cmp_server.c: Fix check: certConf not allowed after transaction is closed

author Dr. David von Oheimb <David.von.Oheimb@siemens.com>

Mon, 21 Jun 2021 12:47:58 +0000 (14:47 +0200)

committer Dr. David von Oheimb <dev@ddvo.net>

Wed, 23 Jun 2021 15:20:49 +0000 (17:20 +0200)
author Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Mon, 21 Jun 2021 12:47:58 +0000 (14:47 +0200)
committer Dr. David von Oheimb <dev@ddvo.net>
Wed, 23 Jun 2021 15:20:49 +0000 (17:20 +0200)
diff --git a/crypto/cmp/cmp_server.c b/crypto/cmp/cmp_server.c

index c4ef5fa20370becc884976e69b21a377baf58151..a7cc38da5afe8dd3e253a2257369695a9e508cc5 100644 (file)
--- a/crypto/cmp/cmp_server.c
+++ b/crypto/cmp/cmp_server.c
@@ -337,7 +337,8 @@ static OSSL_CMP_MSG *process_certConf(OSSL_CMP_SRV_CTX *srv_ctx,
      ccc = req->body->value.certConf;
      num = sk_OSSL_CMP_CERTSTATUS_num(ccc);
  
-    if (OSSL_CMP_CTX_get_option(ctx, OSSL_CMP_OPT_IMPLICIT_CONFIRM) == 1) {
+    if (OSSL_CMP_CTX_get_option(ctx, OSSL_CMP_OPT_IMPLICIT_CONFIRM) == 1
+            || ctx->status != -2 /* transaction not open */) {
          ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_UNEXPECTED_CERTCONF);
          return NULL;
      }
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>
	Mon, 21 Jun 2021 12:47:58 +0000 (14:47 +0200)
committer	Dr. David von Oheimb <dev@ddvo.net>
	Wed, 23 Jun 2021 15:20:49 +0000 (17:20 +0200)