public abstract class TCPSSLOptions extends NetworkOptions
Modifier and Type | Field and Description |
---|---|
static List<String> |
DEFAULT_ENABLED_SECURE_TRANSPORT_PROTOCOLS
The default ENABLED_SECURE_TRANSPORT_PROTOCOLS value = { "SSLv2Hello", "TLSv1", "TLSv1.1", "TLSv1.2" }
SSLv3 is NOT enabled due to POODLE vulnerability http://en.wikipedia.org/wiki/POODLE
"SSLv2Hello" is NOT enabled since it's disabled by default since JDK7
|
static int |
DEFAULT_IDLE_TIMEOUT
Default idle timeout = 0
|
static TimeUnit |
DEFAULT_IDLE_TIMEOUT_TIME_UNIT
Default idle time unit = SECONDS
|
static int |
DEFAULT_SO_LINGER
The default value of SO_linger = -1
|
static boolean |
DEFAULT_SSL
SSL enable by default = false
|
static SSLEngineOptions |
DEFAULT_SSL_ENGINE
The default SSL engine options = null (autoguess)
|
static long |
DEFAULT_SSL_HANDSHAKE_TIMEOUT
The default value of SSL handshake timeout = 10
|
static TimeUnit |
DEFAULT_SSL_HANDSHAKE_TIMEOUT_TIME_UNIT
Default SSL handshake time unit = SECONDS
|
static boolean |
DEFAULT_TCP_CORK
The default TCP_CORK value = false
|
static boolean |
DEFAULT_TCP_FAST_OPEN
The default TCP_FASTOPEN value = false
|
static boolean |
DEFAULT_TCP_KEEP_ALIVE
The default value of TCP keep alive = false
|
static boolean |
DEFAULT_TCP_NO_DELAY
The default value of TCP-no-delay = true (Nagle disabled)
|
static boolean |
DEFAULT_TCP_QUICKACK
The default TCP_QUICKACK value = false
|
static boolean |
DEFAULT_USE_ALPN
Default use alpn = false
|
DEFAULT_LOG_ENABLED, DEFAULT_RECEIVE_BUFFER_SIZE, DEFAULT_REUSE_ADDRESS, DEFAULT_REUSE_PORT, DEFAULT_SEND_BUFFER_SIZE, DEFAULT_TRAFFIC_CLASS
Constructor and Description |
---|
TCPSSLOptions()
Default constructor
|
TCPSSLOptions(JsonObject json)
Create options from JSON
|
TCPSSLOptions(TCPSSLOptions other)
Copy constructor
|
Modifier and Type | Method and Description |
---|---|
TCPSSLOptions |
addCrlPath(String crlPath)
Add a CRL path
|
TCPSSLOptions |
addCrlValue(Buffer crlValue)
Add a CRL value
|
TCPSSLOptions |
addEnabledCipherSuite(String suite)
Add an enabled cipher suite, appended to the ordered suites.
|
TCPSSLOptions |
addEnabledSecureTransportProtocol(String protocol)
Add an enabled SSL/TLS protocols, appended to the ordered protocols.
|
List<String> |
getCrlPaths() |
List<Buffer> |
getCrlValues()
Get the CRL values
|
Set<String> |
getEnabledCipherSuites() |
Set<String> |
getEnabledSecureTransportProtocols()
Returns the enabled SSL/TLS protocols
|
int |
getIdleTimeout() |
TimeUnit |
getIdleTimeoutUnit() |
JdkSSLEngineOptions |
getJdkSslEngineOptions() |
KeyCertOptions |
getKeyCertOptions() |
JksOptions |
getKeyStoreOptions()
Get the key/cert options in jks format, aka Java keystore.
|
OpenSSLEngineOptions |
getOpenSslEngineOptions() |
PemKeyCertOptions |
getPemKeyCertOptions()
Get the key/cert store options in pem format.
|
PemTrustOptions |
getPemTrustOptions()
Get the trust options in pem format
|
PfxOptions |
getPfxKeyCertOptions()
Get the key/cert options in pfx format.
