Fix CA OCSP responder when LWCAs are not in use

The CA subsystem OCSP responder was updated to handle dispatching
OCSP requests to the relevant CertificateAuthority instance,
according to the issuer of the certificates identified in the
request.  Unfortunately, the updated routine assumes that the
database updates that enable lightweight CAs have occurred.  If they
have not, the OCSP responder always fails.

Fix the issue by inferring that if 'caMap' is empty, lightweight CAs
are not in use, the current instance is the one and only CA, and
proceed straight to validation.

Fixes: https://fedorahosted.org/pki/ticket/2420

0 files changed, 0 insertions, 0 deletions