QUIC: fixed PATH_RESPONSE frame expansion.

The PATH_RESPONSE frame must be expanded to 1200, except the case
when anti-amplification limit is in effect, i.e. on unvalidated paths.

Previously, the anti-amplification limit was always applied.

1 files changed, 11 insertions, 3 deletions

diff --git a/src/event/quic/ngx_event_quic_migration.c b/src/event/quic/ngx_event_quic_migration.c
index 050b785a6..bea51081d 100644
--- a/src/event/quic/ngx_event_quic_migration.c
+++ b/src/event/quic/ngx_event_quic_migration.c
@@ -47,12 +47,20 @@ ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
     path = qsock->path;
 
     /*
+     * An endpoint MUST expand datagrams that contain a PATH_RESPONSE frame
+     * to at least the smallest allowed maximum datagram size of 1200 bytes.
+     * ...
      * An endpoint MUST NOT expand the datagram containing the PATH_RESPONSE
      * if the resulting data exceeds the anti-amplification limit.
      */
-    max = path->received * 3;
-    max = (path->sent >= max) ? 0 : max - path->sent;
-    pad = ngx_min(1200, max);
+    if (path->state != NGX_QUIC_PATH_VALIDATED) {
+        max = path->received * 3;
+        max = (path->sent >= max) ? 0 : max - path->sent;
+        pad = ngx_min(1200, max);
+
+    } else {
+        pad = 1200;
+    }
 
     sent = ngx_quic_frame_sendto(c, &frame, pad, path->sockaddr, path->socklen);
     if (sent < 0) {