Fill in transactionID on any error in OSSL_CMP_SRV_process_request()

author Dr. David von Oheimb <David.von.Oheimb@siemens.com>

Thu, 28 May 2020 19:42:26 +0000 (21:42 +0200)

committer Dr. David von Oheimb <David.von.Oheimb@siemens.com>

Sat, 13 Jun 2020 13:13:21 +0000 (15:13 +0200)
author Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Thu, 28 May 2020 19:42:26 +0000 (21:42 +0200)
committer Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Sat, 13 Jun 2020 13:13:21 +0000 (15:13 +0200)
diff --git a/crypto/cmp/cmp_server.c b/crypto/cmp/cmp_server.c

index 5cb313a32c0afac6380b3e35fd775330645026e3..c2f0e1a11338d94ee84f65b16a14ba0e53dd2a5f 100644 (file)
--- a/crypto/cmp/cmp_server.c
+++ b/crypto/cmp/cmp_server.c
@@ -485,9 +485,10 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
  
              tid = OPENSSL_buf2hexstr(ctx->transactionID->data,
                                       ctx->transactionID->length);
-            ossl_cmp_log1(WARN, ctx,
-                          "Assuming that last transaction with ID=%s got aborted",
-                          tid);
+            if (tid != NULL)
+                ossl_cmp_log1(WARN, ctx,
+                              "Assuming that last transaction with ID=%s got aborted",
+                              tid);
              OPENSSL_free(tid);
          }
          /* start of a new transaction, reset transactionID and senderNonce */
@@ -500,9 +501,6 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
          if (ctx->transactionID == NULL) {
  #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
              CMPerr(0, CMP_R_UNEXPECTED_PKIBODY);
-            /* ignore any (extra) error in next two function calls: */
-            (void)OSSL_CMP_CTX_set1_transactionID(ctx, hdr->transactionID);
-            (void)ossl_cmp_ctx_set1_recipNonce(ctx, hdr->senderNonce);
              goto err;
  #endif
          }
@@ -568,6 +566,12 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
          /* TODO fail_info could be more specific */
          OSSL_CMP_PKISI *si = NULL;
  
+        if (ctx->transactionID == NULL) {
+            /* ignore any (extra) error in next two function calls: */
+            (void)OSSL_CMP_CTX_set1_transactionID(ctx, hdr->transactionID);
+            (void)ossl_cmp_ctx_set1_recipNonce(ctx, hdr->senderNonce);
+        }
+
          if ((si = OSSL_CMP_STATUSINFO_new(OSSL_CMP_PKISTATUS_rejection,
                                            fail_info, NULL)) == NULL)
              return 0;
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>
	Thu, 28 May 2020 19:42:26 +0000 (21:42 +0200)
committer	Dr. David von Oheimb <David.von.Oheimb@siemens.com>
	Sat, 13 Jun 2020 13:13:21 +0000 (15:13 +0200)