make_dummy_resp() uses OCSP types, and get_cert_and_key() is unused
once make_dummy_resp() is compiled out, so neither can be included
in the build when OCSP is disabled and strict warnings are active.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4873)
Avoid memory leaks in error paths, and correctly apply
parentheses to function calls in a long if-chain.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4873)
Some of the OCSP APIs (such as the recently added OCSP_resp_get0_signer)
do not really merit inclusion in the ocsp(1) utility, but we should still
have unit tests for them.
For now, only test OCSP_resp_get0_signer(), but it should be easy to
add more tests in the future.
Provide an X509 cert and private key in the test's data directory
to use for signing responses, since constructing those on the fly
is more effort than is needed.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4573)
