public abstract class TCPSSLOptions extends NetworkOptions
Modifier and Type | Field and Description |
---|---|
static List<String> |
DEFAULT_ENABLED_SECURE_TRANSPORT_PROTOCOLS
The default ENABLED_SECURE_TRANSPORT_PROTOCOLS value = { "TLSv1", "TLSv1.1", "TLSv1.2" }
SSLv3 is NOT enabled due to POODLE vulnerability http://en.wikipedia.org/wiki/POODLE
"SSLv2Hello" is NOT enabled since it's disabled by default since JDK7
|
static int |
DEFAULT_IDLE_TIMEOUT
Default idle timeout = 0
|
static TimeUnit |
DEFAULT_IDLE_TIMEOUT_TIME_UNIT
Default idle time unit = SECONDS
|
static int |
DEFAULT_READ_IDLE_TIMEOUT
Default read idle timeout = 0
|
static int |
DEFAULT_SO_LINGER
The default value of SO_linger = -1
|
static boolean |
DEFAULT_SSL
SSL enable by default = false
|
static SSLEngineOptions |
DEFAULT_SSL_ENGINE
The default SSL engine options = null (autoguess)
|
static long |
DEFAULT_SSL_HANDSHAKE_TIMEOUT
The default value of SSL handshake timeout = 10
|
static TimeUnit |
DEFAULT_SSL_HANDSHAKE_TIMEOUT_TIME_UNIT
Default SSL handshake time unit = SECONDS
|
static boolean |
DEFAULT_TCP_CORK
The default TCP_CORK value = false
|
static boolean |
DEFAULT_TCP_FAST_OPEN
The default TCP_FASTOPEN value = false
|
static boolean |
DEFAULT_TCP_KEEP_ALIVE
The default value of TCP keep alive = false
|
static boolean |
DEFAULT_TCP_NO_DELAY
The default value of TCP-no-delay = true (Nagle disabled)
|
static boolean |
DEFAULT_TCP_QUICKACK
The default TCP_QUICKACK value = false
|
static int |
DEFAULT_TCP_USER_TIMEOUT
The default TCP_USER_TIMEOUT value in milliseconds = 0
When the default value of 0 is used, TCP will use the system default.
|
static boolean |
DEFAULT_USE_ALPN
Default use alpn = false
|
static int |
DEFAULT_WRITE_IDLE_TIMEOUT
Default write idle timeout = 0
|
DEFAULT_LOG_ACTIVITY_FORMAT, DEFAULT_LOG_ENABLED, DEFAULT_RECEIVE_BUFFER_SIZE, DEFAULT_REUSE_ADDRESS, DEFAULT_REUSE_PORT, DEFAULT_SEND_BUFFER_SIZE, DEFAULT_TRAFFIC_CLASS
Constructor and Description |
---|
TCPSSLOptions()
Default constructor
|
TCPSSLOptions(JsonObject json)
Create options from JSON
|
TCPSSLOptions(TCPSSLOptions other)
Copy constructor
|
Modifier and Type | Method and Description |
---|---|
TCPSSLOptions |
addCrlPath(String crlPath)
Add a CRL path
|
TCPSSLOptions |
addCrlValue(Buffer crlValue)
Add a CRL value
|
TCPSSLOptions |
addEnabledCipherSuite(String suite)
Add an enabled cipher suite, appended to the ordered suites.
|
TCPSSLOptions |
addEnabledSecureTransportProtocol(String protocol)
Add an enabled SSL/TLS protocols, appended to the ordered protocols.
|
List<String> |
getCrlPaths() |
List<Buffer> |
getCrlValues()
Get the CRL values
|
Set<String> |
getEnabledCipherSuites()
Return an ordered set of the cipher suites.
