Commit 94c36852d2 for openssl.org

commit 94c36852d254a626739667874587b5364ddf087e
Author: Dr. David von Oheimb <dev@ddvo.net>
Date:   Thu Oct 23 20:52:53 2025 +0200

    cmp_vfy.c: on error trying to use cached CMP message sender cert, make sure to print diagnostics

    Reviewed-by: Neil Horman <nhorman@openssl.org>
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/28973)

diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c
index 0f161df1b6..dbf02be512 100644
--- a/crypto/cmp/cmp_vfy.c
+++ b/crypto/cmp/cmp_vfy.c
@@ -511,7 +511,9 @@ static int check_msg_find_cert(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
         /* re-do the above check (just) for adding diagnostic information */
         ossl_cmp_info(ctx,
             "trying to verify msg signature with previously validated cert");
+        ctx->log_cb = backup_log_cb;
         (void)check_msg_given_cert(ctx, scrt, msg);
+        ctx->log_cb = NULL;
         (void)ossl_cmp_ctx_set1_validatedSrvCert(ctx, NULL); /* this invalidates scrt */
     }