-->
Transmit is a fully decentralized platform used for sharing and monetizing everything from data, analytics, artificial intelligence, software, to applications Transmit utilizes decentralized data sourcing and significantly reduces the price of data modeling as well as analysis. Transmit (TX) - Also known as Data Out or TXO. The TX line on any device is there to transmit data. This should be hooked up to the RX line of the device with which you would like to communicate. Receive (RX) - Also known as Data In or RXI. You can send files using the TSO TRANSMIT (or XMIT) command. Issue the TRANSMIT command from the source system to invoke the IEBCOPY utility and transmit the unloaded data set in sequential format. Transmit (TX) - Also known as Data Out or TXO. The TX line on any device is there to transmit data. This should be hooked up to the RX line of the device with which you would like to communicate. Receive (RX) - Also known as Data In or RXI.
TheTransmitFile function transmits file data over a connected socket handle. This function uses the operating system's cache manager to retrieve the file data, and provides high-performance file data transfer over sockets.
Syntax
Parameters
hSocket
A handle to a connected socket. TheTransmitFile function will transmit the file data over this socket. The socket specified by the hSocket parameter must be a connection-oriented socket of type SOCK_STREAM, SOCK_SEQPACKET, or SOCK_RDM.
hFile
A handle to the open file that theTransmitFile function transmits. Since the operating system reads the file data sequentially, you can improve caching performance by opening the handle with FILE_FLAG_SEQUENTIAL_SCAN.
The hFile parameter is optional. If the hFile parameter is NULL, only data in the header and/or the tail buffer is transmitted. Any additional action, such as socket disconnect or reuse, is performed as specified by the dwFlags parameter.
nNumberOfBytesToWrite
The number of bytes in the file to transmit. TheTransmitFile function completes when it has sent the specified number of bytes, or when an error occurs, whichever occurs first.
Set this parameter to zero in order to transmit the entire file.
nNumberOfBytesPerSend
The size, in bytes, of each block of data sent in each send operation. This parameter is used by Windows' sockets layer to determine the block size for send operations. To select the default send size, set this parameter to zero.
The nNumberOfBytesPerSend parameter is useful for protocols that have limitations on the size of individual send requests.
lpOverlapped
A pointer to anOVERLAPPED structure. If the socket handle has been opened as overlapped, specify this parameter in order to achieve an overlapped (asynchronous) I/O operation. By default, socket handles are opened as overlapped.
You can use the lpOverlapped parameter to specify a 64-bit offset within the file at which to start the file data transfer by setting the Offset and OffsetHigh member of the OVERLAPPED structure. If lpOverlapped is a NULL pointer, the transmission of data always starts at the current byte offset in the file.
When the lpOverlapped is not NULL, the overlapped I/O might not finish beforeTransmitFile returns. In that case, theTransmitFile function returns FALSE, and WSAGetLastError returns ERROR_IO_PENDING or WSA_IO_PENDING. This enables the caller to continue processing while the file transmission operation completes. Windows will set the event specified by the hEvent member of the OVERLAPPED structure, or the socket specified by hSocket, to the signaled state upon completion of the data transmission request.
lpTransmitBuffers
A pointer to aTRANSMIT_FILE_BUFFERS data structure that contains pointers to data to send before and after the file data is sent. This parameter should be set to a NULL pointer if you want to transmit only the file data.
