Make //crypto factories return std::unique_ptr<>s

crypto/nss_util.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "crypto/nss_util.h"
 
 #include <nss.h>
 #include <pk11pub.h>
 #include <plarena.h>
 #include <prerror.h>
@@ skipping 108 matching lines @@
 // CryptoModuleBlockingPasswordDelegate object.
 char* PKCS11PasswordFunc(PK11SlotInfo* slot, PRBool retry, void* arg) {
   crypto::CryptoModuleBlockingPasswordDelegate* delegate =
       reinterpret_cast<crypto::CryptoModuleBlockingPasswordDelegate*>(arg);
   if (delegate) {
     bool cancelled = false;
     std::string password = delegate->RequestPassword(PK11_GetTokenName(slot),
                                                      retry != PR_FALSE,
                                                      &cancelled);
     if (cancelled)
-      return NULL;
+      return nullptr;
     char* result = PORT_Strdup(password.c_str());
     password.replace(0, password.size(), password.size(), 0);
     return result;
   }
-  DLOG(ERROR) << "PK11 password requested with NULL arg";
-  return NULL;
+  DLOG(ERROR) << "PK11 password requested with nullptr arg";
+  return nullptr;
 }
 
 // NSS creates a local cache of the sqlite database if it detects that the
 // filesystem the database is on is much slower than the local disk.  The
 // detection doesn't work with the latest versions of sqlite, such as 3.6.22
 // (NSS bug https://bugzilla.mozilla.org/show_bug.cgi?id=578561).  So we set
 // the NSS environment variable NSS_SDB_USE_CACHE to "yes" to override NSS's
 // detection when database_dir is on NFS.  See http://crbug.com/48585.
 //
 // Because this function sets an environment variable it must be run before we
@@ skipping 65 matching lines @@
         private_slot_initialization_started_(false) {}
   ~ChromeOSUserData() {
     if (public_slot_) {
       SECStatus status = SECMOD_CloseUserDB(public_slot_.get());
       if (status != SECSuccess)
         PLOG(ERROR) << "SECMOD_CloseUserDB failed: " << PORT_GetError();
     }
   }
 
   ScopedPK11Slot GetPublicSlot() {
-    return ScopedPK11Slot(
-        public_slot_ ? PK11_ReferenceSlot(public_slot_.get()) : NULL);
+    return ScopedPK11Slot(public_slot_ ? PK11_ReferenceSlot(public_slot_.get())
+                                       : nullptr);
   }
 
   ScopedPK11Slot GetPrivateSlot(
       const base::Callback<void(ScopedPK11Slot)>& callback) {
     if (private_slot_)
       return ScopedPK11Slot(PK11_ReferenceSlot(private_slot_.get()));
     if (!callback.is_null())
       tpm_ready_callback_list_.push_back(callback);
     return ScopedPK11Slot();
   }
@@ skipping 113 matching lines @@
     DCHECK(!initializing_tpm_token_);
     // If EnableTPMTokenForNSS hasn't been called, return false.
     if (!tpm_token_enabled_for_nss_) {
       base::ThreadTaskRunnerHandle::Get()->PostTask(
           FROM_HERE, base::Bind(callback, false));
       return;
     }
 
     // If everything is already initialized, then return true.
     // Note that only |tpm_slot_| is checked, since |chaps_module_| could be
-    // NULL in tests while |tpm_slot_| has been set to the test DB.
+    // nullptr in tests while |tpm_slot_| has been set to the test DB.
     if (tpm_slot_) {
       base::ThreadTaskRunnerHandle::Get()->PostTask(FROM_HERE,
                                                     base::Bind(callback, true));
       return;
     }
 
     // Note that a reference is not taken to chaps_module_. This is safe since
     // NSSInitSingleton is Leaky, so the reference it holds is never released.
     std::unique_ptr<TPMModuleAndSlot> tpm_args(
         new TPMModuleAndSlot(chaps_module_));
@@ skipping 234 matching lines @@
   void CloseChromeOSUserForTesting(const std::string& username_hash) {
     DCHECK(thread_checker_.CalledOnValidThread());
     ChromeOSUserMap::iterator i = chromeos_user_map_.find(username_hash);
     DCHECK(i != chromeos_user_map_.end());
     delete i->second;
     chromeos_user_map_.erase(i);
   }
 
   void SetSystemKeySlotForTesting(ScopedPK11Slot slot) {
     // Ensure that a previous value of test_system_slot_ is not overwritten.
-    // Unsetting, i.e. setting a NULL, however is allowed.
+    // Unsetting, i.e. setting a nullptr, however is allowed.
     DCHECK(!slot || !test_system_slot_);
     test_system_slot_ = std::move(slot);
     if (test_system_slot_) {
       tpm_slot_.reset(PK11_ReferenceSlot(test_system_slot_.get()));
       RunAndClearTPMReadyCallbackList();
     } else {
       tpm_slot_.reset();
     }
   }
 #endif  // defined(OS_CHROMEOS)
@@ skipping 15 matching lines @@
       const base::Callback<void(ScopedPK11Slot)>& callback) {
     callback.Run(ScopedPK11Slot(PK11_ReferenceSlot(tpm_slot_.get())));
   }
 
