ext/openssl: choose the OpenSSL::Digest class for OpenSSL::OCSP::Request.sign and OpenSSL::OCSP::BasicResponse.sign
ossl_ocsp.c is currently hard-coded to use SHA1 signatures when signing OCSP requests and basic responses, but SHA1 is being phased out for this purpose by web clients. The attached patch provides an optional parameter to the two sign methods to allow other digest algorithms to be specified. It is a backwards-compatible change since the new parameter is last and optional, and it will default to SHA1 if not specified. I've included basic tests as well in the patch.