# HG changeset patch
# User Sergey Kandaurov <pluknet@nginx.com>
# Date 1635259390 -10800
# Node ID 61b038fb59c6f8fe0a8afab226ffcaf0a2201051
# Parent  66b4ff373dd9f9a5f41c18d083410f9a9b63a82b
QUIC: speeding up processing 0-RTT.

After fe919fd63b0b, processing QUIC streams was postponed until after handshake
completion, which means that 0-RTT is effectively off.  With ssl_ocsp enabled,
it could be further delayed.  This differs from how OCSP validation works with
SSL_read_early_data().  With this change, processing QUIC streams is unlocked
when obtaining 0-RTT secret.

diff -r 66b4ff373dd9 -r 61b038fb59c6 src/event/quic/ngx_event_quic_ssl.c
--- a/src/event/quic/ngx_event_quic_ssl.c	Tue Oct 26 17:43:10 2021 +0300
+++ b/src/event/quic/ngx_event_quic_ssl.c	Tue Oct 26 17:43:10 2021 +0300
@@ -71,8 +71,20 @@
                    secret_len, rsecret);
 #endif
 
-    return ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level,
-                                               cipher, rsecret, secret_len);
+    if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level,
+                                            cipher, rsecret, secret_len)
+        != 1)
+    {
+        return 0;
+    }
+
+    if (level == ssl_encryption_early_data) {
+        if (ngx_quic_init_streams(c) != NGX_OK) {
+            return 0;
+        }
+    }
+
+    return 1;
 }
 
 
@@ -131,6 +143,10 @@
     }
 
     if (level == ssl_encryption_early_data) {
+        if (ngx_quic_init_streams(c) != NGX_OK) {
+            return 0;
+        }
+
         return 1;
     }