From 52c716c657cf4f5b0a5767f59dc7ddb04261f534 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Remko=20Tron=C3=A7on?= <git@el-tramo.be>
Date: Sun, 7 Nov 2010 11:41:22 +0100
Subject: Refactored TLS handling.

TLSLayer is now independent of TLS implementation. The implementation-specifics are now in TLSContext and TLSContextFactory.

diff --git a/Swiften/Client/CoreClient.cpp b/Swiften/Client/CoreClient.cpp
index d9b21bc..214e6b1 100644
--- a/Swiften/Client/CoreClient.cpp
+++ b/Swiften/Client/CoreClient.cpp
@@ -11,7 +11,7 @@
 #include "Swiften/Network/MainBoostIOServiceThread.h"
 #include "Swiften/Network/BoostIOServiceThread.h"
 #include "Swiften/Client/ClientSession.h"
-#include "Swiften/StreamStack/PlatformTLSLayerFactory.h"
+#include "Swiften/TLS/PlatformTLSContextFactory.h"
 #include "Swiften/Network/Connector.h"
 #include "Swiften/Network/BoostConnectionFactory.h"
 #include "Swiften/Network/BoostTimerFactory.h"
@@ -33,14 +33,14 @@ CoreClient::CoreClient(EventLoop* eventLoop, const JID& jid, const String& passw
 	iqRouter_ = new IQRouter(stanzaChannel_);
 	connectionFactory_ = new BoostConnectionFactory(&MainBoostIOServiceThread::getInstance().getIOService(), eventLoop);
 	timerFactory_ = new BoostTimerFactory(&MainBoostIOServiceThread::getInstance().getIOService(), eventLoop);
-	tlsLayerFactory_ = new PlatformTLSLayerFactory();
+	tlsContextFactory_ = new PlatformTLSContextFactory();
 }
 
 CoreClient::~CoreClient() {
 	if (session_ || connection_) {
 		std::cerr << "Warning: Client not disconnected properly" << std::endl;
 	}
-	delete tlsLayerFactory_;
+	delete tlsContextFactory_;
 	delete timerFactory_;
 	delete connectionFactory_;
 	delete iqRouter_;
@@ -81,7 +81,7 @@ void CoreClient::handleConnectorFinished(boost::shared_ptr<Connection> connectio
 		connection_ = connection;
 
 		assert(!sessionStream_);
-		sessionStream_ = boost::shared_ptr<BasicSessionStream>(new BasicSessionStream(ClientStreamType, connection_, &payloadParserFactories_, &payloadSerializers_, tlsLayerFactory_, timerFactory_));
+		sessionStream_ = boost::shared_ptr<BasicSessionStream>(new BasicSessionStream(ClientStreamType, connection_, &payloadParserFactories_, &payloadSerializers_, tlsContextFactory_, timerFactory_));
 		if (!certificate_.isEmpty()) {
 			sessionStream_->setTLSCertificate(PKCS12Certificate(certificate_, password_));
 		}
diff --git a/Swiften/Client/CoreClient.h b/Swiften/Client/CoreClient.h
index 2b7113f..4170e8d 100644
--- a/Swiften/Client/CoreClient.h
+++ b/Swiften/Client/CoreClient.h
@@ -26,7 +26,7 @@
 
 namespace Swift {
 	class IQRouter;
-	class TLSLayerFactory;
+	class TLSContextFactory;
 	class ConnectionFactory;
 	class TimerFactory;
 	class ClientSession;
@@ -198,7 +198,7 @@ namespace Swift {
 			Connector::ref connector_;
 			ConnectionFactory* connectionFactory_;
 			TimerFactory* timerFactory_;
-			TLSLayerFactory* tlsLayerFactory_;
+			TLSContextFactory* tlsContextFactory_;
 			FullPayloadParserFactoryCollection payloadParserFactories_;
 			FullPayloadSerializerCollection payloadSerializers_;
 			boost::shared_ptr<Connection> connection_;
diff --git a/Swiften/Component/CoreComponent.cpp b/Swiften/Component/CoreComponent.cpp
index af6ebe5..2821dd2 100644
--- a/Swiften/Component/CoreComponent.cpp
+++ b/Swiften/Component/CoreComponent.cpp
@@ -11,7 +11,6 @@
 #include "Swiften/Network/MainBoostIOServiceThread.h"
 #include "Swiften/Network/BoostIOServiceThread.h"
 #include "Swiften/Component/ComponentSession.h"
-#include "Swiften/StreamStack/NullTLSLayerFactory.h"
 #include "Swiften/Network/Connector.h"
 #include "Swiften/Network/BoostConnectionFactory.h"
 #include "Swiften/Network/BoostTimerFactory.h"
@@ -33,14 +32,12 @@ CoreComponent::CoreComponent(EventLoop* eventLoop, const JID& jid, const String&
 	iqRouter_->setFrom(jid);
 	connectionFactory_ = new BoostConnectionFactory(&MainBoostIOServiceThread::getInstance().getIOService(), eventLoop);
 	timerFactory_ = new BoostTimerFactory(&MainBoostIOServiceThread::getInstance().getIOService(), eventLoop);
-	tlsLayerFactory_ = new NullTLSLayerFactory();
 }
 
 CoreComponent::~CoreComponent() {
 	if (session_ || connection_) {
 		std::cerr << "Warning: Component not disconnected properly" << std::endl;
 	}
-	delete tlsLayerFactory_;
 	delete timerFactory_;
 	delete connectionFactory_;
 	delete iqRouter_;
@@ -72,7 +69,7 @@ void CoreComponent::handleConnectorFinished(boost::shared_ptr<Connection> connec
 		connection_ = connection;
 
 		assert(!sessionStream_);
-		sessionStream_ = boost::shared_ptr<BasicSessionStream>(new BasicSessionStream(ComponentStreamType, connection_, &payloadParserFactories_, &payloadSerializers_, tlsLayerFactory_, timerFactory_));
+		sessionStream_ = boost::shared_ptr<BasicSessionStream>(new BasicSessionStream(ComponentStreamType, connection_, &payloadParserFactories_, &payloadSerializers_, NULL, timerFactory_));
 		sessionStream_->onDataRead.connect(boost::bind(&CoreComponent::handleDataRead, this, _1));
 		sessionStream_->onDataWritten.connect(boost::bind(&CoreComponent::handleDataWritten, this, _1));
 		sessionStream_->initialize();
diff --git a/Swiften/Component/CoreComponent.h b/Swiften/Component/CoreComponent.h
index 75e6bda..59466f7 100644
--- a/Swiften/Component/CoreComponent.h
+++ b/Swiften/Component/CoreComponent.h
@@ -25,7 +25,6 @@
 
 namespace Swift {
 	class IQRouter;
-	class TLSLayerFactory;
 	class ConnectionFactory;
 	class TimerFactory;
 	class ComponentSession;
@@ -97,7 +96,6 @@ namespace Swift {
 			ComponentConnector::ref connector_;
 			ConnectionFactory* connectionFactory_;
 			TimerFactory* timerFactory_;
-			TLSLayerFactory* tlsLayerFactory_;
 			FullPayloadParserFactoryCollection payloadParserFactories_;
 			FullPayloadSerializerCollection payloadSerializers_;
 			boost::shared_ptr<Connection> connection_;
diff --git a/Swiften/SConscript b/Swiften/SConscript
index 6b889e8..49d745d 100644
--- a/Swiften/SConscript
+++ b/Swiften/SConscript
@@ -24,7 +24,6 @@ if env["SCONS_STAGE"] == "build" :
 # TODO: Move all this to a submodule SConscript
 	myenv = swiften_env.Clone()
 	myenv.MergeFlags(myenv["ZLIB_FLAGS"])
-	myenv.MergeFlags(myenv["OPENSSL_FLAGS"])
 	sources = [
 			"Chat/ChatStateTracker.cpp",
 			"Chat/ChatStateNotifier.cpp",
@@ -120,14 +119,12 @@ if env["SCONS_STAGE"] == "build" :
 			"StringCodecs/Hexify.cpp",
 		]
 
-	if myenv.get("HAVE_OPENSSL", 0) :
-		sources += ["TLS/OpenSSL/OpenSSLContext.cpp"]
-
 	SConscript(dirs = [
 			"Avatars",
 			"Base",
 			"StringPrep",
 			"SASL",
+			"TLS",
 			"EventLoop",
 			"Parser",
 			"JID",
diff --git a/Swiften/Session/BasicSessionStream.cpp b/Swiften/Session/BasicSessionStream.cpp
index e2c2ebe..a4b1c84 100644
--- a/Swiften/Session/BasicSessionStream.cpp
+++ b/Swiften/Session/BasicSessionStream.cpp
@@ -14,11 +14,11 @@
 #include "Swiften/StreamStack/WhitespacePingLayer.h"
 #include "Swiften/StreamStack/CompressionLayer.h"
 #include "Swiften/StreamStack/TLSLayer.h"
-#include "Swiften/StreamStack/TLSLayerFactory.h"
+#include "Swiften/TLS/TLSContextFactory.h"
 
 namespace Swift {
 
-BasicSessionStream::BasicSessionStream(StreamType streamType, boost::shared_ptr<Connection> connection, PayloadParserFactoryCollection* payloadParserFactories, PayloadSerializerCollection* payloadSerializers, TLSLayerFactory* tlsLayerFactory, TimerFactory* timerFactory) : available(false), connection(connection), payloadParserFactories(payloadParserFactories), payloadSerializers(payloadSerializers), tlsLayerFactory(tlsLayerFactory), timerFactory(timerFactory), streamType(streamType) {
+BasicSessionStream::BasicSessionStream(StreamType streamType, boost::shared_ptr<Connection> connection, PayloadParserFactoryCollection* payloadParserFactories, PayloadSerializerCollection* payloadSerializers, TLSContextFactory* tlsContextFactory, TimerFactory* timerFactory) : available(false), connection(connection), payloadParserFactories(payloadParserFactories), payloadSerializers(payloadSerializers), tlsContextFactory(tlsContextFactory), timerFactory(timerFactory), streamType(streamType) {
 }
 
 void BasicSessionStream::initialize() {
@@ -64,12 +64,12 @@ bool BasicSessionStream::isAvailable() {
 }
 
 bool BasicSessionStream::supportsTLSEncryption() {
-	return tlsLayerFactory && tlsLayerFactory->canCreate();
+	return tlsContextFactory && tlsContextFactory->canCreate();
 }
 
 void BasicSessionStream::addTLSEncryption() {
 	assert(available);
-	tlsLayer = tlsLayerFactory->createTLSLayer();
+	tlsLayer = boost::shared_ptr<TLSLayer>(new TLSLayer(tlsContextFactory));
 	if (hasTLSCertificate() && !tlsLayer->setClientCertificate(getTLSCertificate())) {
 		onError(boost::shared_ptr<Error>(new Error(Error::InvalidTLSCertificateError)));
 	}
diff --git a/Swiften/Session/BasicSessionStream.h b/Swiften/Session/BasicSessionStream.h
index bea9406..22620be 100644
--- a/Swiften/Session/BasicSessionStream.h
+++ b/Swiften/Session/BasicSessionStream.h
@@ -14,7 +14,7 @@
 #include "Swiften/Elements/StreamType.h"
 
