Skip to content

[QUIC] Client mistakenly recycles tokens across different servers #7197

New issue
New issue
Closed
#7260
Closed
[QUIC] Client mistakenly recycles tokens across different servers#7197
#7260
@ripatel-fd

Description

@ripatel-fd
ripatel-fd
opened on Jul 28, 2025

Problem

The Agave QUIC client libraries use the hardcoded string "connect" as the server name indication for all servers.

This leads quinn's TokenStore to reuse address validation tokens across different servers.
This isn't a problem for Agave servers but it is not spec compliant and can lead to issues with servers that use QUIC retry.

Proposed Solution

A couple possible solutions

1. Use different SNIs

Keep the address validation token store enabled (decreases time to first app_data packet or something?)
Use a different server name indication for every server to prevent reuse.

2. Disable the token store

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions