From f3707fffbf3e7cfa5cc1ffafb5a8bc64325dc41f Mon Sep 17 00:00:00 2001
From: neletor <209430099+neletor@users.noreply.github.com>
Date: Mon, 11 Aug 2025 21:18:34 +0800
Subject: [PATCH] Add support for ech retry configs

---
 common/tls/client.go | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/common/tls/client.go b/common/tls/client.go
index 5e05c990..ce9cfe3d 100644
--- a/common/tls/client.go
+++ b/common/tls/client.go
@@ -2,6 +2,8 @@ package tls
 
 import (
 	"context"
+	"crypto/tls"
+	"errors"
 	"net"
 	"os"
 
@@ -41,6 +43,13 @@ func ClientHandshake(ctx context.Context, conn net.Conn, config Config) (Conn, e
 	ctx, cancel := context.WithTimeout(ctx, C.TCPTimeout)
 	defer cancel()
 	tlsConn, err := aTLS.ClientHandshake(ctx, conn, config)
+	var echErr *tls.ECHRejectionError
+	if errors.As(err, &echErr) && len(echErr.RetryConfigList) > 0 {
+		if echConfig, isECH := config.(ECHCapableConfig); isECH {
+			echConfig.SetECHConfigList(echErr.RetryConfigList)
+			tlsConn, err = aTLS.ClientHandshake(ctx, conn, config)
+		}
+	}
 	if err != nil {
 		return nil, err
 	}