 namespace Swift {
-	class TLSLayerFactory;
+	class TLSContextFactory;
 	class TLSLayer;
 	class TimerFactory;
 	class WhitespacePingLayer;
@@ -34,7 +34,7 @@ namespace Swift {
 				boost::shared_ptr<Connection> connection,
 				PayloadParserFactoryCollection* payloadParserFactories, 
 				PayloadSerializerCollection* payloadSerializers,
-				TLSLayerFactory* tlsLayerFactory,
+				TLSContextFactory* tlsContextFactory,
 				TimerFactory* whitespacePingLayerFactory
 			);
 			~BasicSessionStream();
@@ -72,7 +72,7 @@ namespace Swift {
 			boost::shared_ptr<Connection> connection;
 			PayloadParserFactoryCollection* payloadParserFactories;
 			PayloadSerializerCollection* payloadSerializers;
-			TLSLayerFactory* tlsLayerFactory;
+			TLSContextFactory* tlsContextFactory;
 			TimerFactory* timerFactory;
 			StreamType streamType;
 			boost::shared_ptr<XMPPLayer> xmppLayer;
diff --git a/Swiften/StreamStack/NullTLSLayerFactory.h b/Swiften/StreamStack/NullTLSLayerFactory.h
deleted file mode 100644
index 5ca6d86..0000000
--- a/Swiften/StreamStack/NullTLSLayerFactory.h
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * Copyright (c) 2010 Remko Tronçon
- * Licensed under the GNU General Public License v3.
- * See Documentation/Licenses/GPLv3.txt for more information.
- */
-
-#pragma once
-
-#include "Swiften/StreamStack/TLSLayerFactory.h"
-
-namespace Swift {
-	class NullTLSLayerFactory : public TLSLayerFactory {
-		public:
-			bool canCreate() const {
-				return false;
-			}
-
-			virtual boost::shared_ptr<TLSLayer> createTLSLayer() {
-				return boost::shared_ptr<TLSLayer>();
-			}
-	};
-}
diff --git a/Swiften/StreamStack/OpenSSLLayer.cpp b/Swiften/StreamStack/OpenSSLLayer.cpp
deleted file mode 100644
index 1216a79..0000000
--- a/Swiften/StreamStack/OpenSSLLayer.cpp
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * Copyright (c) 2010 Remko Tronçon
- * Licensed under the GNU General Public License v3.
- * See Documentation/Licenses/GPLv3.txt for more information.
- */
-
-#include "Swiften/StreamStack/OpenSSLLayer.h"
-
-namespace Swift {
-
-OpenSSLLayer::OpenSSLLayer() {
-	context_.onDataForNetwork.connect(onWriteData);
-	context_.onDataForApplication.connect(onDataRead);
-	context_.onConnected.connect(onConnected);
-	context_.onError.connect(onError);
-}
-
-void OpenSSLLayer::connect() {
-	context_.connect();
-}
-
-void OpenSSLLayer::writeData(const ByteArray& data) {
-	context_.handleDataFromApplication(data);
-}
-
-void OpenSSLLayer::handleDataRead(const ByteArray& data) {
-	context_.handleDataFromNetwork(data);
-}
-
-bool OpenSSLLayer::setClientCertificate(const PKCS12Certificate& certificate) {
-	return context_.setClientCertificate(certificate);
-}
-
-}
diff --git a/Swiften/StreamStack/OpenSSLLayer.h b/Swiften/StreamStack/OpenSSLLayer.h
deleted file mode 100644
index e6f9b9b..0000000
--- a/Swiften/StreamStack/OpenSSLLayer.h
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
- * Copyright (c) 2010 Remko Tronçon
- * Licensed under the GNU General Public License v3.
- * See Documentation/Licenses/GPLv3.txt for more information.
- */
-
-#ifndef SWIFTEN_OpenSSLLayer_H
-#define SWIFTEN_OpenSSLLayer_H
-
-#include <boost/noncopyable.hpp>
-#include "Swiften/Base/boost_bsignals.h"
-
-#include "Swiften/Base/ByteArray.h"
-#include "Swiften/StreamStack/TLSLayer.h"
-#include "Swiften/TLS/OpenSSL/OpenSSLContext.h"
-
-namespace Swift {
-	class OpenSSLLayer : public TLSLayer, boost::noncopyable {
-		public:
-			OpenSSLLayer();
-
-			virtual void connect();
-			virtual bool setClientCertificate(const PKCS12Certificate&);
-
-			virtual void writeData(const ByteArray& data);
-			virtual void handleDataRead(const ByteArray& data);
-
-		private:
-			OpenSSLContext context_;
-	};
-}
-
-#endif
diff --git a/Swiften/StreamStack/PlatformTLSLayerFactory.cpp b/Swiften/StreamStack/PlatformTLSLayerFactory.cpp
deleted file mode 100644
index 37f59c2..0000000
--- a/Swiften/StreamStack/PlatformTLSLayerFactory.cpp
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * Copyright (c) 2010 Remko Tronçon
- * Licensed under the GNU General Public License v3.
- * See Documentation/Licenses/GPLv3.txt for more information.
- */
-
-#include "Swiften/StreamStack/PlatformTLSLayerFactory.h"
-
-#include <cassert>
-
-#ifdef HAVE_OPENSSL
-#include "Swiften/StreamStack/OpenSSLLayer.h"
-#endif
-
-namespace Swift {
-
-PlatformTLSLayerFactory::PlatformTLSLayerFactory() {
-}
-
-bool PlatformTLSLayerFactory::canCreate() const {
-#ifdef HAVE_OPENSSL
-	return true;
-#else
-	return false;
-#endif
-}
-
-boost::shared_ptr<TLSLayer> PlatformTLSLayerFactory::createTLSLayer() {
-#ifdef HAVE_OPENSSL
-	return boost::shared_ptr<TLSLayer>(new OpenSSLLayer());
-#else
-	assert(false);
-	return boost::shared_ptr<TLSLayer>();
-#endif
-}
-
-}
diff --git a/Swiften/StreamStack/PlatformTLSLayerFactory.h b/Swiften/StreamStack/PlatformTLSLayerFactory.h
deleted file mode 100644
index 11759d5..0000000
--- a/Swiften/StreamStack/PlatformTLSLayerFactory.h
+++ /dev/null
@@ -1,19 +0,0 @@
-/*
- * Copyright (c) 2010 Remko Tronçon
- * Licensed under the GNU General Public License v3.
- * See Documentation/Licenses/GPLv3.txt for more information.
- */
-
-#pragma once
-
-#include "Swiften/StreamStack/TLSLayerFactory.h"
-
-namespace Swift {
-	class PlatformTLSLayerFactory : public TLSLayerFactory {
-		public:
-			PlatformTLSLayerFactory();
-
-			bool canCreate() const;
-			virtual boost::shared_ptr<TLSLayer> createTLSLayer();
-	};
-}
diff --git a/Swiften/StreamStack/SConscript b/Swiften/StreamStack/SConscript
index 449a39b..0aca8d2 100644
--- a/Swiften/StreamStack/SConscript
+++ b/Swiften/StreamStack/SConscript
@@ -1,21 +1,15 @@
 Import("swiften_env")
 
