git.feebdaed.xyz Git - 0xmirror/grpc-go.git/commit

author	James O'Gorman <james@netinertia.co.uk>
	Thu, 30 Oct 2025 16:48:21 +0000 (16:48 +0000)
committer	GitHub <noreply@github.com>
	Thu, 30 Oct 2025 16:48:21 +0000 (12:48 -0400)
commit	dfbfdf8a222b1ca4e939ccc4603714e8e48f82a1
tree	5d1c67020c512bea8e03fc8fc9280fba6b25eaf7	tree \| snapshot
parent	7be33f4b3af885c4702032e5aacfbfd1dec32215	commit \| diff

advancedtls: Apply defaults before version check (#8684)

Prior to this change, creating an Options like

    tlsOpts := &advancedtls.Options{
IdentityOptions:
advancedtls.IdentityCertificateOptions{IdentityProvider: certProvider},
        // Note: Only MinTLSVersion is set, not MaxTLSVersion
        MinTLSVersion: tls.VersionTLS13,
    }

Would result in error:

    the minimum TLS version is larger than the maximum TLS version

The documentation for the Options struct states that the default for
MaxTLSVersion is TLS 1.3 but the default was being applied after
checking whether MinTLSVersion > MaxTLSVersion.

The defaults are now applied first, prior to any checks.

Fixes #8649

Thank you for your PR. Please read and follow
https://github.com/grpc/grpc-go/blob/master/CONTRIBUTING.md, especially
the
"Guidelines for Pull Requests" section, and then delete this text before
entering your PR description.

RELEASE NOTES: none

security/advancedtls/advancedtls.go		diff \| blob \| history
security/advancedtls/advancedtls_test.go		diff \| blob \| history