mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-01-21 11:42:59 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

QUIC: speeding up processing 0-RTT.

Browse Source 
After fe919fd63b0b, processing QUIC streams was postponed until after handshake
completion, which means that 0-RTT is effectively off.  With ssl_ocsp enabled,
it could be further delayed.  This differs from how OCSP validation works with
SSL_read_early_data().  With this change, processing QUIC streams is unlocked
when obtaining 0-RTT secret.
This commit is contained in:
Sergey Kandaurov 2021-10-26 17:43:10 +03:00
parent 2f754d5dcf
commit 01d27365c6
1 changed files with 18 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/event/quic/ngx_event_quic_ssl.c
View File

@ -71,8 +71,20 @@ ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn,
secret_len, rsecret);
#endif
return ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level,
cipher, rsecret, secret_len);
if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level,
cipher, rsecret, secret_len)
!= 1)
{
return 0;
}
if (level == ssl_encryption_early_data) {
if (ngx_quic_init_streams(c) != NGX_OK) {
return 0;
}
}
return 1;
}
@ -131,6 +143,10 @@ ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn,
}
if (level == ssl_encryption_early_data) {
if (ngx_quic_init_streams(c) != NGX_OK) {
return 0;
}
return 1;
}