 myenv = swiften_env.Clone()
-myenv.MergeFlags(swiften_env["OPENSSL_FLAGS"])
 
 sources = [
 		"HighLayer.cpp",
 		"LowLayer.cpp",
-		"PlatformTLSLayerFactory.cpp",
 		"StreamStack.cpp",
-		"TLSLayerFactory.cpp",
+		"TLSLayer.cpp",
 		"WhitespacePingLayer.cpp",
 		"XMPPLayer.cpp",
 	]
 
-if myenv.get("HAVE_OPENSSL", 0) :
-	myenv.Append(CPPDEFINES = "HAVE_OPENSSL")
-	sources += ["OpenSSLLayer.cpp"]
-
 objects = myenv.StaticObject(sources)
 swiften_env.Append(SWIFTEN_OBJECTS = [objects])
diff --git a/Swiften/StreamStack/TLSLayer.cpp b/Swiften/StreamStack/TLSLayer.cpp
new file mode 100644
index 0000000..99154f6
--- /dev/null
+++ b/Swiften/StreamStack/TLSLayer.cpp
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2010 Remko Tronçon
+ * Licensed under the GNU General Public License v3.
+ * See Documentation/Licenses/GPLv3.txt for more information.
+ */
+
+#include "Swiften/StreamStack/TLSLayer.h"
+#include "Swiften/TLS/TLSContextFactory.h"
+#include "Swiften/TLS/TLSContext.h"
+
+namespace Swift {
+
+TLSLayer::TLSLayer(TLSContextFactory* factory) {
+	context = factory->createTLSContext();
+	context->onDataForNetwork.connect(onWriteData);
+	context->onDataForApplication.connect(onDataRead);
+	context->onConnected.connect(onConnected);
+	context->onError.connect(onError);
+}
+
+TLSLayer::~TLSLayer() {
+	delete context;
+}
+
+void TLSLayer::connect() {
+	context->connect();
+}
+
+void TLSLayer::writeData(const ByteArray& data) {
+	context->handleDataFromApplication(data);
+}
+
+void TLSLayer::handleDataRead(const ByteArray& data) {
+	context->handleDataFromNetwork(data);
+}
+
+bool TLSLayer::setClientCertificate(const PKCS12Certificate& certificate) {
+	return context->setClientCertificate(certificate);
+}
+
+}
diff --git a/Swiften/StreamStack/TLSLayer.h b/Swiften/StreamStack/TLSLayer.h
index d232d29..f8cda41 100644
--- a/Swiften/StreamStack/TLSLayer.h
+++ b/Swiften/StreamStack/TLSLayer.h
@@ -4,22 +4,32 @@
  * See Documentation/Licenses/GPLv3.txt for more information.
  */
 
