vendor: Update quic and lego/acme dependencies

caddytls/client.go

@@ -240,12 +240,14 @@ func (c *ACMEClient) Obtain(name string) error {
 	for attempts := 0; attempts < 2; attempts++ {
 		namesObtaining.Add([]string{name})
 		acmeMu.Lock()
-		certificate, failures := c.acmeClient.ObtainCertificate([]string{name}, true, nil, c.config.MustStaple)
+		certificate, err := c.acmeClient.ObtainCertificate([]string{name}, true, nil, c.config.MustStaple)
 		acmeMu.Unlock()
 		namesObtaining.Remove([]string{name})
-		if len(failures) > 0 {
+		if err != nil {
 			// Error - try to fix it or report it to the user and abort
 
+			if failures, ok := err.(acme.ObtainError); ok && len(failures) > 0 {
+				// in this case, we can enumerate the error per-domain
 				var errMsg string // combine all the failures into a single error message
 				for errDomain, obtainErr := range failures {
 					if obtainErr == nil {
@@ -253,13 +255,15 @@ func (c *ACMEClient) Obtain(name string) error {
 					}
 					errMsg += fmt.Sprintf("[%s] failed to get certificate: %v\n", errDomain, obtainErr)
 				}
-
 				return errors.New(errMsg)
 			}
 
+			return fmt.Errorf("[%s] failed to obtain certificate: %v", name, err)
+		}
+
 		// double-check that we actually got a certificate; check a couple fields
 		// TODO: This is a temporary workaround for what I think is a bug in the acmev2 package (March 2018)
-		// but it might not hurt to keep this extra check in place
+		// but it might not hurt to keep this extra check in place (April 18, 2018: might be fixed now.)
 		if certificate.Domain == "" || certificate.Certificate == nil {
 			return errors.New("returned certificate was empty; probably an unchecked error obtaining it")
 		}

vendor/github.com/lucas-clemente/aes12/cipher_generic.go

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-// +build !amd64,!s390x
+// +build !amd64
 
 package aes12
 

vendor/github.com/lucas-clemente/quic-go/client.go

@@ -38,6 +38,8 @@ type client struct {
 	version        protocol.VersionNumber
 
 	session packetHandler
+
+	logger utils.Logger
 }
 
 var (
@@ -102,9 +104,10 @@ func Dial(
 		config:                 clientConfig,
 		version:                clientConfig.Versions[0],
 		versionNegotiationChan: make(chan struct{}),
+		logger:                 utils.DefaultLogger,
 	}
 
-	utils.Infof("Starting new connection to %s (%s -> %s), connectionID %x, version %s", hostname, c.conn.LocalAddr().String(), c.conn.RemoteAddr().String(), c.connectionID, c.version)
+	c.logger.Infof("Starting new connection to %s (%s -> %s), connectionID %x, version %s", hostname, c.conn.LocalAddr().String(), c.conn.RemoteAddr().String(), c.connectionID, c.version)
 
 	if err := c.dial(); err != nil {
 		return nil, err
@@ -197,7 +200,7 @@ func (c *client) dialTLS() error {
 		MaxUniStreams:               uint16(c.config.MaxIncomingUniStreams),
 	}
 	csc := handshake.NewCryptoStreamConn(nil)
-	extHandler := handshake.NewExtensionHandlerClient(params, c.initialVersion, c.config.Versions, c.version)
+	extHandler := handshake.NewExtensionHandlerClient(params, c.initialVersion, c.config.Versions, c.version, c.logger)
 	mintConf, err := tlsToMintConfig(c.tlsConf, protocol.PerspectiveClient)
 	if err != nil {
 		return err
@@ -214,7 +217,7 @@ func (c *client) dialTLS() error {
 		if err != handshake.ErrCloseSessionForRetry {
 			return err
 		}
-		utils.Infof("Received a Retry packet. Recreating session.")
+		c.logger.Infof("Received a Retry packet. Recreating session.")
 		if err := c.createNewTLSSession(extHandler.GetPeerParams(), c.version); err != nil {
 			return err
 		}
@@ -237,7 +240,7 @@ func (c *client) establishSecureConnection() error {
 	go func() {
 		runErr = c.session.run() // returns as soon as the session is closed
 		close(errorChan)
-		utils.Infof("Connection %x closed.", c.connectionID)
+		c.logger.Infof("Connection %x closed.", c.connectionID)
 		if runErr != handshake.ErrCloseSessionForRetry && runErr != errCloseSessionForNewVersion {
 			c.conn.Close()
 		}
@@ -291,7 +294,7 @@ func (c *client) handlePacket(remoteAddr net.Addr, packet []byte) {
 	r := bytes.NewReader(packet)
 	hdr, err := wire.ParseHeaderSentByServer(r, c.version)
 	if err != nil {
-		utils.Errorf("error parsing packet from %s: %s", remoteAddr.String(), err.Error())
+		c.logger.Errorf("error parsing packet from %s: %s", remoteAddr.String(), err.Error())
 		// drop this packet if we can't parse the header
 		return
 	}
@@ -314,15 +317,15 @@ func (c *client) handlePacket(remoteAddr net.Addr, packet []byte) {
 		// check if the remote address and the connection ID match
 		// otherwise this might be an attacker trying to inject a PUBLIC_RESET to kill the connection
 		if cr.Network() != remoteAddr.Network() || cr.String() != remoteAddr.String() || hdr.ConnectionID != c.connectionID {
-			utils.Infof("Received a spoofed Public Reset. Ignoring.")
+			c.logger.Infof("Received a spoofed Public Reset. Ignoring.")
 			return
 		}
 		pr, err := wire.ParsePublicReset(r)
 		if err != nil {
-			utils.Infof("Received a Public Reset. An error occurred parsing the packet: %s", err)
+			c.logger.Infof("Received a Public Reset. An error occurred parsing the packet: %s", err)
 			return
 		}
-		utils.Infof("Received Public Reset, rejected packet number: %#x.", pr.RejectedPacketNumber)
+		c.logger.Infof("Received Public Reset, rejected packet number: %#x.", pr.RejectedPacketNumber)
 		c.session.closeRemote(qerr.Error(qerr.PublicReset, fmt.Sprintf("Received a Public Reset for packet number %#x", pr.RejectedPacketNumber)))
 		return
 	}
@@ -368,7 +371,7 @@ func (c *client) handleVersionNegotiationPacket(hdr *wire.Header) error {
 		}
 	}
 
-	utils.Infof("Received a Version Negotiation Packet. Supported Versions: %s", hdr.SupportedVersions)
+	c.logger.Infof("Received a Version Negotiation Packet. Supported Versions: %s", hdr.SupportedVersions)
 
 	newVersion, ok := protocol.ChooseSupportedVersion(c.config.Versions, hdr.SupportedVersions)
 	if !ok {
@@ -385,7 +388,7 @@ func (c *client) handleVersionNegotiationPacket(hdr *wire.Header) error {
 	if err != nil {
 		return err
 	}
-	utils.Infof("Switching to QUIC version %s. New connection ID: %x", newVersion, c.connectionID)
+	c.logger.Infof("Switching to QUIC version %s. New connection ID: %x", newVersion, c.connectionID)
 	c.session.Close(errCloseSessionForNewVersion)
 	return nil
 }
@@ -402,6 +405,7 @@ func (c *client) createNewGQUICSession() (err error) {
 		c.config,
 		c.initialVersion,
 		c.negotiatedVersions,
+		c.logger,
 	)
 	return err
 }
@@ -421,6 +425,7 @@ func (c *client) createNewTLSSession(
 		c.tls,
 		paramsChan,
 		1,
+		c.logger,
 	)
 	return err
 }

vendor/github.com/lucas-clemente/quic-go/example/client/main.go

@@ -19,12 +19,14 @@ func main() {
 	flag.Parse()
 	urls := flag.Args()
 
+	logger := utils.DefaultLogger
+
 	if *verbose {
-		utils.SetLogLevel(utils.LogLevelDebug)
+		logger.SetLogLevel(utils.LogLevelDebug)
 	} else {
-		utils.SetLogLevel(utils.LogLevelInfo)
+		logger.SetLogLevel(utils.LogLevelInfo)
 	}
-	utils.SetLogTimeFormat("")
+	logger.SetLogTimeFormat("")
 
 	versions := protocol.SupportedVersions
 	if *tls {
@@ -42,21 +44,21 @@ func main() {
 	var wg sync.WaitGroup
 	wg.Add(len(urls))
 	for _, addr := range urls {
-		utils.Infof("GET %s", addr)
+		logger.Infof("GET %s", addr)
 		go func(addr string) {
 			rsp, err := hclient.Get(addr)
 			if err != nil {
 				panic(err)
 			}
-			utils.Infof("Got response for %s: %#v", addr, rsp)
+			logger.Infof("Got response for %s: %#v", addr, rsp)
 
 			body := &bytes.Buffer{}
 			_, err = io.Copy(body, rsp.Body)
 			if err != nil {
 				panic(err)
 			}
-			utils.Infof("Request Body:")
-			utils.Infof("%s", body.Bytes())
+			logger.Infof("Request Body:")
+			logger.Infof("%s", body.Bytes())
 			wg.Done()
 		}(addr)
 	}

vendor/github.com/lucas-clemente/quic-go/example/main.go

@@ -91,7 +91,7 @@ func init() {
 				}
 			}
 			if err != nil {
-				utils.Infof("Error receiving upload: %#v", err)
+				utils.DefaultLogger.Infof("Error receiving upload: %#v", err)
 			}
 		}
 		io.WriteString(w, `<html><body><form action="/demo/upload" method="post" enctype="multipart/form-data">
@@ -126,12 +126,14 @@ func main() {
 	tls := flag.Bool("tls", false, "activate support for IETF QUIC (work in progress)")
 	flag.Parse()
 
+	logger := utils.DefaultLogger
+
 	if *verbose {
-		utils.SetLogLevel(utils.LogLevelDebug)
+		logger.SetLogLevel(utils.LogLevelDebug)
 	} else {
-		utils.SetLogLevel(utils.LogLevelInfo)
+		logger.SetLogLevel(utils.LogLevelInfo)
 	}
-	utils.SetLogTimeFormat("")
+	logger.SetLogTimeFormat("")
 
 	versions := protocol.SupportedVersions
 	if *tls {

vendor/github.com/lucas-clemente/quic-go/h2quic/client.go

@@ -46,6 +46,8 @@ type client struct {
 	requestWriter *requestWriter
 
 	responses map[protocol.StreamID]chan *http.Response
+
+	logger utils.Logger
 }
 
 var _ http.RoundTripper = &client{}
@@ -75,6 +77,7 @@ func newClient(
 		opts:          opts,
 		headerErrored: make(chan struct{}),
 		dialer:        dialer,
+		logger:        utils.DefaultLogger,
 	}
 }
 
@@ -95,7 +98,7 @@ func (c *client) dial() error {
 	if err != nil {
 		return err
 	}
-	c.requestWriter = newRequestWriter(c.headerStream)
+	c.requestWriter = newRequestWriter(c.headerStream, c.logger)
 	go c.handleHeaderStream()
 	return nil
 }
@@ -109,7 +112,7 @@ func (c *client) handleHeaderStream() {
 		err = c.readResponse(h2framer, decoder)
 	}
 	if quicErr, ok := err.(*qerr.QuicError); !ok || quicErr.ErrorCode != qerr.PeerGoingAway {
-		utils.Debugf("Error handling header stream: %s", err)
+		c.logger.Debugf("Error handling header stream: %s", err)
 	}
 	c.headerErr = qerr.Error(qerr.InvalidHeadersStreamData, err.Error())
 	// stop all running request

vendor/github.com/lucas-clemente/quic-go/h2quic/request_writer.go

@@ -23,13 +23,16 @@ type requestWriter struct {
 
 	henc *hpack.Encoder
 	hbuf bytes.Buffer // HPACK encoder writes into this
+
+	logger utils.Logger
 }
 
 const defaultUserAgent = "quic-go"
 
-func newRequestWriter(headerStream quic.Stream) *requestWriter {
+func newRequestWriter(headerStream quic.Stream, logger utils.Logger) *requestWriter {
 	rw := &requestWriter{
 		headerStream: headerStream,
+		logger:       logger,
 	}
 	rw.henc = hpack.NewEncoder(&rw.hbuf)
 	return rw
@@ -156,7 +159,7 @@ func (w *requestWriter) encodeHeaders(req *http.Request, addGzipHeader bool, tra
 }
 
 func (w *requestWriter) writeHeader(name, value string) {
-	utils.Debugf("http2: Transport encoding header %q = %q", name, value)
+	w.logger.Debugf("http2: Transport encoding header %q = %q", name, value)
 	w.henc.WriteField(hpack.HeaderField{Name: name, Value: value})
 }
 

vendor/github.com/lucas-clemente/quic-go/h2quic/response_writer.go

@@ -24,15 +24,24 @@ type responseWriter struct {
 	header        http.Header
 	status        int // status code passed to WriteHeader
 	headerWritten bool
+
+	logger utils.Logger
 }
 
-func newResponseWriter(headerStream quic.Stream, headerStreamMutex *sync.Mutex, dataStream quic.Stream, dataStreamID protocol.StreamID) *responseWriter {
+func newResponseWriter(
+	headerStream quic.Stream,
+	headerStreamMutex *sync.Mutex,
+	dataStream quic.Stream,
+	dataStreamID protocol.StreamID,
+	logger utils.Logger,
+) *responseWriter {
 	return &responseWriter{
 		header:            http.Header{},
 		headerStream:      headerStream,
 		headerStreamMutex: headerStreamMutex,
 		dataStream:        dataStream,
 		dataStreamID:      dataStreamID,
+		logger:            logger,
 	}
 }
 
@@ -57,7 +66,7 @@ func (w *responseWriter) WriteHeader(status int) {
 		}
 	}
 
-	utils.Infof("Responding with %d", status)
+	w.logger.Infof("Responding with %d", status)
 	w.headerStreamMutex.Lock()
 	defer w.headerStreamMutex.Unlock()
 	h2framer := http2.NewFramer(w.headerStream, nil)
@@ -67,7 +76,7 @@ func (w *responseWriter) WriteHeader(status int) {
 		BlockFragment: headers.Bytes(),
 	})
 	if err != nil {
-		utils.Errorf("could not write h2 header: %s", err.Error())
+		w.logger.Errorf("could not write h2 header: %s", err.Error())
 	}
 }
 

vendor/github.com/lucas-clemente/quic-go/h2quic/server.go

@@ -53,6 +53,8 @@ type Server struct {
 	closed        bool
 
 	supportedVersionsAsString string
+
+	logger utils.Logger // will be set by Server.serveImpl()
 }
 
 // ListenAndServe listens on the UDP address s.Addr and calls s.Handler to handle HTTP/2 requests on incoming connections.
@@ -88,6 +90,7 @@ func (s *Server) serveImpl(tlsConfig *tls.Config, conn net.PacketConn) error {
 	if s.Server == nil {
 		return errors.New("use of h2quic.Server without http.Server")
 	}
+	s.logger = utils.DefaultLogger
 	s.listenerMutex.Lock()
 	if s.closed {
 		s.listenerMutex.Unlock()
@@ -138,7 +141,7 @@ func (s *Server) handleHeaderStream(session streamCreator) {
 			// In this case, the session has already logged the error, so we don't
 			// need to log it again.
 			if _, ok := err.(*qerr.QuicError); !ok {
-				utils.Errorf("error handling h2 request: %s", err.Error())
+				s.logger.Errorf("error handling h2 request: %s", err.Error())
 			}
 			session.Close(err)
 			return
@@ -160,7 +163,7 @@ func (s *Server) handleRequest(session streamCreator, headerStream quic.Stream,
 	}
 	headers, err := hpackDecoder.DecodeFull(h2headersFrame.HeaderBlockFragment())
 	if err != nil {
-		utils.Errorf("invalid http2 headers encoding: %s", err.Error())
+		s.logger.Errorf("invalid http2 headers encoding: %s", err.Error())
 		return err
 	}
 
@@ -169,10 +172,10 @@ func (s *Server) handleRequest(session streamCreator, headerStream quic.Stream,
 		return err
 	}
 
-	if utils.Debug() {
-		utils.Infof("%s %s%s, on data stream %d", req.Method, req.Host, req.RequestURI, h2headersFrame.StreamID)
+	if s.logger.Debug() {
+		s.logger.Infof("%s %s%s, on data stream %d", req.Method, req.Host, req.RequestURI, h2headersFrame.StreamID)
 	} else {
-		utils.Infof("%s %s%s", req.Method, req.Host, req.RequestURI)
+		s.logger.Infof("%s %s%s", req.Method, req.Host, req.RequestURI)
 	}
 
 	dataStream, err := session.GetOrOpenStream(protocol.StreamID(h2headersFrame.StreamID))
@@ -201,7 +204,7 @@ func (s *Server) handleRequest(session streamCreator, headerStream quic.Stream,
 
 		req.RemoteAddr = session.RemoteAddr().String()
 
-		responseWriter := newResponseWriter(headerStream, headerStreamMutex, dataStream, protocol.StreamID(h2headersFrame.StreamID))
+		responseWriter := newResponseWriter(headerStream, headerStreamMutex, dataStream, protocol.StreamID(h2headersFrame.StreamID), s.logger)
 
 		handler := s.Handler
 		if handler == nil {
@@ -215,7 +218,7 @@ func (s *Server) handleRequest(session streamCreator, headerStream quic.Stream,
 					const size = 64 << 10
 					buf := make([]byte, size)
 					buf = buf[:runtime.Stack(buf, false)]
-					utils.Errorf("http: panic serving: %v\n%s", p, buf)
+					s.logger.Errorf("http: panic serving: %v\n%s", p, buf)
 					panicked = true
 				}
 			}()

vendor/github.com/lucas-clemente/quic-go/integrationtests/tools/proxy/proxy.go

@@ -95,6 +95,8 @@ type QuicProxy struct {
 
 	// Mapping from client addresses (as host:port) to connection
 	clientDict map[string]*connection
+
+	logger utils.Logger
 }
 
 // NewQuicProxy creates a new UDP proxy
@@ -132,9 +134,10 @@ func NewQuicProxy(local string, version protocol.VersionNumber, opts *Opts) (*Qu
 		dropPacket:  packetDropper,
 		delayPacket: packetDelayer,
 		version:     version,
+		logger:      utils.DefaultLogger,
 	}
 
