s/NULL/nullptr in FDBLibTLS

FDBLibTLS/FDBLibTLSPlugin.cpp

@@ -38,7 +38,7 @@ ITLSPolicy *FDBLibTLSPlugin::create_policy() {
 	if (rc < 0) {
 		// Log the failure from tls_init during our constructor.
 		TraceEvent(SevError, "FDBLibTLSInitError").detail("LibTLSErrorMessage", "failed to initialize libtls");
-		return NULL;
+		return nullptr;
 	}
 	return new FDBLibTLSPolicy(Reference<FDBLibTLSPlugin>::addRef(this));
 }
@@ -47,5 +47,5 @@ extern "C" BOOST_SYMBOL_EXPORT void *get_tls_plugin(const char *plugin_type_name
 	if (strcmp(plugin_type_name_and_version, FDBLibTLSPlugin::get_plugin_type_name_and_version()) == 0) {
 		return new FDBLibTLSPlugin;
 	}
-	return NULL;
+	return nullptr;
 }

FDBLibTLS/FDBLibTLSPolicy.cpp

@@ -37,11 +37,11 @@
 #include <string.h>
 #include <limits.h>
 
-FDBLibTLSPolicy::FDBLibTLSPolicy(Reference<FDBLibTLSPlugin> plugin):
-	plugin(plugin), tls_cfg(NULL), roots(NULL), session_created(false), ca_data_set(false),
-	cert_data_set(false), key_data_set(false), verify_peers_set(false) {
+FDBLibTLSPolicy::FDBLibTLSPolicy(Reference<FDBLibTLSPlugin> plugin)
+  : plugin(plugin), tls_cfg(nullptr), roots(nullptr), session_created(false), ca_data_set(false), cert_data_set(false),
+    key_data_set(false), verify_peers_set(false) {
 
-	if ((tls_cfg = tls_config_new()) == NULL) {
+	if ((tls_cfg = tls_config_new()) == nullptr) {
 		TraceEvent(SevError, "FDBLibTLSConfigError");
 		throw std::runtime_error("FDBLibTLSConfigError");
 	}
@@ -55,29 +55,31 @@ FDBLibTLSPolicy::~FDBLibTLSPolicy() {
 	tls_config_free(tls_cfg);
 }
 
-ITLSSession* FDBLibTLSPolicy::create_session(bool is_client, const char* servername, TLSSendCallbackFunc send_func, void* send_ctx, TLSRecvCallbackFunc recv_func, void* recv_ctx, void* uid) {
+ITLSSession* FDBLibTLSPolicy::create_session(bool is_client, const char* servername, TLSSendCallbackFunc send_func,
+                                             void* send_ctx, TLSRecvCallbackFunc recv_func, void* recv_ctx, void* uid) {
 	if (is_client) {
 		// If verify peers has been set then there is no point specifying a
 		// servername, since this will be ignored - the servername should be
 		// matched by the verify criteria instead.
-		if (verify_peers_set && servername != NULL) {
+		if (verify_peers_set && servername != nullptr) {
 			TraceEvent(SevError, "FDBLibTLSVerifyPeersWithServerName");
-			return NULL;
+			return nullptr;
 		}
 
 		// If verify peers has not been set, then require a server name to
 		// avoid an accidental lack of name validation.
-		if (!verify_peers_set && servername == NULL) {
+		if (!verify_peers_set && servername == nullptr) {
 			TraceEvent(SevError, "FDBLibTLSNoServerName");
-			return NULL;
+			return nullptr;
 		}
 	}
 
 	session_created = true;
 	try {
-		return new FDBLibTLSSession(Reference<FDBLibTLSPolicy>::addRef(this), is_client, servername, send_func, send_ctx, recv_func, recv_ctx, uid);
+		return new FDBLibTLSSession(Reference<FDBLibTLSPolicy>::addRef(this), is_client, servername, send_func,
+		                            send_ctx, recv_func, recv_ctx, uid);
 	} catch ( ... ) {
-		return NULL;
+		return nullptr;
 	}
 }
 
