Fill in transactionID on any error in OSSL_CMP_SRV_process_request()

Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11998)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2020-05-28 21:42:26 +0200
committer: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2020-06-13 15:13:21 +0200
commit: 5aed1786fcd038f16683a80ddbd0599cda0bb488 (patch)
tree: 8339e5d9a075cf93f4ed61119869ee60d49e0df3 /crypto/cmp/cmp_server.c
parent: Improve ossl_cmp_msg_check_received() and rename to ossl_cmp_msg_check_update() (diff)
download: openssl-5aed1786fcd038f16683a80ddbd0599cda0bb488.tar.xz
openssl-5aed1786fcd038f16683a80ddbd0599cda0bb488.zip
1 files changed, 10 insertions, 6 deletions
diff --git a/crypto/cmp/cmp_server.c b/crypto/cmp/cmp_server.c
index 5cb313a32c..c2f0e1a113 100644
--- a/crypto/cmp/cmp_server.c
+++ b/crypto/cmp/cmp_server.c
@@ -485,9 +485,10 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
 
             tid = OPENSSL_buf2hexstr(ctx->transactionID->data,
                                      ctx->transactionID->length);
-            ossl_cmp_log1(WARN, ctx,
-                          "Assuming that last transaction with ID=%s got aborted",
-                          tid);
+            if (tid != NULL)
+                ossl_cmp_log1(WARN, ctx,
+                              "Assuming that last transaction with ID=%s got aborted",
+                              tid);
             OPENSSL_free(tid);
         }
         /* start of a new transaction, reset transactionID and senderNonce */
@@ -500,9 +501,6 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
         if (ctx->transactionID == NULL) {
 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
             CMPerr(0, CMP_R_UNEXPECTED_PKIBODY);
-            /* ignore any (extra) error in next two function calls: */
-            (void)OSSL_CMP_CTX_set1_transactionID(ctx, hdr->transactionID);
-            (void)ossl_cmp_ctx_set1_recipNonce(ctx, hdr->senderNonce);
             goto err;
 #endif
         }
@@ -568,6 +566,12 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
         /* TODO fail_info could be more specific */
         OSSL_CMP_PKISI *si = NULL;
 
+        if (ctx->transactionID == NULL) {
+            /* ignore any (extra) error in next two function calls: */
+            (void)OSSL_CMP_CTX_set1_transactionID(ctx, hdr->transactionID);
+            (void)ossl_cmp_ctx_set1_recipNonce(ctx, hdr->senderNonce);
+        }
+
         if ((si = OSSL_CMP_STATUSINFO_new(OSSL_CMP_PKISTATUS_rejection,
                                           fail_info, NULL)) == NULL)
             return 0;
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2020-05-28 21:42:26 +0200
committer	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2020-06-13 15:13:21 +0200
commit	5aed1786fcd038f16683a80ddbd0599cda0bb488 (patch)
tree	8339e5d9a075cf93f4ed61119869ee60d49e0df3 /crypto/cmp/cmp_server.c
parent	Improve ossl_cmp_msg_check_received() and rename to ossl_cmp_msg_check_update() (diff)
download	openssl-5aed1786fcd038f16683a80ddbd0599cda0bb488.tar.xz openssl-5aed1786fcd038f16683a80ddbd0599cda0bb488.zip