From 0029aabc5620563a840ea13b313f29ea2a9b395e Mon Sep 17 00:00:00 2001
From: Han Han <hhan@thousandeyes.com>
Date: Mon, 20 Aug 2018 15:10:40 -0700
Subject: x509asn1: return CURLE_PEER_FAILED_VERIFICATION on failure to parse
 cert

CURLE_PEER_FAILED_VERIFICATION makes more sense because Curl_parseX509
does not allocate memory internally as its first argument is a pointer
to the certificate structure. The same error code is also returned by
Curl_verifyhost when its call to Curl_parseX509 fails so the change
makes error handling more consistent.
---
 lib/x509asn1.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/x509asn1.c b/lib/x509asn1.c
index 72a0b4a00..fc51e02f4 100644
--- a/lib/x509asn1.c
+++ b/lib/x509asn1.c
@@ -896,7 +896,7 @@ CURLcode Curl_extract_certinfo(struct connectdata *conn,
 
   /* Extract the certificate ASN.1 elements. */
   if(Curl_parseX509(&cert, beg, end))
-    return CURLE_OUT_OF_MEMORY;
+    return CURLE_PEER_FAILED_VERIFICATION;
 
   /* Subject. */
   ccp = DNtostr(&cert.subject);
-- 
cgit v1.2.1