-	utils.Debugf("Starting UDP Proxy %s <-> %s", conn.LocalAddr(), raddr)
+	p.logger.Debugf("Starting UDP Proxy %s <-> %s", conn.LocalAddr(), raddr)
 	go p.runProxy()
 	return &p, nil
 }
@@ -200,8 +203,8 @@ func (p *QuicProxy) runProxy() error {
 		packetCount := atomic.AddUint64(&conn.incomingPacketCounter, 1)
 
 		if p.dropPacket(DirectionIncoming, packetCount) {
-			if utils.Debug() {
-				utils.Debugf("dropping incoming packet %d (%d bytes)", packetCount, n)
+			if p.logger.Debug() {
+				p.logger.Debugf("dropping incoming packet %d (%d bytes)", packetCount, n)
 			}
 			continue
 		}
@@ -209,16 +212,16 @@ func (p *QuicProxy) runProxy() error {
 		// Send the packet to the server
 		delay := p.delayPacket(DirectionIncoming, packetCount)
 		if delay != 0 {
-			if utils.Debug() {
-				utils.Debugf("delaying incoming packet %d (%d bytes) to %s by %s", packetCount, n, conn.ServerConn.RemoteAddr(), delay)
+			if p.logger.Debug() {
+				p.logger.Debugf("delaying incoming packet %d (%d bytes) to %s by %s", packetCount, n, conn.ServerConn.RemoteAddr(), delay)
 			}
 			time.AfterFunc(delay, func() {
 				// TODO: handle error
 				_, _ = conn.ServerConn.Write(raw)
 			})
 		} else {
-			if utils.Debug() {
-				utils.Debugf("forwarding incoming packet %d (%d bytes) to %s", packetCount, n, conn.ServerConn.RemoteAddr())
+			if p.logger.Debug() {
+				p.logger.Debugf("forwarding incoming packet %d (%d bytes) to %s", packetCount, n, conn.ServerConn.RemoteAddr())
 			}
 			if _, err := conn.ServerConn.Write(raw); err != nil {
 				return err
@@ -240,24 +243,24 @@ func (p *QuicProxy) runConnection(conn *connection) error {
 		packetCount := atomic.AddUint64(&conn.outgoingPacketCounter, 1)
 
 		if p.dropPacket(DirectionOutgoing, packetCount) {
-			if utils.Debug() {
-				utils.Debugf("dropping outgoing packet %d (%d bytes)", packetCount, n)
+			if p.logger.Debug() {
+				p.logger.Debugf("dropping outgoing packet %d (%d bytes)", packetCount, n)
 			}
 			continue
 		}
 
 		delay := p.delayPacket(DirectionOutgoing, packetCount)
 		if delay != 0 {
-			if utils.Debug() {
-				utils.Debugf("delaying outgoing packet %d (%d bytes) to %s by %s", packetCount, n, conn.ClientAddr, delay)
+			if p.logger.Debug() {
+				p.logger.Debugf("delaying outgoing packet %d (%d bytes) to %s by %s", packetCount, n, conn.ClientAddr, delay)
 			}
 			time.AfterFunc(delay, func() {
 				// TODO: handle error
 				_, _ = p.conn.WriteToUDP(raw, conn.ClientAddr)
 			})
 		} else {
-			if utils.Debug() {
-				utils.Debugf("forwarding outgoing packet %d (%d bytes) to %s", packetCount, n, conn.ClientAddr)
+			if p.logger.Debug() {
+				p.logger.Debugf("forwarding outgoing packet %d (%d bytes) to %s", packetCount, n, conn.ClientAddr)
 			}
 			if _, err := p.conn.WriteToUDP(raw, conn.ClientAddr); err != nil {
 				return err

vendor/github.com/lucas-clemente/quic-go/integrationtests/tools/testlog/testlog.go

@@ -30,7 +30,7 @@ var _ = BeforeEach(func() {
 		logFile, err = os.Create(logFileName)
 		Expect(err).ToNot(HaveOccurred())
 		log.SetOutput(logFile)
-		utils.SetLogLevel(utils.LogLevelDebug)
+		utils.DefaultLogger.SetLogLevel(utils.LogLevelDebug)
 	}
 })
 

vendor/github.com/lucas-clemente/quic-go/interface.go

@@ -16,6 +16,9 @@ type StreamID = protocol.StreamID
 // A VersionNumber is a QUIC version number.
 type VersionNumber = protocol.VersionNumber
 
+// VersionGQUIC39 is gQUIC version 39.
+const VersionGQUIC39 = protocol.Version39
+
 // A Cookie can be used to verify the ownership of the client address.
 type Cookie = handshake.Cookie
 
@@ -118,6 +121,8 @@ type Session interface {
 	AcceptUniStream() (ReceiveStream, error)
 	// OpenStream opens a new bidirectional QUIC stream.
 	// It returns a special error when the peer's concurrent stream limit is reached.
+	// There is no signaling to the peer about new streams:
+	// The peer can only accept the stream after data has been sent on the stream.
 	// TODO(#1152): Enable testing for the special error
 	OpenStream() (Stream, error)
 	// OpenStreamSync opens a new bidirectional QUIC stream.

vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/gen.go

+package ackhandler
+
+//go:generate genny -pkg ackhandler -in ../utils/linkedlist/linkedlist.go -out packet_linkedlist.go gen Item=Packet

vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/packet.go

@@ -8,35 +8,22 @@ import (
 )
 
 // A Packet is a packet
-// +gen linkedlist
 type Packet struct {
 	PacketNumber    protocol.PacketNumber
 	PacketType      protocol.PacketType
 	Frames          []wire.Frame
 	Length          protocol.ByteCount
 	EncryptionLevel protocol.EncryptionLevel
+	SendTime        time.Time
 
 	largestAcked protocol.PacketNumber // if the packet contains an ACK, the LargestAcked value of that ACK
-	sendTime     time.Time
 
-	queuedForRetransmission bool
+	// There are two reasons why a packet cannot be retransmitted:
+	// * it was already retransmitted
+	// * this packet is a retransmission, and we already received an ACK for the original packet
+	canBeRetransmitted      bool
 	includedInBytesInFlight bool
 	retransmittedAs         []protocol.PacketNumber
 	isRetransmission        bool // we need a separate bool here because 0 is a valid packet number
 	retransmissionOf        protocol.PacketNumber
 }
-
-// GetFramesForRetransmission gets all the frames for retransmission
-func (p *Packet) GetFramesForRetransmission() []wire.Frame {
-	var fs []wire.Frame
-	for _, frame := range p.Frames {
-		switch frame.(type) {
-		case *wire.AckFrame:
-			continue
-		case *wire.StopWaitingFrame:
-			continue
-		}
-		fs = append(fs, frame)
-	}
-	return fs
-}

vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/packet_linkedlist.go

-// Generated by: main
-// TypeWriter: linkedlist
-// Directive: +gen on Packet
+// This file was automatically generated by genny.
+// Any changes will be lost if this file is regenerated.
+// see https://github.com/cheekybits/genny
 
 package ackhandler
 
-// List is a modification of http://golang.org/pkg/container/list/
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// Linked list implementation from the Go standard library.
 
 // PacketElement is an element of a linked list.
 type PacketElement struct {
@@ -41,8 +38,7 @@ func (e *PacketElement) Prev() *PacketElement {
 	return nil
 }
 
-// PacketList represents a doubly linked list.
-// The zero value for PacketList is an empty list ready to use.
+// PacketList is a linked list of Packets.
 type PacketList struct {
 	root PacketElement // sentinel list element, only &root, root.prev, and root.next are used
 	len  int           // current list length excluding (this) sentinel element
@@ -63,7 +59,7 @@ func NewPacketList() *PacketList { return new(PacketList).Init() }
 // The complexity is O(1).
 func (l *PacketList) Len() int { return l.len }
 
-// Front returns the first element of list l or nil.
+// Front returns the first element of list l or nil if the list is empty.
 func (l *PacketList) Front() *PacketElement {
 	if l.len == 0 {
 		return nil
@@ -71,7 +67,7 @@ func (l *PacketList) Front() *PacketElement {
 	return l.root.next
 }
 
-// Back returns the last element of list l or nil.
+// Back returns the last element of list l or nil if the list is empty.
 func (l *PacketList) Back() *PacketElement {
 	if l.len == 0 {
 		return nil
@@ -79,7 +75,7 @@ func (l *PacketList) Back() *PacketElement {
 	return l.root.prev
 }
 
-// lazyInit lazily initializes a zero PacketList value.
+// lazyInit lazily initializes a zero List value.
 func (l *PacketList) lazyInit() {
 	if l.root.next == nil {
 		l.Init()
@@ -98,7 +94,7 @@ func (l *PacketList) insert(e, at *PacketElement) *PacketElement {
 	return e
 }
 
-// insertValue is a convenience wrapper for insert(&PacketElement{Value: v}, at).
+// insertValue is a convenience wrapper for insert(&Element{Value: v}, at).
 func (l *PacketList) insertValue(v Packet, at *PacketElement) *PacketElement {
 	return l.insert(&PacketElement{Value: v}, at)
 }
@@ -116,10 +112,11 @@ func (l *PacketList) remove(e *PacketElement) *PacketElement {
 
 // Remove removes e from l if e is an element of list l.
 // It returns the element value e.Value.
+// The element must not be nil.
 func (l *PacketList) Remove(e *PacketElement) Packet {
 	if e.list == l {
 		// if e.list == l, l must have been initialized when e was inserted
-		// in l or l == nil (e is a zero PacketElement) and l.remove will crash
+		// in l or l == nil (e is a zero Element) and l.remove will crash
 		l.remove(e)
 	}
 	return e.Value
@@ -139,46 +136,51 @@ func (l *PacketList) PushBack(v Packet) *PacketElement {
 
 // InsertBefore inserts a new element e with value v immediately before mark and returns e.
 // If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
 func (l *PacketList) InsertBefore(v Packet, mark *PacketElement) *PacketElement {
 	if mark.list != l {
 		return nil
 	}
-	// see comment in PacketList.Remove about initialization of l
+	// see comment in List.Remove about initialization of l
 	return l.insertValue(v, mark.prev)
 }
 
 // InsertAfter inserts a new element e with value v immediately after mark and returns e.
 // If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
 func (l *PacketList) InsertAfter(v Packet, mark *PacketElement) *PacketElement {
 	if mark.list != l {
 		return nil
 	}
-	// see comment in PacketList.Remove about initialization of l
+	// see comment in List.Remove about initialization of l
 	return l.insertValue(v, mark)
 }
 
 // MoveToFront moves element e to the front of list l.
 // If e is not an element of l, the list is not modified.
+// The element must not be nil.
 func (l *PacketList) MoveToFront(e *PacketElement) {
 	if e.list != l || l.root.next == e {
 		return
 	}
-	// see comment in PacketList.Remove about initialization of l
+	// see comment in List.Remove about initialization of l
 	l.insert(l.remove(e), &l.root)
 }
 
 // MoveToBack moves element e to the back of list l.
 // If e is not an element of l, the list is not modified.
+// The element must not be nil.
 func (l *PacketList) MoveToBack(e *PacketElement) {
 	if e.list != l || l.root.prev == e {
 		return
 	}
-	// see comment in PacketList.Remove about initialization of l
+	// see comment in List.Remove about initialization of l
 	l.insert(l.remove(e), l.root.prev)
 }
 
 // MoveBefore moves element e to its new position before mark.
 // If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
 func (l *PacketList) MoveBefore(e, mark *PacketElement) {
 	if e.list != l || e == mark || mark.list != l {
 		return
@@ -187,7 +189,8 @@ func (l *PacketList) MoveBefore(e, mark *PacketElement) {
 }
 
 // MoveAfter moves element e to its new position after mark.
-// If e is not an element of l, or e == mark, the list is not modified.
+// If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
 func (l *PacketList) MoveAfter(e, mark *PacketElement) {
 	if e.list != l || e == mark || mark.list != l {
 		return
@@ -196,7 +199,7 @@ func (l *PacketList) MoveAfter(e, mark *PacketElement) {
 }
 
 // PushBackList inserts a copy of an other list at the back of list l.
-// The lists l and other may be the same.
+// The lists l and other may be the same. They must not be nil.
 func (l *PacketList) PushBackList(other *PacketList) {
 	l.lazyInit()
 	for i, e := other.Len(), other.Front(); i > 0; i, e = i-1, e.Next() {
@@ -205,7 +208,7 @@ func (l *PacketList) PushBackList(other *PacketList) {
 }
 
 // PushFrontList inserts a copy of an other list at the front of list l.
-// The lists l and other may be the same.
+// The lists l and other may be the same. They must not be nil.
 func (l *PacketList) PushFrontList(other *PacketList) {
 	l.lazyInit()
 	for i, e := other.Len(), other.Back(); i > 0; i, e = i-1, e.Prev() {

vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/send_mode.go

@@ -12,6 +12,8 @@ const (
 	SendAck
 	// SendRetransmission means that retransmissions should be sent
 	SendRetransmission
+	// SendRTO means that an RTO probe packet should be sent
+	SendRTO
 	// SendAny packet should be sent
 	SendAny
 )
@@ -24,6 +26,8 @@ func (s SendMode) String() string {
 		return "ack"
 	case SendRetransmission:
 		return "retransmission"
+	case SendRTO:
+		return "rto"
 	case SendAny:
 		return "any"
 	default:

vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/sent_packet_history.go

@@ -87,26 +87,23 @@ func (h *sentPacketHistory) FirstOutstanding() *Packet {
 
 // QueuePacketForRetransmission marks a packet for retransmission.
 // A packet can only be queued once.
-func (h *sentPacketHistory) QueuePacketForRetransmission(pn protocol.PacketNumber) (*Packet, error) {
+func (h *sentPacketHistory) MarkCannotBeRetransmitted(pn protocol.PacketNumber) error {
 	el, ok := h.packetMap[pn]
 	if !ok {
-		return nil, fmt.Errorf("sent packet history: packet %d not found", pn)
+		return fmt.Errorf("sent packet history: packet %d not found", pn)
 	}
-	if el.Value.queuedForRetransmission {
-		return nil, fmt.Errorf("sent packet history BUG: packet %d already queued for retransmission", pn)
-	}
-	el.Value.queuedForRetransmission = true
+	el.Value.canBeRetransmitted = false
 	if el == h.firstOutstanding {
 		h.readjustFirstOutstanding()
 	}
-	return &el.Value, nil
+	return nil
 }
 
 // readjustFirstOutstanding readjusts the pointer to the first outstanding packet.
 // This is necessary every time the first outstanding packet is deleted or retransmitted.
 func (h *sentPacketHistory) readjustFirstOutstanding() {
 	el := h.firstOutstanding.Next()
-	for el != nil && el.Value.queuedForRetransmission {
+	for el != nil && !el.Value.canBeRetransmitted {
 		el = el.Next()
 	}
 	h.firstOutstanding = el

vendor/github.com/lucas-clemente/quic-go/internal/congestion/cubic_sender.go

@@ -292,11 +292,3 @@ func (c *cubicSender) OnConnectionMigration() {
 func (c *cubicSender) SetSlowStartLargeReduction(enabled bool) {
 	c.slowStartLargeReduction = enabled
 }
-
-// RetransmissionDelay gives the time to retransmission
-func (c *cubicSender) RetransmissionDelay() time.Duration {
-	if c.rttStats.SmoothedRTT() == 0 {
-		return 0
-	}
-	return c.rttStats.SmoothedRTT() + c.rttStats.MeanDeviation()*4
-}

vendor/github.com/lucas-clemente/quic-go/internal/congestion/interface.go

@@ -17,7 +17,6 @@ type SendAlgorithm interface {
 	SetNumEmulatedConnections(n int)
 	OnRetransmissionTimeout(packetsRetransmitted bool)
 	OnConnectionMigration()
-	RetransmissionDelay() time.Duration
 
 	// Experiments
 	SetSlowStartLargeReduction(enabled bool)

vendor/github.com/lucas-clemente/quic-go/internal/congestion/rtt_stats.go

@@ -84,7 +84,6 @@ func (r *RTTStats) SetRecentMinRTTwindow(recentMinRTTwindow time.Duration) {
 // UpdateRTT updates the RTT based on a new sample.
 func (r *RTTStats) UpdateRTT(sendDelta, ackDelay time.Duration, now time.Time) {
 	if sendDelta == utils.InfDuration || sendDelta <= 0 {
-		utils.Debugf("Ignoring measured sendDelta, because it's is either infinite, zero, or negative: %d", sendDelta/time.Microsecond)
 		return
 	}
 

vendor/github.com/lucas-clemente/quic-go/internal/crypto/curve_25519.go

@@ -21,10 +21,6 @@ func NewCurve25519KEX() (KeyExchange, error) {
 	if _, err := rand.Read(c.secret[:]); err != nil {
 		return nil, errors.New("Curve25519: could not create private key")
 	}
-	// See https://cr.yp.to/ecdh.html
-	c.secret[0] &= 248
-	c.secret[31] &= 127
-	c.secret[31] |= 64
 	curve25519.ScalarBaseMult(&c.public, &c.secret)
 	return c, nil
 }

vendor/github.com/lucas-clemente/quic-go/internal/crypto/key_derivation.go

@@ -20,9 +20,7 @@ type TLSExporter interface {
 }
 
 func qhkdfExpand(secret []byte, label string, length int) []byte {
-	// The last byte should be 0x0.
-	// Since Go initializes the slice to 0, we don't need to set it explicitly.
-	qlabel := make([]byte, 2+1+5+len(label)+1)
+	qlabel := make([]byte, 2+1+5+len(label))
 	binary.BigEndian.PutUint16(qlabel[0:2], uint16(length))
 	qlabel[2] = uint8(5 + len(label))
 	copy(qlabel[3:], []byte("QUIC "+label))

vendor/github.com/lucas-clemente/quic-go/internal/crypto/null_aead_aesgcm.go

@@ -8,7 +8,7 @@ import (
 	"github.com/lucas-clemente/quic-go/internal/protocol"
 )
 
-var quicVersion1Salt = []byte{0xaf, 0xc8, 0x24, 0xec, 0x5f, 0xc7, 0x7e, 0xca, 0x1e, 0x9d, 0x36, 0xf3, 0x7f, 0xb2, 0xd4, 0x65, 0x18, 0xc3, 0x66, 0x39}
+var quicVersion1Salt = []byte{0x9c, 0x10, 0x8f, 0x98, 0x52, 0x0a, 0x5c, 0x5c, 0x32, 0x96, 0x8e, 0x95, 0x0e, 0x8a, 0x2c, 0x5f, 0xe0, 0x6d, 0x6c, 0x38}
 
 func newNullAEADAESGCM(connectionID protocol.ConnectionID, pers protocol.Perspective) (AEAD, error) {
 	clientSecret, serverSecret := computeSecrets(connectionID)

vendor/github.com/lucas-clemente/quic-go/internal/crypto/null_aead_fnv128a.go

 package crypto
 
 import (
-	"encoding/binary"
+	"bytes"
 	"errors"
+	"fmt"
+	"hash/fnv"
 
-	"github.com/lucas-clemente/fnv128a"
 	"github.com/lucas-clemente/quic-go/internal/protocol"
 )
 
@@ -21,7 +22,7 @@ func (n *nullAEADFNV128a) Open(dst, src []byte, packetNumber protocol.PacketNumb
 		return nil, errors.New("NullAEAD: ciphertext cannot be less than 12 bytes long")
 	}
 
-	hash := fnv128a.New()
+	hash := fnv.New128a()
 	hash.Write(associatedData)
 	hash.Write(src[12:])
 	if n.perspective == protocol.PerspectiveServer {
@@ -29,13 +30,13 @@ func (n *nullAEADFNV128a) Open(dst, src []byte, packetNumber protocol.PacketNumb
 	} else {
 		hash.Write([]byte("Server"))
 	}
-	testHigh, testLow := hash.Sum128()
+	sum := make([]byte, 0, 16)
+	sum = hash.Sum(sum)
+	// The tag is written in little endian, so we need to reverse the slice.
+	reverse(sum)
 
-	low := binary.LittleEndian.Uint64(src)
-	high := binary.LittleEndian.Uint32(src[8:])
-
-	if uint32(testHigh&0xffffffff) != high || testLow != low {
-		return nil, errors.New("NullAEAD: failed to authenticate received data")
+	if !bytes.Equal(sum[:12], src[:12]) {
+		return nil, fmt.Errorf("NullAEAD: failed to authenticate received data (%#v vs %#v)", sum[:12], src[:12])
 	}
 	return src[12:], nil
 }
@@ -48,7 +49,7 @@ func (n *nullAEADFNV128a) Seal(dst, src []byte, packetNumber protocol.PacketNumb
 		dst = dst[:12+len(src)]
 	}
 
-	hash := fnv128a.New()
+	hash := fnv.New128a()
 	hash.Write(associatedData)
 	hash.Write(src)
 
