ts::TLSConnection Class Reference

Base class for a TLS session. More...

#include <tsTLSConnection.h>

Inheritance diagram for ts::TLSConnection:

Collaboration diagram for ts::TLSConnection:

Public Types
using	SuperClass = TCPConnection
	Reference to the superclass.

Public Member Functions
	TLSConnection ()
	Constructor.
	TLSConnection (const TLSArgs &args)
	Constructor with initial client arguments.
void	addVerifyServer (const UString &name)
	For a client connection, add another accepted host name for the server's certificate verification during connect().
bool	bind (const IPSocketAddress &addr, Report &report=(ts::CerrReport::Instance()))
	Bind to a local address and port.
virtual bool	close (Report &report=(ts::CerrReport::Instance())) override
	Close the socket.
virtual bool	closeWriter (Report &=(ts::CerrReport::Instance())) override
	Close the write direction of the connection.
virtual bool	connect (const IPSocketAddress &, Report &=(ts::CerrReport::Instance())) override
	Connect to a remote address and port.
virtual bool	disconnect (Report &=(ts::CerrReport::Instance())) override
	Disconnect from remote partner.
IP	generation () const
	Get the IP generation with which the socket was open.
bool	getLocalAddress (IPSocketAddress &addr, Report &report=(ts::CerrReport::Instance()))
	Get local socket address.
bool	getPeer (IPSocketAddress &addr, Report &report=(ts::CerrReport::Instance())) const
	Get the connected remote peer.
SysSocketType	getSocket () const
	Get the underlying socket device handle (use with care).
bool	isConnected () const
	Check if the socket is connected.
bool	isOpen () const
	Check if socket is open.
virtual bool	open (IP gen, Report &report=(ts::CerrReport::Instance())) override
	Open the socket.
UString	peerName () const
	Get the connected remote peer as a string.
virtual bool	receive (void *, size_t, const AbortInterface *=nullptr, Report &=(ts::CerrReport::Instance())) override
	Receive data until buffer is full.
virtual bool	receive (void *, size_t, size_t &, const AbortInterface *=nullptr, Report &=(ts::CerrReport::Instance())) override
	Receive data.
bool	reusePort (bool reuse_port, Report &report=(ts::CerrReport::Instance()))
	Set the "reuse port" option.
virtual bool	send (const void *, size_t, Report &=(ts::CerrReport::Instance())) override
	Send data.
void	setArgs (const TLSArgs &args)
	Set command line arguments for the client.
bool	setKeepAlive (bool active, Report &report=(ts::CerrReport::Instance()))
	Set the "keep alive" option.
bool	setLingerTime (int seconds, Report &report=(ts::CerrReport::Instance()))
	Set the linger time option.
bool	setNoDelay (bool active, Report &report=(ts::CerrReport::Instance()))
	Set the "no delay" option.
bool	setNoLinger (Report &report=(ts::CerrReport::Instance()))
	Remove the linger time option.
bool	setReceiveBufferSize (size_t size, Report &report=(ts::CerrReport::Instance()))
	Set the receive buffer size.
bool	setReceiveTimeout (cn::milliseconds timeout, Report &report=(ts::CerrReport::Instance()))
	Set the receive timeout.
bool	setSendBufferSize (size_t size, Report &report=(ts::CerrReport::Instance()))
	Set the send buffer size.
void	setServerName (const UString &server_name)
	For a client connection, specify the server name to be used in SNI (Server Name Indication).
bool	setTTL (int ttl, Report &report=(ts::CerrReport::Instance()))
	Set the Time To Live (TTL) option.
void	setVerifyPeer (bool on)
	Check if the peer's certificate shall be verified.

Static Public Member Functions
static UString	GetLibraryVersion ()
	Get the version of the underlying SSL/TLS library.

Protected Member Functions
bool	convert (IPAddress &addr, Report &report) const
	Convert an IP address to make it compatible with the socket IP generation.
bool	createSocket (IP gen, int type, int protocol, Report &report)
	Create the socket.
virtual void	declareOpened (SysSocketType sock, Report &report) override
	Set an open socket descriptor from a subclass.
virtual void	handleClosed (Report &report=(ts::CerrReport::Instance())) override
	This virtual method can be overriden by subclasses to be notified of close.
virtual void	handleConnected (Report &report=(ts::CerrReport::Instance()))
	This virtual method can be overriden by subclasses to be notified of connection.
virtual void	handleDisconnected (Report &report=(ts::CerrReport::Instance()))
	This virtual method can be overriden by subclasses to be notified of disconnection.
virtual void	handleOpened (Report &report)
	This virtual method can be overriden by subclasses to be notified of open.

