|
PLCnext API Documentation 23.6.0.37
|
Namespace for network specific classes, enumerations and functions. More...
Classes | |
| class | IpAddress |
| Unified representation for ip address schemes. More... | |
| class | Socket |
| Interface to realizes ethernet based communications. More... | |
| class | TlsSocket |
| class | TlsSocket2 |
| Interface to realize TLS Connection over TCP More... | |
Typedefs | |
| using | TlsContextPtr = std::shared_ptr< TlsContext > |
Functions | |
| std::ostream & | operator<< (std::ostream &os, const IpAddress &ipAddress) |
| The ostream operator is used for logging and string formatting. | |
| std::istream & | operator>> (std::istream &is, IpAddress &ipAddress) |
| The istream operator is used for string parsing. | |
| ARP_CXX_SYMBOL_EXPORT std::ostream & | operator<< (std::ostream &os, PollMode value) |
| ARP_CXX_SYMBOL_EXPORT std::istream & | operator>> (std::istream &is, PollMode &value) |
| ARP_CXX_SYMBOL_EXPORT std::ostream & | operator<< (std::ostream &os, ShutdownMode value) |
| ARP_CXX_SYMBOL_EXPORT std::istream & | operator>> (std::istream &is, ShutdownMode &value) |
| ARP_CXX_SYMBOL_EXPORT std::ostream & | operator<< (std::ostream &os, SocketError value) |
| ARP_CXX_SYMBOL_EXPORT std::istream & | operator>> (std::istream &is, SocketError &value) |
| ARP_CXX_SYMBOL_EXPORT std::ostream & | operator<< (std::ostream &os, TlsAlertLevel value) |
| ARP_CXX_SYMBOL_EXPORT std::istream & | operator>> (std::istream &is, TlsAlertLevel &value) |
| ARP_CXX_SYMBOL_EXPORT std::ostream & | operator<< (std::ostream &os, TlsAlertType value) |
| ARP_CXX_SYMBOL_EXPORT std::istream & | operator>> (std::istream &is, TlsAlertType &value) |
| ARP_CXX_SYMBOL_EXPORT std::ostream & | operator<< (std::ostream &os, TlsOptions value) |
| ARP_CXX_SYMBOL_EXPORT std::istream & | operator>> (std::istream &is, TlsOptions &value) |
| constexpr TlsOptions | operator& (TlsOptions lhs, TlsOptions rhs) |
| constexpr TlsOptions | operator| (TlsOptions lhs, TlsOptions rhs) |
| TlsOptions & | operator&= (TlsOptions &lhs, TlsOptions rhs) |
| TlsOptions & | operator|= (TlsOptions &lhs, TlsOptions rhs) |
| TlsOptions | operator~ (TlsOptions arg) |
| ARP_CXX_SYMBOL_EXPORT std::ostream & | operator<< (std::ostream &os, TlsVerificationError value) |
| ARP_CXX_SYMBOL_EXPORT std::istream & | operator>> (std::istream &is, TlsVerificationError &value) |
Namespace for network specific classes, enumerations and functions.
|
strong |
|
strong |
|
strong |
|
strong |
Supported blocking modes.
| Enumerator | |
|---|---|
| None | Blocking mode is undefined. |
| Blocking | Socket is in blocking mode, i.e. the Send*, Receive* and Accept methods will block if no data is available. |
| NoneBlocking | Socket is in non-blocking mode, i.e. the Send*, Receive* and Accept methods will not block if no data is available. |
|
strong |
|
strong |
Possible error codes for socket operation results.
