diff --git a/include/gmssl/socket.h b/include/gmssl/socket.h
deleted file mode 100644
index b0a34569..00000000
--- a/include/gmssl/socket.h
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- *  Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
- *
- *  Licensed under the Apache License, Version 2.0 (the License); you may
- *  not use this file except in compliance with the License.
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- */
-
-
-#ifndef GMSSL_SOCKET_H
-#define GMSSL_SOCKET_H
-
-#include <string.h>
-#include <stdint.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-
-#ifdef WIN32
-#pragma comment (lib, "Ws2_32.lib")
-#pragma comment (lib, "Mswsock.lib")
-#pragma comment (lib, "AdvApi32.lib")
-
-#include <winsock2.h>
-
-typedef SOCKET tls_socket_t;
-typedef int tls_ret_t;
-typedef int tls_socklen_t;
-
-
-#define tls_socket_send(sock,buf,len,flags)	send(sock,buf,(int)(len),flags)
-#define tls_socket_recv(sock,buf,len,flags)	recv(sock,buf,(int)(len),flags)
-#define tls_socket_close(sock)			closesocket(sock)
-
-
-#else
-
-#include <fcntl.h>
-#include <netdb.h>
-#include <arpa/inet.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <unistd.h>
-
-typedef int tls_socket_t;
-typedef ssize_t tls_ret_t;
-typedef socklen_t tls_socklen_t;
-
-
-#define tls_socket_send(sock,buf,len,flags)	send(sock,buf,len,flags)
-#define tls_socket_recv(sock,buf,len,flags)	recv(sock,buf,len,flags)
-#define tls_socket_close(sock)			close(sock)
-
-
-
-#endif
-
-
-
-
-
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/include/gmssl/tls.h b/include/gmssl/tls.h
index 30d93bf7..f9cb8a19 100644
--- a/include/gmssl/tls.h
+++ b/include/gmssl/tls.h
@@ -12,6 +12,13 @@
 #ifndef GMSSL_TLS_H
 #define GMSSL_TLS_H
 
+#ifdef WIN32
+#pragma comment (lib, "Ws2_32.lib")
+#pragma comment (lib, "Mswsock.lib")
+#pragma comment (lib, "AdvApi32.lib")
+#include <winsock2.h>
+#endif
+
 
 #include <stdint.h>
 #include <gmssl/sm2.h>
@@ -19,7 +26,6 @@
 #include <gmssl/sm4.h>
 #include <gmssl/digest.h>
 #include <gmssl/block_cipher.h>
-#include <gmssl/socket.h>
 
 
 #ifdef __cplusplus
@@ -452,9 +458,15 @@ int tls_record_set_data(uint8_t *record, const uint8_t *data, size_t datalen);
 int tls_record_print(FILE *fp, const uint8_t *record,  size_t recordlen, int format, int indent);
 int tlcp_record_print(FILE *fp, const uint8_t *record,  size_t recordlen, int format, int indent);
 
-int tls_record_send(const uint8_t *record, size_t recordlen, tls_socket_t sock);
-int tls_record_recv(uint8_t *record, size_t *recordlen, tls_socket_t sock);
-int tls12_record_recv(uint8_t *record, size_t *recordlen, tls_socket_t sock);
+#ifdef WIN32
+int tls_record_send(const uint8_t* record, size_t recordlen, SOCKET sock);
+int tls_record_recv(uint8_t* record, size_t* recordlen, SOCKET sock);
+int tls12_record_recv(uint8_t* record, size_t* recordlen, SOCKET sock);
+#else
+int tls_record_send(const uint8_t *record, size_t recordlen, int sock);
+int tls_record_recv(uint8_t *record, size_t *recordlen, int sock);
+int tls12_record_recv(uint8_t *record, size_t *recordlen, int sock);
+#endif
 
