summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoman Arutyunyan <arut@nginx.com>2023-01-10 17:24:10 +0400
committerRoman Arutyunyan <arut@nginx.com>2023-01-10 17:24:10 +0400
commitd76600874c495728b801fd6ec33978194928a6e4 (patch)
tree4612d68c3fc57de0662dbb05ec00a85733f52ce2
parent0065ba68b08b8cf4eaf3c18266d1a93182f196ed (diff)
QUIC: relocated ngx_quic_init_streams() for 0-RTT.
Previously, streams were initialized in early keys handler. However, client transport parameters may not be available by then. This happens, for example, when using QuicTLS. Now streams are initialized in ngx_quic_crypto_input() after calling SSL_do_handshake() for both 0-RTT and 1-RTT.
Diffstat
-rw-r--r--src/event/quic/ngx_event_quic_ssl.c22
1 files changed, 9 insertions, 13 deletions
diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
index fd0d8252e..0c982bc62 100644
--- a/src/event/quic/ngx_event_quic_ssl.c
+++ b/src/event/quic/ngx_event_quic_ssl.c
@@ -67,12 +67,6 @@ ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn,
return 0;
}
- if (level == ssl_encryption_early_data) {
- if (ngx_quic_init_streams(c) != NGX_OK) {
- return 0;
- }
- }
-
return 1;
}
@@ -138,10 +132,6 @@ ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn,
}
if (level == ssl_encryption_early_data) {
- if (ngx_quic_init_streams(c) != NGX_OK) {
- return 0;
- }
-
return 1;
}
@@ -455,11 +445,17 @@ ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data)
qc->error_reason = "handshake failed";
return NGX_ERROR;
}
-
- return NGX_OK;
}
- if (SSL_in_init(ssl_conn)) {
+ if (n <= 0 || SSL_in_init(ssl_conn)) {
+ if (ngx_quic_keys_available(qc->keys, ssl_encryption_early_data)
+ && qc->client_tp_done)
+ {
+ if (ngx_quic_init_streams(c) != NGX_OK) {
+ return NGX_ERROR;
+ }
+ }
+
return NGX_OK;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-02 03:57:37 +0000