Commit 22fbb2656e3daf06c290d63d99b70c78f2f6d15d
2014-11-02T16:12:10
netops: return GIT_ECERTIFICATE when it fails the basic tests When we first ask OpenSSL to verify the certfiicate itself (rather than the HTTPS specifics), we should also return GIT_ECERTIFICATE. Otherwise, the caller would consider this as a failed operation rather than a failed validation and not call the user's own validation.
diff --git a/src/netops.c b/src/netops.c
index adbae61..23e7e9d 100644
--- a/src/netops.c
+++ b/src/netops.c
@@ -276,7 +276,7 @@ static int verify_server_cert(gitno_ssl *ssl, const char *host)
if (SSL_get_verify_result(ssl->ssl) != X509_V_OK) {
giterr_set(GITERR_SSL, "The SSL certificate is invalid");
- return -1;
+ return GIT_ECERTIFICATE;
}
/* Try to parse the host as an IP address to see if it is */