diff options
Diffstat (limited to 'src/core/lib/security/transport')
6 files changed, 149 insertions, 148 deletions
diff --git a/src/core/lib/security/transport/client_auth_filter.cc b/src/core/lib/security/transport/client_auth_filter.cc index 11f5a13ccc..326f4d7773 100644 --- a/src/core/lib/security/transport/client_auth_filter.cc +++ b/src/core/lib/security/transport/client_auth_filter.cc @@ -67,18 +67,18 @@ typedef struct { void grpc_auth_metadata_context_reset( grpc_auth_metadata_context* auth_md_context) { - if (auth_md_context->service_url != NULL) { + if (auth_md_context->service_url != nullptr) { gpr_free((char*)auth_md_context->service_url); - auth_md_context->service_url = NULL; + auth_md_context->service_url = nullptr; } - if (auth_md_context->method_name != NULL) { + if (auth_md_context->method_name != nullptr) { gpr_free((char*)auth_md_context->method_name); - auth_md_context->method_name = NULL; + auth_md_context->method_name = nullptr; } GRPC_AUTH_CONTEXT_UNREF( (grpc_auth_context*)auth_md_context->channel_auth_context, "grpc_auth_metadata_context"); - auth_md_context->channel_auth_context = NULL; + auth_md_context->channel_auth_context = nullptr; } static void add_error(grpc_error** combined, grpc_error* error) { @@ -125,10 +125,10 @@ void grpc_auth_metadata_context_build( grpc_auth_metadata_context* auth_md_context) { char* service = grpc_slice_to_c_string(call_method); char* last_slash = strrchr(service, '/'); - char* method_name = NULL; - char* service_url = NULL; + char* method_name = nullptr; + char* service_url = nullptr; grpc_auth_metadata_context_reset(auth_md_context); - if (last_slash == NULL) { + if (last_slash == nullptr) { gpr_log(GPR_ERROR, "No '/' found in fully qualified method name"); service[0] = '\0'; method_name = gpr_strdup(""); @@ -139,15 +139,15 @@ void grpc_auth_metadata_context_build( method_name = gpr_strdup(last_slash + 1); } char* host_and_port = grpc_slice_to_c_string(call_host); - if (url_scheme != NULL && strcmp(url_scheme, GRPC_SSL_URL_SCHEME) == 0) { + if (url_scheme != nullptr && strcmp(url_scheme, GRPC_SSL_URL_SCHEME) == 0) { /* Remove the port if it is 443. */ char* port_delimiter = strrchr(host_and_port, ':'); - if (port_delimiter != NULL && strcmp(port_delimiter + 1, "443") == 0) { + if (port_delimiter != nullptr && strcmp(port_delimiter + 1, "443") == 0) { *port_delimiter = '\0'; } } - gpr_asprintf(&service_url, "%s://%s%s", url_scheme == NULL ? "" : url_scheme, - host_and_port, service); + gpr_asprintf(&service_url, "%s://%s%s", + url_scheme == nullptr ? "" : url_scheme, host_and_port, service); auth_md_context->service_url = service_url; auth_md_context->method_name = method_name; auth_md_context->channel_auth_context = @@ -179,18 +179,18 @@ static void send_security_metadata(grpc_exec_ctx* exec_ctx, .value; grpc_call_credentials* channel_call_creds = chand->security_connector->request_metadata_creds; - int call_creds_has_md = (ctx != NULL) && (ctx->creds != NULL); + int call_creds_has_md = (ctx != nullptr) && (ctx->creds != nullptr); - if (channel_call_creds == NULL && !call_creds_has_md) { + if (channel_call_creds == nullptr && !call_creds_has_md) { /* Skip sending metadata altogether. */ grpc_call_next_op(exec_ctx, elem, batch); return; } - if (channel_call_creds != NULL && call_creds_has_md) { + if (channel_call_creds != nullptr && call_creds_has_md) { calld->creds = grpc_composite_call_credentials_create(channel_call_creds, - ctx->creds, NULL); - if (calld->creds == NULL) { + ctx->creds, nullptr); + if (calld->creds == nullptr) { grpc_transport_stream_op_batch_finish_with_failure( exec_ctx, batch, grpc_error_set_int( @@ -209,7 +209,7 @@ static void send_security_metadata(grpc_exec_ctx* exec_ctx, chand->security_connector->base.url_scheme, calld->host, calld->method, chand->auth_context, &calld->auth_md_context); - GPR_ASSERT(calld->pollent != NULL); + GPR_ASSERT(calld->pollent != nullptr); GRPC_CLOSURE_INIT(&calld->async_result_closure, on_credentials_metadata, batch, grpc_schedule_on_exec_ctx); @@ -278,8 +278,8 @@ static void auth_start_transport_stream_op_batch( channel_data* chand = (channel_data*)elem->channel_data; if (!batch->cancel_stream) { - GPR_ASSERT(batch->payload->context != NULL); - if (batch->payload->context[GRPC_CONTEXT_SECURITY].value == NULL) { + GPR_ASSERT(batch->payload->context != nullptr); + if (batch->payload->context[GRPC_CONTEXT_SECURITY].value == nullptr) { batch->payload->context[GRPC_CONTEXT_SECURITY].value = grpc_client_security_context_create(); batch->payload->context[GRPC_CONTEXT_SECURITY].destroy = @@ -297,7 +297,7 @@ static void auth_start_transport_stream_op_batch( if (batch->send_initial_metadata) { for (grpc_linked_mdelem* l = batch->payload->send_initial_metadata .send_initial_metadata->list.head; - l != NULL; l = l->next) { + l != nullptr; l = l->next) { grpc_mdelem md = l->md; /* Pointer comparison is OK for md_elems created from the same context. */ @@ -386,13 +386,13 @@ static grpc_error* init_channel_elem(grpc_exec_ctx* exec_ctx, grpc_channel_element_args* args) { grpc_security_connector* sc = grpc_security_connector_find_in_args(args->channel_args); - if (sc == NULL) { + if (sc == nullptr) { return GRPC_ERROR_CREATE_FROM_STATIC_STRING( "Security connector missing from client auth filter