Propagate connection info along side stream creation

[tegefaulkes]

Specification

We need a way to provide the connection info and other metadata along side the stream when it is created. The stream itself should implement the RpcStream interface defined in the agnostic RPC system. This is defined below.

interface RPCStream<
  R,
  W,
  M extends Record<string, JSONValue> = Record<string, JSONValue>,
> extends ReadableWritablePair<R, W> {
  cancel: (reason?: any) => void;
  meta?: M;
}

This information should be stored within the QUICConnection and can be taken from there. Certain information such as src address can change, so we need to keep this data up to date.

This also means we need to be able to get the connection information from the underlying QUICConnection. Features may need to be added to support this.

Metadata we need to include are:

type Metadata = {
  remoteCertificates?: Certificates
  localHost: Host;
  localPort: Port;
  remoteHost: Host;
  remotePort: Port;
}

Additional context

• Related Create QUIC library that can be exposed to JS and uses the Node dgram module #1
• Related Create QUIC library that can be exposed to JS and uses the Node dgram module #1 (comment)

Tasks

1. Have the streams implement the RpcStream interface.
2. Add any required methods to QUICConnection to provide any connection information an other metadata.

[tegefaulkes]

The Quiche system returns the peer certificates as DER encoded Uint8Arrays. Do we want to convert this to any other form such as the X509 or the PEM format?

[tegefaulkes]

I also need to note, Relating to this issue cloudflare/quiche#1489. The TLS handshake completes after the connection establishment handshake. I think this means that streams can be created before TLS is established and the peer certificates is obtained.

So it's possible for the peer certificates to exist, but the metadata will return null for them until the TLS handshake has completed. I currently don't have a good way of knowing when that has happened without polling.

[CMCDragonkai]

Do you see that right now in the code?

You may wish to convert them to the expected format in PK. I think they are PEM strings...?

[tegefaulkes]

I haven't seen in the test I just made. But I think it's a potential race condition if we don't keep it in mind.

I've converted the DER format certs to the PEM format.

[CMCDragonkai]

New issue should be created for that. Can you also confirm upstream by raising an issue about this?

Wait... Why would streams and TLS certs have anything to do with each other? Streams in our case can only be created after connection is established and that should only occur after TLS handshake is done. But I think you said we have to potentially wait for it to happen because there's no event for it. I think a poll utility function can be copied over from PK.

[tegefaulkes]

There is an upstream issue for this. cloudflare/quiche#1489. They said that connection establishment and TLS handshake are different with the connection handshake completing first then the TLS handshake after. The is_established being true refers to the first handshake. I don't know of a way to check if the TLS handshake has completed.

I'm just saying that a connection can be established and created before the TLS has finished. So if you try to get the connection info, the peer cert could be missing. But it could be missing due to the handshake hasn't completed yet or the peer hasn't sent a cert at all.