNumber
  2046  	if p.Ack != nil {
  2047  		largestAcked = p.Ack.LargestAcked()
  2048  	}
  2049  	s.sentPacketHandler.SentPacket(now, p.PacketNumber, largestAcked, p.StreamFrames, p.Frames, protocol.Encryption1RTT, p.Length, p.IsPathMTUProbePacket)
  2050  	s.connIDManager.SentPacket()
  2051  }
  2052  
  2053  func (s *connection) sendPackedCoalescedPacket(packet *coalescedPacket, now time.Time) error {
  2054  	s.logCoalescedPacket(packet)
  2055  	for _, p := range packet.longHdrPackets {
  2056  		if s.firstAckElicitingPacketAfterIdleSentTime.IsZero() && p.IsAckEliciting() {
  2057  			s.firstAckElicitingPacketAfterIdleSentTime = now
  2058  		}
  2059  		largestAcked := protocol.InvalidPacketNumber
  2060  		if p.ack != nil {
  2061  			largestAcked = p.ack.LargestAcked()
  2062  		}
  2063  		s.sentPacketHandler.SentPacket(now, p.header.PacketNumber, largestAcked, p.streamFrames, p.frames, p.EncryptionLevel(), p.length, false)
  2064  		if s.perspective == protocol.PerspectiveClient && p.EncryptionLevel() == protocol.EncryptionHandshake {
  2065  			// On the client side, Initial keys are dropped as soon as the first Handshake packet is sent.
  2066  			// See Section 4.9.1 of RFC 9001.
  2067  			if err := s.dropEncryptionLevel(protocol.EncryptionInitial); err != nil {
  2068  				return err
  2069  			}
  2070  		}
  2071  	}
  2072  	if p := packet.shortHdrPacket; p != nil {
  2073  		if s.firstAckElicitingPacketAfterIdleSentTime.IsZero() && p.IsAckEliciting() {
  2074  			s.firstAckElicitingPacketAfterIdleSentTime = now
  2075  		}
  2076  		largestAcked := protocol.InvalidPacketNumber
  2077  		if p.Ack != nil {
  2078  			largestAcked = p.Ack.LargestAcked()
  2079  		}
  2080  		s.sentPacketHandler.SentPacket(now, p.PacketNumber, largestAcked, p.StreamFrames, p.Frames, protocol.Encryption1RTT, p.Length, p.IsPathMTUProbePacket)
  2081  	}
  2082  	s.connIDManager.SentPacket()
  2083  	s.sendQueue.Send(packet.buffer, packet.buffer.Len())
  2084  	return nil
  2085  }
  2086  
  2087  func (s *connection) sendConnectionClose(e error) ([]byte, error) {
  2088  	var packet *coalescedPacket
  2089  	var err error
  2090  	var transportErr *qerr.TransportError
  2091  	var applicationErr *qerr.ApplicationError
  2092  	if errors.As(e, &transportErr) {
  2093  		packet, err = s.packer.PackConnectionClose(transportErr, s.mtuDiscoverer.CurrentSize(), s.version)
  2094  	} else if errors.As(e, &applicationErr) {
  2095  		packet, err = s.packer.PackApplicationClose(applicationErr, s.mtuDiscoverer.CurrentSize(), s.version)
  2096  	} else {
  2097  		packet, err = s.packer.PackConnectionClose(&qerr.TransportError{
  2098  			ErrorCode:    qerr.InternalError,
  2099  			ErrorMessage: fmt.Sprintf("connection BUG: unspecified error type (msg: %s)", e.Error()),
  2100  		}, s.mtuDiscoverer.CurrentSize(), s.version)
  2101  	}
  2102  	if err != nil {
  2103  		return nil, err
  2104  	}
  2105  	s.logCoalescedPacket(packet)
  2106  	return packet.buffer.Data, s.conn.Write(packet.buffer.Data, packet.buffer.Len())
  2107  }
  2108  
  2109  func (s *connection) logLongHeaderPacket(p *longHeaderPacket) {
