Mercurial > hg > nginx

comparison src/event/quic/ngx_event_quic_ssl.c @ 8887:61b038fb59c6 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: speeding up processing 0-RTT. After fe919fd63b0b, processing QUIC streams was postponed until after handshake completion, which means that 0-RTT is effectively off. With ssl_ocsp enabled, it could be further delayed. This differs from how OCSP validation works with SSL_read_early_data(). With this change, processing QUIC streams is unlocked when obtaining 0-RTT secret.
author Sergey Kandaurov <pluknet@nginx.com>
date Tue, 26 Oct 2021 17:43:10 +0300
parents 66b4ff373dd9
children 4b2d259bdadd
comparison
equal deleted inserted replaced
8886:66b4ff373dd9 8887:61b038fb59c6
69 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, 69 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
70 "quic read secret len:%uz %*xs", secret_len, 70 "quic read secret len:%uz %*xs", secret_len,
71 secret_len, rsecret); 71 secret_len, rsecret);
72 #endif 72 #endif
73 73
74 return ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level, 74 if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level,
75 cipher, rsecret, secret_len); 75 cipher, rsecret, secret_len)
76 != 1)
77 {
78 return 0;
79 }
80
81 if (level == ssl_encryption_early_data) {
82 if (ngx_quic_init_streams(c) != NGX_OK) {
83 return 0;
84 }
85 }
86
87 return 1;
76 } 88 }
77 89
78 90
79 static int 91 static int
80 ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, 92 ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn,
129 { 141 {
130 return 0; 142 return 0;
131 } 143 }
132 144
133 if (level == ssl_encryption_early_data) { 145 if (level == ssl_encryption_early_data) {
146 if (ngx_quic_init_streams(c) != NGX_OK) {
147 return 0;
148 }
149
134 return 1; 150 return 1;
135 } 151 }
136 152
137 #ifdef NGX_QUIC_DEBUG_CRYPTO 153 #ifdef NGX_QUIC_DEBUG_CRYPTO
138 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, 154 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,