implement anti-replay mechanism for 0-RTT

This implements anti-replay protection using ClientHello recording described in RFC8446.

Checklist

• Code modified for feature
• Test suite updated with functionality tests
• Test suite updated with negative tests
• Documentation updated

Reviewer's checklist:

• Any issues marked for closing are addressed
• There is a test suite reasonably covering new functionality or modifications
• Function naming, parameters, return values, types, etc., are consistent and according to CONTRIBUTION.md
• This feature/change has adequate documentation added
• No obvious mistakes in the code

added 4 commits

• 057bdcd5 - ext/pre_shared_key: don't assume ob_ticket_age < ticket_age_add
• dc2b4b8f - TLS 1.3: implement anti-replay measure using ClientHello recording
• aeb64660 - serv: enable anti-replay when early data is used
• a2fb816a - doc: mention anti-replay mechanism

Compare with previous version

mentioned in merge request !775 (merged)

added 3 commits

• 117f205b - TLS 1.3: implement anti-replay measure using ClientHello recording
• 49be79b6 - serv: enable anti-replay when early data is used
• dc5f181c - doc: mention anti-replay mechanism

Compare with previous version

mentioned in merge request !785 (merged)

added 44 commits

• dc5f181c...213ac5fa - 40 commits from branch tmp-0rtt
• 12bffe1d - tls13/session_ticket: record timestamp in ticket
• f7cf2e16 - TLS 1.3: implement anti-replay measure using ClientHello recording
• e869ddb9 - serv: enable anti-replay when early data is used
• 1f93ec4d - doc: mention anti-replay mechanism

Compare with previous version

added 3 commits

• 4d4e9ce6 - TLS 1.3: implement anti-replay measure using ClientHello recording
• dcb96322 - serv: enable anti-replay when early data is used
• ad2bb1d6 - doc: mention anti-replay mechanism

Compare with previous version

added 3 commits

• 2bb9d0b9 - TLS 1.3: implement anti-replay measure using ClientHello recording
• 44d00293 - serv: enable anti-replay when early data is used
• 7367fde8 - doc: mention anti-replay mechanism

Compare with previous version

added 3 commits

• fa243cf4 - TLS 1.3: implement anti-replay measure using ClientHello recording
• 78315afd - serv: enable anti-replay when early data is used
• 6885fb24 - doc: mention anti-replay mechanism

Compare with previous version

added 3 commits

• 6bfac7c5 - TLS 1.3: implement anti-replay measure using ClientHello recording
• a62127e5 - serv: enable anti-replay when early data is used
• 94b752a0 - doc: mention anti-replay mechanism

Compare with previous version

added 6 commits

• 7deaa0cd - record: fix memleak when rejecting early data
• e81c9cc2 - session_pack: record max_early_data_size in session data
• 751a6273 - tls13/session_ticket: record timestamp in ticket
• bd9f81dd - TLS 1.3: implement anti-replay measure using ClientHello recording
• c8aab3b8 - serv: enable anti-replay when early data is used
• 1717654b - doc: mention anti-replay mechanism

Compare with previous version

added 3 commits

• dacc8d16 - TLS 1.3: implement anti-replay measure using ClientHello recording
• c981a67b - serv: enable anti-replay when early data is used
• 57bfc949 - doc: mention anti-replay mechanism

Compare with previous version

added 6 commits

• efaf22ab - record: fix memleak when rejecting early data
• 28c168be - session_pack: record max_early_data_size in session data
• 3395571a - tls13/session_ticket: record timestamp in ticket
• 036269e5 - TLS 1.3: implement anti-replay measure using ClientHello recording
• 84c05864 - serv: enable anti-replay when early data is used
• af5d8045 - doc: mention anti-replay mechanism for early data

Compare with previous version

added 3 commits

• 865bdf79 - TLS 1.3: implement anti-replay measure using ClientHello recording
• 4e5768dd - serv: enable anti-replay when early data is used
• e4d4ce34 - doc: mention anti-replay mechanism for early data

Compare with previous version

added 32 commits

• e4d4ce34...a0cb57f7 - 27 commits from branch tmp-0rtt
• 9ab81071 - tls13/session_ticket: record timestamp in ticket
• 6cec0fd0 - tls13/siphash: import reference SipHash implementation
• c00d9b94 - TLS 1.3: implement anti-replay measure using ClientHello recording
• c7ac4ac2 - serv: enable anti-replay when early data is used
• 43dedd63 - doc: mention anti-replay mechanism for early data

Compare with previous version

unmarked as a Work In Progress

changed title from WIP: implement anti-replay mechanism to implement anti-replay mechanism for 0-RTT

changed the description

closed

Merged this to !775 (merged).