@@ -57,15 +58,22 @@ func (n *nullAEADFNV128a) Seal(dst, src []byte, packetNumber protocol.PacketNumb
 	} else {
 		hash.Write([]byte("Client"))
 	}
-
-	high, low := hash.Sum128()
+	sum := make([]byte, 0, 16)
+	sum = hash.Sum(sum)
+	// The tag is written in little endian, so we need to reverse the slice.
+	reverse(sum)
 
 	copy(dst[12:], src)
-	binary.LittleEndian.PutUint64(dst, low)
-	binary.LittleEndian.PutUint32(dst[8:], uint32(high))
+	copy(dst, sum[:12])
 	return dst
 }
 
 func (n *nullAEADFNV128a) Overhead() int {
 	return 12
 }
+
+func reverse(a []byte) {
+	for left, right := 0, len(a)-1; left < right; left, right = left+1, right-1 {
+		a[left], a[right] = a[right], a[left]
+	}
+}

vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/base_flow_controller.go

@@ -25,6 +25,8 @@ type baseFlowController struct {
 	epochStartTime   time.Time
 	epochStartOffset protocol.ByteCount
 	rttStats         *congestion.RTTStats
+
+	logger utils.Logger
 }
 
 func (c *baseFlowController) AddBytesSent(n protocol.ByteCount) {

vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/connection_flow_controller.go

@@ -22,6 +22,7 @@ func NewConnectionFlowController(
 	receiveWindow protocol.ByteCount,
 	maxReceiveWindow protocol.ByteCount,
 	rttStats *congestion.RTTStats,
+	logger utils.Logger,
 ) ConnectionFlowController {
 	return &connectionFlowController{
 		baseFlowController: baseFlowController{
@@ -29,6 +30,7 @@ func NewConnectionFlowController(
 			receiveWindow:        receiveWindow,
 			receiveWindowSize:    receiveWindow,
 			maxReceiveWindowSize: maxReceiveWindow,
+			logger:               logger,
 		},
 	}
 }
@@ -65,7 +67,7 @@ func (c *connectionFlowController) GetWindowUpdate() protocol.ByteCount {
 	oldWindowSize := c.receiveWindowSize
 	offset := c.baseFlowController.getWindowUpdate()
 	if oldWindowSize < c.receiveWindowSize {
-		utils.Debugf("Increasing receive flow control window for the connection to %d kB", c.receiveWindowSize/(1<<10))
+		c.logger.Debugf("Increasing receive flow control window for the connection to %d kB", c.receiveWindowSize/(1<<10))
 	}
 	c.mutex.Unlock()
 	return offset

vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/stream_flow_controller.go

@@ -31,6 +31,7 @@ func NewStreamFlowController(
 	maxReceiveWindow protocol.ByteCount,
 	initialSendWindow protocol.ByteCount,
 	rttStats *congestion.RTTStats,
+	logger utils.Logger,
 ) StreamFlowController {
 	return &streamFlowController{
 		streamID:                streamID,
@@ -42,6 +43,7 @@ func NewStreamFlowController(
 			receiveWindowSize:    receiveWindow,
 			maxReceiveWindowSize: maxReceiveWindow,
 			sendWindow:           initialSendWindow,
+			logger:               logger,
 		},
 	}
 }
@@ -137,7 +139,7 @@ func (c *streamFlowController) GetWindowUpdate() protocol.ByteCount {
 	oldWindowSize := c.receiveWindowSize
 	offset := c.baseFlowController.getWindowUpdate()
 	if c.receiveWindowSize > oldWindowSize { // auto-tuning enlarged the window size
-		utils.Debugf("Increasing receive flow control window for the connection to %d kB", c.receiveWindowSize/(1<<10))
+		c.logger.Debugf("Increasing receive flow control window for the connection to %d kB", c.receiveWindowSize/(1<<10))
 		if c.contributesToConnection {
 			c.connection.EnsureMinimumWindowSize(protocol.ByteCount(float64(c.receiveWindowSize) * protocol.ConnectionFlowControlMultiplier))
 		}

vendor/github.com/lucas-clemente/quic-go/internal/handshake/cookie_handler.go

@@ -12,14 +12,15 @@ import (
 // By including the cookie in its ClientHello, a client can proof ownership of its source address.
 type CookieHandler struct {
 	callback        func(net.Addr, *Cookie) bool
-
 	cookieGenerator *CookieGenerator
+
+	logger utils.Logger
 }
 
 var _ mint.CookieHandler = &CookieHandler{}
 
 // NewCookieHandler creates a new CookieHandler.
-func NewCookieHandler(callback func(net.Addr, *Cookie) bool) (*CookieHandler, error) {
+func NewCookieHandler(callback func(net.Addr, *Cookie) bool, logger utils.Logger) (*CookieHandler, error) {
 	cookieGenerator, err := NewCookieGenerator()
 	if err != nil {
 		return nil, err
@@ -27,6 +28,7 @@ func NewCookieHandler(callback func(net.Addr, *Cookie) bool) (*CookieHandler, er
 	return &CookieHandler{
 		callback:        callback,
 		cookieGenerator: cookieGenerator,
+		logger:          logger,
 	}, nil
 }
 
@@ -42,7 +44,7 @@ func (h *CookieHandler) Generate(conn *mint.Conn) ([]byte, error) {
 func (h *CookieHandler) Validate(conn *mint.Conn, token []byte) bool {
 	data, err := h.cookieGenerator.DecodeToken(token)
 	if err != nil {
-		utils.Debugf("Couldn't decode cookie from %s: %s", conn.RemoteAddr(), err.Error())
+		h.logger.Debugf("Couldn't decode cookie from %s: %s", conn.RemoteAddr(), err.Error())
 		return false
 	}
 	return h.callback(conn.RemoteAddr(), data)

vendor/github.com/lucas-clemente/quic-go/internal/handshake/crypto_setup_client.go

@@ -38,13 +38,12 @@ type cryptoSetupClient struct {
 	lastSentCHLO     []byte
 	certManager      crypto.CertManager
 
-	divNonceChan         chan []byte
+	divNonceChan         <-chan []byte
 	diversificationNonce []byte
 
 	clientHelloCounter int
 	serverVerified     bool // has the certificate chain and the proof already been verified
 	keyDerivation      QuicCryptoKeyDerivationFunction
-	keyExchange        KeyExchangeFunction
 
 	receivedSecurePacket bool
 	nullAEAD             crypto.AEAD
@@ -55,6 +54,8 @@ type cryptoSetupClient struct {
 	handshakeEvent chan<- struct{}
 
 	params *TransportParameters
+
+	logger utils.Logger
 }
 
 var _ CryptoSetup = &cryptoSetupClient{}
@@ -77,12 +78,14 @@ func NewCryptoSetupClient(
 	handshakeEvent chan<- struct{},
 	initialVersion protocol.VersionNumber,
 	negotiatedVersions []protocol.VersionNumber,
-) (CryptoSetup, error) {
+	logger utils.Logger,
+) (CryptoSetup, chan<- []byte, error) {
 	nullAEAD, err := crypto.NewNullAEAD(protocol.PerspectiveClient, connID, version)
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}
-	return &cryptoSetupClient{
+	divNonceChan := make(chan []byte)
+	cs := &cryptoSetupClient{
 		cryptoStream:       cryptoStream,
 		hostname:           hostname,
 		connID:             connID,
@@ -90,14 +93,15 @@ func NewCryptoSetupClient(
 		certManager:        crypto.NewCertManager(tlsConfig),
 		params:             params,
 		keyDerivation:      crypto.DeriveQuicCryptoAESKeys,
-		keyExchange:        getEphermalKEX,
 		nullAEAD:           nullAEAD,
 		paramsChan:         paramsChan,
 		handshakeEvent:     handshakeEvent,
 		initialVersion:     initialVersion,
 		negotiatedVersions: negotiatedVersions,
-		divNonceChan:       make(chan []byte),
-	}, nil
+		divNonceChan:       divNonceChan,
+		logger:             logger,
+	}
+	return cs, divNonceChan, nil
 }
 
 func (h *cryptoSetupClient) HandleCryptoStream() error {
@@ -146,7 +150,7 @@ func (h *cryptoSetupClient) HandleCryptoStream() error {
 			return err
 		}
 
-		utils.Debugf("Got %s", message)
+		h.logger.Debugf("Got %s", message)
 		switch message.Tag {
 		case TagREJ:
 			if err := h.handleREJMessage(message.Data); err != nil {
@@ -211,7 +215,7 @@ func (h *cryptoSetupClient) handleREJMessage(cryptoData map[Tag][]byte) error {
 
 		err = h.certManager.Verify(h.hostname)
 		if err != nil {
-			utils.Infof("Certificate validation failed: %s", err.Error())
+			h.logger.Infof("Certificate validation failed: %s", err.Error())
 			return qerr.ProofInvalid
 		}
 	}
@@ -219,7 +223,7 @@ func (h *cryptoSetupClient) handleREJMessage(cryptoData map[Tag][]byte) error {
 	if h.serverConfig != nil && len(h.proof) != 0 && h.certManager.GetLeafCert() != nil {
 		validProof := h.certManager.VerifyServerProof(h.proof, h.chloForSignature, h.serverConfig.Get())
 		if !validProof {
-			utils.Infof("Server proof verification failed")
+			h.logger.Infof("Server proof verification failed")
 			return qerr.ProofInvalid
 		}
 
@@ -373,14 +377,6 @@ func (h *cryptoSetupClient) GetSealerWithEncryptionLevel(encLevel protocol.Encry
 	return nil, errors.New("CryptoSetupClient: no encryption level specified")
 }
 
-func (h *cryptoSetupClient) DiversificationNonce() []byte {
-	panic("not needed for cryptoSetupClient")
-}
-
-func (h *cryptoSetupClient) SetDiversificationNonce(data []byte) {
-	h.divNonceChan <- data
-}
-
 func (h *cryptoSetupClient) ConnectionState() ConnectionState {
 	h.mutex.Lock()
 	defer h.mutex.Unlock()
@@ -408,7 +404,7 @@ func (h *cryptoSetupClient) sendCHLO() error {
 		Data: tags,
 	}
 
-	utils.Debugf("Sending %s", message)
+	h.logger.Debugf("Sending %s", message)
 	message.Write(b)
 
 	_, err = h.cryptoStream.Write(b.Bytes())

vendor/github.com/lucas-clemente/quic-go/internal/handshake/crypto_setup_server.go

@@ -19,7 +19,7 @@ import (
 type QuicCryptoKeyDerivationFunction func(forwardSecure bool, sharedSecret, nonces []byte, connID protocol.ConnectionID, chlo []byte, scfg []byte, cert []byte, divNonce []byte, pers protocol.Perspective) (crypto.AEAD, error)
 
 // KeyExchangeFunction is used to make a new KEX
-type KeyExchangeFunction func() crypto.KeyExchange
+type KeyExchangeFunction func() (crypto.KeyExchange, error)
 
 // The CryptoSetupServer handles all things crypto for the Session
 type cryptoSetupServer struct {
@@ -54,6 +54,8 @@ type cryptoSetupServer struct {
 	params *TransportParameters
 
 	sni string // need to fill out the ConnectionState
+
+	logger utils.Logger
 }
 
 var _ CryptoSetup = &cryptoSetupServer{}
@@ -73,12 +75,14 @@ func NewCryptoSetup(
 	connID protocol.ConnectionID,
 	remoteAddr net.Addr,
 	version protocol.VersionNumber,
+	divNonce []byte,
 	scfg *ServerConfig,
 	params *TransportParameters,
 	supportedVersions []protocol.VersionNumber,
 	acceptSTK func(net.Addr, *Cookie) bool,
 	paramsChan chan<- TransportParameters,
 	handshakeEvent chan<- struct{},
+	logger utils.Logger,
 ) (CryptoSetup, error) {
 	nullAEAD, err := crypto.NewNullAEAD(protocol.PerspectiveServer, connID, version)
 	if err != nil {
@@ -90,6 +94,7 @@ func NewCryptoSetup(
 		remoteAddr:           remoteAddr,
 		version:              version,
 		supportedVersions:    supportedVersions,
+		diversificationNonce: divNonce,
 		scfg:                 scfg,
 		keyDerivation:        crypto.DeriveQuicCryptoAESKeys,
 		keyExchange:          getEphermalKEX,
@@ -99,6 +104,7 @@ func NewCryptoSetup(
 		sentSHLO:             make(chan struct{}),
 		paramsChan:           paramsChan,
 		handshakeEvent:       handshakeEvent,
+		logger:               logger,
 	}, nil
 }
 
@@ -114,7 +120,7 @@ func (h *cryptoSetupServer) HandleCryptoStream() error {
 			return qerr.InvalidCryptoMessageType
 		}
 
-		utils.Debugf("Got %s", message)
+		h.logger.Debugf("Got %s", message)
 		done, err := h.handleMessage(chloData.Bytes(), message.Data)
 		if err != nil {
 			return err
@@ -297,7 +303,7 @@ func (h *cryptoSetupServer) isInchoateCHLO(cryptoData map[Tag][]byte, cert []byt
 func (h *cryptoSetupServer) acceptSTK(token []byte) bool {
 	stk, err := h.scfg.cookieGenerator.DecodeToken(token)
 	if err != nil {
-		utils.Debugf("STK invalid: %s", err.Error())
+		h.logger.Debugf("STK invalid: %s", err.Error())
 		return false
 	}
 	return h.acceptSTKCallback(h.remoteAddr, stk)
@@ -340,7 +346,7 @@ func (h *cryptoSetupServer) handleInchoateCHLO(sni string, chlo []byte, cryptoDa
 
 	var serverReply bytes.Buffer
 	message.Write(&serverReply)
-	utils.Debugf("Sending %s", message)
+	h.logger.Debugf("Sending %s", message)
 	return serverReply.Bytes(), nil
 }
 
@@ -364,11 +370,6 @@ func (h *cryptoSetupServer) handleCHLO(sni string, data []byte, cryptoData map[T
 		return nil, err
 	}
 
-	h.diversificationNonce = make([]byte, 32)
-	if _, err = rand.Read(h.diversificationNonce); err != nil {
-		return nil, err
-	}
-
 	clientNonce := cryptoData[TagNONC]
 	err = h.validateClientNonce(clientNonce)
 	if err != nil {
@@ -405,7 +406,10 @@ func (h *cryptoSetupServer) handleCHLO(sni string, data []byte, cryptoData map[T
 	var fsNonce bytes.Buffer
 	fsNonce.Write(clientNonce)
 	fsNonce.Write(serverNonce)
-	ephermalKex := h.keyExchange()
+	ephermalKex, err := h.keyExchange()
+	if err != nil {
+		return nil, err
+	}
 	ephermalSharedSecret, err := ephermalKex.CalculateSharedKey(cryptoData[TagPUBS])
 	if err != nil {
 		return nil, err
@@ -443,19 +447,10 @@ func (h *cryptoSetupServer) handleCHLO(sni string, data []byte, cryptoData map[T
 	}
 	var reply bytes.Buffer
 	message.Write(&reply)
-	utils.Debugf("Sending %s", message)
+	h.logger.Debugf("Sending %s", message)
 	return reply.Bytes(), nil
 }
 
-// DiversificationNonce returns the diversification nonce
-func (h *cryptoSetupServer) DiversificationNonce() []byte {
-	return h.diversificationNonce
-}
-
-func (h *cryptoSetupServer) SetDiversificationNonce(data []byte) {
-	panic("not needed for cryptoSetupServer")
-}
-
 func (h *cryptoSetupServer) ConnectionState() ConnectionState {
 	h.mutex.Lock()
 	defer h.mutex.Unlock()

vendor/github.com/lucas-clemente/quic-go/internal/handshake/crypto_setup_tls.go

@@ -31,6 +31,8 @@ type cryptoSetupTLS struct {
 	handshakeEvent chan<- struct{}
 }
 
+var _ CryptoSetupTLS = &cryptoSetupTLS{}
+
 // NewCryptoSetupTLSServer creates a new TLS CryptoSetup instance for a server
 func NewCryptoSetupTLSServer(
 	tls MintTLS,
@@ -38,7 +40,7 @@ func NewCryptoSetupTLSServer(
 	nullAEAD crypto.AEAD,
 	handshakeEvent chan<- struct{},
 	version protocol.VersionNumber,
-) CryptoSetup {
+) CryptoSetupTLS {
 	return &cryptoSetupTLS{
 		tls:            tls,
 		cryptoStream:   cryptoStream,
@@ -57,7 +59,7 @@ func NewCryptoSetupTLSClient(
 	handshakeEvent chan<- struct{},
 	tls MintTLS,
 	version protocol.VersionNumber,
-) (CryptoSetup, error) {
+) (CryptoSetupTLS, error) {
 	nullAEAD, err := crypto.NewNullAEAD(protocol.PerspectiveClient, connID, version)
 	if err != nil {
 		return nil, err
@@ -107,22 +109,18 @@ handshakeLoop:
 	return nil
 }
 
-func (h *cryptoSetupTLS) Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error) {
+func (h *cryptoSetupTLS) OpenHandshake(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error) {
+	return h.nullAEAD.Open(dst, src, packetNumber, associatedData)
+}
+
+func (h *cryptoSetupTLS) Open1RTT(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error) {
 	h.mutex.RLock()
 	defer h.mutex.RUnlock()
 
-	if h.aead != nil {
-		data, err := h.aead.Open(dst, src, packetNumber, associatedData)
-		if err != nil {
-			return nil, protocol.EncryptionUnspecified, err
-		}
-		return data, protocol.EncryptionForwardSecure, nil
-	}
-	data, err := h.nullAEAD.Open(dst, src, packetNumber, associatedData)
-	if err != nil {
-		return nil, protocol.EncryptionUnspecified, err
+	if h.aead == nil {
+		return nil, errors.New("no 1-RTT sealer")
 	}
-	return data, protocol.EncryptionUnencrypted, nil
+	return h.aead.Open(dst, src, packetNumber, associatedData)
 }
 
 func (h *cryptoSetupTLS) GetSealer() (protocol.EncryptionLevel, Sealer) {
@@ -157,14 +155,6 @@ func (h *cryptoSetupTLS) GetSealerForCryptoStream() (protocol.EncryptionLevel, S
 	return protocol.EncryptionUnencrypted, h.nullAEAD
 }
 
-func (h *cryptoSetupTLS) DiversificationNonce() []byte {
-	panic("diversification nonce not needed for TLS")
-}
-
-func (h *cryptoSetupTLS) SetDiversificationNonce([]byte) {
-	panic("diversification nonce not needed for TLS")
-}
-
 func (h *cryptoSetupTLS) ConnectionState() ConnectionState {
 	h.mutex.Lock()
 	defer h.mutex.Unlock()

vendor/github.com/lucas-clemente/quic-go/internal/handshake/ephermal_cache.go

@@ -6,7 +6,6 @@ import (
 
 	"github.com/lucas-clemente/quic-go/internal/crypto"
 	"github.com/lucas-clemente/quic-go/internal/protocol"
-	"github.com/lucas-clemente/quic-go/internal/utils"
 )
 
 var (
@@ -24,13 +23,13 @@ var (
 // used for all connections for 60 seconds is negligible. Thus we can amortise
 // the Diffie-Hellman key generation at the server over all the connections in a
 // small time span.
-func getEphermalKEX() (res crypto.KeyExchange) {
+func getEphermalKEX() (crypto.KeyExchange, error) {
 	kexMutex.RLock()
-	res = kexCurrent
+	res := kexCurrent
 	t := kexCurrentTime
 	kexMutex.RUnlock()
 	if res != nil && time.Since(t) < kexLifetime {
-		return res
+		return res, nil
 	}
 
 	kexMutex.Lock()
@@ -39,12 +38,11 @@ func getEphermalKEX() (res crypto.KeyExchange) {
 	if kexCurrent == nil || time.Since(kexCurrentTime) > kexLifetime {
 		kex, err := crypto.NewCurve25519KEX()
 		if err != nil {
-			utils.Errorf("could not set KEX: %s", err.Error())
-			return kexCurrent
+			return nil, err
 		}
 		kexCurrent = kex
 		kexCurrentTime = time.Now()
-		return kexCurrent
+		return kexCurrent, nil
 	}
-	return kexCurrent
+	return kexCurrent, nil
 }

vendor/github.com/lucas-clemente/quic-go/internal/handshake/interface.go

@@ -35,13 +35,8 @@ type MintTLS interface {
 	SetCryptoStream(io.ReadWriter)
 }
 
-// CryptoSetup is a crypto setup
-type CryptoSetup interface {
-	Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error)
+type baseCryptoSetup interface {
 	HandleCryptoStream() error
-	// TODO: clean up this interface
-	DiversificationNonce() []byte   // only needed for cryptoSetupServer
-	SetDiversificationNonce([]byte) // only needed for cryptoSetupClient
 	ConnectionState() ConnectionState
 
