use Transport.VerifySourceAddress to control the Retry Mechanism (#4362)

* use Transport.VerifySourceAddress to control the Retry Mechanism

This can be used to rate-limit handshakes originating from unverified
source addresses. Rate-limiting for handshakes can be implemented using
the GetConfigForClient callback on the Config.

* pass the remote address to Transport.VerifySourceAddress

interop/http09/server.go

@@ -71,7 +71,7 @@ func (s *Server) ListenAndServe() error {
 	tlsConf.NextProtos = []string{h09alpn}
 	tr := quic.Transport{Conn: conn}
 	if s.ForceRetry {
-		tr.MaxUnvalidatedHandshakes = -1
+		tr.VerifySourceAddress = func(net.Addr) bool { return true }
 	}
 	ln, err := tr.ListenEarly(tlsConf, s.QuicConfig)
 	if err != nil {