mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-03-01 19:28:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove misleading diagnostics on pinned sender cert in OSSL_CMP_validate_msg()

Browse Source 
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11998)
This commit is contained in:
Dr. David von Oheimb 2020-05-27 17:52:53 +02:00
parent 032b13c784
commit 7aa70fd5e1
1 changed files with 0 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/cmp/cmp_vfy.c
View File

@ -659,9 +659,6 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
/* use ctx->srvCert for signature check even if not acceptable */
if (verify_signature(ctx, msg, scrt))
return 1;
/* call cert_acceptable() for adding diagnostic information */
(void)cert_acceptable(ctx, "explicitly set", "sender cert", scrt,
NULL, NULL, msg);
ossl_cmp_warn(ctx, "msg signature verification failed");
CMPerr(0, CMP_R_SRVCERT_DOES_NOT_VALIDATE_MSG);
}