@@ -87,8 +89,7 @@ static int password_cb(char *buf, int size, int rwflag, void *u) {
 
 	if (size < 0)
 		return 0;
-	if (u == NULL)
-		return 0;
+	if (u == nullptr) return 0;
 
 	plen = strlen(password);
 	if (plen > size)
@@ -102,24 +103,24 @@ static int password_cb(char *buf, int size, int rwflag, void *u) {
 }
 
 struct stack_st_X509* FDBLibTLSPolicy::parse_cert_pem(const uint8_t* cert_pem, size_t cert_pem_len) {
-	struct stack_st_X509 *certs = NULL;
-	X509 *cert = NULL;
-	BIO *bio = NULL;
+	struct stack_st_X509* certs = nullptr;
+	X509* cert = nullptr;
+	BIO* bio = nullptr;
 	int errnum;
 
 	if (cert_pem_len > INT_MAX)
 		goto err;
-	if ((bio = BIO_new_mem_buf((void *)cert_pem, cert_pem_len)) == NULL) {
+	if ((bio = BIO_new_mem_buf((void*)cert_pem, cert_pem_len)) == nullptr) {
 		TraceEvent(SevError, "FDBLibTLSOutOfMemory");
 		goto err;
 	}
-	if ((certs = sk_X509_new_null()) == NULL) {
+	if ((certs = sk_X509_new_null()) == nullptr) {
 		TraceEvent(SevError, "FDBLibTLSOutOfMemory");
 		goto err;
 	}
 
 	ERR_clear_error();
-	while ((cert = PEM_read_bio_X509(bio, NULL, password_cb, NULL)) != NULL) {
+	while ((cert = PEM_read_bio_X509(bio, nullptr, password_cb, nullptr)) != nullptr) {
 		if (!sk_X509_push(certs, cert)) {
 			TraceEvent(SevError, "FDBLibTLSOutOfMemory");
 			goto err;
@@ -150,7 +151,7 @@ struct stack_st_X509* FDBLibTLSPolicy::parse_cert_pem(const uint8_t* cert_pem, s
 	X509_free(cert);
 	BIO_free(bio);
 
-	return NULL;
+	return nullptr;
 }
 
 bool FDBLibTLSPolicy::set_ca_data(const uint8_t* ca_data, int ca_len) {
@@ -166,8 +167,7 @@ bool FDBLibTLSPolicy::set_ca_data(const uint8_t* ca_data, int ca_len) {
 	if (ca_len < 0)
 		return false;
 	sk_X509_pop_free(roots, X509_free);
-	if ((roots = parse_cert_pem(ca_data, ca_len)) == NULL)
-		return false;
+	if ((roots = parse_cert_pem(ca_data, ca_len)) == nullptr) return false;
 
 	if (tls_config_set_ca_mem(tls_cfg, ca_data, ca_len) == -1) {
 		TraceEvent(SevError, "FDBLibTLSCAError").detail("LibTLSErrorMessage", tls_config_error(tls_cfg));
@@ -200,8 +200,8 @@ bool FDBLibTLSPolicy::set_cert_data(const uint8_t* cert_data, int cert_len) {
 }
 
 bool FDBLibTLSPolicy::set_key_data(const uint8_t* key_data, int key_len, const char* password) {
-	EVP_PKEY *key = NULL;
-	BIO *bio = NULL;
+	EVP_PKEY* key = nullptr;
+	BIO* bio = nullptr;
 	bool rc = false;
 
 	if (key_data_set) {
@@ -213,16 +213,16 @@ bool FDBLibTLSPolicy::set_key_data(const uint8_t* key_data, int key_len, const c
 		goto err;
 	}
 
-	if (password != NULL) {
+	if (password != nullptr) {
 		char *data;
 		long len;
 
-		if ((bio = BIO_new_mem_buf((void *)key_data, key_len)) == NULL) {
+		if ((bio = BIO_new_mem_buf((void*)key_data, key_len)) == nullptr) {
 			TraceEvent(SevError, "FDBLibTLSOutOfMemory");
 			goto err;
 		}
 		ERR_clear_error();
-		if ((key = PEM_read_bio_PrivateKey(bio, NULL, password_cb, (void *)password)) == NULL) {
+		if ((key = PEM_read_bio_PrivateKey(bio, nullptr, password_cb, (void*)password)) == nullptr) {
 			int errnum = ERR_peek_error();
 			char errbuf[256];
 
@@ -236,11 +236,11 @@ bool FDBLibTLSPolicy::set_key_data(const uint8_t* key_data, int key_len, const c
 			goto err;
 		}
 		BIO_free(bio);
-		if ((bio = BIO_new(BIO_s_mem())) == NULL) {
+		if ((bio = BIO_new(BIO_s_mem())) == nullptr) {
 			TraceEvent(SevError, "FDBLibTLSOutOfMemory");
 			goto err;
 		}
-		if (!PEM_write_bio_PrivateKey(bio, key, NULL, NULL, 0, NULL, NULL)) {
+		if (!PEM_write_bio_PrivateKey(bio, key, nullptr, nullptr, 0, nullptr, nullptr)) {
 			TraceEvent(SevError, "FDBLibTLSOutOfMemory");
 			goto err;
 		}