-#ifndef SWIFTEN_TLSLayer_H
-#define SWIFTEN_TLSLayer_H
+#include "Swiften/Base/boost_bsignals.h"
 
+#include "Swiften/Base/ByteArray.h"
 #include "Swiften/StreamStack/StreamLayer.h"
-#include "Swiften/TLS/PKCS12Certificate.h"
 
 namespace Swift {
+	class TLSContext;
+	class TLSContextFactory;
+	class PKCS12Certificate;
+
 	class TLSLayer : public StreamLayer {
 		public:
-			virtual void connect() = 0;
-			virtual bool setClientCertificate(const PKCS12Certificate&) = 0;
+			TLSLayer(TLSContextFactory*);
+			~TLSLayer();
+
+			virtual void connect();
+			virtual bool setClientCertificate(const PKCS12Certificate&);
+
+			virtual void writeData(const ByteArray& data);
+			virtual void handleDataRead(const ByteArray& data);
 
 		public:
 			boost::signal<void ()> onError;
 			boost::signal<void ()> onConnected;
+
+		private:
+			TLSContext* context;
 	};
 }
-
-#endif
diff --git a/Swiften/StreamStack/TLSLayerFactory.cpp b/Swiften/StreamStack/TLSLayerFactory.cpp
deleted file mode 100644
index 3ca6e73..0000000
--- a/Swiften/StreamStack/TLSLayerFactory.cpp
+++ /dev/null
@@ -1,14 +0,0 @@
-/*
- * Copyright (c) 2010 Remko Tronçon
- * Licensed under the GNU General Public License v3.
- * See Documentation/Licenses/GPLv3.txt for more information.
- */
-
-#include "Swiften/StreamStack/TLSLayerFactory.h"
-
-namespace Swift {
-
-TLSLayerFactory::~TLSLayerFactory() {
-}
-
-}
diff --git a/Swiften/StreamStack/TLSLayerFactory.h b/Swiften/StreamStack/TLSLayerFactory.h
deleted file mode 100644
index 66d74d9..0000000
--- a/Swiften/StreamStack/TLSLayerFactory.h
+++ /dev/null
@@ -1,21 +0,0 @@
-/*
- * Copyright (c) 2010 Remko Tronçon
- * Licensed under the GNU General Public License v3.
- * See Documentation/Licenses/GPLv3.txt for more information.
- */
-
-#pragma once
-
-#include <boost/shared_ptr.hpp>
-
-namespace Swift {
-	class TLSLayer;
-
-	class TLSLayerFactory {
-		public:
-			virtual ~TLSLayerFactory();
-			virtual bool canCreate() const = 0;
-
-			virtual boost::shared_ptr<TLSLayer> createTLSLayer() = 0;
-	};
-}
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.h b/Swiften/TLS/OpenSSL/OpenSSLContext.h
index eea8301..a01e3e5 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.h
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.h
@@ -10,12 +10,13 @@
 #include "Swiften/Base/boost_bsignals.h"
 #include <boost/noncopyable.hpp>
 
+#include "Swiften/TLS/TLSContext.h"
 #include "Swiften/Base/ByteArray.h"
 
 namespace Swift {
 	class PKCS12Certificate;
 
-	class OpenSSLContext : boost::noncopyable {
+	class OpenSSLContext : public TLSContext, boost::noncopyable {
 		public:
 			OpenSSLContext();
 			~OpenSSLContext();
@@ -26,12 +27,6 @@ namespace Swift {
 			void handleDataFromNetwork(const ByteArray&);
 			void handleDataFromApplication(const ByteArray&);
 
-		public:
-			boost::signal<void (const ByteArray&)> onDataForNetwork;
-			boost::signal<void (const ByteArray&)> onDataForApplication;
-			boost::signal<void ()> onError;
-			boost::signal<void ()> onConnected;
-
 		private:
 			static void ensureLibraryInitialized();	
 
