SourcePro C++ 12.0 |
SourcePro® C++ API Reference Guide |
SourcePro C++ Documentation Home |
Represents a TCP socket using the SSL/TLS protocols for secure communication. More...
#include <rw/secsock/RWSecureSocket.h>
Inherited by RWSecureSocketPortalImp.
Public Member Functions | |
RWSecureSocket (void) | |
RWSecureSocket (const RWSecureSocketContext &context) | |
RWSecureSocket (const RWSecureSocketContext &context, const RWSecureSocketSession &session) | |
RWSecureSocket (const RWSecureSocket &second) | |
~RWSecureSocket (void) | |
RWSecureSocket & | operator= (const RWSecureSocket &second) |
bool | operator== (const RWSecureSocket &s) const |
bool | operator< (const RWSecureSocket &s) const |
RWSecureSocket | accept (RWSockAddr *addr=0) const |
void | bind (const RWSockAddrBase &address) |
void | bind (const RWSockAddrBase &address, const RWSecureSocketContext &context) |
bool | checkPrivateKey (void) const |
void | close (void) |
void | closesocket (void) |
void | connect (const RWSockAddrBase &addr) |
void | connect (const RWSockAddrBase &addr, const RWSecureSocketSession &session) |
void | connect (const RWSockAddrBase &addr, const RWSecureSocketContext &context) |
void | connect (const RWSockAddrBase &addr, const RWSecureSocketSession &session, const RWSecureSocketContext &context) |
RWSecureSocketConnectionRep | getConnection (void) const |
const RWSecureSocketContext & | getContext (void) const |
RWInfoCallback | getInfoCallback (void) const |
void | setInfoCallback (RWInfoCallback fun) |
RWX509Certificate | getCertificate (void) const |
RWX509Certificate | getPeerCertificate (void) const |
RWSockAddr | getpeername (void) const |
RWSecureSocketSession | getSession (void) const |
RWSockAddr | getsockname (void) const |
void | getsockopt (int level, int option, void *optval, RWSockLenType *optlen) const |
int | getsockopt (int option) const |
RWCString | id (unsigned level=0) const |
void | listen (const RWSockAddrBase &addr, int backlog=5) |
void | listen (const RWSockAddrBase &addr, const RWSecureSocketContext &context, int backlog=5) |
void | listen (int backlog=5) const |
RWNetBuf | recv (int flags=0) const |
int | recv (char *buf, int len, int flags=0, RWNetBuf::State *state=0) const |
RWNetBuf | recvAtLeast (int n) const |
int | recvAtLeast (char *buf, int len, int n, RWNetBuf::State *s=0) const |
int | send (const RWCString &buf) const |
int | send (const char *buf, int len) const |
void | sendAtLeast (const RWCString &buf) const |
int | sendAtLeast (const RWCString &buf, int n) const |
void | sendAtLeast (const char *buf, int n) const |
int | sendAtLeast (const char *buf, int bufLen, int n) const |
void | setShutdownMode (RWSSLShutdownMode mode) |
RWSSLShutdownMode | getShutdownMode (void) const |
void | setContext (const RWSecureSocketContext &context) |
void | setSession (const RWSecureSocketSession &session) |
void | setsockopt (int level, int option, void *optval, int optlen) const |
void | setsockopt (int option, int optval) const |
void | shutdown (void) const |
SOCKET | getSocket (void) const |
bool | isValid (void) const |
void | ioctl (long cmd, void *arg) const |
void | ioctl (long cmd, int arg) const |
int | ioctl (long cmd) const |
void | ioctlsocket (long cmd, void *arg) const |
void | ioctlsocket (long cmd, int arg) const |
int | ioctlsocket (long cmd) const |
void | setCertificateVerifyMode (int mode) |
void | setCertificate (const RWX509Certificate &cert) |
void | setPrivateKey (const RWPrivateKey &pkey) |
void | setIdentity (const RWX509Certificate &cert, const RWPrivateKey &key) |
Related Functions | |
(Note that these are not member functions.) | |
typedef SSL * | RWSecureSocketConnectionRep |
typedef void(* | RWInfoCallback )(const SSL *conn, int what, int good) |
RWSecureSocket is an abstraction of a TCP socket using the SSL/TLS protocols for secure communication. It was designed to operate similarly to the non-secure RWSocket class.
