hs.socket:connect(host, port | path [, fn]) -> self or nil
Type
Method
Description
Connects an unconnected socket.
Parameters
host - A string containing the hostname or IP address.
port - A port number [1-65535].
path - A string containing the path to the Unix domain socket.
fn - An optional single-use callback function to execute after establishing the connection. The callback receives no parameters.
Returns
The hs.socket object, or nil if an error occurred.
Notes
Either a host/port pair OR a Unix domain socket path must be supplied. If no port is passed, the first parameter is assumed to be a path to the socket file.
delimiter - Either a number of bytes to read, or a string delimiter such as "\n" or "\r\n". Data is read up to and including the delimiter.
tag - An optional integer to assist with labeling reads. It is passed to the callback to assist with implementing state machines for processing complex protocols.
Returns
The hs.socket object, or nil if an error occurred.
Notes
Results are passed to the socket's callback function, which must be set to use this method.
If called on a listening socket with multiple connections, data is read from each of them.
| | | | --------------------------------------------|-------------------------------------------------------------------------------------| | Signature | hs.socket:setCallback([fn]) -> self | | Type | Method | | Description | Sets the read callback for the socket. | | Parameters |
fn - An optional callback function to process data read from the socket. nil or no argument clears the callback. The callback receives 2 parameters: data - The data read from the socket as a string. tag - The integer tag associated with the read call, which defaults to -1.
verify - An optional boolean that, if false, allows TLS handshaking with servers with self-signed certificates and does not evaluate the chain of trust. Defaults to true and omitted if peerName is supplied
peerName - An optional string containing the fully qualified domain name of the peer to validate against — for example, store.apple.com. It should match the name in the X.509 certificate given by the remote party. See the important security note below.
The socket will disconnect immediately if TLS negotiation fails.
IMPORTANT SECURITY NOTE: The default settings will check to make sure the remote party's certificate is signed by a trusted 3rd party certificate agency (e.g. verisign) and that the certificate is not expired. However it will not verify the name on the certificate unless you give it a name to verify against via peerName. The security implications of this are important to understand. Imagine you are attempting to create a secure connection to MySecureServer.com, but your socket gets directed to MaliciousServer.com because of a hacked DNS server. If you simply use the default settings, and MaliciousServer.com has a valid certificate, the default settings will not detect any problems since the certificate is valid. To properly secure your connection in this particular scenario you should set peerName to "MySecureServer.com".