> On 10 Jan 2023, at 17:30, Roman Arutyunyan <a...@nginx.com> wrote:
>
> # HG changeset patch
> # User Roman Arutyunyan <a...@nginx.com>
> # Date 1673357050 -14400
> # Tue Jan 10 17:24:10 2023 +0400
> # Branch quic
> # Node ID 5a09008e93a3842dc5a372e39617097893293ddf
> # Parent 7dac46ecb27d3f488d40b28cd8d07f884046e171
> QUIC: relocated ngx_quic_init_streams() for 0-RTT.
>
> Previously, streams were initialized in early keys handler. However, client
> transport parameters may not be available by then. This happens, for example,
> when using QuicTLS. Now streams are initialized in ngx_quic_crypto_input()
> after calling SSL_do_handshake() for both 0-RTT and 1-RTT.
>
> diff --git a/src/event/quic/ngx_event_quic_ssl.c
> b/src/event/quic/ngx_event_quic_ssl.c
> --- a/src/event/quic/ngx_event_quic_ssl.c
> +++ b/src/event/quic/ngx_event_quic_ssl.c
> @@ -67,12 +67,6 @@ ngx_quic_set_read_secret(ngx_ssl_conn_t
> return 0;
> }
>
> - if (level == ssl_encryption_early_data) {
> - if (ngx_quic_init_streams(c) != NGX_OK) {
> - return 0;
> - }
> - }
> -
> return 1;
> }
>
> @@ -138,10 +132,6 @@ ngx_quic_set_encryption_secrets(ngx_ssl_
> }
>
> if (level == ssl_encryption_early_data) {
> - if (ngx_quic_init_streams(c) != NGX_OK) {
> - return 0;
> - }
> -
> return 1;
> }
>
> @@ -455,11 +445,17 @@ ngx_quic_crypto_input(ngx_connection_t *
> qc->error_reason = "handshake failed";
> return NGX_ERROR;
> }
> -
> - return NGX_OK;
> }
>
> - if (SSL_in_init(ssl_conn)) {
> + if (n <= 0 || SSL_in_init(ssl_conn)) {
> + if (ngx_quic_keys_available(qc->keys, ssl_encryption_early_data)
> + && qc->client_tp_done)
> + {
> + if (ngx_quic_init_streams(c) != NGX_OK) {
> + return NGX_ERROR;
> + }
> + }
> +
> return NGX_OK;
> }
>
Looks good.
--
Sergey Kandaurov
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel
