Commit 2cc9014111 for openssl.org

commit 2cc901411139926ae5c23a97cc3a637aab64c196
Author: sftcd <stephen.farrell@cs.tcd.ie>
Date:   Fri Feb 27 23:27:21 2026 +0000

    ECH: Add back code needed for correct ECH backend confirmation

    Reviewed-by: Matt Caswell <matt@openssl.org>
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    Reviewed-by: Tomas Mraz <tomas@openssl.org>
    MergeDate: Wed Mar  4 17:11:17 2026
    (Merged from https://github.com/openssl/openssl/pull/30214)

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 798567b667..ce7d93c995 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1703,6 +1703,12 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL_CONNECTION *s, PACKET *pkt)
                 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
                 goto err;
             }
+            if (ossl_ech_intbuf_add(s, s->ext.ech.innerch,
+                    s->ext.ech.innerch_len, 0)
+                != 1) {
+                SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
         } else if (s->ext.ech.es != NULL) {
             PACKET newpkt;