Conform to OFTLSSocket.

Still a few FIXMEs / TODOs.
2013-03-31 12:04:53 +02:00 · 2013-03-31 12:04:53 +02:00 · ecbaa8ed20
commit ecbaa8ed20
parent 89c705d9ed
3 changed files with 64 additions and 72 deletions
--- a/src/SSLInvalidCertificateException.m
+++ b/src/SSLInvalidCertificateException.m
@ -21,12 +21,12 @@
 * POSSIBILITY OF SUCH DAMAGE.
 */

+#include <stdlib.h>
+
 #import "SSLInvalidCertificateException.h"

 #import <ObjFW/macros.h>

-#import <ObjFW/OFNotImplementedException.h>
-
@implementation SSLInvalidCertificateException
 + exceptionWithClass: (Class)class
 	      reason: (OFString*)reason
@ -37,10 +37,14 @@

 - initWithClass: (Class)class
 {
-	Class c = [self class];
+	@try {
+		[self doesNotRecognizeSelector: _cmd];
+	} @catch (id e) {
 		[self release];
-	@throw [OFNotImplementedException exceptionWithClass: c
-						    selector: _cmd];
+		@throw e;
+	}
+
+	abort();
 }

 - initWithClass: (Class)class
--- a/src/SSLSocket.h
+++ b/src/SSLSocket.h
@ -24,31 +24,24 @@
 #include <openssl/ssl.h>

 #import <ObjFW/OFTCPSocket.h>
+#import <ObjFW/OFTLSSocket.h>

@class X509Certificate;

-@interface SSLSocket: OFTCPSocket
+@interface SSLSocket: OFTCPSocket <OFTLSSocket>
 {
 	SSL *_SSL;
-	OFString *_privateKeyFile, *_certificateFile;
+	OFString *_certificateFile, *_privateKeyFile;
+	const char *_privateKeyPassphrase;
 	bool _requestsClientCertificates;
 }

 #ifdef OF_HAVE_PROPERTIES
-@property (copy) OFString *privateKeyFile, *certificateFile;
@property bool requestsClientCertificates;
 #endif

 - initWithSocket: (OFTCPSocket*)socket;
-  initWithSocket: (OFTCPSocket*)socket
-   privateKeyFile: (OFString*)privateKeyFile
-  certificateFile: (OFString*)certificateFile;
 - (void)SSL_super_close;
- (SSLSocket*)accept;	/* Changes the return type */
- (void)setPrivateKeyFile: (OFString*)file;
- (OFString*)privateKeyFile;
- (void)setCertificateFile: (OFString*)file;
- (OFString*)certificateFile;
 - (void)setRequestsClientCertificates: (bool)enabled;
 - (bool)requestsClientCertificates;
 - (OFDataArray*)channelBindingDataWithType: (OFString*)type;
--- a/src/SSLSocket.m
+++ b/src/SSLSocket.m
@ -114,53 +114,11 @@ locking_callback(int mode, int n, const char *file, int line)
 }

 - initWithSocket: (OFTCPSocket*)socket
-{
-	return [self initWithSocket: socket
-		     privateKeyFile: nil
-		    certificateFile: nil];
-}
-
-  initWithSocket: (OFTCPSocket*)socket
-   privateKeyFile: (OFString*)privateKeyFile
-  certificateFile: (OFString*)certificateFile
 {
 	self = [self init];

-	@try {
-		/* FIXME: Also allow with accepted sockets */
-
-		_privateKeyFile = [privateKeyFile copy];
-		_certificateFile = [certificateFile copy];
-
 	_socket = dup(socket->_socket);

