Index: src/SSLSocket.m ================================================================== --- src/SSLSocket.m +++ src/SSLSocket.m @@ -282,18 +282,12 @@ - (size_t)lowlevelReadIntoBuffer: (void *)buffer length: (size_t)length { ssize_t ret; - /* - * There is no SSL session yet. However, it might be necessary to read - * from and write to the socket before negotiating an SSL session: For - * example, the socket might be connected to a SOCKS5 proxy and needs - * to establish a SOCKS5 connection before negotiating an SSL session. - */ if (_SSL == NULL) - return [self lowlevelTCPReadIntoBuffer: buffer length: length]; + @throw [OFNotOpenException exceptionWithObject: self]; if (length > INT_MAX) @throw [OFOutOfRangeException exception]; if (_socket == INVALID_SOCKET) @@ -321,22 +315,12 @@ - (size_t)lowlevelWriteBuffer: (const void *)buffer length: (size_t)length { int bytesWritten; - /* - * There is no SSL session yet. However, it might be necessary to read - * from and write to the socket before negotiating an SSL session: For - * example, the socket might be connected to a SOCKS5 proxy and needs - * to establish a SOCKS5 connection before negotiating an SSL session. - * - * TODO: Think of a way to make this safer, so that it's impossible to - * forget to establish an SSL session and then send unencrypted data by - * accident. - */ if (_SSL == NULL) - return [self lowlevelTCPWriteBuffer: buffer length: length]; + @throw [OFNotOpenException exceptionWithObject: self]; if (_socket == INVALID_SOCKET) @throw [OFNotOpenException exceptionWithObject: self]; if (length > INT_MAX) @@ -349,16 +333,16 @@ errNo: 0]; return bytesWritten; } -- (bool)lowlevelIsAtEndOfStream +- (bool)hasDataInReadBuffer { if (_SSL != NULL && SSL_pending(_SSL) > 0) - return false; + return true; - return [self lowlevelTCPIsAtEndOfStream]; + return [super hasDataInReadBuffer]; } - (OFData *)channelBindingDataWithType: (OFString *)type { size_t length;