At the moment we just use the default libctx - but a future PR will add
support for running sslapitest with a non-default libctx.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11407)
return SSL_TLSEXT_ERR_ALERT_FATAL;
id = sk_OCSP_RESPID_value(ids, 0);
return SSL_TLSEXT_ERR_ALERT_FATAL;
id = sk_OCSP_RESPID_value(ids, 0);
- if (id == NULL || !OCSP_RESPID_match(id, ocspcert))
+ if (id == NULL || !OCSP_RESPID_match_ex(id, ocspcert, NULL, NULL))
return SSL_TLSEXT_ERR_ALERT_FATAL;
} else if (*argi != 1) {
return SSL_TLSEXT_ERR_ALERT_FATAL;
return SSL_TLSEXT_ERR_ALERT_FATAL;
} else if (*argi != 1) {
return SSL_TLSEXT_ERR_ALERT_FATAL;
|| !TEST_ptr(ids = sk_OCSP_RESPID_new_null())
|| !TEST_ptr(ocspcert = PEM_read_bio_X509(certbio,
NULL, NULL, NULL))
|| !TEST_ptr(ids = sk_OCSP_RESPID_new_null())
|| !TEST_ptr(ocspcert = PEM_read_bio_X509(certbio,
NULL, NULL, NULL))
- || !TEST_true(OCSP_RESPID_set_by_key(id, ocspcert))
+ || !TEST_true(OCSP_RESPID_set_by_key_ex(id, ocspcert, NULL, NULL))
|| !TEST_true(sk_OCSP_RESPID_push(ids, id)))
goto end;
id = NULL;
|| !TEST_true(sk_OCSP_RESPID_push(ids, id)))
goto end;
id = NULL;