Retire reset tokens and CIDs from Endpoint when a path is discarded #275
Description
When the remote sends a reset token to a local Connection, that reset token is passed to the Endpoint so that it can send the reset token if the the local connection state is lost.
Likewise when the local Connection issues CIDs for a path to the remote, they are also passed to the Endpoint so that it can route incoming datagrams from that path to the correct local Connection.
When a path is abandoned, the local Connection immediately retires the CIDs it has for the remote. Making it impossible for the local Connection to send further packets on this path. At this time however the CIDs the local Connection issued to the remote are still left at the Endpoint, so that any in-flight datagrams on that path can still be routed to the correct local Connection. Similarly the reset tokens for that path are still installed at the connection.
However, once the path is discarded we intent to drop all the state for the path. Which we do inside the Connection, but we are not cleaning up the CIDs and reset tokens. This is effectively a memory leak. We should:
-
Remove the local CIDs from the Endpoint when the PathData is discarded.
The code now handles triggering a protocol violation if packets are still received more than 3*maxPTO after the path was abandoned. So leaving the CIDs longer does no harm here.
-
Remove the remote's reset tokens from the Endpoint.
This is harder, ideally we would keep triggering a stateless reset if at any point the remote starts sending on this path again. But discarding them when PathData is discarded is probably fine too.