args"); } grpc_auth_context* auth_context = grpc_find_auth_context_in_args(args->channel_args); - if (auth_context == NULL) { + if (auth_context == nullptr) { return GRPC_ERROR_CREATE_FROM_STATIC_STRING( "Auth context missing from client auth filter args"); } @@ -420,7 +420,7 @@ static void destroy_channel_elem(grpc_exec_ctx* exec_ctx, /* grab pointers to our data from the channel element */ channel_data* chand = (channel_data*)elem->channel_data; grpc_channel_security_connector* sc = chand->security_connector; - if (sc != NULL) { + if (sc != nullptr) { GRPC_SECURITY_CONNECTOR_UNREF(exec_ctx, &sc->base, "client_auth_filter"); } GRPC_AUTH_CONTEXT_UNREF(chand->auth_context, "client_auth_filter"); diff --git a/src/core/lib/security/transport/lb_targets_info.cc b/src/core/lib/security/transport/lb_targets_info.cc index 1655e18f37..c07be35840 100644 --- a/src/core/lib/security/transport/lb_targets_info.cc +++ b/src/core/lib/security/transport/lb_targets_info.cc @@ -49,9 +49,9 @@ grpc_slice_hash_table* grpc_lb_targets_info_find_in_args( const grpc_channel_args* args) { const grpc_arg* targets_info_arg = grpc_channel_args_find(args, GRPC_ARG_LB_SECURE_NAMING_MAP); - if (targets_info_arg != NULL) { + if (targets_info_arg != nullptr) { GPR_ASSERT(targets_info_arg->type == GRPC_ARG_POINTER); return (grpc_slice_hash_table*)targets_info_arg->value.pointer.p; } - return NULL; + return nullptr; } diff --git a/src/core/lib/security/transport/secure_endpoint.cc b/src/core/lib/security/transport/secure_endpoint.cc index 9a29e05715..3ba987a105 100644 --- a/src/core/lib/security/transport/secure_endpoint.cc +++ b/src/core/lib/security/transport/secure_endpoint.cc @@ -140,7 +140,7 @@ static void call_read_cb(grpc_exec_ctx* exec_ctx, secure_endpoint* ep, gpr_free(data); } } - ep->read_buffer = NULL; + ep->read_buffer = nullptr; GRPC_CLOSURE_SCHED(exec_ctx, ep->read_cb, error); SECURE_ENDPOINT_UNREF(exec_ctx, ep, "read"); } @@ -162,7 +162,7 @@ static void on_read(grpc_exec_ctx* exec_ctx, void* user_data, return; } - if (ep->zero_copy_protector != NULL) { + if (ep->zero_copy_protector != nullptr) { // Use zero-copy grpc protector to unprotect. result = tsi_zero_copy_grpc_protector_unprotect( exec_ctx, ep->zero_copy_protector, &ep->source_buffer, ep->read_buffer); @@ -280,7 +280,7 @@ static void endpoint_write(grpc_exec_ctx* exec_ctx, grpc_endpoint* secure_ep, } } - if (ep->zero_copy_protector != NULL) { + if (ep->zero_copy_protector != nullptr) { // Use zero-copy grpc protector to protect. result = tsi_zero_copy_grpc_protector_protect( exec_ctx, ep->zero_copy_protector, slices, &ep->output_buffer); @@ -434,7 +434,7 @@ grpc_endpoint* grpc_secure_endpoint_create( ep->read_staging_buffer = GRPC_SLICE_MALLOC(STAGING_BUFFER_SIZE); grpc_slice_buffer_init(&ep->output_buffer); grpc_slice_buffer_init(&ep->source_buffer); - ep->read_buffer = NULL; + ep->read_buffer = nullptr; GRPC_CLOSURE_INIT(&ep->on_read, on_read, ep, grpc_schedule_on_exec_ctx); gpr_mu_init(&ep->protector_mu); gpr_ref_init(&ep->ref, 1); diff --git a/src/core/lib/security/transport/security_connector.cc b/src/core/lib/security/transport/security_connector.cc index b5822d7454..b996cc8cdb 100644 --- a/src/core/lib/security/transport/security_connector.cc +++ b/src/core/lib/security/transport/security_connector.cc @@ -60,7 +60,7 @@ static const char* installed_roots_path = /* -- Overridden default roots. -- */ -static grpc_ssl_roots_override_callback ssl_roots_override_cb = NULL; +static grpc_ssl_roots_override_callback ssl_roots_override_cb = nullptr; void grpc_set_ssl_roots_override_callback(grpc_ssl_roots_override_callback cb) { ssl_roots_override_cb = cb; @@ -74,11 +74,11 @@ void grpc_set_ssl_roots_override_callback(grpc_ssl_roots_override_callback cb) { "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384" static gpr_once cipher_suites_once = GPR_ONCE_INIT; -static const char* cipher_suites = NULL; +static const char* cipher_suites = nullptr; static void init_cipher_suites(void) { char* overridden = gpr_getenv("GRPC_SSL_CIPHER_SUITES"); - cipher_suites = overridden != NULL ? overridden : GRPC_SSL_CIPHER_SUITES; + cipher_suites = overridden != nullptr ? overridden : GRPC_SSL_CIPHER_SUITES; } static const char* ssl_cipher_suites(void) { @@ -92,24 +92,24 @@ static const char* ssl_cipher_suites(void) { const tsi_peer_property* tsi_peer_get_property_by_name(const tsi_peer* peer, const char* name) { size_t i; - if (peer == NULL) return NULL; + if (peer == nullptr) return nullptr; for (i = 0; i < peer->property_count; i++) { const tsi_peer_property* property = &peer->properties[i]; - if (name == NULL && property->name == NULL) { + if (name == nullptr && property->name == nullptr) { return property; } - if (name != NULL && property->name != NULL && + if (name != nullptr && property->name != nullptr && strcmp(property->name, name) == 0) { return property; } } - return NULL; + return nullptr; } void grpc_channel_security_connector_add_handshakers( grpc_exec_ctx* exec_ctx, grpc_channel_security_connector* connector, grpc_handshake_manager* handshake_mgr) { - if (connector != NULL) { + if (connector != nullptr) { connector->add_handshakers(exec_ctx, connector, handshake_mgr); } } @@ -117,7 +117,7 @@ void grpc_channel_security_connector_add_handshakers( void