| Enumerator | |
|---|---|
| None | The Socket operation succeeded. |
| Any | An unspecified Socket error has occurred. |
| Interrupted | A blocking operation was interrupted. |
| InvalidArgument | An invalid argument was supplied. |
| TooManyOpenSockets | Too many open sockets. |
| WouldBlock | A non-blocking socket operation could not be completed immediately. |
| InProgress | A blocking operation is currently executing. |
| AlreadyInProgress | An operation was attempted on a non-blocking socket that already had an operation in progress. |
| NotSocket | An operation was attempted on something that is not a socket. |
| DestinationAddressRequired | A required address was omitted from an operation on a socket. |
| MessageSize | A message sent on a datagram socket was larger than the internal message buffer or some other network limit, or the buffer used to receive a datagram into was smaller than the datagram itself. |
| ProtoType | A protocol was specified in the socket function call that does not support the semantics of the socket type requested. |
| ProtocolOption | An unknown, invalid, or unsupported option or level was specified in a getsockopt or setsockopt call. |
| ProtocolNotSupported | The requested protocol has not been configured into the system, or no implementation for it exists. |
| SocketNotSupported | The support for the specified socket type does not exist in this address family. |
| OperationNotSupported | The attempted operation is not supported for the type of object referenced. |
| ProtocolFamilyNotSupported | The protocol family has not been configured into the system or no implementation for it exists. |
| AddressFamilyNotSupported | An address incompatible with the requested protocol was used. |
| AddressAlreadyInUse | Only one usage of each socket address (protocol/network address/port) is normally permitted. |
| AddressNotAvailable | The requested address is not valid in its context. |
| NetworkDown | A socket operation encountered a dead network. |
| NetworkUnreachable | A socket operation was attempted to an unreachable network. |
| NetworkReset | The connection has been broken due to keep-alive activity detecting a failure while the operation was in progress. |
| ConnectionAborted | An established connection was aborted by the software in your host machine. |
| ConnectionReset | An existing connection was forcibly closed by the remote host. |
| NoBufferSpaceAvailable | An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue was full. |
| IsConnected | A connect request was made on an already connected socket. |
| NotConnected | A request to send or receive data was disallowed because the socket is not connected and (when sending on a datagram socket using a sendto call) no address was supplied. |
| Shutdown | A request to send or receive data was disallowed because the socket had already been shut down in that direction with a previous shutdown call. |
| TimedOut | A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. |
| ConnectionRefused | No connection could be made because the target machine actively refused it. |
| HostDown | A socket operation failed because the destination host was down. |
| HostUnreachable | A socket operation was attempted to an unreachable host. |
| ProcessLimit | A Sockets implementation may have a limit on the number of applications that may use it simultaneously. |
| SystemNotReady | Startup cannot function at this time because the underlying system it uses to provide network services is currently unavailable. |
| VersionNotSupported | The Sockets version requested is not supported. |
| NotInitialized | Either the application has not called Startup, or Startup failed. |
| Disconnecting | Returned by Recv or RecvFrom to indicate the remote party has initiated a graceful shutdown sequence. |
| HostNotFound | No such host is known. |
| TryAgain | This is usually a temporary error during host name resolution and means that the local server did not receive a response from an authoritative server. |
|
strong |
Specifies socket options to be set by the application. Copied from Eclr Socket Adaption
|
strong |
|
strong |
This enum represents avaliable TLS alert Levels
|
strong |
This enum defines the TLS alert types
see: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-6
| Enumerator | |
|---|---|
| None | Initialization value, should not be set in verify delegate |
| CloseNotify | This alert notifies the recipient that the sender will not send any more messages on this connection.Any data received after a closure alert has been received MUST be ignored. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| UnexpectedMessage | An inappropriate message (e.g., the wrong handshake message, premature Application Data, etc.) was received. This alert should never be observed in communication between proper implementations. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| BadRecordMac | This alert is returned if a record is received which cannot be deprotected.Because AEAD algorithms combine decryption and verification, and also to avoid side - channel attacks, this alert is used for all deprotection failures.This alert should never be observed in communication between proper implementations, except when messages were corrupted in the network. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| DecryptionFailed | This alert was used in some earlier versions of TLS, and may have permitted certain attacks against the CBC mode[CBCATT].It MUST NOT be sent by compliant implementations. RFC 5246: https://www.rfc-editor.org/rfc/rfc5246 |
| RecordOverflow | A TLSCiphertext record was received that had a length more than 2 ^ 14 + 256 bytes, or a record decrypted to a TLSPlaintext record with more than 2 ^ 14 bytes(or some other negotiated limit).This alert should never be observed in communication between proper implementations, except when messages were corrupted in the network. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| DecompressionFailure | Only TLS 1.2 The decompression function received improper input (e.g., data that would expand to excessive length).This message is always fataland should never be observed in communication between proper implementations. RFC 5246: https://www.rfc-editor.org/rfc/rfc5246 |
| HandshakeFailure | Receipt of a "handshake_failure" alert message indicates that the sender was unable to negotiate an acceptable set of security parameters given the options available. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| NoCertificate | This alert was used in SSLv3 but not any version of TLS. It MUST NOT be sent by compliant implementations. RFC 5246: https://www.rfc-editor.org/rfc/rfc5246 |
