/*
* Copyright (c) 2008-2021 Jonathan Schleifer <js@nil.im>
*
* All rights reserved.
*
* This file is part of ObjFW. It may be distributed under the terms of the
* Q Public License 1.0, which can be found in the file LICENSE.QPL included in
* the packaging of this file.
*
* Alternatively, it may be distributed under the terms of the GNU General
* Public License, either version 2 or 3, which can be found in the file
* LICENSE.GPLv2 or LICENSE.GPLv3 respectively included in the packaging of this
* file.
*/
#import "OFTCPSocket.h"
OF_ASSUME_NONNULL_BEGIN
/**
* @protocol OFTLSSocketDelegate OFTLSSocket.h ObjFW/OFTLSSocket.h
*
* A delegate for OFTLSSocket.
*/
@protocol OFTLSSocketDelegate <OFTCPSocketDelegate>
@end
/**
* @class OFTLSSocket OFTLSSocket.h ObjFW/OFTLSSocket.h
*
* @brief A class that provides Transport Layer Security on top of a TCP socket.
*
* This class is a class cluster and returns a suitable OFTLSSocket subclass,
* if available.
*
* Subclasses need to override @ref accept, @ref lowlevelReadIntoBuffer:length:,
* @ref lowlevelWriteBuffer:length: and @ref startTLSForHost:port:. The method
* @ref hasDataInReadBuffer should be overridden to return `true` if the TLS
* socket has cached unprocessed data internally, while returning
* `[super hasDataInReadBuffer]` if it does not have any unprocessed data. In
* order to get access to the lowlevel TCP methods (you cannot call `super`, as
* the class is abstract), the private methods @ref TCPAccept,
* @ref lowlevelTCPReadIntoBuffer:length: and
* @ref lowlevelTCPWriteBuffer:length: are provided.
*/
@interface OFTLSSocket: OFTCPSocket
{
bool _verifiesCertificates;
OF_RESERVE_IVARS(OFTLSSocket, 4)
}
/**
* @brief The delegate for asynchronous operations on the socket.
*
* @note The delegate is retained for as long as asynchronous operations are
* still ongoing.
*/
@property OF_NULLABLE_PROPERTY (assign, nonatomic)
id <OFTLSSocketDelegate> delegate;
/**
* @brief Whether certificates are verified.
*
* The default is enabled.
*/
@property (nonatomic) bool verifiesCertificates;
/**
* @brief Initializes the TLS socket with the specified TCP socket as its
* underlying socket.
*
* The passed socket will become invalid, as the internal socket handle gets
* moved from the specified socket to the OFTLSSocket.
*
* @param socket The TCP socket to use as underlying socket
*/
- (instancetype)initWithSocket: (OFTCPSocket *)socket;
/**
* @brief Start TLS on the underlying socket with the assumption that it is
* connected to the specified host and port.
*
* @param host The host the socket is connected to, which is also used for
* verification
* @param port The port the socket is connected to
*/
- (void)startTLSForHost: (OFString *)host port: (uint16_t)port;
/**
* @brief This method should never be called directly. Only subclasses of
* @ref OFTLSSocket are allowed to call it.
*/
- (instancetype)TCPAccept;
/**
* @brief This method should never be called directly. Only subclasses of
* @ref OFTLSSocket are allowed to call it.
*/
- (size_t)lowlevelTCPReadIntoBuffer: (void *)buffer length: (size_t)length;
/**
* @brief This method should never be called directly. Only subclasses of
* @ref OFTLSSocket are allowed to call it.
*/
- (size_t)lowlevelTCPWriteBuffer: (const void *)buffer length: (size_t)length;
@end
#ifdef __cplusplus
extern "C" {
#endif
/**
* @brief The concrete subclass of OFTLSSocket that should be used.
*/
extern Class _Nullable OFTLSSocketImplementation;
#ifdef __cplusplus
}
#endif
OF_ASSUME_NONNULL_END