projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
3c28aa8
)
cmp_server.c: Fix check: certConf not allowed after transaction is closed
author
Dr. David von Oheimb
<David.von.Oheimb@siemens.com>
Mon, 21 Jun 2021 12:47:58 +0000
(14:47 +0200)
committer
Dr. David von Oheimb
<dev@ddvo.net>
Wed, 23 Jun 2021 15:20:49 +0000
(17:20 +0200)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15848)
crypto/cmp/cmp_server.c
patch
|
blob
|
history
diff --git
a/crypto/cmp/cmp_server.c
b/crypto/cmp/cmp_server.c
index c4ef5fa20370becc884976e69b21a377baf58151..a7cc38da5afe8dd3e253a2257369695a9e508cc5 100644
(file)
--- a/
crypto/cmp/cmp_server.c
+++ b/
crypto/cmp/cmp_server.c
@@
-337,7
+337,8
@@
static OSSL_CMP_MSG *process_certConf(OSSL_CMP_SRV_CTX *srv_ctx,
ccc = req->body->value.certConf;
num = sk_OSSL_CMP_CERTSTATUS_num(ccc);
- if (OSSL_CMP_CTX_get_option(ctx, OSSL_CMP_OPT_IMPLICIT_CONFIRM) == 1) {
+ if (OSSL_CMP_CTX_get_option(ctx, OSSL_CMP_OPT_IMPLICIT_CONFIRM) == 1
+ || ctx->status != -2 /* transaction not open */) {
ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_UNEXPECTED_CERTCONF);
return NULL;
}