v0.42.0

New Features

• added a qlog tracer for events that happen before / outside of established connection: #4305

Notable Changes

• added a ClientHelloInfo.AddrVerified field: #4360
• move callback controlling address verification (VerifySourceAddress) to the Transport: #4253 and #4362
• connections that are closed before being accepted are not removed from the server's accept queue: #4245
• http3: added a RoundTripOpt.CheckSettings callback to check the server's SETTINGS: #4355
• http3: send the HTTP/3 settings value for Extended CONNECT (RFC 9220): #4341
• http3: don't modify the user's quic.Config to enable QUIC datagram support: #4340

Fixes

• mitigate a memory exhaustion attack against QUIC's connection ID mechanism: #4369
• don't delay acknowledgments for packets during the handshake: #4279
• fix deadlock when closing both Listener and Transport: #4332
• fix handling of IPv4-mapped IPv6 addresses: #4309
• fix duplicate logging of the key_discarded event for Handshake packets: #4274
• send CONNECTION_REFUSED when refusing connections: #4250
• http3: tighten validation logic for the :protocol pseudo header: #4261

What's Changed

• remove shutdown method on the Connection by @marten-seemann in #4249
• send the CONNECTION_REFUSED error when refusing a connection by @marten-seemann in #4250
• don't remove closed connections from the server's accept queue by @marten-seemann in #4245
• handshake: unexport Set{Read,Write}Key methods on the cryptoSetup by @marten-seemann in #4254
• handshake: fix documentation for updatableAEAD.SetWriteKey by @putyWang in #4256
• add Transport config options to limit the number of handshakes by @marten-seemann in #4248
• remove the RequireAddressValidation callback from the Config by @marten-seemann in #4253
• fix incorrect statement about connection ID lengths in the Transport by @marten-seemann in #4247
• remove unneeded nil check for new connections in the server by @marten-seemann in #4260
• ci: update to Go 1.22rc2 by @marten-seemann in #4267
• fix flaky handshake limiting test by @marten-seemann in #4270
• http3: only use :protocol pseudo-header for Extended CONNECT by @taoso in #4261
• fix flaky accept queue test by @marten-seemann in #4280
• fix flaky handshake limiting test by @marten-seemann in #4281
• only log the discarding of Handshake keys once by @marten-seemann in #4274
• testutils: add a perspective function parameter to ComposeInitialPacket by @marten-seemann in #4276
• fix flaky outgoing streams map test by @marten-seemann in #4283
• wire: remove FrameParser interface, expose FrameParser struct by @marten-seemann in #4284
• ackhandler: remove unused RTTStats from the received packet handler by @marten-seemann in #4287
• testutils: make the package public by @marten-seemann in #4290
• ci: remove unused depguard check for qtls by @marten-seemann in #4291
• ci: make Codecov ignore testutils and testdata by @marten-seemann in #4292
• testutils: expose aliases for all frames by @marten-seemann in #4293
• ackhandler: don't delay ACKs for Initial and Handshake packets by @marten-seemann in #4288
• protocol: rename VersionNumber to Version by @marten-seemann in #4295
• wire: optimize generation of Version Negotiation packets by @marten-seemann in #4278
• protocol: don't capitalize Perspective.String by @marten-seemann in #4296
• qlog: remove unneeded mutex from the ConnectionTracer by @marten-seemann in #4299
• qlog: rename qlog.go to connection_tracer.go by @marten-seemann in #4301
• qlog: disentangle the ConnectionTracer from the qlog writer by @marten-seemann in #4300
• logging: add a Debug function to the Tracer by @marten-seemann in #4297
• logging: add a Close function to the Tracer by @marten-seemann in #4298
• don't enqueue stream when receiving reordered MAX_STREAM_DATA frames by @marten-seemann in #4269
• fix flaky 0-RTT packet drop test by @marten-seemann in #4306
• handshake: validate HKDF-Expand-Label against crypto/tls implementation by @marten-seemann in #4311
• qlog: rename generation to key_phase on key_updated and key_discarded by @marten-seemann in #4315
• README: Add frp to list of projects by @bt90 in #4316
• ci: update to Go 1.22.0 by @marten-seemann in #4312
• avoid lock contention when accepting new connections by @marten-seemann in #4313
• ci: update Codecov action to v4 by @marten-seemann in #4321
• don't preallocate the slice for STREAM frames when composing a packet by @marten-seemann in #4314
• handshake: add benchmarks for the Initial AEAD by @marten-seemann in #4320
• only check for stateless resets if packet doesn't belong to a connection by @marten-seemann in #4322
• qtls: protect the tls.ClientSessionCache implementation with a mutex by @marten-seemann in #4319
• ci: update golangci-lint to v1.56.1 and golangci-lint action to v4 by @marten-seemann in #4326
• remove unused GetVersion function from quicConn interface by @marten-seemann in #4327
• reenable previously disabled server unit test by @marten-seemann in #4328
• remove unused getPerspective function from quicConn interface by @marten-seemann in #4329
• remove unused perspective arg from packetHandlerMap.ReplaceWithClosed by @marten-seemann in #4330
• http3: don't automatically set RoundTripper.QuicConfig.EnableDatagrams by @marten-seemann in #4340
• http3: send SETTINGS_ENABLE_CONNECT_PROTOCOL (for Extended CONNECT) by @marten-seemann in #4341
• http3: reject duplicate control streams opened by the server by @marten-seemann in #4342
• http3: reject duplicate control streams opened by the client by @marten-seemann in #4344
• ci: enable Dependabot for GitHub Actions by @marten-seemann in #4343
• server: fix deadlock when closing concurrently with transport by @sukunrt in #4332
• build(deps): bump actions/upload-artifact from 3 to 4 by @dependabot in #4346
• build(deps): bump docker/build-push-action from 4 to 5 by @dependabot in #4347
• build(deps): bump docker/login-action from 2 to 3 by @dependabot in #4348
• build(deps): bump docker/setup-qemu-action from 2 to 3 by @dependabot in #4345
• build(deps): bump docker/setup-buildx-action from 2 to 3 by @dependabot in #4349
• handshake: embed the mask as an array into the aesHeaderProtector by @marten-seemann in #4324
• handshake: optimize AEAD handling for long header sealers and openers by @marten-seemann in #4323
• unmap IPv4-mapped IPv6 addresses by @thijsvandien in #4309
• docs: improve API documentation for OpenStreamSync by @wlynxg in #4352
• add a qlog tracer for events outside of QUIC connections by @marten-seemann in #4305
• remove unused ReceiveStream.CloseRemote method by @marten-seemann in #4357
• update GoMock to v0.4.0 by @marten-seemann in #4361
• add an AddrVerified field to the ClientHelloInfo by @marten-seemann in #4360
• http3: add a RoundTripOpt to check the server's SETTINGS frame by @marten-seemann in #4355
• use Transport.VerifySourceAddress to control the Retry Mechanism by @marten-seemann in #4362
• close connection when an abnormally large number of frames are queued by @marten-seemann in #4369

New Contributors

• @putyWang made their first contribution in #4256
• @taoso made their first contribution in #4261
• @thijsvandien made their first contribution in #4309
• @wlynxg made their first contribution in #4352

Full Changelog: v0.41.0...v0.42.0