Protected Attributes
std::recursive_mutex	_mutex {}
	Mutex protecting this object.

Detailed Description

Base class for a TLS session.

This class is used in two contexts:

• A TLS client creates a TLSConnection instance and connects to a server.
• A TLS server creates a TLSServer instance and waits for clients. For each client session, a TLSConnection instance is created.

Possible public servers to test various invalid certificates:

• https://expired.badssl.com/
• https://wrong.host.badssl.com/
• https://self-signed.badssl.com/
• https://untrusted-root.badssl.com/
• https://revoked.badssl.com/
• https://pinning-test.badssl.com/
• see more details at https://badssl.com/

Constructor & Destructor Documentation

TLSConnection()

ts::TLSConnection::TLSConnection ( const TLSArgs &  args )

inline

Constructor with initial client arguments.

Parameters

[in]

args

Initial TLS client arguments.

Member Function Documentation

setArgs()

void ts::TLSConnection::setArgs

(

const TLSArgs &

args

)

Set command line arguments for the client.

Parameters

[in]

args

TLS arguments.

setVerifyPeer()

void ts::TLSConnection::setVerifyPeer ( bool  on )

inline

Check if the peer's certificate shall be verified.

Parameters

[in]

on

If true, the peer's certificate will be verified.

setServerName()

void ts::TLSConnection::setServerName

(

const UString &

server_name

)

For a client connection, specify the server name to be used in SNI (Server Name Indication).

Parameters

[in]

server_name

Main server name, as specified in SNI (Server Name Indication). Also used to verify the server's certificate when setVerifyPeer() is true.

addVerifyServer()

void ts::TLSConnection::addVerifyServer

(

const UString &

name

)

For a client connection, add another accepted host name for the server's certificate verification during connect().

The list is reset by setVerifyServer().

Parameters

[in]

name

Additional accepted host name used to verify the server's certificate.

See also

setVerifyServer()

connect()

virtual bool ts::TLSConnection::connect ( const IPSocketAddress &  addr, Report &  report = (ts::CerrReport::Instance())  )

overridevirtual

Connect to a remote address and port.

Use this method when acting as TCP client. Do not use on server side: the TCPConnection object is passed to TCPServer::accept() which establishes the connection.

Parameters

[in]	addr	IP address and port of the server to connect.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

Reimplemented from ts::TCPConnection.

closeWriter()

virtual bool ts::TLSConnection::closeWriter ( Report &  report = (ts::CerrReport::Instance()) )

overridevirtual

Close the write direction of the connection.

The application shall call this routine after sending the last message but may still want to receive messages, waiting for the peer to voluntary disconnect.

Parameters

[in,out]

report

Where to report error.

Returns

True on success, false on error.

Reimplemented from ts::TCPConnection.

disconnect()

virtual bool ts::TLSConnection::disconnect ( Report &  report = (ts::CerrReport::Instance()) )

overridevirtual

Disconnect from remote partner.

Parameters

[in,out]

report

Where to report error.

Returns

True on success, false on error.

Reimplemented from ts::TCPConnection.

send()

virtual bool ts::TLSConnection::send ( const void *  data, size_t  size, Report &  report = (ts::CerrReport::Instance())  )

overridevirtual

Send data.

Parameters

[in]	data	Address of the data to send.
[in]	size	Size in bytes of the data to send.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

Reimplemented from ts::TCPConnection.

receive() [1/2]

virtual bool ts::TLSConnection::receive ( void *  buffer, size_t  max_size, size_t &  ret_size, const AbortInterface *  abort = nullptr, Report &  report = (ts::CerrReport::Instance())  )

overridevirtual

Receive data.

This version of receiveMessage() returns when "some" data are received into the user buffer. The actual received data may be shorter than the user buffer size.

The version is typically useful when the application cannot predict how much data will be received and must respond even if the user buffer is not full.

Parameters

[out]	buffer	Address of the buffer for the received data.
[in]	max_size	Size in bytes of the reception buffer.
[out]	ret_size	Size in bytes of the received data. Will never be larger than max_size.
[in]	abort	If non-zero, invoked when I/O is interrupted (in case of user-interrupt, return, otherwise retry).
[in,out]	report	Where to report error.

Returns

True on success, false on error.

Reimplemented from ts::TCPConnection.

receive() [2/2]

virtual bool ts::TLSConnection::receive ( void *  buffer, size_t  size, const AbortInterface *  abort = nullptr, Report &  report = (ts::CerrReport::Instance())  )

overridevirtual

Receive data until buffer is full.

