OFTPServer Class
Properties Methods Events Configuration Settings Errors
The OFTPServer class implements the server side of the Odette File Transfer Protocol.
Syntax
class ipworksedi.OFTPServer
Remarks
The OFTPServer component implements an OFTP server. It is a lightweight server that supports version 1.2, 1.3, 1.4, and 2.0 of OFTP.
Sending and Receiving Files
To use the class first decide if you will support TLS/SSL connections or not. If use_ssl is set to true, all clients will be expected to connect in TLS/SSL. If use_ssl is set to false (default), all clients are expected to connect in plaintext. If use_ssl is true, only clients that support Version 2.0 of the protocol can connect.
Once you have decided whether or not to support TLS/SSL, specify the port you wish the server to listen on in local_port. By default this value is 3305.
Next, specify values for server_ssid_code, server_sfid_code, server_password.
Then set listening to true to start listening for incoming requests.
When a client connects, you will have an opportunity to authenticate the client before continuing the connection.
This is done when the on_accept_connection event fires. Within this event you can validate that the connecting client
has access based on rules you determine. If you wish to reject the connection set the Accept parameter to false.
Within this event you can also specify the directory to which files sent by the client to the server are saved.
It is necessary to specify the directory within this event, as the client can start sending files as soon as the connection is complete. To specify
the download directory set the oftp_connection_download_directory property. For instance:
oftpserver1.SetOFTPConnectionDownloadDirectory(e->ConnectionId, "C:\\Downloads");
When the connection is complete, the client may send files. If the client does send a file the on_accept_file event will fire and you will have the opportunity to reject the file by setting the Accept parameter of the event. In addition you will have a chance to change the filename by setting the Filename parameter if desired.
After the client has sent all the files it is configured to send, it will pass control to the server. At that time the on_ready_to_send event will fire, and the oftp_connection_ready_to_send property will be set to true. After this, you can either end the session with the client by calling logoff or send files to the client. To send files to the client simply call the send_file method with the specified parameters.
TLS/SSL Notes
When use_ssl is set to true, the server must be configured with a TLS/SSL certificate before it is started. Set ssl_cert to a valid certificate with corresponding private key before setting listening to true. This may be a PFX file, PEM key, or a certificate in a windows certificate store. See the ssl_cert property for more information.
After ssl_cert is set to a valid certificate and listening is set to true, when a client connects the on_ssl_status event will fire during the TLS/SSL negotiation. This is purely informational, if there is an error the on_error event will fire.
If you want to require TLS/SSL client authentication, set ssl_authenticate_clients to true before setting listening to true. This will force clients to present a certificate during TLS/SSL negotiation to be used for authorization. In this case the on_ssl_client_authentication event will fire and you must set the Accept parameter within the event to true in order to accept the client's certificate and proceed with the connection.
Example Code
MyOftpserver server;
server.SetServerSSIDCode("SERVERSSID");
server.SetServerSFIDCode("SERVERSFID");
server.SetServerPassword("SERVER");
server.SetListening(true);
...
//Within the main loop of the application call server.DoEvents() in a loop
//to process events.
//When the ReadyToSend event fires the server can then send files to the client. To do this call the SendFile method.
//Alternatively, monitor server.GetOFTPConnectionReadyToSend(<ConnectionId>) to determine when files can be sent.