RWSecureSocket::RWSecureSocket | ( | void | ) | [inline] |
RWSecureSocket::RWSecureSocket | ( | const RWSecureSocketContext & | context | ) |
Creates an RWSecureSocket from an existing secure socket context.
RWSecureSocketUnderlyingAllocationError | Thrown if the cryptographic library cannot allocate memory. |
RWSecureSocket::RWSecureSocket | ( | const RWSecureSocketContext & | context, | |
const RWSecureSocketSession & | session | |||
) |
Creates an RWSecureSocket from an existing session and secure socket context.
RWSecureSocketUnderlyingAllocationError | Thrown if the cryptographic library cannot allocate memory. |
RWSecureSocket::RWSecureSocket | ( | const RWSecureSocket & | second | ) |
Performs a shallow copy -- new memory is not allocated, only the pointer addresses are copied.
RWSecureSocket::~RWSecureSocket | ( | void | ) |
Destructor.
RWSecureSocket RWSecureSocket::accept | ( | RWSockAddr * | addr = 0 |
) | const |
Accepts a connection that is waiting at this socket. A queue for incoming connections must first be created using listen(). If addr is non-null, returns the peer's address in addr. You can also get the peer's address by calling getpeername() on the returned RWSecureSocket.
If the socket is set to block (the default), accept() blocks until a connection request arrives. If the socket is set to be non-blocking, accept() returns directly. If no connections were available, the returned socket is invalid and *addr is unchanged. Use isValid() to check the returned socket.
RWSecureSocketUnderlyingAllocationError | Thrown if the cryptographic library cannot allocate memory. |
void RWSecureSocket::bind | ( | const RWSockAddrBase & | address, | |
const RWSecureSocketContext & | context | |||
) |
Assigns an address to an as-yet unnamed socket. Used primarily by servers, which need to specify the port on which they wait for connections.
void RWSecureSocket::bind | ( | const RWSockAddrBase & | address | ) |
Assigns an address to an as-yet unnamed socket. Used primarily by servers, which need to specify the port on which they wait for connections.
bool RWSecureSocket::checkPrivateKey | ( | void | ) | const [inline] |
Checks that the certificate and the private key set against the SSL connection match. Returns true
if the keys match, false
otherwise.
void RWSecureSocket::close | ( | void | ) |
Terminates this connection and removes the socket. If an SSL connection was ever established, close() blocks until the SSL connection is shut down. The underlying socket is then set to an invalid state. If this is the only file descriptor on the machine using this socket, the resources used to maintain the socket are deallocated and any unread data is discarded.
close() and closesocket() are synonyms.
RWSocketError | Thrown if the underlying socket is not connected or does not refer to a valid socket. | |
RWSecureSocketShutdownError | Thrown if an error has occurred at the protocol level or a connection failure occurred. | |
RWSecureSocketError | Thrown if the underlying secure socket is not connected or does not refer to a valid secure socket. |
void RWSecureSocket::closesocket | ( | void | ) |
Terminates this connection and removes the socket. If an SSL connection was ever established, close() blocks until the SSL connection is shut down. The underlying socket is then set to an invalid state. If this is the only file descriptor on the machine using this socket, the resources used to maintain the socket are deallocated and any unread data is discarded.
close() and closesocket() are synonyms.
