RCP Class
Properties Methods Events Config Settings Errors
The RCP class implements the popular UNIX Remote Copy Protocol, used to transfer files between systems.
Syntax
class ipworks.RCP
Remarks
Using the class is as simple as specifying a local_file, a remote_file and remote_host, and calling the get_file or the put_file method.
The Remote Copy Protocol is implemented over either RSHELL or REXEC. The class allows you to choose which protocol to use via the protocol property.
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
| file_mode | This property includes the file mode for the RemoteFile . |
| firewall_auto_detect | Whether to automatically detect and use firewall system settings, if available. |
| firewall_type | The type of firewall to connect through. |
| firewall_host | The name or IP address of the firewall (optional). |
| firewall_password | A password if authentication is to be used when connecting through the firewall. |
| firewall_port | The Transmission Control Protocol (TCP) port for the firewall Host . |
| firewall_user | A username if authentication is to be used when connecting through a firewall. |
| idle | The current status of the class. |
| local_file | This property includes the file on the local host. |
| local_host | The name of the local host or user-assigned IP interface through which connections are initiated or accepted. |
| local_port | This property includes the Transmission Control Protocol (TCP) port in the local host where the class binds. |
| password | This property includes the password associated with User . |
| protocol | This property sets the protocol to use for the transfer. |
| remote_file | This property includes the file on the remote host. |
| remote_host | This property includes the remote host to which to connect. |
| remote_port | This property includes the port for the service (REXEC or RSHELL). |
| timeout | The timeout for the class. |
| user | This property includes identification of the remote user for a transfer. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
| config | Sets or retrieves a configuration setting. |
| do_events | This method processes events from the internal message queue. |
| get_file | This method gets the specified file. |
| interrupt | This method interrupts the current method. |
| put_file | This method puts a file to a specified location. |
| reset | This method will reset the class. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
| on_connected | Fired immediately after a connection completes (or fails). |
| on_connection_status | Fired to indicate changes in the connection state. |
| on_disconnected | Fired when a connection is closed. |
| on_error | Fired when information is available about errors during data delivery. |
| on_progress | This event is fired whenever data are being transferred between the localhost and RemoteHost . |
Config Settings
The following is a list of config settings for the class with short descriptions. Click on the links for further details.
| EnableStderr | Enables or disables secondary (stderr) stream. |
| MaxStderr | Maximum storage available for the stderr buffer. |
| MaxStdout | Maximum storage available for the stdout buffer. |
| StderrPort | The local port from which the remote system sends the stderr stream. |
| ConnectionTimeout | Sets a separate timeout value for establishing a connection. |
| FirewallAutoDetect | Tells the class whether or not to automatically detect and use firewall system settings, if available. |
| FirewallHost | Name or IP address of firewall (optional). |
| FirewallPassword | Password to be used if authentication is to be used when connecting through the firewall. |
| FirewallPort | The TCP port for the FirewallHost;. |
| FirewallType | Determines the type of firewall to connect through. |
| FirewallUser | A user name if authentication is to be used connecting through a firewall. |
| KeepAliveInterval | The retry interval, in milliseconds, to be used when a TCP keep-alive packet is sent and no response is received. |
| KeepAliveTime | The inactivity time in milliseconds before a TCP keep-alive packet is sent. |
| Linger | When set to True, connections are terminated gracefully. |
| LingerTime | Time in seconds to have the connection linger. |
| LocalHost | The name of the local host through which connections are initiated or accepted. |
| LocalPort | The port in the local host where the class binds. |
| MaxLineLength | The maximum amount of data to accumulate when no EOL is found. |
| MaxTransferRate | The transfer rate limit in bytes per second. |
| ProxyExceptionsList | A semicolon separated list of hosts and IPs to bypass when using a proxy. |
| TCPKeepAlive | Determines whether or not the keep alive socket option is enabled. |
| TcpNoDelay | Whether or not to delay when sending packets. |
| UseIPv6 | Whether to use IPv6. |
| LogSSLPackets | Controls whether SSL packets are logged when using the internal security API. |
| OpenSSLCADir | The path to a directory containing CA certificates. |
| OpenSSLCAFile | Name of the file containing the list of CA's trusted by your application. |
| OpenSSLCipherList | A string that controls the ciphers to be used by SSL. |
| OpenSSLPrngSeedData | The data to seed the pseudo random number generator (PRNG). |
| ReuseSSLSession | Determines if the SSL session is reused. |
| SSLCACertFilePaths | The paths to CA certificate files on Unix/Linux. |
| SSLCACerts | A newline separated list of CA certificates to be included when performing an SSL handshake. |
| SSLCheckCRL | Whether to check the Certificate Revocation List for the server certificate. |
| SSLCheckOCSP | Whether to use OCSP to check the status of the server certificate. |
| SSLCipherStrength | The minimum cipher strength used for bulk encryption. |
| SSLClientCACerts | A newline separated list of CA certificates to use during SSL client certificate validation. |
| SSLEnabledCipherSuites | The cipher suite to be used in an SSL negotiation. |
| SSLEnabledProtocols | Used to enable/disable the supported security protocols. |
| SSLEnableRenegotiation | Whether the renegotiation_info SSL extension is supported. |
| SSLIncludeCertChain | Whether the entire certificate chain is included in the SSLServerAuthentication event. |
| SSLKeyLogFile | The location of a file where per-session secrets are written for debugging purposes. |
| SSLNegotiatedCipher | Returns the negotiated cipher suite. |
| SSLNegotiatedCipherStrength | Returns the negotiated cipher suite strength. |
| SSLNegotiatedCipherSuite | Returns the negotiated cipher suite. |
| SSLNegotiatedKeyExchange | Returns the negotiated key exchange algorithm. |
| SSLNegotiatedKeyExchangeStrength | Returns the negotiated key exchange algorithm strength. |
| SSLNegotiatedVersion | Returns the negotiated protocol version. |
| SSLSecurityFlags | Flags that control certificate verification. |
| SSLServerCACerts | A newline separated list of CA certificates to use during SSL server certificate validation. |
| TLS12SignatureAlgorithms | Defines the allowed TLS 1.2 signature algorithms when SSLProvider is set to Internal. |
| TLS12SupportedGroups | The supported groups for ECC. |
| TLS13KeyShareGroups | The groups for which to pregenerate key shares. |
| TLS13SignatureAlgorithms | The allowed certificate signature algorithms. |
| TLS13SupportedGroups | The supported groups for (EC)DHE key exchange. |
| AbsoluteTimeout | Determines whether timeouts are inactivity timeouts or absolute timeouts. |
| FirewallData | Used to send extra data to the firewall. |
| InBufferSize | The size in bytes of the incoming queue of the socket. |
| OutBufferSize | The size in bytes of the outgoing queue of the socket. |
| BuildInfo | Information about the product's build. |
| CodePage | The system code page used for Unicode to Multibyte translations. |
| LicenseInfo | Information about the current license. |
| MaskSensitiveData | Whether sensitive data is masked in log messages. |
| ProcessIdleEvents | Whether the class uses its internal event loop to process events when the main thread is idle. |
| SelectWaitMillis | The length of time in milliseconds the class will wait when DoEvents is called if there are no events to process. |
| UseInternalSecurityAPI | Whether or not to use the system security libraries or an internal implementation. |
file_mode Property
This property includes the file mode for the RemoteFile .
