tls1.3: return early on handshake when no cert is provided by client
Under TLS1.3 the server knows the negotiated keys early, if no client certificate is sent. In that case, the server is not only able to transmit the session ticket immediately after its finished message, but is able to transmit data, similarly to false start. That's particularly important for HTTP/2 servers.
Edited by Nikos Mavrogiannopoulos