Compute should_ack_sni in one place

Right now it's split over the SNI extractor and the code that calls the SNI callback. But the only thing that reads it is the code to send the ServerHello extension, so we don't need to half-compute it earlier. Change-Id: Ia0fdd502ab21bec2ccdde99185951601a4650efe Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/69747 Reviewed-by: Bob Beck <bbe@google.com> Auto-Submit: David Benjamin <davidben@google.com> Commit-Queue: Bob Beck <bbe@google.com>
google · Jul 17, 2024 · 096ded9 · 096ded9
1 parent d274b1b
commit 096ded9
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 3 deletions.
diff --git a/ssl/extensions.cc b/ssl/extensions.cc
@@ -3794,6 +3794,7 @@ static bool ssl_check_clienthello_tlsext(SSL_HANDSHAKE *hs) {
       return true;
 
     default:
+      hs->should_ack_sni = ssl->s3->hostname != nullptr;
       return true;
   }
 }

diff --git a/ssl/handshake_server.cc b/ssl/handshake_server.cc
@@ -616,7 +616,6 @@ static bool extract_sni(SSL_HANDSHAKE *hs, uint8_t *out_alert,
     //
     // Clear state in case we previously extracted SNI from ClientHelloOuter.
     ssl->s3->hostname.reset();
-    hs->should_ack_sni = false;
     return true;
   }
 
@@ -653,8 +652,6 @@ static bool extract_sni(SSL_HANDSHAKE *hs, uint8_t *out_alert,
     return false;
   }
   ssl->s3->hostname.reset(raw);
-
-  hs->should_ack_sni = true;
   return true;
 }