|
PfxOptions |
getPfxTrustOptions()
Get the trust options in pfx format
|
int |
getSoLinger() |
SSLEngineOptions |
getSslEngineOptions() |
long |
getSslHandshakeTimeout() |
TimeUnit |
getSslHandshakeTimeoutUnit() |
TrustOptions |
getTrustOptions() |
JksOptions |
getTrustStoreOptions()
Get the trust options in jks format, aka Java truststore
|
boolean |
isSsl() |
boolean |
isTcpCork() |
boolean |
isTcpFastOpen() |
boolean |
isTcpKeepAlive() |
boolean |
isTcpNoDelay() |
boolean |
isTcpQuickAck() |
boolean |
isUseAlpn() |
TCPSSLOptions |
removeEnabledSecureTransportProtocol(String protocol)
Removes an enabled SSL/TLS protocol from the ordered protocols.
|
TCPSSLOptions |
setEnabledSecureTransportProtocols(Set<String> enabledSecureTransportProtocols)
Sets the list of enabled SSL/TLS protocols.
|
TCPSSLOptions |
setIdleTimeout(int idleTimeout)
Set the idle timeout, default time unit is seconds.
|
TCPSSLOptions |
setIdleTimeoutUnit(TimeUnit idleTimeoutUnit)
Set the idle timeout unit.
|
TCPSSLOptions |
setJdkSslEngineOptions(JdkSSLEngineOptions sslEngineOptions) |
TCPSSLOptions |
setKeyCertOptions(KeyCertOptions options)
Set the key/cert options.
|
TCPSSLOptions |
setKeyStoreOptions(JksOptions options)
Set the key/cert options in jks format, aka Java keystore.
|
TCPSSLOptions |
setLogActivity(boolean logEnabled)
Set to true to enabled network activity logging: Netty's pipeline is configured for logging on Netty's logger.
|
TCPSSLOptions |
setOpenSslEngineOptions(OpenSSLEngineOptions sslEngineOptions) |
TCPSSLOptions |
setPemKeyCertOptions(PemKeyCertOptions options)
Set the key/cert store options in pem format.
|
TCPSSLOptions |
setPemTrustOptions(PemTrustOptions options)
Set the trust options in pem format
|
TCPSSLOptions |
setPfxKeyCertOptions(PfxOptions options)
Set the key/cert options in pfx format.
|
TCPSSLOptions |
setPfxTrustOptions(PfxOptions options)
Set the trust options in pfx format
|
TCPSSLOptions |
setReceiveBufferSize(int receiveBufferSize)
Set the TCP receive buffer size
|
TCPSSLOptions |
setReuseAddress(boolean reuseAddress)
Set the value of reuse address
|
TCPSSLOptions |
setReusePort(boolean reusePort)
Set the value of reuse port.
|
TCPSSLOptions |
setSendBufferSize(int sendBufferSize)
Set the TCP send buffer size
|
TCPSSLOptions |
setSoLinger(int soLinger)
Set whether SO_linger keep alive is enabled
|
TCPSSLOptions |
setSsl(boolean ssl)
Set whether SSL/TLS is enabled
|
TCPSSLOptions |
setSslEngineOptions(SSLEngineOptions sslEngineOptions)
Set to use SSL engine implementation to use.
|
TCPSSLOptions |
setSslHandshakeTimeout(long sslHandshakeTimeout)
Set the SSL handshake timeout, default time unit is seconds.
|
TCPSSLOptions |
setSslHandshakeTimeoutUnit(TimeUnit sslHandshakeTimeoutUnit)
Set the SSL handshake timeout unit.
|
TCPSSLOptions |
setTcpCork(boolean tcpCork)
Enable the
TCP_CORK option - only with linux native transport. |
TCPSSLOptions |
setTcpFastOpen(boolean tcpFastOpen)
Enable the
TCP_FASTOPEN option - only with linux native transport. |
TCPSSLOptions |
setTcpKeepAlive(boolean tcpKeepAlive)
Set whether TCP keep alive is enabled
|
TCPSSLOptions |
setTcpNoDelay(boolean tcpNoDelay)
Set whether TCP no delay is enabled
|
TCPSSLOptions |
setTcpQuickAck(boolean tcpQuickAck)
Enable the
TCP_QUICKACK option - only with linux native transport. |
TCPSSLOptions |
setTrafficClass(int trafficClass)
Set the value of traffic class
|
TCPSSLOptions |
setTrustOptions(TrustOptions options)
Set the trust options.
