From 4f713392d19ce1802ba11415eb456bf9b5ff6be8 Mon Sep 17 00:00:00 2001
From: Gaukas Wang <i@gaukas.wang>
Date: Fri, 3 May 2024 07:39:15 -0700
Subject: [PATCH] quic: always use empty session ID (#297)

---
 u_parrots.go | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/u_parrots.go b/u_parrots.go
index af85da8f..8ac1ca07 100644
--- a/u_parrots.go
+++ b/u_parrots.go
@@ -2672,12 +2672,21 @@ func (uconn *UConn) ApplyPreset(p *ClientHelloSpec) error {
 			hello.CipherSuites[i] = GetBoringGREASEValue(uconn.greaseSeed, ssl_grease_cipher)
 		}
 	}
-	var sessionID [32]byte
-	_, err = io.ReadFull(uconn.config.rand(), sessionID[:])
-	if err != nil {
-		return err
+
+	// A random session ID is used to detect when the server accepted a ticket
+	// and is resuming a session (see RFC 5077). In TLS 1.3, it's always set as
+	// a compatibility measure (see RFC 8446, Section 4.1.2).
+	//
+	// The session ID is not set for QUIC connections (see RFC 9001, Section 8.4).
+	if uconn.quic == nil {
+		var sessionID [32]byte
+		_, err = io.ReadFull(uconn.config.rand(), sessionID[:])
+		if err != nil {
+			return err
+		}
+		uconn.HandshakeState.Hello.SessionId = sessionID[:]
 	}
-	uconn.HandshakeState.Hello.SessionId = sessionID[:]
+
 	uconn.Extensions = make([]TLSExtension, len(p.Extensions))
 	copy(uconn.Extensions, p.Extensions)