Remove obsolete comment that SNI is not needed for ticketbleed

drwetter · drwetter · commit e79dc8161e9c · 2025-02-15T13:33:52.000+01:00
See also https://github.com/testssl/testssl.sh/pull/2656/files/aa5d4917cfc04f5fb2f6b57c3726237cca6735b9#r1954824502
diff --git a/testssl.sh b/testssl.sh
@@ -16980,8 +16980,6 @@ run_ticketbleed() {
 
      #FIXME: we likely have done this already before (either @ run_server_defaults() or at least the output
      #       from a previous handshake) --> would save 1x connect. We have TLS_TICKET but not yet the ticket itself #FIXME
-     #ATTENTION: we DO NOT use SNI here as we assume ticketbleed is a vulnerability of the TLS stack. If we'd do SNI here, we'd also need
-     #           it in the ClientHello of run_ticketbleed() otherwise the ticket will be different and the whole thing won't work!
      #
      $OPENSSL s_client $(s_client_options "$BUGS $tls_proto $PROXY $SNI -connect $NODEIP:$PORT") </dev/null >$TMPFILE 2>$ERRFILE
      sclient_connect_successful $? "$TMPFILE"

Original file line number	Diff line number	Diff line change
`@@ -16980,8 +16980,6 @@ run_ticketbleed() {`
`16980`	`16980`
`16981`	`16981`	`#FIXME: we likely have done this already before (either @ run_server_defaults() or at least the output`
`16982`	`16982`	`# from a previous handshake) --> would save 1x connect. We have TLS_TICKET but not yet the ticket itself #FIXME`
`16983`		`- #ATTENTION: we DO NOT use SNI here as we assume ticketbleed is a vulnerability of the TLS stack. If we'd do SNI here, we'd also need`
`16984`		`- # it in the ClientHello of run_ticketbleed() otherwise the ticket will be different and the whole thing won't work!`
`16985`	`16983`	`#`
`16986`	`16984`	`$OPENSSL s_client $(s_client_options "$BUGS $tls_proto $PROXY $SNI -connect $NODEIP:$PORT") </dev/null >$TMPFILE 2>$ERRFILE`
`16987`	`16985`	`sclient_connect_successful $? "$TMPFILE"`