| BadCertificate | A certificate was corrupt, contained signatures that did not verify correctly, etc. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| UnsupportedCertificate | A certificate was of an unsupported type. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| CertificateRevoked | A certificate was revoked by its signer. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| CertificateExpired | A certificate has expired or is not currently valid. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| CertificateUnknown | Some other (unspecified) issue arose in processing the certificate, rendering it unacceptable. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| IllegalParameter | A field in the handshake was incorrect or inconsistent with other fields.This alert is used for errors which conform to the formal protocol syntax but are otherwise incorrect. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| UnknownCa | A valid certificate chain or partial chain was received, but the certificate was not accepted because the CA certificate could not be located or could not be matched with a known trust anchor. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| AccessDenied | A valid certificate or PSK was received, but when access control was applied, the sender decided not to proceed with negotiation. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| DecodeError | A message could not be decoded because some field was out of the specified range or the length of the message was incorrect.This alert is used for errors where the message does not conform to the formal protocol syntax.This alert should never be observed in communication between proper implementations, except when messages were corrupted in the network. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| DecryptError | A handshake (not record layer) cryptographic operation failed, including being unable to correctly verify a signature or validate a Finished message or a PSK binder. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| TooManyCidsRequested | Used by DTLS 1.3 see: RFC9147 Endpoints MAY handle an excessive number of RequestConnectionId messages by terminating the connection using a "too_many_cids_requested" alert. RFC 9147: https://www.rfc-editor.org/rfc/rfc9147 |
| ExportRestriction | This alert was used in some earlier versions of TLS. It MUST NOT be sent by compliant implementations. rfc5246 |
| ProtocolVersion | The protocol version the peer has attempted to negotiate is recognized but not supported. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| InsufficientSecurity | Returned instead of "handshake_failure" when a negotiation has failed specifically because the server requires parameters more secure than those supported by the client. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| InternalError | An internal error unrelated to the peer or the correctness of the protocol(such as a memory allocation failure) makes it impossible to continue. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| InappropriateFallback | Sent by a server in response to an invalid connection retry attempt from a client(see[RFC7507]). RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| UserCanceled | This alert notifies the recipient that the sender is canceling the handshake for some reason unrelated to a protocol failure.If a user cancels an operation after the handshake is complete, just closing the connection by sending a "close_notify" is more appropriate.This alert SHOULD be followed by a "close_notify".This alert generally has AlertLevel = warning. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| NoRenegotiation | Sent by the client in response to a hello request or by the server in response to a client hello after initial handshaking. Either of these would normally lead to renegotiation; when that is not appropriate, the recipient should respond with this alert.At that point, the original requester can decide whether to proceed with the connection.One case where this would be appropriate is where a server has spawned a process to satisfy a request; the process might receive security parameters(key length, authentication, etc.) at startup, and it might be difficult to communicate changes to these parameters after that point.This message is always a warning. RFC 5246: https://www.rfc-editor.org/rfc/rfc5246 |
| MissingExtension | Sent by endpoints that receive a handshake message not containing an extension that is mandatory to send for the offered TLS version or other negotiated parameters. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| UnsupportedExtension | Sent by endpoints receiving any handshake message containing an extension known to be prohibited for inclusion in the given handshake message, or including any extensions in a ServerHello or Certificate not first offered in the corresponding ClientHello or CertificateRequest. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| CertificateUnobtainable | If a server is unable to obtain certificates in a given CertificateURL, it MUST send a fatal certificate_unobtainable(111) alert if it requires the certificates to complete the handshake.If the server does not require the certificates, then the server continues the handshake. RFC 6066: https://www.rfc-editor.org/rfc/rfc6066.html |
| UnrecognizedName | Sent by servers when no server exists identified by the name provided by the client via the "server_name" extension (see[RFC6066]). RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| BadCertificateStatusResponse | Sent by clients when an invalid or unacceptable OCSP response is provided by the server via the "status_request" extension(see[RFC6066]). RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| BadCertificateHashValue | The server MUST check that the SHA-1 hash of the contents of the object retrieved from that URL(after decoding any MIME Content - Transfer - Encoding) matches the given hash.If any retrieved object does not have the correct SHA - 1 hash, the server MUST abort the handshake with a bad_certificate_hash_value(114) alert.This alert is always fatal. RFC 6066: https://www.rfc-editor.org/rfc/rfc6066.html |
| UnknownPskIdentity | Sent by servers when PSK key establishment is desired but no acceptable PSK identity is provided by the client. Sending this alert is OPTIONAL; servers MAY instead choose to send a "decrypt_error" alert to merely indicate an invalid PSK identity. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| CertificateRequired | Sent by servers when a client certificate is desired but none was provided by the client. RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
| NoApplicationProtocol | Sent by servers when a client "application_layer_protocol_negotiation" extension advertises only protocols that the server does not support(see[RFC7301]). RFC 8446: https://www.rfc-editor.org/rfc/rfc8446.html |
|
strong |
This enum is used to select different options for the TlsSocket class
Default: A default of options is used: currently EnableTlsv12 and EnableTlsv13 are enabled (EnableTlsv12 | EnableTlsv13) EnableTlsv12: The TlsSocket supports the TLS v1.2 protocol version EnableTlsv13: The TlsSocket supports the TLS v1.3 protocol version SupportSessionRenegotiation: The TlsSocket supports session renegotiation (Only TLS v1.2 connections, since TLS v1.3 removed the support) CheckLeafCrl: The TlsSocket checks the CRL of the peer certificate if a TrustStore is configured CheckAllCrl: The TlsSocket checks the all CRL of the of the peer certificate chain if a TrustStore is configured TrustPartialChain: Normally only ca certificates are trusted. With this option TlsSocket and TlsSocket2 also trust intermediate or end entity certicates stored in the truststore Options can be combined (with |) since they are represented as bit flags
|
strong |
This enum list possible error codes which further specifies an certificate verification error. For details see: https://www.openssl.org/docs/man1.1.1/man1/verify.html and: https://www.openssl.org/docs/man3.1/man3/X509_STORE_CTX_get_error.html
1.9.4