|
Set<String> |
getEnabledSecureTransportProtocols()
Returns the enabled SSL/TLS protocols
|
int |
getIdleTimeout() |
TimeUnit |
getIdleTimeoutUnit() |
JdkSSLEngineOptions |
getJdkSslEngineOptions() |
KeyCertOptions |
getKeyCertOptions() |
JksOptions |
getKeyStoreOptions()
Get the key/cert options in jks format, aka Java keystore.
|
OpenSSLEngineOptions |
getOpenSslEngineOptions() |
PemKeyCertOptions |
getPemKeyCertOptions()
Get the key/cert store options in pem format.
|
PemTrustOptions |
getPemTrustOptions()
Get the trust options in pem format
|
PfxOptions |
getPfxKeyCertOptions()
Get the key/cert options in pfx format.
|
PfxOptions |
getPfxTrustOptions()
Get the trust options in pfx format
|
int |
getReadIdleTimeout() |
int |
getSoLinger() |
SSLEngineOptions |
getSslEngineOptions() |
long |
getSslHandshakeTimeout() |
TimeUnit |
getSslHandshakeTimeoutUnit() |
int |
getTcpUserTimeout() |
TrustOptions |
getTrustOptions() |
JksOptions |
getTrustStoreOptions()
Get the trust options in jks format, aka Java truststore
|
int |
getWriteIdleTimeout() |
boolean |
isSsl() |
boolean |
isTcpCork() |
boolean |
isTcpFastOpen() |
boolean |
isTcpKeepAlive() |
boolean |
isTcpNoDelay() |
boolean |
isTcpQuickAck() |
boolean |
isUseAlpn() |
TCPSSLOptions |
removeEnabledCipherSuite(String suite)
Removes an enabled cipher suite from the ordered suites.
|
TCPSSLOptions |
removeEnabledSecureTransportProtocol(String protocol)
Removes an enabled SSL/TLS protocol from the ordered protocols.
|
TCPSSLOptions |
setActivityLogDataFormat(io.netty.handler.logging.ByteBufFormat activityLogDataFormat)
Set the value of Netty's logging handler's data format: Netty's pipeline is configured for logging on Netty's logger.
|
TCPSSLOptions |
setEnabledSecureTransportProtocols(Set<String> enabledSecureTransportProtocols)
Sets the list of enabled SSL/TLS protocols.
|
TCPSSLOptions |
setIdleTimeout(int idleTimeout)
Set the idle timeout, default time unit is seconds.
|
TCPSSLOptions |
setIdleTimeoutUnit(TimeUnit idleTimeoutUnit)
Set the idle timeout unit.
|
TCPSSLOptions |
setJdkSslEngineOptions(JdkSSLEngineOptions sslEngineOptions) |
TCPSSLOptions |
setKeyCertOptions(KeyCertOptions options)
Set the key/cert options.
|
TCPSSLOptions |
setKeyStoreOptions(JksOptions options)
Set the key/cert options in jks format, aka Java keystore.
|
TCPSSLOptions |
setLogActivity(boolean logEnabled)
Set to true to enabled network activity logging: Netty's pipeline is configured for logging on Netty's logger.
|
TCPSSLOptions |
setOpenSslEngineOptions(OpenSSLEngineOptions sslEngineOptions) |
TCPSSLOptions |
setPemKeyCertOptions(PemKeyCertOptions options)
Set the key/cert store options in pem format.
|
TCPSSLOptions |
setPemTrustOptions(PemTrustOptions options)
Set the trust options in pem format
|
TCPSSLOptions |
setPfxKeyCertOptions(PfxOptions options)
Set the key/cert options in pfx format.
|
TCPSSLOptions |
setPfxTrustOptions(PfxOptions options)
Set the trust options in pfx format
|
TCPSSLOptions |
setReadIdleTimeout(int idleTimeout)
Set the read idle timeout, default time unit is seconds.
|
TCPSSLOptions |
setReceiveBufferSize(int receiveBufferSize)
Set the TCP receive buffer size
|
TCPSSLOptions |
setReuseAddress(boolean reuseAddress)
Set the value of reuse address
|
TCPSSLOptions |
setReusePort(boolean reusePort)
Set the value of reuse port.