 
 // Handshake
@@ -740,7 +752,12 @@ typedef struct {
 	int is_client;
 	int cipher_suites[TLS_MAX_CIPHER_SUITES_COUNT];
 	size_t cipher_suites_cnt;
-	tls_socket_t sock;
+
+#ifdef WIN32
+	SOCKET sock;
+#else
+	int sock;
+#endif
 
 	uint8_t enced_record[TLS_MAX_RECORD_SIZE];
 	size_t enced_record_len;
@@ -790,7 +807,11 @@ typedef struct {
 
 
 int tls_init(TLS_CONNECT *conn, const TLS_CTX *ctx);
-int tls_set_socket(TLS_CONNECT *conn, tls_socket_t sock);
+#ifdef WIN32
+int tls_set_socket(TLS_CONNECT* conn, SOCKET sock);
+#else
+int tls_set_socket(TLS_CONNECT *conn, int sock);
+#endif
 int tls_do_handshake(TLS_CONNECT *conn);
 int tls_send(TLS_CONNECT *conn, const uint8_t *in, size_t inlen, size_t *sentlen);
 int tls_recv(TLS_CONNECT *conn, uint8_t *out, size_t outlen, size_t *recvlen);
diff --git a/src/tlcp.c b/src/tlcp.c
index 34be96d3..dcdfadc2 100644
--- a/src/tlcp.c
+++ b/src/tlcp.c
@@ -14,6 +14,15 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#ifdef WIN32
+#include <winsock2.h>
+#else
+#include <unistd.h>
+#include <sys/types.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#endif
 #include <gmssl/rand.h>
 #include <gmssl/x509.h>
 #include <gmssl/error.h>
diff --git a/src/tls.c b/src/tls.c
index 8d586bbc..206f0976 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -14,6 +14,19 @@
 #include <assert.h>
 #include <stdlib.h>
 #include <string.h>
+
+#ifdef WIN32
+#include <winsock2.h>
+#else
+
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/types.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#endif
+
 #include <gmssl/rand.h>
 #include <gmssl/x509.h>
 #include <gmssl/error.h>
@@ -1447,10 +1460,17 @@ int tls_cipher_suite_in_list(int cipher, const int *list, size_t list_count)
 	return 0;
 }
 
-int tls_record_send(const uint8_t *record, size_t recordlen, tls_socket_t sock)
+#ifdef WIN32
+int tls_record_send(const uint8_t *record, size_t recordlen, SOCKET sock)
+#else
+int tls_record_send(const uint8_t *record, size_t recordlen, int sock)
+#endif
 {
-	tls_ret_t r;
-
+#ifdef WIN32
+	int r;
+#else
+	ssize_t r;
+#endif
 	if (!record) {
 		error_print();
 		return -1;
@@ -1463,7 +1483,11 @@ int tls_record_send(const uint8_t *record, size_t recordlen, tls_socket_t sock)
 		error_print();
 		return -1;
 	}
-	if ((r = tls_socket_send(sock, record, recordlen, 0)) < 0) {
+#ifdef WIN32
+	if ((r = send(sock, record, (int)recordlen, 0)) < 0) {
+#else	
+	if ((r = send(sock, record, recordlen, 0)) < 0) {
+#endif
 		perror("tls_record_send");
 		error_print();
 		return -1;
@@ -1474,14 +1498,26 @@ int tls_record_send(const uint8_t *record, size_t recordlen, tls_socket_t sock)
 	return 1;
 }
 
-int tls_record_do_recv(uint8_t *record, size_t *recordlen, tls_socket_t sock)
+#ifdef WIN32
+int tls_record_do_recv(uint8_t *record, size_t *recordlen, SOCKET sock)
+#else
+int tls_record_do_recv(uint8_t *record, size_t *recordlen, int sock)
+#endif
 {
-	tls_ret_t r;
+#ifdef WIN32
+	int r;
+#else
+	ssize_t r;
+#endif
 	size_t len;
 
 	len = 5;
 	while (len) {
-		if ((r = tls_socket_recv(sock, record + 5 - len, len, 0)) < 0) {
+#ifdef WIN32
+		if ((r = recv(sock, record + 5 - len, (int)len, 0)) < 0) {
+#else
+		if ((r = recv(sock, record + 5 - len, len, 0)) < 0) {
+#endif
 			perror("tls_record_do_recv");
 			error_print();
 			return -1;
@@ -1510,7 +1546,11 @@ int tls_record_do_recv(uint8_t *record, size_t *recordlen, tls_socket_t sock)
 		return -1;
 	}
 	while (len) {
+#ifdef WIN32
+		if ((r = recv(sock, record + *recordlen - len, (int)len, 0)) < 0) {
+#else
 		if ((r = recv(sock, record + *recordlen - len, len, 0)) < 0) {
+#endif
 			perror("tls_record_do_recv");
 			error_print();
 			return -1;
@@ -1520,7 +1560,11 @@ int tls_record_do_recv(uint8_t *record, size_t *recordlen, tls_socket_t sock)
 	return 1;
 }
 
