CMP cert_response(): add missing rejection status on client rejecting…

… new cert Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from #20257)
openssl · Apr 18, 2023 · 44e816b · 44e816b
1 parent 154625e
commit 44e816b
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c
@@ -659,6 +659,7 @@ static int cert_response(OSSL_CMP_CTX *ctx, int sleep, int rid,
         ERR_raise_data(ERR_LIB_CMP, CMP_R_CERTIFICATE_NOT_ACCEPTED,
                        "rejecting newly enrolled cert with subject: %s; %s",
                        subj, txt);
+        ctx->status = OSSL_CMP_PKISTATUS_rejection;
         ret = 0;
     }
     OPENSSL_free(subj);