Syntax
def get_file_mode() -> str: ... def set_file_mode(value: str) -> None: ...
file_mode = property(get_file_mode, set_file_mode)
Default Value
"0600"
Remarks
This property contains the file mode for the remote_file. This property is used along with the put_file method. The default mode is "0600".
firewall_auto_detect Property
Whether to automatically detect and use firewall system settings, if available.
Syntax
def get_firewall_auto_detect() -> bool: ... def set_firewall_auto_detect(value: bool) -> None: ...
firewall_auto_detect = property(get_firewall_auto_detect, set_firewall_auto_detect)
Default Value
FALSE
Remarks
Whether to automatically detect and use firewall system settings, if available.
firewall_type Property
The type of firewall to connect through.
Syntax
def get_firewall_type() -> int: ... def set_firewall_type(value: int) -> None: ...
firewall_type = property(get_firewall_type, set_firewall_type)
Default Value
0
Remarks
The type of firewall to connect through. The applicable values are as follows:
| fwNone (0) | No firewall (default setting). |
| fwTunnel (1) | Connect through a tunneling proxy. firewall_port is set to 80. |
| fwSOCKS4 (2) | Connect through a SOCKS4 Proxy. firewall_port is set to 1080. |
| fwSOCKS5 (3) | Connect through a SOCKS5 Proxy. firewall_port is set to 1080. |
| fwSOCKS4A (10) | Connect through a SOCKS4A Proxy. firewall_port is set to 1080. |
firewall_host Property
The name or IP address of the firewall (optional).
Syntax
def get_firewall_host() -> str: ... def set_firewall_host(value: str) -> None: ...
firewall_host = property(get_firewall_host, set_firewall_host)
Default Value
""
Remarks
The name or IP address of the firewall (optional). If a firewall_host is given, the requested connections will be authenticated through the specified firewall when connecting.
If this property is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, this property is set to the corresponding address. If the search is not successful, the class fails with an error.
firewall_password Property
A password if authentication is to be used when connecting through the firewall.
Syntax
def get_firewall_password() -> str: ... def set_firewall_password(value: str) -> None: ...
firewall_password = property(get_firewall_password, set_firewall_password)
Default Value
""
Remarks
A password if authentication is to be used when connecting through the firewall. If firewall_host is specified, the firewall_user and firewall_password properties are used to connect and authenticate to the given firewall. If the authentication fails, the class fails with an error.
firewall_port Property
The Transmission Control Protocol (TCP) port for the firewall Host .
Syntax
def get_firewall_port() -> int: ... def set_firewall_port(value: int) -> None: ...
firewall_port = property(get_firewall_port, set_firewall_port)
Default Value
0
Remarks
The Transmission Control Protocol (TCP) port for the firewall firewall_host. See the description of the firewall_host property for details.
Note: This property is set automatically when firewall_type is set to a valid value. See the description of the firewall_type property for details.
firewall_user Property
A username if authentication is to be used when connecting through a firewall.
Syntax
def get_firewall_user() -> str: ... def set_firewall_user(value: str) -> None: ...
firewall_user = property(get_firewall_user, set_firewall_user)
Default Value
""
Remarks
A username if authentication is to be used when connecting through a firewall. If firewall_host is specified, this property and the firewall_password property are used to connect and authenticate to the given Firewall. If the authentication fails, the class fails with an error.
idle Property
The current status of the class.
Syntax
def get_idle() -> bool: ...
idle = property(get_idle, None)
Default Value
TRUE
Remarks
This property will be False if the component is currently busy (communicating or waiting for an answer), and True at all other times.
This property is read-only.
local_file Property
This property includes the file on the local host.
Syntax
def get_local_file() -> str: ... def set_local_file(value: str) -> None: ...
local_file = property(get_local_file, set_local_file)
Default Value
""
Remarks
This property points to the file on the local host. When get_file is called and the file already exists, it is overwritten.
When put_file is called, this property must point to a valid file, or an error will be returned.
local_host Property
The name of the local host or user-assigned IP interface through which connections are initiated or accepted.
Syntax
def get_local_host() -> str: ... def set_local_host(value: str) -> None: ...
local_host = property(get_local_host, set_local_host)
Default Value
""
Remarks
This property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.
In multihomed hosts (machines with more than one IP interface) setting LocalHost to the IP address of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface. It is recommended to provide an IP address rather than a hostname when setting this property to ensure the desired interface is used.
If the class is connected, the local_host property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).
Note: local_host is not persistent. You must always set it in code, and never in the property window.
local_port Property
This property includes the Transmission Control Protocol (TCP) port in the local host where the class binds.
Syntax
def get_local_port() -> int: ... def set_local_port(value: int) -> None: ...
local_port = property(get_local_port, set_local_port)
Default Value
0
Remarks
The local_port property must be set before a connection is attempted. This property instructs the class to bind to a specific port (or communication endpoint) in the local machine.
Setting it to zero (the default) enables the class to choose a port at random. The chosen port will be shown by the local_port property after the connection is established.
local_port cannot be changed once a connection is made. Any attempt to set the local_port property when a connection is active will generate an error.
Note: Use this property with caution. If you supply a value, it must be an available port on the system, or an error will be returned. Furthermore, the class always attempts to bind to a secure (sub 1000) port when the value of local_port is the default (zero). If you supply your own value, ensure that the remote system is configured to allow that particular value.
password Property
This property includes the password associated with User .
Syntax
def get_password() -> str: ... def set_password(value: str) -> None: ...
password = property(get_password, set_password)
Default Value
""
Remarks
This property needs to be set to the password that the remote_host has associated with the user. This property is needed only if the protocol used is REXEC.
protocol Property
This property sets the protocol to use for the transfer.
Syntax
def get_protocol() -> int: ... def set_protocol(value: int) -> None: ...
protocol = property(get_protocol, set_protocol)
Default Value
0
Remarks
This property determines the protocol mechanism used to communicate with the remote host. It has two possible values:
| protRexec (0) | The class uses the REXEC protocol for data transfer. |
| protRshell (1) | The class uses the RSHELL protocol for data transfer. |
remote_file Property
This property includes the file on the remote host.