 	GetSealer() (protocol.EncryptionLevel, Sealer)
@@ -49,6 +44,21 @@ type CryptoSetup interface {
 	GetSealerForCryptoStream() (protocol.EncryptionLevel, Sealer)
 }
 
+// CryptoSetup is the crypto setup used by gQUIC
+type CryptoSetup interface {
+	baseCryptoSetup
+
+	Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error)
+}
+
+// CryptoSetupTLS is the crypto setup used by IETF QUIC
+type CryptoSetupTLS interface {
+	baseCryptoSetup
+
+	OpenHandshake(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error)
+	Open1RTT(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error)
+}
+
 // ConnectionState records basic details about the QUIC connection.
 // Warning: This API should not be considered stable and might change soon.
 type ConnectionState struct {

vendor/github.com/lucas-clemente/quic-go/internal/handshake/tls_extension_handler_client.go

@@ -19,6 +19,8 @@ type extensionHandlerClient struct {
 	initialVersion    protocol.VersionNumber
 	supportedVersions []protocol.VersionNumber
 	version           protocol.VersionNumber
+
+	logger utils.Logger
 }
 
 var _ mint.AppExtensionHandler = &extensionHandlerClient{}
@@ -30,6 +32,7 @@ func NewExtensionHandlerClient(
 	initialVersion protocol.VersionNumber,
 	supportedVersions []protocol.VersionNumber,
 	version protocol.VersionNumber,
+	logger utils.Logger,
 ) TLSExtensionHandler {
 	// The client reads the transport parameters from the Encrypted Extensions message.
 	// The paramsChan is used in the session's run loop's select statement.
@@ -41,6 +44,7 @@ func NewExtensionHandlerClient(
 		initialVersion:    initialVersion,
 		supportedVersions: supportedVersions,
 		version:           version,
+		logger:            logger,
 	}
 }
 
@@ -49,7 +53,7 @@ func (h *extensionHandlerClient) Send(hType mint.HandshakeType, el *mint.Extensi
 		return nil
 	}
 
-	utils.Debugf("Sending Transport Parameters: %s", h.ourParams)
+	h.logger.Debugf("Sending Transport Parameters: %s", h.ourParams)
 	data, err := syntax.Marshal(clientHelloTransportParameters{
 		InitialVersion: uint32(h.initialVersion),
 		Parameters:     h.ourParams.getTransportParameters(),
@@ -122,7 +126,7 @@ func (h *extensionHandlerClient) Receive(hType mint.HandshakeType, el *mint.Exte
 	if err != nil {
 		return err
 	}
-	utils.Debugf("Received Transport Parameters: %s", params)
+	h.logger.Debugf("Received Transport Parameters: %s", params)
 	h.paramsChan <- *params
 	return nil
 }

vendor/github.com/lucas-clemente/quic-go/internal/handshake/tls_extension_handler_server.go

@@ -19,6 +19,8 @@ type extensionHandlerServer struct {
 
 	version           protocol.VersionNumber
 	supportedVersions []protocol.VersionNumber
+
+	logger utils.Logger
 }
 
 var _ mint.AppExtensionHandler = &extensionHandlerServer{}
@@ -29,6 +31,7 @@ func NewExtensionHandlerServer(
 	params *TransportParameters,
 	supportedVersions []protocol.VersionNumber,
 	version protocol.VersionNumber,
+	logger utils.Logger,
 ) TLSExtensionHandler {
 	// Processing the ClientHello is performed statelessly (and from a single go-routine).
 	// Therefore, we have to use a buffered chan to pass the transport parameters to that go routine.
@@ -38,6 +41,7 @@ func NewExtensionHandlerServer(
 		paramsChan:        paramsChan,
 		supportedVersions: supportedVersions,
 		version:           version,
+		logger:            logger,
 	}
 }
 
@@ -56,7 +60,7 @@ func (h *extensionHandlerServer) Send(hType mint.HandshakeType, el *mint.Extensi
 	for i, v := range supportedVersions {
 		versions[i] = uint32(v)
 	}
-	utils.Debugf("Sending Transport Parameters: %s", h.ourParams)
+	h.logger.Debugf("Sending Transport Parameters: %s", h.ourParams)
 	data, err := syntax.Marshal(encryptedExtensionsTransportParameters{
 		NegotiatedVersion: uint32(h.version),
 		SupportedVersions: versions,
@@ -108,7 +112,7 @@ func (h *extensionHandlerServer) Receive(hType mint.HandshakeType, el *mint.Exte
 	if err != nil {
 		return err
 	}
-	utils.Debugf("Received Transport Parameters: %s", params)
+	h.logger.Debugf("Received Transport Parameters: %s", params)
 	h.paramsChan <- *params
 	return nil
 }

vendor/github.com/lucas-clemente/quic-go/internal/mocks/congestion.go

@@ -109,18 +109,6 @@ func (mr *MockSendAlgorithmMockRecorder) OnRetransmissionTimeout(arg0 interface{
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "OnRetransmissionTimeout", reflect.TypeOf((*MockSendAlgorithm)(nil).OnRetransmissionTimeout), arg0)
 }
 
-// RetransmissionDelay mocks base method
-func (m *MockSendAlgorithm) RetransmissionDelay() time.Duration {
-	ret := m.ctrl.Call(m, "RetransmissionDelay")
-	ret0, _ := ret[0].(time.Duration)
-	return ret0
-}
-
-// RetransmissionDelay indicates an expected call of RetransmissionDelay
-func (mr *MockSendAlgorithmMockRecorder) RetransmissionDelay() *gomock.Call {
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RetransmissionDelay", reflect.TypeOf((*MockSendAlgorithm)(nil).RetransmissionDelay))
-}
-
 // SetNumEmulatedConnections mocks base method
 func (m *MockSendAlgorithm) SetNumEmulatedConnections(arg0 int) {
 	m.ctrl.Call(m, "SetNumEmulatedConnections", arg0)

vendor/github.com/lucas-clemente/quic-go/internal/utils/byteinterval_linkedlist.go

-// Generated by: main
-// TypeWriter: linkedlist
-// Directive: +gen on ByteInterval
+// This file was automatically generated by genny.
+// Any changes will be lost if this file is regenerated.
+// see https://github.com/cheekybits/genny
 
 package utils
 
-// List is a modification of http://golang.org/pkg/container/list/
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// Linked list implementation from the Go standard library.
 
 // ByteIntervalElement is an element of a linked list.
 type ByteIntervalElement struct {
@@ -41,8 +38,7 @@ func (e *ByteIntervalElement) Prev() *ByteIntervalElement {
 	return nil
 }
 
-// ByteIntervalList represents a doubly linked list.
-// The zero value for ByteIntervalList is an empty list ready to use.
+// ByteIntervalList is a linked list of ByteIntervals.
 type ByteIntervalList struct {
 	root ByteIntervalElement // sentinel list element, only &root, root.prev, and root.next are used
 	len  int                 // current list length excluding (this) sentinel element
@@ -63,7 +59,7 @@ func NewByteIntervalList() *ByteIntervalList { return new(ByteIntervalList).Init
 // The complexity is O(1).
 func (l *ByteIntervalList) Len() int { return l.len }
 
-// Front returns the first element of list l or nil.
+// Front returns the first element of list l or nil if the list is empty.
 func (l *ByteIntervalList) Front() *ByteIntervalElement {
 	if l.len == 0 {
 		return nil
@@ -71,7 +67,7 @@ func (l *ByteIntervalList) Front() *ByteIntervalElement {
 	return l.root.next
 }
 
-// Back returns the last element of list l or nil.
+// Back returns the last element of list l or nil if the list is empty.
 func (l *ByteIntervalList) Back() *ByteIntervalElement {
 	if l.len == 0 {
 		return nil
@@ -79,7 +75,7 @@ func (l *ByteIntervalList) Back() *ByteIntervalElement {
 	return l.root.prev
 }
 
-// lazyInit lazily initializes a zero ByteIntervalList value.
+// lazyInit lazily initializes a zero List value.
 func (l *ByteIntervalList) lazyInit() {
 	if l.root.next == nil {
 		l.Init()
@@ -98,7 +94,7 @@ func (l *ByteIntervalList) insert(e, at *ByteIntervalElement) *ByteIntervalEleme
 	return e
 }
 
-// insertValue is a convenience wrapper for insert(&ByteIntervalElement{Value: v}, at).
+// insertValue is a convenience wrapper for insert(&Element{Value: v}, at).
 func (l *ByteIntervalList) insertValue(v ByteInterval, at *ByteIntervalElement) *ByteIntervalElement {
 	return l.insert(&ByteIntervalElement{Value: v}, at)
 }
@@ -116,10 +112,11 @@ func (l *ByteIntervalList) remove(e *ByteIntervalElement) *ByteIntervalElement {
 
 // Remove removes e from l if e is an element of list l.
 // It returns the element value e.Value.
+// The element must not be nil.
 func (l *ByteIntervalList) Remove(e *ByteIntervalElement) ByteInterval {
 	if e.list == l {
 		// if e.list == l, l must have been initialized when e was inserted
-		// in l or l == nil (e is a zero ByteIntervalElement) and l.remove will crash
+		// in l or l == nil (e is a zero Element) and l.remove will crash
 		l.remove(e)
 	}
 	return e.Value
@@ -139,46 +136,51 @@ func (l *ByteIntervalList) PushBack(v ByteInterval) *ByteIntervalElement {
 
 // InsertBefore inserts a new element e with value v immediately before mark and returns e.
 // If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
 func (l *ByteIntervalList) InsertBefore(v ByteInterval, mark *ByteIntervalElement) *ByteIntervalElement {
 	if mark.list != l {
 		return nil
 	}
-	// see comment in ByteIntervalList.Remove about initialization of l
+	// see comment in List.Remove about initialization of l
 	return l.insertValue(v, mark.prev)
 }
 
 // InsertAfter inserts a new element e with value v immediately after mark and returns e.
 // If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
 func (l *ByteIntervalList) InsertAfter(v ByteInterval, mark *ByteIntervalElement) *ByteIntervalElement {
 	if mark.list != l {
 		return nil
 	}
-	// see comment in ByteIntervalList.Remove about initialization of l
+	// see comment in List.Remove about initialization of l
 	return l.insertValue(v, mark)
 }
 
 // MoveToFront moves element e to the front of list l.
 // If e is not an element of l, the list is not modified.
+// The element must not be nil.
 func (l *ByteIntervalList) MoveToFront(e *ByteIntervalElement) {
 	if e.list != l || l.root.next == e {
 		return
 	}
-	// see comment in ByteIntervalList.Remove about initialization of l
+	// see comment in List.Remove about initialization of l
 	l.insert(l.remove(e), &l.root)
 }
 
 // MoveToBack moves element e to the back of list l.
 // If e is not an element of l, the list is not modified.
+// The element must not be nil.
 func (l *ByteIntervalList) MoveToBack(e *ByteIntervalElement) {
 	if e.list != l || l.root.prev == e {
 		return
 	}
-	// see comment in ByteIntervalList.Remove about initialization of l
+	// see comment in List.Remove about initialization of l
 	l.insert(l.remove(e), l.root.prev)
 }
 
 // MoveBefore moves element e to its new position before mark.
 // If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
 func (l *ByteIntervalList) MoveBefore(e, mark *ByteIntervalElement) {
 	if e.list != l || e == mark || mark.list != l {
 		return
@@ -187,7 +189,8 @@ func (l *ByteIntervalList) MoveBefore(e, mark *ByteIntervalElement) {
 }
 
 // MoveAfter moves element e to its new position after mark.
-// If e is not an element of l, or e == mark, the list is not modified.
+// If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
 func (l *ByteIntervalList) MoveAfter(e, mark *ByteIntervalElement) {
 	if e.list != l || e == mark || mark.list != l {
 		return
@@ -196,7 +199,7 @@ func (l *ByteIntervalList) MoveAfter(e, mark *ByteIntervalElement) {
 }
 
 // PushBackList inserts a copy of an other list at the back of list l.
-// The lists l and other may be the same.
+// The lists l and other may be the same. They must not be nil.
 func (l *ByteIntervalList) PushBackList(other *ByteIntervalList) {
 	l.lazyInit()
 	for i, e := other.Len(), other.Front(); i > 0; i, e = i-1, e.Next() {
@@ -205,7 +208,7 @@ func (l *ByteIntervalList) PushBackList(other *ByteIntervalList) {
 }
 
 // PushFrontList inserts a copy of an other list at the front of list l.
-// The lists l and other may be the same.
+// The lists l and other may be the same. They must not be nil.
 func (l *ByteIntervalList) PushFrontList(other *ByteIntervalList) {
 	l.lazyInit()
 	for i, e := other.Len(), other.Back(); i > 0; i, e = i-1, e.Prev() {

vendor/github.com/lucas-clemente/quic-go/internal/utils/gen.go

+package utils
+
+//go:generate genny -pkg utils -in linkedlist/linkedlist.go -out byteinterval_linkedlist.go gen Item=ByteInterval
+//go:generate genny -pkg utils -in linkedlist/linkedlist.go -out packetinterval_linkedlist.go gen Item=PacketInterval

vendor/github.com/lucas-clemente/quic-go/internal/utils/linkedlist/linkedlist.go

+package linkedlist
+
+import "github.com/cheekybits/genny/generic"
+
+// Linked list implementation from the Go standard library.
+
+// Item is a generic type.
+type Item generic.Type
+
+// ItemElement is an element of a linked list.
+type ItemElement struct {
+	// Next and previous pointers in the doubly-linked list of elements.
+	// To simplify the implementation, internally a list l is implemented
+	// as a ring, such that &l.root is both the next element of the last
+	// list element (l.Back()) and the previous element of the first list
+	// element (l.Front()).
+	next, prev *ItemElement
+
+	// The list to which this element belongs.
+	list *ItemList
+
+	// The value stored with this element.
+	Value Item
+}
+
+// Next returns the next list element or nil.
+func (e *ItemElement) Next() *ItemElement {
+	if p := e.next; e.list != nil && p != &e.list.root {
+		return p
+	}
+	return nil
+}
+
+// Prev returns the previous list element or nil.
+func (e *ItemElement) Prev() *ItemElement {
+	if p := e.prev; e.list != nil && p != &e.list.root {
+		return p
+	}
+	return nil
+}
+
+// ItemList is a linked list of Items.
+type ItemList struct {
+	root ItemElement // sentinel list element, only &root, root.prev, and root.next are used
+	len  int         // current list length excluding (this) sentinel element
+}
+
+// Init initializes or clears list l.
+func (l *ItemList) Init() *ItemList {
+	l.root.next = &l.root
+	l.root.prev = &l.root
+	l.len = 0
+	return l
+}
+
+// NewItemList returns an initialized list.
+func NewItemList() *ItemList { return new(ItemList).Init() }
+
+// Len returns the number of elements of list l.
+// The complexity is O(1).
+func (l *ItemList) Len() int { return l.len }
+
+// Front returns the first element of list l or nil if the list is empty.
+func (l *ItemList) Front() *ItemElement {
+	if l.len == 0 {
+		return nil
+	}
+	return l.root.next
+}
+
+// Back returns the last element of list l or nil if the list is empty.
+func (l *ItemList) Back() *ItemElement {
+	if l.len == 0 {
+		return nil
+	}
+	return l.root.prev
+}
+
+// lazyInit lazily initializes a zero List value.
+func (l *ItemList) lazyInit() {
+	if l.root.next == nil {
+		l.Init()
+	}
+}
+
+// insert inserts e after at, increments l.len, and returns e.
+func (l *ItemList) insert(e, at *ItemElement) *ItemElement {
+	n := at.next
+	at.next = e
+	e.prev = at
+	e.next = n
+	n.prev = e
+	e.list = l
+	l.len++
+	return e
+}
+
+// insertValue is a convenience wrapper for insert(&Element{Value: v}, at).
+func (l *ItemList) insertValue(v Item, at *ItemElement) *ItemElement {
+	return l.insert(&ItemElement{Value: v}, at)
+}
+
+// remove removes e from its list, decrements l.len, and returns e.
+func (l *ItemList) remove(e *ItemElement) *ItemElement {
+	e.prev.next = e.next
+	e.next.prev = e.prev
+	e.next = nil // avoid memory leaks
+	e.prev = nil // avoid memory leaks
+	e.list = nil
+	l.len--
+	return e
+}
+
+// Remove removes e from l if e is an element of list l.
+// It returns the element value e.Value.
+// The element must not be nil.
+func (l *ItemList) Remove(e *ItemElement) Item {
+	if e.list == l {
+		// if e.list == l, l must have been initialized when e was inserted
+		// in l or l == nil (e is a zero Element) and l.remove will crash
+		l.remove(e)
+	}
+	return e.Value
+}
+
+// PushFront inserts a new element e with value v at the front of list l and returns e.
+func (l *ItemList) PushFront(v Item) *ItemElement {
+	l.lazyInit()
+	return l.insertValue(v, &l.root)
+}
+
+// PushBack inserts a new element e with value v at the back of list l and returns e.
+func (l *ItemList) PushBack(v Item) *ItemElement {
+	l.lazyInit()
+	return l.insertValue(v, l.root.prev)
+}
+
+// InsertBefore inserts a new element e with value v immediately before mark and returns e.
+// If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
+func (l *ItemList) InsertBefore(v Item, mark *ItemElement) *ItemElement {
+	if mark.list != l {
+		return nil
+	}
+	// see comment in List.Remove about initialization of l
+	return l.insertValue(v, mark.prev)
+}
+
+// InsertAfter inserts a new element e with value v immediately after mark and returns e.
+// If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
+func (l *ItemList) InsertAfter(v Item, mark *ItemElement) *ItemElement {
+	if mark.list != l {
+		return nil
+	}
+	// see comment in List.Remove about initialization of l
+	return l.insertValue(v, mark)
+}
+
+// MoveToFront moves element e to the front of list l.
+// If e is not an element of l, the list is not modified.
+// The element must not be nil.
+func (l *ItemList) MoveToFront(e *ItemElement) {
+	if e.list != l || l.root.next == e {
+		return
+	}
+	// see comment in List.Remove about initialization of l
+	l.insert(l.remove(e), &l.root)
+}
+
+// MoveToBack moves element e to the back of list l.
+// If e is not an element of l, the list is not modified.
+// The element must not be nil.
+func (l *ItemList) MoveToBack(e *ItemElement) {
+	if e.list != l || l.root.prev == e {
+		return
+	}
+	// see comment in List.Remove about initialization of l
+	l.insert(l.remove(e), l.root.prev)
+}
+
+// MoveBefore moves element e to its new position before mark.
+// If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
+func (l *ItemList) MoveBefore(e, mark *ItemElement) {
+	if e.list != l || e == mark || mark.list != l {
+		return
+	}
+	l.insert(l.remove(e), mark.prev)
+}
+
+// MoveAfter moves element e to its new position after mark.
+// If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
+func (l *ItemList) MoveAfter(e, mark *ItemElement) {
+	if e.list != l || e == mark || mark.list != l {
+		return
+	}
+	l.insert(l.remove(e), mark)
+}
+
+// PushBackList inserts a copy of an other list at the back of list l.
+// The lists l and other may be the same. They must not be nil.
+func (l *ItemList) PushBackList(other *ItemList) {
+	l.lazyInit()
+	for i, e := other.Len(), other.Front(); i > 0; i, e = i-1, e.Next() {
+		l.insertValue(e.Value, l.root.prev)
+	}
+}
+
+// PushFrontList inserts a copy of an other list at the front of list l.
+// The lists l and other may be the same. They must not be nil.
+func (l *ItemList) PushFrontList(other *ItemList) {
+	l.lazyInit()
+	for i, e := other.Len(), other.Back(); i > 0; i, e = i-1, e.Prev() {
+		l.insertValue(e.Value, &l.root)
+	}
+}

vendor/github.com/lucas-clemente/quic-go/internal/utils/log.go

@@ -11,8 +11,6 @@ import (
 // LogLevel of quic-go
 type LogLevel uint8
 
-const logEnv = "QUIC_GO_LOG_LEVEL"
-
 const (
 	// LogLevelNothing disables
 	LogLevelNothing LogLevel = iota
@@ -24,72 +22,92 @@ const (
 	LogLevelDebug
 )
 