-int tls_record_recv(uint8_t *record, size_t *recordlen, tls_socket_t sock)
+#ifdef WIN32
+int tls_record_recv(uint8_t *record, size_t *recordlen, SOCKET sock)
+#else
+int tls_record_recv(uint8_t *record, size_t *recordlen, int sock)
+#endif
 {
 retry:
 	if (tls_record_do_recv(record, recordlen, sock) != 1) {
@@ -2259,7 +2303,11 @@ void tls_cleanup(TLS_CONNECT *conn)
 	gmssl_secure_clear(conn, sizeof(TLS_CONNECT));
 }
 
-int tls_set_socket(TLS_CONNECT *conn, tls_socket_t sock)
+#ifdef WIN32
+int tls_set_socket(TLS_CONNECT *conn, SOCKET sock)
+#else
+int tls_set_socket(TLS_CONNECT *conn, int sock)
+#endif
 {
 #if 0
 	int opts;
diff --git a/src/tls12.c b/src/tls12.c
index 81d7e24a..27e8191f 100644
--- a/src/tls12.c
+++ b/src/tls12.c
@@ -13,6 +13,16 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#ifdef WIN32
+#include <winsock2.h>
+#else
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/types.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#endif
 #include <gmssl/rand.h>
 #include <gmssl/x509.h>
 #include <gmssl/error.h>
diff --git a/src/tls13.c b/src/tls13.c
index aef4fbbc..c33de356 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -13,6 +13,15 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#ifdef WIN32
+#include <winsock2.h>
+#else
+#include <unistd.h>
+#include <sys/types.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#endif
 #include <gmssl/rand.h>
 #include <gmssl/x509.h>
 #include <gmssl/error.h>
diff --git a/src/tls_ext.c b/src/tls_ext.c
index cfb08c16..9f1ae0ac 100644
--- a/src/tls_ext.c
+++ b/src/tls_ext.c
@@ -14,6 +14,18 @@
 #include <stdlib.h>
 #include <string.h>
 #include <fcntl.h>
+#ifdef WIN32
+
+#include <winsock2.h>		
+
+
+#else
+#include <unistd.h>
+#include <sys/types.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#endif
 #include <gmssl/rand.h>
 #include <gmssl/x509.h>
 #include <gmssl/error.h>
diff --git a/tools/tlcp_client.c b/tools/tlcp_client.c
index 62cd577b..a53cd22b 100644
--- a/tools/tlcp_client.c
+++ b/tools/tlcp_client.c
@@ -12,6 +12,18 @@
 #include <errno.h>
 #include <string.h>
 #include <stdlib.h>
+#ifdef WIN32
+// FIMXE: socket related headers should be moved to tls.h
+#include <winsock2.h>
+#else
+#include <unistd.h>
+#include <netdb.h>
+#include <sys/types.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#endif
+
 #include <gmssl/tls.h>
 #include <gmssl/error.h>
 
@@ -37,7 +49,11 @@ int tlcp_client_main(int argc, char *argv[])
 	char *pass = NULL;
 	struct hostent *hp;
 	struct sockaddr_in server;
-	tls_socket_t sock;
+#ifdef WIN32
+	SOCKET sock;
+#else	
+	int sock;
+#endif
 	TLS_CTX ctx;
 	TLS_CONNECT conn;
 	char buf[1024] = {0};
@@ -190,7 +206,11 @@ bad:
 