FDBLibTLS/FDBLibTLSSession.cpp

@@ -60,14 +60,16 @@ static ssize_t tls_write_func(struct tls *ctx, const void *buf, size_t buflen, v
 	return (ssize_t)rv;
 }
 
-FDBLibTLSSession::FDBLibTLSSession(Reference<FDBLibTLSPolicy> policy, bool is_client, const char* servername, TLSSendCallbackFunc send_func, void* send_ctx, TLSRecvCallbackFunc recv_func, void* recv_ctx, void* uidptr) :
-	tls_ctx(NULL), tls_sctx(NULL), is_client(is_client), policy(policy), send_func(send_func), send_ctx(send_ctx),
-	recv_func(recv_func), recv_ctx(recv_ctx), handshake_completed(false), lastVerifyFailureLogged(0.0) {
+FDBLibTLSSession::FDBLibTLSSession(Reference<FDBLibTLSPolicy> policy, bool is_client, const char* servername,
+                                   TLSSendCallbackFunc send_func, void* send_ctx, TLSRecvCallbackFunc recv_func,
+                                   void* recv_ctx, void* uidptr)
+  : tls_ctx(nullptr), tls_sctx(nullptr), is_client(is_client), policy(policy), send_func(send_func), send_ctx(send_ctx),
+    recv_func(recv_func), recv_ctx(recv_ctx), handshake_completed(false), lastVerifyFailureLogged(0.0) {
 	if (uidptr)
 		uid = * (UID*) uidptr;
 
 	if (is_client) {
-		if ((tls_ctx = tls_client()) == NULL) {
+		if ((tls_ctx = tls_client()) == nullptr) {
 			TraceEvent(SevError, "FDBLibTLSClientError", uid);
 			throw std::runtime_error("FDBLibTLSClientError");
 		}
@@ -82,7 +84,7 @@ FDBLibTLSSession::FDBLibTLSSession(Reference<FDBLibTLSPolicy> policy, bool is_cl
 			throw std::runtime_error("FDBLibTLSConnectError");
 		}
 	} else {
-		if ((tls_sctx = tls_server()) == NULL) {
+		if ((tls_sctx = tls_server()) == nullptr) {
 			TraceEvent(SevError, "FDBLibTLSServerError", uid);
 			throw std::runtime_error("FDBLibTLSServerError");
 		}
@@ -108,14 +110,13 @@ FDBLibTLSSession::~FDBLibTLSSession() {
 
 bool match_criteria_entry(const std::string& criteria, ASN1_STRING* entry, MatchType mt) {
 	bool rc = false;
-	ASN1_STRING* asn_criteria = NULL;
-	unsigned char* criteria_utf8 = NULL;
+	ASN1_STRING* asn_criteria = nullptr;
+	unsigned char* criteria_utf8 = nullptr;
 	int criteria_utf8_len = 0;
-	unsigned char* entry_utf8 = NULL;
+	unsigned char* entry_utf8 = nullptr;
 	int entry_utf8_len = 0;
 
-	if ((asn_criteria = ASN1_IA5STRING_new()) == NULL)
-		goto err;
+	if ((asn_criteria = ASN1_IA5STRING_new()) == nullptr) goto err;
 	if (ASN1_STRING_set(asn_criteria, criteria.c_str(), criteria.size()) != 1)
 		goto err;
 	if ((criteria_utf8_len = ASN1_STRING_to_UTF8(&criteria_utf8, asn_criteria)) < 1)
@@ -152,8 +153,7 @@ bool match_name_criteria(X509_NAME *name, NID nid, const std::string& criteria,
 		return false;
 	if (X509_NAME_get_index_by_NID(name, nid, idx) != -1)
 		return false;
-	if ((name_entry = X509_NAME_get_entry(name, idx)) == NULL)
-		return false;
+	if ((name_entry = X509_NAME_get_entry(name, idx)) == nullptr) return false;
 
 	return match_criteria_entry(criteria, name_entry->value, mt);
 }
@@ -169,8 +169,9 @@ bool match_extension_criteria(X509 *cert, NID nid, const std::string& value, Mat
 	}
 	std::string value_gen = value.substr(0, pos);
 	std::string value_val = value.substr(pos+1, value.npos);
-	STACK_OF(GENERAL_NAME)* sans = reinterpret_cast<STACK_OF(GENERAL_NAME)*>(X509_get_ext_d2i(cert, nid, NULL, NULL));
-	if (sans == NULL) {
+	STACK_OF(GENERAL_NAME)* sans =
+	    reinterpret_cast<STACK_OF(GENERAL_NAME)*>(X509_get_ext_d2i(cert, nid, nullptr, nullptr));
+	if (sans == nullptr) {
 		return false;
 	}
 	int num_sans = sk_GENERAL_NAME_num( sans );
@@ -231,10 +232,10 @@ bool match_criteria(X509* cert, X509_NAME* subject, NID nid, const std::string&
 }
 
 std::tuple<bool,std::string> FDBLibTLSSession::check_verify(Reference<FDBLibTLSVerify> verify, struct stack_st_X509 *certs) {
-	X509_STORE_CTX *store_ctx = NULL;
+	X509_STORE_CTX* store_ctx = nullptr;
 	X509_NAME *subject, *issuer;
 	bool rc = false;
-	X509* cert = NULL;
+	X509* cert = nullptr;
 	// if returning false, give a reason string
 	std::string reason = "";
 
