do not use ECH even when config is provided, unless server name is a DNS name
diff --git a/lib/picotls.c b/lib/picotls.c
index 5134802..16f5cf1 100644
--- a/lib/picotls.c
+++ b/lib/picotls.c
@@ -2234,7 +2234,7 @@
if (properties != NULL) {
/* try to use ECH (ignore broken ECHConfigList; it is delivered insecurely) */
- if (!is_second_flight && tls->ctx->ech.ciphers != NULL && tls->ctx->ech.kems != NULL &&
+ if (!is_second_flight && sni_name != NULL && tls->ctx->ech.ciphers != NULL && tls->ctx->ech.kems != NULL &&
properties->client.ech.configs.len != 0) {
struct st_decoded_ech_config_t decoded;
decode_ech_config_list(tls->ctx, &decoded, properties->client.ech.configs);
diff --git a/t/picotls.c b/t/picotls.c
index 6612455..4277350 100644
--- a/t/picotls.c
+++ b/t/picotls.c
@@ -700,8 +700,10 @@
ptls_set_server_name(client, "test.example.com", 0);
}
- if (can_ech(ctx, 0))
+ if (can_ech(ctx, 0)) {
+ ptls_set_server_name(client, "test.example.com", 0);
client_hs_prop.client.ech.configs = ptls_iovec_init(ECH_CONFIG_LIST, sizeof(ECH_CONFIG_LIST) - 1);
+ }
static ptls_on_extension_t cb = {on_extension_cb};
ctx_peer->on_extension = &cb;
@@ -1275,6 +1277,7 @@
}};
client = ptls_new(ctx, 0);
+ ptls_set_server_name(client, "test.example.com", 0);
server = ptls_new(ctx_peer, 1);
ptls_buffer_init(&cbuf, "", 0);
ptls_buffer_init(&sbuf, "", 0);