  2110  	// quic-go logging
  2111  	if s.logger.Debug() {
  2112  		p.header.Log(s.logger)
  2113  		if p.ack != nil {
  2114  			wire.LogFrame(s.logger, p.ack, true)
  2115  		}
  2116  		for _, frame := range p.frames {
  2117  			wire.LogFrame(s.logger, frame.Frame, true)
  2118  		}
  2119  		for _, frame := range p.streamFrames {
  2120  			wire.LogFrame(s.logger, frame.Frame, true)
  2121  		}
  2122  	}
  2123  
  2124  	// tracing
  2125  	if s.tracer != nil {
  2126  		frames := make([]logging.Frame, 0, len(p.frames))
  2127  		for _, f := range p.frames {
  2128  			frames = append(frames, logutils.ConvertFrame(f.Frame))
  2129  		}
  2130  		for _, f := range p.streamFrames {
  2131  			frames = append(frames, logutils.ConvertFrame(f.Frame))
  2132  		}
  2133  		var ack *logging.AckFrame
  2134  		if p.ack != nil {
  2135  			ack = logutils.ConvertAckFrame(p.ack)
  2136  		}
  2137  		s.tracer.SentLongHeaderPacket(p.header, p.length, ack, frames)
  2138  	}
  2139  }
  2140  
  2141  func (s *connection) logShortHeaderPacket(
  2142  	destConnID protocol.ConnectionID,
  2143  	ackFrame *wire.AckFrame,
  2144  	frames []ackhandler.Frame,
  2145  	streamFrames []ackhandler.StreamFrame,
  2146  	pn protocol.PacketNumber,
  2147  	pnLen protocol.PacketNumberLen,
  2148  	kp protocol.KeyPhaseBit,
  2149  	size protocol.ByteCount,
  2150  	isCoalesced bool,
  2151  ) {
  2152  	if s.logger.Debug() && !isCoalesced {
  2153  		s.logger.Debugf("-> Sending packet %d (%d bytes) for connection %s, 1-RTT", pn, size, s.logID)
  2154  	}
  2155  	// quic-go logging
  2156  	if s.logger.Debug() {
  2157  		wire.LogShortHeader(s.logger, destConnID, pn, pnLen, kp)
  2158  		if ackFrame != nil {
  2159  			wire.LogFrame(s.logger, ackFrame, true)
  2160  		}
  2161  		for _, f := range frames {
  2162  			wire.LogFrame(s.logger, f.Frame, true)
  2163  		}
  2164  		for _, f := range streamFrames {
  2165  			wire.LogFrame(s.logger, f.Frame, true)
  2166  		}
  2167  	}
  2168  
  2169  	// tracing
  2170  	if s.tracer != nil {
  2171  		fs := make([]logging.Frame, 0, len(frames)+len(streamFrames))
  2172  		for _, f := range frames {
  2173  			fs = append(fs, logutils.ConvertFrame(f.Frame))
  2174  		}
  2175  		for _, f := range streamFrames {
  2176  			fs = append(fs, logutils.ConvertFrame(f.Frame))
  2177  		}
  2178  		var ack *logging.AckFrame
  2179  		if ackFrame != nil {
  2180  			ack = logutils.ConvertAckFrame(ackFrame)
  2181  		}
  2182  		s.tracer.SentShortHeaderPacket(
  2183  			&logging.ShortHeader{
  2184  				DestConnectionID: destConnID,
  2185  				PacketNumber:     pn,
  2186  				PacketNumberLen:  pnLen,
  2187  				KeyPhase:         kp,
  2188  			},
  2189  			size,
  2190  			ack,
  2191  			fs,
  2192  		)
  2193  	}
  2194  }
  2195  
  2196  func (s *connection) logCoalescedPacket(packet *coalescedPacket) {
  2197  	if s.logger.Debug() {
  2198  		// There's a short period between dropping both Initial and Handshake keys and completion of the handshake,
  2199  		// during which we might call PackCoalescedPacket but just pack a short header packet.
