Add knobs that enable QBONE to use IETF QUIC.

Particularly,
1) --qbone_server_support_h3_loas defined in gfe_quic_dispatcher.cc enables QBONE server to support both gQUIC & IETF QUIC.
2) --qbone_client_use_h3_loas defined in bonnet_server.cc makes QBONE client to use IETF QUIC exclusively.

These two flags are set up assuming:
1) --qbone_server_support_h3_loas can be enabled for all servers.
2) --qbone_client_support_h3_loas can then be enabled gradually for all clients.

And the two flags should not be enabled until the following TODOs are done:
1) Add a special ProofSource that provides fake certificate.
2) Add code and test that handles messages/streams before LOAS2 authentication is done on the client side.
3) Set the idle timeout correctly in between TLS handshake done and LOAS2 handshake done.

PiperOrigin-RevId: 415266155

quic/core/quic_crypto_stream.h

diff --git a/quic/core/quic_crypto_stream.h b/quic/core/quic_crypto_stream.h
index 86b6913..08cb189 100644
--- a/quic/core/quic_crypto_stream.h
+++ b/quic/core/quic_crypto_stream.h
@@ -245,6 +245,10 @@
   virtual void OnDataAvailableInSequencer(QuicStreamSequencer* sequencer,
                                           EncryptionLevel level);
 
+  QuicStreamSequencer* GetStreamSequencerForLevel(EncryptionLevel level) {
+    return &substreams_[level].sequencer;
+  }
+
  private:
   // Data sent and received in CRYPTO frames is sent at multiple encryption
   // levels. Some of the state for the single logical crypto stream is split

quic/core/quic_error_codes.cc

diff --git a/quic/core/quic_error_codes.cc b/quic/core/quic_error_codes.cc
index 74922c3..c7da0ae 100644
--- a/quic/core/quic_error_codes.cc
+++ b/quic/core/quic_error_codes.cc
@@ -279,6 +279,7 @@
     RETURN_STRING_LITERAL(QUIC_TLS_UNEXPECTED_KEYING_MATERIAL_EXPORT_LABEL);
     RETURN_STRING_LITERAL(QUIC_TLS_KEYING_MATERIAL_EXPORTS_MISMATCH);
     RETURN_STRING_LITERAL(QUIC_TLS_KEYING_MATERIAL_EXPORT_NOT_AVAILABLE);
+    RETURN_STRING_LITERAL(QUIC_UNEXPECTED_DATA_BEFORE_ENCRYPTION_ESTABLISHED);
 
     RETURN_STRING_LITERAL(QUIC_LAST_ERROR);
     // Intentionally have no default case, so we'll break the build
@@ -784,6 +785,8 @@
       return {true, static_cast<uint64_t>(PROTOCOL_VIOLATION)};
     case QUIC_TLS_KEYING_MATERIAL_EXPORT_NOT_AVAILABLE:
       return {true, static_cast<uint64_t>(PROTOCOL_VIOLATION)};
+    case QUIC_UNEXPECTED_DATA_BEFORE_ENCRYPTION_ESTABLISHED:
+      return {true, static_cast<uint64_t>(PROTOCOL_VIOLATION)};
     case QUIC_LAST_ERROR:
       return {false, static_cast<uint64_t>(QUIC_LAST_ERROR)};
   }

quic/core/quic_error_codes.h

diff --git a/quic/core/quic_error_codes.h b/quic/core/quic_error_codes.h
index 218b12f..0ecef01 100644
--- a/quic/core/quic_error_codes.h
+++ b/quic/core/quic_error_codes.h
@@ -608,9 +608,10 @@
   QUIC_TLS_UNEXPECTED_KEYING_MATERIAL_EXPORT_LABEL = 208,
   QUIC_TLS_KEYING_MATERIAL_EXPORTS_MISMATCH = 209,
   QUIC_TLS_KEYING_MATERIAL_EXPORT_NOT_AVAILABLE = 210,
+  QUIC_UNEXPECTED_DATA_BEFORE_ENCRYPTION_ESTABLISHED = 211,
 
   // No error. Used as bound while iterating.
-  QUIC_LAST_ERROR = 211,
+  QUIC_LAST_ERROR = 212,
 };
 // QuicErrorCodes is encoded as four octets on-the-wire when doing Google QUIC,
 // or a varint62 when doing IETF QUIC. Ensure that its value does not exceed

quic/qbone/qbone_server_session.h

diff --git a/quic/qbone/qbone_server_session.h b/quic/qbone/qbone_server_session.h
index f5af8b4..f398f06 100644
--- a/quic/qbone/qbone_server_session.h
+++ b/quic/qbone/qbone_server_session.h
@@ -82,9 +82,10 @@
   // The packet processor.
   QbonePacketProcessor processor_;
 
- private:
   // Config for QUIC crypto server stream, used by the server.
   const QuicCryptoServerConfig* quic_crypto_server_config_;
+
+ private:
   // Used by QUIC crypto server stream to track most recently compressed certs.
   QuicCompressedCertsCache* compressed_certs_cache_;
   // This helper is needed when create QuicCryptoServerStream.