From 6cef20d257d9ec541260ac75c7ec13d3c0c2cfc9 Mon Sep 17 00:00:00 2001
From: Matthew Holt <mholt@users.noreply.github.com>
Date: Thu, 12 Mar 2026 15:42:47 -0600
Subject: [PATCH] caddytls: Enable ECH on the "gotten" tls.Config instead of
 the "getter"

No idea if this fixes #7555
---
 modules/caddytls/connpolicy.go | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/modules/caddytls/connpolicy.go b/modules/caddytls/connpolicy.go
index c9258da48..5404bad50 100644
--- a/modules/caddytls/connpolicy.go
+++ b/modules/caddytls/connpolicy.go
@@ -167,12 +167,6 @@ func (cp ConnectionPolicies) TLSConfig(ctx caddy.Context) *tls.Config {
 				}
 				tlsApp.RegisterServerNames(echNames)
 			}
-
-			tlsCfg.GetEncryptedClientHelloKeys = func(chi *tls.ClientHelloInfo) ([]tls.EncryptedClientHelloKey, error) {
-				tlsApp.EncryptedClientHello.configsMu.RLock()
-				defer tlsApp.EncryptedClientHello.configsMu.RUnlock()
-				return tlsApp.EncryptedClientHello.stdlibReady, nil
-			}
 		}
 	}
 
@@ -376,6 +370,19 @@ func (p *ConnectionPolicy) buildStandardTLSConfig(ctx caddy.Context) error {
 		cfg.MaxVersion = SupportedProtocols[p.ProtocolMax]
 	}
 
+	// enable ECH (Encrypted ClientHello) if configured
+	if tlsApp.EncryptedClientHello != nil {
+		cfg.GetEncryptedClientHelloKeys = func(_ *tls.ClientHelloInfo) ([]tls.EncryptedClientHelloKey, error) {
+			tlsApp.EncryptedClientHello.configsMu.RLock()
+			defer tlsApp.EncryptedClientHello.configsMu.RUnlock()
+			return tlsApp.EncryptedClientHello.stdlibReady, nil
+		}
+		// TLS 1.3 is the first version that supports ECH
+		if cfg.MinVersion < tls.VersionTLS13 {
+			cfg.MaxVersion = tls.VersionTLS13
+		}
+	}
+
 	// client authentication
 	if p.ClientAuthentication != nil {
 		if err := p.ClientAuthentication.provision(ctx); err != nil {