grpc_server_security_connector_add_handshakers( grpc_exec_ctx* exec_ctx, grpc_server_security_connector* connector, grpc_handshake_manager* handshake_mgr) { - if (connector != NULL) { + if (connector != nullptr) { connector->add_handshakers(exec_ctx, connector, handshake_mgr); } } @@ -127,7 +127,7 @@ void grpc_security_connector_check_peer(grpc_exec_ctx* exec_ctx, tsi_peer peer, grpc_auth_context** auth_context, grpc_closure* on_peer_checked) { - if (sc == NULL) { + if (sc == nullptr) { GRPC_CLOSURE_SCHED(exec_ctx, on_peer_checked, GRPC_ERROR_CREATE_FROM_STATIC_STRING( "cannot check peer -- no security connector")); @@ -139,7 +139,7 @@ void grpc_security_connector_check_peer(grpc_exec_ctx* exec_ctx, int grpc_security_connector_cmp(grpc_security_connector* sc, grpc_security_connector* other) { - if (sc == NULL || other == NULL) return GPR_ICMP(sc, other); + if (sc == nullptr || other == nullptr) return GPR_ICMP(sc, other); int c = GPR_ICMP(sc->vtable, other->vtable); if (c != 0) return c; return sc->vtable->cmp(sc, other); @@ -147,8 +147,8 @@ int grpc_security_connector_cmp(grpc_security_connector* sc, int grpc_channel_security_connector_cmp(grpc_channel_security_connector* sc1, grpc_channel_security_connector* sc2) { - GPR_ASSERT(sc1->channel_creds != NULL); - GPR_ASSERT(sc2->channel_creds != NULL); + GPR_ASSERT(sc1->channel_creds != nullptr); + GPR_ASSERT(sc2->channel_creds != nullptr); int c = GPR_ICMP(sc1->channel_creds, sc2->channel_creds); if (c != 0) return c; c = GPR_ICMP(sc1->request_metadata_creds, sc2->request_metadata_creds); @@ -163,8 +163,8 @@ int grpc_channel_security_connector_cmp(grpc_channel_security_connector* sc1, int grpc_server_security_connector_cmp(grpc_server_security_connector* sc1, grpc_server_security_connector* sc2) { - GPR_ASSERT(sc1->server_creds != NULL); - GPR_ASSERT(sc2->server_creds != NULL); + GPR_ASSERT(sc1->server_creds != nullptr); + GPR_ASSERT(sc2->server_creds != nullptr); int c = GPR_ICMP(sc1->server_creds, sc2->server_creds); if (c != 0) return c; return GPR_ICMP((void*)sc1->add_handshakers, (void*)sc2->add_handshakers); @@ -174,7 +174,7 @@ bool grpc_channel_security_connector_check_call_host( grpc_exec_ctx* exec_ctx, grpc_channel_security_connector* sc, const char* host, grpc_auth_context* auth_context, grpc_closure* on_call_host_checked, grpc_error** error) { - if (sc == NULL || sc->check_call_host == NULL) { + if (sc == nullptr || sc->check_call_host == nullptr) { *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING( "cannot check call host -- no security connector"); return true; @@ -186,7 +186,7 @@ bool grpc_channel_security_connector_check_call_host( void grpc_channel_security_connector_cancel_check_call_host( grpc_exec_ctx* exec_ctx, grpc_channel_security_connector* sc, grpc_closure* on_call_host_checked, grpc_error* error) { - if (sc == NULL || sc->cancel_check_call_host == NULL) { + if (sc == nullptr || sc->cancel_check_call_host == nullptr) { GRPC_ERROR_UNREF(error); return; } @@ -197,7 +197,7 @@ void grpc_channel_security_connector_cancel_check_call_host( grpc_security_connector* grpc_security_connector_ref( grpc_security_connector* sc, const char* file, int line, const char* reason) { - if (sc == NULL) return NULL; + if (sc == nullptr) return nullptr; if (GRPC_TRACER_ON(grpc_trace_security_connector_refcount)) { gpr_atm val = gpr_atm_no_barrier_load(&sc->refcount.count); gpr_log(file, line, GPR_LOG_SEVERITY_DEBUG, @@ -218,7 +218,7 @@ void grpc_security_connector_unref(grpc_exec_ctx* exec_ctx, grpc_security_connector* sc, const char* file, int line, const char* reason) { - if (sc == NULL) return; + if (sc == nullptr) return; if (GRPC_TRACER_ON(grpc_trace_security_connector_refcount)) { gpr_atm val = gpr_atm_no_barrier_load(&sc->refcount.count); gpr_log(file, line, GPR_LOG_SEVERITY_DEBUG, @@ -257,11 +257,11 @@ grpc_arg grpc_security_connector_to_arg(grpc_security_connector* sc) { } grpc_security_connector* grpc_security_connector_from_arg(const grpc_arg* arg) { - if (strcmp(arg->key, GRPC_ARG_SECURITY_CONNECTOR)) return NULL; + if (strcmp(arg->key, GRPC_ARG_SECURITY_CONNECTOR)) return nullptr; if (arg->type != GRPC_ARG_POINTER) { gpr_log(GPR_ERROR, "Invalid type %d for arg %s", arg->type, GRPC_ARG_SECURITY_CONNECTOR); - return NULL; + return nullptr; } return (grpc_security_connector*)arg->value.pointer.p; } @@ -269,13 +269,13 @@ grpc_security_connector* grpc_security_connector_from_arg(const grpc_arg* arg) { grpc_security_connector* grpc_security_connector_find_in_args( const grpc_channel_args* args) { size_t i; - if (args == NULL) return NULL; + if (args == nullptr) return nullptr; for (i = 0; i < args->num_args; i++) { grpc_security_connector* sc = grpc_security_connector_from_arg(&args->args[i]); - if (sc != NULL) return sc; + if (sc != nullptr) return sc; } - return NULL; + return nullptr; } static tsi_client_certificate_request_type @@ -328,14 +328,14 @@ static void fake_server_destroy(grpc_exec_ctx* exec_ctx, static bool fake_check_target(const char* target_type, const char* target, const char* set_str) { - GPR_ASSERT(target_type != NULL); - GPR_ASSERT(target != NULL); - char** set = NULL; + GPR_ASSERT(target_type != nullptr); + GPR_ASSERT(target != nullptr); + char** set = nullptr; size_t set_size = 0; gpr_string_split(set_str, ",", &set, &set_size); bool