Syntax
def get_remote_file() -> str: ... def set_remote_file(value: str) -> None: ...
remote_file = property(get_remote_file, set_remote_file)
Default Value
""
Remarks
This property indicates the file on the remote host. When get_file is called, this property must be a valid file on the remote_host.
remote_host Property
This property includes the remote host to which to connect.
Syntax
def get_remote_host() -> str: ... def set_remote_host(value: str) -> None: ...
remote_host = property(get_remote_host, set_remote_host)
Default Value
""
Remarks
This property indicates the remote hose to which to connect. Set this property to a valid internet address of a computer that is running REXEC or RSHELL services. If the computer is not running the service that the protocol property is set to, then the connection will fail.
If the class is configured to use a SOCKS firewall, the value assigned to this property may be preceded with an "*". If this is the case, the host name is passed to the firewall unresolved and the firewall performs the DNS resolution.
remote_port Property
This property includes the port for the service (REXEC or RSHELL).
Syntax
def get_remote_port() -> int: ... def set_remote_port(value: int) -> None: ...
remote_port = property(get_remote_port, set_remote_port)
Default Value
0
Remarks
This property indicates the port for the service (REXEC or RSHELL). The value of this property is set automatically to 512 for REXEC or 514 for RSHELL every time the protocol property is set. Please refer to the description of the protocol property for more information.
timeout Property
The timeout for the class.
Syntax
def get_timeout() -> int: ... def set_timeout(value: int) -> None: ...
timeout = property(get_timeout, set_timeout)
Default Value
60
Remarks
If the timeout property is set to 0, all operations will run uninterrupted until successful completion or an error condition is encountered.
If timeout is set to a positive value, the class will wait for the operation to complete before returning control.
The class will use do_events to enter an efficient wait loop during any potential waiting period, making sure that all system events are processed immediately as they arrive. This ensures that the host application does not freeze and remains responsive.
If timeout expires, and the operation is not yet complete, the class fails with an error.
Note: By default, all timeouts are inactivity timeouts, that is, the timeout period is extended by timeout seconds when any amount of data is successfully sent or received.
The default value for the timeout property is 60 seconds.
user Property
This property includes identification of the remote user for a transfer.
Syntax
def get_user() -> str: ... def set_user(value: str) -> None: ...
user = property(get_user, set_user)
Default Value
""
Remarks
This property contains the identification of the remote user for a transfer. This identification is necessary for use with the protocols REXEC and RSHELL.
config Method
Sets or retrieves a configuration setting.
Syntax
def config(configuration_string: str) -> str: ...
Remarks
config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.
These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.
To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).
To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.
do_events Method
This method processes events from the internal message queue.
Syntax
def do_events() -> None: ...
Remarks
When do_events is called, the class processes any available events. If no events are available, it waits for a preset period of time, and then returns.
get_file Method
This method gets the specified file.
Syntax
def get_file() -> None: ...
Remarks
This method gets the specified file. A connection is made with the remote_host using the specified protocol, user, and password, and a request is sent to read the file specified by remote_file.
Example. Get a File:
RCPControl.RemoteHost = "MyServer"
RCPControl.User = "username"
RCPControl.Password = "password"
RCPControl.Protocol = protRexec
RCPControl.RemoteFile = "/remotefile.txt"
RCPControl.LocalFile = "C:\filename.txt"
RCPControl.GetFile()
interrupt Method
This method interrupts the current method.
Syntax
def interrupt() -> None: ...
Remarks
If there is no method in progress, interrupt simply returns, doing nothing.
put_file Method
This method puts a file to a specified location.
Syntax
def put_file() -> None: ...
Remarks
This method makes a connection, and then a request is sent to copy local_file to the file specified by remote_file.
Example. Put a File:
RCPControl.RemoteHost = "MyServer"
RCPControl.User = "username"
RCPControl.Password = "password"
RCPControl.Protocol = protRexec
RCPControl.RemoteFile = "/remotefile.txt"
RCPControl.LocalFile = "C:\filename.txt"
RCPControl.PutFile()
reset Method
This method will reset the class.
Syntax
def reset() -> None: ...
Remarks
This method will reset the class's properties to their default values.
on_connected Event
Fired immediately after a connection completes (or fails).
Syntax
class RCPConnectedEventParams(object): @property def status_code() -> int: ... @property def description() -> str: ... # In class RCP: @property def on_connected() -> Callable[[RCPConnectedEventParams], None]: ... @on_connected.setter def on_connected(event_hook: Callable[[RCPConnectedEventParams], None]) -> None: ...
Remarks
If the connection is made normally, StatusCode is 0 and Description is "OK".
If the connection fails, StatusCode has the error code returned by the Transmission Control Protocol (TCP)/IP stack. Description contains a description of this code. The value of StatusCode is equal to the value of the error.
Please refer to the Error Codes section for more information.
on_connection_status Event
Fired to indicate changes in the connection state.
Syntax
class RCPConnectionStatusEventParams(object): @property def connection_event() -> str: ... @property def status_code() -> int: ... @property def description() -> str: ... # In class RCP: @property def on_connection_status() -> Callable[[RCPConnectionStatusEventParams], None]: ... @on_connection_status.setter def on_connection_status(event_hook: Callable[[RCPConnectionStatusEventParams], None]) -> None: ...
Remarks
This event is fired when the connection state changes: for example, completion of a firewall or proxy connection or completion of a security handshake.
The ConnectionEvent parameter indicates the type of connection event. Values may include the following:
| Firewall connection complete. | |
| Secure Sockets Layer (SSL) or S/Shell handshake complete (where applicable). | |
| Remote host connection complete. | |
| Remote host disconnected. | |
| SSL or S/Shell connection broken. | |
| Firewall host disconnected. |
on_disconnected Event
Fired when a connection is closed.
Syntax
class RCPDisconnectedEventParams(object): @property def status_code() -> int: ... @property def description() -> str: ... # In class RCP: @property def on_disconnected() -> Callable[[RCPDisconnectedEventParams], None]: ... @on_disconnected.setter def on_disconnected(event_hook: Callable[[RCPDisconnectedEventParams], None]) -> None: ...
Remarks
If the connection is broken normally, StatusCode is 0 and Description is "OK".
If the connection is broken for any other reason, StatusCode has the error code returned by the Transmission Control Protocol (TCP/IP) subsystem. Description contains a description of this code. The value of StatusCode is equal to the value of the TCP/IP error.
Please refer to the Error Codes section for more information.
on_error Event
Fired when information is available about errors during data delivery.
Syntax
class RCPErrorEventParams(object): @property def error_code() -> int: ... @property def description() -> str: ... # In class RCP: @property def on_error() -> Callable[[RCPErrorEventParams], None]: ... @on_error.setter def on_error(event_hook: Callable[[RCPErrorEventParams], None]) -> None: ...
Remarks
The on_error event is fired in case of exceptional conditions during message processing. Normally the class fails with an error.
