Fix bug in OSSL_CMP_SRV_process_request() on transaction renewal
authorDr. David von Oheimb <David.von.Oheimb@siemens.com>
Mon, 4 May 2020 17:53:09 +0000 (19:53 +0200)
committerDr. David von Oheimb <David.von.Oheimb@siemens.com>
Sat, 9 May 2020 14:57:08 +0000 (16:57 +0200)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11736)

crypto/cmp/cmp_server.c

index 4da9a44..8bd3b56 100644 (file)
@@ -489,9 +489,9 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
                           tid);
             OPENSSL_free(tid);
         }
-        /* start of a new transaction, set transactionID and senderNonce */
-        if (!OSSL_CMP_CTX_set1_transactionID(ctx, hdr->transactionID)
-                || !ossl_cmp_ctx_set1_recipNonce(ctx, hdr->senderNonce))
+        /* start of a new transaction, reset transactionID and senderNonce */
+        if (!OSSL_CMP_CTX_set1_transactionID(ctx, NULL)
+                || !OSSL_CMP_CTX_set1_senderNonce(ctx, NULL))
             goto err;
         break;
     default:
@@ -594,7 +594,9 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
     case OSSL_CMP_PKIBODY_GENP:
     case OSSL_CMP_PKIBODY_ERROR:
         /* TODO possibly support further terminating response message types */
-        (void)OSSL_CMP_CTX_set1_transactionID(ctx, NULL); /* ignore any error */
+        /* prepare for next transaction, ignoring any errors here: */
+        (void)OSSL_CMP_CTX_set1_transactionID(ctx, NULL);
+        (void)OSSL_CMP_CTX_set1_senderNonce(ctx, NULL);
 
     default: /* not closing transaction in other cases */
         break;