class MyOFTPServer : public OFTPServer {
public:
MyOFTPServer() {}
virtual int FireAcceptConnection(OFTPServerAcceptConnectionEventParams* e) {
clientConnectionId = e->ConnectionId;
clientSSIDCode = strdup(e->ClientSSIDCode);
this->SetOFTPConnectionDownloadDirectory(e->ConnectionId, INCOMING_DIR);
return 0;
}
virtual int FireAcceptFile(OFTPServerAcceptFileEventParams* e) {
//e->Accept = False; //To reject a file set e->Accept to false
return 0;
}
virtual int FirePITrail(OFTPServerPITrailEventParams* e) {
char logmsg[MAX_PATH];
if (e->Direction == 0) {
sprintf(logmsg, "CLIENT: %s : %s", e->CommandId, e->CommandDescription);
}
else {
sprintf(logmsg, "SERVER: %s : %s", e->CommandId, e->CommandDescription);
}
printf(logmsg);
return 0;
}
virtual int FireError(OFTPServerErrorEventParams* e) {
printf("[%d] %s\n", e->ErrorCode,strdup(e->Description));
return 0;
}
};
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
| cert_encoded | The certificate (PEM/base64 encoded). |
| cert_store | The name of the certificate store for the client certificate. |
| cert_store_password | If the certificate store is of a type that requires a password, this property is used to specify that password in order to open the certificate store. |
| cert_store_type | The type of certificate store for this certificate. |
| cert_subject | The subject of the certificate used for client authentication. |
| connection_backlog | The maximum number of pending connections maintained by the TCP/IP subsystem. |
| oftp_connection_count | The number of records in the OFTPConnection arrays. |
| oftp_connection_compress | Whether or not compression is used on the outgoing or incoming file. |
| oftp_connection_connected | This property is used to disconnect individual connections and/or show their status. |
| oftp_connection_connection_id | This property contains an identifier generated by the class to identify each connection. |
| oftp_connection_download_directory | The directory to which files will be saved. |
| oftp_connection_encryption_algorithm | The encryption algorithm used when sending files to the client. |
| oftp_connection_local_address | This property shows the IP address of the interface through which the connection is passing. |
| oftp_connection_max_record_size | This value determines the maximum length for a record in the outgoing virtual file. |
| oftp_connection_ready_to_send | Specifies whether or not the server can send to the client. |
| oftp_connection_recipient_cert_store | The name of the certificate store for the recipient certificate. |
| oftp_connection_recipient_cert_store_password | If the certificate store is of a type that requires a password, this property is used to specify that password in order to open the certificate store. |
| oftp_connection_recipient_cert_store_type | The type of certificate store for this certificate. |
| oftp_connection_recipient_cert_subject | The subject of the recipient certificate. |
| oftp_connection_remote_host | This property shows the IP address of the remote host through which the connection is coming. |
| oftp_connection_remote_port | This property shows the TCP port on the remote host through which the connection is coming. |
| oftp_connection_sfid_code | The connected client's SFID code. |
| oftp_connection_signed_receipt | Indicates whether a signed receipt is requested. |
| oftp_connection_ssid_code | The connected client's SSID code. |
| oftp_connection_timeout | A timeout for the class. |
| oftp_connection_version | This holds the version of OFTP supported by the client. |
| oftp_connection_virtual_file_date | Set this to the date/time stamp for the virtual file before sending. |
| oftp_connection_virtual_file_format | The structure of the outgoing or incoming file. |
| oftp_connection_virtual_file_security_level | Specifies security options for the outgoing or incoming file. |
| default_timeout | An initial timeout value to be used by incoming connections. |
| listening | If True, the class accepts incoming connections on LocalPort. |
| local_host | The name of the local host or user-assigned IP interface through which connections are initiated or accepted. |
| local_port | The TCP port in the local host where the class listens. |
| server_password | The server's password. |
| server_sfid_code | Server's SFID code. |
| server_ssid_code | The server's SSID code. |
| ssl_authenticate_clients | If true, the server asks the client(s) for a certificate. |
| ssl_cert_encoded | The certificate (PEM/base64 encoded). |
| ssl_cert_store | The name of the certificate store for the client certificate. |
| ssl_cert_store_password | If the certificate store is of a type that requires a password, this property is used to specify that password in order to open the certificate store. |
| ssl_cert_store_type | The type of certificate store for this certificate. |
| ssl_cert_subject | The subject of the certificate used for client authentication. |
| trusted_cert_count | The number of records in the TrustedCert arrays. |
| trusted_cert_encoded | The certificate (PEM/base64 encoded). |
| trusted_cert_store | The name of the certificate store for the client certificate. |
| trusted_cert_store_password | If the certificate store is of a type that requires a password, this property is used to specify that password in order to open the certificate store. |
| trusted_cert_store_type | The type of certificate store for this certificate. |
| trusted_cert_subject | The subject of the certificate used for client authentication. |
| use_ssl | Use SSL to access the RemoteHost . |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
| change_direction | Sends a Change Direction (CD) command. |
| config | Sets or retrieves a configuration setting. |
| disconnect | Disconnect the specified client. |
| do_events | Processes events from the internal message queue. |
| exchange_certificate | Exchange a certificate with the remote host. |
| import_trusted_certs | Imports a list of trusted CA certificates. |
| interrupt | Interrupts a synchronous send to the remote host. |
| logoff | Ends a session with the connection client. |
| reset | Resets the state of the control. |
| send_end_response | Sends an EERP/NERP asynchronously. |
| send_file | Sends a file to the specified client. |
| shutdown | Shuts down the server. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
| on_accept_connection | Fired when a client connects. |
| on_accept_file | Fired when the client sends a file. |
| on_certificate_received | Fired when a certificate is received from the remote host. |
| on_connected | Fired immediately after a connection completes (or fails). |
| on_connection_request | Fired when a request for connection comes from a remote host. |
| on_disconnected | Fired when a connection is closed. |
| on_end_response | Fired every time an end response is received from the client. |
| on_end_transfer | Fired when a file finishes transferring. |
| on_error | Information about errors during data delivery. |
| on_pi_trail | Fired when any protocol level communication occurs. |
| on_ready_to_send | Fired when the class is ready to send data. |
| on_ssl_client_authentication | Fired when the client presents its credentials to the server. |
| on_ssl_connection_request | Fires when an SSL connection is requested. |
| on_ssl_status | Shows the progress of the secure connection. |
| on_start_transfer | Fired when a document starts transferring. |
| on_transfer | Fired while a document transfers (delivers document). |
Configuration Settings
The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.