The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.
on_progress Event
This event is fired whenever data are being transferred between the localhost and RemoteHost .
Syntax
class RCPProgressEventParams(object): @property def percent_done() -> int: ... # In class RCP: @property def on_progress() -> Callable[[RCPProgressEventParams], None]: ... @on_progress.setter def on_progress(event_hook: Callable[[RCPProgressEventParams], None]) -> None: ...
Remarks
The PercentDone parameter shows which portion of the file has already been transferred.
RCP Config Settings
The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.Rexec/Rshell Config Settings
The default value for this configuration setting is True.
Some systems do not support secondary stderr streams. Please refer to the EnableStderr configuration setting for more information.
TCPClient Config Settings
If the FirewallHost setting is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, the FirewallHost setting is set to the corresponding address. If the search is not successful, an error is returned.
Note: This setting is provided for use by classs that do not directly expose Firewall properties.
Note: This setting is provided for use by classs that do not directly expose Firewall properties.
Note: This configuration setting is provided for use by classs that do not directly expose Firewall properties.
| 0 | No firewall (default setting). |
| 1 | Connect through a tunneling proxy. FirewallPort is set to 80. |
| 2 | Connect through a SOCKS4 Proxy. FirewallPort is set to 1080. |
| 3 | Connect through a SOCKS5 Proxy. FirewallPort is set to 1080. |
| 10 | Connect through a SOCKS4A Proxy. FirewallPort is set to 1080. |
Note: This setting is provided for use by classs that do not directly expose Firewall properties.
Note: This setting is provided for use by classs that do not directly expose Firewall properties.
Note: This value is not applicable in macOS.
In the case that Linger is True (default), two scenarios determine how long the connection will linger. In the first, if LingerTime is 0 (default), the system will attempt to send pending data for a connection until the default IP timeout expires.
In the second scenario, if LingerTime is a positive value, the system will attempt to send pending data until the specified LingerTime is reached. If this attempt fails, then the system will reset the connection.
The default behavior (which is also the default mode for stream sockets) might result in a long delay in closing the connection. Although the class returns control immediately, the system could hold system resources until all pending data are sent (even after your application closes).
Setting this property to False forces an immediate disconnection. If you know that the other side has received all the data you sent (e.g., by a client acknowledgment), setting this property to False might be the appropriate course of action.
In multihomed hosts (machines with more than one IP interface), setting LocalHost to the value of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface.
If the class is connected, the local_host setting shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).
Setting this to 0 (default) enables the system to choose a port at random. The chosen port will be shown by local_port after the connection is established.
local_port cannot be changed once a connection is made. Any attempt to set this when a connection is active will generate an error.
This configuration setting is useful when trying to connect to services that require a trusted port on the client side. An example is the remote shell (rsh) service in UNIX systems.
If an eol string is found in the input stream before MaxLineLength bytes are received, the on_data_in event is fired with the EOL parameter set to True, and the buffer is reset.
If no eol is found, and MaxLineLength bytes are accumulated in the buffer, the on_data_in event is fired with the EOL parameter set to False, and the buffer is reset.
The minimum value for MaxLineLength is 256 bytes. The default value is 2048 bytes.
www.google.com;www.nsoftware.com
Note: This value is not applicable in Java.
By default, this configuration setting is set to False.
| 0 | IPv4 only |
| 1 | IPv6 only |
| 2 | IPv6 with IPv4 fallback |
SSL Config Settings
When enabled, SSL packet logs are output using the on_ssl_status event, which will fire each time an SSL packet is sent or received.
Enabling this configuration setting has no effect if ssl_provider is set to Platform.
The path set by this property should point to a directory containing CA certificates in PEM format. The files each contain one CA certificate. The files are looked up by the CA subject name hash value, which must hence be available. If more than one CA certificate with the same name hash value exist, the extension must be different (e.g., 9d66eef0.0, 9d66eef0.1). OpenSSL recommends the use of the c_rehash utility to create the necessary links. Please refer to the OpenSSL man page SSL_CTX_load_verify_locations(3) for details.
The file set by this property should contain a list of CA certificates in PEM format. The file can contain several CA certificates identified by the following sequences:
-----BEGIN CERTIFICATE-----
... (CA certificate in base64 encoding) ...
-----END CERTIFICATE-----
Before, between, and after the certificate text is allowed, which can be used, for example, for descriptions of the certificates. Refer to the OpenSSL man page SSL_CTX_load_verify_locations(3) for details.
The format of this string is described in the OpenSSL man page ciphers(1) section "CIPHER LIST FORMAT". Please refer to it for details. The default string "DEFAULT" is determined at compile time and is normally equivalent to "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH".
By default, OpenSSL uses the device file "/dev/urandom" to seed the PRNG, and setting OpenSSLPrngSeedData is not required. If set, the string specified is used to seed the PRNG.
If set to True, the class will reuse the context if and only if the following criteria are met:
- The target host name is the same.
- The system cache entry has not expired (default timeout is 10 hours).
- The application process that calls the function is the same.
- The logon session is the same.
- The instance of the class is the same.
The value is formatted as a list of paths separated by semicolons. The class will check for the existence of each file in the order specified. When a file is found, the CA certificates within the file will be loaded and used to determine the validity of server or client certificates.
The default value is as follows:
/etc/ssl/ca-bundle.pem;/etc/pki/tls/certs/ca-bundle.crt;/etc/ssl/certs/ca-certificates.crt;/etc/pki/tls/cacert.pem
-----BEGIN CERTIFICATE----- MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw ... Intermediate Cert ... eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w F0I1XhM+pKj7FjDr+XNj -----END CERTIFICATE----- \r \n -----BEGIN CERTIFICATE----- MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp ... Root Cert ... d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA -----END CERTIFICATE-----
When set to 0 (default), the CRL check will not be performed by the class. When set to 1, it will attempt to perform the CRL check, but it will continue without an error if the server's certificate does not support CRL. When set to 2, it will perform the CRL check and will throw an error if CRL is not supported.
This configuration setting is supported only in the Java, C#, and C++ editions. In the C++ edition, it is supported only on Windows operating systems.
When set to 0 (default), the class will not perform an OCSP check. When set to 1, it will attempt to perform the OCSP check, but it will continue without an error if the server's certificate does not support OCSP. When set to 2, it will perform the OCSP check and will throw an error if OCSP is not supported.
This configuration setting is supported only in the Java, C#, and C++ editions. In the C++ edition, it is supported only on Windows operating systems.
Note: This configuration setting contains the minimum cipher strength requested from the security library. The actual cipher strength used for the connection is shown by the on_ssl_status event.
Use this configuration setting with caution. Requesting a lower cipher strength than necessary could potentially cause serious security vulnerabilities in your application.
When the provider is OpenSSL, SSLCipherStrength is currently not supported. This functionality is instead made available through the OpenSSLCipherList configuration setting.
