This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit d3debba14cb8ff1659aa9f13034b9459de4d57c5 Author: remm <[email protected]> AuthorDate: Mon Jan 5 12:48:22 2026 +0100 Ignore error calling SSL_CTX_set_ciphersuites for GH CI --- .../apache/tomcat/util/net/openssl/panama/OpenSSLContext.java | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java index 3f3419874f..3aa0f479e6 100644 --- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java +++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java @@ -514,10 +514,15 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext { } } if (maxTlsVersion >= TLS1_3_VERSION()) { - if (SSL_CTX_set_ciphersuites(state.sslCtx, localArena.allocateFrom(sslHostConfig.getCiphers())) <= 0) { + try { + if (SSL_CTX_set_ciphersuites(state.sslCtx, localArena.allocateFrom(sslHostConfig.getCiphers())) <= 0) { + tls13Warning = sm.getString("engine.failedCipherSuite", sslHostConfig.getCiphers()); + } else { + ciphersSet = true; + } + } catch (NoClassDefFoundError e) { + // Ignore unavailable TLS 1.3 call, which might be compiled out sometimes on LibreSSL tls13Warning = sm.getString("engine.failedCipherSuite", sslHostConfig.getCiphers()); - } else { - ciphersSet = true; } } if (!ciphersSet) { --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
