[GitHub] [tomcat] markt-asf commented on a diff in pull request #644: Warn when non default ciphers are removed because the engine rejects them.

via GitHub Tue, 08 Aug 2023 08:49:18 -0700


markt-asf commented on code in PR #644:
URL: https://github.com/apache/tomcat/pull/644#discussion_r1287317502



##########
java/org/apache/tomcat/util/net/SSLUtilBase.java:
##########
@@ -122,6 +122,10 @@ protected SSLUtilBase(SSLHostConfigCertificate 
certificate, boolean warnTls13) {
         
sslHostConfig.setTls13RenegotiationAvailable(isTls13RenegAuthAvailable());
 
         // Calculate the enabled ciphers
+        boolean warnOnSkip = true;
+        if 
(sslHostConfig.getCiphers().equals(sslHostConfig.DEFAULT_TLS_CIPHERS)) {
+            warnOnSkip = false;
+        }

Review Comment:
   `boolean warnOnSkip = 
!sslHostConfig.getCiphers().equals(sslHostConfig.DEFAULT_TLS_CIPHERS);`
   
   And move this inside the block where it is used.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] markt-asf commented on a diff in pull request #644: Warn when non default ciphers are removed because the engine rejects them.

Reply via email to