Bug 1779361 - Removed skipping of ECH on equality of private and public SNI server name. r=djackson

Differential Revision: https://phabricator.services.mozilla.com/D151696

2 files changed, 1 insertions, 6 deletions

diff --git a/gtests/nss_bogo_shim/config.json b/gtests/nss_bogo_shim/config.json
index 6d9b51985..e431730ed 100644
--- a/gtests/nss_bogo_shim/config.json
+++ b/gtests/nss_bogo_shim/config.json
@@ -44,7 +44,7 @@
         "*ECH*CompressSupportedVersions":"NSS never compresses supported versions, Bogo does if CHOuter is TLS 1.3 only (equal to CHInner).",
         "*ECH*NoSupportedConfigs*":"NSS throws error if unsupported but well formed retry configs could not be set on client, Bogo just does not offer ECH.",
         "*ECH*RandomHRR*":"NSS sends real ECH in CH2 after receiving HRR rejcting ECH formally, Bogo expects instant ech_required alert. Bug 1779357",
-        "*ECH*ServerName*":"TODO",
+        "*ECH*UnsolicitedInnerServerNameAck*":"TODO",
 
         "####################":"####################",
         "### TLS1/11 failures due to unsupported signature algorithms":"",
diff --git a/lib/ssl/tls13ech.c b/lib/ssl/tls13ech.c
index 37d35c5bd..7b485720c 100644
--- a/lib/ssl/tls13ech.c
+++ b/lib/ssl/tls13ech.c
@@ -762,11 +762,6 @@ tls13_ClientSetupEch(sslSocket *ss, sslClientHelloType type)
      * KDF/AEADs, so just use the first. */
     cfg = (sslEchConfig *)PR_LIST_HEAD(&ss->echConfigs);
 
-    /* Skip ECH if the public name matches the private name. */
-    if (0 == PORT_Strcmp(cfg->contents.publicName, ss->url)) {
-        return SECSuccess;
-    }
-
     SSL_TRC(50, ("%d: TLS13[%d]: Setup client ECH",
                  SSL_GETPID(), ss->fd));