From cf69482c3f57d41d28827b4b20159e06e3930d92 Mon Sep 17 00:00:00 2001
From: Christopher Wood <caw@heapingbits.net>
Date: Tue, 21 Sep 2021 06:15:46 -0700
Subject: [PATCH] crypto/tls: Add ECHOffered bool to ConnectionState (#105)

Co-authored-by: Christopher Wood <chriswood@cloudflare.com>
---
 src/crypto/tls/common.go | 4 ++++
 src/crypto/tls/conn.go   | 1 +
 2 files changed, 5 insertions(+)

diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go
index 2bd19e841e1..7a69401f877 100644
--- a/src/crypto/tls/common.go
+++ b/src/crypto/tls/common.go
@@ -338,6 +338,10 @@ type ConnectionState struct {
 	// accepted by the server.
 	ECHAccepted bool
 
+	// ECHOffered is set if the ECH extension is present in the ClientHello.
+	// This means the client has offered ECH or sent GREASE ECH.
+	ECHOffered bool
+
 	// CFControl is used to pass additional TLS configuration information to
 	// HTTP requests.
 	//
diff --git a/src/crypto/tls/conn.go b/src/crypto/tls/conn.go
index f3fc6d008b2..edf35ef7072 100644
--- a/src/crypto/tls/conn.go
+++ b/src/crypto/tls/conn.go
@@ -1475,6 +1475,7 @@ func (c *Conn) connectionStateLocked() ConnectionState {
 	state.SignedCertificateTimestamps = c.scts
 	state.OCSPResponse = c.ocspResponse
 	state.ECHAccepted = c.ech.accepted
+	state.ECHOffered = c.ech.offered || c.ech.greased
 	state.CFControl = c.config.CFControl
 	if !c.didResume && c.vers != VersionTLS13 {
 		if c.clientFinishedIsFirst {