1 files changed, 14 insertions, 11 deletions

diff --git a/net/base/x509_certificate_openssl.cc b/net/base/x509_certificate_openssl.cc
index d2c7653..abddd97 100644
--- a/net/base/x509_certificate_openssl.cc
+++ b/net/base/x509_certificate_openssl.cc
@@ -425,19 +425,22 @@ int X509Certificate::Verify(const std::string& hostname,
                                cert_handle_, intermediates.get());
   CHECK_EQ(1, rv);
 
-  if (X509_verify_cert(ctx.get()) == 1) {
-    return OK;
+  if (X509_verify_cert(ctx.get()) != 1) {
+    int x509_error = X509_STORE_CTX_get_error(ctx.get());
+    int cert_status = MapCertErrorToCertStatus(x509_error);
+    LOG(ERROR) << "X509 Verification error "
+        << X509_verify_cert_error_string(x509_error)
+        << " : " << x509_error
+        << " : " << X509_STORE_CTX_get_error_depth(ctx.get())
+        << " : " << cert_status;
+    verify_result->cert_status |= cert_status;
+    return MapCertStatusToNetError(verify_result->cert_status);
   }
 
-  int x509_error = X509_STORE_CTX_get_error(ctx.get());
-  int cert_status = MapCertErrorToCertStatus(x509_error);
-  LOG(ERROR) << "X509 Verification error "
-      << X509_verify_cert_error_string(x509_error)
-      << " : " << x509_error
-      << " : " << X509_STORE_CTX_get_error_depth(ctx.get())
-      << " : " << cert_status;
-  verify_result->cert_status |= cert_status;
-  return MapCertStatusToNetError(verify_result->cert_status);
+  if (IsCertStatusError(verify_result->cert_status))
+    return MapCertStatusToNetError(verify_result->cert_status);
+
+  return OK;
 }
 
 // static