From: Dr. David von Oheimb <dev@ddvo.net>
Date: Wed, 22 Oct 2025 13:48:01 +0000 (+0200)
Subject: crypto/cmp/: generalize info/debug messages and code comments from mentioning 'server... 
X-Git-Tag: openssl-4.0.0~104
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fbd84cb4c9701a9a4c80a806700d10a5926fff70;p=thirdparty%2Fopenssl.git

crypto/cmp/: generalize info/debug messages and code comments from mentioning 'server' to 'sender'

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/28973)

(cherry picked from commit 713beaf046c8954070888ea1336ea49d320a5452)
---

diff --git a/crypto/cmp/cmp_ctx.c b/crypto/cmp/cmp_ctx.c
index e1dc88989f5..946bc7522c0 100644
--- a/crypto/cmp/cmp_ctx.c
+++ b/crypto/cmp/cmp_ctx.c
@@ -743,7 +743,7 @@ DEFINE_OSSL_set1_up_ref(OSSL_CMP_CTX, oldCert, X509)
      */
     DEFINE_OSSL_set0(ossl_cmp_ctx, newCert, X509)
 
-    /* Get successfully validated server cert, if any, of current transaction */
+    /* Get successfully validated sender cert, if any, of current transaction */
     DEFINE_OSSL_CMP_CTX_get0(validatedSrvCert, X509)
 
     /*
diff --git a/crypto/cmp/cmp_local.h b/crypto/cmp/cmp_local.h
index 4d704377dee..b96acf77ce6 100644
--- a/crypto/cmp/cmp_local.h
+++ b/crypto/cmp/cmp_local.h
@@ -57,7 +57,7 @@ struct ossl_cmp_ctx_st {
     int unprotectedErrors;
     int noCacheExtraCerts;
     X509 *srvCert; /* certificate used to identify the server */
-    X509 *validatedSrvCert; /* caches any already validated server cert */
+    X509 *validatedSrvCert; /* caches any already validated sender cert */
     X509_NAME *expected_sender; /* expected sender in header of response */
     X509_STORE *trusted; /* trust store maybe w CRLs and cert verify callback */
     STACK_OF(X509) *untrusted; /* untrusted (intermediate CA) certs */
diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c
index 16541d1af33..a28cafd7047 100644
--- a/crypto/cmp/cmp_vfy.c
+++ b/crypto/cmp/cmp_vfy.c
@@ -646,7 +646,7 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
         scrt = ctx->srvCert;
         if (scrt == NULL) {
             if (ctx->trusted == NULL && ctx->secretValue != NULL) {
-                ossl_cmp_info(ctx, "no trust store nor pinned server cert available for verifying signature-based CMP message protection");
+                ossl_cmp_info(ctx, "no trust store nor pinned sender cert available for verifying signature-based CMP message protection");
                 ERR_raise(ERR_LIB_CMP, CMP_R_MISSING_TRUST_ANCHOR);
                 return 0;
             }
@@ -660,7 +660,7 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
             /* use ctx->srvCert for signature check even if not acceptable */
             if (verify_signature(ctx, msg, scrt)) {
                 ossl_cmp_debug(ctx,
-                    "successfully validated signature-based CMP message protection using pinned server cert");
+                    "successfully validated signature-based CMP message protection using pinned sender cert");
                 return ossl_cmp_ctx_set1_validatedSrvCert(ctx, scrt);
             }
             ossl_cmp_warn(ctx, "CMP message signature verification failed");