TLS_SEND_2
The TLS_SEND_2 function block is a newer implementation of the TLS_SEND FB combined with the TCP_SEND FB which are referred to as "older implementation" in this help topic. The difference between the newer and the older implementation is that the TLS_*_2 FBs combine the handling of TCP and TLS in one FB. Furthermore, they support a TCP/TLS server which is able to communicate with several TCP/TLS clients. The TLS_SEND_2 FB can only be used with socket handles created by the TLS_SOCKET_2 FB.
Note
This function block requires firmware version 2021.3 or newer. |
Note
To update instances of the previous FB implementation by the newer FBs in an existing project, you can simply replace them as follows: Edit the declaration of the instance variable and (only in FBD) update the instance call in the code. Formal parameters with the same name will remain connected, newly added formal parameters have to be connected (if the corresponding function is required). |
|
Type
| Function block |
|
Description
| The function block is used to send data via TCP (Transmission Control Protocol) or TLS (Transport Layer Security) to a TCP/TLS-capable Ethernet device. This is done using a TCP/TLS socket. The socket must first be opened using the TLS_SOCKET_2 function block before data can be sent.Once the socket is opened and a connection is established, the function block sends data to the communication partner either via a pure TCP connection or a TLS-secured connection. The type of connection used depends on the value of the START_TLS input of the TLS_SOCKET_2 function block:
- With START_TLS = FALSE, the function block uses a pure TCP connection to send data.
- With START_TLS = TRUE, the function block sends data via a TLS-secured connection.
The function block provides a security check for identifying whether the IEC application expects the data to be sent unsecure (via a TCP connection) or secure (via TLS-secured connection). The security check is done by comparing the values of the SEND_SECURE input of the function block and the START_TLS input of the TLS_SOCKET FB. If an inconsistency of the input values is detected, for example, SEND_SECURE = TRUE (IEC application requires secure transmission of data) and START_TLS = FALSE (TLS protocol not yet initialized), the ERROR output is set to TRUE and the error code 16#C150 is indicated at the STATUS output.Each transmission operation is triggered by a rising edge at the request REQ input. During this cycle, the function block copies the data to be sent (applied to the DATA input) into an internal buffer. The BUSY output is set to TRUE as long as data are being sent from the internal buffer. While BUSY = TRUE, the REQ input is ignored. The transmission of new data that are available at the DATA input during the ongoing transmission cycle can only be triggered with a rising edge at the REQ input once the BUSY output has been set to FALSE.If the connection is broken and the communication partner cannot be reached, the ERROR output is set to TRUE for one cycle. The corresponding error code is provided at the STATUS output within this cycle.
Unintended machine operation
Verify that the influence of the output data cannot result in an unintended or hazardous behavior of the entire system. |
|
|
Notes
|
- The socket opened by the TLS_SOCKET_2 function block can only be used for subsequent calls of the TLS_SEND_2 function block as long as the ACTIVE output of the TLS_SOCKET_2 function block is TRUE. Calling the TLS_SEND_2 function block while ACTIVE = FALSE causes an error at the TLS_SEND_2 function block (ERROR = TRUE and STATUS code = 0xC210 issued).
- The socket handle created by the TLS_SOCKET_2 function block is not compatible with the socket handle created by the TCP_SOCKET or TLS_SOCKET function block. The TCP/TLS socket handle can only be used with the TLS_SEND_2/TLS_RECEIVE_2 function blocks.
- For controllers with integrated firewall, make sure that the firewall does not block the ports involved in the communication. Otherwise, the connection cannot be established.
- Function blocks have to be instantiated.
The instance name of the function block has to be declared in the 'Variables' table of the POU where the FB is going to be used. The instance name must be unique within the POU.
|
|
Parameters
| Inputs
Note
The input specifically relevant for the TLS communication on top of the TCP communication is SEND_SECURE. The other inputs specify TCP functionality. |
 REQ
| Data type: | BOOL |
| Description: | A rising edge at the request REQ input triggers the transmission of the data applied to the DATA input. The input is ignored as long as data are being sent (BUSY = TRUE).All other input parameters are evaluated with a rising edge at the REQ input in case that BUSY = FALSE. |
HANDLE
| Data type: | DWORD |
| Description: | Socket handle that has been opened with the TLS_SOCKET_2 function block (see also the notes above). The parameter is only evaluated in the cycle in which the REQ parameter switches to TRUE.
Note
Do not use a handle created with an instance of the older function block implementation TCP_SOCKET or TLS_SOCKET with the TLS_SEND_2 function block. Only use handles within the same "FB generation". |
|
DATA_CNT
| Data type: | UDINT |
| Description: | Number of bytes to be sent from the DATA buffer (DATA_CNT = DATA_CouNT). The maximum number of bytes to be sent is limited to the maximum value of 2147483647 bytes. If the value is 0 (= initial value of the parameter), the entire variable connected to DATA will be sent.The parameter is only evaluated in the cycle in which the REQ parameter switches to TRUE.
Tip: You can use the SIZEOF function to determine the size of a variable (number of bytes reserved for the variable in the controller memory). |
SEND_SECURE
| Data type: | BOOL |
| Description: | Determines whether the IEC application expects the data to be sent unsecure (via TCP connection) or secure (via TLS-secured connection).
- TRUE: application expects secure data transmission (via TLS-secured connection).
- FALSE: application expects unsecure data transmission (via TCP connection).
The input value is compared with the value of the START_TLS input of the TLS_SOCKET_2 FB. If an inconsistency of the input values is detected, for example, SEND_SECURE = TRUE (IEC application requires secure transmission of data) and START_TLS = FALSE (TLS protocol not yet initialized), the ERROR output is set to TRUE and the error code 16#C150 is indicated at the STATUS output. |
Input/Output
DATA
| Data type: | ANY |
| Description: | Data buffer which contains the data to be sent.Data is transmitted as byte stream. There is no Little-/Big-Endian conversion. If the data type of the connected variable is a STRUCT (or ARRAY OF STRUCT), the byte stream may contain padding bytes. |
Outputs
DONE
| Data type: | BOOL |
| Description: | Set to TRUE once the data has been sent successfully. The output is set for only one cycle. |
BUSY
| Data type: | BOOL |
| Description: | Set to TRUE while the system is trying to send the data. As long as the parameter is set to TRUE, the REQ input is ignored. |
ERROR
| Data type: | BOOL |
| Description: | If an error occurs, the ERROR output is set to TRUE. The corresponding error code can be read at the STATUS output while ERROR = TRUE.In case of a detected error, the output is set to TRUE for only one cycle. The error code must be read at the STATUS output within this cycle.See Error Codes / Status Codes for TLS_* Function Blocks. |
STATUS
| Data type: | WORD |
| Description: | Provides the error code in the event of an error (ERROR = TRUE) or the current status of the function block (ERROR = FALSE). Error codes start with 16#Cxxx and status codes with 16#8xxx.See Error Codes / Status Codes for TLS_* Function Blocks. |
|