The value of this configuration setting is a newline-separated (CR/LF) list of certificates. For instance:
-----BEGIN CERTIFICATE----- MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw ... Intermediate Cert ... eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w F0I1XhM+pKj7FjDr+XNj -----END CERTIFICATE----- \r \n -----BEGIN CERTIFICATE----- MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp ... Root Cert ... d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA -----END CERTIFICATE-----
By default, the enabled cipher suites will include all available ciphers ("*").
The special value "*" means that the class will pick all of the supported cipher suites. If SSLEnabledCipherSuites is set to any other value, only the specified cipher suites will be considered.
Multiple cipher suites are separated by semicolons.
Example values when ssl_provider is set to Platform include the following:
obj.config("SSLEnabledCipherSuites=*");
obj.config("SSLEnabledCipherSuites=CALG_AES_256");
obj.config("SSLEnabledCipherSuites=CALG_AES_256;CALG_3DES");
Possible values when ssl_provider is set to Platform include the following:
- CALG_3DES
- CALG_3DES_112
- CALG_AES
- CALG_AES_128
- CALG_AES_192
- CALG_AES_256
- CALG_AGREEDKEY_ANY
- CALG_CYLINK_MEK
- CALG_DES
- CALG_DESX
- CALG_DH_EPHEM
- CALG_DH_SF
- CALG_DSS_SIGN
- CALG_ECDH
- CALG_ECDH_EPHEM
- CALG_ECDSA
- CALG_ECMQV
- CALG_HASH_REPLACE_OWF
- CALG_HUGHES_MD5
- CALG_HMAC
- CALG_KEA_KEYX
- CALG_MAC
- CALG_MD2
- CALG_MD4
- CALG_MD5
- CALG_NO_SIGN
- CALG_OID_INFO_CNG_ONLY
- CALG_OID_INFO_PARAMETERS
- CALG_PCT1_MASTER
- CALG_RC2
- CALG_RC4
- CALG_RC5
- CALG_RSA_KEYX
- CALG_RSA_SIGN
- CALG_SCHANNEL_ENC_KEY
- CALG_SCHANNEL_MAC_KEY
- CALG_SCHANNEL_MASTER_HASH
- CALG_SEAL
- CALG_SHA
- CALG_SHA1
- CALG_SHA_256
- CALG_SHA_384
- CALG_SHA_512
- CALG_SKIPJACK
- CALG_SSL2_MASTER
- CALG_SSL3_MASTER
- CALG_SSL3_SHAMD5
- CALG_TEK
- CALG_TLS1_MASTER
- CALG_TLS1PRF
obj.config("SSLEnabledCipherSuites=*");
obj.config("SSLEnabledCipherSuites=TLS_DHE_DSS_WITH_AES_128_CBC_SHA");
obj.config("SSLEnabledCipherSuites=TLS_DHE_DSS_WITH_AES_128_CBC_SHA;TLS_ECDH_RSA_WITH_AES_128_CBC_SHA");
Possible values when ssl_provider is set to Internal include the following:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_RSA_WITH_AES_256_GCM_SHA384
- TLS_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_RSA_WITH_DES_CBC_SHA
- TLS_DHE_RSA_WITH_DES_CBC_SHA
- TLS_DHE_DSS_WITH_DES_CBC_SHA
- TLS_RSA_WITH_RC4_128_MD5
- TLS_RSA_WITH_RC4_128_SHA
When TLS 1.3 is negotiated (see SSLEnabledProtocols), only the following cipher suites are supported:
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_128_GCM_SHA256
SSLEnabledCipherSuites is used together with SSLCipherStrength.
Not all supported protocols are enabled by default. The default value is 4032 for client components, and 3072 for server components. To specify a combination of enabled protocol versions set this config to the binary OR of one or more of the following values:
| TLS1.3 | 12288 (Hex 3000) |
| TLS1.2 | 3072 (Hex C00) (Default - Client and Server) |
| TLS1.1 | 768 (Hex 300) (Default - Client) |
| TLS1 | 192 (Hex C0) (Default - Client) |
| SSL3 | 48 (Hex 30) |
| SSL2 | 12 (Hex 0C) |
Note that only TLS 1.2 is enabled for server components that accept incoming connections. This adheres to industry standards to ensure a secure connection. Client components enable TLS 1.0, TLS 1.1, and TLS 1.2 by default and will negotiate the highest mutually supported version when connecting to a server, which should be TLS 1.2 in most cases.
SSLEnabledProtocols: Transport Layer Security (TLS) 1.3 Notes:
By default when TLS 1.3 is enabled, the class will use the internal TLS implementation when the ssl_provider is set to Automatic for all editions.
In editions that are designed to run on Windows, ssl_provider can be set to Platform to use the platform implementation instead of the internal implementation. When configured in this manner, please note that the platform provider is supported only on Windows 11/Windows Server 2022 and up. The default internal provider is available on all platforms and is not restricted to any specific OS version.
If set to 1 (Platform provider), please be aware of the following notes:
- The platform provider is available only on Windows 11/Windows Server 2022 and up.
- SSLEnabledCipherSuites and other similar SSL configuration settings are not supported.
- If SSLEnabledProtocols includes both TLS 1.3 and TLS 1.2, these restrictions are still applicable even if TLS 1.2 is negotiated. Enabling TLS 1.3 with the platform provider changes the implementation used for all TLS versions.
SSLEnabledProtocols: SSL2 and SSL3 Notes:
SSL 2.0 and 3.0 are not supported by the class when the ssl_provider is set to internal. To use SSL 2.0 or SSL 3.0, the platform security API must have the protocols enabled and ssl_provider needs to be set to platform.
This configuration setting is applicable only when ssl_provider is set to Internal.
If set to True, all certificates returned by the server will be present in the Encoded parameter of the on_ssl_server_authentication event. This includes the leaf certificate, any intermediate certificate, and the root certificate.
When set, the class will save the session secrets in the same format as the SSLKEYLOGFILE environment variable functionality used by most major browsers and tools, such as Chrome, Firefox, and cURL. This file can then be used in tools such as Wireshark to decrypt TLS traffic for debugging purposes. When writing to this file, the class will only append, it will not overwrite previous values.
Note: This configuration setting is applicable only when ssl_provider is set to Internal.
