JSON output breaks if OCSP response is not successful
FestiveKyle opened this issue · comments
Describe the bug
There is an uncaught ValidationError
when the OCSP response status is not successful. Most OCSPResponse
properties such as certificate_status
, and serial_number
contain an error of OCSP response status is not successful so the property has no value
.
Expected behavior
Previous versions of sslyze handled this by setting optional values to None
if OCSP response is not successful. Changed here.
Python environment (please complete the following information):
- OS: openSUSE Tumbleweed 20240329
- Python version: 3.11
Additional context
Errors from console:
pydantic_core._pydantic_core.ValidationError: 6 validation errors for ServerScanResultAsJson
result.certificate_deployments.0.ocsp_response.certificate_status
Error extracting attribute: ValueError: OCSP response status is not successful so the property has no value [type=get_attribute_error, input_value=<cryptography.hazmat.bind...bject at 0x7f4d88af9830>, input_type=OCSPResponse]
For further information visit https://errors.pydantic.dev/2.3/v/get_attribute_error
result.certificate_deployments.0.ocsp_response.revocation_time
Error extracting attribute: ValueError: OCSP response status is not successful so the property has no value [type=get_attribute_error, input_value=<cryptography.hazmat.bind...bject at 0x7f4d88af9830>, input_type=OCSPResponse]
For further information visit https://errors.pydantic.dev/2.3/v/get_attribute_error
result.certificate_deployments.0.ocsp_response.produced_at
Error extracting attribute: ValueError: OCSP response status is not successful so the property has no value [type=get_attribute_error, input_value=<cryptography.hazmat.bind...bject at 0x7f4d88af9830>, input_type=OCSPResponse]
For further information visit https://errors.pydantic.dev/2.3/v/get_attribute_error
result.certificate_deployments.0.ocsp_response.this_update
Error extracting attribute: ValueError: OCSP response status is not successful so the property has no value [type=get_attribute_error, input_value=<cryptography.hazmat.bind...bject at 0x7f4d88af9830>, input_type=OCSPResponse]
For further information visit https://errors.pydantic.dev/2.3/v/get_attribute_error
result.certificate_deployments.0.ocsp_response.next_update
Error extracting attribute: ValueError: OCSP response status is not successful so the property has no value [type=get_attribute_error, input_value=<cryptography.hazmat.bind...bject at 0x7f4d88af9830>, input_type=OCSPResponse]
For further information visit https://errors.pydantic.dev/2.3/v/get_attribute_error
result.certificate_deployments.0.ocsp_response.serial_number
Error extracting attribute: ValueError: OCSP response status is not successful so the property has no value [type=get_attribute_error, input_value=<cryptography.hazmat.bind...bject at 0x7f4d88af9830>, input_type=OCSPResponse]
For further information visit https://errors.pydantic.dev/2.3/v/get_attribute_error