|
TCPSSLOptions |
setSendBufferSize(int sendBufferSize)
Set the TCP send buffer size
|
TCPSSLOptions |
setSoLinger(int soLinger)
Set whether SO_linger keep alive is enabled
|
TCPSSLOptions |
setSsl(boolean ssl)
Set whether SSL/TLS is enabled
|
TCPSSLOptions |
setSslEngineOptions(SSLEngineOptions sslEngineOptions)
Set to use SSL engine implementation to use.
|
TCPSSLOptions |
setSslHandshakeTimeout(long sslHandshakeTimeout)
Set the SSL handshake timeout, default time unit is seconds.
|
TCPSSLOptions |
setSslHandshakeTimeoutUnit(TimeUnit sslHandshakeTimeoutUnit)
Set the SSL handshake timeout unit.
|
TCPSSLOptions |
setTcpCork(boolean tcpCork)
Enable the
TCP_CORK option - only with linux native transport. |
TCPSSLOptions |
setTcpFastOpen(boolean tcpFastOpen)
Enable the
TCP_FASTOPEN option - only with linux native transport. |
TCPSSLOptions |
setTcpKeepAlive(boolean tcpKeepAlive)
Set whether TCP keep alive is enabled
|
TCPSSLOptions |
setTcpNoDelay(boolean tcpNoDelay)
Set whether TCP no delay is enabled
|
TCPSSLOptions |
setTcpQuickAck(boolean tcpQuickAck)
Enable the
TCP_QUICKACK option - only with linux native transport. |
TCPSSLOptions |
setTcpUserTimeout(int tcpUserTimeout)
Sets the
TCP_USER_TIMEOUT option - only with linux native transport. |
TCPSSLOptions |
setTrafficClass(int trafficClass)
Set the value of traffic class
|
TCPSSLOptions |
setTrustOptions(TrustOptions options)
Set the trust options.
|
TCPSSLOptions |
setTrustStoreOptions(JksOptions options)
Set the trust options in jks format, aka Java truststore
|
TCPSSLOptions |
setUseAlpn(boolean useAlpn)
Set the ALPN usage.
|
TCPSSLOptions |
setWriteIdleTimeout(int idleTimeout)
Set the write idle timeout, default time unit is seconds.
|
JsonObject |
toJson()
Convert to JSON
|
getActivityLogDataFormat, getLogActivity, getReceiveBufferSize, getSendBufferSize, getTrafficClass, isReuseAddress, isReusePort
public static final boolean DEFAULT_TCP_NO_DELAY
public static final boolean DEFAULT_TCP_KEEP_ALIVE
public static final int DEFAULT_SO_LINGER
public static final boolean DEFAULT_SSL
public static final int DEFAULT_IDLE_TIMEOUT
public static final TimeUnit DEFAULT_IDLE_TIMEOUT_TIME_UNIT
public static final int DEFAULT_READ_IDLE_TIMEOUT
public static final int DEFAULT_WRITE_IDLE_TIMEOUT
public static final boolean DEFAULT_USE_ALPN
public static final SSLEngineOptions DEFAULT_SSL_ENGINE
public static final List<String> DEFAULT_ENABLED_SECURE_TRANSPORT_PROTOCOLS
public static final boolean DEFAULT_TCP_FAST_OPEN
public static final boolean DEFAULT_TCP_CORK
public static final boolean DEFAULT_TCP_QUICKACK
public static final int DEFAULT_TCP_USER_TIMEOUT
public static final long DEFAULT_SSL_HANDSHAKE_TIMEOUT
public static final TimeUnit DEFAULT_SSL_HANDSHAKE_TIMEOUT_TIME_UNIT
public TCPSSLOptions()
public TCPSSLOptions(TCPSSLOptions other)
