Differences From Artifact [c91283e053]:
- File
src/OFTLSStream.h
— part of check-in
[d30efa8bbf]
at
2021-11-13 13:04:13
on branch trunk
— Completely rework the TLS/SSL API
The previous API could never work cleanly and would always require
hacks, as it needed intercepting all interactions of OFTCPSocket with
the raw socket and did not work at all if the OFTCPSocket had anything
in its read buffer before starting the TLS handshake. This also could
not be fixed easily, as it would have required the object to contain two
read buffers, one for the unencrypted connection and one for the
encrypted connection. There was also no clean way to perform the
handshake in a non-blocking way.The new API is a lot cleaner and requires none of the hacks, but using
it requires slightly more work. But this is more than made up for by
making a fully asynchronous handshake possible. It uses the concept of a
stream wrapping another stream, meaning the entire connecting part is
being handled by OFTCPSocket and then the connected socket is passed off
to OFTLSStream to wrap it. This also makes for a lot cleaner separation
of concerns. (user: js, size: 4764) [annotate] [blame] [check-ins using]
To Artifact [b3a209020a]:
- File
src/OFTLSStream.h
— part of check-in
[112eb62f7b]
at
2021-11-13 20:28:25
on branch trunk
— Add OFSecureTransportTLSStream
This implements OFTLSStream using Apple's Secure Transport. While Secure
Transport is declared deprecated by Apple, Apple so far has failed to
provide a suitable replacement. They recommend Network.framework as a
replacement, however it can neither work on arbitrary sockets, nor can
it do STARTTLS. (user: js, size: 5359) [annotate] [blame] [check-ins using]
︙ | ︙ | |||
18 19 20 21 22 23 24 25 26 27 28 29 30 31 | OF_ASSUME_NONNULL_BEGIN /** @file */ @class OFTLSStream; /** * @protocol OFTLSStreamDelegate OFTLSStream.h ObjFW/OFTLSStream.h * * A delegate for OFTLSStream. */ @protocol OFTLSStreamDelegate <OFStreamDelegate> /** | > > > > > > > > > > | 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 | OF_ASSUME_NONNULL_BEGIN /** @file */ @class OFTLSStream; /** * @brief An enum representing an error of an OFTLSStream. */ typedef enum { /** @brief An unknown error. */ OFTLSStreamErrorCodeUnknown, /** @brief Initialization of the TLS context failed. */ OFTLSStreamErrorCodeInitializationFailed } OFTLSStreamErrorCode; /** * @protocol OFTLSStreamDelegate OFTLSStream.h ObjFW/OFTLSStream.h * * A delegate for OFTLSStream. */ @protocol OFTLSStreamDelegate <OFStreamDelegate> /** |
︙ | ︙ | |||
106 107 108 109 110 111 112 | * underlying stream. * * @param stream The stream to use as underlying stream. Must not be closed * before the TLS stream is closed. * @return An initialized TLS stream */ - (instancetype)initWithStream: (OFStream <OFReadyForReadingObserving, | | > | 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 | * underlying stream. * * @param stream The stream to use as underlying stream. Must not be closed * before the TLS stream is closed. * @return An initialized TLS stream */ - (instancetype)initWithStream: (OFStream <OFReadyForReadingObserving, OFReadyForWritingObserving> *)stream OF_DESIGNATED_INITIALIZER; /** * @brief Asynchronously performs the TLS client handshake for the specified * host and calls the delegate afterwards. * * @param host The host to perform the handshake with */ |
︙ | ︙ | |||
145 146 147 148 149 150 151 152 153 154 155 156 | * @brief The implementation for OFTLSStream to use. * * This can be set to a class that is always used for OFTLSStream. This is * useful to either force a specific implementation or use one that ObjFW does * not know about. */ extern Class OFTLSStreamImplementation; #ifdef __cplusplus } #endif OF_ASSUME_NONNULL_END | > > > > > > > > > | 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 | * @brief The implementation for OFTLSStream to use. * * This can be set to a class that is always used for OFTLSStream. This is * useful to either force a specific implementation or use one that ObjFW does * not know about. */ extern Class OFTLSStreamImplementation; /** * @brief Returns a string description for the TLS stream error code. * * @param errorCode The error code to return the description for * @return A string description for the TLS stream error code */ extern OFString *OFTLSStreamErrorCodeDescription( OFTLSStreamErrorCode errorCode); #ifdef __cplusplus } #endif OF_ASSUME_NONNULL_END |