This version of receiveMessage() returns only when sufficient data are received to completely fill the user buffer. The size of the actual received data is identical to the user buffer size.

The version is typically useful when the application knows that a certain amount of data is expected and must wait for them.

This base implementation uses the variable-length version of receiveMessage(). Therefore, a subclass may only override the variable-length version.

Parameters

[out]	buffer	Address of the buffer for the received data.
[in]	size	Size in bytes of the buffer.
[in]	abort	If non-zero, invoked when I/O is interrupted (in case of user-interrupt, return, otherwise retry).
[in,out]	report	Where to report error.

Returns

True on success, false on error.

Reimplemented from ts::TCPConnection.

GetLibraryVersion()

static UString ts::TLSConnection::GetLibraryVersion ( )

static

Get the version of the underlying SSL/TLS library.

Returns

The library version.

isConnected()

bool ts::TCPConnection::isConnected ( ) const

inlineinherited

Check if the socket is connected.

Returns

True if the socket was successfully connected to the peer.

getPeer()

bool ts::TCPConnection::getPeer ( IPSocketAddress &  addr, Report &  report = (ts::CerrReport::Instance())  ) const

inherited

Get the connected remote peer.

Parameters

[out]	addr	IP address and port of the remote socket.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

peerName()

UString ts::TCPConnection::peerName ( ) const

inherited

Get the connected remote peer as a string.

Returns

A string representation of the IP address and port of the remote socket.

handleConnected()

virtual void ts::TCPConnection::handleConnected ( Report &  report = (ts::CerrReport::Instance()) )

protectedvirtualinherited

This virtual method can be overriden by subclasses to be notified of connection.

All subclasses should explicitly invoke their superclass' handlers.

Parameters

[in,out]

report

Where to report error.

Reimplemented in ts::tlv::Connection< SAFETY >, ts::tlv::Connection< ThreadSafety::Full >, and ts::tlv::Connection< ThreadSafety::None >.

handleDisconnected()

virtual void ts::TCPConnection::handleDisconnected ( Report &  report = (ts::CerrReport::Instance()) )

protectedvirtualinherited

This virtual method can be overriden by subclasses to be notified of disconnection.

All subclasses should explicitly invoke their superclass' handlers.

Parameters

[in,out]

report

Where to report error.

handleClosed()

virtual void ts::TCPConnection::handleClosed ( Report &  report = (ts::CerrReport::Instance()) )

overrideprotectedvirtualinherited

This virtual method can be overriden by subclasses to be notified of close.

All subclasses should explicitly invoke their superclass' handlers.

Parameters

[in,out]

report

Where to report error.

Reimplemented from ts::TCPSocket.

setTTL()

bool ts::TCPSocket::setTTL ( int  ttl, Report &  report = (ts::CerrReport::Instance())  )

inherited

Set the Time To Live (TTL) option.

Parameters

[in]	ttl	The TTL value, ie. the maximum number of "hops" between routers before an IP packet is dropped.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

setNoLinger()

bool ts::TCPSocket::setNoLinger ( Report &  report = (ts::CerrReport::Instance()) )

inherited

Remove the linger time option.

Parameters

[in,out]

report

Where to report error.

Returns

True on success, false on error.

setLingerTime()

bool ts::TCPSocket::setLingerTime ( int  seconds, Report &  report = (ts::CerrReport::Instance())  )

inherited

Set the linger time option.

Parameters

[in]	seconds	Number of seconds to wait after shuting down the socket.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

setKeepAlive()

bool ts::TCPSocket::setKeepAlive ( bool  active, Report &  report = (ts::CerrReport::Instance())  )

inherited

Set the "keep alive" option.

Parameters

[in]	active	If true, the socket periodically sends "keep alive" packets when the connection is idle.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

setNoDelay()

bool ts::TCPSocket::setNoDelay ( bool  active, Report &  report = (ts::CerrReport::Instance())  )

inherited

Set the "no delay" option.

Parameters

[in]	active	If true, the socket immediately sends outgoing packets. By default, a TCP socket waits a small amount of time after a send() operation to get a chance to group outgoing data from successive send() operations into one single packet.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

bind()

bool ts::TCPSocket::bind ( const IPSocketAddress &  addr, Report &  report = (ts::CerrReport::Instance())  )

inherited

Bind to a local address and port.

The IP address part of the socket address must one of:

• IPAddress::AnyAddress4. Any local interface may be used to connect to a server (client side) or to receive incoming client connections (server side).
• The IP address of an interface of the local system. Outgoing connections (client side) will be only allowed through this interface. Incoming client connections (server side) will be accepted only when they arrive through the selected interface.

