Per draft-ietf-quic-transport-32 on the topic:
: Similarly, a server MUST expand the payload of all UDP datagrams carrying
: ack-eliciting Initial packets to at least the smallest allowed maximum
: datagram size of 1200 bytes.
ngx_queue_t *frames)
{
u_char *p;
+ size_t pad_len;
ssize_t len;
ngx_str_t out, res;
ngx_msec_t now;
out.len = p - out.data;
- while (out.len < 4) {
- *p++ = NGX_QUIC_FT_PADDING;
- out.len++;
- }
-
qc = c->quic;
keys = &c->quic->keys[start->level];
pkt.level = start->level;
pkt.dcid = qc->scid;
pkt.scid = qc->dcid;
+
+ if (start->level == ssl_encryption_initial && pkt.need_ack) {
+ pad_len = NGX_QUIC_MIN_INITIAL_SIZE - EVP_GCM_TLS_TAG_LEN
+ - ngx_quic_create_long_header(&pkt, NULL, out.len, NULL);
+ pad_len = ngx_min(pad_len, NGX_QUIC_MIN_INITIAL_SIZE);
+
+ } else {
+ pad_len = 4;
+ }
+
+ if (out.len < pad_len) {
+ ngx_memset(p, NGX_QUIC_FT_PADDING, pad_len - out.len);
+ out.len = pad_len;
+ }
+
pkt.payload = out;
res.data = dst;