   ScopedPK11Slot GetSystemNSSKeySlot(
       const base::Callback<void(ScopedPK11Slot)>& callback) {
     DCHECK(thread_checker_.CalledOnValidThread());
     // TODO(mattm): chromeos::TPMTokenloader always calls
     // InitializeTPMTokenAndSystemSlot with slot 0.  If the system slot is
     // disabled, tpm_slot_ will be the first user's slot instead. Can that be
-    // detected and return NULL instead?
+    // detected and return nullptr instead?
 
     base::Closure wrapped_callback;
     if (!callback.is_null()) {
       wrapped_callback =
           base::Bind(&NSSInitSingleton::GetSystemNSSKeySlotCallback,
                      base::Unretained(this) /* singleton is leaky */,
                      callback);
     }
     if (IsTPMTokenReady(wrapped_callback))
       return ScopedPK11Slot(PK11_ReferenceSlot(tpm_slot_.get()));
     return ScopedPK11Slot();
   }
 #endif
 
   base::Lock* write_lock() {
     return &write_lock_;
   }
 
  private:
   friend struct base::DefaultLazyInstanceTraits<NSSInitSingleton>;
 
   NSSInitSingleton()
       : tpm_token_enabled_for_nss_(false),
         initializing_tpm_token_(false),
-        chaps_module_(NULL),
-        root_(NULL) {
+        chaps_module_(nullptr),
+        root_(nullptr) {
     // It's safe to construct on any thread, since LazyInstance will prevent any
     // other threads from accessing until the constructor is done.
     thread_checker_.DetachFromThread();
 
     EnsureNSPRInit();
 
     // We *must* have NSS >= 3.14.3.
     static_assert(
         (NSS_VMAJOR == 3 && NSS_VMINOR == 14 && NSS_VPATCH >= 3) ||
         (NSS_VMAJOR == 3 && NSS_VMINOR > 14) ||
@@ skipping 26 matching lines @@
       status = NSS_InitReadWrite(nss_config_dir.c_str());
 #endif
       if (status != SECSuccess) {
         LOG(ERROR) << "Error initializing NSS with a persistent "
                       "database (" << nss_config_dir
                    << "): " << GetNSSErrorMessage();
       }
     }
     if (status != SECSuccess) {
       VLOG(1) << "Initializing NSS without a persistent database.";
-      status = NSS_NoDB_Init(NULL);
+      status = NSS_NoDB_Init(nullptr);
       if (status != SECSuccess) {
         CrashOnNSSInitFailure();
         return;
       }
     }
 
     PK11_SetPasswordFunc(PKCS11PasswordFunc);
 
     // If we haven't initialized the password for the NSS databases,
     // initialize an empty-string password so that we don't need to
     // log in.
     PK11SlotInfo* slot = PK11_GetInternalKeySlot();
     if (slot) {
       // PK11_InitPin may write to the keyDB, but no other thread can use NSS
       // yet, so we don't need to lock.
       if (PK11_NeedUserInit(slot))
-        PK11_InitPin(slot, NULL, NULL);
+        PK11_InitPin(slot, nullptr, nullptr);
       PK11_FreeSlot(slot);
     }
 
     root_ = InitDefaultRootCerts();
 
     // Disable MD5 certificate signatures. (They are disabled by default in
     // NSS 3.14.)
     NSS_SetAlgorithmPolicy(SEC_OID_MD5, 0, NSS_USE_ALG_IN_CERT_SIGNATURE);
     NSS_SetAlgorithmPolicy(SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION,
                            0, NSS_USE_ALG_IN_CERT_SIGNATURE);
   }
 
   // NOTE(willchan): We don't actually execute this code since we leak NSS to
   // prevent non-joinable threads from using NSS after it's already been shut
   // down.
   ~NSSInitSingleton() {
 #if defined(OS_CHROMEOS)
     STLDeleteValues(&chromeos_user_map_);
 #endif
     tpm_slot_.reset();
     if (root_) {
       SECMOD_UnloadUserModule(root_);
       SECMOD_DestroyModule(root_);
-      root_ = NULL;
+      root_ = nullptr;
     }
     if (chaps_module_) {
       SECMOD_UnloadUserModule(chaps_module_);
       SECMOD_DestroyModule(chaps_module_);
-      chaps_module_ = NULL;
+      chaps_module_ = nullptr;
     }
 