  2200  		if len(packet.longHdrPackets) == 0 && packet.shortHdrPacket != nil {
  2201  			s.logShortHeaderPacket(
  2202  				packet.shortHdrPacket.DestConnID,
  2203  				packet.shortHdrPacket.Ack,
  2204  				packet.shortHdrPacket.Frames,
  2205  				packet.shortHdrPacket.StreamFrames,
  2206  				packet.shortHdrPacket.PacketNumber,
  2207  				packet.shortHdrPacket.PacketNumberLen,
  2208  				packet.shortHdrPacket.KeyPhase,
  2209  				packet.shortHdrPacket.Length,
  2210  				false,
  2211  			)
  2212  			return
  2213  		}
  2214  		if len(packet.longHdrPackets) > 1 {
  2215  			s.logger.Debugf("-> Sending coalesced packet (%d parts, %d bytes) for connection %s", len(packet.longHdrPackets), packet.buffer.Len(), s.logID)
  2216  		} else {
  2217  			s.logger.Debugf("-> Sending packet %d (%d bytes) for connection %s, %s", packet.longHdrPackets[0].header.PacketNumber, packet.buffer.Len(), s.logID, packet.longHdrPackets[0].EncryptionLevel())
  2218  		}
  2219  	}
  2220  	for _, p := range packet.longHdrPackets {
  2221  		s.logLongHeaderPacket(p)
  2222  	}
  2223  	if p := packet.shortHdrPacket; p != nil {
  2224  		s.logShortHeaderPacket(p.DestConnID, p.Ack, p.Frames, p.StreamFrames, p.PacketNumber, p.PacketNumberLen, p.KeyPhase, p.Length, true)
  2225  	}
  2226  }
  2227  
  2228  // AcceptStream returns the next stream openend by the peer
  2229  func (s *connection) AcceptStream(ctx context.Context) (Stream, error) {
  2230  	return s.streamsMap.AcceptStream(ctx)
  2231  }
  2232  
  2233  func (s *connection) AcceptUniStream(ctx context.Context) (ReceiveStream, error) {
  2234  	return s.streamsMap.AcceptUniStream(ctx)
  2235  }
  2236  
  2237  // OpenStream opens a stream
  2238  func (s *connection) OpenStream() (Stream, error) {
  2239  	return s.streamsMap.OpenStream()
  2240  }
  2241  
  2242  func (s *connection) OpenStreamSync(ctx context.Context) (Stream, error) {
  2243  	return s.streamsMap.OpenStreamSync(ctx)
  2244  }
  2245  
  2246  func (s *connection) OpenUniStream() (SendStream, error) {
  2247  	return s.streamsMap.OpenUniStream()
  2248  }
  2249  
  2250  func (s *connection) OpenUniStreamSync(ctx context.Context) (SendStream, error) {
  2251  	return s.streamsMap.OpenUniStreamSync(ctx)
  2252  }
  2253  
  2254  func (s *connection) newFlowController(id protocol.StreamID) flowcontrol.StreamFlowController {
  2255  	initialSendWindow := s.PeerParams.InitialMaxStreamDataUni
  2256  	if id.Type() == protocol.StreamTypeBidi {
  2257  		if id.InitiatedBy() == s.perspective {
  2258  			initialSendWindow = s.PeerParams.InitialMaxStreamDataBidiRemote
  2259  		} else {
  2260  			initialSendWindow = s.PeerParams.InitialMaxStreamDataBidiLocal
  2261  		}
  2262  	}
  2263  	return flowcontrol.NewStreamFlowController(
  2264  		id,
  2265  		s.connFlowController,
  2266  		protocol.ByteCount(s.config.InitialStreamReceiveWindow),
  2267  		protocol.ByteCount(s.config.MaxStreamReceiveWindow),
  2268  		initialSendWindow,
  2269  		s.onHasStreamWindowUpdate,
  2270  		s.rttStats,
  2271  		s.logger,
  2272  	)
  2273  }
  2274  
  2275  // scheduleSending signals that we have data for sending
  2276  func (s *connection) scheduleSending() {
  2277  	select {
  2278  	case s.sendingScheduled <- struct{}{}:
  2279  	default:
  2280  	}
  2281  }
  2282  
  2283  // tryQueueingUndecryptablePacket queues a packet for which we're missing the decryption keys.
