CMP cert_response(): add missing rejection status on client rejecting new cert

Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20190)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2023-02-01 17:22:17 +0100
committer: Tomas Mraz <tomas@openssl.org> 2023-02-08 17:05:47 +0100
commit: e7041bfea77cc7e6bab1fe8d2745b6969a8c78aa (patch)
tree: c55dfa6f01bd8eabd23ee7d28bdae0109c3f8261 /crypto/cmp
parent: 6f88876d4ea66d1f0b9217fec18b9dcc760a451a (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c
index 6105f97b85..78daeb5cbf 100644
--- a/crypto/cmp/cmp_client.c
+++ b/crypto/cmp/cmp_client.c
@@ -630,6 +630,7 @@ static int cert_response(OSSL_CMP_CTX *ctx, int sleep, int rid,
         ERR_raise_data(ERR_LIB_CMP, CMP_R_CERTIFICATE_NOT_ACCEPTED,
                        "rejecting newly enrolled cert with subject: %s; %s",
                        subj, txt);
+        ctx->status = OSSL_CMP_PKISTATUS_rejection;
         ret = 0;
     }
     OPENSSL_free(subj);
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2023-02-01 17:22:17 +0100
committer	Tomas Mraz <tomas@openssl.org>	2023-02-08 17:05:47 +0100
commit	e7041bfea77cc7e6bab1fe8d2745b6969a8c78aa (patch)
tree	c55dfa6f01bd8eabd23ee7d28bdae0109c3f8261 /crypto/cmp
parent	6f88876d4ea66d1f0b9217fec18b9dcc760a451a (diff)