From b7f93c7fcb37c81b88895c3e8d22ad69c2576cd4 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tomas@openssl.org>
Date: Thu, 1 Aug 2024 17:17:42 +0200
Subject: [PATCH] Do not falsely start the connection through
 SSL_pending()/_has_pending()

Fixes #25054

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25069)
---
 ssl/quic/quic_impl.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index c77230a19f0..8884cfb7f3f 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -2863,6 +2863,9 @@ static size_t ossl_quic_pending_int(const SSL *s, int check_channel)
 
     quic_lock(ctx.qc);
 
+    if (!ctx.qc->started)
+        goto out;
+
     if (ctx.xso == NULL) {
         /* No XSO yet, but there might be a default XSO eligible to be created. */
         if (qc_wait_for_default_xso_for_read(&ctx, /*peek=*/1)) {
-- 
2.47.2