|
TCPSSLOptions |
setTrustStoreOptions(JksOptions options)
Set the trust options in jks format, aka Java truststore
|
TCPSSLOptions |
setUseAlpn(boolean useAlpn)
Set the ALPN usage.
|
JsonObject |
toJson()
Convert to JSON
|
getLogActivity, getReceiveBufferSize, getSendBufferSize, getTrafficClass, isReuseAddress, isReusePort
public static final boolean DEFAULT_TCP_NO_DELAY
public static final boolean DEFAULT_TCP_KEEP_ALIVE
public static final int DEFAULT_SO_LINGER
public static final boolean DEFAULT_SSL
public static final int DEFAULT_IDLE_TIMEOUT
public static final TimeUnit DEFAULT_IDLE_TIMEOUT_TIME_UNIT
public static final boolean DEFAULT_USE_ALPN
public static final SSLEngineOptions DEFAULT_SSL_ENGINE
public static final List<String> DEFAULT_ENABLED_SECURE_TRANSPORT_PROTOCOLS
public static final boolean DEFAULT_TCP_FAST_OPEN
public static final boolean DEFAULT_TCP_CORK
public static final boolean DEFAULT_TCP_QUICKACK
public static final long DEFAULT_SSL_HANDSHAKE_TIMEOUT
public static final TimeUnit DEFAULT_SSL_HANDSHAKE_TIMEOUT_TIME_UNIT
public TCPSSLOptions()
public TCPSSLOptions(TCPSSLOptions other)
other
- the options to copypublic TCPSSLOptions(JsonObject json)
json
- the JSONpublic JsonObject toJson()
toJson
in class NetworkOptions
public boolean isTcpNoDelay()
public TCPSSLOptions setTcpNoDelay(boolean tcpNoDelay)
tcpNoDelay
- true if TCP no delay is enabled (Nagle disabled)public boolean isTcpKeepAlive()
public TCPSSLOptions setTcpKeepAlive(boolean tcpKeepAlive)
tcpKeepAlive
- true if TCP keep alive is enabledpublic int getSoLinger()
public TCPSSLOptions setSoLinger(int soLinger)
soLinger
- true if SO_linger is enabledpublic TCPSSLOptions setIdleTimeout(int idleTimeout)
setIdleTimeoutUnit(TimeUnit)
idleTimeout
- the timeout, in secondspublic int getIdleTimeout()
getIdleTimeoutUnit()
.public TCPSSLOptions setIdleTimeoutUnit(TimeUnit idleTimeoutUnit)
idleTimeoutUnit
- specify time unit.public TimeUnit getIdleTimeoutUnit()
public boolean isSsl()
public TCPSSLOptions setSsl(boolean ssl)
ssl
- true if enabledpublic KeyCertOptions getKeyCertOptions()
public TCPSSLOptions setKeyCertOptions(KeyCertOptions options)
options
- the key store optionspublic JksOptions getKeyStoreOptions()
public TCPSSLOptions setKeyStoreOptions(JksOptions options)
options
- the key store in jks formatpublic PfxOptions getPfxKeyCertOptions()
public TCPSSLOptions setPfxKeyCertOptions(PfxOptions options)
options
- the key cert options in pfx formatpublic PemKeyCertOptions getPemKeyCertOptions()
public TCPSSLOptions setPemKeyCertOptions(PemKeyCertOptions options)
options
- the options in pem formatpublic TrustOptions getTrustOptions()
public TCPSSLOptions setTrustOptions(TrustOptions options)
options
- the trust optionspublic JksOptions getTrustStoreOptions()
public TCPSSLOptions setTrustStoreOptions(JksOptions options)
options
- the trust options in jks formatpublic PfxOptions getPfxTrustOptions()
public TCPSSLOptions setPfxTrustOptions(PfxOptions options)
options
- the trust options in pfx formatpublic PemTrustOptions getPemTrustOptions()
public TCPSSLOptions setPemTrustOptions(PemTrustOptions options)
options
- the trust options in pem formatpublic TCPSSLOptions addEnabledCipherSuite(String suite)
suite
