2 files changed, 17 insertions, 20 deletions

diff --git a/src/transports/http.c b/src/transports/http.c
index f49242e3b..3f74bd149 100644
--- a/src/transports/http.c
+++ b/src/transports/http.c
@@ -555,7 +555,7 @@ static int http_connect(http_subtransport *t)
 #ifdef GIT_SSL
 	if ((!error || error == GIT_ECERTIFICATE) && t->owner->certificate_check_cb != NULL) {
                 X509 *cert = SSL_get_peer_certificate(t->socket.ssl.ssl);
-                int allow, len, is_valid;
+                int len, is_valid;
 		unsigned char *guard, *encoded_cert;
 
 		/* Retrieve the length of the certificate first */
@@ -578,17 +578,17 @@ static int http_connect(http_subtransport *t)
 			return -1;
 		}
 
+		giterr_clear();
 		is_valid = error != GIT_ECERTIFICATE;
-                allow = t->owner->certificate_check_cb(GIT_CERT_X509, encoded_cert, len, is_valid, t->owner->message_cb_payload);
+                error = t->owner->certificate_check_cb(GIT_CERT_X509, encoded_cert, len, is_valid, t->owner->message_cb_payload);
 		git__free(encoded_cert);
 
-                if (allow < 0) {
-                        error = allow;
-                } else if (!allow) {
-                        error = GIT_ECERTIFICATE;
-                } else {
-                        error = 0;
-                }
+		if (error < 0) {
+			if (!giterr_last())
+				giterr_set(GITERR_NET, "user cancelled certificate check");
+
+			return error;
+		}
 	}
 #endif
 	if (error < 0)
diff --git a/src/transports/ssh.c b/src/transports/ssh.c
index a25ab6315..8ea4a25d7 100644
--- a/src/transports/ssh.c
+++ b/src/transports/ssh.c
@@ -476,7 +476,6 @@ static int _git_ssh_setup_conn(
 	if (t->owner->certificate_check_cb != NULL) {
 		git_cert_hostkey cert;
 		const char *key;
-		int allow;
 		size_t certlen;
 
 		cert.type = LIBSSH2_HOSTKEY_HASH_SHA1;
@@ -498,16 +497,14 @@ static int _git_ssh_setup_conn(
 		}
 
 		/* We don't currently trust any hostkeys */
-                allow = t->owner->certificate_check_cb(GIT_CERT_HOSTKEY_LIBSSH2, &cert, certlen, 0, t->owner->message_cb_payload);
-                if (allow < 0) {
-                        error = allow;
-                        goto on_error;
-                }
-
-                if (!allow) {
-                        error = GIT_ECERTIFICATE;
-                        goto on_error;
-                }
+		giterr_clear();
+                error = t->owner->certificate_check_cb(GIT_CERT_HOSTKEY_LIBSSH2, &cert, certlen, 0, t->owner->message_cb_payload);
+		if (error < 0) {
+			if (!giterr_last())
+				giterr_set(GITERR_NET, "user cancelled hostkey check");
+
+			goto on_error;
+		}
         }
 
 	/* we need the username to ask for auth methods */