Sample code for 30+ languages & platforms
DataFlex

TLS Connection within SSH Tunnel (Port Forwarding)

See more Socket/SSL/TLS Examples

Demonstrates using Chilkat Socket to communicate to a TLS service through an SSH tunnel. This example will connect (through a port-forwarded SSH tunnel) to the GMAIL IMAP server via TLS and will receive the greeting.

Note: The Chilkat IMAP API provides direct support for using SSH tunneling with the IMAP protocol. This example serves only to demonstrate that, in general, TLS connections can be tunneled through SSH.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoTunnel
    String sSshHostname
    Integer iSshPort
    Variant vChannel
    Handle hoChannel
    Integer iMaxWaitMs
    Boolean iUseTls
    String sImapGreeting
    String sTemp1
    Boolean bTemp1

    Move False To iSuccess

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatSocket)) To hoTunnel
    If (Not(IsComObjectCreated(hoTunnel))) Begin
        Send CreateComObject of hoTunnel
    End

    Move "sftp.example.com" To sSshHostname
    Move 22 To iSshPort

    // Connect to an SSH server and establish the SSH tunnel:
    Get ComSshOpenTunnel Of hoTunnel sSshHostname iSshPort To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoTunnel To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Authenticate with the SSH server via a login/password
    // or with a public key.
    // This example demonstrates SSH password authentication.
    Get ComSshAuthenticatePw Of hoTunnel "mySshLogin" "mySshPassword" To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoTunnel To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    //  OK, the SSH tunnel is setup.  Now open a channel within the tunnel.
    //  Once the channel is obtained, the Socket API may
    //  be used exactly the same as usual, except all communications
    //  are sent through the channel in the SSH tunnel.
    //  Any number of channels may be created from the same SSH tunnel.
    //  Multiple channels may coexist at the same time.

    // Connect to the GMAIL IMAP server via TLS (through the port-forwarded SSH tunnel)
    Get Create (RefClass(cComChilkatSocket)) To hoChannel
    If (Not(IsComObjectCreated(hoChannel))) Begin
        Send CreateComObject of hoChannel
    End
    Move 4000 To iMaxWaitMs
    Move True To iUseTls
    Get pvComObject of hoChannel to vChannel
    Get ComSshNewChannel Of hoTunnel "imap.gmail.com" 993 iUseTls iMaxWaitMs vChannel To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoTunnel To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // If desired, visually inspect the LastErrorText to see that indeed the TLS
    // protocol was run inside the SSH tunnel:
    Get ComLastErrorText Of hoTunnel To sTemp1
    Showln sTemp1

    // The first thing an IMAP server does is to send a greeting terminated with a CRLF.
    Get ComReceiveToCRLF Of hoChannel To sImapGreeting
    Get ComLastMethodSuccess Of hoChannel To bTemp1
    If (bTemp1 <> True) Begin
        Get ComLastErrorText Of hoChannel To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Showln sImapGreeting

    // Close the connection to imap.gmail.com.  This is actually closing our channel
    // within the SSH tunnel, but keeps the tunnel open for the next port-forwarded connection.
    Get ComClose Of hoChannel iMaxWaitMs To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoChannel To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Finally, close the SSH tunnel.
    Get ComSshCloseTunnel Of hoTunnel To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoTunnel To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Showln "TLS SSH tunneling example completed."


End_Procedure