qtls: protect the tls.ClientSessionCache implementation with a mutex

[marten-seemann]

This prevents a race condition when the underlying ClientSessionCache provided by the application returns the same session ticket for multiple connections. Reusing session tickets is explicitly recommended against by both RFC 8446 and RFC 9001, but it's not forbidden. This fix only benefits applications that compromise their users' privacy by reusing session tickets.

@ainar-g Could you give this PR a try? As a permanent fix, I'd recommend not reusing session tickets though.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (013949c) 84.15% compared to head (d4660f8) 84.16%.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4319      +/-   ##
==========================================
+ Coverage   84.15%   84.16%   +0.01%     
==========================================
  Files         150      150              
  Lines       15368    15374       +6     
==========================================
+ Hits        12932    12938       +6     
+ Misses       1938     1937       -1     
- Partials      498      499       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[ainar-g]

As mentioned in #4318, we weren't able to reproduce the race in our code reliably yet. As far as I can see, the original code is not explicitly reusing any session tickets. It essentially is trying to establish both an HTTP/2 and an HTTP/3 connection to the same endpoint at the same time to see which protocol is faster.

The code in the PR looks good to me, but I wonder if I should file an issue about the unclear documentation in the Go repo?

[marten-seemann]

Not sure what documentation you want to improve. Warn against the reuse of session tickets? That sounds like a worthwhile change.