WeidiDeng

It's not that good actually, this prevents multiple listener wrapper to be used together. i.e, because conn should buffer http2 client preface and settings frames, when next listener wraps it,...

I implemented a version that is heavily influenced by afero.ZIpfs and it's working great at the moment. By the way, I found out that when serve http with plain archiveFS...

@networkException Can you try [this branch](https://github.com/WeidiDeng/caddy-l4/tree/listener-wrapper), which added the ability to configure l4 as a caddy listener wrapper. You have to write json config and http app must disable https...

It's not actually solved in the master branch. As long as you don't reload caddy, h3 tls certificates will be up to date. I have found a fix.

@low613 Did you reload caddy when using master? This bug only appears when caddy is reloaded. Use `xcaddy build fix-http3-after-reload` to test the fix.

Superseded by [5424](https://github.com/caddyserver/caddy/pull/5424).

@francislavoie I'll also need to update l4 listener module, that part is left as a todo. There are some parts that I'm not sure, like using x/net/http2 instead of builtin...

Golang stdlib doesn't allow http handlers to control underlying tls.Conn, you need to report to golang to allow tls.Conn Write to inject padding. Then maybe caddy can add a configuration.

@asdfisdffdg Can you try [this branch](https://github.com/WeidiDeng/caddy-l4/tree/listener-wrapper), which added the ability to configure l4 as a caddy listener wrapper. You have to write json config and http app must disable https...

Exporting this type isn't enough for hijacked connections to see how many bytes are read. As this body is actually `http.NoBody` for `GET` request which are usually the hijackable requests....