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp
new file mode 100644
index 0000000..f975df7
--- /dev/null
+++ b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp
@@ -0,0 +1,20 @@
+/*
+ * Copyright (c) 2010 Remko Tronçon
+ * Licensed under the GNU General Public License v3.
+ * See Documentation/Licenses/GPLv3.txt for more information.
+ */
+
+#include "Swiften/TLS/OpenSSL/OpenSSLContextFactory.h"
+#include "Swiften/TLS/OpenSSL/OpenSSLContext.h"
+
+namespace Swift {
+
+bool OpenSSLContextFactory::canCreate() const {
+	return true;
+}
+
+TLSContext* OpenSSLContextFactory::createTLSContext() {
+	return new OpenSSLContext();
+}
+
+}
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.h b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.h
new file mode 100644
index 0000000..cf982c0
--- /dev/null
+++ b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.h
@@ -0,0 +1,17 @@
+/*
+ * Copyright (c) 2010 Remko Tronçon
+ * Licensed under the GNU General Public License v3.
+ * See Documentation/Licenses/GPLv3.txt for more information.
+ */
+
+#pragma once
+
+#include "Swiften/TLS/TLSContextFactory.h"
+
+namespace Swift {
+	class OpenSSLContextFactory : public TLSContextFactory {
+		public:
+			bool canCreate() const;
+			virtual TLSContext* createTLSContext();
+	};
+}
diff --git a/Swiften/TLS/PlatformTLSContextFactory.cpp b/Swiften/TLS/PlatformTLSContextFactory.cpp
new file mode 100644
index 0000000..a949275
--- /dev/null
+++ b/Swiften/TLS/PlatformTLSContextFactory.cpp
@@ -0,0 +1,36 @@
+/*
+ * Copyright (c) 2010 Remko Tronçon
+ * Licensed under the GNU General Public License v3.
+ * See Documentation/Licenses/GPLv3.txt for more information.
+ */
+
+#include "Swiften/TLS/PlatformTLSContextFactory.h"
+
+#include <cassert>
+
+#ifdef HAVE_OPENSSL
+#include "Swiften/TLS/OpenSSL/OpenSSLContextFactory.h"
+#endif
+
+namespace Swift {
+
+PlatformTLSContextFactory::PlatformTLSContextFactory() : factory(NULL) {
+#ifdef HAVE_OPENSSL
+	factory = new OpenSSLContextFactory();
+#endif
+}
+
+PlatformTLSContextFactory::~PlatformTLSContextFactory() {
+	delete factory;
+}
+
+bool PlatformTLSContextFactory::canCreate() const {
+	return factory;
+}
+
+TLSContext* PlatformTLSContextFactory::createTLSContext() {
+	assert(canCreate());
+	return factory->createTLSContext();
+}
+
+}
diff --git a/Swiften/TLS/PlatformTLSContextFactory.h b/Swiften/TLS/PlatformTLSContextFactory.h
new file mode 100644
index 0000000..4464e8b
--- /dev/null
+++ b/Swiften/TLS/PlatformTLSContextFactory.h
@@ -0,0 +1,23 @@
+/*
+ * Copyright (c) 2010 Remko Tronçon
+ * Licensed under the GNU General Public License v3.
+ * See Documentation/Licenses/GPLv3.txt for more information.
+ */
+
+#pragma once
+
+#include "Swiften/TLS/TLSContextFactory.h"
+
+namespace Swift {
+	class PlatformTLSContextFactory : public TLSContextFactory {
+		public:
+			PlatformTLSContextFactory();
+			~PlatformTLSContextFactory();
+
+			bool canCreate() const;
+			virtual TLSContext* createTLSContext();
+
+		private:
+			TLSContextFactory* factory;
+	};
+}
diff --git a/Swiften/TLS/SConscript b/Swiften/TLS/SConscript
new file mode 100644
index 0000000..6a67545
--- /dev/null
