OSSL_CMP_CTX_reinit(): fix missing reset of ctx->genm_ITAVs

Otherwise, further OSSL_CMP_exec_GENM_ses() calls will go wrong.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19216)

(cherry picked from commit 1c04866c671db4a6db0a1784399b351ea061bc16)

1 files changed, 4 insertions, 2 deletions

diff --git a/doc/man3/OSSL_CMP_CTX_new.pod b/doc/man3/OSSL_CMP_CTX_new.pod
index 66b79337ce..546a51dc3c 100644
--- a/doc/man3/OSSL_CMP_CTX_new.pod
+++ b/doc/man3/OSSL_CMP_CTX_new.pod
@@ -179,6 +179,7 @@ OSSL_CMP_CTX_reinit() prepares the given I<ctx> for a further transaction by
 clearing the internal CMP transaction (aka session) status, PKIStatusInfo,
 and any previous results (newCert, newChain, caPubs, and extraCertsIn)
 from the last executed transaction.
+It also clears any ITAVs that were added by OSSL_CMP_CTX_push0_genm_ITAV().
 All other field values (i.e., CMP options) are retained for potential re-use.
 
 OSSL_CMP_CTX_set_option() sets the given value for the given option
@@ -702,7 +703,8 @@ OSSL_CMP_certConf_cb() returns I<fail_info> if it is not equal to 0,
 else 0 on successful validation,
 or else a bit field with the B<OSSL_CMP_PKIFAILUREINFO_incorrectData> bit set.
 
-All other functions return 1 on success, 0 on error.
+All other functions, including OSSL_CMP_CTX_reinit(),
+return 1 on success, 0 on error.
 
 =head1 EXAMPLES
 
@@ -758,7 +760,7 @@ the id-it-signKeyPairTypes OID and prints info on the General Response contents:
     OSSL_CMP_CTX_reinit(cmp_ctx);
 
     ASN1_OBJECT *type = OBJ_txt2obj("1.3.6.1.5.5.7.4.2", 1);
-    OSSL_CMP_ITAV *itav = OSSL_CMP_ITAV_new(type, NULL);
+    OSSL_CMP_ITAV *itav = OSSL_CMP_ITAV_create(type, NULL);
     OSSL_CMP_CTX_push0_genm_ITAV(cmp_ctx, itav);
 
     STACK_OF(OSSL_CMP_ITAV) *itavs;