style: fix golangci-lint issues in QUIC SNI code

Author: nnemirovsky

internal/proxy/quic_sni.go

@@ -128,7 +128,7 @@ func ExtractQUICSNI(packet []byte) string {
 	}
 
 	// Derive Initial secrets.
-	clientSecret, err := deriveQUICClientSecret(dcid, salt, version)
+	clientSecret, err := deriveQUICClientSecret(dcid, salt)
 	if err != nil {
 		return ""
 	}
@@ -317,7 +317,7 @@ func ExtractQUICCryptoData(packet []byte) (data []byte, offset uint64) {
 		return nil, 0
 	}
 
-	clientSecret, err := deriveQUICClientSecret(dcid, salt, version)
+	clientSecret, err := deriveQUICClientSecret(dcid, salt)
 	if err != nil {
 		return nil, 0
 	}
@@ -404,10 +404,10 @@ func extractFirstCryptoFrame(frames []byte) ([]byte, uint64) {
 		}
 		pos += n
 
-		switch {
-		case frameType == 0x00: // PADDING
-		case frameType == 0x01: // PING
-		case frameType == 0x02 || frameType == 0x03: // ACK
+		switch frameType {
+		case 0x00: // PADDING
+		case 0x01: // PING
+		case 0x02, 0x03: // ACK
 			_, vn := readQUICVarint(frames[pos:])
 			if vn == 0 {
 				return nil, 0
@@ -449,7 +449,7 @@ func extractFirstCryptoFrame(frames []byte) ([]byte, uint64) {
 					pos += vn
 				}
 			}
-		case frameType == 0x06: // CRYPTO
+		case 0x06: // CRYPTO
 			cryptoOffset, vn := readQUICVarint(frames[pos:])
 			if vn == 0 {
 				return nil, 0
@@ -466,7 +466,7 @@ func extractFirstCryptoFrame(frames []byte) ([]byte, uint64) {
 			result := make([]byte, int(dataLen))
 			copy(result, frames[pos:pos+int(dataLen)])
 			return result, cryptoOffset
-		case frameType == 0x1c || frameType == 0x1d: // CONNECTION_CLOSE
+		case 0x1c, 0x1d: // CONNECTION_CLOSE
 			_, vn := readQUICVarint(frames[pos:])
 			if vn == 0 {
 				return nil, 0
@@ -535,15 +535,15 @@ func extractCryptoData(frames []byte) []byte {
 		}
 		pos += n
 
-		switch {
-		case frameType == 0x00:
+		switch frameType {
+		case 0x00:
 			// PADDING frame: single-byte type, no payload. The type byte
 			// was already consumed above.
 
-		case frameType == 0x01:
+		case 0x01:
 			// PING frame: single-byte type, no payload.
 
-		case frameType == 0x02 || frameType == 0x03:
+		case 0x02, 0x03:
 			// ACK frame: skip it. Parse enough to find the length.
 			// Largest Acknowledged (varint)
 			_, vn := readQUICVarint(frames[pos:])
@@ -593,7 +593,7 @@ func extractCryptoData(frames []byte) []byte {
 				}
 			}
 
-		case frameType == 0x06:
+		case 0x06:
 			// CRYPTO frame: offset(varint) + length(varint) + data
 			offset, vn := readQUICVarint(frames[pos:])
 			if vn == 0 {
@@ -615,7 +615,7 @@ func extractCryptoData(frames []byte) []byte {
 			}
 			pos += int(dataLen)
 
-		case frameType == 0x1c || frameType == 0x1d:
+		case 0x1c, 0x1d:
 			// CONNECTION_CLOSE frame: error_code(varint) + frame_type(varint,
 			// only for 0x1c) + reason_phrase_length(varint) + reason_phrase.
 			_, vn := readQUICVarint(frames[pos:])
@@ -685,13 +685,14 @@ func readQUICVarint(buf []byte) (uint64, int) {
 }
 
 // deriveQUICClientSecret derives the TLS 1.3 client Initial secret from
-// the DCID and salt per RFC 9001 Section 5.2.
-func deriveQUICClientSecret(dcid, salt []byte, version uint32) ([]byte, error) {
+// the DCID and salt per RFC 9001 Section 5.2. Both QUIC v1 and v2 use the
+// same label for initial secret derivation, so the version is only reflected
+// in the caller's choice of salt.
+func deriveQUICClientSecret(dcid, salt []byte) ([]byte, error) {
 	// Step 1: initial_secret = HKDF-Extract(salt, dcid)
 	h := hkdf.Extract(sha256.New, dcid, salt)
 
 	// Step 2: client_in = HKDF-Expand-Label(initial_secret, "client in", "", 32)
-	// Both QUIC v1 and v2 use the same label for initial secret derivation.
 	return hkdfExpandLabel(h, "client in", 32)
 }
 

internal/proxy/quic_sni_test.go

@@ -286,7 +286,7 @@ func buildQUICInitialFromPlaintext(t *testing.T, dcid, plaintext []byte, version
 		ivLabel = "quicv2 iv"
 	}
 