| AllowRetry[ConnectionId] | Whether to send a retry indicator when rejecting a file. |
| CDAfterSendEndResponse[ConnectionId] | Whether to issue a CD command after sending an asynchronous EERP. |
| CertificateStore[ConnectionId] | The name of the certificate store. |
| CertificateStorePassword[ConnectionId] | The certificate password. |
| CertificateStoreType[ConnectionId] | The type of certificate store. |
| CertificateSubject[ConnectionId] | The certificate subject. |
| CertificateType | Specifies the type of certificate being supplied. |
| CertificateType[ConnectionId] | Specifies the type of certificate being supplied. |
| ConnectionType[ConnectionId] | Specifies the type of connection that will be created. |
| CreditCount[ConnectionId] | Specifies the maximum credit value. |
| DefaultIdleTimeout | The default idle timeout for inactive clients. |
| DefaultReceiptHashAlgorithm | The receipt hash algorithm to request when sending a file. |
| DeleteOnError | Whether received files are deleted when there is an error during processing. |
| DisconnectAfterEndSession | Determines if the connection is closed immediately after ending the session. |
| ExchangeBufferSize[ConnectionId] | Specifies the data exchange buffer size in bytes. |
| ExchangeCertStoreType | Specifies the store type when loading a certificate to be exchanged. |
| ExchangeCertSubject | The subject of the certificate being exchanged. |
| FailOnUntrustedCert | Whether or not to throw an exception when untrusted certificates are used. |
| FileDescription[ConnectionId] | Additional description information sent with the file. |
| FileHashAlgorithm[ConnectionId] | The hash algorithm to use when sending a file. |
| FireEndResponseOnSend | Determines if the EndResponse event is fired for outgoing EERP and NERPs. |
| FollowRedirects | Determines behavior when importing trusted certificates and a HTTP redirect is returned. |
| FriendlyLogFormat | Determines if a more friendly format is applied to PITrail event out. |
| IdleTimeout | The idle timeout for this connection. |
| KeepAlive | This property enables the SO_KEEPALIVE option on the incoming connections. This option prevents long connections from timing out in case of inactivity. |
| Linger | This property controls how a connection is closed. The default is True. In this case the connection is closed only after all the data is sent. Setting it to False forces an abrupt (hard) disconnection. Any data that was in the sending queue may be lost. |
| ReceivedConnectionType[ConnectionId] | Returns the connection type specified by the client. |
| ReceivedFileDateTime[ConnectionId] | The datetime of the file being received. |
| ReceivedFileDescription[ConnectionId] | Additional description information received with the file. |
| ReceivedFileEncryptionAlg[ConnectionId] | The encryption algorithm used for the file being received. |
| ReceivedFileName[ConnectionId] | Returns the name of the received file. |
| ReceivedFileNameFormat | The name format of received files. |
| ReceivedFileNameFormat[ConnectionId] | The name format of received files. |
| RecipientCertificateType | Specifies the type of recipient certificate being supplied. |
| Retry[ConnectionId] | Indicates whether the recipient allows the send to be retried. |
| SecureAuthentication | Specifies secure authentication requirements for connecting clients. |
| SendCDAfterEFPA | Specifies whether a CD is always sent after receiving an EFPA. |
| ServerPassword[ConnectionId] | Sets or gets the ServerPassword for a particular connection. |
| ServerSFIDCode[ConnectionId] | Sets or gets the ServerSFIDCode for a particular connection. |
| ServerSSIDCode[ConnectionId] | Sets the ServerSSIDCode for a particular connection. |
| TempPath[ConnectionId] | The path of a directory where temporary files will be created. |
| TrustedCertsData | Specifies the source to be used when importing trusted certificates. |
| VirtualFileDateFormat | The DateTime format of received files. |
