Index: src/SSLConnectionFailedException.m
==================================================================
--- src/SSLConnectionFailedException.m
+++ src/SSLConnectionFailedException.m
@@ -146,8 +146,8 @@
 			    @"A connection to %@ on port %" @PRIu16 @" could "
 			    @"not be established in socket of type %@: %s",
 			    _host, _port, [_socket class], error];
 	}
 
-	return [super description];
+	return super.description;
 }
 @end

Index: src/SSLSocket.m
==================================================================
--- src/SSLSocket.m
+++ src/SSLSocket.m
@@ -69,17 +69,17 @@
 
 static SSL_CTX *ctx;
 static of_mutex_t *ssl_mutexes;
 
 static unsigned long
-get_thread_id(void)
+threadID(void)
 {
 	return (unsigned long)(uintptr_t)[OFThread currentThread];
 }
 
 static void
-locking_callback(int mode, int n, const char *file, int line)
+lockingCallback(int mode, int n, const char *file, int line)
 {
 	/*
 	 * This function must handle up to CRYPTO_num_locks() mutexes.
 	 * It must set the n-th lock if mode & CRYPTO_LOCK,
 	 * release it otherwise.
@@ -122,11 +122,11 @@
 		_socket = [sock retain];
 		_host = [host copy];
 		_port = port;
 		_delegate = [delegate retain];
 
-		[_socket setDelegate: self];
+		_socket.delegate = self;
 	} @catch (id e) {
 		[self release];
 		@throw e;
 	}
 
@@ -133,12 +133,12 @@
 	return self;
 }
 
 - (void)dealloc
 {
-	if ([_socket delegate] == self)
-		[_socket setDelegate: _delegate];
+	if (_socket.delegate == self)
+		_socket.delegate = _delegate;
 
 	[_socket release];
 	[_delegate release];
 
 	[super dealloc];
@@ -156,11 +156,11 @@
 		} @catch (id e) {
 			exception = e;
 		}
 	}
 
-	[_socket setDelegate: _delegate];
+	_socket.delegate = _delegate;
 	[_delegate    socket: sock
 	    didConnectToHost: host
 			port: port
 		   exception: exception];
 }
@@ -185,23 +185,23 @@
 	int m;
 
 	if (self != [SSLSocket class])
 		return;
 
-	CRYPTO_set_id_callback(&get_thread_id);
+	CRYPTO_set_id_callback(&threadID);
 	/* OpenSSL >= 1.1 defines the line above to a nop */
-	(void)get_thread_id;
+	(void)threadID;
 
 	/* Generate number of mutexes needed */
 	m = CRYPTO_num_locks();
 	ssl_mutexes = malloc(m * sizeof(of_mutex_t));
 	for (m--; m >= 0; m--)
 		of_mutex_new(&ssl_mutexes[m]);
 
-	CRYPTO_set_locking_callback(&locking_callback);
+	CRYPTO_set_locking_callback(&lockingCallback);
 	/* OpenSSL >= 1.1 defines the line above to a nop */
-	(void)locking_callback;
+	(void)lockingCallback;
 
 	SSL_library_init();
 
 	if ((ctx = SSL_CTX_new(SSLv23_method())) == NULL)
 		@throw [OFInitializationFailedException
@@ -270,11 +270,11 @@
 				 port: port
 			       socket: self
 			     SSLError: error];
 	}
 
-	if (SSL_set_tlsext_host_name(_SSL, [host UTF8String]) != 1) {
+	if (SSL_set_tlsext_host_name(_SSL, host.UTF8String) != 1) {
 		unsigned long error = ERR_get_error();
 
 		[self close];
 
 		@throw [SSLConnectionFailedException exceptionWithHost: host
@@ -288,11 +288,11 @@
 
 		X509_VERIFY_PARAM_set_hostflags(param,
 		    X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
 
 		if (X509_VERIFY_PARAM_set1_host(param,
-		    [host UTF8String], [host UTF8StringLength]) != 1) {
+		    host.UTF8String, host.UTF8StringLength) != 1) {
 			unsigned long error = ERR_get_error();
 
 			[self close];
 
 			@throw [SSLConnectionFailedException
@@ -311,12 +311,11 @@
 
 	if ((_privateKeyFile != nil && !SSL_use_PrivateKey_file(_SSL,
 	    [_privateKeyFile cStringWithEncoding: encoding],
 	    SSL_FILETYPE_PEM)) || (_certificateFile != nil &&
 	    !SSL_use_certificate_file(_SSL, [_certificateFile
-	    cStringWithEncoding: encoding],
-	    SSL_FILETYPE_PEM))) {
+	    cStringWithEncoding: encoding], SSL_FILETYPE_PEM))) {
 		unsigned long error = ERR_get_error();
 
 		[super close];
 
 		@throw [SSLConnectionFailedException
@@ -498,11 +497,11 @@
 - (bool)hasDataInReadBuffer
 {
 	if (_SSL != NULL && SSL_pending(_SSL) > 0)
 		return true;
 
