QUIC: speeding up processing 0-RTT.

After fe919fd63b0b, processing QUIC streams was postponed until after handshake
completion, which means that 0-RTT is effectively off.  With ssl_ocsp enabled,
it could be further delayed.  This differs from how OCSP validation works with
SSL_read_early_data().  With this change, processing QUIC streams is unlocked
when obtaining 0-RTT secret.

1 files changed, 18 insertions, 2 deletions

diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
index bcee112e0..8899bc626 100644
--- a/src/event/quic/ngx_event_quic_ssl.c
+++ b/src/event/quic/ngx_event_quic_ssl.c
@@ -71,8 +71,20 @@ ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn,
                    secret_len, rsecret);
 #endif
 
-    return ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level,
-                                               cipher, rsecret, secret_len);
+    if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level,
+                                            cipher, rsecret, secret_len)
+        != 1)
+    {
+        return 0;
+    }
+
+    if (level == ssl_encryption_early_data) {
+        if (ngx_quic_init_streams(c) != NGX_OK) {
+            return 0;
+        }
+    }
+
+    return 1;
 }
 
 
@@ -131,6 +143,10 @@ ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn,
     }
 
     if (level == ssl_encryption_early_data) {
+        if (ngx_quic_init_streams(c) != NGX_OK) {
+            return 0;
+        }
+
         return 1;
     }