found = false; for (size_t i = 0; i < set_size; ++i) { - if (set[i] != NULL && strcmp(target, set[i]) == 0) found = true; + if (set[i] != nullptr && strcmp(target, set[i]) == 0) found = true; } for (size_t i = 0; i < set_size; ++i) { gpr_free(set[i]); @@ -347,8 +347,8 @@ static bool fake_check_target(const char* target_type, const char* target, static void fake_secure_name_check(const char* target, const char* expected_targets, bool is_lb_channel) { - if (expected_targets == NULL) return; - char** lbs_and_backends = NULL; + if (expected_targets == nullptr) return; + char** lbs_and_backends = nullptr; size_t lbs_and_backends_size = 0; bool success = false; gpr_string_split(expected_targets, ";", &lbs_and_backends, @@ -394,18 +394,18 @@ static void fake_check_peer(grpc_exec_ctx* exec_ctx, grpc_closure* on_peer_checked) { const char* prop_name; grpc_error* error = GRPC_ERROR_NONE; - *auth_context = NULL; + *auth_context = nullptr; if (peer.property_count != 1) { error = GRPC_ERROR_CREATE_FROM_STATIC_STRING( "Fake peers should only have 1 property."); goto end; } prop_name = peer.properties[0].name; - if (prop_name == NULL || + if (prop_name == nullptr || strcmp(prop_name, TSI_CERTIFICATE_TYPE_PEER_PROPERTY)) { char* msg; gpr_asprintf(&msg, "Unexpected property in fake peer: %s.", - prop_name == NULL ? "<EMPTY>" : prop_name); + prop_name == nullptr ? "<EMPTY>" : prop_name); error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(msg); gpr_free(msg); goto end; @@ -416,7 +416,7 @@ static void fake_check_peer(grpc_exec_ctx* exec_ctx, "Invalid value for cert type property."); goto end; } - *auth_context = grpc_auth_context_create(NULL); + *auth_context = grpc_auth_context_create(nullptr); grpc_auth_context_add_cstring_property( *auth_context, GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME, GRPC_FAKE_TRANSPORT_SECURITY_TYPE); @@ -452,7 +452,7 @@ static int fake_channel_cmp(grpc_security_connector* sc1, if (c != 0) return c; c = strcmp(c1->target, c2->target); if (c != 0) return c; - if (c1->expected_targets == NULL || c2->expected_targets == NULL) { + if (c1->expected_targets == nullptr || c2->expected_targets == nullptr) { c = GPR_ICMP(c1->expected_targets, c2->expected_targets); } else { c = strcmp(c1->expected_targets, c2->expected_targets); @@ -527,7 +527,7 @@ grpc_channel_security_connector* grpc_fake_channel_security_connector_create( c->target = gpr_strdup(target); const char* expected_targets = grpc_fake_transport_get_expected_targets(args); c->expected_targets = gpr_strdup(expected_targets); - c->is_lb_channel = (grpc_lb_targets_info_find_in_args(args) != NULL); + c->is_lb_channel = (grpc_lb_targets_info_find_in_args(args) != nullptr); return &c->base; } @@ -560,11 +560,11 @@ typedef struct { static bool server_connector_has_cert_config_fetcher( grpc_ssl_server_security_connector* c) { - GPR_ASSERT(c != NULL); + GPR_ASSERT(c != nullptr); grpc_ssl_server_credentials* server_creds = (grpc_ssl_server_credentials*)c->base.server_creds; - GPR_ASSERT(server_creds != NULL); - return server_creds->certificate_config_fetcher.cb != NULL; + GPR_ASSERT(server_creds != nullptr); + return server_creds->certificate_config_fetcher.cb != nullptr; } static void ssl_channel_destroy(grpc_exec_ctx* exec_ctx, @@ -574,9 +574,9 @@ static void ssl_channel_destroy(grpc_exec_ctx* exec_ctx, grpc_channel_credentials_unref(exec_ctx, c->base.channel_creds); grpc_call_credentials_unref(exec_ctx, c->base.request_metadata_creds); tsi_ssl_client_handshaker_factory_unref(c->client_handshaker_factory); - c->client_handshaker_factory = NULL; - if (c->target_name != NULL) gpr_free(c->target_name); - if (c->overridden_target_name != NULL) gpr_free(c->overridden_target_name); + c->client_handshaker_factory = nullptr; + if (c->target_name != nullptr) gpr_free(c->target_name); + if (c->overridden_target_name != nullptr) gpr_free(c->overridden_target_name); gpr_free(sc); } @@ -586,7 +586,7 @@ static void ssl_server_destroy(grpc_exec_ctx* exec_ctx, (grpc_ssl_server_security_connector*)sc; grpc_server_credentials_unref(exec_ctx, c->base.server_creds); tsi_ssl_server_handshaker_factory_unref(c->server_handshaker_factory); - c->server_handshaker_factory = NULL; + c->server_handshaker_factory = nullptr; gpr_free(sc); } @@ -596,11 +596,11 @@ static void ssl_channel_add_handshakers(grpc_exec_ctx* exec_ctx, grpc_ssl_channel_security_connector* c = (grpc_ssl_channel_security_connector*)sc; // Instantiate TSI handshaker. - tsi_handshaker* tsi_hs = NULL; + tsi_handshaker* tsi_hs = nullptr; tsi_result result = tsi_ssl_client_handshaker_factory_create_handshaker( c->client_handshaker_factory, - c->overridden_target_name != NULL ? c->overridden_target_name - : c->target_name, + c->overridden_target_name != nullptr ? c->overridden_target_name + : c->target_name, &tsi_hs); if (result != TSI_OK) { gpr_log(GPR_ERROR, "Handshaker creation failed with error %s.", @@ -615,7 +615,7 @@ static void ssl_channel_add_handshakers(grpc_exec_ctx* exec_ctx, } static const char** fill_alpn_protocol_strings(size_t* num_alpn_protocols) { - GPR_ASSERT(num_alpn_protocols != NULL); + GPR_ASSERT(num_alpn_protocols != nullptr); *num_alpn_protocols = grpc_chttp2_num_alpn_versions(); const char** alpn_protocol_strings = (const char**)gpr_malloc(sizeof(const