other
- the options to copypublic TCPSSLOptions(JsonObject json)
json
- the JSONpublic JsonObject toJson()
toJson
in class NetworkOptions
public boolean isTcpNoDelay()
public TCPSSLOptions setTcpNoDelay(boolean tcpNoDelay)
tcpNoDelay
- true if TCP no delay is enabled (Nagle disabled)public boolean isTcpKeepAlive()
public TCPSSLOptions setTcpKeepAlive(boolean tcpKeepAlive)
tcpKeepAlive
- true if TCP keep alive is enabledpublic int getSoLinger()
public TCPSSLOptions setSoLinger(int soLinger)
soLinger
- true if SO_linger is enabledpublic TCPSSLOptions setIdleTimeout(int idleTimeout)
setIdleTimeoutUnit(TimeUnit)
idleTimeout
- the timeoutpublic int getIdleTimeout()
getIdleTimeoutUnit()
.public TCPSSLOptions setReadIdleTimeout(int idleTimeout)
setIdleTimeoutUnit(TimeUnit)
idleTimeout
- the read timeoutpublic int getReadIdleTimeout()
getIdleTimeoutUnit()
.public TCPSSLOptions setWriteIdleTimeout(int idleTimeout)
setIdleTimeoutUnit(TimeUnit)
idleTimeout
- the write timeoutpublic int getWriteIdleTimeout()
getIdleTimeoutUnit()
.public TCPSSLOptions setIdleTimeoutUnit(TimeUnit idleTimeoutUnit)
idleTimeoutUnit
- specify time unit.public TimeUnit getIdleTimeoutUnit()
public boolean isSsl()
public TCPSSLOptions setSsl(boolean ssl)
ssl
- true if enabledpublic KeyCertOptions getKeyCertOptions()
public TCPSSLOptions setKeyCertOptions(KeyCertOptions options)
options
- the key store optionspublic JksOptions getKeyStoreOptions()
public TCPSSLOptions setKeyStoreOptions(JksOptions options)
options
- the key store in jks formatpublic PfxOptions getPfxKeyCertOptions()
public TCPSSLOptions setPfxKeyCertOptions(PfxOptions options)
options
- the key cert options in pfx formatpublic PemKeyCertOptions getPemKeyCertOptions()
public TCPSSLOptions setPemKeyCertOptions(PemKeyCertOptions options)
options
- the options in pem formatpublic TrustOptions getTrustOptions()
public TCPSSLOptions setTrustOptions(TrustOptions options)
options
- the trust optionspublic JksOptions getTrustStoreOptions()
public TCPSSLOptions setTrustStoreOptions(JksOptions options)
options
- the trust options in jks formatpublic PfxOptions getPfxTrustOptions()
public TCPSSLOptions setPfxTrustOptions(PfxOptions options)
options
- the trust options in pfx formatpublic PemTrustOptions getPemTrustOptions()
public TCPSSLOptions setPemTrustOptions(PemTrustOptions options)
options
- the trust options in pem formatpublic TCPSSLOptions addEnabledCipherSuite(String suite)
suite
- the suitegetEnabledCipherSuites()
public TCPSSLOptions removeEnabledCipherSuite(String suite)
suite
- the suitepublic Set<String> getEnabledCipherSuites()
The set is initially empty and suite should be added to this set in the desired order.
When suites are added and therefore the list is not empty, it takes precedence over the
default suite defined by the SSLEngineOptions
in use.
