Class

SSLSocket


Description

Use the SSLSocket class to do secure communications via TCP/IP using secure sockets layer (SSL) technology.

Methods

Name

Parameters

Returns

Shared

Close

Connect

Disconnect

EndOfFile

Boolean

Flush

Listen

Lookahead

Encoding As TextEncoding = Nil

String

Poll

Purge

Read

Bytes As Integer, Encoding As TextEncoding = Nil

String

ReadAll

Encoding As TextEncoding = Nil

String

ReadError

Boolean

Write

Data As String

WriteError

Boolean

Events

Name

Parameters

Returns

Connected

DataAvailable

Error

err As RuntimeException

SendComplete

userAborted As Boolean

SendProgress

bytesSent As Integer, bytesLeft As Integer

Boolean

Enumerations

SSLSocket.SSLConnectionTypes

SSLConnectionTypes

Specifies the available types of SSL connections.

Enum

Description

SSLv23

A TLS/SSL connection established with this value may understand the SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3 protocols. If extensions are required (for example server name) a client will send out TLSv1 client hello messages including extensions and will indicate that it also understands TLSv1.1, TLSv1.2 and permits a fallback to SSLv3. A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols. This is the best choice when compatibility is a concern.

TLSv1

TLS (Transport Layer Security) version 1. (default).

TLSv11

TLS (Transport Layer Security) version 1.1.

TLSv12

TLS (Transport Layer Security) version 1.2

TLSv13

TLS (Transport Layer Security) version 1.3

Important

On Windows, TLSv13 requires Windows 11.

Property descriptions


SSLSocket.Address

Address As String

The TCP/IP address to try to connect to.

In this example, the address has been entered into a TextField.

TCPSocket1.Address = TextField1.Text

SSLSocket.BytesAvailable

BytesAvailable As Integer

The number of bytes of data are available in the internal receive buffer.

This property is read-only.

TextField1.Text = Me.BytesAvailable.ToString

SSLSocket.BytesLeftToSend

BytesLeftToSend As Integer

The number of bytes left in the queue remaining to be sent.

This property is read-only.

This enables you to create a synchronous socket without needing to subclass it.

TextField1.Text = Me.BytesLeftToSend.ToString

SSLSocket.CertificateFile

CertificateFile As FolderItem

The file that contains the SSL certificate.

This example opens the certificate file and assigns it to the property.

Var f As FolderItem
f = FolderItem.ShowOpenFileDialog("text/plain")
If f <> Nil Then
  Socket1.CertificateFile = f
End If

SSLSocket.CertificatePassword

CertificatePassword As String

The certificate password for the secure connection.

This example sets the certificate password from a TextField.

socket1.CertificatePassword=TextField1.Text

SSLSocket.CertificateRejectionFile

CertificateRejectionFile As FolderItem

The certificate rejection file.

This example gets the certificate rejection file from disk.

Var f As FolderItem
f = FolderItem.ShowOpenFileDialog("text/plain")
If f <> Nil Then
  Socket1.CertificateRejectionFile = f
End If

SSLSocket.Handle

Handle As Integer

This is the socket's internal descriptor and it can be used with Declare statements.

This property is read-only.

Important

This property is not supported for Android.

  • On Windows, Handle is a Socket, suitable for use in Declares on Windows.

  • On macOS and Linux, Handle is a UNIX socket descriptor.

The descriptor is platform-specific. If Handle is less than zero, the descriptor is not available.


SSLSocket.IsConnected

IsConnected As Boolean

Indicates whether the socket is currently connected.

This property is read-only.

For TCPSockets, a connection means you can send and receive data and are connected to a remote machine. For UDPSockets, this means that you are bound to the port and are able to send, receive, join or leave multicast groups, or set socket options.

If EasyUDPSocket1.IsConnected Then
  ' proceed using the connection
Else
  MessageBox("Connection failed!")
End If

SSLSocket.LocalAddress

LocalAddress As String

The local IP address of the computer.

This property is read-only.

Var localIP As String = Socket1.LocalAddress

SSLSocket.NetworkInterface

NetworkInterface As NetworkInterface

Specifies which network interface the socket should use when binding.

You can get the network interface(s) of the user's computer by calling the GetNetworkInterface method of the System module.

Leaving this property set to Nil will use the currently selected interface. In the case of UDPSockets, if you assign a non-Nil value, the socket may not be able to receive broadcast messages. The behavior is OS-dependent; it appears to work on Windows but not on other supported operating systems. If you wish to send broadcast packets out, then you should not bind to a specific interface because the behavior is undefined.

Important

This property is not supported for Android.