dwReserved
A set of flags used to modify the behavior of the TransmitFile function call. The dwFlags parameter can contain a combination of the following options defined in the Mswsock.h header file:
Types Of Data Transmission Modes
| Flag | Meaning |
|---|---|
| Start a transport-level disconnect after all the file data has been queued for transmission. |
| Prepare the socket handle to be reused. This flag is valid only if TF_DISCONNECT is also specified. When the TransmitFile request completes, the socket handle can be passed to thefunction call previously used to establish the connection, such as AcceptEx or ConnectEx. Such reuse is mutually exclusive; for example, if the AcceptEx function was called for the socket, reuse is allowed only for subsequent calls to the AcceptEx function, and not allowed for a subsequent call to ConnectEx. Note The socket level file transmit is subject to the behavior of the underlying transport. For example, a TCP socket may be subject to the TCP TIME_WAIT state, causing the TransmitFile call to be delayed. |
| Directs the Windows Sockets service provider to use the system's default thread to process long TransmitFile requests. The system default thread can be adjusted using the following registry parameter as a REG_DWORD: HKEY_LOCAL_MACHINECurrentControlSetServicesAFDParametersTransmitWorker |
| Directs the Windows Sockets service provider to use system threads to process long TransmitFile requests. |
| Directs the driver to use kernel asynchronous procedure calls (APCs) instead of worker threads to process long TransmitFile requests. Long TransmitFile requests are defined as requests that require more than a single read from the file or a cache; the request therefore depends on the size of the file and the specified length of the send packet. Use of TF_USE_KERNEL_APC can deliver significant performance benefits. It is possible (though unlikely), however, that the thread in which contextTransmitFile is initiated is being used for heavy computations; this situation may prevent APCs from launching. Note that the Winsock kernel mode driver uses normal kernel APCs, which launch whenever a thread is in a wait state, which differs from user-mode APCs, which launch whenever a thread is in an alertable wait state initiated in user mode). |
| Complete the TransmitFile request immediately, without pending. If this flag is specified and TransmitFile succeeds, then the data has been accepted by the system but not necessarily acknowledged by the remote end. Do not use this setting with the TF_DISCONNECT and TF_REUSE_SOCKET flags. Note If the file being sent is not in the file system cache, the request pends. |
Return value
If theTransmitFile function succeeds, the return value is TRUE. Otherwise, the return value is FALSE. To get extended error information, callWSAGetLastError. An error codeof WSA_IO_PENDING or ERROR_IO_PENDING indicates that the overlapped operation has been successfully initiated and that completion will be indicated at a later time. Any other error code indicates that the overlapped operation was not successfully initiated and no completion indication will occur. Applications should handle either ERROR_IO_PENDING or WSA_IO_PENDING in this case.
| Return code | Description |
|---|---|
| An established connection was aborted by the software in your host machine. This error is returned if the virtual circuit was terminated due to a time-out or other failure. |
| An existing connection was forcibly closed by the remote host. This error is returned for a stream socket when the virtual circuit was reset by the remote side. The application should close the socket as it is no longer usable. |
| The system detected an invalid pointer address in attempting to use a pointer argument in a call. This error is returned if the lpTransmitBuffers or lpOverlapped parameter is not totally contained in a valid part of the user address space. |
| An invalid argument was supplied. This error is returned if the hSocket parameter specified a socket of type SOCK_DGRAM or SOCK_RAW. This error is returned if the dwFlags parameter has the TF_REUSE_SOCKET flag set, but the TF_DISCONNECT flag was not set. This error is also returned if the offset specified in the OVERLAPPED structure pointed to by the lpOverlapped is not within the file. This error is also returned if the nNumberOfBytesToWrite parameter is set to a value greater than 2,147,483,646, the maximum value for a 32-bit integer minus 1. |
| A socket operation encountered a dead network.This error is returned if the network subsystem has failed. |
| The connection has been broken due to keep-alive activity detecting a failure while the operation was in progress. |
| An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue was full. This error is also returned if the Windows Sockets provider reports a buffer deadlock. |
| A request to send or receive data was disallowed because the socket is not connected. |
| An operation was attempted on something that is not a socket. This error is returned if the hSocket parameter is not a socket. |
| A request to send or receive data was disallowed because the socket had already been shut down in that direction with a previous shutdown call. This error is returned if the socket has been shut down for sending. It is not possible to call TransmitFile on a socket after the shutdown function has been called on the socket with the how parameter set to SD_SEND or SD_BOTH. |
| Either the application has not called the WSAStartup function, or WSAStartup failed. A successful WSAStartup call must occur before using the TransmitFile function. |
| An overlapped I/O operation is in progress. This value is returned if an overlapped I/O operation was successfully initiated and indicates that completion will be indicated at a later time. |
| The I/O operation has been aborted because of either a thread exit or an application request. This error is returned if the overlapped operation has been canceled due to the closure of the socket, the execution of the 'SIO_FLUSH' command in WSAIoctl, or the thread that initiated the overlapped request exited before the operation completed. Note All I/O initiated by a given thread is canceled when that thread exits. For overlapped sockets, pending asynchronous operations can fail if the thread is closed before the asynchronous operations complete. For more information, see ExitThread. |
Remarks
The TransmitFile function uses the operating system's cache manager to retrieve the file data, and provide high-performance file data transfer over sockets.
The TransmitFile function only supports connection-oriented sockets of type SOCK_STREAM, SOCK_SEQPACKET, and SOCK_RDM. Sockets of type SOCK_DGRAM and SOCK_RAW are not supported. The TransmitPackets function can be used with sockets of type SOCK_DGRAM.
