Overview
Comment: | OFTLSSocket: Make use of properties |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
143c61869afca3672d61779829c9a2ea |
User & Date: | js on 2016-03-06 17:40:38 |
Other Links: | manifest | tags |
Context
2016-03-12
| ||
11:55 | OFTCPSocket+SOCKS5.m: Use send/recv directly check-in: f8422ce7e9 user: js tags: trunk | |
2016-03-06
| ||
17:40 | OFTLSSocket: Make use of properties check-in: 143c61869a user: js tags: trunk | |
2016-03-02
| ||
21:07 | ObjFW.h: Add OFStatItemFailedException.h check-in: 89fc3e69a8 user: js tags: trunk | |
Changes
Modified src/OFTLSSocket.h from [e9f441720c] to [81b5fff19e].
︙ | ︙ | |||
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 | /*! * @protocol OFTLSSocket OFTLSSocket.h ObjFW/OFTLSSocket.h * * @brief A protocol that should be implemented by 3rd-party libraries * implementing TLS. */ @protocol OFTLSSocket /*! * @brief Initializes the TLS socket with the specified TCP socket as its * underlying socket. * * @param socket The TCP socket to use as underlying socket */ - initWithSocket: (OFTCPSocket*)socket; /*! * @brief Initiates the TLS handshake. * * @note This is only useful if you used @ref initWithSocket: to start TLS on * a TCP socket which is already connected! * * @param host The host to expect for certificate verification. * May be `nil` if certificate verification is disabled. */ - (void)startTLSWithExpectedHost: (nullable OFString*)host; | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < | 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 | /*! * @protocol OFTLSSocket OFTLSSocket.h ObjFW/OFTLSSocket.h * * @brief A protocol that should be implemented by 3rd-party libraries * implementing TLS. */ @protocol OFTLSSocket /*! * The delegate for the TLS socket. */ @property OF_NULLABLE_PROPERTY (assign) id <OFTLSSocket> delegate; /*! * The path to the X.509 certificate file to use. */ @property OF_NULLABLE_PROPERTY (copy) OFString *certificateFile; /*! * The path to the PKCS#8 private key file to use. */ @property OF_NULLABLE_PROPERTY (copy) OFString *privateKeyFile; /*! * The passphrase to decrypt the PKCS#8 private key file. * * @warning You have to ensure that this is in secure memory protected from * swapping! This is also the reason why this is not an OFString. */ @property OF_NULLABLE_PROPERTY (assign) const char *privateKeyPassphrase; /** * Whether certificate verification is enabled. * * The default is enabled. */ @property (getter=isCertificateVerificationEnabled) bool certificateVerificationEnabled; /*! * @brief Initializes the TLS socket with the specified TCP socket as its * underlying socket. * * @param socket The TCP socket to use as underlying socket */ - initWithSocket: (OFTCPSocket*)socket; /*! * @brief Initiates the TLS handshake. * * @note This is only useful if you used @ref initWithSocket: to start TLS on * a TCP socket which is already connected! * * @param host The host to expect for certificate verification. * May be `nil` if certificate verification is disabled. */ - (void)startTLSWithExpectedHost: (nullable OFString*)host; /*! * @brief Sets the path to the X.509 certificate file to use for the specified * SNI host. * * @param SNIHost The SNI host for which the path of the X.509 certificate file * should be set * * @param certificateFile The path to the X.509 certificate file */ - (void)setCertificateFile: (OFString*)certificateFile forSNIHost: (OFString*)SNIHost; /*! * @brief Returns the path of the X.509 certificate file used by the TLS socket * for the specified SNI host. * * @param SNIHost The SNI host for which the path of the X.509 certificate file * should be returned * * @return The path of the X.509 certificate file used by the TLS socket for * the specified SNI host */ - (nullable OFString*)certificateFileForSNIHost: (OFString*)SNIHost; /*! * @brief Sets the path to the PKCS#8 private key file to use for the specified * SNI host. * * @param privateKeyFile The path to the PKCS#8 private key file * @param SNIHost The SNI host for which the path to the PKCS#8 private key * file should be set */ - (void)setPrivateKeyFile: (OFString*)privateKeyFile forSNIHost: (OFString*)SNIHost; /*! * @brief Returns the path of the PKCS#8 private key file used by the TLS * socket for the specified SNI host. * * @param SNIHost The SNI host for which the path of the PKCS#8 private key * file should be returned * * @return The path of the PKCS#8 private key file used by the TLS socket for * the specified SNI host */ - (nullable OFString*)privateKeyFileForSNIHost: (OFString*)SNIHost; /*! * @brief Sets the passphrase to decrypt the PKCS#8 private key file for the * specified SNI host. * * @warning You have to ensure that this is in secure memory protected from * swapping! This is also the reason why this is not an OFString. * * @param privateKeyPassphrase The passphrase to decrypt the PKCS#8 private * key file for the specified SNI host * @param SNIHost The SNI host for which the passphrase to decrypt the PKCS#8 * private key file should be set */ - (void)setPrivateKeyPassphrase: (const char*)privateKeyPassphrase forSNIHost: (OFString*)SNIHost; /*! * @brief Returns the passphrase to decrypt the PKCS#8 private key file for the * specified SNI host. * * @warning You should not copy this to insecure memory which is swappable! * * @param SNIHost The SNI host for which the passphrase to decrypt the PKCS#8 * private key file should be returned * * @return The passphrase to decrypt the PKCS#8 private key file for the * specified SNI host */ - (nullable const char*)privateKeyPassphraseForSNIHost: (OFString*)SNIHost; @end OF_ASSUME_NONNULL_END |