As per comments in servers-319 and Completion of Stream Negotiation specification:

The receiving entity indicates completion of the stream negotiation process by sending to the initiating entity either an empty <features/> element or a <features/> element that contains only voluntary-to-negotiate features. After doing so, the receiving entity MAY send an empty <features/> element (e.g., after negotiation of such voluntary-to-negotiate features) but MUST NOT send additional stream features to the initiating entity (if the receiving entity has new features to offer, preferably limited to mandatory-to-negotiate or security-critical features, it can simply close the stream with a <reset/> stream error (Section 4.9.3.16) and then advertise the new features when the initiating entity reconnects, preferably closing existing streams in a staggered way so that not all of the initiating entities reconnect at once). Once stream negotiation is complete, the initiating entity is cleared to send XML stanzas over the stream for as long as the stream is maintained by both parties.

The initiating entity MUST NOT attempt to send XML stanzas to entities other than itself (i.e., the client's connected resource or any other authenticated resource of the client's account) or the server to which it is connected until stream negotiation has been completed. Even if the initiating entity does attempt to do so, the receiving entity MUST NOT accept such stanzas and MUST close the stream with a <not-authorized/> stream error (Section 4.9.3.12). This rule applies to XML stanzas only (i.e., <message/>, <presence/>, and <iq/> elements qualified by the content namespace) and not to XML elements used for stream negotiation (e.g., elements used to complete TLS negotiation or SASL negotiation).

I would say that stream--stream-feature is complete negotiation cycle, so we MUST wait for the features before transmitting anything.

(I wouldn't enforce strictly the last part about closing the stream/connection)