-		if ((_SSL = SSL_new(ctx)) == NULL ||
-		    !SSL_set_fd(_SSL, _socket)) {
-			close(_socket);
-			_socket = INVALID_SOCKET;
-			@throw [OFInitializationFailedException
-			    exceptionWithClass: [self class]];
-		}
-
-		SSL_set_connect_state(_SSL);
-
-		if ((_privateKeyFile != nil && !SSL_use_PrivateKey_file(_SSL,
-		    [_privateKeyFile cStringWithEncoding:
-		    OF_STRING_ENCODING_NATIVE], SSL_FILETYPE_PEM)) ||
-		    (_certificateFile != nil && !SSL_use_certificate_file(_SSL,
-		    [_certificateFile cStringWithEncoding:
-		    OF_STRING_ENCODING_NATIVE], SSL_FILETYPE_PEM)) ||
-		    SSL_connect(_SSL) != 1) {
-			close(_socket);
-			_socket = INVALID_SOCKET;
-			@throw [OFInitializationFailedException
-			    exceptionWithClass: [self class]];
-		}
-	} @catch (id e) {
-		[self release];
-		@throw e;
-	}
-
 	return self;
 }

@ -177,19 +135,15 @@ locking_callback(int mode, int n, const char *file, int line)
 		SSL_free(SSL_);
 }

- (void)connectToHost: (OFString*)host
-		 port: (uint16_t)port
+- (void)startTLS
 {
-	[super connectToHost: host
-			port: port];
-
 	if ((_SSL = SSL_new(ctx)) == NULL || !SSL_set_fd(_SSL, _socket)) {
 		[super close];
 		@throw [OFConnectionFailedException
 		    exceptionWithClass: [self class]
 				socket: self
-				  host: host
-				  port: port];
+				  host: nil
+				  port: 0];
 	}

 	SSL_set_connect_state(_SSL);
@ -201,6 +155,23 @@ locking_callback(int mode, int n, const char *file, int line)
 	    cStringWithEncoding: OF_STRING_ENCODING_NATIVE],
 	    SSL_FILETYPE_PEM)) || SSL_connect(_SSL) != 1) {
 		[super close];
+		@throw [OFConnectionFailedException
+		    exceptionWithClass: [self class]
+				socket: self
+				  host: nil
+				  port: 0];
+	}
+}
+
+- (void)connectToHost: (OFString*)host
+		 port: (uint16_t)port
+{
+	[super connectToHost: host
+			port: port];
+
+	@try {
+		[self startTLS];
+	} @catch (OFConnectionFailedException *e) {
 		@throw [OFConnectionFailedException
 		    exceptionWithClass: [self class]
 				socket: self
@ -209,7 +180,7 @@ locking_callback(int mode, int n, const char *file, int line)
 	}
 }

- (SSLSocket*)accept
+- (instancetype)accept
 {
 	SSLSocket *client = (SSLSocket*)[super accept];

@ -333,14 +304,17 @@ locking_callback(int mode, int n, const char *file, int line)
 	return [super numberOfBytesInReadBuffer] + SSL_pending(_SSL);
 }

- (void)setPrivateKeyFile: (OFString*)privateKeyFile
+- (void)setDelegate: (id <OFTLSSocketDelegate>)delegate
 {
-	OF_SETTER(_privateKeyFile, privateKeyFile, true, 1)
+	/* FIXME */
+	[self doesNotRecognizeSelector: _cmd];
+	abort();
 }

- (OFString*)privateKeyFile
+- (id <OFTLSSocketDelegate>)delegate
 {
-	OF_GETTER(_privateKeyFile, true)
+	/* FIXME */
+	return nil;
 }

 - (void)setCertificateFile: (OFString*)certificateFile
@ -353,6 +327,27 @@ locking_callback(int mode, int n, const char *file, int line)
 	OF_GETTER(_certificateFile, true)
 }

+- (void)setPrivateKeyFile: (OFString*)privateKeyFile
+{
+	OF_SETTER(_privateKeyFile, privateKeyFile, true, 1)
+}
+
+- (OFString*)privateKeyFile
+{
+	OF_GETTER(_privateKeyFile, true)
+}
+
+- (void)setPrivateKeyPassphrase: (const char*)privateKeyPassphrase
+{
+	/* FIXME */
+}
+
+- (const char*)privateKeyPassphrase
+{
+	/* FIXME */
+	return NULL;
+}
+
 - (void)setRequestsClientCertificates: (bool)enabled
 {
 	_requestsClientCertificates = enabled;