This example specifies that the TCPSocket will use the first Network Interface on the user's computer.

TCPSocket1.NetworkInterface = System.NetworkInterface(0)

SSLSocket.Port

Port As Integer

The port to bind on or connect to.

On most operating systems, attempting to bind to a port less than 1024 causes a Error event to fire with an error number 107 unless the application is running with administrative permissions. This is due to security features built into the underlying OS.

You need to set the port property explicitly before any call to Listen or Connect as the Port property will be modified to reflect what the actual bound port is during the various stages of operation.

For instance, if you listen on port 8080 and a connection comes in, you can check the Port property to ensure that you're still listening on port 8080 (that the port hasn't been hijacked). Or, if you connect to a socket on port 8080, once the connection occurs, you can check to see what port the OS has bound you to. This will be a random-seeming port number.

This trick can be very useful when you do things like Listen on port 0. In that case, the OS will pick a port for you and listen on it. Then you can check the Port property to see which port the OS picked. This functionality is used for various protocols, such as FTP.

This example sets the Port to 8080.

TCPSocket1.Port = 8080

SSLSocket.RemoteAddress

RemoteAddress As String

The address of the remote machine you are connected to.

This property is read-only.

Use this instead of the Address property to determine the address of the machine you are actually connected to.

This example reports the address of the remote machine that the user is connected to. It is in the Connected event.

TextField1.Text = Me.RemoteAddress

SSLSocket.SSLConnected

SSLConnected As Boolean

True if you have an SSL connection.

This property is read-only.

If Me.SSLConnected Then
  ' connection established with secure communications, proceed ...
Else
  Exit
End If

SSLSocket.SSLConnecting

SSLConnecting As Boolean

True if the socket is in the process of doing a handshake to establish an SSL connection.

This property is read-only.

If Me.SSLConnecting Then
  ' proceed with connection
End If

SSLSocket.SSLConnectionType

SSLConnectionType As SSLConnectionTypes

Specifies the type of SSL connection.

Set this property by assigning a SSLConnectionTypes value to it.

The default is TLSv1. If you need to change the connection type, close the connection first.

This example changes the connection type to TLSv1.

Socket1.SSLConnectionType = SSLSocket.SSLConnectionTypes.TLSv1

SSLSocket.SSLEnabled

SSLEnabled As Boolean

Set to True to specify an SSL connection.

If SSLEnabled is False, the SSLSocket transmits data just like a TCPSocket. This property can be toggled at any time.

Me.SSLEnabled = True

Method descriptions


SSLSocket.Close

Close

Closes the socket's connection, closes any connections the socket may have, and resets the socket.

The only information that is retained after calling Close is the socket's port, address (in the case of TCPSockets), and data left in the socket's receive buffer. All other information is discarded.

This example closes the EasyTCPSockets that were open. The sockets were added to the main window.

Connector.Close
Listener.Close

SSLSocket.Connect

Connect

Attempts to connect.

For TCPSockets, the address and port properties must be set. For UDPSockets, the port property must be set. The Connect method binds a socket to a port. After calling Connect, the Port property will report the actual port you are bound to.


SSLSocket.Disconnect

Disconnect

Disconnects the socket, resets it, and fires a SocketCore Error event with a 102 error to let you know that the socket has been disconnected.

This example disconnects the EasyTCPSockets that were opened.

Connector.Disconnect
Listener.Disconnect

SSLSocket.EndOfFile

EndOfFile As Boolean

Returns True when there's no more data left to read.

This code reads the rows and columns of data from a tab-delimited text file into a ListBox:

Var f As FolderItem
Var textInput As TextInputStream
Var rowFromFile As String

f = FolderItem.ShowOpenFileDialog("text/plain") ' defined as a FileType
If f <> Nil Then
  textInput = TextInputStream.Open(f)
  textInput.Encoding = Encodings.UTF8

  Do
    rowFromFile = textInput.ReadLine
    Var values() As String = rowFromFile.ToArray(String.Chr(9))
    ListBox1.ColumnCount = values.Count
    ListBox1.AddRow("")
    Var col As Integer
    For Each value As String In values
      ListBox1.CellTextAt(ListBox1.LastAddedRowIndex, col) = value
      col = col + 1
    Next
  Loop Until textInput.EndOfFile

  textInput.Close
End If

This example reads each pair of bytes from a file and writes them in reverse order to a new file. The user chooses the source file using the Open-file dialog box and saves the new file using the Save as dialog box. The EOF property is used to terminate the Do...Loop.