The maximum number of bytes that can be transmitted using a single call to the TransmitFile function is 2,147,483,646, the maximum value for a 32-bit integer minus 1. The maximum number of bytes to send in a single call includes any data sent before or after the file data pointed to by the lpTransmitBuffers parameter plus the value specified in the nNumberOfBytesToWrite parameter for the length of file data to send. If an application needs to transmit a file larger than 2,147,483,646 bytes, then multiple calls to the TransmitFile function can be used with each call transferring no more than 2,147,483,646 bytes. Setting the nNumberOfBytesToWrite parameter to zero for a file larger than 2,147,483,646 bytes will also fail since in this case the TransmitFile function will use the size of the file as the value for the number of bytes to transmit.
Workstation and client versions of Windows optimize the TransmitFile function for minimum memory and resource utilization by limiting the number of concurrent TransmitFile operations allowed on the system to a maximum of two. On Windows Vista, Windows XP,Windows 2000 Professional, andWindows NT Workstation 3.51 and later only two outstanding TransmitFile requests are handled simultaneously; the third request will wait until one of the previous requests is completed.
Server versions of Windows optimize theTransmitFile function for high performance. On server versions, there are no default limits placed on the number of concurrent TransmitFile operations allowed on the system. Expect better performance results when usingTransmitFile on server versions of Windows. On server versions of Windows, it is possible to set a limit on the maximum number of concurrent TransmitFile operations by creating a registry entry and setting a value for the following REG_DWORD:
HKEY_LOCAL_MACHINECurrentControlSetServicesAFDParametersMaxActiveTransmitFileCount
If the TransmitFile function is called with TCP socket (protocol of IPPROTO_TCP) with both the TF_DISCONNECTand TF_REUSE_SOCKET flags specified, the call will not complete until the two following conditions are met.
- All pending receive data sent by remote side (received prior to a FIN from the remote side) on the TCP socket has been read.
- The remote side has closed the connection (completed the graceful TCP connection closure).
If the TransmitFile function is called with the lpOverlapped parameter set to NULL, the operation is executed as synchronous I/O. The function will not complete until the file has been sent.
Windows Phone 8: This function is supported for Windows Phone Store apps on Windows Phone 8 and later.
Windows 8.1 and Windows Server 2012 R2: This function is supported for Windows Store apps on Windows 8.1, Windows Server 2012 R2, and later.
Notes for QoS
Transmit Data At Extremely Fast Speeds
The TransmitFile function allows the setting of two flags, TF_DISCONNECT or TF_REUSE_SOCKET, that return the socket to a 'disconnected, reusable' state after the file has been transmitted. These flags should not be used on a socket where quality of service has been requested, since the service provider may immediately delete any quality of service associated with the socket before the file transfer has completed. The best approach for a QoS-enabled socket is to simply call the closesocket function when the file transfer has completed, rather than relying on these flags.Requirements
| Minimum supported client | Windows 8.1, Windows Vista [desktop apps | UWP apps] |
| Minimum supported server | Windows Server 2003 [desktop apps | UWP apps] |
| Target Platform | Windows |
| Header | mswsock.h (include Mswsock.h) |
| Library | Mswsock.lib |
| DLL | Mswsock.dll |
See also
NOTE: The Information Security Office recently updated the UC Berkeley's Data Classification Standard and Protection Profiles for the Campus. These number changes are reflected on this page.
--------------------
UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling covered data. The recommendations below are provided as optional guidance to assist with achieving the Data Encryption in Transit requirement.
Requirements
Resource Custodians and anyone moving covered data through a network must use secure, authenticated, and industry-accepted encryption mechanisms.
See Approved Exceptions section to see where this requirement is not applicable.
Description of Risk
Malicious users may intercept or monitor plaintext data transmitting across unencrypted network and gain unauthorized access to that jeopardize the confidentiality of the sensitive data.
Recommendations
Covered data must be encrypted when transmitted across networks to protect against eavesdropping of network traffic by unauthorized users. In cases where source and target endpoint devices are within the same protected subnet, covered data transmission must still be encrypted as recommended below due to the potential for high negative impact of a covered data breach. The types of transmission may include client-to-server, server-to-server communication, as well as any data transfer between core systems and third party systems.
Email is not considered secure and must not be used to transmit covered data unless additional email encryption tools are used. See Additional Resources section for email encryptions options and see Approved Exceptions section to see where this requirement is not applicable.