RWSocketError | Thrown if the underlying socket is not connected or does not refer to a valid socket. | |
RWSecureSocketShutdownError | Thrown if an error has occurred at the protocol level or a connection failure occurred. | |
RWSecureSocketError | Thrown if the underlying secure socket is not connected or does not refer to a valid secure socket. |
void RWSecureSocket::connect | ( | const RWSockAddrBase & | addr, | |
const RWSecureSocketSession & | session, | |||
const RWSecureSocketContext & | context | |||
) |
Connects this socket to the remote address addr, using context if specified, and attempting to reuse session if specified. If the socket has not been initialized, connect() initializes it.
RWSecureSocketUnderlyingAllocationError | Thrown if the cryptographic library cannot allocate memory. |
void RWSecureSocket::connect | ( | const RWSockAddrBase & | addr, | |
const RWSecureSocketContext & | context | |||
) |
Connects this socket to the remote address addr, using context if specified, and attempting to reuse session if specified. If the socket has not been initialized, connect() initializes it.
RWSecureSocketUnderlyingAllocationError | Thrown if the cryptographic library cannot allocate memory. |
void RWSecureSocket::connect | ( | const RWSockAddrBase & | addr, | |
const RWSecureSocketSession & | session | |||
) |
Connects this socket to the remote address addr, using context if specified, and attempting to reuse session if specified. If the socket has not been initialized, connect() initializes it.
RWSecureSocketUnderlyingAllocationError | Thrown if the cryptographic library cannot allocate memory. |
void RWSecureSocket::connect | ( | const RWSockAddrBase & | addr | ) |
Connects this socket to the remote address addr, using context if specified, and attempting to reuse session if specified. If the socket has not been initialized, connect() initializes it.
RWSecureSocketUnderlyingAllocationError | Thrown if the cryptographic library cannot allocate memory. |
RWX509Certificate RWSecureSocket::getCertificate | ( | void | ) | const |
After establishing a connection, returns the certificate presented by the application at the other end of the SSL connection.
RWSecureSocketNullCertificateError | Thrown when the underlying function fails. |
RWSecureSocketConnectionRep RWSecureSocket::getConnection | ( | void | ) | const [inline] |
Returns the connection pointer.
const RWSecureSocketContext& RWSecureSocket::getContext | ( | void | ) | const |
Returns a reference to the context used to create the secure socket connection.
RWSecureSocketInvalidSocketError | Thrown when the socket is invalid. |
RWInfoCallback RWSecureSocket::getInfoCallback | ( | void | ) | const |
Returns the current information callback for the current connection.
RWX509Certificate RWSecureSocket::getPeerCertificate | ( | void | ) | const |
If a connection is established, returns the certificate the peer is using. A peer certificate does not exist if the process is a server and is not performing client authentication.
RWSecureSocketNullCertificateError | Thrown when the underlying function fails. |
RWSockAddr RWSecureSocket::getpeername | ( | void | ) | const |
Returns the address of the peer connected to this socket.
RWSecureSocketSession RWSecureSocket::getSession | ( | void | ) | const |
Returns one of the following:
Applications should check the returned RWSecureSocketSession for validity using RWSecureSocketSession::isValid().
RWSSLShutdownMode RWSecureSocket::getShutdownMode | ( | void | ) | const |
Gets the current shutdown mode for this RWSecureSocket.
SOCKET RWSecureSocket::getSocket | ( | void | ) | const [inline] |
Returns the C API socket descriptor encapsulated by this RWSecureSocket.
RWSockAddr RWSecureSocket::getsockname | ( | void | ) | const |
Returns the address that the socket is bound to.
int RWSecureSocket::getsockopt | ( | int | option | ) | const |
Returns the socket option setting. The single-argument version is intended for the usual case, which is the SOL_SOCKET
level and an integer option.
void RWSecureSocket::getsockopt | ( | int | level, | |
int | option, | |||
void * | optval, | |||
RWSockLenType * | optlen | |||
) | const |
Returns the socket option setting. The single-argument version is intended for the usual case, which is the SOL_SOCKET
level and an integer option.
