From 042580f53441efe1bc5c80c89351fcb30740659e Mon Sep 17 00:00:00 2001 From: Sebastian Zenker Date: Tue, 29 Jan 2019 15:48:12 +0100 Subject: THRIFT-4762: Applied some C++11 refactorings to the runtime library and compiler (#1719) * make use of C++11 override keyword * added const specifier to TTransport::getOrigin() * added more const correctness to the compiler * make use of auto keyword * replaced usage of NULL with nullptr * make use of explicitly-defaulted function definition * extended changelog --- lib/cpp/src/thrift/transport/TSSLSocket.cpp | 72 ++++++++++++++--------------- 1 file changed, 36 insertions(+), 36 deletions(-) (limited to 'lib/cpp/src/thrift/transport/TSSLSocket.cpp') diff --git a/lib/cpp/src/thrift/transport/TSSLSocket.cpp b/lib/cpp/src/thrift/transport/TSSLSocket.cpp index 718e9b153..636bb2d7e 100644 --- a/lib/cpp/src/thrift/transport/TSSLSocket.cpp +++ b/lib/cpp/src/thrift/transport/TSSLSocket.cpp @@ -95,7 +95,7 @@ static CRYPTO_dynlock_value* dyn_create(const char*, int) { } static void dyn_lock(int mode, struct CRYPTO_dynlock_value* lock, const char*, int) { - if (lock != NULL) { + if (lock != nullptr) { if (mode & CRYPTO_LOCK) { lock->mutex.lock(); } else { @@ -180,7 +180,7 @@ SSLContext::SSLContext(const SSLProtocol& protocol) { throw TSSLException("SSL_CTX_new: Unknown protocol"); } - if (ctx_ == NULL) { + if (ctx_ == nullptr) { string errors; buildErrors(errors); throw TSSLException("SSL_CTX_new: " + errors); @@ -196,15 +196,15 @@ SSLContext::SSLContext(const SSLProtocol& protocol) { } SSLContext::~SSLContext() { - if (ctx_ != NULL) { + if (ctx_ != nullptr) { SSL_CTX_free(ctx_); - ctx_ = NULL; + ctx_ = nullptr; } } SSL* SSLContext::createSSL() { SSL* ssl = SSL_new(ctx_); - if (ssl == NULL) { + if (ssl == nullptr) { string errors; buildErrors(errors); throw TSSLException("SSL_new: " + errors); @@ -214,33 +214,33 @@ SSL* SSLContext::createSSL() { // TSSLSocket implementation TSSLSocket::TSSLSocket(std::shared_ptr ctx) - : TSocket(), server_(false), ssl_(NULL), ctx_(ctx) { + : TSocket(), server_(false), ssl_(nullptr), ctx_(ctx) { init(); } TSSLSocket::TSSLSocket(std::shared_ptr ctx, std::shared_ptr interruptListener) - : TSocket(), server_(false), ssl_(NULL), ctx_(ctx) { + : TSocket(), server_(false), ssl_(nullptr), ctx_(ctx) { init(); interruptListener_ = interruptListener; } TSSLSocket::TSSLSocket(std::shared_ptr ctx, THRIFT_SOCKET socket) - : TSocket(socket), server_(false), ssl_(NULL), ctx_(ctx) { + : TSocket(socket), server_(false), ssl_(nullptr), ctx_(ctx) { init(); } TSSLSocket::TSSLSocket(std::shared_ptr ctx, THRIFT_SOCKET socket, std::shared_ptr interruptListener) - : TSocket(socket, interruptListener), server_(false), ssl_(NULL), ctx_(ctx) { + : TSocket(socket, interruptListener), server_(false), ssl_(nullptr), ctx_(ctx) { init(); } TSSLSocket::TSSLSocket(std::shared_ptr ctx, string host, int port) - : TSocket(host, port), server_(false), ssl_(NULL), ctx_(ctx) { + : TSocket(host, port), server_(false), ssl_(nullptr), ctx_(ctx) { init(); } TSSLSocket::TSSLSocket(std::shared_ptr ctx, string host, int port, std::shared_ptr interruptListener) - : TSocket(host, port), server_(false), ssl_(NULL), ctx_(ctx) { + : TSocket(host, port), server_(false), ssl_(nullptr), ctx_(ctx) { init(); interruptListener_ = interruptListener; } @@ -267,7 +267,7 @@ void TSSLSocket::init() { } bool TSSLSocket::isOpen() { - if (ssl_ == NULL || !TSocket::isOpen()) { + if (ssl_ == nullptr || !TSocket::isOpen()) { return false; } int shutdown = SSL_get_shutdown(ssl_); @@ -334,7 +334,7 @@ void TSSLSocket::open() { * Note: This method is not libevent safe. */ void TSSLSocket::close() { - if (ssl_ != NULL) { + if (ssl_ != nullptr) { try { int rc; int errno_copy = 0; @@ -375,7 +375,7 @@ void TSSLSocket::close() { GlobalOutput.printf("SSL_shutdown: %s", te.what()); } SSL_free(ssl_); - ssl_ = NULL; + ssl_ = nullptr; handshakeCompleted_ = false; ERR_remove_state(0); } @@ -552,14 +552,14 @@ uint32_t TSSLSocket::write_partial(const uint8_t* buf, uint32_t len) { void TSSLSocket::flush() { // Don't throw exception if not open. Thrift servers close socket twice. - if (ssl_ == NULL) { + if (ssl_ == nullptr) { return; } initializeHandshake(); if (!checkHandshake()) throw TSSLException("BIO_flush: Handshake is not completed"); BIO* bio = SSL_get_wbio(ssl_); - if (bio == NULL) { + if (bio == nullptr) { throw TSSLException("SSL_get_wbio returns NULL"); } if (BIO_flush(bio) != 1) { @@ -597,7 +597,7 @@ void TSSLSocket::initializeHandshake() { return; } - if (ssl_ == NULL) { + if (ssl_ == nullptr) { initializeHandshakeParams(); } @@ -683,19 +683,19 @@ void TSSLSocket::authorize() { } X509* cert = SSL_get_peer_certificate(ssl_); - if (cert == NULL) { + if (cert == nullptr) { // certificate is not present if (SSL_get_verify_mode(ssl_) & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) { throw TSSLException("authorize: required certificate not present"); } // certificate was optional: didn't intend to authorize remote - if (server() && access_ != NULL) { + if (server() && access_ != nullptr) { throw TSSLException("authorize: certificate required for authorization"); } return; } // certificate is present - if (access_ == NULL) { + if (access_ == nullptr) { X509_free(cert); return; } @@ -720,13 +720,13 @@ void TSSLSocket::authorize() { } // extract subjectAlternativeName - STACK_OF(GENERAL_NAME)* alternatives - = (STACK_OF(GENERAL_NAME)*)X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL); - if (alternatives != NULL) { + auto* alternatives + = (STACK_OF(GENERAL_NAME)*)X509_get_ext_d2i(cert, NID_subject_alt_name, nullptr, nullptr); + if (alternatives != nullptr) { const int count = sk_GENERAL_NAME_num(alternatives); for (int i = 0; decision == AccessManager::SKIP && i < count; i++) { const GENERAL_NAME* name = sk_GENERAL_NAME_value(alternatives, i); - if (name == NULL) { + if (name == nullptr) { continue; } char* data = (char*)ASN1_STRING_data(name->d.ia5); @@ -756,7 +756,7 @@ void TSSLSocket::authorize() { // extract commonName X509_NAME* name = X509_get_subject_name(cert); - if (name != NULL) { + if (name != nullptr) { X509_NAME_ENTRY* entry; unsigned char* utf8; int last = -1; @@ -765,7 +765,7 @@ void TSSLSocket::authorize() { if (last == -1) break; entry = X509_NAME_get_entry(name, last); - if (entry == NULL) + if (entry == nullptr) continue; ASN1_STRING* common = X509_NAME_ENTRY_get_data(entry); int size = ASN1_STRING_to_UTF8(&utf8, common); @@ -795,7 +795,7 @@ unsigned int TSSLSocket::waitForEvent(bool wantRead) { bio = SSL_get_wbio(ssl_); } - if (bio == NULL) { + if (bio == nullptr) { throw TSSLException("SSL_get_?bio returned NULL"); } @@ -908,10 +908,10 @@ std::shared_ptr TSSLSocketFactory::createSocket(const string& host, void TSSLSocketFactory::setup(std::shared_ptr ssl) { ssl->server(server()); - if (access_ == NULL && !server()) { + if (access_ == nullptr && !server()) { access_ = std::shared_ptr(new DefaultClientAccessManager); } - if (access_ != NULL) { + if (access_ != nullptr) { ssl->access(access_); } } @@ -935,11 +935,11 @@ void TSSLSocketFactory::authenticate(bool required) { } else { mode = SSL_VERIFY_NONE; } - SSL_CTX_set_verify(ctx_->get(), mode, NULL); + SSL_CTX_set_verify(ctx_->get(), mode, nullptr); } void TSSLSocketFactory::loadCertificate(const char* path, const char* format) { - if (path == NULL || format == NULL) { + if (path == nullptr || format == nullptr) { throw TTransportException(TTransportException::BAD_ARGS, "loadCertificateChain: either or is NULL"); } @@ -956,7 +956,7 @@ void TSSLSocketFactory::loadCertificate(const char* path, const char* format) { } void TSSLSocketFactory::loadPrivateKey(const char* path, const char* format) { - if (path == NULL || format == NULL) { + if (path == nullptr || format == nullptr) { throw TTransportException(TTransportException::BAD_ARGS, "loadPrivateKey: either or is NULL"); } @@ -971,7 +971,7 @@ void TSSLSocketFactory::loadPrivateKey(const char* path, const char* format) { } void TSSLSocketFactory::loadTrustedCertificates(const char* path, const char* capath) { - if (path == NULL) { + if (path == nullptr) { throw TTransportException(TTransportException::BAD_ARGS, "loadTrustedCertificates: is NULL"); } @@ -993,7 +993,7 @@ void TSSLSocketFactory::overrideDefaultPasswordCallback() { } int TSSLSocketFactory::passwordCallback(char* password, int size, int, void* data) { - TSSLSocketFactory* factory = (TSSLSocketFactory*)data; + auto* factory = (TSSLSocketFactory*)data; string userPassword; factory->getPassword(userPassword, size); int length = static_cast(userPassword.size()); @@ -1016,7 +1016,7 @@ void buildErrors(string& errors, int errno_copy, int sslerrno) { errors += "; "; } const char* reason = ERR_reason_error_string(errorCode); - if (reason == NULL) { + if (reason == nullptr) { THRIFT_SNPRINTF(message, sizeof(message) - 1, "SSL error # %lu", errorCode); reason = message; } @@ -1054,7 +1054,7 @@ Decision DefaultClientAccessManager::verify(const sockaddr_storage& sa) noexcept Decision DefaultClientAccessManager::verify(const string& host, const char* name, int size) noexcept { - if (host.empty() || name == NULL || size <= 0) { + if (host.empty() || name == nullptr || size <= 0) { return SKIP; } return (matchName(host.c_str(), name, size) ? ALLOW : SKIP); -- cgit v1.2.1