From 7aa70fd5e1281d86fbddcdfab03a474d0b6978af Mon Sep 17 00:00:00 2001
From: "Dr. David von Oheimb" <David.von.Oheimb@siemens.com>
Date: Wed, 27 May 2020 17:52:53 +0200
Subject: Remove misleading diagnostics on pinned sender cert in
 OSSL_CMP_validate_msg()

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11998)
---
 crypto/cmp/cmp_vfy.c | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'crypto/cmp')

diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c
index f73a0a06a5..323bd9c867 100644
--- a/crypto/cmp/cmp_vfy.c
+++ b/crypto/cmp/cmp_vfy.c
@@ -659,9 +659,6 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
             /* use ctx->srvCert for signature check even if not acceptable */
             if (verify_signature(ctx, msg, scrt))
                 return 1;
-            /* call cert_acceptable() for adding diagnostic information */
-            (void)cert_acceptable(ctx, "explicitly set", "sender cert", scrt,
-                                  NULL, NULL, msg);
             ossl_cmp_warn(ctx, "msg signature verification failed");
             CMPerr(0, CMP_R_SRVCERT_DOES_NOT_VALIDATE_MSG);
         }
-- 
cgit v1.2.3