-	return [super hasDataInReadBuffer];
+	return super.hasDataInReadBuffer;
 }
 
 - (void)setCertificateFile: (OFString *)certificateFile
 		forSNIHost: (OFString *)SNIHost
 {

Index: src/X509Certificate.m
==================================================================
--- src/X509Certificate.m
+++ src/X509Certificate.m
@@ -71,16 +71,16 @@
 	self = [super init];
 
 	@try {
 		OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
 		OFData *data = [OFData dataWithContentsOfFile: path];
-		const unsigned char *dataC = [data items];
+		const unsigned char *dataItems = data.items;
 
-		_certificate = d2i_X509(NULL, &dataC, [data count]);
+		_certificate = d2i_X509(NULL, &dataItems, data.count);
 		if (_certificate == NULL)
 			@throw [OFInitializationFailedException
-			    exceptionWithClass: [self class]];
+			    exceptionWithClass: self.class];
 
 		[pool release];
 	} @catch (id e) {
 		[self release];
 		@throw e;
@@ -95,11 +95,11 @@
 
 	@try {
 		_certificate = X509_dup(certificate);
 		if (_certificate == NULL)
 			@throw [OFInitializationFailedException
-			    exceptionWithClass: [self class]];
+			    exceptionWithClass: self.class];
 	} @catch (id e) {
 		[self release];
 		@throw e;
 	}
 
@@ -118,18 +118,21 @@
 	[super dealloc];
 }
 
 - (OFString *)description
 {
-	OFMutableString *ret = [OFMutableString string];
-
-	[ret appendFormat: @"Issuer: %@\n\n", [self issuer]];
-	[ret appendFormat: @"Subject: %@\n\n", [self subject]];
-	[ret appendFormat: @"SANs: %@", [self subjectAlternativeName]];
-
-	[ret makeImmutable];
-	return ret;
+	OFString *issuer = [self.issuer.description
+	    stringByReplacingOccurrencesOfString: @"\n"
+				      withString: @"\n\t"];
+
+	return [OFString stringWithFormat:
+	    @"<%@\n"
+	    @"\tIssuer: %@\n"
+	    @"\tSubject: %@\n"
+	    @"\tSANs: %@\n"
+	    @">",
+	    self.class, issuer, self.subject, self.subjectAlternativeName];
 }
 
 - (OFDictionary *)issuer
 {
 	X509_NAME *name;
@@ -315,25 +318,25 @@
 - (bool)hasSRVNameMatchingDomain: (OFString *)domain
 			 service: (OFString *)service
 {
 	size_t serviceLength;
 	OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
-	OFDictionary *SANs = [self subjectAlternativeName];
+	OFDictionary *SANs = self.subjectAlternativeName;
 	OFList *assertedNames = [[SANs objectForKey: @"otherName"]
-				     objectForKey: OID_SRVName];
+				       objectForKey: OID_SRVName];
 
 	if (![service hasPrefix: @"_"])
 		service = [service stringByPrependingString: @"_"];
 
 	service = [service stringByAppendingString: @"."];
-	serviceLength = [service length];
+	serviceLength = service.length;
 
 	for (OFString *name in assertedNames) {
 		if ([name hasPrefix: service]) {
 			OFString *asserted;
 			asserted = [name substringWithRange: of_range(
-			    serviceLength, [name length] - serviceLength)];
+			    serviceLength, name.length - serviceLength)];
 			if ([self X509_isAssertedDomain: asserted
 					    equalDomain: domain]) {
 				[pool release];
 				return true;
 			}
@@ -361,18 +364,18 @@
 
 	if (![asserted hasPrefix: @"*."])
 		return false;
 
 	asserted = [asserted substringWithRange:
-	    of_range(2, [asserted length] - 2)];
+	    of_range(2, asserted.length - 2)];
 
 	firstDot = [domain rangeOfString: @"."].location;
 	if (firstDot == OF_NOT_FOUND)
 		return false;
 
 	domain = [domain substringWithRange:
-	    of_range(firstDot + 1, [domain length] - firstDot - 1)];
+	    of_range(firstDot + 1, domain.length - firstDot - 1)];
 
 	if (![asserted caseInsensitiveCompare: domain])
 		return true;
 
 	return false;
@@ -477,11 +480,11 @@
 }
 
 - (OFString *)description
 {
 	char tmp[1024];
-	OBJ_obj2txt(tmp, sizeof(tmp), OBJ_txt2obj([_string UTF8String], 1), 0);
+	OBJ_obj2txt(tmp, sizeof(tmp), OBJ_txt2obj(_string.UTF8String, 1), 0);
 	return [OFString stringWithUTF8String: tmp];
 }
 
 - (bool)isEqual: (id)object
 {
@@ -497,13 +500,13 @@
 	return false;
 }
 
 - (uint32_t)hash
 {
-	return [_string hash];
+	return _string.hash;
 }
 
 - copy
 {
 	return [self retain];
 }
 @end