refactor: replace returning pyobject with bound<'p, pyany> in x509::c…

…ommon::parse_general_names Signed-off-by: oleg.hoefling <[email protected]>
pyca · Nov 16, 2024 · b7cc11a · b7cc11a
1 parent 1c05763
commit b7cc11a
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 26 deletions.
diff --git a/src/rust/src/x509/certificate.rs b/src/rust/src/x509/certificate.rs
@@ -589,34 +589,35 @@ fn parse_general_subtrees<'p>(
     Ok(gns.into_any())
 }
 
-pub(crate) fn parse_distribution_point_name(
-    py: pyo3::Python<'_>,
-    dp: DistributionPointName<'_>,
-) -> Result<(pyo3::PyObject, pyo3::PyObject), CryptographyError> {
+pub(crate) fn parse_distribution_point_name<'p>(
+    py: pyo3::Python<'p>,
+    dp: DistributionPointName<'p>,
+) -> CryptographyResult<(pyo3::Bound<'p, pyo3::PyAny>, pyo3::Bound<'p, pyo3::PyAny>)> {
     Ok(match dp {
         DistributionPointName::FullName(data) => (
             x509::parse_general_names(py, data.unwrap_read())?,
-            py.None(),
+            py.None().into_bound(py),
+        ),
+        DistributionPointName::NameRelativeToCRLIssuer(data) => (
+            py.None().into_bound(py),
+            x509::parse_rdn(py, data.unwrap_read())?,
         ),
-        DistributionPointName::NameRelativeToCRLIssuer(data) => {
-            (py.None(), x509::parse_rdn(py, data.unwrap_read())?)
-        }
     })
 }
 
 fn parse_distribution_point<'p>(
     py: pyo3::Python<'p>,
-    dp: DistributionPoint<'_>,
+    dp: DistributionPoint<'p>,
 ) -> CryptographyResult<pyo3::Bound<'p, pyo3::PyAny>> {
     let (full_name, relative_name) = match dp.distribution_point {
         Some(data) => parse_distribution_point_name(py, data)?,
-        None => (py.None(), py.None()),
+        None => (py.None().into_bound(py), py.None().into_bound(py)),
     };
     let reasons =
         parse_distribution_point_reasons(py, dp.reasons.as_ref().map(|v| v.unwrap_read()))?;
     let crl_issuer = match dp.crl_issuer {
         Some(aci) => x509::parse_general_names(py, aci.unwrap_read())?,
-        None => py.None(),
+        None => py.None().into_bound(py),
     };
     Ok(types::DISTRIBUTION_POINT
         .get(py)?
@@ -678,7 +679,7 @@ pub(crate) fn encode_distribution_point_reasons(
 
 pub(crate) fn parse_authority_key_identifier<'p>(
     py: pyo3::Python<'p>,
-    ext: &Extension<'_>,
+    ext: &Extension<'p>,
 ) -> Result<pyo3::Bound<'p, pyo3::PyAny>, CryptographyError> {
     let aki = ext.value::<AuthorityKeyIdentifier<'_>>()?;
     let serial = match aki.authority_cert_serial_number {
@@ -687,7 +688,7 @@ pub(crate) fn parse_authority_key_identifier<'p>(
     };
     let issuer = match aki.authority_cert_issuer {
         Some(aci) => x509::parse_general_names(py, aci.unwrap_read())?,
-        None => py.None(),
+        None => py.None().into_bound(py),
     };
     Ok(types::AUTHORITY_KEY_IDENTIFIER
         .get(py)?
@@ -805,7 +806,7 @@ fn parse_admissions<'p, 'a>(
 
 pub fn parse_cert_ext<'p>(
     py: pyo3::Python<'p>,
-    ext: &Extension<'_>,
+    ext: &Extension<'p>,
 ) -> CryptographyResult<Option<pyo3::Bound<'p, pyo3::PyAny>>> {
     match ext.extn_id {
         oid::SUBJECT_ALTERNATIVE_NAME_OID => {

diff --git a/src/rust/src/x509/common.rs b/src/rust/src/x509/common.rs
@@ -230,18 +230,17 @@ fn parse_name_attribute<'p>(
 }
 
