cmp_client_test.c: disable KUR_bad_pkiConf_protection

This is a workaround for an issue that lead to fuzz-checker CI failures;
the preliminary solution is to disable the inessential test case
test_exec_KUR_bad_pkiConf_protection.

References: https://github.com/openssl/openssl/pull/28973
Fixes: 525a4f1efbab "cmp_vfy.c,doc/,test/: when trying to use cached CMP message sender cert, no more check its revocation and chain"
Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
MergeDate: Thu Mar 26 15:58:42 2026
(Merged from https://github.com/openssl/openssl/pull/30567)

diff --git a/test/cmp_client_test.c b/test/cmp_client_test.c
index f080fe161584ae05cc7edca2a6df464ef00603fa..7e3ab256e60c1935e02bbb3ecce04ab65209d6f9 100644 (file)
--- a/test/cmp_client_test.c
+++ b/test/cmp_client_test.c
@@ -346,7 +346,7 @@ static int test_exec_KUR_ses_transfer_error(void)
 
 static int test_exec_KUR_bad_pkiConf_protection(void)
 {
-    return test_exec_KUR_ses(0, OSSL_CMP_PKIBODY_PKICONF, 0, 0);
+    return test_exec_KUR_ses(0, -1 /* disabled: OSSL_CMP_PKIBODY_PKICONF */, 0, 0);
 }
 
 static int test_exec_KUR_ses_wrong_popo(void)