-var (
-	logLevel   = LogLevelNothing
-	timeFormat = ""
-)
+const logEnv = "QUIC_GO_LOG_LEVEL"
+
+// A Logger logs.
+type Logger interface {
+	SetLogLevel(LogLevel)
+	SetLogTimeFormat(format string)
+	Debug() bool
+
+	Errorf(format string, args ...interface{})
+	Infof(format string, args ...interface{})
+	Debugf(format string, args ...interface{})
+}
+
+// DefaultLogger is used by quic-go for logging.
+var DefaultLogger Logger
+
+type defaultLogger struct {
+	logLevel   LogLevel
+	timeFormat string
+}
+
+var _ Logger = &defaultLogger{}
 
 // SetLogLevel sets the log level
-func SetLogLevel(level LogLevel) {
-	logLevel = level
+func (l *defaultLogger) SetLogLevel(level LogLevel) {
+	l.logLevel = level
 }
 
 // SetLogTimeFormat sets the format of the timestamp
 // an empty string disables the logging of timestamps
-func SetLogTimeFormat(format string) {
+func (l *defaultLogger) SetLogTimeFormat(format string) {
 	log.SetFlags(0) // disable timestamp logging done by the log package
-	timeFormat = format
+	l.timeFormat = format
 }
 
 // Debugf logs something
-func Debugf(format string, args ...interface{}) {
-	if logLevel == LogLevelDebug {
-		logMessage(format, args...)
+func (l *defaultLogger) Debugf(format string, args ...interface{}) {
+	if l.logLevel == LogLevelDebug {
+		l.logMessage(format, args...)
 	}
 }
 
 // Infof logs something
-func Infof(format string, args ...interface{}) {
-	if logLevel >= LogLevelInfo {
-		logMessage(format, args...)
+func (l *defaultLogger) Infof(format string, args ...interface{}) {
+	if l.logLevel >= LogLevelInfo {
+		l.logMessage(format, args...)
 	}
 }
 
 // Errorf logs something
-func Errorf(format string, args ...interface{}) {
-	if logLevel >= LogLevelError {
-		logMessage(format, args...)
+func (l *defaultLogger) Errorf(format string, args ...interface{}) {
+	if l.logLevel >= LogLevelError {
+		l.logMessage(format, args...)
 	}
 }
 
-func logMessage(format string, args ...interface{}) {
-	if len(timeFormat) > 0 {
-		log.Printf(time.Now().Format(timeFormat)+" "+format, args...)
+func (l *defaultLogger) logMessage(format string, args ...interface{}) {
+	if len(l.timeFormat) > 0 {
+		log.Printf(time.Now().Format(l.timeFormat)+" "+format, args...)
 	} else {
 		log.Printf(format, args...)
 	}
 }
 
 // Debug returns true if the log level is LogLevelDebug
-func Debug() bool {
-	return logLevel == LogLevelDebug
+func (l *defaultLogger) Debug() bool {
+	return l.logLevel == LogLevelDebug
 }
 
 func init() {
-	readLoggingEnv()
+	DefaultLogger = &defaultLogger{}
+	DefaultLogger.SetLogLevel(readLoggingEnv())
 }
 
-func readLoggingEnv() {
+func readLoggingEnv() LogLevel {
 	switch strings.ToLower(os.Getenv(logEnv)) {
 	case "":
-		return
+		return LogLevelNothing
 	case "debug":
-		logLevel = LogLevelDebug
+		return LogLevelDebug
 	case "info":
-		logLevel = LogLevelInfo
+		return LogLevelInfo
 	case "error":
-		logLevel = LogLevelError
+		return LogLevelError
 	default:
 		fmt.Fprintln(os.Stderr, "invalid quic-go log level, see https://github.com/lucas-clemente/quic-go/wiki/Logging")
+		return LogLevelNothing
 	}
 }

vendor/github.com/lucas-clemente/quic-go/internal/utils/packet_interval.go

@@ -3,7 +3,6 @@ package utils
 import "github.com/lucas-clemente/quic-go/internal/protocol"
 
 // PacketInterval is an interval from one PacketNumber to the other
-// +gen linkedlist
 type PacketInterval struct {
 	Start protocol.PacketNumber
 	End   protocol.PacketNumber

vendor/github.com/lucas-clemente/quic-go/internal/utils/packetinterval_linkedlist.go

-// Generated by: main
-// TypeWriter: linkedlist
-// Directive: +gen on PacketInterval
+// This file was automatically generated by genny.
+// Any changes will be lost if this file is regenerated.
+// see https://github.com/cheekybits/genny
 
 package utils
 
-// List is a modification of http://golang.org/pkg/container/list/
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// Linked list implementation from the Go standard library.
 
 // PacketIntervalElement is an element of a linked list.
 type PacketIntervalElement struct {
@@ -41,8 +38,7 @@ func (e *PacketIntervalElement) Prev() *PacketIntervalElement {
 	return nil
 }
 
-// PacketIntervalList represents a doubly linked list.
-// The zero value for PacketIntervalList is an empty list ready to use.
+// PacketIntervalList is a linked list of PacketIntervals.
 type PacketIntervalList struct {
 	root PacketIntervalElement // sentinel list element, only &root, root.prev, and root.next are used
 	len  int                   // current list length excluding (this) sentinel element
@@ -63,7 +59,7 @@ func NewPacketIntervalList() *PacketIntervalList { return new(PacketIntervalList
 // The complexity is O(1).
 func (l *PacketIntervalList) Len() int { return l.len }
 
-// Front returns the first element of list l or nil.
+// Front returns the first element of list l or nil if the list is empty.
 func (l *PacketIntervalList) Front() *PacketIntervalElement {
 	if l.len == 0 {
 		return nil
@@ -71,7 +67,7 @@ func (l *PacketIntervalList) Front() *PacketIntervalElement {
 	return l.root.next
 }
 
-// Back returns the last element of list l or nil.
+// Back returns the last element of list l or nil if the list is empty.
 func (l *PacketIntervalList) Back() *PacketIntervalElement {
 	if l.len == 0 {
 		return nil
@@ -79,7 +75,7 @@ func (l *PacketIntervalList) Back() *PacketIntervalElement {
 	return l.root.prev
 }
 
-// lazyInit lazily initializes a zero PacketIntervalList value.
+// lazyInit lazily initializes a zero List value.
 func (l *PacketIntervalList) lazyInit() {
 	if l.root.next == nil {
 		l.Init()
@@ -98,7 +94,7 @@ func (l *PacketIntervalList) insert(e, at *PacketIntervalElement) *PacketInterva
 	return e
 }
 
-// insertValue is a convenience wrapper for insert(&PacketIntervalElement{Value: v}, at).
+// insertValue is a convenience wrapper for insert(&Element{Value: v}, at).
 func (l *PacketIntervalList) insertValue(v PacketInterval, at *PacketIntervalElement) *PacketIntervalElement {
 	return l.insert(&PacketIntervalElement{Value: v}, at)
 }
@@ -116,10 +112,11 @@ func (l *PacketIntervalList) remove(e *PacketIntervalElement) *PacketIntervalEle
 
 // Remove removes e from l if e is an element of list l.
 // It returns the element value e.Value.
+// The element must not be nil.
 func (l *PacketIntervalList) Remove(e *PacketIntervalElement) PacketInterval {
 	if e.list == l {
 		// if e.list == l, l must have been initialized when e was inserted
-		// in l or l == nil (e is a zero PacketIntervalElement) and l.remove will crash
+		// in l or l == nil (e is a zero Element) and l.remove will crash
 		l.remove(e)
 	}
 	return e.Value
@@ -139,46 +136,51 @@ func (l *PacketIntervalList) PushBack(v PacketInterval) *PacketIntervalElement {
 
 // InsertBefore inserts a new element e with value v immediately before mark and returns e.
 // If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
 func (l *PacketIntervalList) InsertBefore(v PacketInterval, mark *PacketIntervalElement) *PacketIntervalElement {
 	if mark.list != l {
 		return nil
 	}
-	// see comment in PacketIntervalList.Remove about initialization of l
+	// see comment in List.Remove about initialization of l
 	return l.insertValue(v, mark.prev)
 }
 
 // InsertAfter inserts a new element e with value v immediately after mark and returns e.
 // If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
 func (l *PacketIntervalList) InsertAfter(v PacketInterval, mark *PacketIntervalElement) *PacketIntervalElement {
 	if mark.list != l {
 		return nil
 	}
-	// see comment in PacketIntervalList.Remove about initialization of l
+	// see comment in List.Remove about initialization of l
 	return l.insertValue(v, mark)
 }
 
 // MoveToFront moves element e to the front of list l.
 // If e is not an element of l, the list is not modified.
+// The element must not be nil.
 func (l *PacketIntervalList) MoveToFront(e *PacketIntervalElement) {
 	if e.list != l || l.root.next == e {
 		return
 	}
-	// see comment in PacketIntervalList.Remove about initialization of l
+	// see comment in List.Remove about initialization of l
 	l.insert(l.remove(e), &l.root)
 }
 
 // MoveToBack moves element e to the back of list l.
 // If e is not an element of l, the list is not modified.
+// The element must not be nil.
 func (l *PacketIntervalList) MoveToBack(e *PacketIntervalElement) {
 	if e.list != l || l.root.prev == e {
 		return
 	}
-	// see comment in PacketIntervalList.Remove about initialization of l
+	// see comment in List.Remove about initialization of l
 	l.insert(l.remove(e), l.root.prev)
 }
 
 // MoveBefore moves element e to its new position before mark.
 // If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
 func (l *PacketIntervalList) MoveBefore(e, mark *PacketIntervalElement) {
 	if e.list != l || e == mark || mark.list != l {
 		return
@@ -187,7 +189,8 @@ func (l *PacketIntervalList) MoveBefore(e, mark *PacketIntervalElement) {
 }
 
 // MoveAfter moves element e to its new position after mark.
-// If e is not an element of l, or e == mark, the list is not modified.
+// If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
 func (l *PacketIntervalList) MoveAfter(e, mark *PacketIntervalElement) {
 	if e.list != l || e == mark || mark.list != l {
 		return
@@ -196,7 +199,7 @@ func (l *PacketIntervalList) MoveAfter(e, mark *PacketIntervalElement) {
 }
 
 // PushBackList inserts a copy of an other list at the back of list l.
-// The lists l and other may be the same.
+// The lists l and other may be the same. They must not be nil.
 func (l *PacketIntervalList) PushBackList(other *PacketIntervalList) {
 	l.lazyInit()
 	for i, e := other.Len(), other.Front(); i > 0; i, e = i-1, e.Next() {
@@ -205,7 +208,7 @@ func (l *PacketIntervalList) PushBackList(other *PacketIntervalList) {
 }
 
 // PushFrontList inserts a copy of an other list at the front of list l.
-// The lists l and other may be the same.
+// The lists l and other may be the same. They must not be nil.
 func (l *PacketIntervalList) PushFrontList(other *PacketIntervalList) {
 	l.lazyInit()
 	for i, e := other.Len(), other.Back(); i > 0; i, e = i-1, e.Prev() {

vendor/github.com/lucas-clemente/quic-go/internal/utils/streamframe_interval.go

@@ -3,7 +3,6 @@ package utils
 import "github.com/lucas-clemente/quic-go/internal/protocol"
 
 // ByteInterval is an interval from one ByteCount to the other
-// +gen linkedlist
 type ByteInterval struct {
 	Start protocol.ByteCount
 	End   protocol.ByteCount

vendor/github.com/lucas-clemente/quic-go/internal/wire/ack_frame.go

@@ -24,8 +24,8 @@ type AckFrame struct {
 	DelayTime          time.Duration
 }
 
-// ParseAckFrame reads an ACK frame
-func ParseAckFrame(r *bytes.Reader, version protocol.VersionNumber) (*AckFrame, error) {
+// parseAckFrame reads an ACK frame
+func parseAckFrame(r *bytes.Reader, version protocol.VersionNumber) (*AckFrame, error) {
 	if !version.UsesIETFFrameFormat() {
 		return parseAckFrameLegacy(r, version)
 	}

vendor/github.com/lucas-clemente/quic-go/internal/wire/blocked_frame.go

@@ -12,8 +12,8 @@ type BlockedFrame struct {
 	Offset protocol.ByteCount
 }
 
-// ParseBlockedFrame parses a BLOCKED frame
-func ParseBlockedFrame(r *bytes.Reader, _ protocol.VersionNumber) (*BlockedFrame, error) {
+// parseBlockedFrame parses a BLOCKED frame
+func parseBlockedFrame(r *bytes.Reader, _ protocol.VersionNumber) (*BlockedFrame, error) {
 	if _, err := r.ReadByte(); err != nil {
 		return nil, err
 	}

vendor/github.com/lucas-clemente/quic-go/internal/wire/blocked_frame_legacy.go

@@ -11,11 +11,11 @@ type blockedFrameLegacy struct {
 	StreamID protocol.StreamID
 }
 
-// ParseBlockedFrameLegacy parses a BLOCKED frame (in gQUIC format)
+// parseBlockedFrameLegacy parses a BLOCKED frame (in gQUIC format)
 // The frame returned is
 // * a STREAM_BLOCKED frame, if the BLOCKED applies to a stream
 // * a BLOCKED frame, if the BLOCKED applies to the connection
-func ParseBlockedFrameLegacy(r *bytes.Reader, _ protocol.VersionNumber) (Frame, error) {
+func parseBlockedFrameLegacy(r *bytes.Reader, _ protocol.VersionNumber) (Frame, error) {
 	if _, err := r.ReadByte(); err != nil { // read the TypeByte
 		return nil, err
 	}

vendor/github.com/lucas-clemente/quic-go/internal/wire/connection_close_frame.go

@@ -17,8 +17,8 @@ type ConnectionCloseFrame struct {
 	ReasonPhrase string
 }
 
-// ParseConnectionCloseFrame reads a CONNECTION_CLOSE frame
-func ParseConnectionCloseFrame(r *bytes.Reader, version protocol.VersionNumber) (*ConnectionCloseFrame, error) {
+// parseConnectionCloseFrame reads a CONNECTION_CLOSE frame
+func parseConnectionCloseFrame(r *bytes.Reader, version protocol.VersionNumber) (*ConnectionCloseFrame, error) {
 	if _, err := r.ReadByte(); err != nil { // read the TypeByte
 		return nil, err
 	}

vendor/github.com/lucas-clemente/quic-go/internal/wire/frame_parser.go

+package wire
+
+import (
+	"bytes"
+	"fmt"
+
+	"github.com/lucas-clemente/quic-go/internal/protocol"
+	"github.com/lucas-clemente/quic-go/qerr"
+)
+
+// ParseNextFrame parses the next frame
+// It skips PADDING frames.
+func ParseNextFrame(r *bytes.Reader, hdr *Header, v protocol.VersionNumber) (Frame, error) {
+	if r.Len() == 0 {
+		return nil, nil
+	}
+	typeByte, _ := r.ReadByte()
+	if typeByte == 0x0 { // PADDING frame
+		return ParseNextFrame(r, hdr, v)
+	}
+	r.UnreadByte()
+
+	if !v.UsesIETFFrameFormat() {
+		return parseGQUICFrame(r, typeByte, hdr, v)
+	}
+	return parseIETFFrame(r, typeByte, v)
+}
+
+func parseIETFFrame(r *bytes.Reader, typeByte byte, v protocol.VersionNumber) (Frame, error) {
+	var frame Frame
+	var err error
+	if typeByte&0xf8 == 0x10 {
+		frame, err = parseStreamFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidStreamData, err.Error())
+		}
+		return frame, err
+	}
+	// TODO: implement all IETF QUIC frame types
+	switch typeByte {
+	case 0x1:
+		frame, err = parseRstStreamFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidRstStreamData, err.Error())
+		}
+	case 0x2:
+		frame, err = parseConnectionCloseFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidConnectionCloseData, err.Error())
+		}
+	case 0x4:
+		frame, err = parseMaxDataFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidWindowUpdateData, err.Error())
+		}
+	case 0x5:
+		frame, err = parseMaxStreamDataFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidWindowUpdateData, err.Error())
+		}
+	case 0x6:
+		frame, err = parseMaxStreamIDFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidFrameData, err.Error())
+		}
+	case 0x7:
+		frame, err = parsePingFrame(r, v)
+	case 0x8:
+		frame, err = parseBlockedFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidBlockedData, err.Error())
+		}
+	case 0x9:
+		frame, err = parseStreamBlockedFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidBlockedData, err.Error())
+		}
+	case 0xa:
+		frame, err = parseStreamIDBlockedFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidFrameData, err.Error())
+		}
+	case 0xc:
+		frame, err = parseStopSendingFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidFrameData, err.Error())
+		}
+	case 0xe:
+		frame, err = parseAckFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidAckData, err.Error())
+		}
+	default:
+		err = qerr.Error(qerr.InvalidFrameData, fmt.Sprintf("unknown type byte 0x%x", typeByte))
+	}
+	return frame, err
+}
+
+func parseGQUICFrame(r *bytes.Reader, typeByte byte, hdr *Header, v protocol.VersionNumber) (Frame, error) {
+	var frame Frame
+	var err error
+	if typeByte&0x80 == 0x80 {
+		frame, err = parseStreamFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidStreamData, err.Error())
+		}
+		return frame, err
+	} else if typeByte&0xc0 == 0x40 {
+		frame, err = parseAckFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidAckData, err.Error())
+		}
+		return frame, err
+	}
+	switch typeByte {
+	case 0x1:
+		frame, err = parseRstStreamFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidRstStreamData, err.Error())
+		}
+	case 0x2:
+		frame, err = parseConnectionCloseFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidConnectionCloseData, err.Error())
+		}
+	case 0x3:
+		frame, err = parseGoawayFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidGoawayData, err.Error())
+		}
+	case 0x4:
+		frame, err = parseWindowUpdateFrame(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidWindowUpdateData, err.Error())
+		}
+	case 0x5:
+		frame, err = parseBlockedFrameLegacy(r, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidBlockedData, err.Error())
+		}
+	case 0x6:
+		frame, err = parseStopWaitingFrame(r, hdr.PacketNumber, hdr.PacketNumberLen, v)
+		if err != nil {
+			err = qerr.Error(qerr.InvalidStopWaitingData, err.Error())
+		}
+	case 0x7:
+		frame, err = parsePingFrame(r, v)
+	default:
+		err = qerr.Error(qerr.InvalidFrameData, fmt.Sprintf("unknown type byte 0x%x", typeByte))
+	}
+	return frame, err
+}

vendor/github.com/lucas-clemente/quic-go/internal/wire/goaway_frame.go

@@ -16,8 +16,8 @@ type GoawayFrame struct {
 	ReasonPhrase   string
 }
 
-// ParseGoawayFrame parses a GOAWAY frame
-func ParseGoawayFrame(r *bytes.Reader, _ protocol.VersionNumber) (*GoawayFrame, error) {
+// parseGoawayFrame parses a GOAWAY frame
+func parseGoawayFrame(r *bytes.Reader, _ protocol.VersionNumber) (*GoawayFrame, error) {
 	frame := &GoawayFrame{}
 
 	if _, err := r.ReadByte(); err != nil {

vendor/github.com/lucas-clemente/quic-go/internal/wire/header.go

@@ -4,6 +4,7 @@ import (
 	"bytes"
 
