This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/11.0.x by this push:
new d0bff3e4a8 Add setters for new native methods and update Javadoc
comments
d0bff3e4a8 is described below
commit d0bff3e4a8f85e8beef64b1e336b04ed6b335ba8
Author: Mark Thomas <[email protected]>
AuthorDate: Tue Jan 6 17:30:04 2026 +0000
Add setters for new native methods and update Javadoc comments
---
java/org/apache/tomcat/jni/SSL.java | 28 ++++++++++++++++++++--------
java/org/apache/tomcat/jni/SSLContext.java | 28 ++++++++++++++++++++--------
2 files changed, 40 insertions(+), 16 deletions(-)
diff --git a/java/org/apache/tomcat/jni/SSL.java
b/java/org/apache/tomcat/jni/SSL.java
index 85d8799deb..24eaffb3ec 100644
--- a/java/org/apache/tomcat/jni/SSL.java
+++ b/java/org/apache/tomcat/jni/SSL.java
@@ -621,21 +621,33 @@ public final class SSL {
public static native String[] getCiphers(long ssl);
/**
- * Returns the cipher suites available for negotiation in SSL handshake.
<br>
+ * Set the TLSv1.2 and below ciphers available for negotiation the in TLS
handshake.
+ * <p>
* This complex directive uses a colon-separated cipher-spec string
consisting of OpenSSL cipher specifications to
- * configure the Cipher Suite the client is permitted to negotiate in the
SSL handshake phase. Notice that this
- * directive can be used both in per-server and per-directory context. In
per-server context it applies to the
- * standard SSL handshake when a connection is established. In
per-directory context it forces an SSL renegotiation
- * with the reconfigured Cipher Suite after the HTTP request was read but
before the HTTP response is sent.
+ * configure the ciphers the client is permitted to negotiate in the TLS
handshake phase.
*
- * @param ssl the SSL instance (SSL *)
- * @param ciphers an SSL cipher specification
+ * @param ssl The SSL instance (SSL *)
+ * @param cipherList An OpenSSL cipher specification.
+ *
+ * @return <code>true</code> if the operation was successful
+ *
+ * @throws Exception An error occurred
+ */
+ public static native boolean setCipherSuites(long ssl, String cipherList)
throws Exception;
+
+ /**
+ * Set the TLSv1.3 cipher suites available for negotiation the in TLS
handshake.
+ * <p>
+ * This uses a colon-separated list of TLSv1.3 cipher suite names in
preference order.
+ *
+ * @param ssl The SSL instance (SSL *)
+ * @param cipherSuites An OpenSSL cipher suite list.
*
* @return <code>true</code> if the operation was successful
*
* @throws Exception An error occurred
*/
- public static native boolean setCipherSuites(long ssl, String ciphers)
throws Exception;
+ public static native boolean setCipherSuitesEx(long ssl, String
cipherSuites) throws Exception;
/**
* Returns the ID of the session as byte array representation.
diff --git a/java/org/apache/tomcat/jni/SSLContext.java
b/java/org/apache/tomcat/jni/SSLContext.java
index bb56d1afc1..ae307a6b2a 100644
--- a/java/org/apache/tomcat/jni/SSLContext.java
+++ b/java/org/apache/tomcat/jni/SSLContext.java
@@ -98,21 +98,33 @@ public final class SSLContext {
public static native String[] getCiphers(long ctx);
/**
- * Cipher Suite available for negotiation in SSL handshake. <br>
+ * Set the TLSv1.2 and below ciphers available for negotiation the in TLS
handshake.
+ * <p>
* This complex directive uses a colon-separated cipher-spec string
consisting of OpenSSL cipher specifications to
- * configure the Cipher Suite the client is permitted to negotiate in the
SSL handshake phase. Notice that this
- * directive can be used both in per-server and per-directory context. In
per-server context it applies to the
- * standard SSL handshake when a connection is established. In
per-directory context it forces an SSL renegotiation
- * with the reconfigured Cipher Suite after the HTTP request was read but
before the HTTP response is sent.
+ * configure the ciphers the client is permitted to negotiate in the TLS
handshake phase.
*
- * @param ctx Server or Client context to use.
- * @param ciphers An OpenSSL cipher specification.
+ * @param ctx Server or Client context to use.
+ * @param cipherList An OpenSSL cipher specification.
+ *
+ * @return <code>true</code> if the operation was successful
+ *
+ * @throws Exception An error occurred
+ */
+ public static native boolean setCipherSuite(long ctx, String cipherList)
throws Exception;
+
+ /**
+ * Set the TLSv1.3 cipher suites available for negotiation the in TLS
handshake.
+ * <p>
+ * This uses a colon-separated list of TLSv1.3 cipher suite names in
preference order.
+ *
+ * @param ctx Server or Client context to use.
+ * @param cipherSuites An OpenSSL cipher suite list.
*
* @return <code>true</code> if the operation was successful
*
* @throws Exception An error occurred
*/
- public static native boolean setCipherSuite(long ctx, String ciphers)
throws Exception;
+ public static native boolean setCipherSuitesEx(long ctx, String
cipherSuites) throws Exception;
/**
* Set File of concatenated PEM-encoded CA CRLs or directory of
PEM-encoded CA Certificates for Client Auth <br>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
