public_key:cacerts_load/0 may return 'undefined', violating its function spec

Question

public_key:cacerts_load/0 may return 'undefined', violating its function spec

Closed this issue a month ago · 0 comments

Describe the bug
The function call public_key:cacerts_load() may return undefined if it does not find certificates at default OS locations. This is by design as can be seen in the source code.

However, the spec of the function only mentions ok and {error, term()} as two possible return types.

To Reproduce
The easiest way to reproduce this is to run Erlang in Docker using one of the -slim variants:

$ docker run --rm -it erlang:27.0-slim
Erlang/OTP 27 [erts-15.0] [source] [64-bit] [smp:16:16] [ds:16:16:10] [async-threads:1] [jit:ns]

Eshell V15.0 (press Ctrl+G to abort, type help(). for help)
1> public_key:cacerts_load().
undefined

$ docker run --rm -it erlang:26.2.5-slim
Erlang/OTP 26 [erts-14.2.5] [source] [64-bit] [smp:16:16] [ds:16:16:10] [async-threads:1] [jit:ns]

Eshell V14.2.5 (press Ctrl+G to abort, type help(). for help)
1> public_key:cacerts_load().
undefined

Expected behavior
I would expect the function to return {error, not_found} or similar so that the return value matches the return type specified in the function spec.

Affected versions
It looks like the undefined return value was first introduced in OTP 26.2 - bc28c90.