Closing Secure Connections

Once you've completed your encrypted exchange, you can call sock.tlsdeinit to clear all TLS-related memory, including certificates and buffers. The recommended sequence is to close the TCP connection first, and then call sock.tlsdeinit. Here is a nice non-blocking code sample:

First, place sock.close somewhere in your code:

** Tibbo Basic **


sock.close()

Then, in the on_sock_event handler:

** Tibbo Basic **


sub on_sock_event(newstate as enum pl_sock_state, newstatesimple as enum pl_sock_state_simple)
     if sock.statesimple = PL_SST_CLOSED then
          if sock.tlscurrentnum = sock.num then
               sock.tlsdeinit()
          end if
     end if
end sub

Note that you do not have to de-initialize the TLS connection if you plan to re-establish an underlying TCP connection after only a short delay. If the TCP connection is re-established before the server clears the context, the server can resume the TLS session, thus saving time that would be otherwise spent on re-initializing the TLS.