Fix certificate_check_cb() return value

libgit documents the return value of callbacks.certificate_check[0] as
0 for success and <0 as failure. Returning 1 for success (kind of)
works because some parts of libgit[1] check for <0 return values and
only treat those as errors, but the function actually calling the
callback (check_certificate) treats anything non-zero as error[2] and
ends up setting a spurious error message with a return value of 1.

[0] https://libgit2.org/libgit2/#HEAD/group/callback/git_transport_certificate_check_cb
[1] https://github.com/libgit2/libgit2/blob/maint/v1.5/src/libgit2/transports/httpclient.c#L1054
[2] https://github.com/libgit2/libgit2/blob/maint/v1.5/src/libgit2/transports/httpclient.c#L785

Signed-off-by: Richard Fuchs <dfx@dfx.at>
This commit is contained in:
Richard Fuchs 2023-10-04 17:34:59 -04:00 committed by Michael Keller
parent c5feae126b
commit 3c5f22ac25

View file

@ -313,9 +313,9 @@ int certificate_check_cb(git_cert *cert, int valid, const char *host, void *payl
// if we are connecting to the cloud server we alrady called 'canReachCloudServer()' // if we are connecting to the cloud server we alrady called 'canReachCloudServer()'
// which will fail if the SSL certificate isn't valid, so let's simply always // which will fail if the SSL certificate isn't valid, so let's simply always
// tell the caller that this certificate is valid // tell the caller that this certificate is valid
return 1; return 0;
} }
return valid; return valid ? 0 : -1;
} }
static int update_remote(struct git_info *info, git_remote *origin, git_reference *local, git_reference *remote) static int update_remote(struct git_info *info, git_remote *origin, git_reference *local, git_reference *remote)