Conform to OFTLSSocket.

Still a few FIXMEs / TODOs.

src/SSLInvalidCertificateException.m

@@ -21,12 +21,12 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
+#include <stdlib.h>
+
 #import "SSLInvalidCertificateException.h"
 
 #import <ObjFW/macros.h>
 
-#import <ObjFW/OFNotImplementedException.h>
-
 @implementation SSLInvalidCertificateException
 + exceptionWithClass: (Class)class
 	      reason: (OFString*)reason
@@ -37,10 +37,14 @@
 
 - initWithClass: (Class)class
 {
-	Class c = [self class];
+	@try {
+		[self doesNotRecognizeSelector: _cmd];
+	} @catch (id e) {
 		[self release];
-	@throw [OFNotImplementedException exceptionWithClass: c
+		@throw e;
-						    selector: _cmd];
+	}
+
+	abort();
 }
 
 - initWithClass: (Class)class

src/SSLSocket.h

@@ -24,31 +24,24 @@
 #include <openssl/ssl.h>
 
 #import <ObjFW/OFTCPSocket.h>
+#import <ObjFW/OFTLSSocket.h>
 
 @class X509Certificate;
 
-@interface SSLSocket: OFTCPSocket
+@interface SSLSocket: OFTCPSocket <OFTLSSocket>
 {
 	SSL *_SSL;
-	OFString *_privateKeyFile, *_certificateFile;
+	OFString *_certificateFile, *_privateKeyFile;
+	const char *_privateKeyPassphrase;
 	bool _requestsClientCertificates;
 }
 
 #ifdef OF_HAVE_PROPERTIES
-@property (copy) OFString *privateKeyFile, *certificateFile;
 @property bool requestsClientCertificates;
 #endif
 
 - initWithSocket: (OFTCPSocket*)socket;
--  initWithSocket: (OFTCPSocket*)socket
-   privateKeyFile: (OFString*)privateKeyFile
-  certificateFile: (OFString*)certificateFile;
 - (void)SSL_super_close;
-- (SSLSocket*)accept;	/* Changes the return type */
-- (void)setPrivateKeyFile: (OFString*)file;
-- (OFString*)privateKeyFile;
-- (void)setCertificateFile: (OFString*)file;
-- (OFString*)certificateFile;
 - (void)setRequestsClientCertificates: (bool)enabled;
 - (bool)requestsClientCertificates;
 - (OFDataArray*)channelBindingDataWithType: (OFString*)type;

src/SSLSocket.m

@@ -114,53 +114,11 @@ locking_callback(int mode, int n, const char *file, int line)
 }
 
 - initWithSocket: (OFTCPSocket*)socket
-{
-	return [self initWithSocket: socket
-		     privateKeyFile: nil
-		    certificateFile: nil];
-}
-
--  initWithSocket: (OFTCPSocket*)socket
-   privateKeyFile: (OFString*)privateKeyFile
-  certificateFile: (OFString*)certificateFile
 {
 	self = [self init];
 
-	@try {
-		/* FIXME: Also allow with accepted sockets */
-
-		_privateKeyFile = [privateKeyFile copy];
-		_certificateFile = [certificateFile copy];
-
 	_socket = dup(socket->_socket);
 
-		if ((_SSL = SSL_new(ctx)) == NULL ||
-		    !SSL_set_fd(_SSL, _socket)) {
-			close(_socket);
-			_socket = INVALID_SOCKET;
-			@throw [OFInitializationFailedException
-			    exceptionWithClass: [self class]];
-		}
-
-		SSL_set_connect_state(_SSL);
-
-		if ((_privateKeyFile != nil && !SSL_use_PrivateKey_file(_SSL,
-		    [_privateKeyFile cStringWithEncoding:
-		    OF_STRING_ENCODING_NATIVE], SSL_FILETYPE_PEM)) ||
-		    (_certificateFile != nil && !SSL_use_certificate_file(_SSL,
-		    [_certificateFile cStringWithEncoding:
-		    OF_STRING_ENCODING_NATIVE], SSL_FILETYPE_PEM)) ||
-		    SSL_connect(_SSL) != 1) {
-			close(_socket);
-			_socket = INVALID_SOCKET;
-			@throw [OFInitializationFailedException
-			    exceptionWithClass: [self class]];
-		}
-	} @catch (id e) {
-		[self release];
-		@throw e;
-	}
-
 	return self;
 }
 