 
 end:
-	tls_socket_close(sock);
+#ifdef WIN32
+	closesocket(sock);
+#else
+	close(sock);
+#endif
 	tls_ctx_cleanup(&ctx);
 	tls_cleanup(&conn);
 	return 0;
diff --git a/tools/tlcp_server.c b/tools/tlcp_server.c
index d5d96a49..a0573fd9 100644
--- a/tools/tlcp_server.c
+++ b/tools/tlcp_server.c
@@ -12,6 +12,15 @@
 #include <errno.h>
 #include <string.h>
 #include <stdlib.h>
+#ifdef WIN32
+#include <winsock2.h>
+#else
+#include <unistd.h>
+#include <sys/types.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#endif
 #include <gmssl/mem.h>
 #include <gmssl/sm2.h>
 #include <gmssl/tls.h>
@@ -38,11 +47,23 @@ int tlcp_server_main(int argc , char **argv)
 	TLS_CONNECT conn;
 	char buf[1600] = {0};
 	size_t len = sizeof(buf);
-	tls_socket_t sock;
-	tls_socket_t conn_sock;
+
+#ifdef WIN32
+	SOCKET sock;
+	SOCKET conn_sock;
+#else
+	int sock;
+	int conn_sock;	
+#endif
 	struct sockaddr_in server_addr;
 	struct sockaddr_in client_addr;
-	tls_socklen_t client_addrlen;
+#ifdef WIN32
+	int client_addrlen;
+#else
+	socklen_t client_addrlen;
+#endif
+
+
 
 	argc--;
 	argv++;
@@ -173,7 +194,7 @@ restart:
 				if (rv < 0) fprintf(stderr, "%s: recv failure\n", prog);
 				else fprintf(stderr, "%s: Disconnected by remote\n", prog);
 
-				//tls_socket_close(conn.sock); // FIXME: 		
+				//close(conn.sock);
 				tls_cleanup(&conn);
 				goto restart;
 			}
@@ -181,7 +202,11 @@ restart:
 
 		if (tls_send(&conn, (uint8_t *)buf, len, &sentlen) != 1) {
 			fprintf(stderr, "%s: send failure, close connection\n", prog);
-			tls_socket_close(conn.sock);
+#ifdef WIN32
+			closesocket(conn.sock);
+#else
+			close(conn.sock);
+#endif
 			goto end;
 		}
 	}
diff --git a/tools/tls12_client.c b/tools/tls12_client.c
index 495f03ea..4ac0e16e 100644
--- a/tools/tls12_client.c
+++ b/tools/tls12_client.c
@@ -12,6 +12,19 @@
 #include <errno.h>
 #include <string.h>
 #include <stdlib.h>
+#ifdef WIN32
+#include <winsock2.h>
+#else
+
+#include <unistd.h>
+#include <netdb.h>
+#include <sys/types.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#endif
+
+
 #include <gmssl/tls.h>
 #include <gmssl/error.h>
 
@@ -39,7 +52,11 @@ int tls12_client_main(int argc, char *argv[])
 	char *pass = NULL;
 	struct hostent *hp;
 	struct sockaddr_in server;
-	tls_socket_t sock;
+#ifdef WIN32
+	SOCKET sock;
+#else	
+	int sock;
+#endif
 	TLS_CTX ctx;
 	TLS_CONNECT conn;
 	char buf[1024] = {0};
@@ -185,7 +202,11 @@ bad:
 
 
 end:
-	tls_socket_close(sock);
+#ifdef WIN32
+	closesocket(sock);
+#else
+	close(sock);
+#endif
 	tls_ctx_cleanup(&ctx);
 	tls_cleanup(&conn);
 	return 0;
diff --git a/tools/tls12_server.c b/tools/tls12_server.c
index ccd60e40..d983021a 100644
--- a/tools/tls12_server.c
+++ b/tools/tls12_server.c
@@ -12,6 +12,15 @@
 #include <errno.h>
 #include <string.h>
 #include <stdlib.h>
+#ifdef WIN32
+#include <winsock2.h>
+#else
+#include <unistd.h>
+#include <sys/types.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#endif
 #include <gmssl/mem.h>
 #include <gmssl/sm2.h>
 #include <gmssl/tls.h>
@@ -36,11 +45,24 @@ int tls12_server_main(int argc , char **argv)
 	TLS_CONNECT conn;
 	char buf[1600] = {0};
 	size_t len = sizeof(buf);
-	tls_socket_t sock;
-	tls_socket_t conn_sock;
+
+#ifdef WIN32
+	SOCKET sock;
+	SOCKET conn_sock;
+#else
+	int sock;
+	int conn_sock;
+#endif
+
 	struct sockaddr_in server_addr;
 	struct sockaddr_in client_addr;
-	tls_socklen_t client_addrlen;
+#ifdef WIN32
+	int client_addrlen;
+#else
+	socklen_t client_addrlen;
+#endif
+
+
 
 	argc--;
 	argv++;
@@ -157,7 +179,7 @@ restart:
 				if (rv < 0) fprintf(stderr, "%s: recv failure\n", prog);
 				else fprintf(stderr, "%s: Disconnected by remote\n", prog);
 