Var readFile As FolderItem = FolderItem.ShowOpenFileDialog("text")
If readFile <> Nil Then
  Var ReadStream As BinaryStream = BinaryStream.Open(readFile, False)
  ReadStream.LittleEndian = True
  Var writeFile As FolderItem = FolderItem.ShowSaveFileDialog("", "")
  If writeFile <> Nil Then
    Var writeStream As BinaryStream = BinaryStream.Create(writeFile, True)
    writeStream.LittleEndian = True
    Do Until ReadStream.EndOfFile
      writeStream.WriteInt8(ReadStream.ReadInt8)
    Loop
    writeStream = Nil
  End If
  readStream = Nil
End If

SSLSocket.Flush

Flush

Immediately sends the contents of internal write buffers to disk or to the output stream.

This function can be useful in point-to-point communication over sockets and similar connections: To optimize for transmission performance, some types of output streams try to collect small pieces of written data into one larger piece for sending instead of sending each piece out individually. By calling Flush, the data collection is stopped and the data is sent without further delay, reducing latency.

When using this on a stream that ends up as a file on disk, it is useful, too: Any short parts of previously written data are written to disk right away, ensuring the data is actually on disk if the application terminates abruptly, e.g. due to a crash.

Avoid calling this method too often. For example, do not call it between successive Write calls because you'll slow down performance without getting much benefit.

A typical use case would look like this:

mySocket.Write("you typed: ")
mySocket.Write(key)
mySocket.Write(".")
mySocket.Flush

SSLSocket.Listen

Listen

Attempts to listen for incoming connections on the currently specified port.

After calling Listen, the Port property will report the actual port you are bound to.


SSLSocket.Lookahead

Lookahead(Encoding As TextEncoding = Nil) As String

Returns a String, containing the data that is available in the internal queue without removing it.

The optional Encoding parameter enables you to specify the text encoding of the data to be returned. The default is Nil. Use the Encodings module to specify an encoding.

This example adds the contents of the internal queue to a TextArea. The Listener EasyTCPSocket has been added to the window.

TextArea1.AddText(listener.Lookahead)

SSLSocket.Poll

Poll

Polls the socket manually, which allows a socket to be used synchronously.

The EasyTCPSocket "Listener" has been added to the window.

Listener.Poll

SSLSocket.Purge

Purge

Removes all data from the socket's internal receive buffer. It does not affect the socket's internal send buffer.

Listener.Purge

SSLSocket.Read

Read(Bytes As Integer, Encoding As TextEncoding = Nil) As String

Reads Bytes bytes from the input stream and returns a String.

If provided, the optional parameter Encoding specifies the text encoding to be defined for the String to be read.

If Bytes is higher than the amount of bytes currently available in the stream, all available bytes will be returned. Therefore, make sure to always consider the case that you get less than you requested. To see if you received all requested bytes, check the returned string's String property (avoid using Length as it may give a different number if the encoding is not nil).

If not enough memory is available, you get back an empty string.

This example reads the first 1000 bytes from a BinaryStream.

Var readFile As FolderItem = FolderItem.ShowOpenFileDialog("text/plain")
If readFile <> Nil Then
  Var ReadStream As BinaryStream = BinaryStream.Open(readFile, False)
  ReadStream.LittleEndian = True
  TextArea1.Text = ReadStream.Read(1000, Encodings.UTF8)
End If

SSLSocket.ReadAll

ReadAll(Encoding As TextEncoding = Nil) As String

Reads all the data from the internal buffer.

This example reads all the data in the buffer into a TextArea.

TextField1.AddText(listener.ReadAll)

SSLSocket.ReadError

ReadError As Boolean

If True then an error occurred during reading.


SSLSocket.Write

Write(Data As String)

Writes the passed data to the output stream.

Note that in order to make sure that the data actually ends up on disk or gets sent to the socket it is connected to, the stream must either get closed or the Flush method be called. Otherwise, the data, if small, may end up temporarily in a write buffer before either a certain time has passed or more data is written. This buffering increases performance when writing lots of small pieces of data, but may be causing unwanted delays when another process, e.g. the other end of a socket connection, is waiting for the data. Consider calling the Flush method to reduce latencies that this buffering may cause in such cases.

If Write fails, an IOException will be raised.

This example displays the Save As dialog box and writes the contents of the TextArea1 to a text file.

Var f As FolderItem
Var stream As BinaryStream
f = FolderItem.ShowSaveFileDialog(FileTypes1.Text, "Untitled.txt")
If f<> Nil Then
  stream = BinaryStream.Create(f, True)
  stream.Write(TextArea1.Text)
  stream.Close
End If

SSLSocket.WriteError

WriteError As Boolean

If True then an error occurred during writing.

