diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-11-13 21:32:31 +0100 |
---|---|---|
committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-11-20 13:36:30 +0100 |
commit | 8c5c2fa544e8ca05bb756e99dbc9cb5ed82db37c (patch) | |
tree | 2d0f3e595a1bb73a1ecd08f8842248eddece611f | |
parent | 6fd8313589b3fd55e31f65097007c3c1fdbe5021 (diff) |
CMP: prevent misleading PKIStatusInfo output if not response available
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13409)
-rw-r--r-- | apps/cmp.c | 2 | ||||
-rw-r--r-- | crypto/cmp/cmp_client.c | 1 |
2 files changed, 3 insertions, 0 deletions
diff --git a/apps/cmp.c b/apps/cmp.c index b1813df9bc..ccb61ab497 100644 --- a/apps/cmp.c +++ b/apps/cmp.c @@ -2870,6 +2870,8 @@ int cmp_main(int argc, char **argv) default: break; } + if (OSSL_CMP_CTX_get_status(cmp_ctx) < 0) + goto err; /* we got no response, maybe even did not send request */ { /* print PKIStatusInfo */ diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c index c19eea818f..75176cd195 100644 --- a/crypto/cmp/cmp_client.c +++ b/crypto/cmp/cmp_client.c @@ -886,6 +886,7 @@ STACK_OF(OSSL_CMP_ITAV) *OSSL_CMP_exec_GENM_ses(OSSL_CMP_CTX *ctx) ERR_raise(ERR_LIB_CMP, CMP_R_INVALID_ARGS); return 0; } + ctx->status = -1; if ((genm = ossl_cmp_genm_new(ctx)) == NULL) goto err; |