This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new d5a4c1ea2a Add comment
d5a4c1ea2a is described below
commit d5a4c1ea2a73a7c97207ddb1ada0f470f1398b67
Author: remm <[email protected]>
AuthorDate: Fri Sep 26 15:39:38 2025 +0200
Add comment
Test setting groups in the SSL engine, which is more JSSE standard but
does not provide any benefits.
---
java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java | 3 +++
1 file changed, 3 insertions(+)
diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
index 67297bf752..8aaad4b924 100644
--- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -262,6 +262,9 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
SSL_CTX_set_default_passwd_cb(sslCtx, pem_password_cb.allocate(new
PasswordCallback(null), contextArena));
// Set server groups
+ // Note: It is also possible to override setSSLParameters in
OpenSSLEngine to set the final
+ // list of groups per connection, but this is less efficient than
setting the configured
+ // group list on the SSL context and letting OpenSSL figure it
out.
if (sslHostConfig.getGroupList() != null) {
StringBuilder sb = new StringBuilder();
boolean first = true;
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
