From: Kaspar Brand <kbrand@apache.org>
Date: Sat, 23 Nov 2013 15:01:08 +0000 (+0000)
Subject: Followup to r1544774: do not ignore failures from ssl_server_import_{cert,key}
X-Git-Tag: 2.5.0-alpha~4826
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ec13db2b0cd93a0112c4c34c895096dea6e35ceb;p=apache

Followup to r1544774: do not ignore failures from ssl_server_import_{cert,key}
in ssl_init_server_certs


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1544812 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index c3ceb2e7a9..6cdf4de500 100644
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -886,7 +886,7 @@ static apr_status_t ssl_server_import_cert(server_rec *s,
     X509 *cert;
 
     if (!(asn1 = ssl_asn1_table_get(mc->tPublicCert, id))) {
-        return APR_EGENERAL;
+        return APR_NOTFOUND;
     }
 
     ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(02232)
@@ -941,7 +941,7 @@ static apr_status_t ssl_server_import_key(server_rec *s,
     pkey_type = (idx == SSL_AIDX_RSA) ? EVP_PKEY_RSA : EVP_PKEY_DSA;
 
     if (!(asn1 = ssl_asn1_table_get(mc->tPrivateKey, id))) {
-        return APR_EGENERAL;
+        return APR_NOTFOUND;
     }
 
     ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(02236)
@@ -1058,9 +1058,18 @@ static apr_status_t ssl_init_server_certs(server_rec *s,
 #endif
 
     have_rsa = ssl_server_import_cert(s, mctx, rsa_id, SSL_AIDX_RSA);
+    if (have_rsa != APR_SUCCESS && have_rsa != APR_NOTFOUND) {
+        return have_rsa;
+    }
     have_dsa = ssl_server_import_cert(s, mctx, dsa_id, SSL_AIDX_DSA);
+    if (have_dsa != APR_SUCCESS && have_dsa != APR_NOTFOUND) {
+        return have_dsa;
+    }
 #ifdef HAVE_ECC
     have_ecc = ssl_server_import_cert(s, mctx, ecc_id, SSL_AIDX_ECC);
+    if (have_ecc != APR_SUCCESS && have_ecc != APR_NOTFOUND) {
+        return have_ecc;
+    }
 #endif
 
     if ((have_rsa != APR_SUCCESS) && (have_dsa != APR_SUCCESS)
@@ -1079,9 +1088,18 @@ static apr_status_t ssl_init_server_certs(server_rec *s,
     }
 
     have_rsa = ssl_server_import_key(s, mctx, rsa_id, SSL_AIDX_RSA);
+    if (have_rsa != APR_SUCCESS && have_rsa != APR_NOTFOUND) {
+        return have_rsa;
+    }
     have_dsa = ssl_server_import_key(s, mctx, dsa_id, SSL_AIDX_DSA);
+    if (have_dsa != APR_SUCCESS && have_dsa != APR_NOTFOUND) {
+        return have_dsa;
+    }
 #ifdef HAVE_ECC
     have_ecc = ssl_server_import_key(s, mctx, ecc_id, SSL_AIDX_ECC);
+    if (have_ecc != APR_SUCCESS && have_ecc != APR_NOTFOUND) {
+        return have_ecc;
+    }
 #endif
 
     if ((have_rsa != APR_SUCCESS) && (have_dsa != APR_SUCCESS)