 	"github.com/lucas-clemente/quic-go/internal/protocol"
+	"github.com/lucas-clemente/quic-go/internal/utils"
 )
 
 // Header is the header of a QUIC packet.
@@ -103,10 +104,10 @@ func (h *Header) GetLength(pers protocol.Perspective, version protocol.VersionNu
 }
 
 // Log logs the Header
-func (h *Header) Log() {
+func (h *Header) Log(logger utils.Logger) {
 	if h.isPublicHeader {
-		h.logPublicHeader()
+		h.logPublicHeader(logger)
 	} else {
-		h.logHeader()
+		h.logHeader(logger)
 	}
 }

vendor/github.com/lucas-clemente/quic-go/internal/wire/ietf_header.go

@@ -174,14 +174,14 @@ func (h *Header) getHeaderLength() (protocol.ByteCount, error) {
 	return length, nil
 }
 
-func (h *Header) logHeader() {
+func (h *Header) logHeader(logger utils.Logger) {
 	if h.IsLongHeader {
-		utils.Debugf("   Long Header{Type: %s, ConnectionID: %#x, PacketNumber: %#x, Version: %s}", h.Type, h.ConnectionID, h.PacketNumber, h.Version)
+		logger.Debugf("   Long Header{Type: %s, ConnectionID: %#x, PacketNumber: %#x, Version: %s}", h.Type, h.ConnectionID, h.PacketNumber, h.Version)
 	} else {
 		connID := "(omitted)"
 		if !h.OmitConnectionID {
 			connID = fmt.Sprintf("%#x", h.ConnectionID)
 		}
-		utils.Debugf("   Short Header{ConnectionID: %s, PacketNumber: %#x, PacketNumberLen: %d, KeyPhase: %d}", connID, h.PacketNumber, h.PacketNumberLen, h.KeyPhase)
+		logger.Debugf("   Short Header{ConnectionID: %s, PacketNumber: %#x, PacketNumberLen: %d, KeyPhase: %d}", connID, h.PacketNumber, h.PacketNumberLen, h.KeyPhase)
 	}
 }

vendor/github.com/lucas-clemente/quic-go/internal/wire/log.go

@@ -3,8 +3,8 @@ package wire
 import "github.com/lucas-clemente/quic-go/internal/utils"
 
 // LogFrame logs a frame, either sent or received
-func LogFrame(frame Frame, sent bool) {
-	if !utils.Debug() {
+func LogFrame(logger utils.Logger, frame Frame, sent bool) {
+	if !logger.Debug() {
 		return
 	}
 	dir := "<-"
@@ -13,16 +13,16 @@ func LogFrame(frame Frame, sent bool) {
 	}
 	switch f := frame.(type) {
 	case *StreamFrame:
-		utils.Debugf("\t%s &wire.StreamFrame{StreamID: %d, FinBit: %t, Offset: 0x%x, Data length: 0x%x, Offset + Data length: 0x%x}", dir, f.StreamID, f.FinBit, f.Offset, f.DataLen(), f.Offset+f.DataLen())
+		logger.Debugf("\t%s &wire.StreamFrame{StreamID: %d, FinBit: %t, Offset: 0x%x, Data length: 0x%x, Offset + Data length: 0x%x}", dir, f.StreamID, f.FinBit, f.Offset, f.DataLen(), f.Offset+f.DataLen())
 	case *StopWaitingFrame:
 		if sent {
-			utils.Debugf("\t%s &wire.StopWaitingFrame{LeastUnacked: 0x%x, PacketNumberLen: 0x%x}", dir, f.LeastUnacked, f.PacketNumberLen)
+			logger.Debugf("\t%s &wire.StopWaitingFrame{LeastUnacked: 0x%x, PacketNumberLen: 0x%x}", dir, f.LeastUnacked, f.PacketNumberLen)
 		} else {
-			utils.Debugf("\t%s &wire.StopWaitingFrame{LeastUnacked: 0x%x}", dir, f.LeastUnacked)
+			logger.Debugf("\t%s &wire.StopWaitingFrame{LeastUnacked: 0x%x}", dir, f.LeastUnacked)
 		}
 	case *AckFrame:
-		utils.Debugf("\t%s &wire.AckFrame{LargestAcked: 0x%x, LowestAcked: 0x%x, AckRanges: %#v, DelayTime: %s}", dir, f.LargestAcked, f.LowestAcked, f.AckRanges, f.DelayTime.String())
+		logger.Debugf("\t%s &wire.AckFrame{LargestAcked: 0x%x, LowestAcked: 0x%x, AckRanges: %#v, DelayTime: %s}", dir, f.LargestAcked, f.LowestAcked, f.AckRanges, f.DelayTime.String())
 	default:
-		utils.Debugf("\t%s %#v", dir, frame)
+		logger.Debugf("\t%s %#v", dir, frame)
 	}
 }

vendor/github.com/lucas-clemente/quic-go/internal/wire/max_data_frame.go

@@ -12,8 +12,8 @@ type MaxDataFrame struct {
 	ByteOffset protocol.ByteCount
 }
 
-// ParseMaxDataFrame parses a MAX_DATA frame
-func ParseMaxDataFrame(r *bytes.Reader, version protocol.VersionNumber) (*MaxDataFrame, error) {
+// parseMaxDataFrame parses a MAX_DATA frame
+func parseMaxDataFrame(r *bytes.Reader, version protocol.VersionNumber) (*MaxDataFrame, error) {
 	// read the TypeByte
 	if _, err := r.ReadByte(); err != nil {
 		return nil, err

vendor/github.com/lucas-clemente/quic-go/internal/wire/max_stream_data_frame.go

@@ -13,8 +13,8 @@ type MaxStreamDataFrame struct {
 	ByteOffset protocol.ByteCount
 }
 
-// ParseMaxStreamDataFrame parses a MAX_STREAM_DATA frame
-func ParseMaxStreamDataFrame(r *bytes.Reader, version protocol.VersionNumber) (*MaxStreamDataFrame, error) {
+// parseMaxStreamDataFrame parses a MAX_STREAM_DATA frame
+func parseMaxStreamDataFrame(r *bytes.Reader, version protocol.VersionNumber) (*MaxStreamDataFrame, error) {
 	frame := &MaxStreamDataFrame{}
 
 	// read the TypeByte

vendor/github.com/lucas-clemente/quic-go/internal/wire/max_stream_id_frame.go

@@ -12,8 +12,8 @@ type MaxStreamIDFrame struct {
 	StreamID protocol.StreamID
 }
 
-// ParseMaxStreamIDFrame parses a MAX_STREAM_ID frame
-func ParseMaxStreamIDFrame(r *bytes.Reader, _ protocol.VersionNumber) (*MaxStreamIDFrame, error) {
+// parseMaxStreamIDFrame parses a MAX_STREAM_ID frame
+func parseMaxStreamIDFrame(r *bytes.Reader, _ protocol.VersionNumber) (*MaxStreamIDFrame, error) {
 	// read the Type byte
 	if _, err := r.ReadByte(); err != nil {
 		return nil, err

vendor/github.com/lucas-clemente/quic-go/internal/wire/ping_frame.go

@@ -9,8 +9,8 @@ import (
 // A PingFrame is a ping frame
 type PingFrame struct{}
 
-// ParsePingFrame parses a Ping frame
-func ParsePingFrame(r *bytes.Reader, version protocol.VersionNumber) (*PingFrame, error) {
+// parsePingFrame parses a Ping frame
+func parsePingFrame(r *bytes.Reader, version protocol.VersionNumber) (*PingFrame, error) {
 	frame := &PingFrame{}
 
 	_, err := r.ReadByte()

vendor/github.com/lucas-clemente/quic-go/internal/wire/public_header.go

@@ -20,6 +20,9 @@ var (
 
 // writePublicHeader writes a Public Header.
 func (h *Header) writePublicHeader(b *bytes.Buffer, pers protocol.Perspective, _ protocol.VersionNumber) error {
+	if h.VersionFlag && pers == protocol.PerspectiveServer {
+		return errors.New("PublicHeader: Writing of Version Negotiation Packets not supported")
+	}
 	if h.VersionFlag && h.ResetFlag {
 		return errResetAndVersionFlagSet
 	}
@@ -228,7 +231,7 @@ func (h *Header) hasPacketNumber(packetSentBy protocol.Perspective) bool {
 	return true
 }
 
-func (h *Header) logPublicHeader() {
+func (h *Header) logPublicHeader(logger utils.Logger) {
 	connID := "(omitted)"
 	if !h.OmitConnectionID {
 		connID = fmt.Sprintf("%#x", h.ConnectionID)
@@ -237,5 +240,5 @@ func (h *Header) logPublicHeader() {
 	if h.Version != 0 {
 		ver = h.Version.String()
 	}
-	utils.Debugf("   Public Header{ConnectionID: %s, PacketNumber: %#x, PacketNumberLen: %d, Version: %s, DiversificationNonce: %#v}", connID, h.PacketNumber, h.PacketNumberLen, ver, h.DiversificationNonce)
+	logger.Debugf("   Public Header{ConnectionID: %s, PacketNumber: %#x, PacketNumberLen: %d, Version: %s, DiversificationNonce: %#v}", connID, h.PacketNumber, h.PacketNumberLen, ver, h.DiversificationNonce)
 }

vendor/github.com/lucas-clemente/quic-go/internal/wire/rst_stream_frame.go

@@ -16,8 +16,8 @@ type RstStreamFrame struct {
 	ByteOffset protocol.ByteCount
 }
 
-// ParseRstStreamFrame parses a RST_STREAM frame
-func ParseRstStreamFrame(r *bytes.Reader, version protocol.VersionNumber) (*RstStreamFrame, error) {
+// parseRstStreamFrame parses a RST_STREAM frame
+func parseRstStreamFrame(r *bytes.Reader, version protocol.VersionNumber) (*RstStreamFrame, error) {
 	if _, err := r.ReadByte(); err != nil { // read the TypeByte
 		return nil, err
 	}

vendor/github.com/lucas-clemente/quic-go/internal/wire/stop_sending_frame.go

@@ -13,8 +13,8 @@ type StopSendingFrame struct {
 	ErrorCode protocol.ApplicationErrorCode
 }
 
-// ParseStopSendingFrame parses a STOP_SENDING frame
-func ParseStopSendingFrame(r *bytes.Reader, _ protocol.VersionNumber) (*StopSendingFrame, error) {
+// parseStopSendingFrame parses a STOP_SENDING frame
+func parseStopSendingFrame(r *bytes.Reader, _ protocol.VersionNumber) (*StopSendingFrame, error) {
 	if _, err := r.ReadByte(); err != nil { // read the TypeByte
 		return nil, err
 	}

vendor/github.com/lucas-clemente/quic-go/internal/wire/stop_waiting_frame.go

@@ -56,8 +56,8 @@ func (f *StopWaitingFrame) Length(_ protocol.VersionNumber) protocol.ByteCount {
 	return 1 + protocol.ByteCount(f.PacketNumberLen)
 }
 
-// ParseStopWaitingFrame parses a StopWaiting frame
-func ParseStopWaitingFrame(r *bytes.Reader, packetNumber protocol.PacketNumber, packetNumberLen protocol.PacketNumberLen, _ protocol.VersionNumber) (*StopWaitingFrame, error) {
+// parseStopWaitingFrame parses a StopWaiting frame
+func parseStopWaitingFrame(r *bytes.Reader, packetNumber protocol.PacketNumber, packetNumberLen protocol.PacketNumberLen, _ protocol.VersionNumber) (*StopWaitingFrame, error) {
 	frame := &StopWaitingFrame{}
 
 	// read the TypeByte

vendor/github.com/lucas-clemente/quic-go/internal/wire/stream_blocked_frame.go

@@ -13,8 +13,8 @@ type StreamBlockedFrame struct {
 	Offset   protocol.ByteCount
 }
 
-// ParseStreamBlockedFrame parses a STREAM_BLOCKED frame
-func ParseStreamBlockedFrame(r *bytes.Reader, _ protocol.VersionNumber) (*StreamBlockedFrame, error) {
+// parseStreamBlockedFrame parses a STREAM_BLOCKED frame
+func parseStreamBlockedFrame(r *bytes.Reader, _ protocol.VersionNumber) (*StreamBlockedFrame, error) {
 	if _, err := r.ReadByte(); err != nil { // read the TypeByte
 		return nil, err
 	}

vendor/github.com/lucas-clemente/quic-go/internal/wire/stream_frame.go

@@ -19,8 +19,8 @@ type StreamFrame struct {
 	Data           []byte
 }
 
-// ParseStreamFrame reads a STREAM frame
-func ParseStreamFrame(r *bytes.Reader, version protocol.VersionNumber) (*StreamFrame, error) {
+// parseStreamFrame reads a STREAM frame
+func parseStreamFrame(r *bytes.Reader, version protocol.VersionNumber) (*StreamFrame, error) {
 	if !version.UsesIETFFrameFormat() {
 		return parseLegacyStreamFrame(r, version)
 	}
@@ -76,7 +76,8 @@ func ParseStreamFrame(r *bytes.Reader, version protocol.VersionNumber) (*StreamF
 	if frame.Offset+frame.DataLen() > protocol.MaxByteCount {
 		return nil, qerr.Error(qerr.InvalidStreamData, "data overflows maximum offset")
 	}
-	if !frame.FinBit && frame.DataLen() == 0 {
+	// empty frames are only allowed if they have offset 0 or the FIN bit set
+	if frame.DataLen() == 0 && !frame.FinBit && frame.Offset != 0 {
 		return nil, qerr.EmptyStreamFrameNoFin
 	}
 	return frame, nil

vendor/github.com/lucas-clemente/quic-go/internal/wire/stream_id_blocked_frame.go

@@ -12,8 +12,8 @@ type StreamIDBlockedFrame struct {
 	StreamID protocol.StreamID
 }
 
-// ParseStreamIDBlockedFrame parses a STREAM_ID_BLOCKED frame
-func ParseStreamIDBlockedFrame(r *bytes.Reader, _ protocol.VersionNumber) (*StreamIDBlockedFrame, error) {
+// parseStreamIDBlockedFrame parses a STREAM_ID_BLOCKED frame
+func parseStreamIDBlockedFrame(r *bytes.Reader, _ protocol.VersionNumber) (*StreamIDBlockedFrame, error) {
 	if _, err := r.ReadByte(); err != nil {
 		return nil, err
 	}

vendor/github.com/lucas-clemente/quic-go/internal/wire/version_negotiation.go

@@ -10,17 +10,9 @@ import (
 
 // ComposeGQUICVersionNegotiation composes a Version Negotiation Packet for gQUIC
 func ComposeGQUICVersionNegotiation(connID protocol.ConnectionID, versions []protocol.VersionNumber) []byte {
-	buf := &bytes.Buffer{}
-	ph := Header{
-		ConnectionID:         connID,
-		PacketNumber:         1,
-		VersionFlag:          true,
-		IsVersionNegotiation: true,
-	}
-	if err := ph.writePublicHeader(buf, protocol.PerspectiveServer, protocol.VersionWhatever); err != nil {
-		utils.Errorf("error composing version negotiation packet: %s", err.Error())
-		return nil
-	}
+	buf := bytes.NewBuffer(make([]byte, 0, 1+8+len(versions)*4))
+	buf.Write([]byte{0x1 | 0x8}) // type byte
+	utils.BigEndian.WriteUint64(buf, uint64(connID))
 	for _, v := range versions {
 		utils.BigEndian.WriteUint32(buf, uint32(v))
 	}

vendor/github.com/lucas-clemente/quic-go/internal/wire/window_update_frame.go

@@ -12,11 +12,11 @@ type windowUpdateFrame struct {
 	ByteOffset protocol.ByteCount
 }
 
-// ParseWindowUpdateFrame parses a WINDOW_UPDATE frame
+// parseWindowUpdateFrame parses a WINDOW_UPDATE frame
 // The frame returned is
 // * a MAX_STREAM_DATA frame, if the WINDOW_UPDATE applies to a stream
 // * a MAX_DATA frame, if the WINDOW_UPDATE applies to the connection
-func ParseWindowUpdateFrame(r *bytes.Reader, _ protocol.VersionNumber) (Frame, error) {
+func parseWindowUpdateFrame(r *bytes.Reader, _ protocol.VersionNumber) (Frame, error) {
 	if _, err := r.ReadByte(); err != nil { // read the TypeByte
 		return nil, err
 	}

vendor/github.com/lucas-clemente/quic-go/mint_utils.go

@@ -6,6 +6,7 @@ import (
 	"crypto/tls"
 	"crypto/x509"
 	"errors"
+	"fmt"
 	"io"
 
 	"github.com/bifurcation/mint"
@@ -76,6 +77,7 @@ func tlsToMintConfig(tlsConf *tls.Config, pers protocol.Perspective) (*mint.Conf
 		mconf.ServerName = tlsConf.ServerName
 		mconf.InsecureSkipVerify = tlsConf.InsecureSkipVerify
 		mconf.Certificates = make([]*mint.Certificate, len(tlsConf.Certificates))
+		mconf.RootCAs = tlsConf.RootCAs
 		mconf.VerifyPeerCertificate = tlsConf.VerifyPeerCertificate
 		for i, certChain := range tlsConf.Certificates {
 			mconf.Certificates[i] = &mint.Certificate{
@@ -106,39 +108,45 @@ func tlsToMintConfig(tlsConf *tls.Config, pers protocol.Perspective) (*mint.Conf
 
 // unpackInitialOrRetryPacket unpacks packets Initial and Retry packets
 // These packets must contain a STREAM_FRAME for the crypto stream, starting at offset 0.
-func unpackInitialPacket(aead crypto.AEAD, hdr *wire.Header, data []byte, version protocol.VersionNumber) (*wire.StreamFrame, error) {
-	unpacker := &packetUnpacker{aead: &nullAEAD{aead}, version: version}
-	packet, err := unpacker.Unpack(hdr.Raw, hdr, data)
+func unpackInitialPacket(aead crypto.AEAD, hdr *wire.Header, data []byte, logger utils.Logger, version protocol.VersionNumber) (*wire.StreamFrame, error) {
+	decrypted, err := aead.Open(data[:0], data, hdr.PacketNumber, hdr.Raw)
 	if err != nil {
 		return nil, err
 	}
 	var frame *wire.StreamFrame
-	for _, f := range packet.frames {
+	r := bytes.NewReader(decrypted)
+	for {
+		f, err := wire.ParseNextFrame(r, hdr, version)
+		if err != nil {
+			return nil, err
+		}
 		var ok bool
-		frame, ok = f.(*wire.StreamFrame)
-		if ok {
+		if frame, ok = f.(*wire.StreamFrame); ok || frame == nil {
 			break
 		}
 	}
 	if frame == nil {
 		return nil, errors.New("Packet doesn't contain a STREAM_FRAME")
 	}
+	if frame.StreamID != version.CryptoStreamID() {
+		return nil, fmt.Errorf("Received STREAM_FRAME for wrong stream (Stream ID %d)", frame.StreamID)
+	}
 	// We don't need a check for the stream ID here.
 	// The packetUnpacker checks that there's no unencrypted stream data except for the crypto stream.
 	if frame.Offset != 0 {
 		return nil, errors.New("received stream data with non-zero offset")
 	}
-	if utils.Debug() {
-		utils.Debugf("<- Reading packet 0x%x (%d bytes) for connection %x", hdr.PacketNumber, len(data)+len(hdr.Raw), hdr.ConnectionID)
-		hdr.Log()
-		wire.LogFrame(frame, false)
+	if logger.Debug() {
+		logger.Debugf("<- Reading packet 0x%x (%d bytes) for connection %x", hdr.PacketNumber, len(data)+len(hdr.Raw), hdr.ConnectionID)
+		hdr.Log(logger)
+		wire.LogFrame(logger, frame, false)
 	}
 	return frame, nil
 }
 
