pyopenssl icon indicating copy to clipboard operation
pyopenssl copied to clipboard

Published 20 hours ago verified publisher icon pyca

CRL get_revoked emits inconsistent types (NoneType vs. Tuple)

Open thecubic opened this issue 5 years ago • 0 comments

TL;DR: PR #859

CRL get_revoked emits either a None or a Tuple depending on whether there are revoked certificates. This makes for awkward syntax by the caller:

_revoked: Optional[Tuple[Any]] = crl.get_revoked()
if _revoked is not None:
  for cert in _revoked:
    process_revoked_cert(cert)

vs:

for cert in crl.get_revoked():
  process_revoked_cert(cert)

(ends in TypeError: 'NoneType' object is not iterable)

The perception of callers is that the latter is the supported way, so I'm encountering bugs because None is not guarded against. But None doesn't belong here, IMHO

thecubic avatar Mar 30 '20 17:03 thecubic