The port number part of the socket address must be one of:

• IPSocketAddress::AnyPort. The socket is bound to an arbitrary unused local TCP port. This is the usual configuration for a TCP client.
• A specific port number. This is the usual configuration for a TCP server. If this TCP port is already bound by another local TCP socket, the bind operation fails, unless the "reuse port" option has already been set.

Parameters

[in]	addr	Local socket address to bind to.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

open()

virtual bool ts::TCPSocket::open ( IP  gen, Report &  report = (ts::CerrReport::Instance())  )

overridevirtualinherited

Open the socket.

Parameters

[in]	gen	IP generation, IPv4 or IPv6. If set to IP::Any, open an IPv6 socket (IPv4 connections allowed).
[in,out]	report	Where to report error.

Returns

True on success, false on error.

Implements ts::Socket.

close()

virtual bool ts::TCPSocket::close ( Report &  report = (ts::CerrReport::Instance()) )

overridevirtualinherited

Close the socket.

Parameters

[in,out]

report

Where to report error.

Returns

True on success, false on error.

Reimplemented from ts::Socket.

Reimplemented in ts::TCPServer, and ts::TLSServer.

handleOpened()

virtual void ts::TCPSocket::handleOpened ( Report &  report )

protectedvirtualinherited

This virtual method can be overriden by subclasses to be notified of open.

All subclasses should explicitly invoke their superclass' handlers.

Parameters

[in,out]

report

Where to report error.

declareOpened()

virtual void ts::TCPSocket::declareOpened ( SysSocketType  sock, Report &  report  )

overrideprotectedvirtualinherited

Set an open socket descriptor from a subclass.

This method is used by a server to declare that a client socket has just become opened.

Parameters

[in]	sock	New socket descriptor.
[in,out]	report	Where to report error.

Reimplemented from ts::Socket.

isOpen()

bool ts::Socket::isOpen ( ) const

inlineinherited

Check if socket is open.

Returns

True if socket is open.

generation()

IP ts::Socket::generation ( ) const

inlineinherited

Get the IP generation with which the socket was open.

Returns

The IP generation used to open the socket. Never IP::Any.

setSendBufferSize()

bool ts::Socket::setSendBufferSize ( size_t  size, Report &  report = (ts::CerrReport::Instance())  )

inherited

Set the send buffer size.

Parameters

[in]	size	Send buffer size in bytes.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

setReceiveBufferSize()

bool ts::Socket::setReceiveBufferSize ( size_t  size, Report &  report = (ts::CerrReport::Instance())  )

inherited

Set the receive buffer size.

Parameters

[in]	size	Receive buffer size in bytes.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

setReceiveTimeout()

bool ts::Socket::setReceiveTimeout ( cn::milliseconds  timeout, Report &  report = (ts::CerrReport::Instance())  )

inherited

Set the receive timeout.

Parameters

[in]	timeout	Receive timeout in milliseconds. If negative or zero, receive timeout is not used, reception waits forever.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

reusePort()

bool ts::Socket::reusePort ( bool  reuse_port, Report &  report = (ts::CerrReport::Instance())  )

inherited

Set the "reuse port" option.

Parameters

[in]	reuse_port	If true, the socket is allowed to reuse a local UDP port which is already bound.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

getLocalAddress()

bool ts::Socket::getLocalAddress ( IPSocketAddress &  addr, Report &  report = (ts::CerrReport::Instance())  )

inherited

Get local socket address.

Parameters

[out]	addr	Local socket address of the connection.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

getSocket()

SysSocketType ts::Socket::getSocket ( ) const

inlineinherited

Get the underlying socket device handle (use with care).

This method is reserved for low-level operations and should not be used by normal applications.

Returns

The underlying socket system device handle or file descriptor. Return SYS_SOCKET_INVALID if the socket is not open.

createSocket()

bool ts::Socket::createSocket ( IP  gen, int  type, int  protocol, Report &  report  )

protectedinherited

Create the socket.

Parameters

[in]	gen	IP generation.
[in]	type	Socket type: SOCK_STREAM, SOCK_DGRAM
[in]	protocol	Socket protocol: IPPROTO_TCP, IPPROTO_UDP
[in,out]	report	Where to report error.

Returns

True on success, false on error.

See also

open(ge, Report&)

convert()

bool ts::Socket::convert ( IPAddress &  addr, Report &  report  ) const

protectedinherited

Convert an IP address to make it compatible with the socket IP generation.

Parameters

	addr	[in,out] The address to convert.
[in,out]	report	Where to report error.

Returns

True on success, false on error.

---

The documentation for this class was generated from the following file:

• tsTLSConnection.h