From 19ddcc4cbb43464493a4b82332a1ab96da823451 Mon Sep 17 00:00:00 2001 From: "Dr. David von Oheimb" Date: Tue, 13 Sep 2022 15:43:59 +0200 Subject: CMP: fix status held in OSSL_CMP_CTX, in particular for genp messages On this occasion, replace magic constants by mnemonic ones; update doc Reviewed-by: Tomas Mraz Reviewed-by: Todd Short Reviewed-by: David von Oheimb (Merged from https://github.com/openssl/openssl/pull/19205) --- apps/cmp.c | 64 +++++++++++++++++++++++++++++++------------------------------- 1 file changed, 32 insertions(+), 32 deletions(-) (limited to 'apps') diff --git a/apps/cmp.c b/apps/cmp.c index 24672144fe..bc446a4654 100644 --- a/apps/cmp.c +++ b/apps/cmp.c @@ -2731,7 +2731,7 @@ static int cmp_server(OSSL_CMP_CTX *srv_cmp_ctx) (void)OSSL_CMP_CTX_set1_senderNonce(srv_cmp_ctx, NULL); } if (!ret || !keep_alive - || OSSL_CMP_CTX_get_status(srv_cmp_ctx) == -1 + || OSSL_CMP_CTX_get_status(srv_cmp_ctx) != OSSL_CMP_PKISTATUS_trans /* transaction closed by OSSL_CMP_CTX_server_perform() */) { BIO_free_all(cbio); cbio = NULL; @@ -2744,6 +2744,35 @@ static int cmp_server(OSSL_CMP_CTX *srv_cmp_ctx) } #endif +static void print_status(void) +{ + /* print PKIStatusInfo */ + int status = OSSL_CMP_CTX_get_status(cmp_ctx); + char *buf = app_malloc(OSSL_CMP_PKISI_BUFLEN, "PKIStatusInfo buf"); + const char *string = + OSSL_CMP_CTX_snprint_PKIStatus(cmp_ctx, buf, OSSL_CMP_PKISI_BUFLEN); + const char *from = "", *server = ""; + +#ifndef OPENSSL_NO_SOCK + if (opt_server != NULL) { + from = " from "; + server = opt_server; + } +#endif + CMP_print(bio_err, + status == OSSL_CMP_PKISTATUS_accepted + ? OSSL_CMP_LOG_INFO : + status == OSSL_CMP_PKISTATUS_rejection + || status == OSSL_CMP_PKISTATUS_waiting + ? OSSL_CMP_LOG_ERR : OSSL_CMP_LOG_WARNING, + status == OSSL_CMP_PKISTATUS_accepted ? "info" : + status == OSSL_CMP_PKISTATUS_rejection ? "server error" : + status == OSSL_CMP_PKISTATUS_waiting ? "internal error" + : "warning", "received%s%s %s", from, server, + string != NULL ? string : ""); + OPENSSL_free(buf); +} + int cmp_main(int argc, char **argv) { char *configfile = NULL; @@ -2982,39 +3011,10 @@ int cmp_main(int argc, char **argv) default: break; } - if (OSSL_CMP_CTX_get_status(cmp_ctx) < 0) + if (OSSL_CMP_CTX_get_status(cmp_ctx) < OSSL_CMP_PKISTATUS_accepted) goto err; /* we got no response, maybe even did not send request */ - { - /* print PKIStatusInfo */ - int status = OSSL_CMP_CTX_get_status(cmp_ctx); - char *buf = app_malloc(OSSL_CMP_PKISI_BUFLEN, "PKIStatusInfo buf"); - const char *string = - OSSL_CMP_CTX_snprint_PKIStatus(cmp_ctx, buf, - OSSL_CMP_PKISI_BUFLEN); - const char *from = "", *server = ""; - -#ifndef OPENSSL_NO_SOCK - if (opt_server != NULL) { - from = " from "; - server = opt_server; - } -#endif - CMP_print(bio_err, - status == OSSL_CMP_PKISTATUS_accepted - ? OSSL_CMP_LOG_INFO : - status == OSSL_CMP_PKISTATUS_rejection - || status == OSSL_CMP_PKISTATUS_waiting - ? OSSL_CMP_LOG_ERR : OSSL_CMP_LOG_WARNING, - status == OSSL_CMP_PKISTATUS_accepted ? "info" : - status == OSSL_CMP_PKISTATUS_rejection ? "server error" : - status == OSSL_CMP_PKISTATUS_waiting ? "internal error" - : "warning", - "received%s%s %s", from, server, - string != NULL ? string : ""); - OPENSSL_free(buf); - } - + print_status(); if (save_free_certs(cmp_ctx, OSSL_CMP_CTX_get1_extraCertsIn(cmp_ctx), opt_extracertsout, "extra") < 0) ret = 0; -- cgit v1.2.3