RWCString RWSecureSocket::id | ( | unsigned | level = 0 |
) | const |
Returns a string identifying the local and (if applicable) foreign addresses of this socket. Increasing level increases the amount of detail in the output. The returned string format depends on the underlying address types.
int RWSecureSocket::ioctl | ( | long | cmd | ) | const |
Gets or retrieves socket operating parameters:
int
(such as FIONREAD
or SIOCATMARK
).FIONBIO
).void RWSecureSocket::ioctl | ( | long | cmd, | |
int | arg | |||
) | const |
Gets or retrieves socket operating parameters:
int
(such as FIONREAD
or SIOCATMARK
).FIONBIO
).void RWSecureSocket::ioctl | ( | long | cmd, | |
void * | arg | |||
) | const |
Gets or retrieves socket operating parameters:
int
(such as FIONREAD
or SIOCATMARK
).FIONBIO
).int RWSecureSocket::ioctlsocket | ( | long | cmd | ) | const |
Gets or retrieves socket operating parameters:
int
(such as FIONREAD
or SIOCATMARK
).FIONBIO
).void RWSecureSocket::ioctlsocket | ( | long | cmd, | |
int | arg | |||
) | const |
Gets or retrieves socket operating parameters:
int
(such as FIONREAD
or SIOCATMARK
).FIONBIO
).void RWSecureSocket::ioctlsocket | ( | long | cmd, | |
void * | arg | |||
) | const |
Gets or retrieves socket operating parameters:
int
(such as FIONREAD
or SIOCATMARK
).FIONBIO
).bool RWSecureSocket::isValid | ( | void | ) | const |
Checks if the socket is ready for use. Returns true if ready, false if otherwise void.
void RWSecureSocket::listen | ( | int | backlog = 5 |
) | const |
Prepares a socket to accept incoming connections. The backlog parameter sets the number of incoming connection requests that the protocol software will enqueue while a connection is being processed.
The version that does not take an addr argument expects the application to use bind() to set the address on which to wait.
void RWSecureSocket::listen | ( | const RWSockAddrBase & | addr, | |
const RWSecureSocketContext & | context, | |||
int | backlog = 5 | |||
) |
Prepares a socket to accept incoming connections. The backlog parameter sets the number of incoming connection requests that the protocol software will enqueue while a connection is being processed.
The version that does not take an addr argument expects the application to use bind() to set the address on which to wait.
void RWSecureSocket::listen | ( | const RWSockAddrBase & | addr, | |
int | backlog = 5 | |||
) |
Prepares a socket to accept incoming connections. The backlog parameter sets the number of incoming connection requests that the protocol software will enqueue while a connection is being processed.
The version that does not take an addr argument expects the application to use bind() to set the address on which to wait.
bool RWSecureSocket::operator< | ( | const RWSecureSocket & | s | ) | const |
Does nothing; declared but not defined. Causes a linker error if the call is attempted. Included to accommodate compilers that resolve all template instantiation at compile time.
RWSecureSocket& RWSecureSocket::operator= | ( | const RWSecureSocket & | second | ) |
Assignment operator.
bool RWSecureSocket::operator== | ( | const RWSecureSocket & | s | ) | const |
Returns true
if the two sockets refer to the same underlying communications channel.
int RWSecureSocket::recv | ( | char * | buf, | |
int | len, | |||
int | flags = 0 , |
|||
RWNetBuf::State * | state = 0 | |||
) | const |
Reads data from a connected socket. The flags parameter must be either 0
or MSG_PEEK
; other flags do not apply to secure sockets.
The variant using an explicit buffer, or buf, returns the number of bytes actually received, which may be 0 for a non-blocking socket with no data waiting or for an end of file. The optional state parameter is set to RWNetBuf::eof when end of file is detected, RWNetBuf::normal otherwise. You must use this parameter to detect end of file when using an explicit buffer. You can only "return" in a return value, not a parameter.
