From a8fb94b42572b586c332ff618acd3f213d618153 Mon Sep 17 00:00:00 2001
From: effbiae <effbiae@gmail.com>
Date: Tue, 23 Sep 2025 23:30:25 +1000
Subject: [PATCH] restore inner server name in TLSX_WriteWithEch

---
 src/tls.c | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/tls.c b/src/tls.c
index 7ce76aacc..c6ac1e84b 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -15416,18 +15416,19 @@ static int TLSX_WriteWithEch(WOLFSSL* ssl, byte* output, byte* semaphore,
             ret = TLSX_Write(ssl->ctx->extensions, output + *pOffset, semaphore,
                 msgType, pOffset);
         }
+    }
 
-        if (serverNameX != NULL) {
-            /* remove the public name SNI */
-            TLSX_Remove(extensions, TLSX_SERVER_NAME, ssl->heap);
+    if (serverNameX != NULL) {
+        int r;
+        /* remove the public name SNI */
+        TLSX_Remove(extensions, TLSX_SERVER_NAME, ssl->heap);
 
-            ret = TLSX_UseSNI(extensions, WOLFSSL_SNI_HOST_NAME, tmpServerName,
-                XSTRLEN(tmpServerName), ssl->heap);
+        /* restore the inner server name */
+        r = TLSX_UseSNI(extensions, WOLFSSL_SNI_HOST_NAME, tmpServerName,
+            XSTRLEN(tmpServerName), ssl->heap);
 
-            /* restore the inner server name */
-            if (ret == WOLFSSL_SUCCESS)
-                ret = 0;
-        }
+        if (ret == 0 && r != WOLFSSL_SUCCESS)
+            ret = r;
     }
 
 #ifdef WOLFSSL_SMALL_STACK