Note: For server components (e.g., TCPServer), this is a per-connection configuration setting accessed by passing the ConnectionId. For example:
server.Config("SSLNegotiatedCipher[connId]");
Note: For server components (e.g., TCPServer), this is a per-connection configuration setting accessed by passing the ConnectionId. For example:
server.Config("SSLNegotiatedCipherStrength[connId]");
Note: For server components (e.g., TCPServer), this is a per-connection configuration setting accessed by passing the ConnectionId. For example:
server.Config("SSLNegotiatedCipherSuite[connId]");
Note: For server components (e.g., TCPServer), this is a per-connection configuration setting accessed by passing the ConnectionId. For example:
server.Config("SSLNegotiatedKeyExchange[connId]");
Note: For server components (e.g., TCPServer), this is a per-connection configuration setting accessed by passing the ConnectionId. For example:
server.Config("SSLNegotiatedKeyExchangeStrength[connId]");
Note: For server components (e.g., TCPServer), this is a per-connection configuration setting accessed by passing the ConnectionId. For example:
server.Config("SSLNegotiatedVersion[connId]");
| 0x00000001 | Ignore time validity status of certificate. |
| 0x00000002 | Ignore time validity status of CTL. |
| 0x00000004 | Ignore non-nested certificate times. |
| 0x00000010 | Allow unknown certificate authority. |
| 0x00000020 | Ignore wrong certificate usage. |
| 0x00000100 | Ignore unknown certificate revocation status. |
| 0x00000200 | Ignore unknown CTL signer revocation status. |
| 0x00000400 | Ignore unknown certificate authority revocation status. |
| 0x00000800 | Ignore unknown root revocation status. |
| 0x00008000 | Allow test root certificate. |
| 0x00004000 | Trust test root certificate. |
| 0x80000000 | Ignore non-matching CN (certificate CN non-matching server name). |
This functionality is currently not available when the provider is OpenSSL.
The value of this configuration setting is a newline-separated (CR/LF) list of certificates. For instance:
-----BEGIN CERTIFICATE----- MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw ... Intermediate Cert... eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w F0I1XhM+pKj7FjDr+XNj -----END CERTIFICATE----- \r \n -----BEGIN CERTIFICATE----- MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp ... Root Cert... d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA -----END CERTIFICATE-----
When specified the class will verify that the server certificate signature algorithm is among the values specified in this configuration setting. If the server certificate signature algorithm is unsupported, the class fails with an error.
The format of this value is a comma-separated list of hash-signature combinations. For instance:
component.SSLProvider = TCPClientSSLProviders.sslpInternal;
component.Config("SSLEnabledProtocols=3072"); //TLS 1.2
component.Config("TLS12SignatureAlgorithms=sha256-rsa,sha256-dsa,sha1-rsa,sha1-dsa");
The default value for this configuration setting is sha512-ecdsa,sha512-rsa,sha512-dsa,sha384-ecdsa,sha384-rsa,sha384-dsa,sha256-ecdsa,sha256-rsa,sha256-dsa,sha224-ecdsa,sha224-rsa,sha224-dsa,sha1-ecdsa,sha1-rsa,sha1-dsa.
To not restrict the server's certificate signature algorithm, specify an empty string as the value for this configuration setting, which will cause the signature_algorithms TLS 1.2 extension to not be sent.
The default value is ecdhe_secp256r1,ecdhe_secp384r1,ecdhe_secp521r1.
When using TLS 1.2 and ssl_provider is set to Internal, the values refer to the supported groups for ECC. The following values are supported:
- "ecdhe_secp256r1" (default)
- "ecdhe_secp384r1" (default)
- "ecdhe_secp521r1" (default)
The default value is set to balance common supported groups and the computational resources required to generate key shares. As a result, only some groups are included by default in this configuration setting.
Note: All supported groups can always be used during the handshake even if not listed here, but if a group is used that is not present in this list, it will incur an additional roundtrip and time to generate the key share for that group.
In most cases, this configuration setting does not need to be modified. This should be modified only if there is a specific reason to do so.
The default value is ecdhe_x25519,ecdhe_secp256r1,ecdhe_secp384r1,ffdhe_2048,ffdhe_3072
The values are ordered from most preferred to least preferred. The following values are supported:
- "ecdhe_x25519" (default)
- "ecdhe_x448"
- "ecdhe_secp256r1" (default)
- "ecdhe_secp384r1" (default)
- "ecdhe_secp521r1"
- "ffdhe_2048" (default)
- "ffdhe_3072" (default)
- "ffdhe_4096"
- "ffdhe_6144"
- "ffdhe_8192"
- "ed25519" (default)
- "ed448" (default)
- "ecdsa_secp256r1_sha256" (default)
- "ecdsa_secp384r1_sha384" (default)
- "ecdsa_secp521r1_sha512" (default)
- "rsa_pkcs1_sha256" (default)
- "rsa_pkcs1_sha384" (default)
- "rsa_pkcs1_sha512" (default)
- "rsa_pss_sha256" (default)
- "rsa_pss_sha384" (default)
- "rsa_pss_sha512" (default)
The default value is ecdhe_x25519,ecdhe_x448,ecdhe_secp256r1,ecdhe_secp384r1,ecdhe_secp521r1,ffdhe_2048,ffdhe_3072,ffdhe_4096,ffdhe_6144,ffdhe_8192
The values are ordered from most preferred to least preferred. The following values are supported:
- "ecdhe_x25519" (default)
- "ecdhe_x448" (default)
- "ecdhe_secp256r1" (default)
- "ecdhe_secp384r1" (default)
- "ecdhe_secp521r1" (default)
- "ffdhe_2048" (default)
- "ffdhe_3072" (default)
- "ffdhe_4096" (default)
- "ffdhe_6144" (default)
- "ffdhe_8192" (default)
Socket Config Settings
Note: This option is not valid for User Datagram Protocol (UDP) ports.
Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the class is activated the InBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.
Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the class is activated the OutBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.
