If a server-facing socket on a CONNECT-UDP proxy is being shared for multiple proxied QUIC connections, and demuxing by CID, it cannot easily/safely share the socket with other CONNECT-UDP connections that do not indicate a QUIC CID. This is implicit in the text, but not stated directly.
A corollary of this is that any packet received on a shared socket that doesn't match a known CID must be dropped.
DavidSchinazi
commented
3 years ago
If a server-facing socket on a CONNECT-UDP proxy is being shared for multiple proxied QUIC connections, and demuxing by CID, it cannot easily/safely share the socket with other CONNECT-UDP connections that do not indicate a QUIC CID. This is implicit in the text, but not stated directly.
A corollary of this is that any packet received on a shared socket that doesn't match a known CID must be dropped.