Index: Makefile.in
==================================================================
--- Makefile.in
+++ Makefile.in
@@ -35,11 +35,11 @@
 	xxd -i < '@srcdir@/tls.tcl' > '@srcdir@/tls.tcl.h.new'
 	mv '@srcdir@/tls.tcl.h.new' '@srcdir@/tls.tcl.h'
 
 # Create default DH parameters
 dh_params.h: @srcdir@/gen_dh_params
-	@srcdir@/gen_dh_params > dh_params.h.new
+	@srcdir@/gen_dh_params @GEN_DH_PARAMS_ARGS@ > dh_params.h.new
 	mv dh_params.h.new dh_params.h
 
 # Generic target for building files from the "srcdir"
 # tree -- the default target will not match paths
 %.o: @srcdir@/%.c

Index: configure.in
==================================================================
--- configure.in
+++ configure.in
@@ -42,10 +42,23 @@
 	tcltls_ssl_lib="$withval"
 ], [
 	tcltls_ssl_lib='auto'
 ])
 
+dnl Enable support for building the same library every time
+tcltls_deterministic='false'
+AC_ARG_ENABLE([deterministic], AS_HELP_STRING([--enable-deterministic], [enable deterministic parameters]), [
+	if test "$enableval" = "yes"; then
+		tcltls_deterministic='true'
+	fi
+])
+if test "$tcltls_deterministic" = 'true'; then
+	GEN_DH_PARAMS_ARGS='fallback'
+else
+	GEN_DH_PARAMS_ARGS=''
+fi
+AC_SUBST(GEN_DH_PARAMS_ARGS)
 
 AC_CHECK_TOOL([PKGCONFIG], [pkg-config], [false])
 
 dnl XXX:TODO: Automatically determine the SSL library to use
 dnl           defaulting to OpenSSL for compatibility reasons

Index: gen_dh_params
==================================================================
--- gen_dh_params
+++ gen_dh_params
@@ -78,10 +78,17 @@
 		{ DH_free(dh); return(NULL); }
 	return(dh);
 	}
 _EOF_
 }
+
+# Enable support for giving the same DH params each time
+if [ "$1" = 'fallback' ]; then
+	gen_dh_params_fallback && exit 0
+
+	exit 1
+fi
 
 gen_dh_params_openssl && exit 0
 gen_dh_params_remote && exit 0
 gen_dh_params_fallback && exit 0