From 22fbb2656e3daf06c290d63d99b70c78f2f6d15d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Mart=C3=ADn=20Nieto?= Date: Sun, 2 Nov 2014 16:12:10 +0100 Subject: netops: return GIT_ECERTIFICATE when it fails the basic tests When we first ask OpenSSL to verify the certfiicate itself (rather than the HTTPS specifics), we should also return GIT_ECERTIFICATE. Otherwise, the caller would consider this as a failed operation rather than a failed validation and not call the user's own validation. --- src/netops.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/netops.c b/src/netops.c index adbae61c4..23e7e9d3c 100644 --- a/src/netops.c +++ b/src/netops.c @@ -276,7 +276,7 @@ static int verify_server_cert(gitno_ssl *ssl, const char *host) if (SSL_get_verify_result(ssl->ssl) != X509_V_OK) { giterr_set(GITERR_SSL, "The SSL certificate is invalid"); - return -1; + return GIT_ECERTIFICATE; } /* Try to parse the host as an IP address to see if it is */ -- cgit v1.2.1