Event descriptions


SSLSocket.Connected

Connected

Executes when the connection is established with the server.


SSLSocket.DataAvailable

DataAvailable

Occurs when additional data has come into the internal receive buffer.


SSLSocket.Error

Error(err As RuntimeException)

Occurs when an error occurs with the socket.

These error codes provide you with key information about your socket, and it is not advisable to ignore them.

When an error occurs, the RuntimeException property will likely contain one of the following error codes:

Error Code

Description

0

No error occurred.

100

There was an error opening and initializing the drivers.

101

This error code is no longer used.

102

This code means that you lost your connection.

103

The socket was unable to resolve the address that was specified.

104

This error code is no longer used.

105

The address is currently in use.

106

This is an invalid state error, which means that the socket is not in the proper state to be doing a certain operation.

107

This error means that the port you specified is invalid.

108

This error indicates that your application has run out of memory.

These are not the only errors that are returned. For Windows, additional error codes are usually positive numbers in the range [10004, 11004]. For Windows error codes, see WinSock.h. MacOS and Linux use POSIX error codes. For a description of macOS and Linux error codes, see http://www.ioplex.com/~miallen/errcmp.html.

e.g. error 64 is for "host is down".

The following example in the Error event handler displays the error code.

MessageBox(err.ErrorNumber.ToString)

SSLSocket.SendComplete

SendComplete(userAborted As Boolean)

Occurs when a send has completed.

Use this to determine when all your data has been sent. userAborted will be True if the user aborted the send by returning True from the SendProgress event. You can use this information to update different status variables or to inform user about the success or failure of the transfer. If the send was completed, this value is False. userAborted will always be False for UDP sockets.


SSLSocket.SendProgress

SendProgress(bytesSent As Integer, bytesLeft As Integer) As Boolean

Occurs when your network provider queues your data in chunks and is about to send the next chunk.

The parameters indicate the amount of progress that has been made during the send. Returns a Boolean.

Returning True from this event causes the send to be cancelled. This does not close the socket's connection; it only clears the buffer. After all of the data has been transferred you will get a final SendProgress event followed by a SendComplete event.

bytesSent is the number of bytes that were sent in the chunk, not the total number of bytes sent.

Notes

To establish an SSL connection, set the SSLEnabled property to True and use the Connect method. SSLSocket supports secure listening sockets.

The SSLSocket control is not listed in the Controls pane in the Window Editor. There are two ways to add an SSLSocket control to a window:

  • Drag a TCPSocket control to a window and then change its Super class to SSLSocket.

  • Display the window's contextual menu by right+clicking (Windows and Linux) or control-clicking on the window (Macintosh) and then choosing Add > SocketCore > TCPSocket > SSLSocket.

The SSLSocket control can be instantiated via code since it is not a subclass of DesktopControl. This allows you to easily write code that does communications without adding the control to a window.

Writing to a socket is done asynchronously. This means each time the Write method is called, the data passed goes into a buffer in memory before actually being sent and then removed from the buffer. Once the socket has finished sending the data in the buffer to the computer at the other end of the socket connection, the SendComplete event handler is executed. This allows you to know when all of the data has really been sent.

Calling Read, ReadAll, or Lookahead may not fetch all of the data in the internal buffer. This is because SSL needs to read data in blocks (due to the cryptography), and it may not have a complete block in the buffer. For example, there may be 700 bytes available in the buffer, but SSL can only decrypt 512 bytes due to the remainder being an incomplete block. What occurs in this case is some data may remain stagnant in the buffer. When more data comes in, the DataAvailable event handler is called. If there are no more DataAvailable events, then upon disconnection, additional DataAvailable event will be issued to let you pick up any stagnant data that SSL can give us back. There are two things to watch out for because of this:

  1. If there is not sufficient data for SSL to decrypt, you may get a DataAvailable event but no data.

  2. Calling SSLSocket.Close may execute DataAvailable events.

When using an SSLSocket to Listen for a connection, you must specify a CertificateFile. For Linux and macOS the certificate should contain both the public and private keys, like this:

-----BEGIN RSA PRIVATE KEY-----
…Certificate Data Here...
-----END RSA PRIVATE KEY-----

-----BEGIN CERTIFICATE-----
…Certificate Data Here...
-----END CERTIFICATE-----

Xojo Cloud

Web apps running on Xojo Cloud first have to use the FirewallPort class to open the port used to connect to TCP externally.

Compatibility

All project types on all supported operating systems.

See also

TCPSocket parent class; SocketCore, TCPSocket, ServerSocket classes.