View Javadoc
1   /*
2    * Copyright 2021 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty5.handler.ssl;
17  
18  /**
19   * {@link SslContextOption}s that are specific to the {@link SslProvider#OPENSSL} / {@link SslProvider#OPENSSL_REFCNT}.
20   *
21   * @param <T>   the type of the value.
22   */
23  public final class OpenSslContextOption<T> extends SslContextOption<T> {
24  
25      private OpenSslContextOption(String name) {
26          super(name);
27      }
28  
29      /**
30       * If enabled heavy-operations may be offloaded from the {@link io.netty5.channel.EventLoop} if possible.
31       */
32      public static final OpenSslContextOption<Boolean> USE_TASKS = new OpenSslContextOption<>("USE_TASKS");
33      /**
34       * If enabled <a href="https://tools.ietf.org/html/rfc7918">TLS false start</a> will be enabled if supported.
35       * When TLS false start is enabled the flow of {@link SslHandshakeCompletionEvent}s may be different compared when,
36       * not enabled.
37       *
38       * This is currently only supported when {@code BoringSSL} and ALPN is used.
39       */
40      public static final OpenSslContextOption<Boolean> TLS_FALSE_START = new OpenSslContextOption<>("TLS_FALSE_START");
41  
42      /**
43       * Set the {@link OpenSslPrivateKeyMethod} to use. This allows to offload private-key operations
44       * if needed.
45       *
46       * This is currently only supported when {@code BoringSSL} is used.
47       */
48      public static final OpenSslContextOption<OpenSslPrivateKeyMethod> PRIVATE_KEY_METHOD =
49              new OpenSslContextOption<>("PRIVATE_KEY_METHOD");
50  
51      /**
52       * Set the {@link OpenSslAsyncPrivateKeyMethod} to use. This allows to offload private-key operations
53       * if needed.
54       *
55       * This is currently only supported when {@code BoringSSL} is used.
56       */
57      public static final OpenSslContextOption<OpenSslAsyncPrivateKeyMethod> ASYNC_PRIVATE_KEY_METHOD =
58              new OpenSslContextOption<>("ASYNC_PRIVATE_KEY_METHOD");
59  
60      /**
61       * Set the {@link OpenSslCertificateCompressionConfig} to use. This allows for the configuration of certificate
62       * compression algorithms which should be used, the priority of those algorithms and the directions in which
63       * they should be used.
64       *
65       * This is currently only supported when {@code BoringSSL} is used.
66       */
67      public static final OpenSslContextOption<OpenSslCertificateCompressionConfig> CERTIFICATE_COMPRESSION_ALGORITHMS =
68              new OpenSslContextOption<>("CERTIFICATE_COMPRESSION_ALGORITHMS");
69  }