diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2023-02-01 15:36:25 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2023-04-18 09:09:27 +0200 |
commit | 2eb7a11035144b5556b81aa7e8233927165a5880 (patch) | |
tree | 908aafdc88426f4e5f04abf556af07a6b3fd84cc | |
parent | 40f3a606b1671d417b63a902dab205e7906dbccd (diff) | |
download | openssl-new-2eb7a11035144b5556b81aa7e8233927165a5880.tar.gz |
ossl_cmp_msg_check_update(): fix two wrong error return values (-1 instead of 0)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20257)
-rw-r--r-- | crypto/cmp/cmp_vfy.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c index 99cd56cb09..e6143b99d6 100644 --- a/crypto/cmp/cmp_vfy.c +++ b/crypto/cmp/cmp_vfy.c @@ -765,6 +765,11 @@ int ossl_cmp_msg_check_update(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg, #endif } + /* if not yet present, learn transactionID */ + if (ctx->transactionID == NULL + && !OSSL_CMP_CTX_set1_transactionID(ctx, hdr->transactionID)) + return 0; + /* * RFC 4210 section 5.1.1 states: the recipNonce is copied from * the senderNonce of the previous message in the transaction. @@ -773,11 +778,6 @@ int ossl_cmp_msg_check_update(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg, if (!ossl_cmp_ctx_set1_recipNonce(ctx, hdr->senderNonce)) return 0; - /* if not yet present, learn transactionID */ - if (ctx->transactionID == NULL - && !OSSL_CMP_CTX_set1_transactionID(ctx, hdr->transactionID)) - return -1; - /* * Store any provided extraCerts in ctx for future use, * such that they are available to ctx->certConf_cb and @@ -788,7 +788,7 @@ int ossl_cmp_msg_check_update(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg, /* this allows self-signed certs */ X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP | X509_ADD_FLAG_PREPEND)) - return -1; + return 0; if (ossl_cmp_hdr_get_protection_nid(hdr) == NID_id_PasswordBasedMAC) { /* |