]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6f88876)
CMP cert_response(): add missing rejection status on client rejecting new cert
authorDr. David von Oheimb <David.von.Oheimb@siemens.com>
Wed, 1 Feb 2023 16:22:17 +0000 (17:22 +0100)
committerTomas Mraz <tomas@openssl.org>
Wed, 8 Feb 2023 16:05:47 +0000 (17:05 +0100)
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20190)

crypto/cmp/cmp_client.c patch | blob | blame | history

diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c
index 6105f97b85be734776479bc1ce4b79eaae3562f7..78daeb5cbf87cc229fe713f9bc16a3f19c5d475d 100644 (file)
--- a/crypto/cmp/cmp_client.c
+++ b/crypto/cmp/cmp_client.c
@@ -630,6 +630,7 @@ static int cert_response(OSSL_CMP_CTX *ctx, int sleep, int rid,
         ERR_raise_data(ERR_LIB_CMP, CMP_R_CERTIFICATE_NOT_ACCEPTED,
                        "rejecting newly enrolled cert with subject: %s; %s",
                        subj, txt);
+        ctx->status = OSSL_CMP_PKISTATUS_rejection;
         ret = 0;
     }
     OPENSSL_free(subj);
Mirror of https://github.com/openssl/openssl.git