+++ b/Swiften/TLS/SConscript
@@ -0,0 +1,23 @@
+Import("swiften_env")
+
+objects = swiften_env.StaticObject([
+			"TLSContext.cpp",
+			"TLSContextFactory.cpp",
+		])
+		
+if swiften_env.get("HAVE_OPENSSL", 0) :
+	objects += swiften_env.StaticObject([
+			"OpenSSL/OpenSSLContext.cpp",
+			"OpenSSL/OpenSSLContextFactory.cpp",
+		])
+		
+myenv = swiften_env.Clone()
+if myenv.get("HAVE_OPENSSL", 0) :
+	myenv.MergeFlags("OPENSSL_FLAGS")
+	myenv.Append(CPPDEFINES = "HAVE_OPENSSL")
+
+objects += myenv.StaticObject(["PlatformTLSContextFactory.cpp"])
+
+		
+
+swiften_env.Append(SWIFTEN_OBJECTS = [objects])
diff --git a/Swiften/TLS/TLSContext.cpp b/Swiften/TLS/TLSContext.cpp
new file mode 100644
index 0000000..008bfc0
--- /dev/null
+++ b/Swiften/TLS/TLSContext.cpp
@@ -0,0 +1,14 @@
+/*
+ * Copyright (c) 2010 Remko Tronçon
+ * Licensed under the GNU General Public License v3.
+ * See Documentation/Licenses/GPLv3.txt for more information.
+ */
+
+#include "Swiften/TLS/TLSContext.h"
+
+namespace Swift {
+
+TLSContext::~TLSContext() {
+}
+
+}
diff --git a/Swiften/TLS/TLSContext.h b/Swiften/TLS/TLSContext.h
new file mode 100644
index 0000000..9e911d4
--- /dev/null
+++ b/Swiften/TLS/TLSContext.h
@@ -0,0 +1,32 @@
+/*
+ * Copyright (c) 2010 Remko Tronçon
+ * Licensed under the GNU General Public License v3.
+ * See Documentation/Licenses/GPLv3.txt for more information.
+ */
+
+#pragma once
+
+#include "Swiften/Base/boost_bsignals.h"
+
+#include "Swiften/Base/ByteArray.h"
+
+namespace Swift {
+	class PKCS12Certificate;
+
+	class TLSContext {
+		public:
+			virtual ~TLSContext();
+
+			virtual void connect() = 0;
+			virtual bool setClientCertificate(const PKCS12Certificate& cert) = 0;
+
+			virtual void handleDataFromNetwork(const ByteArray&) = 0;
+			virtual void handleDataFromApplication(const ByteArray&) = 0;
+
+		public:
+			boost::signal<void (const ByteArray&)> onDataForNetwork;
+			boost::signal<void (const ByteArray&)> onDataForApplication;
+			boost::signal<void ()> onError;
+			boost::signal<void ()> onConnected;
+	};
+}
diff --git a/Swiften/TLS/TLSContextFactory.cpp b/Swiften/TLS/TLSContextFactory.cpp
new file mode 100644
index 0000000..47b529f
--- /dev/null
+++ b/Swiften/TLS/TLSContextFactory.cpp
@@ -0,0 +1,14 @@
+/*
+ * Copyright (c) 2010 Remko Tronçon
+ * Licensed under the GNU General Public License v3.
+ * See Documentation/Licenses/GPLv3.txt for more information.
+ */
+
+#include "Swiften/TLS/TLSContextFactory.h"
+
+namespace Swift {
+
+TLSContextFactory::~TLSContextFactory() {
+}
+
+}
diff --git a/Swiften/TLS/TLSContextFactory.h b/Swiften/TLS/TLSContextFactory.h
new file mode 100644
index 0000000..849ca71
--- /dev/null
+++ b/Swiften/TLS/TLSContextFactory.h
@@ -0,0 +1,20 @@
+/*
+ * Copyright (c) 2010 Remko Tronçon
+ * Licensed under the GNU General Public License v3.
+ * See Documentation/Licenses/GPLv3.txt for more information.
+ */
+
+#pragma once
+
+namespace Swift {
+	class TLSContext;
+
+	class TLSContextFactory {
+		public:
+			virtual ~TLSContextFactory();
+
+			virtual bool canCreate() const = 0;
+
+			virtual TLSContext* createTLSContext() = 0;
+	};
+}
-- 
cgit v0.10.2-6-g49f6