char*) * (*num_alpn_protocols)); @@ -632,7 +632,7 @@ static const char** fill_alpn_protocol_strings(size_t* num_alpn_protocols) { static bool try_replace_server_handshaker_factory( grpc_ssl_server_security_connector* sc, const grpc_ssl_server_certificate_config* config) { - if (config == NULL) { + if (config == nullptr) { gpr_log(GPR_ERROR, "Server certificate config callback returned invalid (NULL) " "config."); @@ -645,7 +645,7 @@ static bool try_replace_server_handshaker_factory( fill_alpn_protocol_strings(&num_alpn_protocols); tsi_ssl_pem_key_cert_pair* cert_pairs = grpc_convert_grpc_to_tsi_cert_pairs( config->pem_key_cert_pairs, config->num_key_cert_pairs); - tsi_ssl_server_handshaker_factory* new_handshaker_factory = NULL; + tsi_ssl_server_handshaker_factory* new_handshaker_factory = nullptr; grpc_ssl_server_credentials* server_creds = (grpc_ssl_server_credentials*)sc->base.server_creds; tsi_result result = tsi_create_ssl_server_handshaker_factory_ex( @@ -672,10 +672,10 @@ static bool try_replace_server_handshaker_factory( * an error. Returns true if new credentials were sucessfully loaded. */ static bool try_fetch_ssl_server_credentials( grpc_ssl_server_security_connector* sc) { - grpc_ssl_server_certificate_config* certificate_config = NULL; + grpc_ssl_server_certificate_config* certificate_config = nullptr; bool status; - GPR_ASSERT(sc != NULL); + GPR_ASSERT(sc != nullptr); if (!server_connector_has_cert_config_fetcher(sc)) return false; grpc_ssl_server_credentials* server_creds = @@ -697,7 +697,7 @@ static bool try_fetch_ssl_server_credentials( status = false; } - if (certificate_config != NULL) { + if (certificate_config != nullptr) { grpc_ssl_server_certificate_config_destroy(certificate_config); } return status; @@ -710,7 +710,7 @@ static void ssl_server_add_handshakers(grpc_exec_ctx* exec_ctx, (grpc_ssl_server_security_connector*)sc; // Instantiate TSI handshaker. try_fetch_ssl_server_credentials(c); - tsi_handshaker* tsi_hs = NULL; + tsi_handshaker* tsi_hs = nullptr; tsi_result result = tsi_ssl_server_handshaker_factory_create_handshaker( c->server_handshaker_factory, &tsi_hs); if (result != TSI_OK) { @@ -726,10 +726,10 @@ static void ssl_server_add_handshakers(grpc_exec_ctx* exec_ctx, } static int ssl_host_matches_name(const tsi_peer* peer, const char* peer_name) { - char* allocated_name = NULL; + char* allocated_name = nullptr; int r; - if (strchr(peer_name, ':') != NULL) { + if (strchr(peer_name, ':') != nullptr) { char* ignored_port; gpr_split_host_port(peer_name, &allocated_name, &ignored_port); gpr_free(ignored_port); @@ -743,21 +743,21 @@ static int ssl_host_matches_name(const tsi_peer* peer, const char* peer_name) { grpc_auth_context* tsi_ssl_peer_to_auth_context(const tsi_peer* peer) { size_t i; - grpc_auth_context* ctx = NULL; - const char* peer_identity_property_name = NULL; + grpc_auth_context* ctx = nullptr; + const char* peer_identity_property_name = nullptr; /* The caller has checked the certificate type property. */ GPR_ASSERT(peer->property_count >= 1); - ctx = grpc_auth_context_create(NULL); + ctx = grpc_auth_context_create(nullptr); grpc_auth_context_add_cstring_property( ctx, GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME, GRPC_SSL_TRANSPORT_SECURITY_TYPE); for (i = 0; i < peer->property_count; i++) { const tsi_peer_property* prop = &peer->properties[i]; - if (prop->name == NULL) continue; + if (prop->name == nullptr) continue; if (strcmp(prop->name, TSI_X509_SUBJECT_COMMON_NAME_PEER_PROPERTY) == 0) { /* If there is no subject alt name, have the CN as the identity. */ - if (peer_identity_property_name == NULL) { + if (peer_identity_property_name == nullptr) { peer_identity_property_name = GRPC_X509_CN_PROPERTY_NAME; } grpc_auth_context_add_property(ctx, GRPC_X509_CN_PROPERTY_NAME, @@ -772,7 +772,7 @@ grpc_auth_context* tsi_ssl_peer_to_auth_context(const tsi_peer* peer) { prop->value.data, prop->value.length); } } - if (peer_identity_property_name != NULL) { + if (peer_identity_property_name != nullptr) { GPR_ASSERT(grpc_auth_context_set_peer_identity_property_name( ctx, peer_identity_property_name) == 1); } @@ -785,7 +785,7 @@ static grpc_error* ssl_check_peer(grpc_security_connector* sc, /* Check the ALPN. */ const tsi_peer_property* p = tsi_peer_get_property_by_name(peer, TSI_SSL_ALPN_SELECTED_PROTOCOL); - if (p == NULL) { + if (p == nullptr) { return GRPC_ERROR_CREATE_FROM_STATIC_STRING( "Cannot check peer: missing selected ALPN property."); } @@ -795,7 +795,7 @@ static grpc_error* ssl_check_peer(grpc_security_connector* sc, } /* Check the peer name if specified. */ - if (peer_name != NULL && !ssl_host_matches_name(peer, peer_name)) { + if (peer_name != nullptr && !ssl_host_matches_name(peer, peer_name)) { char* msg; gpr_asprintf(&msg, "Peer name %s is not in peer certificate", peer_name); grpc_error* error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(msg); @@ -813,7 +813,7 @@ static void ssl_channel_check_peer(grpc_exec_ctx* exec_ctx, grpc_ssl_channel_security_connector* c = (grpc_ssl_channel_security_connector*)sc; grpc_error* error = ssl_check_peer(sc, - c->overridden_target_name != NULL + c->overridden_target_name != nullptr ? c->overridden_target_name : c->target_name, &peer, auth_context); @@ -825,7 +825,7 @@ static void