-				//tls_socket_close(conn.sock); // FIXME:		
+				//close(conn.sock);
 				tls_cleanup(&conn);
 				goto restart;
 			}
@@ -165,7 +187,11 @@ restart:
 
 		if (tls_send(&conn, (uint8_t *)buf, len, &sentlen) != 1) {
 			fprintf(stderr, "%s: send failure, close connection\n", prog);
-			tls_socket_close(conn.sock);
+#ifdef WIN32
+			closesocket(conn.sock);
+#else
+			close(conn.sock);
+#endif
 			goto end;
 		}
 	}
diff --git a/tools/tls13_client.c b/tools/tls13_client.c
index 3517fdbc..b6e9767e 100644
--- a/tools/tls13_client.c
+++ b/tools/tls13_client.c
@@ -12,6 +12,16 @@
 #include <errno.h>
 #include <string.h>
 #include <stdlib.h>
+#ifdef WIN32
+#include <winsock2.h>
+#else
+#include <unistd.h>
+#include <netdb.h>
+#include <sys/types.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#endif
 #include <gmssl/tls.h>
 #include <gmssl/error.h>
 
@@ -39,7 +49,11 @@ int tls13_client_main(int argc, char *argv[])
 	char *pass = NULL;
 	struct hostent *hp;
 	struct sockaddr_in server;
-	tls_socket_t sock;
+#ifdef WIN32
+	SOCKET sock;
+#else	
+	int sock;
+#endif
 	TLS_CTX ctx;
 	TLS_CONNECT conn;
 	char buf[1024] = {0};
@@ -184,7 +198,11 @@ bad:
 	}
 
 end:
-	tls_socket_close(sock);
+#ifdef WIN32
+	closesocket(sock);
+#else
+	close(sock);
+#endif
 	tls_ctx_cleanup(&ctx);
 	tls_cleanup(&conn);
 	return 0;
diff --git a/tools/tls13_server.c b/tools/tls13_server.c
index 09308ac2..ca0ff93d 100644
--- a/tools/tls13_server.c
+++ b/tools/tls13_server.c
@@ -12,6 +12,15 @@
 #include <errno.h>
 #include <string.h>
 #include <stdlib.h>
+#ifdef WIN32
+#include <winsock2.h>
+#else
+#include <unistd.h>
+#include <sys/types.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#endif
 #include <gmssl/mem.h>
 #include <gmssl/sm2.h>
 #include <gmssl/tls.h>
@@ -29,16 +38,30 @@ int tls13_server_main(int argc , char **argv)
 	char *keyfile = NULL;
 	char *pass = NULL;
 	char *cacertfile = NULL;
+
 	int server_ciphers[] = { TLS_cipher_sm4_gcm_sm3, };
+	
 	TLS_CTX ctx;
 	TLS_CONNECT conn;
 	char buf[1600] = {0};
 	size_t len = sizeof(buf);
-	tls_socket_t sock;
-	tls_socket_t conn_sock;
+
+#ifdef WIN32
+	SOCKET sock;
+	SOCKET conn_sock;
+#else
+	int sock;
+	int conn_sock;	
+#endif
 	struct sockaddr_in server_addr;
 	struct sockaddr_in client_addr;
-	tls_socklen_t client_addrlen;
+#ifdef WIN32
+	int client_addrlen;
+#else
+	socklen_t client_addrlen;
+#endif
+
+
 
 	argc--;
 	argv++;
@@ -163,7 +186,11 @@ restart:
 
 		if (tls13_send(&conn, (uint8_t *)buf, len, &sentlen) != 1) {
 			fprintf(stderr, "%s: send failure, close connection\n", prog);
-			tls_socket_close(conn.sock);
+#ifdef WIN32
+			closesocket(conn.sock);
+#else
+			close(conn.sock);
+#endif
 			goto end;
 		}
 	}