Free existing responderId union arm in OCSP_RESPID setters

[samuel40791765]

Issues:

Addresses V2196133741 (F9 — OCSP_RESPID_set_by_{key,name}: type-confused free on responderId union)

Description of changes:

OCSP_RESPID stores either an X509_NAME* (byName) or an ASN1_OCTET_STRING* (byKey) in a union. Re-setting the responderId leaked the prior arm or freed it through the wrong destructor, depending on the transition. Both setters now call a small ocsp_respid_clear helper that frees the arm matching the current respid->type before installing the new value, so every sequence (name↔name, name↔key, key↔key, key↔name) is correct.

Call-outs:

None.

Testing:

Extends OCSPResponseSignTestExtended.OCSPResponseSign with four sequential OCSP_basic_sign calls on one OCSP_BASICRESP, covering all four responderId transitions. ASAN in CI will surface any leak or misuse.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 78.11%. Comparing base (0993768) to head (4a8f27b).
⚠️ Report is 18 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3234      +/-   ##
==========================================
+ Coverage   78.08%   78.11%   +0.02%     
==========================================
  Files         689      689              
  Lines      122755   123226     +471     
  Branches    17083    17137      +54     
==========================================
+ Hits        95856    96258     +402     
- Misses      25996    26058      +62     
- Partials      903      910       +7     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.