 // packUnencryptedPacket provides a low-overhead way to pack a packet.
 // It is supposed to be used in the early stages of the handshake, before a session (which owns a packetPacker) is available.
-func packUnencryptedPacket(aead crypto.AEAD, hdr *wire.Header, f wire.Frame, pers protocol.Perspective) ([]byte, error) {
+func packUnencryptedPacket(aead crypto.AEAD, hdr *wire.Header, f wire.Frame, pers protocol.Perspective, logger utils.Logger) ([]byte, error) {
 	raw := *getPacketBuffer()
 	buffer := bytes.NewBuffer(raw[:0])
 	if err := hdr.Write(buffer, pers, hdr.Version); err != nil {
@@ -151,10 +159,10 @@ func packUnencryptedPacket(aead crypto.AEAD, hdr *wire.Header, f wire.Frame, per
 	raw = raw[0:buffer.Len()]
 	_ = aead.Seal(raw[payloadStartIndex:payloadStartIndex], raw[payloadStartIndex:], hdr.PacketNumber, raw[:payloadStartIndex])
 	raw = raw[0 : buffer.Len()+aead.Overhead()]
-	if utils.Debug() {
-		utils.Debugf("-> Sending packet 0x%x (%d bytes) for connection %x, %s", hdr.PacketNumber, len(raw), hdr.ConnectionID, protocol.EncryptionUnencrypted)
-		hdr.Log()
-		wire.LogFrame(f, true)
+	if logger.Debug() {
+		logger.Debugf("-> Sending packet 0x%x (%d bytes) for connection %x, %s", hdr.PacketNumber, len(raw), hdr.ConnectionID, protocol.EncryptionUnencrypted)
+		hdr.Log(logger)
+		wire.LogFrame(logger, f, true)
 	}
 	return raw, nil
 }

vendor/github.com/lucas-clemente/quic-go/mockgen.go

@@ -9,4 +9,8 @@ package quic
 //go:generate sh -c "./mockgen_private.sh quic mock_crypto_stream_test.go github.com/lucas-clemente/quic-go cryptoStreamI CryptoStream"
 //go:generate sh -c "./mockgen_private.sh quic mock_stream_manager_test.go github.com/lucas-clemente/quic-go streamManager StreamManager"
 //go:generate sh -c "sed -i '' 's/quic_go.//g' mock_stream_getter_test.go mock_stream_manager_test.go"
+//go:generate sh -c "./mockgen_private.sh quic mock_unpacker_test.go github.com/lucas-clemente/quic-go unpacker Unpacker"
+//go:generate sh -c "sed -i '' 's/quic_go.//g' mock_unpacker_test.go mock_unpacker_test.go"
+//go:generate sh -c "./mockgen_private.sh quic mock_quic_aead_test.go github.com/lucas-clemente/quic-go quicAEAD QuicAEAD"
+//go:generate sh -c "./mockgen_private.sh quic mock_gquic_aead_test.go github.com/lucas-clemente/quic-go gQUICAEAD GQUICAEAD"
 //go:generate sh -c "goimports -w mock*_test.go"

vendor/github.com/lucas-clemente/quic-go/packet_packer.go

@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"net"
 	"sync"
+	"time"
 
 	"github.com/lucas-clemente/quic-go/internal/ackhandler"
 	"github.com/lucas-clemente/quic-go/internal/handshake"
@@ -28,9 +29,16 @@ func (p *packedPacket) ToAckHandlerPacket() *ackhandler.Packet {
 		Frames:          p.frames,
 		Length:          protocol.ByteCount(len(p.raw)),
 		EncryptionLevel: p.encryptionLevel,
+		SendTime:        time.Now(),
 	}
 }
 
+type sealingManager interface {
+	GetSealer() (protocol.EncryptionLevel, handshake.Sealer)
+	GetSealerForCryptoStream() (protocol.EncryptionLevel, handshake.Sealer)
+	GetSealerWithEncryptionLevel(protocol.EncryptionLevel) (handshake.Sealer, error)
+}
+
 type streamFrameSource interface {
 	HasCryptoStreamData() bool
 	PopCryptoStreamFrame(protocol.ByteCount) *wire.StreamFrame
@@ -41,7 +49,8 @@ type packetPacker struct {
 	connectionID protocol.ConnectionID
 	perspective  protocol.Perspective
 	version      protocol.VersionNumber
-	cryptoSetup  handshake.CryptoSetup
+	divNonce     []byte
+	cryptoSetup  sealingManager
 
 	packetNumberGenerator *packetNumberGenerator
 	getPacketNumberLen    func(protocol.PacketNumber) protocol.PacketNumberLen
@@ -62,7 +71,8 @@ func newPacketPacker(connectionID protocol.ConnectionID,
 	initialPacketNumber protocol.PacketNumber,
 	getPacketNumberLen func(protocol.PacketNumber) protocol.PacketNumberLen,
 	remoteAddr net.Addr, // only used for determining the max packet size
-	cryptoSetup handshake.CryptoSetup,
+	divNonce []byte,
+	cryptoSetup sealingManager,
 	streamFramer streamFrameSource,
 	perspective protocol.Perspective,
 	version protocol.VersionNumber,
@@ -82,6 +92,7 @@ func newPacketPacker(connectionID protocol.ConnectionID,
 	}
 	return &packetPacker{
 		cryptoSetup:           cryptoSetup,
+		divNonce:              divNonce,
 		connectionID:          connectionID,
 		perspective:           perspective,
 		version:               version,
@@ -455,7 +466,7 @@ func (p *packetPacker) getHeader(encLevel protocol.EncryptionLevel) *wire.Header
 	}
 	if !p.version.UsesTLS() {
 		if p.perspective == protocol.PerspectiveServer && encLevel == protocol.EncryptionSecure {
-			header.DiversificationNonce = p.cryptoSetup.DiversificationNonce()
+			header.DiversificationNonce = p.divNonce
 		}
 		if p.perspective == protocol.PerspectiveClient && encLevel != protocol.EncryptionForwardSecure {
 			header.VersionFlag = true

vendor/github.com/lucas-clemente/quic-go/packet_unpacker.go

@@ -2,7 +2,6 @@ package quic
 
 import (
 	"bytes"
-	"fmt"
 
 	"github.com/lucas-clemente/quic-go/internal/protocol"
 	"github.com/lucas-clemente/quic-go/internal/wire"
@@ -14,188 +13,115 @@ type unpackedPacket struct {
 	frames          []wire.Frame
 }
 
-type quicAEAD interface {
+type gQUICAEAD interface {
 	Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error)
 }
 
-type packetUnpacker struct {
+type quicAEAD interface {
+	OpenHandshake(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error)
+	Open1RTT(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error)
+}
+
+type packetUnpackerBase struct {
 	version protocol.VersionNumber
-	aead    quicAEAD
 }
 
-func (u *packetUnpacker) Unpack(headerBinary []byte, hdr *wire.Header, data []byte) (*unpackedPacket, error) {
-	buf := *getPacketBuffer()
-	buf = buf[:0]
-	defer putPacketBuffer(&buf)
-	decrypted, encryptionLevel, err := u.aead.Open(buf, data, hdr.PacketNumber, headerBinary)
-	if err != nil {
-		// Wrap err in quicError so that public reset is sent by session
-		return nil, qerr.Error(qerr.DecryptionFailure, err.Error())
-	}
+func (u *packetUnpackerBase) parseFrames(decrypted []byte, hdr *wire.Header) ([]wire.Frame, error) {
 	r := bytes.NewReader(decrypted)
-
 	if r.Len() == 0 {
 		return nil, qerr.MissingPayload
 	}
 
 	fs := make([]wire.Frame, 0, 2)
-
 	// Read all frames in the packet
-	for r.Len() > 0 {
-		typeByte, _ := r.ReadByte()
-		if typeByte == 0x0 { // PADDING frame
-			continue
-		}
-		r.UnreadByte()
-
-		frame, err := u.parseFrame(r, typeByte, hdr)
+	for {
+		frame, err := wire.ParseNextFrame(r, hdr, u.version)
 		if err != nil {
 			return nil, err
 		}
-		if sf, ok := frame.(*wire.StreamFrame); ok {
-			if sf.StreamID != u.version.CryptoStreamID() && encryptionLevel <= protocol.EncryptionUnencrypted {
-				return nil, qerr.Error(qerr.UnencryptedStreamData, fmt.Sprintf("received unencrypted stream data on stream %d", sf.StreamID))
+		if frame == nil {
+			break
 		}
-		}
-		if frame != nil {
 		fs = append(fs, frame)
 	}
-	}
+	return fs, nil
+}
 
-	return &unpackedPacket{
-		encryptionLevel: encryptionLevel,
-		frames:          fs,
-	}, nil
+// The packetUnpackerGQUIC unpacks gQUIC packets.
+type packetUnpackerGQUIC struct {
+	packetUnpackerBase
+	aead gQUICAEAD
 }
 
-func (u *packetUnpacker) parseFrame(r *bytes.Reader, typeByte byte, hdr *wire.Header) (wire.Frame, error) {
-	if u.version.UsesIETFFrameFormat() {
-		return u.parseIETFFrame(r, typeByte, hdr)
+var _ unpacker = &packetUnpackerGQUIC{}
+
+func newPacketUnpackerGQUIC(aead gQUICAEAD, version protocol.VersionNumber) unpacker {
+	return &packetUnpackerGQUIC{
+		packetUnpackerBase: packetUnpackerBase{version: version},
+		aead:               aead,
 	}
-	return u.parseGQUICFrame(r, typeByte, hdr)
 }
 
-func (u *packetUnpacker) parseIETFFrame(r *bytes.Reader, typeByte byte, hdr *wire.Header) (wire.Frame, error) {
-	var frame wire.Frame
-	var err error
-	if typeByte&0xf8 == 0x10 {
-		frame, err = wire.ParseStreamFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidStreamData, err.Error())
-		}
-		return frame, err
-	}
-	// TODO: implement all IETF QUIC frame types
-	switch typeByte {
-	case 0x1:
-		frame, err = wire.ParseRstStreamFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidRstStreamData, err.Error())
-		}
-	case 0x2:
-		frame, err = wire.ParseConnectionCloseFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidConnectionCloseData, err.Error())
-		}
-	case 0x4:
-		frame, err = wire.ParseMaxDataFrame(r, u.version)
+func (u *packetUnpackerGQUIC) Unpack(headerBinary []byte, hdr *wire.Header, data []byte) (*unpackedPacket, error) {
+	decrypted, encryptionLevel, err := u.aead.Open(data[:0], data, hdr.PacketNumber, headerBinary)
 	if err != nil {
-			err = qerr.Error(qerr.InvalidWindowUpdateData, err.Error())
-		}
-	case 0x5:
-		frame, err = wire.ParseMaxStreamDataFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidWindowUpdateData, err.Error())
-		}
-	case 0x6:
-		frame, err = wire.ParseMaxStreamIDFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidFrameData, err.Error())
-		}
-	case 0x7:
-		frame, err = wire.ParsePingFrame(r, u.version)
-	case 0x8:
-		frame, err = wire.ParseBlockedFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidBlockedData, err.Error())
-		}
-	case 0x9:
-		frame, err = wire.ParseStreamBlockedFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidBlockedData, err.Error())
-		}
-	case 0xa:
-		frame, err = wire.ParseStreamIDBlockedFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidFrameData, err.Error())
-		}
-	case 0xc:
-		frame, err = wire.ParseStopSendingFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidFrameData, err.Error())
+		// Wrap err in quicError so that public reset is sent by session
+		return nil, qerr.Error(qerr.DecryptionFailure, err.Error())
 	}
-	case 0xe:
-		frame, err = wire.ParseAckFrame(r, u.version)
+
+	fs, err := u.parseFrames(decrypted, hdr)
 	if err != nil {
-			err = qerr.Error(qerr.InvalidAckData, err.Error())
+		return nil, err
 	}
-	default:
-		err = qerr.Error(qerr.InvalidFrameData, fmt.Sprintf("unknown type byte 0x%x", typeByte))
+
+	return &unpackedPacket{
+		encryptionLevel: encryptionLevel,
+		frames:          fs,
+	}, nil
+}
+
+// The packetUnpacker unpacks IETF QUIC packets.
+type packetUnpacker struct {
+	packetUnpackerBase
+	aead quicAEAD
+}
+
+var _ unpacker = &packetUnpacker{}
+
+func newPacketUnpacker(aead quicAEAD, version protocol.VersionNumber) unpacker {
+	return &packetUnpacker{
+		packetUnpackerBase: packetUnpackerBase{version: version},
+		aead:               aead,
 	}
-	return frame, err
 }
 
-func (u *packetUnpacker) parseGQUICFrame(r *bytes.Reader, typeByte byte, hdr *wire.Header) (wire.Frame, error) {
-	var frame wire.Frame
+func (u *packetUnpacker) Unpack(headerBinary []byte, hdr *wire.Header, data []byte) (*unpackedPacket, error) {
+	buf := *getPacketBuffer()
+	buf = buf[:0]
+	defer putPacketBuffer(&buf)
+
+	var decrypted []byte
+	var encryptionLevel protocol.EncryptionLevel
 	var err error
-	if typeByte&0x80 == 0x80 {
-		frame, err = wire.ParseStreamFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidStreamData, err.Error())
-		}
-		return frame, err
-	} else if typeByte&0xc0 == 0x40 {
-		frame, err = wire.ParseAckFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidAckData, err.Error())
-		}
-		return frame, err
-	}
-	switch typeByte {
-	case 0x1:
-		frame, err = wire.ParseRstStreamFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidRstStreamData, err.Error())
-		}
-	case 0x2:
-		frame, err = wire.ParseConnectionCloseFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidConnectionCloseData, err.Error())
-		}
-	case 0x3:
-		frame, err = wire.ParseGoawayFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidGoawayData, err.Error())
-		}
-	case 0x4:
-		frame, err = wire.ParseWindowUpdateFrame(r, u.version)
-		if err != nil {
-			err = qerr.Error(qerr.InvalidWindowUpdateData, err.Error())
+	if hdr.IsLongHeader {
+		decrypted, err = u.aead.OpenHandshake(buf, data, hdr.PacketNumber, headerBinary)
+		encryptionLevel = protocol.EncryptionUnencrypted
+	} else {
+		decrypted, err = u.aead.Open1RTT(buf, data, hdr.PacketNumber, headerBinary)
+		encryptionLevel = protocol.EncryptionForwardSecure
 	}
-	case 0x5:
-		frame, err = wire.ParseBlockedFrameLegacy(r, u.version)
 	if err != nil {
-			err = qerr.Error(qerr.InvalidBlockedData, err.Error())
+		// Wrap err in quicError so that public reset is sent by session
+		return nil, qerr.Error(qerr.DecryptionFailure, err.Error())
 	}
-	case 0x6:
-		frame, err = wire.ParseStopWaitingFrame(r, hdr.PacketNumber, hdr.PacketNumberLen, u.version)
+
+	fs, err := u.parseFrames(decrypted, hdr)
 	if err != nil {
-			err = qerr.Error(qerr.InvalidStopWaitingData, err.Error())
-		}
-	case 0x7:
-		frame, err = wire.ParsePingFrame(r, u.version)
-	default:
-		err = qerr.Error(qerr.InvalidFrameData, fmt.Sprintf("unknown type byte 0x%x", typeByte))
+		return nil, err
 	}
-	return frame, err
+
+	return &unpackedPacket{
+		encryptionLevel: encryptionLevel,
+		frames:          fs,
+	}, nil
 }

vendor/github.com/lucas-clemente/quic-go/qerr/quic_error.go

@@ -2,8 +2,6 @@ package qerr
 
 import (
 	"fmt"
-
-	"github.com/lucas-clemente/quic-go/internal/utils"
 )
 
 // ErrorCode can be used as a normal error without reason.
@@ -51,6 +49,5 @@ func ToQuicError(err error) *QuicError {
 	case ErrorCode:
 		return Error(e, "")
 	}
-	utils.Errorf("Internal error: %v", err)
 	return Error(InternalError, err.Error())
 }

vendor/github.com/lucas-clemente/quic-go/server.go

@@ -50,8 +50,10 @@ type server struct {
 	errorChan    chan struct{}
 
 	// set as members, so they can be set in the tests
-	newSession                func(conn connection, v protocol.VersionNumber, connectionID protocol.ConnectionID, sCfg *handshake.ServerConfig, tlsConf *tls.Config, config *Config) (packetHandler, error)
+	newSession                func(conn connection, v protocol.VersionNumber, connectionID protocol.ConnectionID, sCfg *handshake.ServerConfig, tlsConf *tls.Config, config *Config, logger utils.Logger) (packetHandler, error)
 	deleteClosedSessionsAfter time.Duration
+
+	logger utils.Logger
 }
 
 var _ Listener = &server{}
@@ -110,6 +112,7 @@ func Listen(conn net.PacketConn, tlsConf *tls.Config, config *Config) (Listener,
 		sessionQueue:              make(chan Session, 5),
 		errorChan:                 make(chan struct{}),
 		supportsTLS:               supportsTLS,
+		logger:                    utils.DefaultLogger,
 	}
 	if supportsTLS {
 		if err := s.setupTLS(); err != nil {
@@ -117,16 +120,16 @@ func Listen(conn net.PacketConn, tlsConf *tls.Config, config *Config) (Listener,
 		}
 	}
 	go s.serve()
-	utils.Debugf("Listening for %s connections on %s", conn.LocalAddr().Network(), conn.LocalAddr().String())
+	s.logger.Debugf("Listening for %s connections on %s", conn.LocalAddr().Network(), conn.LocalAddr().String())
 	return s, nil
 }
 
 func (s *server) setupTLS() error {
-	cookieHandler, err := handshake.NewCookieHandler(s.config.AcceptCookie)
+	cookieHandler, err := handshake.NewCookieHandler(s.config.AcceptCookie, s.logger)
 	if err != nil {
 		return err
 	}
-	serverTLS, sessionChan, err := newServerTLS(s.conn, s.config, cookieHandler, s.tlsConf)
+	serverTLS, sessionChan, err := newServerTLS(s.conn, s.config, cookieHandler, s.tlsConf, s.logger)
 	if err != nil {
 		return err
 	}
@@ -245,7 +248,7 @@ func (s *server) serve() {
 		}
 		data = data[:n]
 		if err := s.handlePacket(s.conn, remoteAddr, data); err != nil {
-			utils.Errorf("error handling packet: %s", err.Error())
+			s.logger.Errorf("error handling packet: %s", err.Error())
 		}
 	}
 }
@@ -328,12 +331,12 @@ func (s *server) handlePacket(pconn net.PacketConn, remoteAddr net.Addr, packet
 			var pr *wire.PublicReset
 			pr, err = wire.ParsePublicReset(r)
 			if err != nil {
-				utils.Infof("Received a Public Reset for connection %x. An error occurred parsing the packet.", hdr.ConnectionID)
+				s.logger.Infof("Received a Public Reset for connection %x. An error occurred parsing the packet.", hdr.ConnectionID)
 			} else {
-				utils.Infof("Received a Public Reset for connection %x, rejected packet number: 0x%x.", hdr.ConnectionID, pr.RejectedPacketNumber)
+				s.logger.Infof("Received a Public Reset for connection %x, rejected packet number: 0x%x.", hdr.ConnectionID, pr.RejectedPacketNumber)
 			}
 		} else {
-			utils.Infof("Received Public Reset for unknown connection %x.", hdr.ConnectionID)
+			s.logger.Infof("Received Public Reset for unknown connection %x.", hdr.ConnectionID)
 		}
 		return nil
 	}
@@ -360,7 +363,7 @@ func (s *server) handlePacket(pconn net.PacketConn, remoteAddr net.Addr, packet
 		if len(packet) < protocol.MinClientHelloSize+len(hdr.Raw) {
 			return errors.New("dropping small packet with unknown version")
 		}
-		utils.Infof("Client offered version %s, sending Version Negotiation Packet", hdr.Version)
+		s.logger.Infof("Client offered version %s, sending Version Negotiation Packet", hdr.Version)
 		_, err := pconn.WriteTo(wire.ComposeGQUICVersionNegotiation(hdr.ConnectionID, s.config.Versions), remoteAddr)
 		return err
 	}
@@ -377,7 +380,7 @@ func (s *server) handlePacket(pconn net.PacketConn, remoteAddr net.Addr, packet
 			return errors.New("Server BUG: negotiated version not supported")
 		}
 
