# HG changeset patch
# User Sergey Kandaurov <pluknet@nginx.com>
# Date 1601899373 -3600
# Node ID 6226f834b4205a623ffa97336929ef34bcb8a2a5
# Parent  3bde57a0e6ced470cfa5efc3d31e97d4cae90f4a
QUIC: do not resend empty queue when speeding up handshake.

If client acknowledged an Initial packet with CRYPTO frame and then
sent another Initial packet containing duplicate CRYPTO again, this
could result in resending frames off the empty send queue.

diff --git a/src/event/ngx_event_quic.c b/src/event/ngx_event_quic.c
--- a/src/event/ngx_event_quic.c
+++ b/src/event/ngx_event_quic.c
@@ -2846,6 +2846,7 @@ ngx_quic_handle_crypto_frame(ngx_connect
 {
     uint64_t                   last;
     ngx_int_t                  rc;
+    ngx_quic_send_ctx_t       *ctx;
     ngx_quic_connection_t     *qc;
     ngx_quic_crypto_frame_t   *f;
     ngx_quic_frames_stream_t  *fs;
@@ -2871,7 +2872,11 @@ ngx_quic_handle_crypto_frame(ngx_connect
     /* speeding up handshake completion */
 
     if (pkt->level == ssl_encryption_initial) {
-        ngx_quic_resend_frames(c, ngx_quic_get_send_ctx(qc, pkt->level));
+        ctx = ngx_quic_get_send_ctx(qc, pkt->level);
+
+        if (!ngx_queue_empty(&ctx->sent)) {
+            ngx_quic_resend_frames(c, ctx);
+        }
     }
 
     return NGX_OK;