 pub(crate) fn parse_rdn<'a>(
-    py: pyo3::Python<'_>,
+    py: pyo3::Python<'a>,
     rdn: &asn1::SetOf<'a, AttributeTypeValue<'a>>,
-) -> Result<pyo3::PyObject, CryptographyError> {
+) -> CryptographyResult<pyo3::Bound<'a, pyo3::PyAny>> {
     let py_attrs = pyo3::types::PyList::empty(py);
     for attribute in rdn.clone() {
         let na = parse_name_attribute(py, attribute)?;
         py_attrs.append(na)?;
     }
     Ok(types::RELATIVE_DISTINGUISHED_NAME
         .get(py)?
-        .call1((py_attrs,))?
-        .unbind())
+        .call1((py_attrs,))?)
 }
 
 pub(crate) fn parse_general_name<'p>(
@@ -294,15 +293,15 @@ pub(crate) fn parse_general_name<'p>(
 }
 
 pub(crate) fn parse_general_names<'a>(
-    py: pyo3::Python<'_>,
+    py: pyo3::Python<'a>,
     gn_seq: &asn1::SequenceOf<'a, GeneralName<'a>>,
-) -> Result<pyo3::PyObject, CryptographyError> {
+) -> CryptographyResult<pyo3::Bound<'a, pyo3::PyAny>> {
     let gns = pyo3::types::PyList::empty(py);
     for gn in gn_seq.clone() {
         let py_gn = parse_general_name(py, gn)?;
         gns.append(py_gn)?;
     }
-    Ok(gns.into_any().unbind())
+    Ok(gns.into_any())
 }
 
 fn create_ip_network<'p>(
@@ -355,11 +354,11 @@ fn ipv6_netmask(num: u128) -> Result<u32, CryptographyError> {
 
 pub(crate) fn parse_and_cache_extensions<
     'p,
-    F: Fn(&Extension<'_>) -> Result<Option<pyo3::Bound<'p, pyo3::PyAny>>, CryptographyError>,
+    F: Fn(&Extension<'p>) -> Result<Option<pyo3::Bound<'p, pyo3::PyAny>>, CryptographyError>,
 >(
     py: pyo3::Python<'p>,
     cached_extensions: &pyo3::sync::GILOnceCell<pyo3::PyObject>,
-    raw_extensions: &Option<RawExtensions<'_>>,
+    raw_extensions: &Option<RawExtensions<'p>>,
     parse_ext: F,
 ) -> pyo3::PyResult<pyo3::PyObject> {
     cached_extensions

diff --git a/src/rust/src/x509/crl.rs b/src/rust/src/x509/crl.rs
@@ -355,7 +355,7 @@ impl CertificateRevocationList {
                     let idp = ext.value::<crl::IssuingDistributionPoint<'_>>()?;
                     let (full_name, relative_name) = match idp.distribution_point {
                         Some(data) => certificate::parse_distribution_point_name(py, data)?,
-                        None => (py.None(), py.None()),
+                        None => (py.None().into_bound(py), py.None().into_bound(py)),
                     };
                     let py_reasons = if let Some(reasons) = idp.only_some_reasons {
                         certificate::parse_distribution_point_reasons(
@@ -611,7 +611,7 @@ pub(crate) fn parse_crl_reason_flags<'p>(
 
 pub fn parse_crl_entry_ext<'p>(
     py: pyo3::Python<'p>,
-    ext: &Extension<'_>,
+    ext: &Extension<'p>,
 ) -> CryptographyResult<Option<pyo3::Bound<'p, pyo3::PyAny>>> {
     match ext.extn_id {
         oid::CRL_REASON_OID => {

diff --git a/src/rust/src/x509/verify.rs b/src/rust/src/x509/verify.rs
@@ -318,7 +318,7 @@ impl PyClientVerifier {
         let py_gns = parse_general_names(py, &leaf_gns)?;
 
         Ok(PyVerifiedClient {
-            subjects: Some(py_gns),
+            subjects: Some(py_gns.into()),
             chain: py_chain.unbind(),
         })
     }