From de073c62c809b2cd67315c5b3ae99ef38fcd26a9 Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Sun, 19 Dec 2021 16:00:32 -0500
Subject: Remove native, it's behavior is confusing (#1069)

Instead just decode stuff at the call-sites -- 100% of which were passing bytes
---
 src/OpenSSL/SSL.py    |  3 +--
 src/OpenSSL/_util.py  | 19 +------------------
 src/OpenSSL/crypto.py | 25 +++++++++++--------------
 3 files changed, 13 insertions(+), 34 deletions(-)

(limited to 'src/OpenSSL')

diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
index dff6aa9..5f655f4 100644
--- a/src/OpenSSL/SSL.py
+++ b/src/OpenSSL/SSL.py
@@ -12,7 +12,6 @@ from OpenSSL._util import (
     ffi as _ffi,
     lib as _lib,
     make_assert as _make_assert,
-    native as _native,
     path_string as _path_string,
     text_to_bytes_and_warn as _text_to_bytes_and_warn,
     no_zero_allocator as _no_zero_allocator,
@@ -2118,7 +2117,7 @@ class Connection(object):
             result = _lib.SSL_get_cipher_list(self._ssl, i)
             if result == _ffi.NULL:
                 break
-            ciphers.append(_native(_ffi.string(result)))
+            ciphers.append(_ffi.string(result).decode("utf-8"))
         return ciphers
 
     def get_client_ca_list(self):
diff --git a/src/OpenSSL/_util.py b/src/OpenSSL/_util.py
index 6bd43a5..028989d 100644
--- a/src/OpenSSL/_util.py
+++ b/src/OpenSSL/_util.py
@@ -26,7 +26,7 @@ def text(charp):
     """
     if not charp:
         return ""
-    return native(ffi.string(charp))
+    return ffi.string(charp).decode("utf-8")
 
 
 def exception_from_error_queue(exception_type):
@@ -71,23 +71,6 @@ def make_assert(error):
     return openssl_assert
 
 
-def native(s):
-    """
-    Convert :py:class:`bytes` or :py:class:`unicode` to the native
-    :py:class:`str` type, using UTF-8 encoding if conversion is necessary.
-
-    :raise UnicodeError: The input string is not UTF-8 decodeable.
-
-    :raise TypeError: The input is neither :py:class:`bytes` nor
-        :py:class:`unicode`.
-    """
-    if not isinstance(s, (bytes, str)):
-        raise TypeError("%r is neither bytes nor unicode" % s)
-    if isinstance(s, bytes):
-        return s.decode("utf-8")
-    return s
-
-
 def path_string(s):
     """
     Convert a Python path to a :py:class:`bytes` string identifying the same
diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py
index e395ee3..4c5d9f3 100644
--- a/src/OpenSSL/crypto.py
+++ b/src/OpenSSL/crypto.py
@@ -13,7 +13,6 @@ from OpenSSL._util import (
     lib as _lib,
     exception_from_error_queue as _exception_from_error_queue,
     byte_string as _byte_string,
-    native as _native,
     path_string as _path_string,
     UNSPECIFIED as _UNSPECIFIED,
     text_to_bytes_and_warn as _text_to_bytes_and_warn,
@@ -672,7 +671,7 @@ class X509Name(object):
         _openssl_assert(format_result != _ffi.NULL)
 
         return "<X509Name object '%s'>" % (
-            _native(_ffi.string(result_buffer)),
+            _ffi.string(result_buffer).decode("utf-8"),
         )
 
     def hash(self):
@@ -821,11 +820,11 @@ class X509Extension(object):
             except KeyError:
                 bio = _new_mem_buf()
                 _lib.GENERAL_NAME_print(bio, name)
-                parts.append(_native(_bio_to_string(bio)))
+                parts.append(_bio_to_string(bio).decode("utf-8"))
             else:
-                value = _native(
-                    _ffi.buffer(name.d.ia5.data, name.d.ia5.length)[:]
-                )
+                value = _ffi.buffer(name.d.ia5.data, name.d.ia5.length)[
+                    :
+                ].decode("utf-8")
                 parts.append(label + ":" + value)
         return ", ".join(parts)
 
@@ -840,7 +839,7 @@ class X509Extension(object):
         print_result = _lib.X509V3_EXT_print(bio, self._extension, 0, 0)
         _openssl_assert(print_result != 0)
 
-        return _native(_bio_to_string(bio))
+        return _bio_to_string(bio).decode("utf-8")
 
     def get_critical(self):
         """
@@ -1381,7 +1380,7 @@ class X509(object):
         :return: ``True`` if the certificate has expired, ``False`` otherwise.
         :rtype: bool
         """
-        time_string = _native(self.get_notAfter())
+        time_string = self.get_notAfter().decode("utf-8")
         not_after = datetime.datetime.strptime(time_string, "%Y%m%d%H%M%SZ")
 
         return not_after < datetime.datetime.utcnow()
@@ -1850,13 +1849,11 @@ class X509StoreContext(object):
         errors = [
             _lib.X509_STORE_CTX_get_error(self._store_ctx),
             _lib.X509_STORE_CTX_get_error_depth(self._store_ctx),
-            _native(
-                _ffi.string(
-                    _lib.X509_verify_cert_error_string(
-                        _lib.X509_STORE_CTX_get_error(self._store_ctx)
-                    )
+            _ffi.string(
+                _lib.X509_verify_cert_error_string(
+                    _lib.X509_STORE_CTX_get_error(self._store_ctx)
                 )
-            ),
+            ).decode("utf-8"),
         ]
         # A context error should always be associated with a certificate, so we
         # expect this call to never return :class:`None`.
-- 
cgit v1.2.1