RWSecureSocketError | Thrown if the flags parameter is set to something other than 0 or MSG_PEEK . |
RWNetBuf RWSecureSocket::recv | ( | int | flags = 0 |
) | const |
Reads data from a connected socket. The flags parameter must be either 0
or MSG_PEEK
; other flags do not apply to secure sockets.
The variant using an explicit buffer, or buf, returns the number of bytes actually received, which may be 0 for a non-blocking socket with no data waiting or for an end of file. The optional state parameter is set to RWNetBuf::eof when end of file is detected, RWNetBuf::normal otherwise. You must use this parameter to detect end of file when using an explicit buffer. You can only "return" in a return value, not a parameter.
RWSecureSocketError | Thrown if the flags parameter is set to something other than 0 or MSG_PEEK . |
int RWSecureSocket::recvAtLeast | ( | char * | buf, | |
int | len, | |||
int | n, | |||
RWNetBuf::State * | s = 0 | |||
) | const |
Guaranteed either to receive n characters or throw an exception. This call is only valid for stream sockets. Implemented as a loop calling recv() until all of the data has been received. If an error is returned from the underlying recv() call, a RWSecureSocketError is thrown. If no data is read, a RWNetCantRecvError is thrown.
RWNetBuf RWSecureSocket::recvAtLeast | ( | int | n | ) | const |
Guaranteed either to receive n characters or throw an exception. This call is only valid for stream sockets. Implemented as a loop calling recv() until all of the data has been received. If an error is returned from the underlying recv() call, a RWSecureSocketError is thrown. If no data is read, a RWNetCantRecvError is thrown.
int RWSecureSocket::send | ( | const char * | buf, | |
int | len | |||
) | const |
Sends data from a connected socket, and returns the number of bytes sent. The number of bytes is 0 if the socket is non-blocking and the internal buffer for the socket is full.
int RWSecureSocket::send | ( | const RWCString & | buf | ) | const |
Sends data from a connected socket, and returns the number of bytes sent. The number of bytes is 0 if the socket is non-blocking and the internal buffer for the socket is full.
int RWSecureSocket::sendAtLeast | ( | const char * | buf, | |
int | bufLen, | |||
int | n | |||
) | const |
Guaranteed to send at least n characters or the entire buffer, if your application does not specify n. This call is only valid for stream sockets. Implemented as a loop calling send() to send the data.
void RWSecureSocket::sendAtLeast | ( | const char * | buf, | |
int | n | |||
) | const |
Guaranteed to send at least n characters or the entire buffer, if your application does not specify n. This call is only valid for stream sockets. Implemented as a loop calling send() to send the data.
int RWSecureSocket::sendAtLeast | ( | const RWCString & | buf, | |
int | n | |||
) | const |
Guaranteed to send at least n characters or the entire buffer, if your application does not specify n. This call is only valid for stream sockets. Implemented as a loop calling send() to send the data.
void RWSecureSocket::sendAtLeast | ( | const RWCString & | buf | ) | const |
Guaranteed to send at least n characters or the entire buffer, if your application does not specify n. This call is only valid for stream sockets. Implemented as a loop calling send() to send the data.
void RWSecureSocket::setCertificate | ( | const RWX509Certificate & | cert | ) |
Binds a certificate to the secure socket connection. A certificate loaded via this function is used to identify the owner of the secure socket connection. The certificate must be loaded before the SSL connection can successfully respond to a certificate request.
RWSecureSocketUseCertificateError | Thrown when the underlying call fails. |
false
. void RWSecureSocket::setCertificateVerifyMode | ( | int | mode | ) |
Sets the certificate verify mode. Options may be combined with the bitwise-or operator. Allowable values for the mode parameter are shown in the table below.