Base Config Settings
The following is a list of valid code page identifiers:
| Identifier | Name |
| 037 | IBM EBCDIC - U.S./Canada |
| 437 | OEM - United States |
| 500 | IBM EBCDIC - International |
| 708 | Arabic - ASMO 708 |
| 709 | Arabic - ASMO 449+, BCON V4 |
| 710 | Arabic - Transparent Arabic |
| 720 | Arabic - Transparent ASMO |
| 737 | OEM - Greek (formerly 437G) |
| 775 | OEM - Baltic |
| 850 | OEM - Multilingual Latin I |
| 852 | OEM - Latin II |
| 855 | OEM - Cyrillic (primarily Russian) |
| 857 | OEM - Turkish |
| 858 | OEM - Multilingual Latin I + Euro symbol |
| 860 | OEM - Portuguese |
| 861 | OEM - Icelandic |
| 862 | OEM - Hebrew |
| 863 | OEM - Canadian-French |
| 864 | OEM - Arabic |
| 865 | OEM - Nordic |
| 866 | OEM - Russian |
| 869 | OEM - Modern Greek |
| 870 | IBM EBCDIC - Multilingual/ROECE (Latin-2) |
| 874 | ANSI/OEM - Thai (same as 28605, ISO 8859-15) |
| 875 | IBM EBCDIC - Modern Greek |
| 932 | ANSI/OEM - Japanese, Shift-JIS |
| 936 | ANSI/OEM - Simplified Chinese (PRC, Singapore) |
| 949 | ANSI/OEM - Korean (Unified Hangul Code) |
| 950 | ANSI/OEM - Traditional Chinese (Taiwan; Hong Kong SAR, PRC) |
| 1026 | IBM EBCDIC - Turkish (Latin-5) |
| 1047 | IBM EBCDIC - Latin 1/Open System |
| 1140 | IBM EBCDIC - U.S./Canada (037 + Euro symbol) |
| 1141 | IBM EBCDIC - Germany (20273 + Euro symbol) |
| 1142 | IBM EBCDIC - Denmark/Norway (20277 + Euro symbol) |
| 1143 | IBM EBCDIC - Finland/Sweden (20278 + Euro symbol) |
| 1144 | IBM EBCDIC - Italy (20280 + Euro symbol) |
| 1145 | IBM EBCDIC - Latin America/Spain (20284 + Euro symbol) |
| 1146 | IBM EBCDIC - United Kingdom (20285 + Euro symbol) |
| 1147 | IBM EBCDIC - France (20297 + Euro symbol) |
| 1148 | IBM EBCDIC - International (500 + Euro symbol) |
| 1149 | IBM EBCDIC - Icelandic (20871 + Euro symbol) |
| 1200 | Unicode UCS-2 Little-Endian (BMP of ISO 10646) |
| 1201 | Unicode UCS-2 Big-Endian |
| 1250 | ANSI - Central European |
| 1251 | ANSI - Cyrillic |
| 1252 | ANSI - Latin I |
| 1253 | ANSI - Greek |
| 1254 | ANSI - Turkish |
| 1255 | ANSI - Hebrew |
| 1256 | ANSI - Arabic |
| 1257 | ANSI - Baltic |
| 1258 | ANSI/OEM - Vietnamese |
| 1361 | Korean (Johab) |
| 10000 | MAC - Roman |
| 10001 | MAC - Japanese |
| 10002 | MAC - Traditional Chinese (Big5) |
| 10003 | MAC - Korean |
| 10004 | MAC - Arabic |
| 10005 | MAC - Hebrew |
| 10006 | MAC - Greek I |
| 10007 | MAC - Cyrillic |
| 10008 | MAC - Simplified Chinese (GB 2312) |
| 10010 | MAC - Romania |
| 10017 | MAC - Ukraine |
| 10021 | MAC - Thai |
| 10029 | MAC - Latin II |
| 10079 | MAC - Icelandic |
| 10081 | MAC - Turkish |
| 10082 | MAC - Croatia |
| 12000 | Unicode UCS-4 Little-Endian |
| 12001 | Unicode UCS-4 Big-Endian |
| 20000 | CNS - Taiwan |
| 20001 | TCA - Taiwan |
| 20002 | Eten - Taiwan |
| 20003 | IBM5550 - Taiwan |
| 20004 | TeleText - Taiwan |
| 20005 | Wang - Taiwan |
| 20105 | IA5 IRV International Alphabet No. 5 (7-bit) |
| 20106 | IA5 German (7-bit) |
| 20107 | IA5 Swedish (7-bit) |
| 20108 | IA5 Norwegian (7-bit) |
| 20127 | US-ASCII (7-bit) |
| 20261 | T.61 |
| 20269 | ISO 6937 Non-Spacing Accent |
| 20273 | IBM EBCDIC - Germany |
| 20277 | IBM EBCDIC - Denmark/Norway |
| 20278 | IBM EBCDIC - Finland/Sweden |
| 20280 | IBM EBCDIC - Italy |
| 20284 | IBM EBCDIC - Latin America/Spain |
| 20285 | IBM EBCDIC - United Kingdom |
| 20290 | IBM EBCDIC - Japanese Katakana Extended |
| 20297 | IBM EBCDIC - France |
| 20420 | IBM EBCDIC - Arabic |
| 20423 | IBM EBCDIC - Greek |
| 20424 | IBM EBCDIC - Hebrew |
| 20833 | IBM EBCDIC - Korean Extended |
| 20838 | IBM EBCDIC - Thai |
| 20866 | Russian - KOI8-R |
| 20871 | IBM EBCDIC - Icelandic |
| 20880 | IBM EBCDIC - Cyrillic (Russian) |
| 20905 | IBM EBCDIC - Turkish |
| 20924 | IBM EBCDIC - Latin-1/Open System (1047 + Euro symbol) |
| 20932 | JIS X 0208-1990 & 0121-1990 |
| 20936 | Simplified Chinese (GB2312) |
| 21025 | IBM EBCDIC - Cyrillic (Serbian, Bulgarian) |
| 21027 | Extended Alpha Lowercase |
| 21866 | Ukrainian (KOI8-U) |
| 28591 | ISO 8859-1 Latin I |
| 28592 | ISO 8859-2 Central Europe |
| 28593 | ISO 8859-3 Latin 3 |
| 28594 | ISO 8859-4 Baltic |
| 28595 | ISO 8859-5 Cyrillic |
| 28596 | ISO 8859-6 Arabic |
| 28597 | ISO 8859-7 Greek |
| 28598 | ISO 8859-8 Hebrew |
| 28599 | ISO 8859-9 Latin 5 |
| 28605 | ISO 8859-15 Latin 9 |
| 29001 | Europa 3 |
| 38598 | ISO 8859-8 Hebrew |
| 50220 | ISO 2022 Japanese with no halfwidth Katakana |
| 50221 | ISO 2022 Japanese with halfwidth Katakana |
| 50222 | ISO 2022 Japanese JIS X 0201-1989 |
| 50225 | ISO 2022 Korean |
| 50227 | ISO 2022 Simplified Chinese |
| 50229 | ISO 2022 Traditional Chinese |
| 50930 | Japanese (Katakana) Extended |
| 50931 | US/Canada and Japanese |
| 50933 | Korean Extended and Korean |
| 50935 | Simplified Chinese Extended and Simplified Chinese |
| 50936 | Simplified Chinese |
| 50937 | US/Canada and Traditional Chinese |
| 50939 | Japanese (Latin) Extended and Japanese |
| 51932 | EUC - Japanese |
| 51936 | EUC - Simplified Chinese |
| 51949 | EUC - Korean |
| 51950 | EUC - Traditional Chinese |
| 52936 | HZ-GB2312 Simplified Chinese |
| 54936 | Windows XP: GB18030 Simplified Chinese (4 Byte) |
| 57002 | ISCII Devanagari |
| 57003 | ISCII Bengali |
| 57004 | ISCII Tamil |
| 57005 | ISCII Telugu |
| 57006 | ISCII Assamese |
| 57007 | ISCII Oriya |
| 57008 | ISCII Kannada |
| 57009 | ISCII Malayalam |
| 57010 | ISCII Gujarati |
| 57011 | ISCII Punjabi |
| 65000 | Unicode UTF-7 |
| 65001 | Unicode UTF-8 |
| Identifier | Name |
| 1 | ASCII |
| 2 | NEXTSTEP |
| 3 | JapaneseEUC |
| 4 | UTF8 |
| 5 | ISOLatin1 |
| 6 | Symbol |
| 7 | NonLossyASCII |
| 8 | ShiftJIS |
| 9 | ISOLatin2 |
| 10 | Unicode |
| 11 | WindowsCP1251 |
| 12 | WindowsCP1252 |
| 13 | WindowsCP1253 |
| 14 | WindowsCP1254 |
| 15 | WindowsCP1250 |
| 21 | ISO2022JP |
| 30 | MacOSRoman |
| 10 | UTF16String |
| 0x90000100 | UTF16BigEndian |
| 0x94000100 | UTF16LittleEndian |
| 0x8c000100 | UTF32String |
| 0x98000100 | UTF32BigEndian |
| 0x9c000100 | UTF32LittleEndian |
| 65536 | Proprietary |
- Product: The product the license is for.