public TCPSSLOptions addCrlPath(String crlPath) throws NullPointerException
crlPath
- the pathNullPointerException
public TCPSSLOptions addCrlValue(Buffer crlValue) throws NullPointerException
crlValue
- the valueNullPointerException
public boolean isUseAlpn()
public TCPSSLOptions setUseAlpn(boolean useAlpn)
useAlpn
- true when Application-Layer Protocol Negotiation should be usedpublic SSLEngineOptions getSslEngineOptions()
public TCPSSLOptions setSslEngineOptions(SSLEngineOptions sslEngineOptions)
sslEngineOptions
- the ssl engine to usepublic JdkSSLEngineOptions getJdkSslEngineOptions()
public TCPSSLOptions setJdkSslEngineOptions(JdkSSLEngineOptions sslEngineOptions)
public OpenSSLEngineOptions getOpenSslEngineOptions()
public TCPSSLOptions setOpenSslEngineOptions(OpenSSLEngineOptions sslEngineOptions)
public TCPSSLOptions setEnabledSecureTransportProtocols(Set<String> enabledSecureTransportProtocols)
enabledSecureTransportProtocols
- the SSL/TLS protocols to enablepublic TCPSSLOptions addEnabledSecureTransportProtocol(String protocol)
protocol
- the SSL/TLS protocol to enablepublic TCPSSLOptions removeEnabledSecureTransportProtocol(String protocol)
protocol
- the SSL/TLS protocol to disablepublic boolean isTcpFastOpen()
TCP_FASTOPEN
option is enabledpublic TCPSSLOptions setTcpFastOpen(boolean tcpFastOpen)
TCP_FASTOPEN
option - only with linux native transport.tcpFastOpen
- the fast open valuepublic boolean isTcpCork()
TCP_CORK
option is enabledpublic TCPSSLOptions setTcpCork(boolean tcpCork)
TCP_CORK
option - only with linux native transport.tcpCork
- the cork valuepublic boolean isTcpQuickAck()
TCP_QUICKACK
option is enabledpublic TCPSSLOptions setTcpQuickAck(boolean tcpQuickAck)
TCP_QUICKACK
option - only with linux native transport.tcpQuickAck
- the quick ack valuepublic int getTcpUserTimeout()
TCP_USER_TIMEOUT
valuepublic TCPSSLOptions setTcpUserTimeout(int tcpUserTimeout)
TCP_USER_TIMEOUT
option - only with linux native transport.tcpUserTimeout
- the tcp user timeout valuepublic Set<String> getEnabledSecureTransportProtocols()
public long getSslHandshakeTimeout()
getSslHandshakeTimeoutUnit()
.public TCPSSLOptions setSslHandshakeTimeout(long sslHandshakeTimeout)
sslHandshakeTimeout
- the SSL handshake timeout to set, in millisecondspublic TCPSSLOptions setSslHandshakeTimeoutUnit(TimeUnit sslHandshakeTimeoutUnit)
sslHandshakeTimeoutUnit
- specify time unit.public TimeUnit getSslHandshakeTimeoutUnit()
public TCPSSLOptions setLogActivity(boolean logEnabled)
NetworkOptions
setLogActivity
in class NetworkOptions
logEnabled
- true for logging the network activitypublic TCPSSLOptions setActivityLogDataFormat(io.netty.handler.logging.ByteBufFormat activityLogDataFormat)
NetworkOptions
setActivityLogDataFormat
in class NetworkOptions
activityLogDataFormat
- the format to usepublic TCPSSLOptions setSendBufferSize(int sendBufferSize)
NetworkOptions
setSendBufferSize
in class NetworkOptions
sendBufferSize
- the buffers size, in bytespublic TCPSSLOptions setReceiveBufferSize(int receiveBufferSize)
NetworkOptions
setReceiveBufferSize
in class NetworkOptions
receiveBufferSize
- the buffers size, in bytespublic TCPSSLOptions setReuseAddress(boolean reuseAddress)
NetworkOptions
setReuseAddress
in class NetworkOptions
reuseAddress
- the value of reuse addresspublic TCPSSLOptions setTrafficClass(int trafficClass)
NetworkOptions
setTrafficClass
in class NetworkOptions
trafficClass
- the value of traffic classpublic TCPSSLOptions setReusePort(boolean reusePort)
NetworkOptions
setReusePort
in class NetworkOptions
reusePort
- the value of reuse portCopyright © 2023 Eclipse. All rights reserved.