This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 1.3.x
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/1.3.x by this push:
new 00471dea9 Sync Java code with 9.0.x
00471dea9 is described below
commit 00471dea949c0e592805151204b3a95a1aea67f4
Author: Mark Thomas <[email protected]>
AuthorDate: Tue Jan 6 20:03:57 2026 +0000
Sync Java code with 9.0.x
---
java/org/apache/tomcat/jni/SSL.java | 28 ++++++++++++++++++++--------
java/org/apache/tomcat/jni/SSLContext.java | 28 ++++++++++++++++++++--------
2 files changed, 40 insertions(+), 16 deletions(-)
diff --git a/java/org/apache/tomcat/jni/SSL.java
b/java/org/apache/tomcat/jni/SSL.java
index dcb3748f6..1280d9a58 100644
--- a/java/org/apache/tomcat/jni/SSL.java
+++ b/java/org/apache/tomcat/jni/SSL.java
@@ -802,21 +802,33 @@ public final class SSL {
public static native String[] getCiphers(long ssl);
/**
- * Returns the cipher suites available for negotiation in SSL handshake.
<br>
+ * Set the TLSv1.2 and below ciphers available for negotiation the in TLS
handshake.
+ * <p>
* This complex directive uses a colon-separated cipher-spec string
consisting of OpenSSL cipher specifications to
- * configure the Cipher Suite the client is permitted to negotiate in the
SSL handshake phase. Notice that this
- * directive can be used both in per-server and per-directory context. In
per-server context it applies to the
- * standard SSL handshake when a connection is established. In
per-directory context it forces an SSL renegotiation
- * with the reconfigured Cipher Suite after the HTTP request was read but
before the HTTP response is sent.
+ * configure the ciphers the client is permitted to negotiate in the TLS
handshake phase.
*
- * @param ssl the SSL instance (SSL *)
- * @param ciphers an SSL cipher specification
+ * @param ssl The SSL instance (SSL *)
+ * @param cipherList An OpenSSL cipher specification.
+ *
+ * @return <code>true</code> if the operation was successful
+ *
+ * @throws Exception An error occurred
+ */
+ public static native boolean setCipherSuites(long ssl, String cipherList)
throws Exception;
+
+ /**
+ * Set the TLSv1.3 cipher suites available for negotiation the in TLS
handshake.
+ * <p>
+ * This uses a colon-separated list of TLSv1.3 cipher suite names in
preference order.
+ *
+ * @param ssl The SSL instance (SSL *)
+ * @param cipherSuites An OpenSSL cipher suite list.
*
* @return <code>true</code> if the operation was successful
*
* @throws Exception An error occurred
*/
- public static native boolean setCipherSuites(long ssl, String ciphers)
throws Exception;
+ public static native boolean setCipherSuitesEx(long ssl, String
cipherSuites) throws Exception;
/**
* Returns the ID of the session as byte array representation.
diff --git a/java/org/apache/tomcat/jni/SSLContext.java
b/java/org/apache/tomcat/jni/SSLContext.java
index f1371280c..b075376d0 100644
--- a/java/org/apache/tomcat/jni/SSLContext.java
+++ b/java/org/apache/tomcat/jni/SSLContext.java
@@ -151,21 +151,33 @@ public final class SSLContext {
public static native void setQuietShutdown(long ctx, boolean mode);
/**
- * Cipher Suite available for negotiation in SSL handshake. <br>
+ * Set the TLSv1.2 and below ciphers available for negotiation the in TLS
handshake.
+ * <p>
* This complex directive uses a colon-separated cipher-spec string
consisting of OpenSSL cipher specifications to
- * configure the Cipher Suite the client is permitted to negotiate in the
SSL handshake phase. Notice that this
- * directive can be used both in per-server and per-directory context. In
per-server context it applies to the
- * standard SSL handshake when a connection is established. In
per-directory context it forces an SSL renegotiation
- * with the reconfigured Cipher Suite after the HTTP request was read but
before the HTTP response is sent.
+ * configure the ciphers the client is permitted to negotiate in the TLS
handshake phase.
*
- * @param ctx Server or Client context to use.
- * @param ciphers An OpenSSL cipher specification.
+ * @param ctx Server or Client context to use.
+ * @param cipherList An OpenSSL cipher specification.
+ *
+ * @return <code>true</code> if the operation was successful
+ *
+ * @throws Exception An error occurred
+ */
+ public static native boolean setCipherSuite(long ctx, String cipherList)
throws Exception;
+
+ /**
+ * Set the TLSv1.3 cipher suites available for negotiation the in TLS
handshake.
+ * <p>
+ * This uses a colon-separated list of TLSv1.3 cipher suite names in
preference order.
+ *
+ * @param ctx Server or Client context to use.
+ * @param cipherSuites An OpenSSL cipher suite list.
*
* @return <code>true</code> if the operation was successful
*
* @throws Exception An error occurred
*/
- public static native boolean setCipherSuite(long ctx, String ciphers)
throws Exception;
+ public static native boolean setCipherSuitesEx(long ctx, String
cipherSuites) throws Exception;
/**
* Set File of concatenated PEM-encoded CA CRLs or directory of
PEM-encoded CA Certificates for Client Auth <br>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
