feat: expose 0-RTT detection at stream level

Author: iadev09

h3-quinn/src/lib.rs

@@ -270,6 +270,18 @@ where
     recv: RecvStream,
 }
 
+impl<B> BidiStream<B>
+where
+    B: Buf,
+{
+    /// Check if this stream was opened during 0-RTT.
+    ///
+    /// See [RFC 8470 Section 5.2](https://www.rfc-editor.org/rfc/rfc8470.html#section-5.2).
+    pub fn is_0rtt(&self) -> bool {
+        self.recv.is_0rtt()
+    }
+}
+
 impl<B> quic::BidiStream<B> for BidiStream<B>
 where
     B: Buf,
@@ -338,6 +350,15 @@ where
     }
 }
 
+impl<B> h3::server::Is0rtt for BidiStream<B>
+where
+    B: Buf,
+{
+    fn is_0rtt(&self) -> bool {
+        BidiStream::is_0rtt(self)
+    }
+}
+
 /// Quinn-backed receive stream
 ///
 /// Implements a [`quic::RecvStream`] backed by a [`quinn::RecvStream`].
@@ -362,6 +383,17 @@ impl RecvStream {
             read_chunk_fut: ReusableBoxFuture::new(async { unreachable!() }),
         }
     }
+
+	/// Check if this stream has been opened during 0-RTT.
+	///
+	/// In which case any non-idempotent request should be considered dangerous at the application
+	/// level. Because read data is subject to replay attacks.
+    pub fn is_0rtt(&self) -> bool {
+        self.stream
+            .as_ref()
+            .map(|s| s.is_0rtt())
+            .unwrap_or(false)
+    }
 }
 
 impl quic::RecvStream for RecvStream {

h3/src/frame.rs

@@ -41,6 +41,13 @@ impl<S, B> FrameStream<S, B> {
     pub fn into_inner(self) -> BufRecvStream<S, B> {
         self.stream
     }
+
+    pub(crate) fn is_0rtt(&self) -> bool
+    where
+        S: crate::server::Is0rtt,
+    {
+        self.stream.is_0rtt()
+    }
 }
 
 impl<S, B> FrameStream<S, B>

h3/src/server/mod.rs

@@ -56,4 +56,4 @@ pub use builder::builder;
 pub use builder::Builder;
 pub use connection::Connection;
 pub use request::RequestResolver;
-pub use stream::RequestStream;
+pub use stream::{Is0rtt, RequestStream};

h3/src/server/stream.rs

@@ -105,6 +105,34 @@ where
     pub fn id(&self) -> StreamId {
         self.inner.stream.id()
     }
+
+	/// Check if this stream was opened during 0-RTT.
+	///
+	/// See [RFC 8470 Section 5.2](https://www.rfc-editor.org/rfc/rfc8470.html#section-5.2).
+	///
+	/// # Example
+	///
+	/// ```no_run
+	/// # use h3::server::RequestStream;
+	/// # async fn example(mut stream: RequestStream<impl h3::quic::BidiStream<bytes::Bytes>, bytes::Bytes>) {
+	/// if stream.is_0rtt() {
+	///     // Reject non-idempotent methods (e.g., POST, PUT, DELETE)
+	///     // to prevent replay attacks
+	/// }
+	/// # }
+	/// ```
+    pub fn is_0rtt(&self) -> bool
+    where
+        S: Is0rtt,
+    {
+        self.inner.stream.is_0rtt()
+    }
+}
+
+/// Trait for QUIC streams that support 0-RTT detection.
+pub trait Is0rtt {
+    /// Check if this stream was opened during 0-RTT.
+    fn is_0rtt(&self) -> bool;
 }
 
 impl<S, B> RequestStream<S, B>

h3/src/stream.rs

@@ -437,6 +437,13 @@ impl<S, B> BufRecvStream<S, B> {
             _marker: PhantomData,
         }
     }
+
+    pub(crate) fn is_0rtt(&self) -> bool
+    where
+        S: crate::server::Is0rtt,
+    {
+        self.stream.is_0rtt()
+    }
 }
 
 impl<B, S: RecvStream> BufRecvStream<S, B> {