Mercurial > hg > nginx-quic
comparison src/event/quic/ngx_event_quic_ssl.c @ 9011:bf2267887014 quic
QUIC: relocated ngx_quic_init_streams() for 0-RTT.
Previously, streams were initialized in early keys handler. However, client
transport parameters may not be available by then. This happens, for example,
when using QuicTLS. Now streams are initialized in ngx_quic_crypto_input()
after calling SSL_do_handshake() for both 0-RTT and 1-RTT.
| author | Roman Arutyunyan <arut@nginx.com> |
|---|---|
| date | Tue, 10 Jan 2023 17:24:10 +0400 |
| parents | 8c0bccdf2743 |
| children | 3c98fa8fef6f |
comparison
equal
deleted
inserted
replaced
| 9010:6bb884dc7291 | 9011:bf2267887014 |
|---|---|
| 65 != NGX_OK) | 65 != NGX_OK) |
| 66 { | 66 { |
| 67 return 0; | 67 return 0; |
| 68 } | 68 } |
| 69 | 69 |
| 70 if (level == ssl_encryption_early_data) { | |
| 71 if (ngx_quic_init_streams(c) != NGX_OK) { | |
| 72 return 0; | |
| 73 } | |
| 74 } | |
| 75 | |
| 76 return 1; | 70 return 1; |
| 77 } | 71 } |
| 78 | 72 |
| 79 | 73 |
| 80 static int | 74 static int |
| 136 { | 130 { |
| 137 return 0; | 131 return 0; |
| 138 } | 132 } |
| 139 | 133 |
| 140 if (level == ssl_encryption_early_data) { | 134 if (level == ssl_encryption_early_data) { |
| 141 if (ngx_quic_init_streams(c) != NGX_OK) { | |
| 142 return 0; | |
| 143 } | |
| 144 | |
| 145 return 1; | 135 return 1; |
| 146 } | 136 } |
| 147 | 137 |
| 148 #ifdef NGX_QUIC_DEBUG_CRYPTO | 138 #ifdef NGX_QUIC_DEBUG_CRYPTO |
| 149 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, | 139 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 453 if (sslerr != SSL_ERROR_WANT_READ) { | 443 if (sslerr != SSL_ERROR_WANT_READ) { |
| 454 ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed"); | 444 ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed"); |
| 455 qc->error_reason = "handshake failed"; | 445 qc->error_reason = "handshake failed"; |
| 456 return NGX_ERROR; | 446 return NGX_ERROR; |
| 457 } | 447 } |
| 458 | 448 } |
| 459 return NGX_OK; | 449 |
| 460 } | 450 if (n <= 0 || SSL_in_init(ssl_conn)) { |
| 461 | 451 if (ngx_quic_keys_available(qc->keys, ssl_encryption_early_data) |
| 462 if (SSL_in_init(ssl_conn)) { | 452 && qc->client_tp_done) |
| 453 { | |
| 454 if (ngx_quic_init_streams(c) != NGX_OK) { | |
| 455 return NGX_ERROR; | |
| 456 } | |
| 457 } | |
| 458 | |
| 463 return NGX_OK; | 459 return NGX_OK; |
| 464 } | 460 } |
| 465 | 461 |
| 466 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 462 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 467 "quic ssl cipher:%s", SSL_get_cipher(ssl_conn)); | 463 "quic ssl cipher:%s", SSL_get_cipher(ssl_conn)); |