  2284  // The logging.PacketType is only used for logging purposes.
  2285  func (s *connection) tryQueueingUndecryptablePacket(p receivedPacket, pt logging.PacketType) {
  2286  	if s.handshakeComplete {
  2287  		panic("shouldn't queue undecryptable packets after handshake completion")
  2288  	}
  2289  	if len(s.undecryptablePackets)+1 > protocol.MaxUndecryptablePackets {
  2290  		if s.tracer != nil {
  2291  			s.tracer.DroppedPacket(pt, p.Size(), logging.PacketDropDOSPrevention)
  2292  		}
  2293  		s.logger.Infof("Dropping undecryptable packet (%d bytes). Undecryptable packet queue full.", p.Size())
  2294  		return
  2295  	}
  2296  	s.logger.Infof("Queueing packet (%d bytes) for later decryption", p.Size())
  2297  	if s.tracer != nil {
  2298  		s.tracer.BufferedPacket(pt, p.Size())
  2299  	}
  2300  	s.undecryptablePackets = append(s.undecryptablePackets, p)
  2301  }
  2302  
  2303  func (s *connection) queueControlFrame(f wire.Frame) {
  2304  	s.framer.QueueControlFrame(f)
  2305  	s.scheduleSending()
  2306  }
  2307  
  2308  func (s *connection) onHasStreamWindowUpdate(id protocol.StreamID) {
  2309  	s.windowUpdateQueue.AddStream(id)
  2310  	s.scheduleSending()
  2311  }
  2312  
  2313  func (s *connection) onHasConnectionWindowUpdate() {
  2314  	s.windowUpdateQueue.AddConnection()
  2315  	s.scheduleSending()
  2316  }
  2317  
  2318  func (s *connection) onHasStreamData(id protocol.StreamID) {
  2319  	s.framer.AddActiveStream(id)
  2320  	s.scheduleSending()
  2321  }
  2322  
  2323  func (s *connection) onStreamCompleted(id protocol.StreamID) {
  2324  	if err := s.streamsMap.DeleteStream(id); err != nil {
  2325  		s.closeLocal(err)
  2326  	}
  2327  }
  2328  
  2329  func (s *connection) SendMessage(p []byte) error {
  2330  	if !s.supportsDatagrams() {
  2331  		return errors.New("datagram support disabled")
  2332  	}
  2333  
  2334  	f := &wire.DatagramFrame{DataLenPresent: true}
  2335  	if protocol.ByteCount(len(p)) > f.MaxDataLen(s.PeerParams.MaxDatagramFrameSize, s.version) {
  2336  		return errors.New("message too large")
  2337  	}
  2338  	f.Data = make([]byte, len(p))
  2339  	copy(f.Data, p)
  2340  	return s.datagramQueue.AddAndWait(f)
  2341  }
  2342  
  2343  func (s *connection) ReceiveMessage(ctx context.Context) ([]byte, error) {
  2344  	if !s.config.EnableDatagrams {
  2345  		return nil, errors.New("datagram support disabled")
  2346  	}
  2347  	return s.datagramQueue.Receive(ctx)
  2348  }
  2349  
  2350  func (s *connection) LocalAddr() net.Addr {
  2351  	return s.conn.LocalAddr()
  2352  }
  2353  
  2354  func (s *connection) RemoteAddr() net.Addr {
  2355  	return s.conn.RemoteAddr()
  2356  }
  2357  
  2358  func (s *connection) getPerspective() protocol.Perspective {
  2359  	return s.perspective
  2360  }
  2361  
  2362  func (s *connection) GetVersion() protocol.VersionNumber {
  2363  	return s.version
  2364  }
  2365  
  2366  func (s *connection) NextConnection() Connection {
  2367  	<-s.HandshakeComplete()
  2368  	s.streamsMap.UseResetMaps()
  2369  	return s
  2370  }
  2371  
  2372  func (s *connection) GetConnection() *connection {
  2373  	return s
  2374  }