QUIC: lower bound path validation PTO.

According to RFC 9000, 8.2.4. Failed Path Validation,
the following value is recommended as a validation timeout:

  A value of three times the larger of the current PTO
  or the PTO for the new path (using kInitialRtt, as
  defined in [QUIC-RECOVERY]) is RECOMMENDED.

The change adds PTO of the new path to the equation as the lower bound.

diff --git a/src/event/quic/ngx_event_quic_migration.c b/src/event/quic/ngx_event_quic_migration.c
index 4b337ee6cb2c6a87326dd7aeb98b761268869538..735245cbfa3dd2d6af1850cf51d5677a866a52f8 100644 (file)
--- a/src/event/quic/ngx_event_quic_migration.c
+++ b/src/event/quic/ngx_event_quic_migration.c
@@ -511,7 +511,7 @@ ngx_quic_validate_path(ngx_connection_t *c, ngx_quic_path_t *path)
     }
 
     ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
-    pto = ngx_quic_pto(c, ctx);
+    pto = ngx_max(ngx_quic_pto(c, ctx), 1000);
 
     path->expires = ngx_current_msec + pto;
 
@@ -605,7 +605,7 @@ ngx_quic_path_validation_handler(ngx_event_t *ev)
         }
 
         if (++path->tries < NGX_QUIC_PATH_RETRIES) {
-            pto = ngx_quic_pto(c, ctx) << path->tries;
+            pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
 
             path->expires = ngx_current_msec + pto;