Fixes the remaining net_unittests for OpenSSL, with the exceptions

net/base/x509_certificate_openssl.cc

Index: net/base/x509_certificate_openssl.cc
diff --git a/net/base/x509_certificate_openssl.cc b/net/base/x509_certificate_openssl.cc
index d2c7653664c822ede3e559d6a9ad94ef56e99450..abddd978550c0689dd51e0ff43af41f506938ab5 100644
--- a/net/base/x509_certificate_openssl.cc
+++ b/net/base/x509_certificate_openssl.cc
@@ -425,19 +425,22 @@ int X509Certificate::Verify(const std::string& hostname,
                                cert_handle_, intermediates.get());
   CHECK_EQ(1, rv);
 
-  if (X509_verify_cert(ctx.get()) == 1) {
-    return OK;
+  if (X509_verify_cert(ctx.get()) != 1) {
+    int x509_error = X509_STORE_CTX_get_error(ctx.get());
+    int cert_status = MapCertErrorToCertStatus(x509_error);
+    LOG(ERROR) << "X509 Verification error "
+        << X509_verify_cert_error_string(x509_error)
+        << " : " << x509_error
+        << " : " << X509_STORE_CTX_get_error_depth(ctx.get())
+        << " : " << cert_status;
+    verify_result->cert_status |= cert_status;
+    return MapCertStatusToNetError(verify_result->cert_status);

[wtc, 2010/12/01 22:50:05]

Nit: you can remove this return statement.  If you fall
through, the return statement on line 441 will take care
of this case.

[joth, 2010/12/02 17:12:01]

Done.

   }
 
-  int x509_error = X509_STORE_CTX_get_error(ctx.get());
-  int cert_status = MapCertErrorToCertStatus(x509_error);
-  LOG(ERROR) << "X509 Verification error "
-      << X509_verify_cert_error_string(x509_error)
-      << " : " << x509_error
-      << " : " << X509_STORE_CTX_get_error_depth(ctx.get())
-      << " : " << cert_status;
-  verify_result->cert_status |= cert_status;
-  return MapCertStatusToNetError(verify_result->cert_status);
+  if (IsCertStatusError(verify_result->cert_status))
+    return MapCertStatusToNetError(verify_result->cert_status);
+
+  return OK;
 }
 
 // static