Value | Description |
SSL_VERIFY_NONE | Ignores results of certificate verification (Not Recommended) |
SSL_VERIFY_PEER | Verify the other end of the connection |
SSL_VERIFY_CLIENT_ONCE | Ensures that when attempting to reuse a session, a client certificate will not be re-requested if one has previously been sent to the server. |
SSL_VERIFY_FAIL_IF_NO_PEER_CERT | Ensures that the verification fails if the peer does not provide a certificate. (This option is most often used by servers requesting client verification) |
void RWSecureSocket::setContext | ( | const RWSecureSocketContext & | context | ) |
Sets the secure socket context for the socket. A socket must be associated with a context before it can be used.
RWSecureSocketUnderlyingAllocationError | Thrown if the cryptographic library is unsuccessful in allocating memory. |
void RWSecureSocket::setIdentity | ( | const RWX509Certificate & | cert, | |
const RWPrivateKey & | key | |||
) |
A convenience function that should be used by the side of the SSL/TLS protocol that is being authenticated. Normally this function is called by the server. If client authentication is used, this function is also called by the client to establish its own identity. Calling setIdentity() is equivalent to calling setPrivateKey(pkey) , setCertificate(cert) , and checkPrivateKey().
RWCertificateKeyMismatchError | Thrown if checkPrivateKey() returns false . |
void RWSecureSocket::setInfoCallback | ( | RWInfoCallback | fun | ) |
Sets the current information callback for the current connection. For more information, see the Secure Communication Module User's Guide.
void RWSecureSocket::setPrivateKey | ( | const RWPrivateKey & | pkey | ) |
Sets the private key to use for a given secure socket connection.
void RWSecureSocket::setSession | ( | const RWSecureSocketSession & | session | ) |
Sets the current session.
void RWSecureSocket::setShutdownMode | ( | RWSSLShutdownMode | mode | ) |
Sets the shutdown mode. When an SSL/TLS connection is about to be shut down and the shutdown mode is RWSSLShutdownMode::RW_SSL_SHUTDOWN_NORMAL (the default), the side of the protocol initiating the shutdown sends a CloseVerify
message to its peer and waits for the peer to respond with a CloseVerify
message.
Some SSL/TLS libraries incorrectly implement the shutdown protocol. To enable interoperability with these libraries, set the shutdown mode to RWSSLShutdownMode::RW_SSL_SHUTDOWN_QUIET. This mode instructs the libraries to ignore the CloseVerify
portion of the protocol.
The shutdown mode set with this function applies to all sockets and portals created with this RWSecureSocket.
void RWSecureSocket::setsockopt | ( | int | option, | |
int | optval | |||
) | const |
Sets a socket option setting. The two-argument function is intended for the usual case, which is the SOL_SOCKET
level and an integer option.
void RWSecureSocket::setsockopt | ( | int | level, | |
int | option, | |||
void * | optval, | |||
int | optlen | |||
) | const |
Sets a socket option setting. The two-argument function is intended for the usual case, which is the SOL_SOCKET
level and an integer option.
void RWSecureSocket::shutdown | ( | void | ) | const |
Shuts down the SSL connection. The socket is not shut down or closed and resources are not deallocated. Use close() or closesocket() to deallocate these resources.
RWSocketError | Thrown if the underlying socket is not connected or does not refer to a valid socket. | |
RWSecureSocketShutdownError | Thrown if an error has occurred at the protocol level or a connection failure occurred. | |
RWSecureSocketError | Thrown if the underlying secure socket is not connected or does not refer to a valid secure socket. |
typedef void(* RWInfoCallback)(const SSL *conn, int what, int good) [related] |
A typedef for a callback function that is invoked during various stages of an SSL/TLS handshake.
conn | The secure socket connection. | |
what | The current SSL protocol state. | |
good | The condition of the connection within the given protocol state. |
typedef SSL* RWSecureSocketConnectionRep [related] |
This is the internal secure socket connection representation.
© Copyright Rogue Wave Software, Inc. All Rights Reserved.
Rogue Wave and SourcePro are registered trademarks of Rogue Wave Software, Inc. in the United States and other countries. All other trademarks are the property of their respective owners.
Contact Rogue Wave about documentation or support issues.