The %accept_ssl() function first calls the %accept() function to extract the first connection on the queue of pending connections, and then it creates a new socket. Thereafter, the function will wait for a TLS/SSL client to initiate the TLS/SSL handshake, and then create a secure SSL connection.
code = %accept_ssl(fd, &address, &port, certificate_file, privkey_file, &ssl_fd);
| fd | File descriptor of the local socket returned by a previous call to the FlashBASIC C function %socket(). |
| address | Originating address of the incoming call. |
| port | Originating port number or the incoming call. |
| certificate_file | Certificate file to be used by SSL_CTX_use_certificate_file (see your OpenSSL documentation for more information). For UNIX, you must specify the full path for the certificate file. |
| privkey_file | Private key file to be used by SSL_CTX_use_PrivateKey_file (see your OpenSSL documentation for more information). |
| ssl_fd | File descriptor of the secure connection. |
To compile successfully, the statement cfunction socket.builtin must be included in the source code.
Upon successful completion, a value of 0 is returned in code and the address, port and ssl_fd FlashBASIC variables are updated.
In the case of an error, the return code is a negative value. The table below lists all of the error return codes:
| -1 | Socket error and the FlashBASIC system(0) function is set to the value of errno. |
| -2 | OpenSSL is not installed. |
| -3 | Invalid certificate file. |
| -4 | Invalid private key file. |
| -5 | The private key in the privkey file does not match with the loaded certificate file. |
| -6 | Unable to create a SSL connection. |
| -7 | Unable to establish the TLS/SSL handshake with the client, the FlashBASIC system(0) function is set to the value of SSL_get_error. |
| -8 | Unable to open the certificate file. |
A legal integer value must be assigned to the port variable, and a legal integer value (IPv4) or char array (IPv6) must be assigned to the address variable before the call.
include dm,bp,includes sysid.inc include dm,bp,unix.h socket.h * Create a socket fd=%socket(af$inet6, sock$stream, 0) * Bind the socket to a local Ethernet port. * Use default address. if %bind(fd, af$inet6, inaddr$any, 1024)<0 then crt "bind failed"; stop end * Wait for incoming connection %listen(fd, 1) * Accept a connection address=0; port=0; ssl_fd = 0 cert.file = "server.pem" privkey.file = "server.pem" fd2=%accept_ssl(fd, &address, &port, cert.file, privkey.file, &ssl_fd) if fd2 < 0 then stop crt "Called by address ":address:", port #":port * Read data from the established secure socket link char buffer[24] code = %read_ssl(ssl_fd, buffer, 24) if code < 0 then stop crt "READ: ":buffer code = %write_ssl(ssl_fd,"I hear you",10) if code < 0 then stop * close the connection code = %close_ssl(fd2, &ssl_fd) code = %closesocket(fd) end