io.netty.handler.ssl.OpenSslContextOption Maven / Gradle / Ivy
/*
* Copyright 2021 The Netty Project
*
* The Netty Project licenses this file to you under the Apache License,
* version 2.0 (the "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at:
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
package io.netty.handler.ssl;
/**
* {@link SslContextOption}s that are specific to the {@link SslProvider#OPENSSL} / {@link SslProvider#OPENSSL_REFCNT}.
*
* @param the type of the value.
*/
public final class OpenSslContextOption extends SslContextOption {
private OpenSslContextOption(String name) {
super(name);
}
/**
* If enabled heavy-operations may be offloaded from the {@link io.netty.channel.EventLoop} if possible.
*/
public static final OpenSslContextOption USE_TASKS =
new OpenSslContextOption("USE_TASKS");
/**
* If enabled TLS false start will be enabled if supported.
* When TLS false start is enabled the flow of {@link SslHandshakeCompletionEvent}s may be different compared when,
* not enabled.
*
* This is currently only supported when {@code BoringSSL} and ALPN is used.
*/
public static final OpenSslContextOption TLS_FALSE_START =
new OpenSslContextOption("TLS_FALSE_START");
/**
* Set the {@link OpenSslPrivateKeyMethod} to use. This allows to offload private-key operations
* if needed.
*
* This is currently only supported when {@code BoringSSL} is used.
*/
public static final OpenSslContextOption PRIVATE_KEY_METHOD =
new OpenSslContextOption("PRIVATE_KEY_METHOD");
/**
* Set the {@link OpenSslAsyncPrivateKeyMethod} to use. This allows to offload private-key operations
* if needed.
*
* This is currently only supported when {@code BoringSSL} is used.
*/
public static final OpenSslContextOption ASYNC_PRIVATE_KEY_METHOD =
new OpenSslContextOption("ASYNC_PRIVATE_KEY_METHOD");
/**
* Set the {@link OpenSslCertificateCompressionConfig} to use. This allows for the configuration of certificate
* compression algorithms which should be used, the priority of those algorithms and the directions in which
* they should be used.
*
* This is currently only supported when {@code BoringSSL} is used.
*/
public static final OpenSslContextOption CERTIFICATE_COMPRESSION_ALGORITHMS =
new OpenSslContextOption("CERTIFICATE_COMPRESSION_ALGORITHMS");
/**
* Set the maximum number of bytes that is allowed during the handshake for certificate chain.
*/
public static final OpenSslContextOption MAX_CERTIFICATE_LIST_BYTES =
new OpenSslContextOption("MAX_CERTIFICATE_LIST_BYTES");
}