| AllowedClients | A comma-separated list of host names or IP addresses that can access the class. |
| BindExclusively | Whether or not the class considers a local port reserved for exclusive use. |
| ConnectionUID | The unique connectionId for a connection. |
| DefaultConnectionTimeout | The inactivity timeout applied to the SSL handshake. |
| InBufferSize | The size in bytes of the incoming queue of the socket. |
| KeepAliveInterval | The retry interval, in milliseconds, to be used when a TCP keep-alive packet is sent and no response is received. |
| KeepAliveRetryCount | The number of keep-alive packets to be sent before the remotehost is considered disconnected. |
| KeepAliveTime | The inactivity time in milliseconds before a TCP keep-alive packet is sent. |
| MaxConnections | The maximum number of connections available. |
| OutBufferSize | The size in bytes of the outgoing queue of the socket. |
| TcpNoDelay | Whether or not to delay when sending packets. |
| UseIOCP | Whether to use the completion port I/O model. |
| UseIPv6 | Whether to use IPv6. |
| UseWindowsMessages | Whether to use the WSAAsyncSelect I/O model. |
| LogSSLPackets | Controls whether SSL packets are logged when using the internal security API. |
| OpenSSLCADir | The path to a directory containing CA certificates. |
| OpenSSLCAFile | Name of the file containing the list of CA's trusted by your application. |
| OpenSSLCipherList | A string that controls the ciphers to be used by SSL. |
| OpenSSLPrngSeedData | The data to seed the pseudo random number generator (PRNG). |
| ReuseSSLSession | Determines if the SSL session is reused. |
| SSLCACertFilePaths | The paths to CA certificate files on Unix/Linux. |
| SSLCACerts | A newline separated list of CA certificate to use during SSL client authentication. |
| SSLCheckCRL | Whether to check the Certificate Revocation List for the server certificate. |
| SSLCipherStrength | The minimum cipher strength used for bulk encryption. |
| SSLEnabledCipherSuites | The cipher suite to be used in an SSL negotiation. |
| SSLEnabledProtocols | Used to enable/disable the supported security protocols. |
| SSLEnableRenegotiation | Whether the renegotiation_info SSL extension is supported. |
| SSLIncludeCertChain | Whether the entire certificate chain is included in the SSLServerAuthentication event. |
| SSLNegotiatedCipher | Returns the negotiated ciphersuite. |
| SSLNegotiatedCipherStrength | Returns the negotiated ciphersuite strength. |
| SSLNegotiatedCipherSuite | Returns the negotiated ciphersuite. |
| SSLNegotiatedKeyExchange | Returns the negotiated key exchange algorithm. |
| SSLNegotiatedKeyExchangeStrength | Returns the negotiated key exchange algorithm strength. |
| SSLNegotiatedVersion | Returns the negotiated protocol version. |
| SSLProvider | The name of the security provider to use. |
| SSLSecurityFlags | Flags that control certificate verification. |
| SSLServerCACerts | A newline separated list of CA certificate to use during SSL server certificate validation. |
| TLS12SignatureAlgorithms | Defines the allowed TLS 1.2 signature algorithms when UseInternalSecurityAPI is True. |
| TLS12SupportedGroups | The supported groups for ECC. |
| TLS13KeyShareGroups | The groups for which to pregenerate key shares. |
| TLS13SignatureAlgorithms | The allowed certificate signature algorithms. |
| TLS13SupportedGroups | The supported groups for (EC)DHE key exchange. |
| BuildInfo | Information about the product's build. |
| CodePage | The system code page used for Unicode to Multibyte translations. |
| LicenseInfo | Information about the current license. |
| ProcessIdleEvents | Whether the class uses its internal event loop to process events when the main thread is idle. |
| SelectWaitMillis | The length of time in milliseconds the class will wait when DoEvents is called if there are no events to process. |
| UseInternalSecurityAPI | Tells the class whether or not to use the system security libraries or an internal implementation. |