@@ -177,19 +135,15 @@ locking_callback(int mode, int n, const char *file, int line)
 		SSL_free(SSL_);
 }
 
-- (void)connectToHost: (OFString*)host
+- (void)startTLS
-		 port: (uint16_t)port
 {
-	[super connectToHost: host
-			port: port];
-
 	if ((_SSL = SSL_new(ctx)) == NULL || !SSL_set_fd(_SSL, _socket)) {
 		[super close];
 		@throw [OFConnectionFailedException
 		    exceptionWithClass: [self class]
 				socket: self
-				  host: host
+				  host: nil
-				  port: port];
+				  port: 0];
 	}
 
 	SSL_set_connect_state(_SSL);
@@ -201,6 +155,23 @@ locking_callback(int mode, int n, const char *file, int line)
 	    cStringWithEncoding: OF_STRING_ENCODING_NATIVE],
 	    SSL_FILETYPE_PEM)) || SSL_connect(_SSL) != 1) {
 		[super close];
+		@throw [OFConnectionFailedException
+		    exceptionWithClass: [self class]
+				socket: self
+				  host: nil
+				  port: 0];
+	}
+}
+
+- (void)connectToHost: (OFString*)host
+		 port: (uint16_t)port
+{
+	[super connectToHost: host
+			port: port];
+
+	@try {
+		[self startTLS];
+	} @catch (OFConnectionFailedException *e) {
 		@throw [OFConnectionFailedException
 		    exceptionWithClass: [self class]
 				socket: self
@@ -209,7 +180,7 @@ locking_callback(int mode, int n, const char *file, int line)
 	}
 }
 
-- (SSLSocket*)accept
+- (instancetype)accept
 {
 	SSLSocket *client = (SSLSocket*)[super accept];
 
@@ -333,14 +304,17 @@ locking_callback(int mode, int n, const char *file, int line)
 	return [super numberOfBytesInReadBuffer] + SSL_pending(_SSL);
 }
 
-- (void)setPrivateKeyFile: (OFString*)privateKeyFile
+- (void)setDelegate: (id <OFTLSSocketDelegate>)delegate
 {
-	OF_SETTER(_privateKeyFile, privateKeyFile, true, 1)
+	/* FIXME */
+	[self doesNotRecognizeSelector: _cmd];
+	abort();
 }
 
-- (OFString*)privateKeyFile
+- (id <OFTLSSocketDelegate>)delegate
 {
-	OF_GETTER(_privateKeyFile, true)
+	/* FIXME */
+	return nil;
 }
 
 - (void)setCertificateFile: (OFString*)certificateFile
@@ -353,6 +327,27 @@ locking_callback(int mode, int n, const char *file, int line)
 	OF_GETTER(_certificateFile, true)
 }
 
+- (void)setPrivateKeyFile: (OFString*)privateKeyFile
+{
+	OF_SETTER(_privateKeyFile, privateKeyFile, true, 1)
+}
+
+- (OFString*)privateKeyFile
+{
+	OF_GETTER(_privateKeyFile, true)
+}
+
+- (void)setPrivateKeyPassphrase: (const char*)privateKeyPassphrase
+{
+	/* FIXME */
+}
+
+- (const char*)privateKeyPassphrase
+{
+	/* FIXME */
+	return NULL;
+}
+
 - (void)setRequestsClientCertificates: (bool)enabled
 {
 	_requestsClientCertificates = enabled;