Hello all,
This fixes an issue with OCSPStatusRequest selection by the server when
doing OCSP stapling. Since we currently do not support responder ID
filtering, the server should not select an OCSPStatusRequest with
responder IDs in it, else it could potentially return OCSP responses
that the client has already stated it would not trust. This fix takes
care of that. If the server cannot find an OCSPStatusRequest that is
suitable (in this case, one that has an empty responder ID list) it will
not do stapling for that handshake.
Bug: https://bugs.openjdk.java.net/browse/JDK-8132943
Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8132943/webrev.01
Thanks,
--Jamil
