From e79dc8161e9cea19154d2b63f7db527915685ca1 Mon Sep 17 00:00:00 2001
From: Dirk <dirk@testssl.sh>
Date: Sat, 15 Feb 2025 13:33:52 +0100
Subject: [PATCH] Remove obsolete comment that SNI is not needed for
 ticketbleed

See also https://github.com/testssl/testssl.sh/pull/2656/files/aa5d4917cfc04f5fb2f6b57c3726237cca6735b9#r1954824502
---
 testssl.sh | 2 --
 1 file changed, 2 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index 9a6a339..ba33b91 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -16980,8 +16980,6 @@ run_ticketbleed() {
 
      #FIXME: we likely have done this already before (either @ run_server_defaults() or at least the output
      #       from a previous handshake) --> would save 1x connect. We have TLS_TICKET but not yet the ticket itself #FIXME
-     #ATTENTION: we DO NOT use SNI here as we assume ticketbleed is a vulnerability of the TLS stack. If we'd do SNI here, we'd also need
-     #           it in the ClientHello of run_ticketbleed() otherwise the ticket will be different and the whole thing won't work!
      #
      $OPENSSL s_client $(s_client_options "$BUGS $tls_proto $PROXY $SNI -connect $NODEIP:$PORT") </dev/null >$TMPFILE 2>$ERRFILE
      sclient_connect_successful $? "$TMPFILE"