Mercurial > hg > nginx-quic
changeset 8649:61b038fb59c6 quic
QUIC: speeding up processing 0-RTT.
After fe919fd63b0b, processing QUIC streams was postponed until after handshake
completion, which means that 0-RTT is effectively off. With ssl_ocsp enabled,
it could be further delayed. This differs from how OCSP validation works with
SSL_read_early_data(). With this change, processing QUIC streams is unlocked
when obtaining 0-RTT secret.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 26 Oct 2021 17:43:10 +0300 |
parents | 66b4ff373dd9 |
children | 6d1488b62dc5 |
files | src/event/quic/ngx_event_quic_ssl.c |
diffstat | 1 files changed, 18 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/quic/ngx_event_quic_ssl.c +++ b/src/event/quic/ngx_event_quic_ssl.c @@ -71,8 +71,20 @@ ngx_quic_set_read_secret(ngx_ssl_conn_t secret_len, rsecret); #endif - return ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level, - cipher, rsecret, secret_len); + if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level, + cipher, rsecret, secret_len) + != 1) + { + return 0; + } + + if (level == ssl_encryption_early_data) { + if (ngx_quic_init_streams(c) != NGX_OK) { + return 0; + } + } + + return 1; } @@ -131,6 +143,10 @@ ngx_quic_set_encryption_secrets(ngx_ssl_ } if (level == ssl_encryption_early_data) { + if (ngx_quic_init_streams(c) != NGX_OK) { + return 0; + } + return 1; }