@@ -243,12 +244,12 @@ std::tuple<bool,std::string> FDBLibTLSSession::check_verify(Reference<FDBLibTLSV
 		return std::make_tuple(true, reason);
 
 	// Verify the certificate.
-	if ((store_ctx = X509_STORE_CTX_new()) == NULL) {
+	if ((store_ctx = X509_STORE_CTX_new()) == nullptr) {
 		TraceEvent(SevError, "FDBLibTLSOutOfMemory", uid);
 		reason = "Out of memory";
 		goto err;
 	}
-	if (!X509_STORE_CTX_init(store_ctx, NULL, sk_X509_value(certs, 0), certs)) {
+	if (!X509_STORE_CTX_init(store_ctx, nullptr, sk_X509_value(certs, 0), certs)) {
 		reason = "Store ctx init";
 		goto err;
 	}
@@ -264,7 +265,7 @@ std::tuple<bool,std::string> FDBLibTLSSession::check_verify(Reference<FDBLibTLSV
 
 	// Check subject criteria.
 	cert = sk_X509_value(store_ctx->chain, 0);
-	if ((subject = X509_get_subject_name(cert)) == NULL) {
+	if ((subject = X509_get_subject_name(cert)) == nullptr) {
 		reason = "Cert subject error";
 		goto err;
 	}
@@ -276,7 +277,7 @@ std::tuple<bool,std::string> FDBLibTLSSession::check_verify(Reference<FDBLibTLSV
 	}
 
 	// Check issuer criteria.
-	if ((issuer = X509_get_issuer_name(cert)) == NULL) {
+	if ((issuer = X509_get_issuer_name(cert)) == nullptr) {
 		reason = "Cert issuer error";
 		goto err;
 	}
@@ -289,7 +290,7 @@ std::tuple<bool,std::string> FDBLibTLSSession::check_verify(Reference<FDBLibTLSV
 
 	// Check root criteria - this is the subject of the final certificate in the stack.
 	cert = sk_X509_value(store_ctx->chain, sk_X509_num(store_ctx->chain) - 1);
-	if ((subject = X509_get_subject_name(cert)) == NULL) {
+	if ((subject = X509_get_subject_name(cert)) == nullptr) {
 		reason = "Root subject error";
 		goto err;
 	}
@@ -310,7 +311,7 @@ std::tuple<bool,std::string> FDBLibTLSSession::check_verify(Reference<FDBLibTLSV
 }
 
 bool FDBLibTLSSession::verify_peer() {
-	struct stack_st_X509 *certs = NULL;
+	struct stack_st_X509* certs = nullptr;
 	const uint8_t *cert_pem;
 	size_t cert_pem_len;
 	bool rc = false;
@@ -323,12 +324,11 @@ bool FDBLibTLSSession::verify_peer() {
 	if (policy->verify_rules.empty())
 		return true;
 
-	if ((cert_pem = tls_peer_cert_chain_pem(tls_ctx, &cert_pem_len)) == NULL) {
+	if ((cert_pem = tls_peer_cert_chain_pem(tls_ctx, &cert_pem_len)) == nullptr) {
 		TraceEvent(SevError, "FDBLibTLSNoCertError", uid);
 		goto err;
 	}
-	if ((certs = policy->parse_cert_pem(cert_pem, cert_pem_len)) == NULL)
-		goto err;
+	if ((certs = policy->parse_cert_pem(cert_pem, cert_pem_len)) == nullptr) goto err;
 
 	// Any matching rule is sufficient.
 	for (auto &verify_rule: policy->verify_rules) {

FDBLibTLS/FDBLibTLSVerify.cpp

@@ -147,7 +147,7 @@ static NID abbrevToNID(std::string const& sn) {
 
 static X509Location locationForNID(NID nid) {
 	const char* name = OBJ_nid2ln(nid);
-	if (name == NULL) {
+	if (name == nullptr) {
 		throw std::runtime_error("locationForNID");
 	}
 	if (strncmp(name, "X509v3", 6) == 0) {