mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-03-31 20:10:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

bugfix in ossl_cmp_msg_add_extraCerts(): should include cert chain when using PBM

Browse Source 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12822)
This commit is contained in:
Dr. David von Oheimb 2020-09-04 10:58:26 +02:00
parent 7eb48cfc66
commit 6199478101
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/cmp/cmp_protect.c
View File

@ -140,7 +140,8 @@ int ossl_cmp_msg_add_extraCerts(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg)
return 0;
/* Add first ctx->cert and its chain if using signature-based protection */
if (!ctx->unprotectedSend && ctx->secretValue == NULL) {
if (!ctx->unprotectedSend && ctx->secretValue == NULL
&& ctx->cert != NULL && ctx->pkey != NULL) {
int flags_prepend = X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP
| X509_ADD_FLAG_PREPEND | X509_ADD_FLAG_NO_SS;