diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2023-02-01 17:22:17 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-02-08 17:05:47 +0100 |
commit | e7041bfea77cc7e6bab1fe8d2745b6969a8c78aa (patch) | |
tree | c55dfa6f01bd8eabd23ee7d28bdae0109c3f8261 /crypto/cmp | |
parent | 6f88876d4ea66d1f0b9217fec18b9dcc760a451a (diff) |
CMP cert_response(): add missing rejection status on client rejecting new cert
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20190)
Diffstat (limited to 'crypto/cmp')
-rw-r--r-- | crypto/cmp/cmp_client.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c index 6105f97b85..78daeb5cbf 100644 --- a/crypto/cmp/cmp_client.c +++ b/crypto/cmp/cmp_client.c @@ -630,6 +630,7 @@ static int cert_response(OSSL_CMP_CTX *ctx, int sleep, int rid, ERR_raise_data(ERR_LIB_CMP, CMP_R_CERTIFICATE_NOT_ACCEPTED, "rejecting newly enrolled cert with subject: %s; %s", subj, txt); + ctx->status = OSSL_CMP_PKISTATUS_rejection; ret = 0; } OPENSSL_free(subj); |