- Product Key: The key the license was generated from.
- License Source: Where the license was found (e.g., RuntimeLicense, License File).
- License Type: The type of license installed (e.g., Royalty Free, Single Server).
- Last Valid Build: The last valid build number for which the license will work.
This setting only works on these classes: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer.
Setting this configuration setting to True tells the class to use the internal implementation instead of using the system security libraries.
On Windows, this setting is set to False by default. On Linux/macOS, this setting is set to True by default.
To use the system security libraries for Linux, OpenSSL support must be enabled. For more information on how to enable OpenSSL, please refer to the OpenSSL Notes section.
RCP Errors
RCP Errors
| 305 | Busy executing current method. |
| 306 | A valid local file is required for this operation. |
| 307 | A valid remote file is required for this operation. |
| 309 | Cannot open local file. |
| 310 | Cannot write to local file. |
| 311 | RCP protocol error. |
| 344 | Cannot read from local file. |
| 345 | Invalid argument. |
RShell Errors
| 118 | Firewall error. Error message contains detailed description. |
The class may also return one of the following error codes, which are inherited from other classes.
RExec Errors
| 118 | Firewall error. Error message includes a detailed description. |
The class may also return one of the following error codes, which are inherited from other classes.
TCPClient Errors
| 100 | You cannot change the remote_port at this time. A connection is in progress. |
| 101 | You cannot change the remote_host (Server) at this time. A connection is in progress. |
| 102 | The remote_host address is invalid (0.0.0.0). |
| 104 | Already connected. If you want to reconnect, close the current connection first. |
| 106 | You cannot change the local_port at this time. A connection is in progress. |
| 107 | You cannot change the local_host at this time. A connection is in progress. |
| 112 | You cannot change MaxLineLength at this time. A connection is in progress. |
| 116 | remote_port cannot be zero. Please specify a valid service port number. |
| 117 | You cannot change the UseConnection option while the class is active. |
| 135 | Operation would block. |
| 201 | Timeout. |
| 211 | Action impossible in control's present state. |
| 212 | Action impossible while not connected. |
| 213 | Action impossible while listening. |
| 301 | Timeout. |
| 302 | Could not open file. |
| 434 | Unable to convert string to selected CodePage. |
| 1105 | Already connecting. If you want to reconnect, close the current connection first. |
| 1117 | You need to connect first. |
| 1119 | You cannot change the LocalHost at this time. A connection is in progress. |
| 1120 | Connection dropped by remote host. |
SSL Errors
| 270 | Cannot load specified security library. |
| 271 | Cannot open certificate store. |
| 272 | Cannot find specified certificate. |
| 273 | Cannot acquire security credentials. |
| 274 | Cannot find certificate chain. |
| 275 | Cannot verify certificate chain. |
| 276 | Error during handshake. |
| 280 | Error verifying certificate. |
| 281 | Could not find client certificate. |
| 282 | Could not find server certificate. |
| 283 | Error encrypting data. |
| 284 | Error decrypting data. |
TCP/IP Errors
| 10004 | [10004] Interrupted system call. |
| 10009 | [10009] Bad file number. |
| 10013 | [10013] Access denied. |
| 10014 | [10014] Bad address. |
| 10022 | [10022] Invalid argument. |
| 10024 | [10024] Too many open files. |
| 10035 | [10035] Operation would block. |
| 10036 | [10036] Operation now in progress. |
| 10037 | [10037] Operation already in progress. |
| 10038 | [10038] Socket operation on nonsocket. |
| 10039 | [10039] Destination address required. |
| 10040 | [10040] Message is too long. |
| 10041 | [10041] Protocol wrong type for socket. |
| 10042 | [10042] Bad protocol option. |
| 10043 | [10043] Protocol is not supported. |
| 10044 | [10044] Socket type is not supported. |
| 10045 | [10045] Operation is not supported on socket. |
| 10046 | [10046] Protocol family is not supported. |
| 10047 | [10047] Address family is not supported by protocol family. |
| 10048 | [10048] Address already in use. |
| 10049 | [10049] Cannot assign requested address. |
| 10050 | [10050] Network is down. |
| 10051 | [10051] Network is unreachable. |
| 10052 | [10052] Net dropped connection or reset. |
| 10053 | [10053] Software caused connection abort. |
| 10054 | [10054] Connection reset by peer. |
| 10055 | [10055] No buffer space available. |
| 10056 | [10056] Socket is already connected. |
| 10057 | [10057] Socket is not connected. |
| 10058 | [10058] Cannot send after socket shutdown. |
| 10059 | [10059] Too many references, cannot splice. |
| 10060 | [10060] Connection timed out. |
| 10061 | [10061] Connection refused. |
| 10062 | [10062] Too many levels of symbolic links. |
| 10063 | [10063] File name is too long. |
| 10064 | [10064] Host is down. |
| 10065 | [10065] No route to host. |
| 10066 | [10066] Directory is not empty |
| 10067 | [10067] Too many processes. |
| 10068 | [10068] Too many users. |
| 10069 | [10069] Disc Quota Exceeded. |
| 10070 | [10070] Stale NFS file handle. |
| 10071 | [10071] Too many levels of remote in path. |
| 10091 | [10091] Network subsystem is unavailable. |
| 10092 | [10092] WINSOCK DLL Version out of range. |
| 10093 | [10093] Winsock is not loaded yet. |
| 11001 | [11001] Host not found. |
| 11002 | [11002] Nonauthoritative 'Host not found' (try again or check DNS setup). |
| 11003 | [11003] Nonrecoverable errors: FORMERR, REFUSED, NOTIMP. |
| 11004 | [11004] Valid name, no data record (check DNS setup). |