From e0ebc427a78787abdd9a3073a433e7225addd285 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oleg=20H=C3=B6fling?= Date: Sun, 17 Nov 2024 01:03:16 +0100 Subject: [PATCH] refactor: replace returning pyobject with bound<'p, pyany> in x509::common::parse_general_names (#11980) Signed-off-by: oleg.hoefling --- src/rust/src/x509/certificate.rs | 29 +++++++++++++++-------------- src/rust/src/x509/common.rs | 17 ++++++++--------- src/rust/src/x509/crl.rs | 4 ++-- src/rust/src/x509/verify.rs | 2 +- 4 files changed, 26 insertions(+), 26 deletions(-) diff --git a/src/rust/src/x509/certificate.rs b/src/rust/src/x509/certificate.rs index 35d8f4f76..d57c2b7f0 100644 --- a/src/rust/src/x509/certificate.rs +++ b/src/rust/src/x509/certificate.rs @@ -589,34 +589,35 @@ fn parse_general_subtrees<'p>( Ok(gns.into_any()) } -pub(crate) fn parse_distribution_point_name( - py: pyo3::Python<'_>, - dp: DistributionPointName<'_>, -) -> Result<(pyo3::PyObject, pyo3::PyObject), CryptographyError> { +pub(crate) fn parse_distribution_point_name<'p>( + py: pyo3::Python<'p>, + dp: DistributionPointName<'p>, +) -> CryptographyResult<(pyo3::Bound<'p, pyo3::PyAny>, pyo3::Bound<'p, pyo3::PyAny>)> { Ok(match dp { DistributionPointName::FullName(data) => ( x509::parse_general_names(py, data.unwrap_read())?, - py.None(), + py.None().into_bound(py), + ), + DistributionPointName::NameRelativeToCRLIssuer(data) => ( + py.None().into_bound(py), + x509::parse_rdn(py, data.unwrap_read())?, ), - DistributionPointName::NameRelativeToCRLIssuer(data) => { - (py.None(), x509::parse_rdn(py, data.unwrap_read())?) - } }) } fn parse_distribution_point<'p>( py: pyo3::Python<'p>, - dp: DistributionPoint<'_>, + dp: DistributionPoint<'p>, ) -> CryptographyResult> { let (full_name, relative_name) = match dp.distribution_point { Some(data) => parse_distribution_point_name(py, data)?, - None => (py.None(), py.None()), + None => (py.None().into_bound(py), py.None().into_bound(py)), }; let reasons = parse_distribution_point_reasons(py, dp.reasons.as_ref().map(|v| v.unwrap_read()))?; let crl_issuer = match dp.crl_issuer { Some(aci) => x509::parse_general_names(py, aci.unwrap_read())?, - None => py.None(), + None => py.None().into_bound(py), }; Ok(types::DISTRIBUTION_POINT .get(py)? @@ -678,7 +679,7 @@ pub(crate) fn encode_distribution_point_reasons( pub(crate) fn parse_authority_key_identifier<'p>( py: pyo3::Python<'p>, - ext: &Extension<'_>, + ext: &Extension<'p>, ) -> Result, CryptographyError> { let aki = ext.value::>()?; let serial = match aki.authority_cert_serial_number { @@ -687,7 +688,7 @@ pub(crate) fn parse_authority_key_identifier<'p>( }; let issuer = match aki.authority_cert_issuer { Some(aci) => x509::parse_general_names(py, aci.unwrap_read())?, - None => py.None(), + None => py.None().into_bound(py), }; Ok(types::AUTHORITY_KEY_IDENTIFIER .get(py)? @@ -805,7 +806,7 @@ fn parse_admissions<'p, 'a>( pub fn parse_cert_ext<'p>( py: pyo3::Python<'p>, - ext: &Extension<'_>, + ext: &Extension<'p>, ) -> CryptographyResult>> { match ext.extn_id { oid::SUBJECT_ALTERNATIVE_NAME_OID => { diff --git a/src/rust/src/x509/common.rs b/src/rust/src/x509/common.rs index 58fa0b2d3..3ebdd4400 100644 --- a/src/rust/src/x509/common.rs +++ b/src/rust/src/x509/common.rs @@ -230,9 +230,9 @@ fn parse_name_attribute<'p>( } pub(crate) fn parse_rdn<'a>( - py: pyo3::Python<'_>, + py: pyo3::Python<'a>, rdn: &asn1::SetOf<'a, AttributeTypeValue<'a>>, -) -> Result { +) -> CryptographyResult> { let py_attrs = pyo3::types::PyList::empty(py); for attribute in rdn.clone() { let na = parse_name_attribute(py, attribute)?; @@ -240,8 +240,7 @@ pub(crate) fn parse_rdn<'a>( } Ok(types::RELATIVE_DISTINGUISHED_NAME .get(py)? - .call1((py_attrs,))? - .unbind()) + .call1((py_attrs,))?) } pub(crate) fn parse_general_name<'p>( @@ -294,15 +293,15 @@ pub(crate) fn parse_general_name<'p>( } pub(crate) fn parse_general_names<'a>( - py: pyo3::Python<'_>, + py: pyo3::Python<'a>, gn_seq: &asn1::SequenceOf<'a, GeneralName<'a>>, -) -> Result { +) -> CryptographyResult> { let gns = pyo3::types::PyList::empty(py); for gn in gn_seq.clone() { let py_gn = parse_general_name(py, gn)?; gns.append(py_gn)?; } - Ok(gns.into_any().unbind()) + Ok(gns.into_any()) } fn create_ip_network<'p>( @@ -355,11 +354,11 @@ fn ipv6_netmask(num: u128) -> Result { pub(crate) fn parse_and_cache_extensions< 'p, - F: Fn(&Extension<'_>) -> Result>, CryptographyError>, + F: Fn(&Extension<'p>) -> Result>, CryptographyError>, >( py: pyo3::Python<'p>, cached_extensions: &pyo3::sync::GILOnceCell, - raw_extensions: &Option>, + raw_extensions: &Option>, parse_ext: F, ) -> pyo3::PyResult { cached_extensions diff --git a/src/rust/src/x509/crl.rs b/src/rust/src/x509/crl.rs index e2d307e8e..d33428aa5 100644 --- a/src/rust/src/x509/crl.rs +++ b/src/rust/src/x509/crl.rs @@ -355,7 +355,7 @@ impl CertificateRevocationList { let idp = ext.value::>()?; let (full_name, relative_name) = match idp.distribution_point { Some(data) => certificate::parse_distribution_point_name(py, data)?, - None => (py.None(), py.None()), + None => (py.None().into_bound(py), py.None().into_bound(py)), }; let py_reasons = if let Some(reasons) = idp.only_some_reasons { certificate::parse_distribution_point_reasons( @@ -611,7 +611,7 @@ pub(crate) fn parse_crl_reason_flags<'p>( pub fn parse_crl_entry_ext<'p>( py: pyo3::Python<'p>, - ext: &Extension<'_>, + ext: &Extension<'p>, ) -> CryptographyResult>> { match ext.extn_id { oid::CRL_REASON_OID => { diff --git a/src/rust/src/x509/verify.rs b/src/rust/src/x509/verify.rs index 1722ab960..d9c7ddcb8 100644 --- a/src/rust/src/x509/verify.rs +++ b/src/rust/src/x509/verify.rs @@ -318,7 +318,7 @@ impl PyClientVerifier { let py_gns = parse_general_names(py, &leaf_gns)?; Ok(PyVerifiedClient { - subjects: Some(py_gns), + subjects: Some(py_gns.into()), chain: py_chain.unbind(), }) }