-	clientSecret, err := deriveQUICClientSecret(dcid, salt, version)
+	clientSecret, err := deriveQUICClientSecret(dcid, salt)
 	if err != nil {
 		t.Fatalf("deriveQUICClientSecret: %v", err)
 	}
@@ -414,7 +414,7 @@ func buildQUICInitial(t *testing.T, hostname string, version uint32) []byte {
 	}
 
 	// Derive keys.
-	clientSecret, err := deriveQUICClientSecret(dcid, salt, version)
+	clientSecret, err := deriveQUICClientSecret(dcid, salt)
 	if err != nil {
 		t.Fatalf("deriveQUICClientSecret: %v", err)
 	}

internal/proxy/server_test.go

@@ -4486,8 +4486,9 @@ func TestSNIAccumulatorPartialDataCannotExtractSNI(t *testing.T) {
 // sole CRYPTO frame sits at the given offset with the provided handshake
 // data. This lets tests simulate quic-go fragmenting a ClientHello across
 // several Initial packets. dcid must be identical across packets that share
-// the same connection so decryption uses the same keys.
-func buildQUICInitialWithCrypto(t *testing.T, dcid []byte, offset uint64, data []byte, version uint32) []byte {
+// the same connection so decryption uses the same keys. Always builds a
+// QUIC v1 packet since all current callers only exercise v1 fragmentation.
+func buildQUICInitialWithCrypto(t *testing.T, dcid []byte, offset uint64, data []byte) []byte {
 	t.Helper()
 
 	var crypto []byte
@@ -4496,7 +4497,7 @@ func buildQUICInitialWithCrypto(t *testing.T, dcid []byte, offset uint64, data [
 	crypto = append(crypto, encodeQUICVarint(uint64(len(data)))...)
 	crypto = append(crypto, data...)
 
-	return buildQUICInitialFromPlaintext(t, dcid, crypto, version)
+	return buildQUICInitialFromPlaintext(t, dcid, crypto, quicVersionV1)
 }
 
 // TestExtractQUICCryptoDataReturnsOffsetAndData verifies that
@@ -4507,7 +4508,7 @@ func TestExtractQUICCryptoDataReturnsOffsetAndData(t *testing.T) {
 	dcid := []byte{0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08}
 	payload := []byte("first-crypto-chunk")
 
-	packet := buildQUICInitialWithCrypto(t, dcid, 0, payload, quicVersionV1)
+	packet := buildQUICInitialWithCrypto(t, dcid, 0, payload)
 	got, offset := ExtractQUICCryptoData(packet)
 	if offset != 0 {
 		t.Errorf("offset = %d, want 0", offset)
@@ -4517,7 +4518,7 @@ func TestExtractQUICCryptoDataReturnsOffsetAndData(t *testing.T) {
 	}
 
 	// Non-zero offset packet.
-	packet2 := buildQUICInitialWithCrypto(t, dcid, 42, []byte("later-chunk"), quicVersionV1)
+	packet2 := buildQUICInitialWithCrypto(t, dcid, 42, []byte("later-chunk"))
 	got2, offset2 := ExtractQUICCryptoData(packet2)
 	if offset2 != 42 {
 		t.Errorf("offset = %d, want 42", offset2)
@@ -4675,8 +4676,8 @@ func TestQUICSNIAccumulationAcrossTwoPackets(t *testing.T) {
 	part2 := hs[splitAt:]
 
 	dcid := []byte{0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88}
-	packet1 := buildQUICInitialWithCrypto(t, dcid, 0, part1, quicVersionV1)
-	packet2 := buildQUICInitialWithCrypto(t, dcid, uint64(splitAt), part2, quicVersionV1)
+	packet1 := buildQUICInitialWithCrypto(t, dcid, 0, part1)
+	packet2 := buildQUICInitialWithCrypto(t, dcid, uint64(splitAt), part2)
 
 	// Sanity: the first packet alone should NOT produce an SNI via the
 	// single-packet path.
@@ -4721,7 +4722,7 @@ func TestQUICSNIAccumulationFallsBackAfterPacketBudget(t *testing.T) {
 	destIP := net.ParseIP("10.77.0.2")
 
 	for i := 0; i < maxSNIAccumulatorPackets; i++ {
-		packet := buildQUICInitialWithCrypto(t, dcid, uint64(1000+i*16), []byte("gap-bytes-only"), quicVersionV1)
+		packet := buildQUICInitialWithCrypto(t, dcid, uint64(1000+i*16), []byte("gap-bytes-only"))
 		if _, err := env.udpConn.WriteTo(wrapInSOCKS5UDP(packet, destIP), env.bindAddr); err != nil {
 			t.Fatalf("send packet %d: %v", i, err)
 		}