http: send the DER-encoded cert to the callback

Instead of the parsed data, we can ask OpenSSL to give us the
DER-encoded version of the certificate, which the user can then parse
and validate.

2 files changed, 4 insertions, 4 deletions

diff --git a/include/git2/transport.h b/include/git2/transport.h
index cd4429fee..7365cffdf 100644
--- a/include/git2/transport.h
+++ b/include/git2/transport.h
@@ -26,10 +26,9 @@ GIT_BEGIN_DECL
 typedef enum git_cert_t {
         /**
          * The `data` argument to the callback will be a pointer to
-         * OpenSSL's `X509` structure.
+         * the DER-encoded data.
          */
-	GIT_CERT_X509_OPENSSL,
-	GIT_CERT_X509_WINHTTP,
+	GIT_CERT_X509,
         /**
          * The `data` argument to the callback will be a pointer to a
          * `git_cert_hostkey` structure.
diff --git a/include/git2/types.h b/include/git2/types.h
index 0009a8aa5..b574d2945 100644
--- a/include/git2/types.h
+++ b/include/git2/types.h
@@ -261,9 +261,10 @@ typedef enum git_cert_t git_cert_t;
  *
  * @param type The type of certificate or host info, SSH or X.509
  * @param data The data for the certificate or host info
+ * @param len The size of the certificate or host info
  * @param payload Payload provided by the caller
  */
-typedef int (*git_transport_certificate_check_cb)(git_cert_t type, void *data, void *payload);
+typedef int (*git_transport_certificate_check_cb)(git_cert_t type, void *data, size_t len, void *payload);
 
 /**
  * Opaque structure representing a submodule.