-		utils.Infof("Serving new connection: %x, version %s from %v", hdr.ConnectionID, version, remoteAddr)
+		s.logger.Infof("Serving new connection: %x, version %s from %v", hdr.ConnectionID, version, remoteAddr)
 		session, err = s.newSession(
 			&conn{pconn: pconn, currentAddr: remoteAddr},
 			version,
@@ -385,6 +388,7 @@ func (s *server) handlePacket(pconn net.PacketConn, remoteAddr net.Addr, packet
 			s.scfg,
 			s.tlsConf,
 			s.config,
+			s.logger,
 		)
 		if err != nil {
 			return err

vendor/github.com/lucas-clemente/quic-go/server_tls.go

@@ -21,9 +21,12 @@ type nullAEAD struct {
 
 var _ quicAEAD = &nullAEAD{}
 
-func (n *nullAEAD) Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error) {
-	data, err := n.aead.Open(dst, src, packetNumber, associatedData)
-	return data, protocol.EncryptionUnencrypted, err
+func (n *nullAEAD) OpenHandshake(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error) {
+	return n.aead.Open(dst, src, packetNumber, associatedData)
+}
+
+func (n *nullAEAD) Open1RTT(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error) {
+	return nil, errors.New("no 1-RTT keys")
 }
 
 type tlsSession struct {
@@ -40,6 +43,8 @@ type serverTLS struct {
 	newMintConn       func(*handshake.CryptoStreamConn, protocol.VersionNumber) (handshake.MintTLS, <-chan handshake.TransportParameters, error)
 
 	sessionChan chan<- tlsSession
+
+	logger utils.Logger
 }
 
 func newServerTLS(
@@ -47,6 +52,7 @@ func newServerTLS(
 	config *Config,
 	cookieHandler *handshake.CookieHandler,
 	tlsConf *tls.Config,
+	logger utils.Logger,
 ) (*serverTLS, <-chan tlsSession, error) {
 	mconf, err := tlsToMintConfig(tlsConf, protocol.PerspectiveServer)
 	if err != nil {
@@ -74,16 +80,17 @@ func newServerTLS(
 			MaxBidiStreams:              uint16(config.MaxIncomingStreams),
 			MaxUniStreams:               uint16(config.MaxIncomingUniStreams),
 		},
+		logger: logger,
 	}
 	s.newMintConn = s.newMintConnImpl
 	return s, sessionChan, nil
 }
 
 func (s *serverTLS) HandleInitial(remoteAddr net.Addr, hdr *wire.Header, data []byte) {
-	utils.Debugf("Received a Packet. Handling it statelessly.")
+	s.logger.Debugf("Received a Packet. Handling it statelessly.")
 	sess, err := s.handleInitialImpl(remoteAddr, hdr, data)
 	if err != nil {
-		utils.Errorf("Error occurred handling initial packet: %s", err)
+		s.logger.Errorf("Error occurred handling initial packet: %s", err)
 		return
 	}
 	if sess == nil { // a stateless reset was done
@@ -97,7 +104,7 @@ func (s *serverTLS) HandleInitial(remoteAddr net.Addr, hdr *wire.Header, data []
 
 // will be set to s.newMintConn by the constructor
 func (s *serverTLS) newMintConnImpl(bc *handshake.CryptoStreamConn, v protocol.VersionNumber) (handshake.MintTLS, <-chan handshake.TransportParameters, error) {
-	extHandler := handshake.NewExtensionHandlerServer(s.params, s.config.Versions, v)
+	extHandler := handshake.NewExtensionHandlerServer(s.params, s.config.Versions, v, s.logger)
 	conf := s.mintConf.Clone()
 	conf.ExtensionHandler = extHandler
 	return newMintController(bc, conf, protocol.PerspectiveServer), extHandler.GetPeerParams(), nil
@@ -115,7 +122,7 @@ func (s *serverTLS) sendConnectionClose(remoteAddr net.Addr, clientHdr *wire.Hea
 		PacketNumber: 1,                      // random packet number
 		Version:      clientHdr.Version,
 	}
-	data, err := packUnencryptedPacket(aead, replyHdr, ccf, protocol.PerspectiveServer)
+	data, err := packUnencryptedPacket(aead, replyHdr, ccf, protocol.PerspectiveServer, s.logger)
 	if err != nil {
 		return err
 	}
@@ -129,7 +136,7 @@ func (s *serverTLS) handleInitialImpl(remoteAddr net.Addr, hdr *wire.Header, dat
 	}
 	// check version, if not matching send VNP
 	if !protocol.IsSupportedVersion(s.supportedVersions, hdr.Version) {
-		utils.Debugf("Client offered version %s, sending VersionNegotiationPacket", hdr.Version)
+		s.logger.Debugf("Client offered version %s, sending VersionNegotiationPacket", hdr.Version)
 		_, err := s.conn.WriteTo(wire.ComposeVersionNegotiation(hdr.ConnectionID, s.supportedVersions), remoteAddr)
 		return nil, err
 	}
@@ -139,15 +146,15 @@ func (s *serverTLS) handleInitialImpl(remoteAddr net.Addr, hdr *wire.Header, dat
 	if err != nil {
 		return nil, err
 	}
-	frame, err := unpackInitialPacket(aead, hdr, data, hdr.Version)
+	frame, err := unpackInitialPacket(aead, hdr, data, s.logger, hdr.Version)
 	if err != nil {
-		utils.Debugf("Error unpacking initial packet: %s", err)
+		s.logger.Debugf("Error unpacking initial packet: %s", err)
 		return nil, nil
 	}
 	sess, err := s.handleUnpackedInitial(remoteAddr, hdr, frame, aead)
 	if err != nil {
 		if ccerr := s.sendConnectionClose(remoteAddr, hdr, aead, err); ccerr != nil {
-			utils.Debugf("Error sending CONNECTION_CLOSE: %s", ccerr)
+			s.logger.Debugf("Error sending CONNECTION_CLOSE: %s", ccerr)
 		}
 		return nil, err
 	}
@@ -177,7 +184,7 @@ func (s *serverTLS) handleUnpackedInitial(remoteAddr net.Addr, hdr *wire.Header,
 			StreamID: version.CryptoStreamID(),
 			Data:     bc.GetDataForWriting(),
 		}
-		data, err := packUnencryptedPacket(aead, replyHdr, f, protocol.PerspectiveServer)
+		data, err := packUnencryptedPacket(aead, replyHdr, f, protocol.PerspectiveServer, s.logger)
 		if err != nil {
 			return nil, err
 		}
@@ -207,6 +214,7 @@ func (s *serverTLS) handleUnpackedInitial(remoteAddr net.Addr, hdr *wire.Header,
 		aead,
 		&params,
 		version,
+		s.logger,
 	)
 	if err != nil {
 		return nil, err

vendor/github.com/lucas-clemente/quic-go/streams_map_generic_helper.go

+package quic
+
+import "github.com/cheekybits/genny/generic"
+
+// In the auto-generated streams maps, we need to be able to close the streams.
+// Therefore, extend the generic.Type with the stream close method.
+// This definition must be in a file that Genny doesn't process.
+type item interface {
+	generic.Type
+	closeForShutdown(error)
+}

vendor/github.com/lucas-clemente/quic-go/streams_map_incoming_bidi.go

@@ -123,6 +123,9 @@ func (m *incomingBidiStreamsMap) DeleteStream(id protocol.StreamID) error {
 func (m *incomingBidiStreamsMap) CloseWithError(err error) {
 	m.mutex.Lock()
 	m.closeErr = err
+	for _, str := range m.streams {
+		str.closeForShutdown(err)
+	}
 	m.mutex.Unlock()
 	m.cond.Broadcast()
 }

vendor/github.com/lucas-clemente/quic-go/streams_map_incoming_generic.go

@@ -121,6 +121,9 @@ func (m *incomingItemsMap) DeleteStream(id protocol.StreamID) error {
 func (m *incomingItemsMap) CloseWithError(err error) {
 	m.mutex.Lock()
 	m.closeErr = err
+	for _, str := range m.streams {
+		str.closeForShutdown(err)
+	}
 	m.mutex.Unlock()
 	m.cond.Broadcast()
 }

vendor/github.com/lucas-clemente/quic-go/streams_map_incoming_uni.go

@@ -123,6 +123,9 @@ func (m *incomingUniStreamsMap) DeleteStream(id protocol.StreamID) error {
 func (m *incomingUniStreamsMap) CloseWithError(err error) {
 	m.mutex.Lock()
 	m.closeErr = err
+	for _, str := range m.streams {
+		str.closeForShutdown(err)
+	}
 	m.mutex.Unlock()
 	m.cond.Broadcast()
 }

vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_bidi.go

@@ -118,6 +118,9 @@ func (m *outgoingBidiStreamsMap) SetMaxStream(id protocol.StreamID) {
 func (m *outgoingBidiStreamsMap) CloseWithError(err error) {
 	m.mutex.Lock()
 	m.closeErr = err
+	for _, str := range m.streams {
+		str.closeForShutdown(err)
+	}
 	m.cond.Broadcast()
 	m.mutex.Unlock()
 }

vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_generic.go

@@ -4,14 +4,11 @@ import (
 	"fmt"
 	"sync"
 
-	"github.com/cheekybits/genny/generic"
 	"github.com/lucas-clemente/quic-go/internal/protocol"
 	"github.com/lucas-clemente/quic-go/internal/wire"
 	"github.com/lucas-clemente/quic-go/qerr"
 )
 
-type item generic.Type
-
 //go:generate genny -in $GOFILE -out streams_map_outgoing_bidi.go gen "item=streamI Item=BidiStream"
 //go:generate genny -in $GOFILE -out streams_map_outgoing_uni.go gen "item=sendStreamI Item=UniStream"
 type outgoingItemsMap struct {
@@ -119,6 +116,9 @@ func (m *outgoingItemsMap) SetMaxStream(id protocol.StreamID) {
 func (m *outgoingItemsMap) CloseWithError(err error) {
 	m.mutex.Lock()
 	m.closeErr = err
+	for _, str := range m.streams {
+		str.closeForShutdown(err)
+	}
 	m.cond.Broadcast()
 	m.mutex.Unlock()
 }

vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_uni.go

@@ -118,6 +118,9 @@ func (m *outgoingUniStreamsMap) SetMaxStream(id protocol.StreamID) {
 func (m *outgoingUniStreamsMap) CloseWithError(err error) {
 	m.mutex.Lock()
 	m.closeErr = err
+	for _, str := range m.streams {
+		str.closeForShutdown(err)
+	}
 	m.cond.Broadcast()
 	m.mutex.Unlock()
 }

vendor/github.com/xenolf/lego/acmev2/client.go

@@ -265,7 +265,7 @@ func (c *Client) QueryRegistration() (*RegistrationResource, error) {
 // your issued certificate as a bundle.
 // This function will never return a partial certificate. If one domain in the list fails,
 // the whole certificate will fail.
-func (c *Client) ObtainCertificateForCSR(csr x509.CertificateRequest, bundle bool) (CertificateResource, map[string]error) {
+func (c *Client) ObtainCertificateForCSR(csr x509.CertificateRequest, bundle bool) (CertificateResource, error) {
 	// figure out what domains it concerns
 	// start with the common name
 	domains := []string{csr.Subject.CommonName}
@@ -292,11 +292,7 @@ DNSNames:
 
 	order, err := c.createOrderForIdentifiers(domains)
 	if err != nil {
-		identErrors := make(map[string]error)
-		for _, auth := range order.Identifiers {
-			identErrors[auth.Value] = err
-		}
-		return CertificateResource{}, identErrors
+		return CertificateResource{}, err
 	}
 	authz, failures := c.getAuthzForOrder(order)
 	// If any challenge fails - return. Do not generate partial SAN certificates.
@@ -338,7 +334,11 @@ DNSNames:
 // your issued certificate as a bundle.
 // This function will never return a partial certificate. If one domain in the list fails,
 // the whole certificate will fail.
-func (c *Client) ObtainCertificate(domains []string, bundle bool, privKey crypto.PrivateKey, mustStaple bool) (CertificateResource, map[string]error) {
+func (c *Client) ObtainCertificate(domains []string, bundle bool, privKey crypto.PrivateKey, mustStaple bool) (CertificateResource, error) {
+	if len(domains) == 0 {
+		return CertificateResource{}, errors.New("Passed no domains into ObtainCertificate")
+	}
+
 	if bundle {
 		logf("[INFO][%s] acme: Obtaining bundled SAN certificate", strings.Join(domains, ", "))
 	} else {
@@ -347,11 +347,7 @@ func (c *Client) ObtainCertificate(domains []string, bundle bool, privKey crypto
 
 	order, err := c.createOrderForIdentifiers(domains)
 	if err != nil {
-		identErrors := make(map[string]error)
-		for _, auth := range order.Identifiers {
-			identErrors[auth.Value] = err
-		}
-		return CertificateResource{}, identErrors
+		return CertificateResource{}, err
 	}
 	authz, failures := c.getAuthzForOrder(order)
 	// If any challenge fails - return. Do not generate partial SAN certificates.
@@ -433,7 +429,7 @@ func (c *Client) RenewCertificate(cert CertificateResource, bundle, mustStaple b
 			return CertificateResource{}, err
 		}
 		newCert, failures := c.ObtainCertificateForCSR(*csr, bundle)
-		return newCert, failures[cert.Domain]
+		return newCert, failures
 	}
 
 	var privKey crypto.PrivateKey
@@ -445,7 +441,6 @@ func (c *Client) RenewCertificate(cert CertificateResource, bundle, mustStaple b
 	}
 
 	var domains []string
-	var failures map[string]error
 	// check for SAN certificate
 	if len(x509Cert.DNSNames) > 1 {
 		domains = append(domains, x509Cert.Subject.CommonName)
@@ -459,8 +454,8 @@ func (c *Client) RenewCertificate(cert CertificateResource, bundle, mustStaple b
 		domains = append(domains, x509Cert.Subject.CommonName)
 	}
 
-	newCert, failures := c.ObtainCertificate(domains, bundle, privKey, mustStaple)
-	return newCert, failures[cert.Domain]
+	newCert, err := c.ObtainCertificate(domains, bundle, privKey, mustStaple)
+	return newCert, err
 }
 
 func (c *Client) createOrderForIdentifiers(domains []string) (orderResource, error) {
@@ -482,6 +477,7 @@ func (c *Client) createOrderForIdentifiers(domains []string) (orderResource, err
 
 	orderRes := orderResource{
 		URL:          hdr.Get("Location"),
+		Domains:      domains,
 		orderMessage: response,
 	}
 	return orderRes, nil
@@ -489,9 +485,9 @@ func (c *Client) createOrderForIdentifiers(domains []string) (orderResource, err
 
 // Looks through the challenge combinations to find a solvable match.
 // Then solves the challenges in series and returns.
-func (c *Client) solveChallengeForAuthz(authorizations []authorization) map[string]error {
+func (c *Client) solveChallengeForAuthz(authorizations []authorization) ObtainError {
 	// loop through the resources, basically through the domains.
-	failures := make(map[string]error)
+	failures := make(ObtainError)
 	for _, authz := range authorizations {
 		if authz.Status == "valid" {
 			// Boulder might recycle recent validated authz (see issue #267)
@@ -527,7 +523,7 @@ func (c *Client) chooseSolver(auth authorization, domain string) (int, solver) {
 }
 
 // Get the challenges needed to proof our identifier to the ACME server.
-func (c *Client) getAuthzForOrder(order orderResource) ([]authorization, map[string]error) {
+func (c *Client) getAuthzForOrder(order orderResource) ([]authorization, ObtainError) {
 	resc, errc := make(chan authorization), make(chan domainError)
 
 	delay := time.Second / overallRequestLimit
@@ -590,7 +586,7 @@ func (c *Client) requestCertificateForOrder(order orderResource, bundle bool, pr
 	}
 
 	// determine certificate name(s) based on the authorization resources
-	commonName := order.Identifiers[0].Value
+	commonName := order.Domains[0]
 	var san []string
 	for _, auth := range order.Identifiers {
 		san = append(san, auth.Value)
@@ -606,12 +602,7 @@ func (c *Client) requestCertificateForOrder(order orderResource, bundle bool, pr
 }
 
 func (c *Client) requestCertificateForCsr(order orderResource, bundle bool, csr []byte, privateKeyPem []byte) (CertificateResource, error) {
-	commonName := order.Identifiers[0].Value
-
-	var authURLs []string
-	for _, auth := range order.Identifiers[1:] {
-		authURLs = append(authURLs, auth.Value)
-	}
+	commonName := order.Domains[0]
 
 	csrString := base64.RawURLEncoding.EncodeToString(csr)
 	var retOrder orderMessage

vendor/github.com/xenolf/lego/acmev2/error.go

 package acme
 
 import (
+	"bytes"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
@@ -42,6 +43,18 @@ type domainError struct {
 	Error  error
 }
 
+// ObtainError is returned when there are specific errors available
+// per domain. For example in ObtainCertificate
+type ObtainError map[string]error
+
+func (e ObtainError) Error() string {
+	buffer := bytes.NewBufferString("acme: Error -> One or more domains had a problem:\n")
+	for dom, err := range e {
+		buffer.WriteString(fmt.Sprintf("[%s] %s\n", dom, err))
+	}
+	return buffer.String()
+}
+
 func handleHTTPError(resp *http.Response) error {
 	var errorDetail RemoteError
 

vendor/github.com/xenolf/lego/acmev2/messages.go

@@ -35,6 +35,7 @@ type accountMessage struct {
 
 type orderResource struct {
 	URL          string   `json:"url,omitempty"`
+	Domains      []string `json:"domains,omitempty"`
 	orderMessage `json:"body,omitempty"`
 }
 

vendor/manifest

@@ -129,7 +129,7 @@
 			"importpath": "github.com/lucas-clemente/aes12",
 			"repository": "https://github.com/lucas-clemente/aes12",
 			"vcs": "git",
-			"revision": "25700e67be5c860bcc999137275b9ef8b65932bd",
+			"revision": "cd47fb39b79f867c6e4e5cd39cf7abd799f71670",
 			"branch": "master",
 			"notests": true
 		},
@@ -145,7 +145,7 @@
 			"importpath": "github.com/lucas-clemente/quic-go",
 			"repository": "https://github.com/lucas-clemente/quic-go",
 			"vcs": "git",
-			"revision": "9fa739409e6edddbbd47c8031cb7bb3d1a209cc8",
+			"revision": "da7708e47066ab0aff0f20f66b21c1f329db1eff",
 			"branch": "master",
 			"notests": true
 		},
@@ -193,7 +193,7 @@
 			"importpath": "github.com/xenolf/lego/acmev2",
 			"repository": "https://github.com/xenolf/lego",
 			"vcs": "git",
-			"revision": "805eec97569ff533e1b75b16eac0bdd94e67bdd6",
+			"revision": "6e962fbfb37f9ea4a8201e32acb1b94ffb3b8398",
 			"branch": "acmev2",
 			"path": "/acmev2",
 			"notests": true