This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 5c6903ede5 Add macro for SSL_CTX_set_dh_auto
5c6903ede5 is described below
commit 5c6903ede556b8946aeb98b1975daf3d5a67bf5d
Author: remm <[email protected]>
AuthorDate: Sun Dec 14 13:28:00 2025 +0100
Add macro for SSL_CTX_set_dh_auto
Not having it made me miss that it was already done when looking it up
using the macro name.
---
.../tomcat/util/net/openssl/panama/OpenSSLContext.java | 4 ++--
.../apache/tomcat/util/openssl/openssl_h_Macros.java | 18 ++++++++++++++++++
2 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
index 34a07599d7..3f3419874f 100644
--- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -1090,7 +1090,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
log.debug(sm.getString("openssl.errorReadingPEMParameters", errMessage,
certificate.getCertificateFile()));
}
- SSL_CTX_ctrl(state.sslCtx,
SSL_CTRL_SET_DH_AUTO(), 1, MemorySegment.NULL);
+ SSL_CTX_set_dh_auto(state.sslCtx, 1);
}
}
}
@@ -1260,7 +1260,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
log.debug(sm.getString("openssl.errorReadingPEMParameters", errMessage,
x509KeyManager.toString()));
}
- SSL_CTX_ctrl(state.sslCtx, SSL_CTRL_SET_DH_AUTO(), 1,
MemorySegment.NULL);
+ SSL_CTX_set_dh_auto(state.sslCtx, 1);
}
}
for (int i = 1; i < chain.length; i++) {
diff --git a/java/org/apache/tomcat/util/openssl/openssl_h_Macros.java
b/java/org/apache/tomcat/util/openssl/openssl_h_Macros.java
index 13106c484c..9571a2c258 100644
--- a/java/org/apache/tomcat/util/openssl/openssl_h_Macros.java
+++ b/java/org/apache/tomcat/util/openssl/openssl_h_Macros.java
@@ -370,6 +370,24 @@ public class openssl_h_Macros {
}
+ /**
+ * Set automatic dh.
+ * {@snippet lang = c : # define SSL_CTX_set_dh_auto(ctx, onoff) \
+ * SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
+ * }
+ * @param sslCtx the SSL context
+ * @param onoff 1 to enable
+ * @return > 0 if successful
+ */
+ public static long SSL_CTX_set_dh_auto(MemorySegment sslCtx, int onoff) {
+ if (openssl_h_Compatibility.BORINGSSL) {
+ return 1;
+ } else {
+ return SSL_CTX_ctrl(sslCtx, SSL_CTRL_SET_DH_AUTO(), 1,
MemorySegment.NULL);
+ }
+ }
+
+
/**
* Free memory.
* {@snippet lang = c : # define OPENSSL_free(addr) CRYPTO_free(addr,
OPENSSL_FILE, OPENSSL_LINE)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
