From 6ff5d0cc786cd145256bea1258191bb3bf1eb0af Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Mon, 22 Aug 2022 15:19:18 +0200
Subject: [PATCH] use correct option when determining TLS min/max versions, fix
 #5546

---
 CHANGELOG.md                  | 2 ++
 mitmproxy/addons/tlsconfig.py | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 949c0fa10..13a17ed47 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,8 @@
 * Setting `connection_strategy` to `lazy` now also disables early 
   upstream connections to fetch TLS certificate details.
   (@mhils)
+* Fix `tls_version_server_min` and `tls_version_server_max` options.
+  ([#5546](https://github.com/mitmproxy/mitmproxy/issues/5546), @mhils)
 * DTLS support ([#5397](https://github.com/mitmproxy/mitmproxy/pull/5397), @kckeiks).
 
 ## 28 June 2022: mitmproxy 8.1.1
diff --git a/mitmproxy/addons/tlsconfig.py b/mitmproxy/addons/tlsconfig.py
index 3688d5dbf..cfbc649e4 100644
--- a/mitmproxy/addons/tlsconfig.py
+++ b/mitmproxy/addons/tlsconfig.py
@@ -252,8 +252,8 @@ class TlsConfig:
 
         ssl_ctx = net_tls.create_proxy_server_context(
             method=net_tls.Method.DTLS_CLIENT_METHOD if tls_start.is_dtls else net_tls.Method.TLS_CLIENT_METHOD,
-            min_version=net_tls.Version[ctx.options.tls_version_client_min],
-            max_version=net_tls.Version[ctx.options.tls_version_client_max],
+            min_version=net_tls.Version[ctx.options.tls_version_server_min],
+            max_version=net_tls.Version[ctx.options.tls_version_server_max],
             cipher_list=tuple(cipher_list),
             verify=verify,
             ca_path=ctx.options.ssl_verify_upstream_trusted_confdir,