     SECStatus status = NSS_Shutdown();
     if (status != SECSuccess) {
       // We VLOG(1) because this failure is relatively harmless (leaking, but
       // we're shutting down anyway).
       VLOG(1) << "NSS_Shutdown failed; see http://crbug.com/4609";
     }
   }
 
   // Load nss's built-in root certs.
   SECMODModule* InitDefaultRootCerts() {
-    SECMODModule* root = LoadModule("Root Certs", "libnssckbi.so", NULL);
+    SECMODModule* root = LoadModule("Root Certs", "libnssckbi.so", nullptr);
     if (root)
       return root;
 
     // Aw, snap.  Can't find/load root cert shared library.
     // This will make it hard to talk to anybody via https.
     // TODO(mattm): Re-add the NOTREACHED here when crbug.com/310972 is fixed.
-    return NULL;
+    return nullptr;
   }
 
   // Load the given module for this NSS session.
   static SECMODModule* LoadModule(const char* name,
                                   const char* library_path,
                                   const char* params) {
     std::string modparams = base::StringPrintf(
         "name=\"%s\" library=\"%s\" %s",
         name, library_path, params ? params : "");
 
     // Shouldn't need to const_cast here, but SECMOD doesn't properly
     // declare input string arguments as const.  Bug
     // https://bugzilla.mozilla.org/show_bug.cgi?id=642546 was filed
     // on NSS codebase to address this.
     SECMODModule* module = SECMOD_LoadUserModule(
-        const_cast<char*>(modparams.c_str()), NULL, PR_FALSE);
+        const_cast<char*>(modparams.c_str()), nullptr, PR_FALSE);
     if (!module) {
       LOG(ERROR) << "Error loading " << name << " module into NSS: "
                  << GetNSSErrorMessage();
-      return NULL;
+      return nullptr;
     }
     if (!module->loaded) {
       LOG(ERROR) << "After loading " << name << ", loaded==false: "
                  << GetNSSErrorMessage();
       SECMOD_DestroyModule(module);
-      return NULL;
+      return nullptr;
     }
     return module;
   }
 
   bool tpm_token_enabled_for_nss_;
   bool initializing_tpm_token_;
   typedef std::vector<base::Closure> TPMReadyCallbackList;
   TPMReadyCallbackList tpm_ready_callback_list_;
   SECMODModule* chaps_module_;
   crypto::ScopedPK11Slot tpm_slot_;
@@ skipping 16 matching lines @@
 
 ScopedPK11Slot OpenSoftwareNSSDB(const base::FilePath& path,
                                  const std::string& description) {
   const std::string modspec =
       base::StringPrintf("configDir='sql:%s' tokenDescription='%s'",
                          path.value().c_str(),
                          description.c_str());
   PK11SlotInfo* db_slot = SECMOD_OpenUserDB(modspec.c_str());
   if (db_slot) {
     if (PK11_NeedUserInit(db_slot))
-      PK11_InitPin(db_slot, NULL, NULL);
+      PK11_InitPin(db_slot, nullptr, nullptr);
   } else {
     LOG(ERROR) << "Error opening persistent database (" << modspec
                << "): " << GetNSSErrorMessage();
   }
   return ScopedPK11Slot(db_slot);
 }
 
 void EarlySetupForNSSInit() {
   base::FilePath database_dir = GetInitialConfigDirectory();
   if (!database_dir.empty())
@@ skipping 14 matching lines @@
 
 bool CheckNSSVersion(const char* version) {
   return !!NSS_VersionCheck(version);
 }
 
 base::Lock* GetNSSWriteLock() {
   return g_nss_singleton.Get().write_lock();
 }
 
 AutoNSSWriteLock::AutoNSSWriteLock() : lock_(GetNSSWriteLock()) {
-  // May be NULL if the lock is not needed in our version of NSS.
+  // May be nullptr if the lock is not needed in our version of NSS.
   if (lock_)
     lock_->Acquire();
 }
 
 AutoNSSWriteLock::~AutoNSSWriteLock() {
   if (lock_) {
     lock_->AssertAcquired();
     lock_->Release();
   }
 }
@@ skipping 88 matching lines @@
   return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue();
 }
 
 #if !defined(OS_CHROMEOS)
 PK11SlotInfo* GetPersistentNSSKeySlot() {
   return g_nss_singleton.Get().GetPersistentNSSKeySlot();
 }
 #endif
 
 }  // namespace crypto