Fix gRPC auth metadata keys, allow TLS 1.2 for Android clients

- Read x-engpad-username/x-engpad-password from gRPC metadata (matching what the Android client sends) - Allow TLS 1.2 on gRPC port — Android's BoringSSL/OkHttp transport does not negotiate TLS 1.3 without Conscrypt Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 09:08:24 -07:00
parent 691301dade
commit ab2884a8e9
2 changed files with 3 additions and 3 deletions
--- a/internal/grpcserver/server.go
+++ b/internal/grpcserver/server.go
@@ -32,7 +32,7 @@ func Start(cfg Config) (*grpc.Server, error) {

 	tlsConfig := &tls.Config{
 		Certificates: []tls.Certificate{cert},
-		MinVersion:   tls.VersionTLS13,
+		MinVersion:   tls.VersionTLS12,
 	}

 	lis, err := net.Listen("tcp", cfg.Addr)