@@ -11,21 +11,53 @@ * Public License, either version 2 or 3, which can be found in the file * LICENSE.GPLv2 or LICENSE.GPLv3 respectively included in the packaging of this * file. */ -#import "OFObject.h" +#import "OFTCPSocket.h" OF_ASSUME_NONNULL_BEGIN /** - * @protocol OFTLSSocket OFTLSSocket.h ObjFW/OFTLSSocket.h + * @protocol OFTLSSocketDelegate OFTLSSocket.h ObjFW/OFTLSSocket.h + * + * A delegate for OFTLSSocket. + */ +@protocol OFTLSSocketDelegate +@end + +/** + * @class OFTLSSocket OFTLSSocket.h ObjFW/OFTLSSocket.h + * + * @brief A class that provides Transport Layer Security on top of a TCP socket. + * + * This class is a class cluster and returns a suitable OFTLSSocket subclass, + * if available. + * + * Subclasses need to override @ref accept, @ref lowlevelReadIntoBuffer:length:, + * @ref lowlevelWriteBuffer:length:, @ref lowlevelIsAtEndOfStream and + * @ref startTLSForHost:port:. In order to get access to the lowlevel TCP + * methods (you cannot call `super`, as the class is abstract), the private + * methods @ref TCPAccept, @ref lowlevelTCPReadIntoBuffer:length:, + * @ref lowlevelTCPWriteBuffer:length: and @ref lowlevelTCPIsAtEndOfStream are + * provided. + */ +@interface OFTLSSocket: OFTCPSocket +{ + bool _verifiesCertificates; + OF_RESERVE_IVARS(OFTLSSocket, 4) +} + +/** + * @brief The delegate for asynchronous operations on the socket. * - * @brief A protocol that should be implemented by 3rd-party libraries - * implementing TLS. + * @note The delegate is retained for as long as asynchronous operations are + * still ongoing. */ -@protocol OFTLSSocket +@property OF_NULLABLE_PROPERTY (assign, nonatomic) + id delegate; + /** * @brief Whether certificates are verified. * * The default is enabled. */ @@ -36,8 +68,53 @@ * underlying socket. * * @param socket The TCP socket to use as underlying socket */ - (instancetype)initWithSocket: (OFTCPSocket *)socket; + +/** + * @brief Start TLS on the underlying socket with the assumption that it is + * connected to the specified host and port. + * + * @param host The host the socket is connected to, which is also used for + * verification + * @param port The port the socket is connected to + */ +- (void)startTLSForHost: (OFString *)host port: (uint16_t)port; + +/** + * @brief This method should never be called directly. Only subclasses of + * @ref OFTLSSocket are allowed to call it. + */ +- (instancetype)TCPAccept; + +/** + * @brief This method should never be called directly. Only subclasses of + * @ref OFTLSSocket are allowed to call it. + */ +- (size_t)lowlevelTCPReadIntoBuffer: (void *)buffer length: (size_t)length; + +/** + * @brief This method should never be called directly. Only subclasses of + * @ref OFTLSSocket are allowed to call it. + */ +- (size_t)lowlevelTCPWriteBuffer: (const void *)buffer length: (size_t)length; + +/** + * @brief This method should never be called directly. Only subclasses of + * @ref OFTLSSocket are allowed to call it. + */ +- (bool)lowlevelTCPIsAtEndOfStream; @end + +#ifdef __cplusplus +extern "C" { +#endif +/** + * @brief The concrete subclass of OFTLSSocket that should be used. + */ +extern Class _Nullable OFTLSSocketImplementation; +#ifdef __cplusplus +} +#endif OF_ASSUME_NONNULL_END