Consider the following recommendations for designing secure transit of covered data.
- Where the covered device is reachable via web interface, web traffic must be transmitted over Secure Sockets Layer (SSL), using only strong security protocols, such as Transport Layer Security (TLS).
- Covered data transmitted over email must be secured using cryptographically strong email encryption tools such as PGP or S/MIME (see email encryption link in Additional Resources section). Alternatively, prior to sending the email, user should encrypt covered data using compliant File Encryption tools and attach the encrypted file to email for transmission.
- Non-web transmission of covered data should be encrypted via application level encryption
- Where the application database resides outside of the application server, the connection between the database and application should also be encrypted using FIPS compliant cryptographic algorithms.
- Where application level encryption is not available for non-web covered data traffic, implement network level encryption such as IPSec or SSH tunneling (for more details on these technologies, see Additional Resources)
- In general, encryption should be applied when transmitting covered data between devices in protected subnets with strong firewall controls. *See Known Exceptions section to see where this requirement is not applicable.
Examples of insecure network protocols and their secure alternatives include:
| Instead of... | Use... | |
|---|---|---|
| Web Access | HTTP | HTTPS |
| File transfer | FTP, RCP | FTPS, SFTP, SCP, WebDAV over HTTPS |
| Remote Shell | telnet | SSH2 terminal |
| Remote desktop | VNC | radmin, RDP |
Picking Encryption Algorithms
When selecting algorithms to encrypt covered data, keep these considerations in mind:
- For the same encryption algorithm, longer encryption key length generally provides stronger protection.
- Long complex passphrases are stronger than shorter passphrases. Please refer to campus passphrase security standard for additional guidance.
- Strong encryption generally consumes more CPU resources than weak encryption.
Wireless Connections
When connecting to wireless networks to access a system handling covered data, only connect to wireless networks employing cryptographically strong wireless encryption standards such as WPA2. Encryption mechanisms described in the section above must also be applied in addition to strong wireless network encryption to ensure end-to-end protection.
Relevant Campus Services
ISO CalNet team provides InCommon Certificate Services that distributes Comodo certificates for encryption and authentication needs.
Link: https://calnetweb.berkeley.edu/calnet-technologists/calnet-incommon-comodo-certificate-service
Approved Exceptions
Data encryption in transit (as defined in MSSEI requirement 15.1, and further described in this guideline) is not required in the following three narrowly defined scenarios. Information Security and Policy approved these exceptions based on an exception request submitted by Network and Operations Services, after performing a security risk assessment. Because these exceptions are the result of a point-in-time evaluation of risk, they will be reviewed on an annual basis, and will be updated as needed.
Covered data (UC P2/P3) traversing only within the Earl Warren Hall (EWH) data center network does not require encryption in transit. For example, this exception applies when transferring covered data between two servers residing in the EWH data center. However, the exception does NOT apply – i.e., encryption is required – when a user is accessing covered data on a server in the EWH data center from a desktop in a second floor office in EWH.
Any device on the same subnet as a UC P4 system that uses this encryption in transit exception is required to meet UC P4 requirements. All other UC P4 security controls, including the protected subnet requirement, do still apply to covered devices residing on the Earl Warren Hall data center network.
- UC P2/P3 data is not required to meet MSSEI encryption in transit requirements when traversing the UC Berkeley campus wired network. The UC Berkeley campus wired network generally falls under UC Berkeley campus IP address spaces as defined athttp://net.berkeley.edu/access/ucb-nets.shtml. For more specific guidance on which IP address ranges are part of the campus wired network, please review the Wired Campus Network Firewall Recommendations page (requires CAS authentication).
This exception does not include transmission over the CENIC network to the San Diego Super Computer data center (e.g., UC Backup), off campus networks that are still part of the campus IP address space, or wireless networks such as Airbears. Applications or systems (e.g. file servers) wishing to take advantage of the campus wired network encryption exception must restrict access to and from all other networks. This can be accomplished by applying firewall rules. - Email with UC P2/P3 data routed only within the berkeley.edu domain (bMail) is encrypted in transit by default, and therefore does not require additional encryption.
Email forwarding to non-berkeley.edu addresses invalidates this exception, because encryption between UC Berkeley and external mail servers cannot be guaranteed. Campus units using email for institutional processes involving UC P2/P3 data should establish unit-wide policies that restrict staff and faculty from forwarding their email outside of the berkeley.edu domain.
Additional Resources
References to Encryption Procedures
- Email encryption options - Thunderbird