ssl_server_check_peer(grpc_exec_ctx* exec_ctx, grpc_security_connector* sc, tsi_peer peer, grpc_auth_context** auth_context, grpc_closure* on_peer_checked) { - grpc_error* error = ssl_check_peer(sc, NULL, &peer, auth_context); + grpc_error* error = ssl_check_peer(sc, nullptr, &peer, auth_context); tsi_peer_destruct(&peer); GRPC_CLOSURE_SCHED(exec_ctx, on_peer_checked, error); } @@ -840,8 +840,8 @@ static int ssl_channel_cmp(grpc_security_connector* sc1, if (c != 0) return c; c = strcmp(c1->target_name, c2->target_name); if (c != 0) return c; - return (c1->overridden_target_name == NULL || - c2->overridden_target_name == NULL) + return (c1->overridden_target_name == nullptr || + c2->overridden_target_name == nullptr) ? GPR_ICMP(c1->overridden_target_name, c2->overridden_target_name) : strcmp(c1->overridden_target_name, c2->overridden_target_name); } @@ -871,13 +871,13 @@ tsi_peer tsi_shallow_peer_from_ssl_auth_context( memset(&peer, 0, sizeof(peer)); it = grpc_auth_context_property_iterator(auth_context); - while (grpc_auth_property_iterator_next(&it) != NULL) max_num_props++; + while (grpc_auth_property_iterator_next(&it) != nullptr) max_num_props++; if (max_num_props > 0) { peer.properties = (tsi_peer_property*)gpr_malloc(max_num_props * sizeof(tsi_peer_property)); it = grpc_auth_context_property_iterator(auth_context); - while ((prop = grpc_auth_property_iterator_next(&it)) != NULL) { + while ((prop = grpc_auth_property_iterator_next(&it)) != nullptr) { if (strcmp(prop->name, GRPC_X509_SAN_PROPERTY_NAME) == 0) { add_shallow_auth_property_to_peer( &peer, prop, TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY); @@ -894,7 +894,7 @@ tsi_peer tsi_shallow_peer_from_ssl_auth_context( } void tsi_shallow_peer_destruct(tsi_peer* peer) { - if (peer->properties != NULL) gpr_free(peer->properties); + if (peer->properties != nullptr) gpr_free(peer->properties); } static bool ssl_channel_check_call_host(grpc_exec_ctx* exec_ctx, @@ -911,7 +911,8 @@ static bool ssl_channel_check_call_host(grpc_exec_ctx* exec_ctx, /* If the target name was overridden, then the original target_name was 'checked' transitively during the previous peer check at the end of the handshake. */ - if (c->overridden_target_name != NULL && strcmp(host, c->target_name) == 0) { + if (c->overridden_target_name != nullptr && + strcmp(host, c->target_name) == 0) { status = GRPC_SECURITY_OK; } if (status != GRPC_SECURITY_OK) { @@ -941,7 +942,7 @@ static grpc_slice compute_default_pem_root_certs_once(void) { /* First try to load the roots from the environment. */ char* default_root_certs_path = gpr_getenv(GRPC_DEFAULT_SSL_ROOTS_FILE_PATH_ENV_VAR); - if (default_root_certs_path != NULL) { + if (default_root_certs_path != nullptr) { GRPC_LOG_IF_ERROR("load_file", grpc_load_file(default_root_certs_path, 1, &result)); gpr_free(default_root_certs_path); @@ -949,11 +950,11 @@ static grpc_slice compute_default_pem_root_certs_once(void) { /* Try overridden roots if needed. */ grpc_ssl_roots_override_result ovrd_res = GRPC_SSL_ROOTS_OVERRIDE_FAIL; - if (GRPC_SLICE_IS_EMPTY(result) && ssl_roots_override_cb != NULL) { - char* pem_root_certs = NULL; + if (GRPC_SLICE_IS_EMPTY(result) && ssl_roots_override_cb != nullptr) { + char* pem_root_certs = nullptr; ovrd_res = ssl_roots_override_cb(&pem_root_certs); if (ovrd_res == GRPC_SSL_ROOTS_OVERRIDE_OK) { - GPR_ASSERT(pem_root_certs != NULL); + GPR_ASSERT(pem_root_certs != nullptr); result = grpc_slice_from_copied_buffer( pem_root_certs, strlen(pem_root_certs) + 1); // NULL terminator. @@ -986,7 +987,7 @@ const char* grpc_get_default_ssl_roots(void) { static gpr_once once = GPR_ONCE_INIT; gpr_once_init(&once, init_default_pem_root_certs); return GRPC_SLICE_IS_EMPTY(default_pem_root_certs) - ? NULL + ? nullptr : (const char*)GRPC_SLICE_START_PTR(default_pem_root_certs); } @@ -1004,13 +1005,13 @@ grpc_security_status grpc_ssl_channel_security_connector_create( char* port; bool has_key_cert_pair; - if (config == NULL || target_name == NULL) { + if (config == nullptr || target_name == nullptr) { gpr_log(GPR_ERROR, "An ssl channel needs a config and a target name."); goto error; } - if (config->pem_root_certs == NULL) { + if (config->pem_root_certs == nullptr) { pem_root_certs = grpc_get_default_ssl_roots(); - if (pem_root_certs == NULL) { + if (pem_root_certs == nullptr) { gpr_log(GPR_ERROR, "Could not get default pem root certs."); goto error; } @@ -1032,22 +1033,22 @@ grpc_security_status grpc_ssl_channel_security_connector_create( c->base.add_handshakers = ssl_channel_add_handshakers; gpr_split_host_port(target_name, &c->target_name, &port); gpr_free(port); - if (overridden_target_name != NULL) { + if (overridden_target_name != nullptr) { c->overridden_target_name = gpr_strdup(overridden_target_name); } - has_key_cert_pair = config->pem_key_cert_pair != NULL && - config->pem_key_cert_pair->private_key != NULL && - config->pem_key_cert_pair->cert_chain != NULL; + has_key_cert_pair = config->pem_key_cert_pair != nullptr && + config->pem_key_cert_pair->private_key != nullptr && + config->pem_key_cert_pair->cert_chain != nullptr; result = tsi_create_ssl_client_handshaker_factory( - has_key_cert_pair ? config->pem_key_cert_pair : NULL, pem_root_certs, + has_key_cert_pair ? config->pem_key_cert_pair : nullptr, pem_root_certs, ssl_cipher_suites(), alpn_protocol_strings, (uint16_t)num_alpn_protocols, &c->client_handshaker_factory); if (result != TSI_OK) { gpr_log(GPR_ERROR, "Handshaker factory creation failed with %s.", tsi_result_to_string(result)); ssl_channel_destroy(exec_ctx, &c->base.base); - *sc = NULL; + *sc = nullptr; goto error; } *sc = &c->base; @@ -1081,8 +1082,8 @@ grpc_security_status grpc_ssl_server_security_connector_create( (grpc_ssl_server_credentials*)gsc; grpc_security_status retval = GRPC_SECURITY_OK; - GPR_ASSERT(server_credentials != NULL); - GPR_ASSERT(sc != NULL); + GPR_ASSERT(server_credentials != nullptr); + GPR_ASSERT(sc != nullptr); grpc_ssl_server_security_connector* c = grpc_ssl_server_security_connector_initialize(gsc); @@ -1115,8 +1116,8 @@ grpc_security_status grpc_ssl_server_security_connector_create( if (retval == GRPC_SECURITY_OK) { *sc = &c->base; } else { - if (c != NULL) ssl_server_destroy(exec_ctx, &c->base.base); - if (sc != NULL) *sc = NULL; + if (c != nullptr) ssl_server_destroy(exec_ctx, &c->base.base); + if (sc != nullptr) *sc = nullptr; } return retval; } diff --git a/src/core/lib/security/transport/security_handshaker.cc b/src/core/lib/security/transport/security_handshaker.cc index 63706f142b..c540445792 100644 --- a/src/core/lib/security/transport/security_handshaker.cc +++ b/src/core/lib/security/transport/security_handshaker.cc @@ -71,10 +71,10 @@ static void security_handshaker_unref(grpc_exec_ctx* exec_ctx, gpr_mu_destroy(&h->mu); tsi_handshaker_destroy(h->handshaker); tsi_handshaker_result_destroy(h->handshaker_result); - if (h->endpoint_to_destroy != NULL) { + if (h->endpoint_to_destroy != nullptr) { grpc_endpoint_destroy(exec_ctx, h->endpoint_to_destroy); } - if (h->read_buffer_to_destroy != NULL) { + if (h->read_buffer_to_destroy != nullptr) { grpc_slice_buffer_destroy_internal(exec_ctx, h->read_buffer_to_destroy); gpr_free(h->read_buffer_to_destroy); } @@ -91,11 +91,11 @@ static void security_handshaker_unref(grpc_exec_ctx* exec_ctx, static void cleanup_args_for_failure_locked(grpc_exec_ctx* exec_ctx, security_handshaker* h) { h->endpoint_to_destroy = h->args->endpoint; - h->args->endpoint = NULL; + h->args->endpoint = nullptr; h->read_buffer_to_destroy = h->args->read_buffer; - h->args->read_buffer = NULL; + h->args->read_buffer = nullptr; grpc_channel_args_destroy(exec_ctx, h->args->args); - h->args->args = NULL; + h->args->args = nullptr; } // If the handshake failed or we're shutting down, clean up and invoke the @@ -135,9 +135,9 @@ static void on_peer_checked_inner(grpc_exec_ctx* exec_ctx, return; } // Create zero-copy frame protector, if implemented. - tsi_zero_copy_grpc_protector* zero_copy_protector = NULL; + tsi_zero_copy_grpc_protector* zero_copy_protector = nullptr; tsi_result result = tsi_handshaker_result_create_zero_copy_grpc_protector( - exec_ctx, h->handshaker_result, NULL, &zero_copy_protector); + exec_ctx, h->handshaker_result, nullptr, &zero_copy_protector); if (result != TSI_OK && result != TSI_UNIMPLEMENTED) { error = grpc_set_tsi_error_result( GRPC_ERROR_CREATE_FROM_STATIC_STRING( @@ -147,10 +147,10 @@ static void on_peer_checked_inner(grpc_exec_ctx* exec_ctx, return; } // Create frame protector if zero-copy frame protector is NULL. - tsi_frame_protector* protector = NULL; - if (zero_copy_protector == NULL) { + tsi_frame_protector* protector = nullptr; + if (zero_copy_protector == nullptr) { result = tsi_handshaker_result_create_frame_protector(h->handshaker_result, - NULL, &protector); + nullptr, &protector); if (result != TSI_OK) { error = grpc_set_tsi_error_result(GRPC_ERROR_CREATE_FROM_STATIC_STRING( "Frame protector creation failed"), @@ -160,7 +160,7 @@ static void on_peer_checked_inner(grpc_exec_ctx* exec_ctx, } } // Get unused bytes. - const unsigned char* unused_bytes = NULL; + const unsigned char* unused_bytes = nullptr; size_t unused_bytes_size = 0; result = tsi_handshaker_result_get_unused_bytes( h->handshaker_result, &unused_bytes, &unused_bytes_size); @@ -173,10 +173,10 @@ static void on_peer_checked_inner(grpc_exec_ctx* exec_ctx, grpc_slice_unref_internal(exec_ctx, slice); } else { h->args->endpoint = grpc_secure_endpoint_create( - protector, zero_copy_protector, h->args->endpoint, NULL, 0); + protector, zero_copy_protector, h->args->endpoint, nullptr, 0); } tsi_handshaker_result_destroy(h->handshaker_result); - h->handshaker_result = NULL; + h->handshaker_result = nullptr; // Clear out the read buffer before it gets passed to the transport. grpc_slice_buffer_reset_and_unref_internal(exec_ctx, h->args->read_buffer); // Add auth context to channel args. @@ -232,8 +232,8 @@ static grpc_error* on_handshake_next_done_locked( GRPC_ERROR_CREATE_FROM_STATIC_STRING("Handshake failed"), result); } // Update handshaker result. - if (handshaker_result != NULL) { - GPR_ASSERT(h->handshaker_result == NULL); + if (handshaker_result != nullptr) { + GPR_ASSERT(h->handshaker_result == nullptr); h->handshaker_result = handshaker_result; } if (bytes_to_send_size > 0) { @@ -244,7 +244,7 @@ static grpc_error* on_handshake_next_done_locked( grpc_slice_buffer_add(&h->outgoing, to_send); grpc_endpoint_write(exec_ctx, h->args->endpoint, &h->outgoing, &h->on_handshake_data_sent_to_peer); - } else if (handshaker_result == NULL) { + } else if (handshaker_result == nullptr) { // There is nothing to send, but need to read from peer. grpc_endpoint_read(exec_ctx, h->args->endpoint, h->args->read_buffer, &h->on_handshake_data_received_from_peer); @@ -280,9 +280,9 @@ static grpc_error* do_handshaker_next_locked( grpc_exec_ctx* exec_ctx, security_handshaker* h, const unsigned char* bytes_received, size_t bytes_received_size) { // Invoke TSI handshaker. - const unsigned char* bytes_to_send = NULL; + const unsigned char* bytes_to_send = nullptr; size_t bytes_to_send_size = 0; - tsi_handshaker_result* handshaker_result = NULL; + tsi_handshaker_result* handshaker_result = nullptr; tsi_result result = tsi_handshaker_next( h->handshaker, bytes_received, bytes_received_size, &bytes_to_send, &bytes_to_send_size, &handshaker_result, @@ -356,7 +356,7 @@ static void on_handshake_data_sent_to_peer(grpc_exec_ctx* exec_ctx, void* arg, return; } // We may be done. - if (h->handshaker_result == NULL) { + if (h->handshaker_result == nullptr) { grpc_endpoint_read(exec_ctx, h->args->endpoint, h->args->read_buffer, &h->on_handshake_data_received_from_peer); } else { @@ -405,7 +405,7 @@ static void security_handshaker_do_handshake(grpc_exec_ctx* exec_ctx, h->args = args; h->on_handshake_done = on_handshake_done; gpr_ref(&h->refs); - grpc_error* error = do_handshaker_next_locked(exec_ctx, h, NULL, 0); + grpc_error* error = do_handshaker_next_locked(exec_ctx, h, nullptr, 0); if (error != GRPC_ERROR_NONE) { security_handshake_failed_locked(exec_ctx, h, error); gpr_mu_unlock(&h->mu); @@ -526,7 +526,7 @@ grpc_handshaker* grpc_security_handshaker_create( grpc_security_connector* connector) { // If no TSI handshaker was created, return a handshaker that always fails. // Otherwise, return a real security handshaker. - if (handshaker == NULL) { + if (handshaker == nullptr) { return fail_handshaker_create(); } else { return security_handshaker_create(exec_ctx, handshaker, connector); diff --git a/src/core/lib/security/transport/server_auth_filter.cc b/src/core/lib/security/transport/server_auth_filter.cc index e1307410d6..9cf368acd0 100644 --- a/src/core/lib/security/transport/server_auth_filter.cc +++ b/src/core/lib/security/transport/server_auth_filter.cc @@ -56,8 +56,8 @@ static grpc_metadata_array metadata_batch_to_md_array( grpc_linked_mdelem* l; grpc_metadata_array result; grpc_metadata_array_init(&result); - for (l = batch->list.head; l != NULL; l = l->next) { - grpc_metadata* usr_md = NULL; + for (l = batch->list.head; l != nullptr; l = l->next) { + grpc_metadata* usr_md = nullptr; grpc_mdelem md = l->md; grpc_slice key = GRPC_MDKEY(md); grpc_slice value = GRPC_MDVALUE(md); @@ -98,7 +98,7 @@ static void on_md_processing_done_inner(grpc_exec_ctx* exec_ctx, call_data* calld = (call_data*)elem->call_data; grpc_transport_stream_op_batch* batch = calld->recv_initial_metadata_batch; /* TODO(jboeuf): Implement support for response_md. */ - if (response_md != NULL && num_response_md > 0) { + if (response_md != nullptr && num_response_md > 0) { gpr_log(GPR_INFO, "response_md in auth metadata processing not supported for now. " "Ignoring..."); @@ -127,7 +127,7 @@ static void on_md_processing_done( (gpr_atm)STATE_DONE)) { grpc_error* error = GRPC_ERROR_NONE; if (status != GRPC_STATUS_OK) { - if (error_details == NULL) { + if (error_details == nullptr) { error_details = "Authentication metadata processing failed."; } error = grpc_error_set_int( @@ -154,7 +154,7 @@ static void cancel_call(grpc_exec_ctx* exec_ctx, void* arg, grpc_error* error) { if (error != GRPC_ERROR_NONE && gpr_atm_full_cas(&calld->state, (gpr_atm)STATE_INIT, (gpr_atm)STATE_CANCELLED)) { - on_md_processing_done_inner(exec_ctx, elem, NULL, 0, NULL, 0, + on_md_processing_done_inner(exec_ctx, elem, nullptr, 0, nullptr, 0, GRPC_ERROR_REF(error)); } GRPC_CALL_STACK_UNREF(exec_ctx, calld->owning_call, "cancel_call"); @@ -167,7 +167,7 @@ static void recv_initial_metadata_ready(grpc_exec_ctx* exec_ctx, void* arg, call_data* calld = (call_data*)elem->call_data; grpc_transport_stream_op_batch* batch = calld->recv_initial_metadata_batch; if (error == GRPC_ERROR_NONE) { - if (chand->creds != NULL && chand->creds->processor.process != NULL) { + if (chand->creds != nullptr && chand->creds->processor.process != nullptr) { // We're calling out to the application, so we need to make sure // to drop the call combiner early if we get cancelled. GRPC_CALL_STACK_REF(calld->owning_call, "cancel_call"); @@ -220,7 +220,7 @@ static grpc_error* init_call_elem(grpc_exec_ctx* exec_ctx, grpc_server_security_context_create(); server_ctx->auth_context = grpc_auth_context_create(chand->auth_context); calld->auth_context = server_ctx->auth_context; - if (args->context[GRPC_CONTEXT_SECURITY].value != NULL) { + if (args->context[GRPC_CONTEXT_SECURITY].value != nullptr) { args->context[GRPC_CONTEXT_SECURITY].destroy( args->context[GRPC_CONTEXT_SECURITY].value); } @@ -243,7 +243,7 @@ static grpc_error* init_channel_elem(grpc_exec_ctx* exec_ctx, channel_data* chand = (channel_data*)elem->channel_data; grpc_auth_context* auth_context = grpc_find_auth_context_in_args(args->channel_args); - GPR_ASSERT(auth_context != NULL); + GPR_ASSERT(auth_context != nullptr); chand->auth_context = GRPC_AUTH_CONTEXT_REF(auth_context, "server_auth_filter"); grpc_server_credentials* creds = |