- the suitepublic Set<String> getEnabledCipherSuites()
public TCPSSLOptions addCrlPath(String crlPath) throws NullPointerException
crlPath
- the pathNullPointerException
public TCPSSLOptions addCrlValue(Buffer crlValue) throws NullPointerException
crlValue
- the valueNullPointerException
public boolean isUseAlpn()
public TCPSSLOptions setUseAlpn(boolean useAlpn)
useAlpn
- true when Application-Layer Protocol Negotiation should be usedpublic SSLEngineOptions getSslEngineOptions()
public TCPSSLOptions setSslEngineOptions(SSLEngineOptions sslEngineOptions)
sslEngineOptions
- the ssl engine to usepublic JdkSSLEngineOptions getJdkSslEngineOptions()
public TCPSSLOptions setJdkSslEngineOptions(JdkSSLEngineOptions sslEngineOptions)
public OpenSSLEngineOptions getOpenSslEngineOptions()
public TCPSSLOptions setOpenSslEngineOptions(OpenSSLEngineOptions sslEngineOptions)
public TCPSSLOptions setEnabledSecureTransportProtocols(Set<String> enabledSecureTransportProtocols)
enabledSecureTransportProtocols
- the SSL/TLS protocols to enablepublic TCPSSLOptions addEnabledSecureTransportProtocol(String protocol)
protocol
- the SSL/TLS protocol to enablepublic TCPSSLOptions removeEnabledSecureTransportProtocol(String protocol)
protocol
- the SSL/TLS protocol to disablepublic boolean isTcpFastOpen()
TCP_FASTOPEN
option is enabledpublic TCPSSLOptions setTcpFastOpen(boolean tcpFastOpen)
TCP_FASTOPEN
option - only with linux native transport.tcpFastOpen
- the fast open valuepublic boolean isTcpCork()
TCP_CORK
option is enabledpublic TCPSSLOptions setTcpCork(boolean tcpCork)
TCP_CORK
option - only with linux native transport.tcpCork
- the cork valuepublic boolean isTcpQuickAck()
TCP_QUICKACK
option is enabledpublic TCPSSLOptions setTcpQuickAck(boolean tcpQuickAck)
TCP_QUICKACK
option - only with linux native transport.tcpQuickAck
- the quick ack valuepublic Set<String> getEnabledSecureTransportProtocols()
public long getSslHandshakeTimeout()
getSslHandshakeTimeoutUnit()
.public TCPSSLOptions setSslHandshakeTimeout(long sslHandshakeTimeout)
sslHandshakeTimeout
- the SSL handshake timeout to set, in millisecondspublic TCPSSLOptions setSslHandshakeTimeoutUnit(TimeUnit sslHandshakeTimeoutUnit)
sslHandshakeTimeoutUnit
- specify time unit.public TimeUnit getSslHandshakeTimeoutUnit()
public TCPSSLOptions setLogActivity(boolean logEnabled)
NetworkOptions
setLogActivity
in class NetworkOptions
logEnabled
- true for logging the network activitypublic TCPSSLOptions setSendBufferSize(int sendBufferSize)
NetworkOptions
setSendBufferSize
in class NetworkOptions
sendBufferSize
- the buffers size, in bytespublic TCPSSLOptions setReceiveBufferSize(int receiveBufferSize)
NetworkOptions
setReceiveBufferSize
in class NetworkOptions
receiveBufferSize
- the buffers size, in bytespublic TCPSSLOptions setReuseAddress(boolean reuseAddress)
NetworkOptions
setReuseAddress
in class NetworkOptions
reuseAddress
- the value of reuse addresspublic TCPSSLOptions setTrafficClass(int trafficClass)
NetworkOptions
setTrafficClass
in class NetworkOptions
trafficClass
- the value of traffic classpublic TCPSSLOptions setReusePort(boolean reusePort)
NetworkOptions
setReusePort
in class NetworkOptions
reusePort
- the value of reuse portCopyright © 2021 Eclipse. All rights reserved.